Solved Update failure (Spywareblaster & Malwarebytes) access is denied

Status
Not open for further replies.
S

Swive

Posts: 14   +0
Unable to update Spywareblaster, Spybot or Malwarebytes - Error Message = Access is Denied. MBAM is clean. Spybot had 'fixed' spyware. Recently installed NAV is clean and can update itself.

Thanks in Advance!
----------------------------------- --------------------------- --------------------
GMER
GMER 1.0.15.15077 [gmer.exe] - http://www.gmer.net
Rootkit quick scan 2011-05-13 17:32:02
Windows 5.1.2600 Service Pack 2


---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\Tcpip \Device\Ip SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\Tcp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\Udp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\RawIp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)

---- EOF - GMER 1.0.15 ----

DDS:
.
DDS (Ver_11-03-05.01) - NTFSx86
Run by Stephen H. Blum at 17:33:48.67 on Fri 05/13/2011
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.2550.1827 [GMT -5:00]
.
AV: Norton AntiVirus *Disabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
AV: McAfee VirusScan *Disabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: *Disabled*
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
C:\Program Files\Google\Update\1.3.21.53\GoogleCrashHandler.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Brother\ControlCenter2\brctrcen.exe
C:\Program Files\Brownie\BrstsWnd.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Brownie\brpjp04a.exe
C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Norton AntiVirus\Engine\18.6.0.29\ccSvcHst.exe
svchost.exe
C:\Program Files\Norton AntiVirus\Engine\18.6.0.29\ccSvcHst.exe
C:\TempDL\gmer\gmer.exe
C:\TempDL\Spyware_Removal\dds.scr
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uDefault_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=5060926
uInternet Connection Wizard,ShellNext = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=5060926
uSearchAssistant = hxxp://www.google.com
mSearchAssistant = hxxp://www.google.com
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg9\avgssie.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton antivirus\engine\18.6.0.29\ips\IPSBHO.DLL
BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
mRun: [igfxtray] c:\windows\system32\igfxtray.exe
mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe
mRun: [igfxpers] c:\windows\system32\igfxpers.exe
mRun: [SigmatelSysTrayApp] stsystra.exe
mRun: [ControlCenter2.0] c:\program files\brother\controlcenter2\brctrcen.exe /autorun
mRun: [BrStsWnd] c:\program files\brownie\BrstsWnd.exe Autorun
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [Intuit SyncManager] c:\program files\common files\intuit\sync\IntuitSyncManager.exe startup
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-app?lic=OQBBAFYARgBSAEUARQAtAFYATgBKADMAMgAtAEcAMwBMAEEAQQAtAEEANAA4ADkAUgAtADkAVQBKAEsARgAtAEUASwBLADMAWAA"&"inst=NwA3AC0AOAA2ADQANgAwADYANwA2AC0AVAA1AC0AVQA4ADUAKwAxAC0AQgBBACsAMQAtAFgATAArADEALQBGAFAAOQArADYALQBUAEIAOQArADIALQBGAEwAKwA5AC0AWABPADMANgArADEALQBGADkATQA3AEMAKwA1AC0ARgA5AE0AMQAwAEIAKwAxAC0AWABPADkAKwAxAC0ARgA5AE0AMgArADEA"&"prod=90"&"ver=9.0.894
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\quickb~1.lnk - c:\program files\common files\intuit\quickbooks\qbupdate\qbupdate.exe
IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office11\EXCEL.EXE/3000
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mi1933~1\office11\REFIEBAR.DLL
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
Trusted Zone: phantombidder.com\www
Trusted Zone: musicmatch.com\online
DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
DPF: {01113300-3E00-11D2-8470-0060089874ED} - hxxp://support.cox.com/sdccommon/download/tgctlcm.cab
DPF: {33704B0F-9EB7-434B-B752-EA6CFFB87423} - hxxp://westarfalconcam1.viewnetcam.com/JpegInst.cab
DPF: {5AA5A569-F96F-4628-A528-8B3698F558BB} - hxxp://install.homestead.com/~site/InstallFiles/SIFiles/lpxlive/HS_live.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1160592171781
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} - hxxp://www.crucial.com/controls/cpcScanner.cab
DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} - hxxp://office.microsoft.com/officeupdate/content/opuc4.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: intu-help-qb3 - {c5e479ea-0a65-4b05-8c6c-2fc8cc682eb4} - c:\program files\intuit\quickbooks 2010\HelpAsyncPluggableProtocol.dll
Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - c:\windows\system32\mscoree.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: igfxcui - igfxdev.dll
AppInit_DLLs: cru629.dat
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
Hosts: 127.0.0.1 www.spywareinfo.com
.
============= SERVICES / DRIVERS ===============
.
R0 AVG Anti-Rootkit;AVG Anti-Rootkit;c:\windows\system32\drivers\avgarkt.sys [2007-1-31 5632]
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\nav\1206000.01d\symds.sys [2011-5-13 340088]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\nav\1206000.01d\symefa.sys [2011-5-13 744568]
R1 AvgArCln;Avg Anti-Rootkit Clean Driver;c:\windows\system32\drivers\AvgArCln.sys [2009-8-28 3968]
R1 BHDrvx86;BHDrvx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nav_18.5.0.125\definitions\bashdefs\20110430.001\BHDrvx86.sys [2011-5-13 802936]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\nav\1206000.01d\ironx86.sys [2011-5-13 136312]
R2 NAV;Norton AntiVirus;c:\program files\norton antivirus\engine\18.6.0.29\ccsvchst.exe [2011-5-13 130008]
R3 IDSxpx86;IDSxpx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nav_18.5.0.125\definitions\ipsdefs\20110512.001\IDSXpx86.sys [2011-5-13 341944]
R3 NAVENG;NAVENG;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nav_18.5.0.125\definitions\virusdefs\20110513.002\naveng.sys [2011-5-13 86136]
R3 NAVEX15;NAVEX15;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nav_18.5.0.125\definitions\virusdefs\20110513.002\navex15.sys [2011-5-13 1393144]
S2 gupdate1ca1a069b09d31e;Google Update Service (gupdate1ca1a069b09d31e);c:\program files\google\update\GoogleUpdate.exe [2009-8-10 133104]
S3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2010-8-13 13192]
S3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2010-8-13 8456]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2009-8-10 133104]
S3 QuickBooksDB20;QuickBooksDB20;c:\progra~1\intuit\quickb~2\qbdbmgrn.exe -hvquickbooksdb20 --> c:\progra~1\intuit\quickb~2\QBDBMgrN.exe -hvQuickBooksDB20 [?]
.
=============== Created Last 30 ================
.
2011-05-13 21:40:49 -------- d-----w- c:\program files\Windows Resource Kits
2011-05-13 17:07:00 60872 ----a-w- c:\windows\system32\S32EVNT1.DLL
2011-05-13 17:07:00 126584 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2011-05-13 17:07:00 -------- d-----w- c:\program files\Symantec
2011-05-13 17:07:00 -------- d-----w- c:\program files\common files\Symantec Shared
2011-05-13 17:06:52 369784 ----a-w- c:\windows\system32\drivers\nav\1206000.01d\symtdi.sys
2011-05-13 17:06:52 331384 ----a-w- c:\windows\system32\drivers\nav\1206000.01d\symtdiv.sys
2011-05-13 17:06:51 744568 ----a-w- c:\windows\system32\drivers\nav\1206000.01d\symefa.sys
2011-05-13 17:06:51 516216 ----a-w- c:\windows\system32\drivers\nav\1206000.01d\srtsp.sys
2011-05-13 17:06:51 50168 ----a-w- c:\windows\system32\drivers\nav\1206000.01d\srtspx.sys
2011-05-13 17:06:51 340088 ----a-w- c:\windows\system32\drivers\nav\1206000.01d\symds.sys
2011-05-13 17:06:51 296568 ----a-w- c:\windows\system32\drivers\nav\1206000.01d\symnets.sys
2011-05-13 17:06:51 136312 ----a-r- c:\windows\system32\drivers\nav\1206000.01d\ironx86.sys
2011-05-13 17:06:23 -------- d-----w- c:\windows\system32\drivers\nav\1206000.01D
2011-05-13 17:05:37 -------- d-----w- c:\windows\system32\drivers\NAV
2011-05-13 17:05:34 -------- d-----w- c:\program files\Norton AntiVirus
2011-05-13 16:31:47 -------- d-----w- c:\docume~1\alluse~1\applic~1\Norton
2011-05-13 16:24:24 -------- d-----w- c:\program files\NortonInstaller
2011-05-13 16:24:24 -------- d-----w- c:\docume~1\alluse~1\applic~1\NortonInstaller
2011-05-11 19:20:46 -------- d-----w- c:\program files\Spybot - Search & Destroy
2011-05-11 19:20:46 -------- d-----w- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
2011-05-06 12:56:04 -------- d-----w- c:\docume~1\alluse~1\applic~1\MFAData
2011-04-20 20:13:59 -------- d-----w- c:\windows\system32\wbem\repository\FS
2011-04-20 20:13:59 -------- d-----w- c:\windows\system32\wbem\Repository
.
==================== Find3M ====================
.
2011-04-01 17:37:50 50 ----a-w- C:\QB_C_M.bat
2011-04-01 17:35:01 75 ----a-w- C:\QB_SB_OFFICE.bat
.
============= FINISH: 17:34:26.53 ===============

Attach:

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_11-03-05.01)
.
Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume2
Install Date: 10/9/2006 5:26:20 PM
System Uptime: 5/13/2011 11:22:35 AM (6 hours ago)
.
Motherboard: Dell Inc. | | 0HJ054
Processor: Intel(R) Pentium(R) 4 CPU 3.00GHz | Microprocessor | 2992/800mhz
Processor: Intel(R) Pentium(R) 4 CPU 3.00GHz | Microprocessor | 2992/800mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 71 GiB total, 48.948 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Linksys Wireless-G PCI Adapter
Device ID: PCI\VEN_1814&DEV_0301&SUBSYS_00551737&REV_00\4&5855BE9&0&10F0
Manufacturer: Linksys, A Division of Cisco Systems, Inc.
Name: Linksys Wireless-G PCI Adapter
PNP Device ID: PCI\VEN_1814&DEV_0301&SUBSYS_00551737&REV_00\4&5855BE9&0&10F0
Service: RT61
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Intel(R) PRO/100 VE Network Connection
Device ID: PCI\VEN_8086&DEV_27DC&SUBSYS_01AB1028&REV_01\4&5855BE9&0&40F0
Manufacturer: Intel
Name: Intel(R) PRO/100 VE Network Connection
PNP Device ID: PCI\VEN_8086&DEV_27DC&SUBSYS_01AB1028&REV_01\4&5855BE9&0&40F0
Service: E100B
.
==== System Restore Points ===================
.
RP847: 2/14/2011 8:41:20 AM - System Checkpoint
RP848: 2/16/2011 7:37:20 AM - System Checkpoint
RP849: 2/18/2011 8:06:12 AM - System Checkpoint
RP850: 2/21/2011 8:37:01 AM - System Checkpoint
RP851: 2/23/2011 7:37:28 AM - System Checkpoint
RP852: 2/25/2011 8:34:14 AM - System Checkpoint
RP853: 2/28/2011 8:22:42 AM - System Checkpoint
RP854: 3/2/2011 7:36:39 AM - System Checkpoint
RP855: 3/2/2011 5:10:58 PM - Software Distribution Service 3.0
RP856: 3/4/2011 8:25:53 AM - System Checkpoint
RP857: 3/7/2011 8:21:08 AM - System Checkpoint
RP858: 3/9/2011 7:21:41 AM - System Checkpoint
RP859: 3/9/2011 8:01:15 AM - Software Distribution Service 3.0
RP860: 3/11/2011 8:15:41 AM - System Checkpoint
RP861: 3/14/2011 8:16:45 AM - System Checkpoint
RP862: 3/16/2011 7:22:10 AM - System Checkpoint
RP863: 3/16/2011 11:12:30 AM - Avg Update
RP864: 3/16/2011 11:12:58 AM - Avg Update
RP865: 3/18/2011 8:21:16 AM - System Checkpoint
RP866: 3/28/2011 8:26:44 AM - System Checkpoint
RP867: 3/28/2011 11:17:57 AM - Printer Driver Amyuni Document Converter 400 Installed
RP868: 3/30/2011 7:25:53 AM - System Checkpoint
RP869: 4/1/2011 8:24:31 AM - System Checkpoint
RP870: 4/4/2011 8:32:21 AM - System Checkpoint
RP871: 4/6/2011 7:44:05 AM - System Checkpoint
RP872: 4/8/2011 8:23:07 AM - System Checkpoint
RP873: 4/13/2011 7:21:24 AM - System Checkpoint
RP874: 4/13/2011 5:18:03 PM - Software Distribution Service 3.0
RP875: 4/15/2011 8:19:28 AM - System Checkpoint
RP876: 4/18/2011 8:21:29 AM - System Checkpoint
RP877: 4/20/2011 7:20:36 AM - System Checkpoint
RP878: 4/20/2011 3:07:59 PM - Restore Operation
RP879: 4/22/2011 11:06:10 AM - System Checkpoint
RP880: 4/25/2011 8:23:01 AM - System Checkpoint
RP881: 4/27/2011 7:21:03 AM - System Checkpoint
RP882: 5/2/2011 8:31:36 AM - System Checkpoint
RP883: 5/2/2011 2:30:50 PM - Installed Linksys Wireless-G PCI Adapter
RP884: 5/2/2011 2:37:11 PM - Unsigned driver install
RP885: 5/4/2011 7:05:20 AM - Removed Linksys Wireless-G PCI Adapter
RP886: 5/4/2011 7:54:51 AM - Unsigned driver install
RP887: 5/4/2011 8:54:34 AM - Update to an unsigned driver
RP888: 5/4/2011 9:43:01 AM - Installed Linksys Wireless-G PCI Adapter
RP889: 5/4/2011 10:37:24 AM - Removed Linksys Wireless-G PCI Adapter
RP890: 5/4/2011 12:08:12 PM - Unsigned driver install
RP891: 5/6/2011 8:15:40 AM - System Checkpoint
RP892: 5/9/2011 8:18:06 AM - System Checkpoint
RP893: 5/9/2011 6:21:43 PM - Printer Driver Amyuni Document Converter 400 Installed
RP894: 5/9/2011 7:01:29 PM - Software Distribution Service 3.0
RP895: 5/11/2011 7:40:30 AM - System Checkpoint
RP896: 5/13/2011 10:58:20 AM - System Checkpoint
RP897: 5/13/2011 11:20:39 AM - Removed AVG Free 9.0
RP898: 5/13/2011 11:22:02 AM - Installed AVG Free 9.0
RP899: 5/13/2011 4:40:48 PM - Installed Windows Resource Kit Tools - SubInAcl.exe
.
==== Installed Programs ======================
.
7-Zip 4.65
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 7.0.9
Amazon MP3 Downloader 1.0.3
AOL Coach Version 1.0(Build:20040229.1 en)
AOL Uninstaller (Choose which Products to Remove)
AOLIcon
AVG Anti-Rootkit Free
Brother BRAdmin Professiona 2.68
Brother HL-2140
Brother MFL-Pro Suite
CCleaner
Compatibility Pack for the 2007 Office system
Conexant D850 56K V.9x DFVc Modem
Corel WordPerfect Suite 8
Cox Online Support Controls
Critical Update for Windows Media Player 11 (KB959772)
Dell CinePlayer
Dell Digital Jukebox Driver
Dell Driver Reset Tool
Dell Support 3.2
Dell System Restore
Digital Content Portal
Digital Line Detect
EASEUS Partition Master 6.1.1 Home Edition
ELIcon
eMusic Download Manager 3.0
Full Tilt Poker
Google Earth
Google Update Helper
Google Updater
High Definition Audio Driver Package - KB835221
Homestead SiteBuilder
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB896256)
Hotfix for Windows XP (KB906569)
Hotfix for Windows XP (KB908673)
Hotfix for Windows XP (KB926239)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
Intel(R) Graphics Media Accelerator Driver
Intel(R) PRO Network Connections Drivers
Intel(R) PROSet for Wired Connections
J2SE Runtime Environment 5.0 Update 10
J2SE Runtime Environment 5.0 Update 11
J2SE Runtime Environment 5.0 Update 6
Java Auto Updater
Java(TM) 6 Update 2
Java(TM) 6 Update 22
Java(TM) 6 Update 3
Java(TM) 6 Update 5
Java(TM) 6 Update 7
Java(TM) SE Runtime Environment 6 Update 1
Learn2 Player (Uninstall Only)
Malwarebytes' Anti-Malware
MCU
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Office 2003 Primary Interop Assemblies
Microsoft Office Professional Edition 2003
Microsoft Plus! Digital Media Edition Installer
Microsoft Plus! Photo Story 2 LE
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual Studio 2005 Tools for Office Runtime
Microsoft Works
Modem Helper
Move Media Player
MSN
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
MSXML 6 Service Pack 2 (KB973686)
Musicmatch® Jukebox
NetWaiting
Norton AntiVirus
Octoshape add-in for Adobe Flash Player
PaperPort
PBSW 2.4 Update
PBSW2 DEMO version 2.4
Qualxserve Service Agreement
QuickBooks
QuickBooks Pro 2008
QuickBooks Pro 2010
QuickTime
RealPlayer Basic
SearchAssist
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899588)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB908531)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB916281)
Security Update for Windows XP (KB917159)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB918899)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920214)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921503)
Security Update for Windows XP (KB921883)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB922760)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923694)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925454)
Security Update for Windows XP (KB925486)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928090)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB929123)
Security Update for Windows XP (KB929969)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB931768)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB932168)
Security Update for Windows XP (KB933566)
Security Update for Windows XP (KB933729)
Security Update for Windows XP (KB935839)
Security Update for Windows XP (KB935840)
Security Update for Windows XP (KB936021)
Security Update for Windows XP (KB937143)
Security Update for Windows XP (KB938127)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB938829)
Security Update for Windows XP (KB939653)
Security Update for Windows XP (KB941202)
Security Update for Windows XP (KB941568)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB941644)
Security Update for Windows XP (KB941693)
Security Update for Windows XP (KB942615)
Security Update for Windows XP (KB943055)
Security Update for Windows XP (KB943460)
Security Update for Windows XP (KB943485)
Security Update for Windows XP (KB944338)
Security Update for Windows XP (KB944533)
Security Update for Windows XP (KB944653)
Security Update for Windows XP (KB945553)
Security Update for Windows XP (KB946026)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB947864)
Security Update for Windows XP (KB948590)
Security Update for Windows XP (KB948881)
Security Update for Windows XP (KB950749)
Security Update for Windows XP (KB950759)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953838)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956390)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958215)
Security Update for Windows XP (KB958470)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960714)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB963027)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969897)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972260)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB976325)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Skype Toolbars
SkypeMate
Skype™ 4.2
Sonic Activation Module
Spybot - Search & Destroy
SpywareBlaster 4.4
SupportSoft Assisted Service
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB975364)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows XP (KB894391)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB910437)
Update for Windows XP (KB911280)
Update for Windows XP (KB912945)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB925720)
Update for Windows XP (KB927891)
Update for Windows XP (KB929338)
Update for Windows XP (KB930916)
Update for Windows XP (KB931836)
Update for Windows XP (KB932823-v3)
Update for Windows XP (KB933360)
Update for Windows XP (KB936357)
Update for Windows XP (KB938828)
Update for Windows XP (KB942763)
Update for Windows XP (KB942840)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
URL Assistant
Viewpoint Media Player
Virtools 3D Life Player
WavePad Sound Editor
WebFldrs XP
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Imaging Component
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Media Player 10
Windows Media Player 11
Windows Resource Kit Tools - SubInAcl.exe
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB889673
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
WinZip
.
==== Event Viewer Messages From Past Week ========
.
5/9/2011 7:47:03 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Beep
5/9/2011 3:47:20 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD AvgLdx86 AvgMfx86 AvgTdiX Beep Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss Tcpip
5/9/2011 3:47:20 PM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.
5/9/2011 3:47:20 PM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
5/9/2011 3:47:20 PM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
5/9/2011 3:47:20 PM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
5/9/2011 3:47:11 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
5/9/2011 3:46:43 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
5/9/2011 3:46:39 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
5/6/2011 7:51:38 AM, error: Dhcp [1001] - Your computer was not assigned an address from the network (by the DHCP Server) for the Network Card with network address 00226BA5DF7E. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.
5/11/2011 5:05:12 PM, error: MRxSmb [8003] - The master browser has received a server announcement from the computer CYNTHIAS-MAC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{B7C51510-3DFE-4. The master browser is stopping or an election is being forced.
5/11/2011 2:10:16 PM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume2'. It has stopped monitoring the volume.
5/11/2011 12:30:42 PM, error: Tcpip [4199] - The system detected an address conflict for IP address 192.168.1.100 with the system having network hardware address 00:23:6C:7F:89:F6. Network operations on this system may be disrupted as a result.
.
==== End Of File ===========================

All help greatly appreciated!
 
Welcome to TechSpot! I'll hep pin down the problem. "Access is denied" may be a permission issue.

You are running 2 antivirus programs:
McAfee and Norton. Please remove one of them. Here are tools to help:
McAfee Removal
Norton Removal Tool
Multiple AV programs actually makes the system more vulnerable, not less.
Please reboot the computer when finished.

Go ahead and do that while I check the rest of the logs.
Please do not use any other cleaning programs or scans while I'm helping you, unless I direct you to. Do not use a Registry cleaner or make any changes in the Registry.
 
Thanks for the quick reply!

Interesting... I thought I'd deleted McAfee Long ago. It is absent from Control Panel/Add-Remove Programs.

When I tried to run MCPR.exe I got this error: "unable to write to c:\documents&settings\all users\application data/mcafee/spamkiller/mskdetct.data" and then MCPR hung up at "Removing product MSKCU.
 
Okay, you need to do more housekeeping. It's possible that the install showing as SearchAssist is malware, but I don't have enough information yet to determine that.
=======================================
About Java: Most of the Java updates are for security purposes. So it's important that you get the, And it is also very important that you uninstall the earlier version because that is a vulnerability to the system. You have 9 versions of Java on the system. And you have gotten one of them v6u22 three times. Java doesn't overwrite the old version when it updates, so you need to go into Add/Remove Programs to uninstall it.

But you have so many versions, you will need to run the following to remove all of them. Then you can click on the link and get the latest version v6u24. Note: I do not want the log from this.

Please download JavaRa and unzip it to your desktop.

Important!***Please close any instances of Internet Explorer before continuing!***
  • Double-click on JavaRa.exe to start the program.
  • From the drop-down menu, choose English and click on Select.
  • JavaRa will open; click on Remove Older Versions to remove the older versions of Java installed on your computer.
  • Click Yes when prompted. When JavaRa is done, a notice will appear that
    a logfile has been produced. Click OK.
  • A logfile will pop up. Please save it to a convenient location.

Then download and install then most current version and update of Java Runtime
Environment (JRE) HERE.
=====================================
About the Adobe Reader The current version is v10(X). You have v7. It's the same story as Java, but there is only one entry for you to remove in Add/Remove Programs after you update:
Visit this Adobe Reader site Uninstall any earlier updates as they are vulnerabilities.
================================
According to these Restore Points: You removed AVG 9, then installed it! Of course this doesn't make much sense, but I do see the uninstaller and we will remove that.
RP897: 5/13/2011 11:20:39 AM - Removed AVG Free 9.0
RP898: 5/13/2011 11:22:02 AM - Installed AVG Free 9.0
================================
When you have finished the housekeeping, please go ahead and run the following:
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESETOnlineScan
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    [o] Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    [o] Double click on the
    esetSmartInstallDesktopIcon.png
    on your desktop.
  • Check 'Yes I accept terms of use.'
  • Click Start button
  • Accept any security warnings from your browser.
    esetonlinescannersettings_thumb.jpg
  • Uncheck 'Remove found threats'
  • Check 'Scan archives/
  • Leave remaining settings as is.
  • Press the Start button.
  • ESET will then download updates for itself, install itself, and begin scanning your computer>>>>> Please wait for the scan to finish.
  • When the scan completes, press List of found threats
  • Push Export of text file and save the file to your desktop using a unique name, such as ESETScan. Paste this log in your next reply.
  • Push the Back button
  • Push Finish
NOTE: If no malware is found then no log will be produced. Let me know if this is the case.
===========================================
Download Combofix from HERE or HEREhttp://www.forospyware.com/sUBs/ComboFix.exe and save to the desktop
  • Double click combofix.exe & follow the prompts.
  • ComboFix will check to see if the Microsoft Windows Recovery Console is installed. It is recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode if needed.
    **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
  • Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:
    whatnext.png
  • .Click on Yes, to continue scanning for malware
  • .If Combofix asks you to update the program, allow
  • .Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  • .Close any open browsers.
  • .Double click combofix.exe
    cf-icon.jpg
    & follow the prompts to run.
  • When the scan completes , a report will be generated-it will open a text window. Please paste the C:\ComboFix.txt in next reply..
Re-enable your Antivirus software.
Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser.
3. Combofix prevents autorun of ALL CD, floppy and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell your helper.
4. CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.
===================================
I didn't see any entries for McAfee in the processes, but it is showing in the DDS header. There may be Registry entries for it and I'll have you remove those after you run Combofix.
 
OK... I got rid of Mcafee (I think!)

here are newest DDS files:

.
DDS (Ver_11-03-05.01) - NTFSx86
Run by Stephen H. Blum at 18:46:37.39 on Fri 05/13/2011
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.2550.1942 [GMT -5:00]
.
AV: Norton AntiVirus *Enabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Google\Update\1.3.21.53\GoogleCrashHandler.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton AntiVirus\Engine\18.6.0.29\ccSvcHst.exe
C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Brother\ControlCenter2\brctrcen.exe
C:\Program Files\Brownie\BrstsWnd.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Norton AntiVirus\Engine\18.6.0.29\ccSvcHst.exe
C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
C:\Program Files\Brownie\brpjp04a.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\TempDL\Spyware_Removal\dds.scr
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uDefault_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=5060926
uInternet Connection Wizard,ShellNext = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=5060926
uSearchAssistant = hxxp://www.google.com
mSearchAssistant = hxxp://www.google.com
BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No File
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton antivirus\engine\18.6.0.29\ips\IPSBHO.DLL
BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
mRun: [igfxtray] c:\windows\system32\igfxtray.exe
mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe
mRun: [igfxpers] c:\windows\system32\igfxpers.exe
mRun: [SigmatelSysTrayApp] stsystra.exe
mRun: [ControlCenter2.0] c:\program files\brother\controlcenter2\brctrcen.exe /autorun
mRun: [BrStsWnd] c:\program files\brownie\BrstsWnd.exe Autorun
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [Intuit SyncManager] c:\program files\common files\intuit\sync\IntuitSyncManager.exe startup
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [MSKDetectorExe] "c:\program files\mcafee\spamkiller\MSKDetct.exe" /uninstall
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\quickb~1.lnk - c:\program files\common files\intuit\quickbooks\qbupdate\qbupdate.exe
IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office11\EXCEL.EXE/3000
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mi1933~1\office11\REFIEBAR.DLL
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
Trusted Zone: phantombidder.com\www
Trusted Zone: musicmatch.com\online
DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
DPF: {01113300-3E00-11D2-8470-0060089874ED} - hxxp://support.cox.com/sdccommon/download/tgctlcm.cab
DPF: {33704B0F-9EB7-434B-B752-EA6CFFB87423} - hxxp://westarfalconcam1.viewnetcam.com/JpegInst.cab
DPF: {5AA5A569-F96F-4628-A528-8B3698F558BB} - hxxp://install.homestead.com/~site/InstallFiles/SIFiles/lpxlive/HS_live.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1160592171781
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} - hxxp://www.crucial.com/controls/cpcScanner.cab
DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} - hxxp://office.microsoft.com/officeupdate/content/opuc4.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: intu-help-qb3 - {c5e479ea-0a65-4b05-8c6c-2fc8cc682eb4} - c:\program files\intuit\quickbooks 2010\HelpAsyncPluggableProtocol.dll
Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - c:\windows\system32\mscoree.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: igfxcui - igfxdev.dll
AppInit_DLLs: cru629.dat
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
Hosts: 127.0.0.1 www.spywareinfo.com
.
============= SERVICES / DRIVERS ===============
.
R0 AVG Anti-Rootkit;AVG Anti-Rootkit;c:\windows\system32\drivers\avgarkt.sys [2007-1-31 5632]
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\nav\1206000.01d\symds.sys [2011-5-13 340088]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\nav\1206000.01d\symefa.sys [2011-5-13 744568]
R1 AvgArCln;Avg Anti-Rootkit Clean Driver;c:\windows\system32\drivers\AvgArCln.sys [2009-8-28 3968]
R1 BHDrvx86;BHDrvx86;c:\documents and settings\all users\application

data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nav_18.5.0.125\definitions\bashdefs\20110430.001\BHDrvx86.sys [2011-5-13 802936]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\nav\1206000.01d\ironx86.sys [2011-5-13 136312]
R2 NAV;Norton AntiVirus;c:\program files\norton antivirus\engine\18.6.0.29\ccsvchst.exe [2011-5-13 130008]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2011-5-13 105592]
R3 IDSxpx86;IDSxpx86;c:\documents and settings\all users\application

data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nav_18.5.0.125\definitions\ipsdefs\20110512.001\IDSXpx86.sys [2011-5-13 341944]
R3 NAVENG;NAVENG;c:\documents and settings\all users\application

data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nav_18.5.0.125\definitions\virusdefs\20110513.002\naveng.sys [2011-5-13 86136]
R3 NAVEX15;NAVEX15;c:\documents and settings\all users\application

data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nav_18.5.0.125\definitions\virusdefs\20110513.002\navex15.sys [2011-5-13 1393144]
S2 gupdate1ca1a069b09d31e;Google Update Service (gupdate1ca1a069b09d31e);c:\program files\google\update\GoogleUpdate.exe [2009-8-10 133104]
S3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2010-8-13 13192]
S3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2010-8-13 8456]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2009-8-10 133104]
S3 QuickBooksDB20;QuickBooksDB20;c:\progra~1\intuit\quickb~2\qbdbmgrn.exe -hvquickbooksdb20 --> c:\progra~1\intuit\quickb~2\QBDBMgrN.exe -hvQuickBooksDB20

[?]
.
=============== Created Last 30 ================
.
2011-05-13 23:12:31 -------- d-----w- c:\docume~1\stephe~1.blu\locals~1\applic~1\NPE
2011-05-13 21:40:49 -------- d-----w- c:\program files\Windows Resource Kits
2011-05-13 17:07:00 60872 ----a-w- c:\windows\system32\S32EVNT1.DLL
2011-05-13 17:07:00 126584 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2011-05-13 17:07:00 -------- d-----w- c:\program files\Symantec
2011-05-13 17:07:00 -------- d-----w- c:\program files\common files\Symantec Shared
2011-05-13 17:06:52 369784 ----a-w- c:\windows\system32\drivers\nav\1206000.01d\symtdi.sys
2011-05-13 17:06:52 331384 ----a-w- c:\windows\system32\drivers\nav\1206000.01d\symtdiv.sys
2011-05-13 17:06:51 744568 ----a-w- c:\windows\system32\drivers\nav\1206000.01d\symefa.sys
2011-05-13 17:06:51 516216 ----a-w- c:\windows\system32\drivers\nav\1206000.01d\srtsp.sys
2011-05-13 17:06:51 50168 ----a-w- c:\windows\system32\drivers\nav\1206000.01d\srtspx.sys
2011-05-13 17:06:51 340088 ----a-w- c:\windows\system32\drivers\nav\1206000.01d\symds.sys
2011-05-13 17:06:51 296568 ----a-w- c:\windows\system32\drivers\nav\1206000.01d\symnets.sys
2011-05-13 17:06:51 136312 ----a-r- c:\windows\system32\drivers\nav\1206000.01d\ironx86.sys
2011-05-13 17:06:23 -------- d-----w- c:\windows\system32\drivers\nav\1206000.01D
2011-05-13 17:05:37 -------- d-----w- c:\windows\system32\drivers\NAV
2011-05-13 17:05:34 -------- d-----w- c:\program files\Norton AntiVirus
2011-05-13 16:31:47 -------- d-----w- c:\docume~1\alluse~1\applic~1\Norton
2011-05-13 16:24:24 -------- d-----w- c:\program files\NortonInstaller
2011-05-13 16:24:24 -------- d-----w- c:\docume~1\alluse~1\applic~1\NortonInstaller
2011-05-11 19:20:46 -------- d-----w- c:\program files\Spybot - Search & Destroy
2011-05-11 19:20:46 -------- d-----w- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
2011-05-06 12:56:04 -------- d-----w- c:\docume~1\alluse~1\applic~1\MFAData
2011-04-20 20:13:59 -------- d-----w- c:\windows\system32\wbem\repository\FS
2011-04-20 20:13:59 -------- d-----w- c:\windows\system32\wbem\Repository
.
==================== Find3M ====================
.
2011-04-01 17:37:50 50 ----a-w- C:\QB_C_M.bat
2011-04-01 17:35:01 75 ----a-w- C:\QB_SB_OFFICE.bat
.
============= FINISH: 18:48:11.79 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_11-03-05.01)
.
Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume2
Install Date: 10/9/2006 5:26:20 PM
System Uptime: 5/13/2011 6:42:06 PM (0 hours ago)
.
Motherboard: Dell Inc. | | 0HJ054
Processor: Intel(R) Pentium(R) 4 CPU 3.00GHz | Microprocessor | 2992/800mhz
Processor: Intel(R) Pentium(R) 4 CPU 3.00GHz | Microprocessor | 2992/800mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 71 GiB total, 49.077 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Intel(R) PRO/100 VE Network Connection
Device ID: PCI\VEN_8086&DEV_27DC&SUBSYS_01AB1028&REV_01\4&5855BE9&0&40F0
Manufacturer: Intel
Name: Intel(R) PRO/100 VE Network Connection
PNP Device ID: PCI\VEN_8086&DEV_27DC&SUBSYS_01AB1028&REV_01\4&5855BE9&0&40F0
Service: E100B
.
==== System Restore Points ===================
.
RP847: 2/14/2011 8:41:20 AM - System Checkpoint
RP848: 2/16/2011 7:37:20 AM - System Checkpoint
RP849: 2/18/2011 8:06:12 AM - System Checkpoint
RP850: 2/21/2011 8:37:01 AM - System Checkpoint
RP851: 2/23/2011 7:37:28 AM - System Checkpoint
RP852: 2/25/2011 8:34:14 AM - System Checkpoint
RP853: 2/28/2011 8:22:42 AM - System Checkpoint
RP854: 3/2/2011 7:36:39 AM - System Checkpoint
RP855: 3/2/2011 5:10:58 PM - Software Distribution Service 3.0
RP856: 3/4/2011 8:25:53 AM - System Checkpoint
RP857: 3/7/2011 8:21:08 AM - System Checkpoint
RP858: 3/9/2011 7:21:41 AM - System Checkpoint
RP859: 3/9/2011 8:01:15 AM - Software Distribution Service 3.0
RP860: 3/11/2011 8:15:41 AM - System Checkpoint
RP861: 3/14/2011 8:16:45 AM - System Checkpoint
RP862: 3/16/2011 7:22:10 AM - System Checkpoint
RP863: 3/16/2011 11:12:30 AM - Avg Update
RP864: 3/16/2011 11:12:58 AM - Avg Update
RP865: 3/18/2011 8:21:16 AM - System Checkpoint
RP866: 3/28/2011 8:26:44 AM - System Checkpoint
RP867: 3/28/2011 11:17:57 AM - Printer Driver Amyuni Document Converter 400 Installed
RP868: 3/30/2011 7:25:53 AM - System Checkpoint
RP869: 4/1/2011 8:24:31 AM - System Checkpoint
RP870: 4/4/2011 8:32:21 AM - System Checkpoint
RP871: 4/6/2011 7:44:05 AM - System Checkpoint
RP872: 4/8/2011 8:23:07 AM - System Checkpoint
RP873: 4/13/2011 7:21:24 AM - System Checkpoint
RP874: 4/13/2011 5:18:03 PM - Software Distribution Service 3.0
RP875: 4/15/2011 8:19:28 AM - System Checkpoint
RP876: 4/18/2011 8:21:29 AM - System Checkpoint
RP877: 4/20/2011 7:20:36 AM - System Checkpoint
RP878: 4/20/2011 3:07:59 PM - Restore Operation
RP879: 4/22/2011 11:06:10 AM - System Checkpoint
RP880: 4/25/2011 8:23:01 AM - System Checkpoint
RP881: 4/27/2011 7:21:03 AM - System Checkpoint
RP882: 5/2/2011 8:31:36 AM - System Checkpoint
RP883: 5/2/2011 2:30:50 PM - Installed Linksys Wireless-G PCI Adapter
RP884: 5/2/2011 2:37:11 PM - Unsigned driver install
RP885: 5/4/2011 7:05:20 AM - Removed Linksys Wireless-G PCI Adapter
RP886: 5/4/2011 7:54:51 AM - Unsigned driver install
RP887: 5/4/2011 8:54:34 AM - Update to an unsigned driver
RP888: 5/4/2011 9:43:01 AM - Installed Linksys Wireless-G PCI Adapter
RP889: 5/4/2011 10:37:24 AM - Removed Linksys Wireless-G PCI Adapter
RP890: 5/4/2011 12:08:12 PM - Unsigned driver install
RP891: 5/6/2011 8:15:40 AM - System Checkpoint
RP892: 5/9/2011 8:18:06 AM - System Checkpoint
RP893: 5/9/2011 6:21:43 PM - Printer Driver Amyuni Document Converter 400 Installed
RP894: 5/9/2011 7:01:29 PM - Software Distribution Service 3.0
RP895: 5/11/2011 7:40:30 AM - System Checkpoint
RP896: 5/13/2011 10:58:20 AM - System Checkpoint
RP897: 5/13/2011 11:20:39 AM - Removed AVG Free 9.0
RP898: 5/13/2011 11:22:02 AM - Installed AVG Free 9.0
RP899: 5/13/2011 4:40:48 PM - Installed Windows Resource Kit Tools - SubInAcl.exe
.
==== Installed Programs ======================
.
7-Zip 4.65
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 7.0.9
Amazon MP3 Downloader 1.0.3
AOL Coach Version 1.0(Build:20040229.1 en)
AOL Uninstaller (Choose which Products to Remove)
AOLIcon
AVG Anti-Rootkit Free
Brother BRAdmin Professiona 2.68
Brother HL-2140
Brother MFL-Pro Suite
CCleaner
Compatibility Pack for the 2007 Office system
Conexant D850 56K V.9x DFVc Modem
Corel WordPerfect Suite 8
Cox Online Support Controls
Critical Update for Windows Media Player 11 (KB959772)
Dell CinePlayer
Dell Digital Jukebox Driver
Dell Driver Reset Tool
Dell Support 3.2
Dell System Restore
Digital Content Portal
Digital Line Detect
EASEUS Partition Master 6.1.1 Home Edition
ELIcon
eMusic Download Manager 3.0
Full Tilt Poker
Google Earth
Google Update Helper
Google Updater
High Definition Audio Driver Package - KB835221
Homestead SiteBuilder
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB896256)
Hotfix for Windows XP (KB906569)
Hotfix for Windows XP (KB908673)
Hotfix for Windows XP (KB926239)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
Intel(R) Graphics Media Accelerator Driver
Intel(R) PRO Network Connections Drivers
Intel(R) PROSet for Wired Connections
J2SE Runtime Environment 5.0 Update 10
J2SE Runtime Environment 5.0 Update 11
J2SE Runtime Environment 5.0 Update 6
Java Auto Updater
Java(TM) 6 Update 2
Java(TM) 6 Update 22
Java(TM) 6 Update 3
Java(TM) 6 Update 5
Java(TM) 6 Update 7
Java(TM) SE Runtime Environment 6 Update 1
Learn2 Player (Uninstall Only)
Malwarebytes' Anti-Malware
MCU
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Office 2003 Primary Interop Assemblies
Microsoft Office Professional Edition 2003
Microsoft Plus! Digital Media Edition Installer
Microsoft Plus! Photo Story 2 LE
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual Studio 2005 Tools for Office Runtime
Microsoft Works
Modem Helper
Move Media Player
MSN
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
MSXML 6 Service Pack 2 (KB973686)
Musicmatch® Jukebox
NetWaiting
Norton AntiVirus
Octoshape add-in for Adobe Flash Player
PaperPort
PBSW 2.4 Update
PBSW2 DEMO version 2.4
Qualxserve Service Agreement
QuickBooks
QuickBooks Pro 2008
QuickBooks Pro 2010
QuickTime
RealPlayer Basic
SearchAssist
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899588)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB908531)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB916281)
Security Update for Windows XP (KB917159)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB918899)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920214)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921503)
Security Update for Windows XP (KB921883)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB922760)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923694)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925454)
Security Update for Windows XP (KB925486)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928090)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB929123)
Security Update for Windows XP (KB929969)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB931768)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB932168)
Security Update for Windows XP (KB933566)
Security Update for Windows XP (KB933729)
Security Update for Windows XP (KB935839)
Security Update for Windows XP (KB935840)
Security Update for Windows XP (KB936021)
Security Update for Windows XP (KB937143)
Security Update for Windows XP (KB938127)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB938829)
Security Update for Windows XP (KB939653)
Security Update for Windows XP (KB941202)
Security Update for Windows XP (KB941568)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB941644)
Security Update for Windows XP (KB941693)
Security Update for Windows XP (KB942615)
Security Update for Windows XP (KB943055)
Security Update for Windows XP (KB943460)
Security Update for Windows XP (KB943485)
Security Update for Windows XP (KB944338)
Security Update for Windows XP (KB944533)
Security Update for Windows XP (KB944653)
Security Update for Windows XP (KB945553)
Security Update for Windows XP (KB946026)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB947864)
Security Update for Windows XP (KB948590)
Security Update for Windows XP (KB948881)
Security Update for Windows XP (KB950749)
Security Update for Windows XP (KB950759)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953838)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956390)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958215)
Security Update for Windows XP (KB958470)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960714)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB963027)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969897)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972260)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB976325)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Skype Toolbars
SkypeMate
Skype™ 4.2
Sonic Activation Module
Spybot - Search & Destroy
SpywareBlaster 4.4
SupportSoft Assisted Service
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB975364)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows XP (KB894391)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB910437)
Update for Windows XP (KB911280)
Update for Windows XP (KB912945)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB925720)
Update for Windows XP (KB927891)
Update for Windows XP (KB929338)
Update for Windows XP (KB930916)
Update for Windows XP (KB931836)
Update for Windows XP (KB932823-v3)
Update for Windows XP (KB933360)
Update for Windows XP (KB936357)
Update for Windows XP (KB938828)
Update for Windows XP (KB942763)
Update for Windows XP (KB942840)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
URL Assistant
Viewpoint Media Player
Virtools 3D Life Player
WavePad Sound Editor
WebFldrs XP
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Imaging Component
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Media Player 10
Windows Media Player 11
Windows Resource Kit Tools - SubInAcl.exe
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB889673
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
WinZip
.
==== Event Viewer Messages From Past Week ========
.
5/9/2011 3:57:15 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Beep
5/9/2011 3:54:55 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
5/9/2011 3:54:12 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
5/9/2011 3:47:20 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD AvgLdx86 AvgMfx86 AvgTdiX Beep Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss Tcpip
5/9/2011 3:47:20 PM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.
5/9/2011 3:47:20 PM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
5/9/2011 3:47:20 PM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
5/9/2011 3:47:20 PM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
5/9/2011 3:46:39 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
5/6/2011 7:51:38 AM, error: Dhcp [1001] - Your computer was not assigned an address from the network (by the DHCP Server) for the Network Card with network address 00226BA5DF7E. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.
5/13/2011 6:34:41 PM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000243' while processing the file 'SMR162.SYS' on the volume 'HarddiskVolume2'. It has stopped monitoring the volume.
5/13/2011 5:38:23 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the QBCFMonitorService service to connect.
5/11/2011 5:05:12 PM, error: MRxSmb [8003] - The master browser has received a server announcement from the computer CYNTHIAS-MAC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{B7C51510-3DFE-4. The master browser is stopping or an election is being forced.
5/11/2011 2:10:16 PM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume2'. It has stopped monitoring the volume.
5/11/2011 12:30:42 PM, error: Tcpip [4199] - The system detected an address conflict for IP address 192.168.1.100 with the system having network hardware address 00:23:6C:7F:89:F6. Network operations on this system may be disrupted as a result.
.
==== End Of File ===========================

I really appreciate your taking the time to help!
 
Bobbye - I will be back at my office cpu tomorrow, and will proceed as you have advised then.

Steve
 
Bobbye- Here is log from ESET

C:\Program Files\Common Files\AOL\Backup\ACS\Current\US\acssetup.exe probably a variant of Win32/StartPage.HSZAKFT trojan

Should I still run ComboFix now?
 
ComboFix Log:

ComboFix 11-05-15.04 - Stephen H. Blum 05/16/2011 12:16:20.1.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.2550.1860 [GMT -5:00]
Running from: c:\documents and settings\Stephen H. Blum\Desktop\ComboFix.exe
AV: Norton AntiVirus *Disabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Stephen H. Blum\Application Data\.#
c:\documents and settings\Stephen H. Blum\Local Settings\Application Data\{4F94B971-56FB-4A27-BC49-096BCDBB7811}
c:\documents and settings\Stephen H. Blum\Local Settings\Application Data\{4F94B971-56FB-4A27-BC49-096BCDBB7811}\chrome.manifest
c:\documents and settings\Stephen H. Blum\Local Settings\Application Data\{4F94B971-56FB-4A27-BC49-096BCDBB7811}\chrome\content\_cfg.js
c:\documents and settings\Stephen H. Blum\Local Settings\Application Data\{4F94B971-56FB-4A27-BC49-096BCDBB7811}\chrome\content\overlay.xul
c:\documents and settings\Stephen H. Blum\Local Settings\Application Data\{4F94B971-56FB-4A27-BC49-096BCDBB7811}\install.rdf
c:\windows\Downloaded Program Files\Install.inf
c:\windows\system32\bszip.dll
.
.
((((((((((((((((((((((((( Files Created from 2011-04-16 to 2011-05-16 )))))))))))))))))))))))))))))))
.
.
2011-05-16 13:42 . 2011-05-16 13:42 -------- d-----w- c:\program files\ESET
2011-05-16 13:31 . 2011-05-16 13:32 -------- d-----w- c:\program files\Common Files\Adobe
2011-05-16 13:22 . 2011-05-16 13:22 -------- d-----w- c:\program files\Common Files\Adobe AIR
2011-05-13 23:12 . 2011-05-13 23:15 -------- d-----w- c:\documents and settings\Stephen H. Blum\Local Settings\Application Data\NPE
2011-05-13 21:40 . 2011-05-13 21:40 -------- d-----w- c:\program files\Windows Resource Kits
2011-05-13 17:07 . 2011-05-13 17:10 -------- d-----w- c:\program files\Common Files\Symantec Shared
2011-05-13 17:07 . 2011-05-13 17:07 60872 ----a-w- c:\windows\system32\S32EVNT1.DLL
2011-05-13 17:07 . 2011-05-13 17:07 126584 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2011-05-13 17:07 . 2011-05-13 17:07 -------- d-----w- c:\program files\Symantec
2011-05-13 17:05 . 2011-05-13 17:07 -------- d-----w- c:\windows\system32\drivers\NAV
2011-05-13 17:05 . 2011-05-13 23:11 -------- d-----w- c:\program files\Norton AntiVirus
2011-05-13 17:05 . 2011-05-13 17:05 -------- d-----w- c:\program files\Windows Sidebar
2011-05-13 16:31 . 2011-05-13 23:12 -------- d-----w- c:\documents and settings\All Users\Application Data\Norton
2011-05-13 16:24 . 2011-05-13 22:37 -------- d-----w- c:\program files\NortonInstaller
2011-05-11 19:20 . 2011-05-13 22:59 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2011-05-11 19:20 . 2011-05-13 15:15 -------- d-----w- c:\program files\Spybot - Search & Destroy
2011-05-09 23:30 . 2011-05-09 23:30 -------- d-----w- c:\documents and settings\QBDataServiceUser20
2011-05-09 20:47 . 2011-05-09 20:47 -------- d-sh--w- c:\documents and settings\Administrator\IETldCache
2011-05-06 12:56 . 2011-05-06 12:56 -------- d-----w- c:\documents and settings\All Users\Application Data\MFAData
2011-05-02 19:39 . 2011-05-02 19:39 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2011-04-20 20:13 . 2011-04-20 20:13 -------- d-----w- c:\windows\system32\wbem\Repository
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-04-01 17:37 . 2011-03-07 17:25 50 ----a-w- C:\QB_C_M.bat
2011-04-01 17:35 . 2011-04-01 17:32 75 ----a-w- C:\QB_SB_OFFICE.bat
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-10-14 94208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-10-14 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-10-14 114688]
"SigmatelSysTrayApp"="stsystra.exe" [2006-02-10 282624]
"ControlCenter2.0"="c:\program files\Brother\ControlCenter2\brctrcen.exe" [2005-11-12 995328]
"BrStsWnd"="c:\program files\Brownie\BrstsWnd.exe" [2008-09-18 880640]
"Intuit SyncManager"="c:\program files\Common Files\Intuit\Sync\IntuitSyncManager.exe" [2010-10-19 1439496]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2006-09-26 98304]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2011-01-30 35736]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-10 932288]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
QuickBooks Update Agent.lnk - c:\program files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe [2011-4-5 1149440]
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Digital Line Detect.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk
backup=c:\windows\pss\Digital Line Detect.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^QuickBooks Update Agent.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk
backup=c:\windows\pss\QuickBooks Update Agent.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupport]
2006-07-17 02:29 389120 ----a-w- c:\program files\Dell Support\DSAgnt.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DMXLauncher]
2006-05-03 09:12 98304 ----a-w- c:\program files\Dell\Media Experience\DMXLauncher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndexSearch]
2005-03-17 19:45 40960 ----a-w- c:\program files\ScanSoft\PaperPort\IndexSearch.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Intuit SyncManager]
2010-10-19 10:58 1439496 ----a-w- c:\program files\Common Files\Intuit\Sync\IntuitSyncManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
2005-06-10 15:44 249856 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
2005-06-10 15:44 81920 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\issch.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MimBoot]
2005-09-09 00:20 8192 ----a-w- c:\progra~1\MUSICM~1\MUSICM~3\mimboot.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MMTray]
2005-09-09 00:20 110592 ----a-w- c:\progra~1\MUSICM~1\MUSICM~3\mm_tray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PaperPort PTD]
2005-03-17 19:25 57393 ----a-w- c:\program files\ScanSoft\PaperPort\pptd40nt.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2006-09-26 20:08 98304 ----a-w- c:\program files\QuickTime\qttask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray]
2006-09-26 20:08 26112 ----a-w- c:\program files\Real\RealPlayer\realplay.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
2003-10-14 15:22 155648 ----a-r- c:\program files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WMPNetworkSvc"=3 (0x3)
"AOL ACS"=2 (0x2)
"gusvc"=2 (0x2)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\America Online 9.0\\waol.exe"=
"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"=
"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"=
.
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NAV\1206000.01D\symds.sys [5/13/2011 12:06 PM 340088]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NAV\1206000.01D\symefa.sys [5/13/2011 12:06 PM 744568]
R1 BHDrvx86;BHDrvx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.5.0.125\Definitions\BASHDefs\20110430.001\BHDrvx86.sys [5/13/2011 1:08 PM 802936]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NAV\1206000.01D\ironx86.sys [5/13/2011 12:06 PM 136312]
R2 NAV;Norton AntiVirus;c:\program files\Norton AntiVirus\Engine\18.6.0.29\ccsvchst.exe [5/13/2011 12:06 PM 130008]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [5/13/2011 12:42 PM 105592]
R3 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.5.0.125\Definitions\IPSDefs\20110513.001\IDSXpx86.sys [5/16/2011 9:29 AM 341944]
S2 gupdate1ca1a069b09d31e;Google Update Service (gupdate1ca1a069b09d31e);c:\program files\Google\Update\GoogleUpdate.exe [8/10/2009 5:04 PM 133104]
S3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [8/13/2010 12:17 PM 13192]
S3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [8/13/2010 12:17 PM 8456]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [8/10/2009 5:04 PM 133104]
S3 QuickBooksDB20;QuickBooksDB20;c:\progra~1\Intuit\QUICKB~2\QBDBMgrN.exe -hvQuickBooksDB20 --> c:\progra~1\Intuit\QUICKB~2\QBDBMgrN.exe -hvQuickBooksDB20 [?]
.
Contents of the 'Scheduled Tasks' folder
.
2011-05-16 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-05-27 22:03]
.
2011-05-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-08-10 22:04]
.
2011-05-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-08-10 22:04]
.
2006-10-16 c:\windows\Tasks\ISP signup reminder 1.job
- c:\windows\system32\OOBE\oobebaln.exe [2004-08-10 10:00]
.
2011-05-13 c:\windows\Tasks\Office_SHB.job
- C:\Office_SHB.bat [2006-10-16 18:07]
.
2010-11-10 c:\windows\Tasks\wavepadShakeIcon.job
- c:\program files\NCH Swift Sound\WavePad\wavepad.exe [2010-11-03 22:04]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uInternet Connection Wizard,ShellNext = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=5060926
uSearchAssistant = hxxp://www.google.com
IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
Trusted Zone: phantombidder.com\www
Trusted Zone: musicmatch.com\online
Handler: intu-help-qb3 - {c5e479ea-0a65-4b05-8c6c-2fc8cc682eb4} - c:\program files\Intuit\QuickBooks 2010\HelpAsyncPluggableProtocol.dll
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
.
- - - - ORPHANS REMOVED - - - -
.
MSConfigStartUp-Google Desktop Search - c:\program files\Google\Google Desktop Search\GoogleDesktop.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-05-16 12:22
Windows 5.1.2600 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\NAV]
"ImagePath"="\"c:\program files\Norton AntiVirus\Engine\18.6.0.29\ccSvcHst.exe\" /s \"NAV\" /m \"c:\program files\Norton AntiVirus\Engine\18.6.0.29\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10p_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10p_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Completion time: 2011-05-16 12:26:16
ComboFix-quarantined-files.txt 2011-05-16 17:25
.
Pre-Run: 52,380,229,632 bytes free
Post-Run: 52,410,159,104 bytes free
.
WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
.
Current=3 Default=3 Failed=1 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - 04453749EA1BE97219083AAB7A028C7E
 
Bobbye......
Just FWIW; Spywareblaster and Spybot S&D now update w/o problems, Malwarebytes though still generates the Access is Denied error when updating.
 
Uninstalled old AOL program and files, which got rid of file specified in Eset.
Re-Ran Eset which generated the following:

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP907\A0096550.exe probably a variant of Win32/StartPage.HSZAKFT trojan

All help greatly appreciated.
 
Sorry for delay- personal business.

Remove the entry from Eset below:
Please download OTMovit by Old Timer and save to your desktop.
  • Double-click OTMoveIt3.exe to run it. (Vista users, please right click on OTMoveit3.exe and select "Run as an Administrator")
  • Copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
    Code: 
    :Files 
C:\Program Files\Common Files\AOL\Backup\ACS\Current\US\acssetup.exe

:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]
  • Return to OTMoveIt3, right click in the "Paste Instructions for Items to be Moved" window and choose Paste.
  • Click the red Moveit! button.
  • A log of files and folders moved will be created in the c:\_OTMoveIt\MovedFiles folder in the form of Date and Time (mmddyyyy_hhmmss.log). Please open this log in Notepad and post its contents in your next reply.
  • Close OTMoveIt3
If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.
===================================================
Combofix looks good. But you have so many unnecessary processes starting on boot- so if 'speed' is an issue. Many of these are auto-updates which contact the internet several times each day, every day, looking for update that may either not come or com only every few months.

You can use the msconfig utility to uncheck every thing on the Startup Menu except:
Antivirus
Firewall if you use 3rd party FW like Comodo or Zone Alarm
Touchpad if on laptop
Network processes if using Pure Networks or Cisco.
Nothing else needs to start on boot and run n the background.
========================================
And you have tasks scheduled that can all be stopped:

1. c:\windows\Tasks\ISP signup reminder 1> c:\windows\system32\OOBE\oobebaln.exe> oobebaln.exe is Windows Out Of the Box Experience Balloon Reminder preloaded in 2004.
2. c:\program files\NCH Swift Sound\WavePad\wavepad.exe> 2010.
=========================================
I am uncertain about the Mbam problem. You say both that you can't run it and that it's clean. So which is it? If you can't run it, proceed to the following:
Please uninstall Malwarebytes' Anti-Malware currently on your system. Use Windows Explorer to delete it's Program file. Reboot the computer.: Download Malwarebtes again and save to the desktop. Do not run yet:
malwarebytesgc8.png

Malwarebytes' Anti-Malware
  1. Please download Malwarebytes' Anti-Malware from from HERE
    **************************Save to desktop. Do not run yet.************************
  2. Double-click mbam-setup.exe and follow the prompts to install the program.
  3. At the end, be sure a checkmark is placed next to
    [o] Update Malwarebytes' Anti-Malware
    [o] and Launch Malwarebytes' Anti-Malware
  4. then click Finish.
  5. If an update is found, it will download and install the latest version.
  6. Once the program has loaded, select Perform Quick scan, then click Scan.
    * When the scan is complete, click OK, then Show Results to view the results.
  7. Be sure that everything is checked, and click Remove Selected.
  8. When completed, a log will open in Notepad. please attach this log with your reply
    [o] If you accidentally close it, the log file is saved here and will be named like this:
    [o] C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
========================
Please download randmbam.exe

It will try to create random names and shortcuts for Malwarebytes Anti Malware(MBAM) if you have it installed already.

Once done, try running a scan again
 
Eset entry is in the restore points. It is not active in system. I will have you drop old retore points when clean and set new clean one when we're finished.
 
Thanks for the reply...

1. I've already removed "C:\Program Files\Common Files\AOL\Backup\ACS\Current\US\acssetup.exe" When I uninstalled all of AOL. Do you still want me to run OTMoveit?

2. Malwarebytes runs w/o any problems. No infected files detected at this point. I get an error message when I update saying "access is denied," but the update loads anyway.

3. I will try to clean up my startup clutter. I never knew what I could delete. Thanks for the suggestions.
4. How do I stop the scheduled tasks that you mentioned?
 
OTMoveit and Mbam Logs

OTMoveit Log

All processes killed
========== FILES ==========
File/Folder C:\Program Files\Common Files\AOL\Backup\ACS\Current\US\acssetup.exe not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
->Flash cache emptied: 56507 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: Owner
->Temp folder emptied: 0 bytes

User: QBDataServiceUser20
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 41 bytes

User: Stephen H. Blum
->Temp folder emptied: 3250562 bytes
->Temporary Internet Files folder emptied: 15534512 bytes
->Java cache emptied: 67403164 bytes
->Flash cache emptied: 3773065 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 2577 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 17048 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 34318 bytes
RecycleBin emptied: 11647889 bytes

Total Files Cleaned = 97.00 mb


OTM by OldTimer - Version 3.1.17.2 log created on 05182011_162658

Files moved on Reboot...
File move failed. C:\WINDOWS\temp\Perflib_Perfdata_61c.dat scheduled to be moved on reboot.

Registry entries deleted on Reboot...



Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 6612

Windows 5.1.2600 Service Pack 2
Internet Explorer 8.0.6001.18702

5/18/2011 5:47:58 PM
mbam-log-2011-05-18 (17-47-58).txt

Scan type: Quick scan
Objects scanned: 159134
Time elapsed: 2 minute(s), 38 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Mbam now updates without any error messages!
 
However, when cleaning up with msconfig, I get the following error:

An access denied error was returned while attempting to change a service. You may need to log on using an administrator account to make the specified change.

I am logged on as Admin, and despite that message, the changes I make are effected.
 
I am logged on as Admin, and despite that message, the changes I make are effected.
Click to expand...

*The complete statement of the “Access Denied” error will state: "An access denied error was returned while attempting to change a service you may need to log on using an administrator account to make the specified changes." This Windows error may occur even if you are logged into an administrative account, or if you have only one account on the PC.
Click to expand...

If the changes you made worked and stayed as you set them, don't worry about it. If it happened to just one program or one Service and you couldn't make the change, then you would have to take ownership of the file.
==================================================
Scheduled Tasks
Most of these found are usually auto-updates scheduled for programs that do not need them. They will make numerous internet connections every day, looking for updates that you can find manually. You want to keep these connection attempts as few as possible and then only if needed for the system. The only[/b[ auto-update I get is for the AV program.

Opening scheduled tasks to modify or delete them:

Access Scheduled Tasks with Click on Start> All Programs> Accessories> System Tools> Scheduled Tasks.
To change the settings for a task: right-click the Task> click Properties> do any of the following:
  1. To change the schedule for the task, click the Schedule tab.
  2. To customize the settings for the task, such as the maximum run time, idle time requirements, and power management options, click the Settings tab.
  3. To delete a task> right-click the task> click Delete.
  4. To prevent a task from running until you want to let it run again> right-click the task> Properties> On the General tab> clear the Enabled check box. Select the check box again to enable the task when you are ready to let the task scheduler run it again.

Maintenance Scheduled Tasks such as defrag are in a separate category.
 
Thanks for all your help.

I think I still need to remove one restore point where "HSZAKFT trojan" was found.
 
You're welcome. You will be dropping that restore point as part of the cleanup below:

Removing all of the tools we used and the files and folders they created
  • Uninstall ComboFix and all Backups of the files it deleted
  • Click START> then RUN
  • Now type Combofix /Uninstall in the runbox and click OK. Note the space between the X and the U, it needs to be there.
    CF_Uninstall-1.jpg
  • Download OTCleanIt by OldTimer and save it to your Desktop.
  • Double click OTCleanIt.exe.
  • Click the CleanUp! button.
  • If you are prompted to Reboot during the cleanup, select Yes.
  • The tool will delete itself once it finishes.
Note: If you receive a warning from your firewall or other security programs regarding OTC attempting to contact the internet, please allow it to do so.

Note: If any tool, file or folder (belonging to the program we have used) hasn't been deleted, please delete it manually.

  • You should now set a new Restore Point and remove the old restore points to prevent infection from any previous Restore Points.
  • Go to Start > All Programs > Accessories > System Tools
  • Click "System Restore".
  • Choose "Create a Restore Point" on the first screen then click "Next".
  • Give the Restore Point a name> click "Create".
  • Go back and follow the path to > System Tools.
    [*]Choose Disc Cleanup
    [*]Click "OK" to select the partition or drive you want.
    [*]Click the "More Options" Tab.
    [*]Click "Clean Up" in the System Restore section to remove all previous Restore Points except the newly created one.


Empty the Recycle Bin

Let me know if you have any more questions.
 
Bobbye; - I know there is a no-brainer answer for this question.... but why delete the tools you provided... why not keep them for possible use later on?

Steve
 
Steve, the version of the programs for these scans are not meant to be 'resident.' They were tools to scan and clean the system. Some of them will have paid versions that you can purchase and set up on the system.

It would serve no purpose for you to run DDS or GMER because each has to be reviewed and 'handled.

We don't advocate anyone running Combofix without supervision. Other tools we may have use such as scans for rootkits are specific to use when appropriate.

You can download and run a free Mbam scan if you want. But the free one won't update on the system nor later on if you attempt to update it.

The Eset scan is still on the system under Manage Add ons.

Others have asked this same question. My experience has been twofold:
1. Running random scans and cleaning programs usually results in additional problems.
2. Running a scan-such as Mbam, even if it finds and removes malware, does not mean all the malware has been found- or removed.
=======================================
Here are some suggestions that you can download, which will help keep the system clean- and they are all free!
Tips for added security and safer browsing: (Links are in Bold Blue)
  1. Browser Security
    [o] Safe Settings (Please ignore the suggestion to use the Registry Editior in this section "Creating a Custom Security Zone")
    [o] ZonedOut. This manages the Zones in Internet Explorer. (For IE7 and IE8, Windows 2000 thru Vista. No Windows 7)
    [o] Replace the Host Files
    [o] Google Toolbar Pop Up Blocker
    [o]Web of Trust (WOT) Site Advisor. Traffic-light rating symbols show which rate the site for Trustworthiness, Vendor Reliability, Privacy, Child Safety.
  2. Have layered Security:
    [o]Antivirus :(only one):Both of the following programs are free and known to be good:
    [o]Avira-AntiVir-Personal-Free-Antivirus
    [o] [o]Avast-Free Antivirus
    [o]Firewall (only one): Use bi-directional firewall. Both of the following programs are free and known to be good:
    [o]Comodo
    [o]Zone Alarm
  3. Antimalware: I recommend all of the following:
    [o]Spywareblaster: SpywareBlaster protects against bad ActiveX.
    [o]Spybot Search & Destroy
  4. Updates: Stay current:
    [o] the Microsoft Download Sitefrequently. All updates marked Critical and the current SP updates.
    [o]Adobe Reader Install current, uninstall old.
    [o]Java Updates Install current, uninstall old.
  5. Tracking Cookies
    Reset Cookie:
    [o]For Internet Explorer: Internet Options (through Tools or Control Panel) Privacy tab> Advanced button> check 'override automatic Cookie handling'> check 'accept first party Cookies'> check 'Block third party Cookies'> check 'allow per session Cookies'> Apply> OK.
    [o]For Firefox: Tools> Options> Privacy> Cookies> check ‘accept Cookies from Sites’> Uncheck 'accept third party Cookies'> Set Keep until 'they expire'. This will allow you to keep Cookies for registered sites and prevent or remove others. (Note: for Firefox v3.5, after Privacy click on 'use custom settings for History.')
    I suggest using the following two add-on for Firefox. They will prevent the Tracking Cookies that come from ads and banners and other sources:
    AdBlock Plus
    Easy List
    [o]For Chrome: Tools> Options> Under The Hood> Privacy Section> CHECK 'Restrict how third party Cookies can be used'> Close.
  6. Do regular Maintenance
    [o] Temporary File Cleaner
  7. Restore Points:
    [o]See System Restore Guide
  8. Safe Email Handling
    [o] Don't open email from anyone you don't know.
    [o] Don't open Attachments in the email. Safe to your desktop and scan for viruses using a right click
    [o] Don't leave your personal email address on the internet. Have a separate email account at one of the free web-based emails like Yahoo.
Please let me know if you find any bad link.

(The 'real' reason, of course, that we have the programs removed is because if everyone used them and knew how to handle the log entries, I'd be out of my volunteer job!);)
 
Status
Not open for further replies.

Similar threads

uber_beetle
Infected with fake ad pop-ups - posting FRST and Addition
Replies
12
Views
845
uber_beetle
uber_beetle
wshknwntlprtmn
  • Locked
Inactive Not sure what's going on here....
Replies
12
Views
2K
Broni
Broni
D
Windows 11 23H2 update is affecting gaming performance, but Microsoft says there's a workaround
2
Replies
31
Views
1K
scavengerspc
scavengerspc

Latest posts

Back