Can't Access Internet to Download HJT and Combofix software

I am infected with the sset.exe malware and my computer has been taken over. Can't download anything. I see the advice on here to download different programs but my browser won't connect to the internet. I would appreciate any advice. Thanks.

I ran Cheetah-Anti-Rogue and here is the log:

Cheetah Anti-Rogue v1.1.1
by DragonMaster Jay

Microsoft Windows XP [Version 5.1.2600]
Date: 01/18/2010 - Time: 11:41:13 - Arch.: x86 - Mode?


-- Known infection --

C:\DOCUME~1\Dan\LOCALS~1\Temp\VGX2.tmp (Trj.FakeAlert)


Extra message: Detection only.


EOF

Ok, accessed internet and downloaded HJT. Here is the log. Would appreciate any help. Thanks.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:38:24 PM, on 1/18/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Atievxx.exe
C:\Program Files\Norton AntiVirus\Engine\17.1.0.19\ccSvcHst.exe
C:\Program Files\Retrospect\retrorun.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Norton AntiVirus\Engine\17.1.0.19\ccSvcHst.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Logitech\ImageStudio\LogiTray.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedirect?o=10591&gct=&gc=1&q=
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://toolbar.ask.com/toolbarv/askRedirect?o=10591&gct=&gc=1&q=%s
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:5555
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Engine\17.1.0.19\IPSBHO.DLL
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE
O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe
O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe
O4 - HKLM\..\Run: [TkBellExe] "realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-21-1606980848-1580436667-854245398-1004\..\Run: [Aim6] (User '?')
O4 - HKUS\S-1-5-21-1606980848-1580436667-854245398-1004\..\Run: [WebCamRT.exe] (User '?')
O4 - HKUS\S-1-5-21-1606980848-1580436667-854245398-1004\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" (User '?')
O4 - HKUS\S-1-5-21-1606980848-1580436667-854245398-1004\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (User '?')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User '?')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Dan\Start Menu\Programs\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1243103541523
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus (NAV) - Symantec Corporation - C:\Program Files\Norton AntiVirus\Engine\17.1.0.19\ccSvcHst.exe
O23 - Service: Retrospect Launcher (RetroLauncher) - Dantz Development Corporation - C:\Program Files\Retrospect\retrorun.exe

--
End of file - 5972 bytes

Hello.

• Open HijackThis
  
• Choose "Do a system scan only"
  
• Check the boxes in front of these lines:
  
  
  R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedirect?o=10591&gct=&gc=1&q=
  R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://toolbar.ask.com/toolbarv/askRedirect?o=10591&gct=&gc=1&q=%s
  R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:5555
  R3 - URLSearchHook: (no name) - - (no file)
  O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
  O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
  O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Dan\Start Menu\Programs\IMVU\Run IMVU.lnk (file missing)
  
  
  
  
• Press "Fix Checked"
  
• Close Hijack This.
  

Remove the Proxy setting in Internet Explorer and/or in FireFox.

In Internet Explorer

1. Tools Menu -> Internet Options -> Connections Tab ->Lan Settings > uncheck "use a proxy server" or reconfigure the Proxy server again in case you have set it previously.
   

In Firefox

1. Tools Menu -> Options... -> Advanced Tab -> Network Tab -> "Settings" under Connection > Choose "No Proxy"
   
2. Click the apply button and restart that computer in normal mode.
   

Please download and run this tool.

Download Malwarebytes' Anti-Malware from Here

Double Click mbam-setup.exe to install the application.

• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  
• If an update is found, it will download and install the latest version.
  
• Once the program has loaded, select "Perform Quick Scan", then click Scan.
  
• The scan may take some time to finish,so please be patient.
  
• When the scan is complete, click OK, then Show Results to view the results.
  
• Make sure that everything is checked, and click Remove Selected.
  
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note)
  
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  

Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.

Post the contents of the MBAM Log.

Malwarebytes' Anti-Malware 1.44
Database version: 3510
Windows 5.1.2600 Service Pack 2
Internet Explorer 6.0.2900.2180

1/19/2010 9:34:15 PM
mbam-log-2010-01-19 (21-34-15).txt

Scan type: Quick Scan
Objects scanned: 111607
Time elapsed: 11 minute(s), 38 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Documents and Settings\Dan\Desktop\winlogon.scr (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.

Hello.

• Please download DDS by sUBs to your Desktop (Important!!) from one of these locations:
  Link 1
  Link 2
  
• Double click DDS.scr to run.
  
• When complete, two logs will open. Save both of the report to your Desktop.
  
• Copy and paste BOTH LOGS back here, use more than one post if needed.
  

I downloaded dds.scr to my desktop but was unable to get it to run. A DOS screen flashes for a few seconds and has some directions but then it closes. It does not scan and does not produce any logs. I also tried downloading dds.pif and dds.com but neither would run. Are there any workarounds or other programs that will elicit the same information?

Download OTL by OldTimer to your Desktop.

• Close all windows and double click OTL.exe
  
• Click Run Scan and let the program run uninterrupted
  
• It will produce two logs for you, one will pop up - OTL.txt, the other will be saved on your Desktop - Extras.txt. Post both logs in this thread.
  
• You may need to use two posts to get it all.
  

OTL Extras logfile created on: 1/21/2010 11:05:39 PM - Run 1
OTL by OldTimer - Version 3.1.25.4 Folder = C:\Documents and Settings\Dan\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

383.00 Mb Total Physical Memory | 84.00 Mb Available Physical Memory | 22.00% Memory free
924.00 Mb Paging File | 380.00 Mb Available in Paging File | 41.00% Paging File free
Paging file location(s): C:\pagefile.sys 576 1152 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111.79 Gb Total Space | 87.19 Gb Free Space | 77.99% Space Free | Partition Type: NTFS
Drive D: | 32.02 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: I8000
Current User Name: Dan
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.reg [@ = regfile] -- Reg Error: Key error. File not found
.scr [@ = scrfile] -- Reg Error: Key error. File not found
.vbe [@ = VBEFile] -- Reg Error: Key error. File not found
.vbs [@ = VBSFile] -- Reg Error: Key error. File not found
.wsf [@ = WSFFile] -- Reg Error: Key error. File not found
.wsh [@ = WSHFile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- Reg Error: Key error.
regfile [open] -- Reg Error: Key error.
regfile [merge] -- Reg Error: Key error.
regfile [print] -- Reg Error: Key error.
scrfile [config] -- Reg Error: Key error.
scrfile [install] -- Reg Error: Key error.
scrfile [open] -- Reg Error: Key error.
txtfile [edit] -- Reg Error: Key error.
txtfile [print] -- Reg Error: Key error.
txtfile [printto] -- Reg Error: Key error.
vbefile [edit] -- Reg Error: Key error.
vbefile [open] -- Reg Error: Key error.
vbefile [print] -- Reg Error: Key error.
vbsfile [edit] -- Reg Error: Key error.
vbsfile [open] -- Reg Error: Key error.
vbsfile [print] -- Reg Error: Key error.
wsffile [edit] -- Reg Error: Key error.
wsffile [open] -- Reg Error: Key error.
wsffile [print] -- Reg Error: Key error.
wshfile [open] -- Reg Error: Key error.
Unknown [openas] -- Reg Error: Key error.
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- File not found
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Common Files\AOL\Loader\aolload.exe" = C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader -- (AOL LLC)
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- File not found
"C:\Program Files\Yahoo!\Messenger\YServer.exe" = C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server -- File not found
"C:\Program Files\ICQLite\ICQLite.exe" = C:\Program Files\ICQLite\ICQLite.exe:*:Enabled:ICQ Lite -- File not found
"C:\Program Files\AIM6\aim6.exe" = C:\Program Files\AIM6\aim6.exe:*:Enabled:AIM -- (AOL LLC)
"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- File not found
"C:\Program Files\ICQ6\ICQ.exe" = C:\Program Files\ICQ6\ICQ.exe:*:Enabled:ICQ6 -- File not found
"C:\Program Files\Paltalk Messenger\paltalk.exe" = C:\Program Files\Paltalk Messenger\paltalk.exe:*:Enabled:PaltalkScene -- File not found
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{40AB54C3-DD4B-467A-847E-162035CD252C}" = Logitech ImageStudio
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{621C02EA-AAFF-4026-A903-165D59529A16}" = Driver Detective
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C4124E95-5061-4776-8D5D-E3D931C778E1}" = Microsoft VC9 runtime libraries
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DDDE0BE3-0CBE-4BF6-B75A-E3F69C947843}" = iTunes
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"Adobe Shockwave Player" = Adobe Shockwave Player
"AIM_6" = AIM 6
"HijackThis" = HijackThis 2.0.2
"InstallShield_{621C02EA-AAFF-4026-A903-165D59529A16}" = Driver Detective
"Logitech Print Service" = Logitech Print Service
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MSNINST" = MSN
"NAV" = Norton AntiVirus
"RealPlayer 6.0" = RealPlayer
"WIC" = Windows Imaging Component
"WinLiveSuite_Wave3" = Windows Live Essentials

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 6/28/2009 12:00:51 PM | Computer Name = I8000 | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 6.0.2900.2180, faulting
module unknown, version 0.0.0.0, fault address 0x02d216cc.

Error - 6/28/2009 12:06:42 PM | Computer Name = I8000 | Source = MsiInstaller | ID = 11706
Description = Product: Microsoft .NET Framework 1.1 -- Error 1706.No valid source
could be found for product Microsoft .NET Framework 1.1. The Windows installer
cannot continue.

Error - 6/28/2009 12:06:43 PM | Computer Name = I8000 | Source = MsiInstaller | ID = 1024
Description = Product: Microsoft .NET Framework 1.1 - Update '{411EDCF7-755D-414E-A74B-3DCD6583F589}'
could not be installed. Error code 1603. Windows Installer can create logs to help
troubleshoot issues with installing software packages. Use the following link for
instructions on turning on logging support: http://go.microsoft.com/fwlink/?LinkId=23127

Error - 6/29/2009 1:12:37 AM | Computer Name = I8000 | Source = MsiInstaller | ID = 11706
Description = Product: Microsoft .NET Framework 1.1 -- Error 1706.No valid source
could be found for product Microsoft .NET Framework 1.1. The Windows installer
cannot continue.

Error - 6/29/2009 1:12:38 AM | Computer Name = I8000 | Source = MsiInstaller | ID = 1024
Description = Product: Microsoft .NET Framework 1.1 - Update '{411EDCF7-755D-414E-A74B-3DCD6583F589}'
could not be installed. Error code 1603. Windows Installer can create logs to help
troubleshoot issues with installing software packages. Use the following link for
instructions on turning on logging support: http://go.microsoft.com/fwlink/?LinkId=23127

Error - 6/29/2009 9:10:09 AM | Computer Name = I8000 | Source = MsiInstaller | ID = 11706
Description = Product: Microsoft .NET Framework 1.1 -- Error 1706.No valid source
could be found for product Microsoft .NET Framework 1.1. The Windows installer
cannot continue.

Error - 6/29/2009 9:10:10 AM | Computer Name = I8000 | Source = MsiInstaller | ID = 1024
Description = Product: Microsoft .NET Framework 1.1 - Update '{411EDCF7-755D-414E-A74B-3DCD6583F589}'
could not be installed. Error code 1603. Windows Installer can create logs to help
troubleshoot issues with installing software packages. Use the following link for
instructions on turning on logging support: http://go.microsoft.com/fwlink/?LinkId=23127

Error - 6/29/2009 9:26:29 PM | Computer Name = I8000 | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 8024400e, P2 endsearch, P3 search, P4 1.1.1593.0,
P5 mpsigdwn.dll, P6 1.1.1593.0, P7 windows defender, P8 NIL, P9 NIL, P10 NIL.

Error - 6/30/2009 8:58:59 AM | Computer Name = I8000 | Source = MsiInstaller | ID = 11706
Description = Product: Microsoft .NET Framework 1.1 -- Error 1706.No valid source
could be found for product Microsoft .NET Framework 1.1. The Windows installer
cannot continue.

Error - 6/30/2009 8:59:00 AM | Computer Name = I8000 | Source = MsiInstaller | ID = 1024
Description = Product: Microsoft .NET Framework 1.1 - Update '{411EDCF7-755D-414E-A74B-3DCD6583F589}'
could not be installed. Error code 1603. Windows Installer can create logs to help
troubleshoot issues with installing software packages. Use the following link for
instructions on turning on logging support: http://go.microsoft.com/fwlink/?LinkId=23127

[ System Events ]
Error - 1/18/2010 6:09:26 PM | Computer Name = I8000 | Source = WinDefend | ID = 2004
Description = %%827 has encountered an error trying to load signatures and will
attempt reverting back to a known-good set of signatures. Signatures Attempted: %%824

Error
Code: 0x8050800c Error description: An unexpected problem occurred. Install any
available updates, and then try to start the program again. For information on installing
updates, see Help and Support. Signatures loading: %%825 Loading signature version:
1.71.2204.0 Loading engine version: 1.1.5302.0

Error - 1/18/2010 6:12:26 PM | Computer Name = I8000 | Source = Service Control Manager | ID = 7022
Description = The Windows Image Acquisition (WIA) service hung on starting.

Error - 1/19/2010 4:03:49 AM | Computer Name = I8000 | Source = Windows Update Agent | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070643: Microsoft .NET Framework 1.1 Service Pack 1.

Error - 1/19/2010 10:48:02 PM | Computer Name = I8000 | Source = Service Control Manager | ID = 7022
Description = The Windows Image Acquisition (WIA) service hung on starting.

Error - 1/19/2010 11:25:47 PM | Computer Name = I8000 | Source = Windows Update Agent | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070643: Microsoft .NET Framework 1.1 Service Pack 1.

Error - 1/20/2010 9:57:20 PM | Computer Name = I8000 | Source = Service Control Manager | ID = 7022
Description = The Windows Image Acquisition (WIA) service hung on starting.

Error - 1/20/2010 10:00:23 PM | Computer Name = I8000 | Source = DCOM | ID = 10010
Description = The server {A1F4E726-8CF1-11D1-BF92-0060081ED811} did not register
with DCOM within the required timeout.

Error - 1/20/2010 11:23:41 PM | Computer Name = I8000 | Source = Windows Update Agent | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070643: Microsoft .NET Framework 1.1 Service Pack 1.

Error - 1/21/2010 10:00:43 PM | Computer Name = I8000 | Source = Service Control Manager | ID = 7022
Description = The Windows Image Acquisition (WIA) service hung on starting.

Error - 1/21/2010 10:16:13 PM | Computer Name = I8000 | Source = Service Control Manager | ID = 7022
Description = The Windows Image Acquisition (WIA) service hung on starting.


< End of report >

OTL logfile created on: 1/21/2010 11:05:39 PM - Run 1
OTL by OldTimer - Version 3.1.25.4 Folder = C:\Documents and Settings\Dan\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

383.00 Mb Total Physical Memory | 84.00 Mb Available Physical Memory | 22.00% Memory free
924.00 Mb Paging File | 380.00 Mb Available in Paging File | 41.00% Paging File free
Paging file location(s): C:\pagefile.sys 576 1152 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111.79 Gb Total Space | 87.19 Gb Free Space | 77.99% Space Free | Partition Type: NTFS
Drive D: | 32.02 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: I8000
Current User Name: Dan
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/01/21 21:21:48 | 00,547,840 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dan\Desktop\OTL.exe
PRC - [2010/01/05 07:56:02 | 02,002,160 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2009/10/20 01:34:55 | 00,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton AntiVirus\Engine\17.1.0.19\ccSvcHst.exe
PRC - [2008/10/01 18:57:00 | 00,536,872 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2006/11/03 18:20:12 | 00,866,584 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2006/11/03 18:19:58 | 00,013,592 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MsMpEng.exe
PRC - [2004/08/12 08:58:01 | 00,093,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\IEXPLORE.EXE
PRC - [2004/08/12 08:57:20 | 01,032,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2002/06/20 11:25:56 | 00,045,056 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\ImageStudio\LogiTray.exe
PRC - [2002/06/10 13:21:32 | 00,102,400 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logitech\QCDriver\LVComS.exe
PRC - [2002/05/08 11:47:34 | 00,045,056 | ---- | M] (Dantz Development Corporation) -- C:\Program Files\Retrospect\retrorun.exe


========== Modules (SafeList) ==========

MOD - [2010/01/21 21:21:48 | 00,547,840 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dan\Desktop\OTL.exe
MOD - [2004/08/12 08:55:50 | 01,050,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2009/12/09 04:05:51 | 00,126,392 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton AntiVirus\Engine\17.5.0.127\ccSvcHst.exe -- (NAV)
SRV - [2009/05/03 16:06:35 | 00,182,768 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2008/10/01 18:57:00 | 00,536,872 | ---- | M] (Apple Inc.) [On_Demand | Running] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - [2006/11/03 18:19:58 | 00,013,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2002/05/08 11:47:34 | 00,045,056 | ---- | M] (Dantz Development Corporation) [Auto | Running] -- C:\Program Files\Retrospect\retrorun.exe -- (RetroLauncher)


========== Driver Services (SafeList) ==========

DRV - [2010/01/20 21:12:32 | 01,323,568 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.1.0.19\Definitions\VirusDefs\20100121.023\NAVEX15.SYS -- (NAVEX15)
DRV - [2010/01/20 21:12:32 | 00,084,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.1.0.19\Definitions\VirusDefs\20100121.023\NAVENG.SYS -- (NAVENG)
DRV - [2010/01/17 17:53:56 | 00,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010/01/17 17:53:55 | 00,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010/01/17 17:36:23 | 00,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2010/01/05 07:56:06 | 00,007,408 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Running] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2010/01/05 07:56:04 | 00,009,968 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2010/01/05 07:56:02 | 00,074,480 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2009/12/09 04:06:51 | 00,501,888 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NAV\1105000.07F\ccHPx86.sys -- (ccHP)
DRV - [2009/12/04 23:54:05 | 00,529,456 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.1.0.19\Definitions\BASHDefs\20091205.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2009/12/03 01:08:32 | 00,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NAV\1105000.07F\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2009/11/26 01:41:48 | 00,172,592 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\NAV\1105000.07F\SYMEFA.SYS -- (SymEFA)
DRV - [2009/11/26 01:41:22 | 00,116,272 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NAV\1105000.07F\Ironx86.SYS -- (SymIRON)
DRV - [2009/11/05 17:06:13 | 00,328,752 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\NAV\1105000.07F\SYMDS.SYS -- (SymDS)
DRV - [2009/10/28 17:37:22 | 00,329,592 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.1.0.19\Definitions\IPSDefs\20100119.001\IDSXpx86.sys -- (IDSxpx86)
DRV - [2009/10/14 20:50:48 | 00,361,520 | R--- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NAV\1101000.013\SYMTDI.SYS -- (SYMTDI)
DRV - [2009/10/10 18:51:23 | 00,047,408 | R--- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SymIM.sys -- (SymIMMP)
DRV - [2009/10/10 18:51:23 | 00,047,408 | R--- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SymIM.sys -- (SymIM)
DRV - [2009/10/08 21:54:10 | 00,325,168 | R--- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NAV\1101000.013\SRTSP.SYS -- (SRTSP)
DRV - [2008/04/17 13:12:54 | 00,015,464 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2004/08/12 09:04:51 | 00,027,440 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2004/08/12 09:03:49 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2004/08/04 01:31:28 | 00,154,624 | ---- | M] (Lucent Technologies) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wlluc48.sys -- (wlluc48)
DRV - [2004/08/03 22:07:56 | 00,059,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2002/06/10 02:16:34 | 00,371,766 | R--- | M] (Philips Semiconductors) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CamDrL21.sys -- (PhilCam8116) Logitech QuickCam Pro 3000(PID_08B0)
DRV - [2001/08/17 07:48:40 | 00,281,600 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\atimtai.sys -- (atimtai)
DRV - [2001/08/17 07:19:48 | 00,174,464 | ---- | M] (ESS Technology, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\es198x.sys -- (maestro) ESS Maestro 3 Audio Driver (WDM)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.1.0.19\IPSFFPlgn\ [2010/01/17 17:37:35 | 00,000,000 | ---D | M]


O1 HOSTS File: ([2004/08/12 08:57:47 | 00,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Engine\17.1.0.19\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe (Logitech Inc.)
O4 - HKLM..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe (Logitech Inc.)
O4 - HKLM..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver\LVComS.exe (Logitech Inc.)
O4 - HKLM..\Run: [TkBellExe] File not found
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Aim6] File not found
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [WebCamRT.exe] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1243103541523 (WUWebControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Filter\x-sdch {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\Documents and Settings\Dan\Local Settings\Application Data\Microsoft\Wallpaper2.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Dan\Local Settings\Application Data\Microsoft\Wallpaper2.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2001/03/27 00:43:28 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{313a9040-29e3-11de-b225-a3a6b847f884}\Shell\AutoRun\command - "" = E:\setupSNK.exe -- File not found
O33 - MountPoints2\{bdc4e2c2-222c-11d5-9cbe-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{bdc4e2c2-222c-11d5-9cbe-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{bdc4e2c2-222c-11d5-9cbe-806d6172696f}\Shell\AutoRun\command - "" = D:\setup.exe -- [2009/04/21 11:27:10 | 03,043,208 | R--- | M] (AxBx )
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/01/21 21:45:59 | 00,340,016 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NAV\1105000.07F\symtdiv.sys
[2010/01/21 21:45:58 | 00,362,032 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NAV\1105000.07F\symtdi.sys
[2010/01/21 21:45:56 | 00,328,752 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NAV\1105000.07F\symds.sys
[2010/01/21 21:45:56 | 00,172,592 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NAV\1105000.07F\symefa.sys
[2010/01/21 21:45:54 | 00,043,696 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NAV\1105000.07F\srtspx.sys
[2010/01/21 21:45:44 | 00,325,168 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NAV\1105000.07F\srtsp.sys
[2010/01/21 21:45:43 | 00,116,272 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NAV\1105000.07F\ironx86.sys
[2010/01/21 21:45:41 | 00,501,888 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NAV\1105000.07F\cchpx86.sys
[2010/01/21 21:31:19 | 00,547,840 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Dan\Desktop\OTL.exe
[2010/01/21 21:29:21 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\NAV\1105000.07F
[2010/01/18 17:04:25 | 00,000,000 | ---D | C] -- C:\66d355e7347020e55cbe90c1e7b772
[2010/01/18 17:04:18 | 00,000,000 | ---D | C] -- C:\3714b7153be1c464c053bf58ad18936e
[2010/01/18 13:39:52 | 00,047,408 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SymIM.sys
[2010/01/18 12:37:53 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/01/18 12:35:07 | 00,812,344 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Dan\Desktop\HJTInstall
[2010/01/18 11:49:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Dan\Desktop\JavaRa
[2010/01/17 19:55:50 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Dan\Local Settings\Application Data\WMTools Downloaded Files
[2010/01/17 19:55:46 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Videos
[2010/01/17 19:55:45 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Dan\My Documents\My Videos
[2010/01/17 19:55:10 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\Dan\Recent
[2010/01/17 19:28:07 | 00,000,000 | ---D | C] -- C:\1a997d29ccf04b643dfb37
[2010/01/17 17:38:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Dan\Local Settings\Application Data\Tific
[2010/01/17 17:38:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Dan\My Documents\Symantec
[2010/01/17 17:38:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Dan\Application Data\Tific
[2010/01/17 17:37:55 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Dan\Local Settings\Application Data\Symantec
[2010/01/17 17:36:24 | 00,124,976 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2010/01/17 17:36:24 | 00,060,808 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL
[2010/01/17 17:36:23 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2010/01/17 17:36:23 | 00,000,000 | ---D | C] -- C:\Program Files\Symantec
[2010/01/17 17:36:03 | 00,361,520 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NAV\1101000.013\symtdi.sys
[2010/01/17 17:36:03 | 00,339,504 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NAV\1101000.013\symtdiv.sys
[2010/01/17 17:36:03 | 00,171,056 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NAV\1101000.013\SymEFA.sys
[2010/01/17 17:36:02 | 00,328,752 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NAV\1101000.013\SymDS.sys
[2010/01/17 17:36:02 | 00,325,168 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NAV\1101000.013\srtsp.sys
[2010/01/17 17:36:02 | 00,114,736 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NAV\1101000.013\Ironx86.sys
[2010/01/17 17:36:02 | 00,043,696 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NAV\1101000.013\srtspx.sys
[2010/01/17 17:36:01 | 00,501,888 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NAV\1101000.013\cchpx86.sys
[2010/01/17 17:35:37 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Sidebar
[2010/01/17 17:35:37 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\NAV
[2010/01/17 17:35:37 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\NAV\1101000.013
[2010/01/17 17:35:35 | 00,000,000 | ---D | C] -- C:\Program Files\Norton AntiVirus
[2010/01/17 17:30:26 | 00,000,000 | ---D | C] -- C:\Program Files\NortonInstaller
[2010/01/17 17:30:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NortonInstaller
[2010/01/17 15:34:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2010/01/17 15:34:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Dan\Application Data\SUPERAntiSpyware.com
[2010/01/17 15:34:15 | 00,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2010/01/17 15:33:56 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2010/01/17 15:26:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Dan\Application Data\AVG8
[2010/01/17 15:12:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Dan\Application Data\Malwarebytes
[2010/01/17 15:12:22 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/01/17 15:12:17 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/01/17 15:12:17 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/01/17 15:12:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/01/17 13:44:51 | 00,491,768 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Dan\Desktop\ie6setup.exe
[2010/01/17 12:34:43 | 00,237,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\unicows.dll
[2010/01/17 11:44:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\Norton
[2010/01/17 11:43:46 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Norton
[2010/01/17 11:15:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Dan\Local Settings\Application Data\Apple
[2010/01/17 02:00:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\PCHealth
[2010/01/16 19:54:27 | 10,038,728 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Dan\Desktop\windows-kb890830-v3.3.exe
[2010/01/16 18:21:12 | 34,630,056 | ---- | C] (PC Tools ) -- C:\Documents and Settings\Dan\Desktop\sdasetup.exe
[2010/01/16 18:21:00 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/01/16 17:39:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Dan\Local Settings\Application Data\hattjg
[2009/06/30 14:43:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple
[2009/05/23 14:07:22 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2008/10/06 15:21:22 | 00,098,576 | ---- | C] (PC Drivers Headquarters) -- C:\Program Files\DriversHQ.DriverDetective.Common.dll
[2008/10/06 15:21:20 | 01,245,456 | ---- | C] (PC Drivers Headquarters) -- C:\Program Files\DriversHQ.DriverDetective.Client.exe
[2008/10/06 15:21:20 | 00,089,872 | ---- | C] (PC Drivers Headquarters) -- C:\Program Files\DriversHQ.DriverDetective.Client.Communication.dll
[2008/10/06 15:21:20 | 00,080,656 | ---- | C] (PC Drivers Headquarters) -- C:\Program Files\DriversHQ.DriverDetective.Client.Updater.exe
[2008/10/06 15:21:18 | 00,036,112 | ---- | C] (PC Drivers Headquarters) -- C:\Program Files\DriversHQ.DriverDetective.Client.ExceptionLogging.dll
[2008/10/06 15:12:20 | 00,061,440 | ---- | C] (Microsoft Corp. - PC Drivers Headquarters) -- C:\Program Files\Microsoft.ApplicationBlocks.Updater.ActivationProcessors.dll
[2008/10/06 15:12:20 | 00,028,672 | ---- | C] (Microsoft Corp. - PC Drivers Headquarters) -- C:\Program Files\Microsoft.ApplicationBlocks.Updater.Downloaders.dll
[2008/10/06 15:12:16 | 00,118,784 | ---- | C] (Microsoft Corp. - PC Drivers Headquarters) -- C:\Program Files\Microsoft.ApplicationBlocks.Updater.dll
[2008/10/06 15:12:12 | 00,090,112 | ---- | C] (Microsoft Corporation) -- C:\Program Files\Microsoft.Practices.EnterpriseLibrary.Common.dll
[2008/10/06 15:12:12 | 00,069,632 | ---- | C] (Microsoft Corp. - PC Drivers Headquarters) -- C:\Program Files\Microsoft.Practices.EnterpriseLibrary.Security.Cryptography.dll
[2008/09/16 11:22:04 | 00,046,592 | ---- | C] (Microsoft) -- C:\Program Files\Microsoft.Practices.ObjectBuilder.dll
[2008/08/29 09:23:50 | 00,025,872 | ---- | C] (PC Drivers Headquarters) -- C:\Program Files\DriversHQ.DriverDetective.ExceptionLogging.dll
[2008/08/18 09:01:26 | 00,036,864 | ---- | C] ( ) -- C:\Program Files\Interop.WindowsInstaller.dll
[2001/03/27 00:48:32 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2001/03/27 00:48:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2001/03/27 00:48:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/01/21 21:46:18 | 00,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010/01/21 21:21:48 | 00,547,840 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dan\Desktop\OTL.exe
[2010/01/21 21:14:27 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/01/21 21:13:01 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/01/21 21:12:39 | 40,216,5760 | -HS- | M] () -- C:\hiberfil.sys
[2010/01/21 20:57:30 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/01/20 22:20:31 | 03,670,016 | -H-- | M] () -- C:\Documents and Settings\Dan\NTUSER.DAT
[2010/01/20 22:20:31 | 00,000,178 | -HS- | M] () -- C:\Documents and Settings\Dan\ntuser.ini
[2010/01/20 22:20:05 | 04,816,514 | -H-- | M] () -- C:\Documents and Settings\Dan\Local Settings\Application Data\IconCache.db
[2010/01/20 21:32:07 | 00,524,288 | ---- | M] () -- C:\Documents and Settings\Dan\Desktop\dds.com
[2010/01/20 21:22:07 | 00,359,929 | ---- | M] () -- C:\Documents and Settings\Dan\Desktop\scan.scr
[2010/01/20 21:13:43 | 00,000,439 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/01/20 21:06:38 | 00,524,288 | ---- | M] () -- C:\Documents and Settings\Dan\Desktop\dds.pif
[2010/01/20 21:06:28 | 00,000,126 | ---- | M] () -- C:\Documents and Settings\Dan\Desktop\dds.htm
[2010/01/20 21:04:31 | 00,524,288 | ---- | M] () -- C:\Documents and Settings\Dan\Desktop\scan.com
[2010/01/20 21:04:31 | 00,524,288 | ---- | M] () -- C:\Documents and Settings\Dan\Desktop\myscan.scr
[2010/01/20 21:04:31 | 00,524,288 | ---- | M] () -- C:\Documents and Settings\Dan\Desktop\dds.scr
[2010/01/18 16:36:56 | 01,034,482 | ---- | M] () -- C:\WINDOWS\System32\drivers\NAV\1101000.013\Cat.DB
[2010/01/18 12:37:55 | 00,001,734 | ---- | M] () -- C:\Documents and Settings\Dan\Desktop\HijackThis.lnk
[2010/01/18 12:35:10 | 00,812,344 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Dan\Desktop\HJTInstall
[2010/01/18 11:49:30 | 00,071,798 | ---- | M] () -- C:\Documents and Settings\Dan\Desktop\JavaRa.zip
[2010/01/18 11:40:49 | 00,009,684 | ---- | M] () -- C:\Documents and Settings\Dan\Desktop\Cheetah-anti-rogue.zip
[2010/01/17 17:36:23 | 00,124,976 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2010/01/17 17:36:23 | 00,060,808 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL
[2010/01/17 17:36:23 | 00,007,443 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2010/01/17 17:36:23 | 00,000,805 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2010/01/17 17:36:06 | 00,001,885 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Norton AntiVirus.LNK
[2010/01/17 17:24:03 | 00,000,775 | ---- | M] () -- C:\Documents and Settings\Dan\Desktop\Norton Installation Files.lnk
[2010/01/17 17:00:27 | 00,000,000 | ---- | M] () -- C:\Documents and Settings\Dan\cd
[2010/01/17 15:34:18 | 00,000,780 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/01/17 15:12:24 | 00,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/01/17 13:45:16 | 00,000,838 | ---- | M] () -- C:\WINDOWS\Active Setup Log.BAK
[2010/01/17 13:43:29 | 00,441,362 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/01/17 13:43:28 | 00,521,368 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/01/17 13:43:28 | 00,071,258 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/01/17 13:42:24 | 00,004,566 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/01/17 13:06:45 | 00,000,317 | ---- | M] () -- C:\WINDOWS\System32\mmc.exe.config
[2010/01/17 13:06:45 | 00,000,126 | ---- | M] () -- C:\WINDOWS\System32\mmc.exe.config.NAR01
[2010/01/17 13:06:45 | 00,000,126 | ---- | M] () -- C:\WINDOWS\System32\mmc.exe.config.NAR00
[2010/01/17 12:34:35 | 00,001,857 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\MSN Installer.lnk
[2010/01/16 16:41:35 | 00,102,232 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/01/14 11:12:06 | 00,181,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MpSigStub.exe
[2010/01/07 16:07:14 | 00,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/01/07 16:07:04 | 00,019,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/01/05 20:25:54 | 34,630,056 | ---- | M] (PC Tools ) -- C:\Documents and Settings\Dan\Desktop\sdasetup.exe
[2010/01/04 19:36:58 | 10,038,728 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Dan\Desktop\windows-kb890830-v3.3.exe
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/01/21 21:45:58 | 00,001,473 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1105000.07F\symnetv.inf
[2010/01/21 21:45:57 | 00,007,787 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1105000.07F\symnetv.cat
[2010/01/21 21:45:57 | 00,007,368 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1105000.07F\symnet.cat
[2010/01/21 21:45:57 | 00,001,445 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1105000.07F\symnet.inf
[2010/01/21 21:45:56 | 00,007,444 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1105000.07F\symefa.cat
[2010/01/21 21:45:56 | 00,003,374 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1105000.07F\symefa.inf
[2010/01/21 21:45:56 | 00,002,793 | R--- | C] () -- C:\WINDOWS\System32\drivers\NAV\1105000.07F\symds.inf
[2010/01/21 21:45:55 | 00,007,425 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1105000.07F\symds.cat
[2010/01/21 21:45:51 | 00,001,388 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1105000.07F\srtspx.inf
[2010/01/21 21:45:50 | 00,007,442 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1105000.07F\srtspx.cat
[2010/01/21 21:45:44 | 00,007,438 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1105000.07F\srtsp.cat
[2010/01/21 21:45:44 | 00,001,382 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1105000.07F\srtsp.inf
[2010/01/21 21:45:43 | 00,000,742 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1105000.07F\iron.inf
[2010/01/21 21:45:42 | 00,007,438 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1105000.07F\iron.cat
[2010/01/21 21:45:41 | 00,007,396 | R--- | C] () -- C:\WINDOWS\System32\drivers\NAV\1105000.07F\cchpx86.cat
[2010/01/21 21:45:41 | 00,001,756 | R--- | C] () -- C:\WINDOWS\System32\drivers\NAV\1105000.07F\cchpx86.inf
[2010/01/21 21:29:21 | 00,000,172 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1105000.07F\isolate.ini
[2010/01/20 22:13:13 | 00,524,288 | ---- | C] () -- C:\Documents and Settings\Dan\Desktop\myscan.scr
[2010/01/20 21:53:12 | 00,000,126 | ---- | C] () -- C:\Documents and Settings\Dan\Desktop\dds.htm
[2010/01/20 21:32:05 | 00,524,288 | ---- | C] () -- C:\Documents and Settings\Dan\Desktop\dds.com
[2010/01/20 21:20:43 | 00,359,929 | ---- | C] () -- C:\Documents and Settings\Dan\Desktop\scan.scr
[2010/01/20 21:18:51 | 00,524,288 | ---- | C] () -- C:\Documents and Settings\Dan\Desktop\scan.com
[2010/01/20 21:07:42 | 00,524,288 | ---- | C] () -- C:\Documents and Settings\Dan\Desktop\dds.pif
[2010/01/20 21:04:29 | 00,524,288 | ---- | C] () -- C:\Documents and Settings\Dan\Desktop\dds.scr
[2010/01/18 12:37:55 | 00,001,734 | ---- | C] () -- C:\Documents and Settings\Dan\Desktop\HijackThis.lnk
[2010/01/18 11:49:30 | 00,071,798 | ---- | C] () -- C:\Documents and Settings\Dan\Desktop\JavaRa.zip
[2010/01/18 11:40:52 | 00,009,684 | ---- | C] () -- C:\Documents and Settings\Dan\Desktop\Cheetah-anti-rogue.zip
[2010/01/17 17:36:31 | 01,034,482 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1101000.013\Cat.DB
[2010/01/17 17:36:24 | 00,007,443 | ---- | C] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2010/01/17 17:36:24 | 00,000,805 | ---- | C] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2010/01/17 17:36:06 | 00,001,885 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Norton AntiVirus.LNK
[2010/01/17 17:35:38 | 00,003,373 | R--- | C] () -- C:\WINDOWS\System32\drivers\NAV\1101000.013\SymEFA.inf
[2010/01/17 17:35:38 | 00,002,793 | R--- | C] () -- C:\WINDOWS\System32\drivers\NAV\1101000.013\SymDS.inf
[2010/01/17 17:35:38 | 00,001,756 | R--- | C] () -- C:\WINDOWS\System32\drivers\NAV\1101000.013\ccHPx86.inf
[2010/01/17 17:35:38 | 00,001,474 | R--- | C] () -- C:\WINDOWS\System32\drivers\NAV\1101000.013\SymNetV.inf
[2010/01/17 17:35:38 | 00,001,446 | R--- | C] () -- C:\WINDOWS\System32\drivers\NAV\1101000.013\SymNet.inf
[2010/01/17 17:35:38 | 00,001,389 | R--- | C] () -- C:\WINDOWS\System32\drivers\NAV\1101000.013\srtspx.inf
[2010/01/17 17:35:38 | 00,001,383 | R--- | C] () -- C:\WINDOWS\System32\drivers\NAV\1101000.013\srtsp.inf
[2010/01/17 17:35:38 | 00,000,743 | R--- | C] () -- C:\WINDOWS\System32\drivers\NAV\1101000.013\Iron.inf
[2010/01/17 17:35:37 | 00,007,774 | R--- | C] () -- C:\WINDOWS\System32\drivers\NAV\1101000.013\symnetv.cat
[2010/01/17 17:35:37 | 00,007,493 | R--- | C] () -- C:\WINDOWS\System32\drivers\NAV\1101000.013\SymDS.cat
[2010/01/17 17:35:37 | 00,007,438 | R--- | C] () -- C:\WINDOWS\System32\drivers\NAV\1101000.013\srtsp.cat
[2010/01/17 17:35:37 | 00,007,431 | R--- | C] () -- C:\WINDOWS\System32\drivers\NAV\1101000.013\SymEFA.cat
[2010/01/17 17:35:37 | 00,007,429 | R--- | C] () -- C:\WINDOWS\System32\drivers\NAV\1101000.013\srtspx.cat
[2010/01/17 17:35:37 | 00,007,424 | R--- | C] () -- C:\WINDOWS\System32\drivers\NAV\1101000.013\iron.cat
[2010/01/17 17:35:37 | 00,007,396 | R--- | C] () -- C:\WINDOWS\System32\drivers\NAV\1101000.013\cchpx86.cat
[2010/01/17 17:35:37 | 00,007,355 | R--- | C] () -- C:\WINDOWS\System32\drivers\NAV\1101000.013\SymNet.cat
[2010/01/17 17:35:37 | 00,000,172 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1101000.013\isolate.ini
[2010/01/17 17:00:27 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\Dan\cd
[2010/01/17 15:34:18 | 00,000,780 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/01/17 15:12:24 | 00,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/01/17 13:40:28 | 00,000,838 | ---- | C] () -- C:\WINDOWS\Active Setup Log.BAK
[2010/01/17 13:19:32 | 40,216,5760 | -HS- | C] () -- C:\hiberfil.sys
[2010/01/17 13:06:45 | 00,000,317 | ---- | C] () -- C:\WINDOWS\System32\mmc.exe.config
[2010/01/17 13:06:45 | 00,000,126 | ---- | C] () -- C:\WINDOWS\System32\mmc.exe.config.NAR01
[2010/01/17 13:06:45 | 00,000,126 | ---- | C] () -- C:\WINDOWS\System32\mmc.exe.config.NAR00
[2010/01/17 12:34:35 | 00,001,857 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\MSN Installer.lnk
[2010/01/17 11:44:44 | 00,000,775 | ---- | C] () -- C:\Documents and Settings\Dan\Desktop\Norton Installation Files.lnk
[2010/01/16 19:54:21 | 05,154,304 | ---- | C] () -- C:\Documents and Settings\Dan\Desktop\WindowsDefender.msi
[2008/11/09 15:42:23 | 00,002,012 | ---- | C] () -- C:\Program Files\DriversHQ.DriverDetective.Client.InstallState
[2008/10/06 15:21:18 | 00,120,080 | ---- | C] () -- C:\Program Files\DriversHQ.DriverDetective.Client.Communication.XmlSerializers.dll
[2008/10/06 15:21:18 | 00,020,240 | ---- | C] () -- C:\Program Files\DriversHQ.DriverDetective.Client.ExceptionLogging.XmlSerializers.dll
[2008/10/06 14:46:50 | 00,053,466 | ---- | C] () -- C:\Program Files\DriverDetective.chm
[2008/08/14 13:23:52 | 00,049,152 | ---- | C] () -- C:\Program Files\XPBurnComponent.dll
[2008/03/27 13:33:22 | 00,005,282 | ---- | C] () -- C:\Program Files\DriversHQ.DriverDetective.Client.exe.config
[2007/05/15 09:13:54 | 00,003,569 | ---- | C] () -- C:\Program Files\DriversHQ.DriverDetective.Client.Updater.exe.config
[2007/04/02 12:52:38 | 00,000,241 | ---- | C] () -- C:\WINDOWS\QSync.INI
[2007/04/02 12:51:29 | 00,000,252 | ---- | C] () -- C:\WINDOWS\_delis32.ini
[2007/04/02 12:47:29 | 00,005,187 | R--- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2007/03/04 17:25:14 | 00,028,672 | ---- | C] () -- C:\Documents and Settings\Dan\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/03/03 15:56:37 | 00,000,029 | ---- | C] () -- C:\WINDOWS\atid.ini
[2004/08/12 09:04:51 | 00,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2001/03/27 01:29:07 | 00,000,126 | ---- | C] () -- C:\Documents and Settings\Dan\Local Settings\Application Data\fusioncache.dat

========== Alternate Data Streams ==========

@Alternate Data Stream - 103 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
< End of report >

Hello.

• Download combofix from here
  Link 1
  Link 2
  
  1. If you are using Firefox, make sure that your download settings are as follows:
  
  * Tools->Options->Main tab
  * Set to "Always ask me where to Save the files".
  
  2. During the download, rename Combofix to Combo-Fix as follows:
  
  
  
  
  
  3. It is important you rename Combofix during the download, but not after.
  4. Please do not rename Combofix to other names, but only to the one indicated.
  5. Close any open browsers.
  6. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  
  
• We need to disable your local AV (Anti-virus) before running Combofix.
  
• See HERE for how to disable your AV.
  
• Double click on ComboFix.exe.
  
• Follow the prompts. NOTE:
  
• ComboFix will check to see if the Microsoft Windows Recovery Console is installed.
  ***It's strongly recommended to have the Recovery Console installed before doing any malware removal.***
  
  **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will automatically proceed with its scan.
  
  
  
• The Recovery Console provides a recovery/repair mode should a problem occur during a Combofix run.
  
  
  
  
• Allow ComboFix to download the Recovery Console.
  
• Accept the End-User License Agreement.
  
• The Recovery Console will be installed.
  
• You will then get this next prompt that asks if you want to continue the malware scan, select yes
  
  
  
  
• Allow combofix to run
  
• Post C:\combofix.txt back here.
  
  Note:
  Do not mouseclick combofix's window whilst it's running. That may cause it to stall.
  

ComboFix 10-01-21.08 - Dan 01/22/2010 21:42:00.1.1 - x86
Running from: c:\documents and settings\Dan\Desktop\Combo-Fix.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\docume~1\Dan\LOCALS~1\Temp\tmp1.tmp
c:\docume~1\Dan\LOCALS~1\Temp\tmp2.tmp

.
((((((((((((((((((((((((( Files Created from 2009-12-23 to 2010-01-23 )))))))))))))))))))))))))))))))
.

2010-01-23 02:19 . 2010-01-21 02:12 84912 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.1.0.19\Definitions\VirusDefs\20100122.025\NAVENG.SYS
2010-01-23 02:19 . 2010-01-21 02:12 177520 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.1.0.19\Definitions\VirusDefs\20100122.025\NAVENG32.DLL
2010-01-23 02:19 . 2010-01-21 02:12 1647984 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.1.0.19\Definitions\VirusDefs\20100122.025\NAVEX32A.DLL
2010-01-23 02:19 . 2010-01-21 02:12 1323568 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.1.0.19\Definitions\VirusDefs\20100122.025\NAVEX15.SYS
2010-01-23 02:19 . 2010-01-21 02:12 371248 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.1.0.19\Definitions\VirusDefs\20100122.025\EECTRL.SYS
2010-01-23 02:19 . 2010-01-21 02:12 2747440 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.1.0.19\Definitions\VirusDefs\20100122.025\CCERASER.DLL
2010-01-23 02:19 . 2010-01-21 02:12 259440 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.1.0.19\Definitions\VirusDefs\20100122.025\ECMSVR32.DLL
2010-01-23 02:19 . 2010-01-21 02:12 102448 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.1.0.19\Definitions\VirusDefs\20100122.025\ERASER.SYS
2010-01-20 02:39 . 2009-10-28 22:37 811896 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.1.0.19\Definitions\IPSDefs\20100119.001\Scxpx86.dll
2010-01-20 02:38 . 2009-10-28 22:37 329592 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.1.0.19\Definitions\IPSDefs\20100119.001\IDSXpx86.sys
2010-01-20 02:38 . 2009-10-28 22:37 488312 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.1.0.19\Definitions\IPSDefs\20100119.001\IDSxpx86.dll
2010-01-20 02:38 . 2009-10-28 22:37 343088 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.1.0.19\Definitions\IPSDefs\20100119.001\IDSvix86.sys
2010-01-20 02:38 . 2009-10-28 22:37 466992 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.1.0.19\Definitions\IPSDefs\20100119.001\IDSviA64.sys
2010-01-18 22:04 . 2010-01-18 22:07 -------- d-----w- C:\66d355e7347020e55cbe90c1e7b772
2010-01-18 22:04 . 2010-01-18 22:07 -------- d-----w- C:\3714b7153be1c464c053bf58ad18936e
2010-01-18 18:39 . 2009-12-03 06:09 47408 ----a-r- c:\windows\system32\drivers\SymIM.sys
2010-01-18 17:37 . 2010-01-18 17:37 -------- d-----w- c:\program files\Trend Micro
2010-01-18 00:55 . 2010-01-18 00:55 -------- d-----w- c:\documents and settings\Dan\Local Settings\Application Data\WMTools Downloaded Files
2010-01-18 00:28 . 2010-01-18 00:31 -------- d-----w- C:\1a997d29ccf04b643dfb37
2010-01-17 22:48 . 2009-10-28 22:37 343088 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.1.0.19\Definitions\IPSDefs\20100116.002\IDSvix86.sys
2010-01-17 22:48 . 2009-10-28 22:37 329592 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.1.0.19\Definitions\IPSDefs\20100116.002\IDSXpx86.sys
2010-01-17 22:48 . 2009-10-28 22:37 811896 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.1.0.19\Definitions\IPSDefs\20100116.002\Scxpx86.dll
2010-01-17 22:48 . 2009-10-28 22:37 488312 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.1.0.19\Definitions\IPSDefs\20100116.002\IDSxpx86.dll
2010-01-17 22:48 . 2009-10-28 22:37 466992 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.1.0.19\Definitions\IPSDefs\20100116.002\IDSviA64.sys
2010-01-17 22:38 . 2010-01-18 01:23 -------- d-----w- c:\documents and settings\Dan\Local Settings\Application Data\Tific
2010-01-17 22:38 . 2010-01-17 22:38 -------- d-----w- c:\documents and settings\Dan\Application Data\Tific
2010-01-17 22:37 . 2010-01-17 22:37 -------- d-----w- c:\documents and settings\Dan\Local Settings\Application Data\Symantec
2010-01-17 22:37 . 2009-10-01 09:19 164216 ----a-r- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.1.0.19\IPSFFPlgn\components\IPSFFPl.dll
2010-01-17 22:36 . 2010-01-17 22:36 60808 ----a-w- c:\windows\system32\S32EVNT1.DLL
2010-01-17 22:36 . 2010-01-17 22:36 124976 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2010-01-17 22:36 . 2010-01-18 00:14 -------- d-----w- c:\program files\Common Files\Symantec Shared
2010-01-17 22:36 . 2010-01-17 22:36 -------- d-----w- c:\program files\Symantec
2010-01-17 22:35 . 2009-10-05 17:34 929648 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.1.0.19\OCS\hsplayer.dll
2010-01-17 22:35 . 2009-11-07 01:18 892272 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.1.0.19\CLT\cltLMSx.dll
2010-01-17 22:35 . 2010-01-23 02:08 -------- d-----w- c:\windows\system32\drivers\NAV
2010-01-17 22:35 . 2010-01-17 22:35 -------- d-----w- c:\program files\Windows Sidebar
2010-01-17 22:35 . 2010-01-17 22:35 -------- d-----w- c:\program files\Norton AntiVirus
2010-01-17 22:30 . 2010-01-17 22:30 -------- d-----w- c:\program files\NortonInstaller
2010-01-17 22:30 . 2010-01-17 22:30 -------- d-----w- c:\documents and settings\All Users\Application Data\NortonInstaller
2010-01-17 20:34 . 2010-01-17 20:34 52224 ----a-w- c:\documents and settings\Dan\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
2010-01-17 20:34 . 2010-01-17 20:34 117760 ----a-w- c:\documents and settings\Dan\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2010-01-17 20:34 . 2010-01-17 20:34 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2010-01-17 20:34 . 2010-01-17 20:34 -------- d-----w- c:\program files\SUPERAntiSpyware
2010-01-17 20:34 . 2010-01-17 20:34 -------- d-----w- c:\documents and settings\Dan\Application Data\SUPERAntiSpyware.com
2010-01-17 20:33 . 2010-01-17 20:33 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-01-17 20:26 . 2010-01-17 20:26 -------- d-----w- c:\documents and settings\Dan\Application Data\AVG8
2010-01-17 20:12 . 2010-01-17 20:12 -------- d-----w- c:\documents and settings\Dan\Application Data\Malwarebytes
2010-01-17 20:12 . 2010-01-07 21:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-17 20:12 . 2010-01-17 20:12 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-01-17 20:12 . 2010-01-17 20:12 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-01-17 20:12 . 2010-01-07 21:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-17 17:34 . 2004-01-07 19:21 237936 ----a-w- c:\windows\system32\unicows.dll
2010-01-17 16:43 . 2010-01-17 22:35 -------- d-----w- c:\documents and settings\All Users\Application Data\Norton
2010-01-17 16:15 . 2010-01-17 16:15 -------- d-----w- c:\documents and settings\Dan\Local Settings\Application Data\Apple
2010-01-17 07:00 . 2010-01-17 07:00 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\PCHealth
2010-01-16 23:21 . 2010-01-17 16:11 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2010-01-16 22:39 . 2010-01-17 21:36 -------- d-----w- c:\documents and settings\Dan\Local Settings\Application Data\hattjg
2010-01-16 21:44 . 2010-01-16 21:44 8406648 ----a-w- c:\documents and settings\Dan\Application Data\Real\Update\setup\gtb_us\GOOGLE_TOOLBAR\GoogleToolbarInstaller.exe
2010-01-16 21:43 . 2010-01-16 21:43 10309448 ----a-w- c:\documents and settings\Dan\Application Data\Real\Update\setup\chr\ChromeInstaller.exe
2010-01-16 21:42 . 2010-01-16 21:42 64000 ----a-w- c:\documents and settings\Dan\Application Data\Real\Update\setup\RUP\inst_config\gcapi_dll.dll
2010-01-16 21:42 . 2010-01-16 21:42 52288 ----a-w- c:\documents and settings\Dan\Application Data\Real\Update\setup\RUP\inst_config\gtapi.dll
2010-01-16 21:42 . 2010-01-16 21:42 50688 ----a-w- c:\documents and settings\Dan\Application Data\Real\Update\setup\RUP\inst_config\fftbapi.dll
2010-01-16 21:42 . 2010-01-16 21:42 114688 ----a-w- c:\documents and settings\Dan\Application Data\Real\Update\setup\RUP\inst_config\compat.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-17 22:36 . 2010-01-17 22:36 805 ----a-w- c:\windows\system32\drivers\SYMEVENT.INF
2010-01-17 22:36 . 2010-01-17 22:36 7443 ----a-w- c:\windows\system32\drivers\SYMEVENT.CAT
2010-01-17 16:20 . 2008-05-22 12:26 -------- d-----w- c:\program files\AskPBar
2010-01-17 16:08 . 2007-03-03 20:57 -------- d-----w- c:\documents and settings\All Users\Application Data\Viewpoint
2010-01-14 16:12 . 2009-10-04 17:04 181120 ------w- c:\windows\system32\MpSigStub.exe
2009-12-22 05:42 . 2004-08-12 14:09 662016 ----a-w- c:\windows\system32\wininet.dll
2009-12-22 05:42 . 2004-08-12 13:58 81920 ----a-w- c:\windows\system32\ieencode.dll
2009-12-05 04:54 . 2009-12-05 04:54 529456 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.1.0.19\Definitions\BASHDefs\20091205.001\BHDrvx86.sys
2009-12-05 04:54 . 2009-12-05 04:54 201616 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.1.0.19\Definitions\BASHDefs\20091205.001\BHRules.dll
2009-12-05 04:54 . 2009-12-05 04:54 1405840 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.1.0.19\Definitions\BASHDefs\20091205.001\BHEngine.dll
2009-12-05 04:54 . 2009-12-05 04:54 668720 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.1.0.19\Definitions\BASHDefs\20091205.001\BHDrvx64.sys
2009-12-05 04:54 . 2009-12-05 04:54 610704 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.1.0.19\Definitions\BASHDefs\20091205.001\bbRGen.dll
2009-11-25 02:42 . 2009-11-25 02:41 17237488 ----a-w- c:\documents and settings\Dan\Application Data\Real\Update\setup\rp\RealPlayerSPGold.exe
2009-11-21 16:36 . 2004-08-12 13:55 470528 ----a-w- c:\windows\AppPatch\aclayers.dll
2009-11-01 19:12 . 2009-11-01 19:12 488968 ----a-w- c:\documents and settings\Dan\Application Data\Real\Update\setup\setup.exe
2009-10-28 22:37 . 2009-10-28 22:37 343088 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.1.0.19\Definitions\IPSDefs\BinHub\IDSvix86.sys
2009-10-28 22:37 . 2009-10-28 22:37 329592 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.1.0.19\Definitions\IPSDefs\BinHub\IDSXpx86.sys
2009-10-28 22:37 . 2009-10-28 22:37 811896 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.1.0.19\Definitions\IPSDefs\BinHub\Scxpx86.dll
2009-10-28 22:37 . 2009-10-28 22:37 488312 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.1.0.19\Definitions\IPSDefs\BinHub\IDSxpx86.dll
2009-10-28 22:37 . 2009-10-28 22:37 466992 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.1.0.19\Definitions\IPSDefs\BinHub\IDSviA64.sys
2008-11-09 20:42 . 2008-11-09 20:42 2012 ----a-w- c:\program files\DriversHQ.DriverDetective.Client.InstallState
2008-10-06 20:21 . 2008-10-06 20:21 98576 ----a-w- c:\program files\DriversHQ.DriverDetective.Common.dll
2008-10-06 20:21 . 2008-10-06 20:21 89872 ----a-w- c:\program files\DriversHQ.DriverDetective.Client.Communication.dll
2008-10-06 20:21 . 2008-10-06 20:21 80656 ----a-w- c:\program files\DriversHQ.DriverDetective.Client.Updater.exe
2008-10-06 20:21 . 2008-10-06 20:21 1245456 ----a-w- c:\program files\DriversHQ.DriverDetective.Client.exe
2008-10-06 20:21 . 2008-10-06 20:21 36112 ----a-w- c:\program files\DriversHQ.DriverDetective.Client.ExceptionLogging.dll
2008-10-06 20:21 . 2008-10-06 20:21 20240 ----a-w- c:\program files\DriversHQ.DriverDetective.Client.ExceptionLogging.XmlSerializers.dll
2008-10-06 20:21 . 2008-10-06 20:21 120080 ----a-w- c:\program files\DriversHQ.DriverDetective.Client.Communication.XmlSerializers.dll
2008-10-06 20:12 . 2008-10-06 20:12 61440 ----a-w- c:\program files\Microsoft.ApplicationBlocks.Updater.ActivationProcessors.dll
2008-10-06 20:12 . 2008-10-06 20:12 28672 ----a-w- c:\program files\Microsoft.ApplicationBlocks.Updater.Downloaders.dll
2008-10-06 20:12 . 2008-10-06 20:12 118784 ----a-w- c:\program files\Microsoft.ApplicationBlocks.Updater.dll
2008-10-06 20:12 . 2008-10-06 20:12 90112 ----a-w- c:\program files\Microsoft.Practices.EnterpriseLibrary.Common.dll
2008-10-06 20:12 . 2008-10-06 20:12 69632 ----a-w- c:\program files\Microsoft.Practices.EnterpriseLibrary.Security.Cryptography.dll
2008-10-06 19:46 . 2008-10-06 19:46 53466 ----a-w- c:\program files\DriverDetective.chm
2008-09-16 16:22 . 2008-09-16 16:22 46592 ----a-w- c:\program files\Microsoft.Practices.ObjectBuilder.dll
2008-08-29 14:23 . 2008-08-29 14:23 25872 ----a-w- c:\program files\DriversHQ.DriverDetective.ExceptionLogging.dll
2008-08-18 14:01 . 2008-08-18 14:01 36864 ----a-w- c:\program files\Interop.WindowsInstaller.dll
2008-08-14 18:23 . 2008-08-14 18:23 49152 ----a-w- c:\program files\XPBurnComponent.dll
2008-03-27 18:33 . 2008-03-27 18:33 5282 ----a-w- c:\program files\DriversHQ.DriverDetective.Client.exe.config
2007-05-15 14:13 . 2007-05-15 14:13 3569 ----a-w- c:\program files\DriversHQ.DriverDetective.Client.Updater.exe.config
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-03-15 39408]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2010-01-05 2002160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TkBellExe"="realsched.exe -osboot" [X]
"LVCOMS"="c:\program files\Common Files\Logitech\QCDriver\LVCOMS.EXE" [2002-06-10 102400]
"LogitechGalleryRepair"="c:\program files\Logitech\ImageStudio\ISStart.exe" [2002-06-20 155648]
"LogitechImageStudioTray"="c:\program files\Logitech\ImageStudio\LogiTray.exe" [2002-06-20 45056]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-10-01 289576]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2006-11-03 866584]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 19:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\AIM6\\aim6.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NAV\1105000.07F\SYMDS.SYS [2009-11-05 328752]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NAV\1105000.07F\SYMEFA.SYS [2009-11-26 172592]
S1 BHDrvx86;BHDrvx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.1.0.19\Definitions\BASHDefs\20091205.001\BHDrvx86.sys [2009-12-05 529456]
S1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\NAV\1105000.07F\ccHPx86.sys [2009-12-09 501888]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2010-01-05 9968]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.sys [2010-01-05 74480]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NAV\1105000.07F\Ironx86.SYS [2009-11-26 116272]
S2 NAV;Norton AntiVirus;c:\program files\Norton AntiVirus\Engine\17.5.0.127\ccSvcHst.exe [2009-12-09 126392]
S2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
S3 atimtai;atimtai;c:\windows\system32\DRIVERS\atimtai.sys [2001-08-17 281600]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2010-01-17 102448]
S3 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.1.0.19\Definitions\IPSDefs\20100119.001\IDSxpx86.sys [2009-10-28 329592]
S3 maestro;ESS Maestro 3 Audio Driver (WDM);c:\windows\system32\drivers\es198x.sys [2001-08-17 174464]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2010-01-05 7408]

.
Contents of the 'Scheduled Tasks' folder

2010-01-23 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 23:20]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://securityresponse.symantec.com/avcenter/fix_homepage
mStart Page = hxxp://securityresponse.symantec.com/avcenter/fix_homepage
.
- - - - ORPHANS REMOVED - - - -

HKCU-Run-Aim6 - (no file)
HKCU-Run-WebCamRT.exe - (no file)



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-22 21:51
Windows 5.1.2600 Service Pack 2 NTFS

scanning hȋdden processes ...

scanning hȋdden autostart entries ...

scanning hȋdden files ...

scan completed successfully
hȋdden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\NAV]
"ImagePath"="\"c:\program files\Norton AntiVirus\Engine\17.5.0.127\ccSvcHst.exe\" /s \"NAV\" /m \"c:\program files\Norton AntiVirus\Engine\17.5.0.127\diMaster.dll\" /prefetch:1"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(732)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
.
Completion time: 2010-01-22 21:55:32
ComboFix-quarantined-files.txt 2010-01-23 02:55

Pre-Run: 93,651,738,624 bytes free
Post-Run: 94,587,424,768 bytes free

WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

- - End Of File - - 72522FE90F0E56418B17E8CB627F49DD

Please download the OTMoveIt by OldTimer.

• Save it to your desktop.
  
• Please double-click OTM.exe to run it.
  
• Copy the bolded text below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
  
  
  :files
  c:\program files\AskPBar
  
  
  
• Return to OTMoveIt, right click in the "Paste instructions for items to be Moved" window (under the light blue bar) and choose Paste.
  
• Click the red Moveit! button.
  
• Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  
• Close OTMoveIt
  

If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

Please post the OTMoveIt log.

From Results Window:

========== FILES ==========
c:\program files\AskPBar\bar\Settings folder moved successfully.
c:\program files\AskPBar\bar\History folder moved successfully.
c:\program files\AskPBar\bar folder moved successfully.
c:\program files\AskPBar folder moved successfully.

OTM by OldTimer - Version 3.1.6.0 log created on 01242010

From OTMoverLog:

========== FILES ==========
c:\program files\AskPBar\bar\Settings folder moved successfully.
c:\program files\AskPBar\bar\History folder moved successfully.
c:\program files\AskPBar\bar folder moved successfully.
c:\program files\AskPBar folder moved successfully.

OTM by OldTimer - Version 3.1.6.0 log created on 01242010_115338

Click Start > Run and copy/paste the following bolded text into the Run box and click OK:

ComboFix /uninstall

This will also reset your restore points.

How is the machine running now?

Machine is MUCH more stable and functioning a lot better. Still some loss of functionality though: browser hyperlinks won't activate in active window (have to "open link in new window"), file and folder search function in start-up menu is inoperable, desktop icons won't boot or load at startup (have to use task manager to trigger run function and desktop icons will appear within a few minutes). Is this damage caused by the virus that has now been removed or is it indicative that that the virus is still present?