Solved Spam emails sent fr my AOL acct originating fr Yahoo

Status
Not open for further replies.

seeknpeace

Posts: 17   +0
I am having a really hard time with repeated spam emails being sent to my AOL address book looking as if I sent them. First go round, I found them in my outgoing box also, as I had auto add turned on in my aol sw. Turned that off and blocked all email addys and ip addys in the details of the emails sent. That stopped. They started again and this time none were showing in my sent box, but I am copied in the sends as well. So, I get the emails too from myself, to myself. In the details yahoo accounts are mostly what are showing before the diversion to my aol acct. I have run all the virus software I can find, Malware, Pest patrol, Adaware, Registry Repair, etc. I cannot stop it. I am stumped to the point of closing my AOL acct and I have so much business and bills etc tied to this acct it is a nightmare. I have had this screen name since 1996. Where do I turn? AOL does not give a crap. Is there a place that I can turn that prosecutes these ppl?
 
AOL and Yahoo are both web-based emails. So they can be hacked from the internet. It is very difficult to track down this type of hack because it can be perpetuated from outside your computer by a mass mailing bot who sends mail to everyone in an address book. If you happen to be in someone else's address book, that's all it takes to get the mass mail going.

If you would like us to check the system for malware, please follow the steps in the Preliminary Virus and Malware Removal thread HERE.

When you have finished, leave the logs for review in your next reply .
NOTE: Logs must be pasted in the replies. Attached logs will not be reviewed.

Please do not use any other cleaning programs or scans while I'm helping you, unless I direct you to. Do not use a Registry cleaner or make any changes in the Registry.
 
Ty so much and yes I do want your help. I need to get to my system I am on my iPad at the moment so I will be back ib a bit to start the process. I have had one person jump me about it and I told him that I feel strongly it is not in my computer but happening fr somewhere else.
 
Had unexpected guests all day and I am worn out but I am looking forward to dealing with this with you tomorrow. This has been awful. One thing is there a charge and if so, how much? Thank you so much.
 
Hey,

I am a little bit confused. I recognize that once I started, this will take a minute and I will have to do it when I have more than I have right now. However, when I was doing the first part, the posts below it confused me. Do I skip the parts that are noted to skip?? I did the virus scan, and the temp folder removal and the malware scar, and was getting ready to do the emerg thingy but then I started reading below and it got crazy. Do I send the info to you in a reply, or a new post or etc etc, and do I skip number four...started hyperventilatng..hahaha...I run the malware sw all the time, none of that on here,and anti virus, none of that, and do maintenance emptying temps all the time,but I used your dl to do it. So, do I read ahead and follow suit or do the 8 step and put it all in a reply? Help me Jesus, Lord...my head is spinning....for reals.
 
You're making something easy confusing. Just follow the directions, paste the log in next reply. The rest is up to me! You keep all logs, questions and scans for this problem together in this thread!

I need to see the results of the scans so you paste in the logs from Malwarebytes, GMER and DDS (2 logs for DDS). If you need more than 1 post to paste the logs, that's okay. Just keep it all together here.
 
logs

Ok, here they are:

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 6056

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.19019

3/14/2011 4:11:28 PM
mbam-log-2011-03-14 (16-11-28).txt

Scan type: Quick scan
Objects scanned: 156756
Time elapsed: 7 minute(s), 5 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


GMER 1.0.15.15530 - http://www.gmer.net
Rootkit quick scan 2011-03-14 23:07:57
Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-1 WDC_WD2500BJKT-00F4T0 rev.11.01A11
Running: gmer.exe; Driver: C:\Users\JansWiFi\AppData\Local\Temp\kxlirkoc.sys


---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \Driver\tdx \Device\Ip SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\tdx \Device\Tcp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\tdx \Device\Udp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\tdx \Device\RawIp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)

---- EOF - GMER 1.0.15 ----


.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_11-03-05.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 8/28/2009 5:48:40 AM
System Uptime: 3/14/2011 11:20:14 PM (0 hours ago)
.
Motherboard: Sony Corporation | | VAIO
Processor: Intel(R) Core(TM)2 Duo CPU T7100 @ 1.80GHz | N/A | 1801/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 225 GiB total, 120.564 GiB free.
D: is FIXED (NTFS) - 1 GiB total, 0.76 GiB free.
E: is Removable
F: is Removable
G: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Intel(R) Wireless WiFi Link 4965AGN
Device ID: PCI\VEN_8086&DEV_4229&SUBSYS_11008086&REV_61\4&25FA882E&0&00E0
Manufacturer: Intel Corporation
Name: Intel(R) Wireless WiFi Link 4965AGN
PNP Device ID: PCI\VEN_8086&DEV_4229&SUBSYS_11008086&REV_61\4&25FA882E&0&00E0
Service: NETw5v32
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Realtek PCIe FE Family Controller
Device ID: PCI\VEN_10EC&DEV_8136&SUBSYS_9015104D&REV_01\4&44ADF12&0&00E2
Manufacturer: Realtek
Name: Realtek PCIe FE Family Controller
PNP Device ID: PCI\VEN_10EC&DEV_8136&SUBSYS_9015104D&REV_01\4&44ADF12&0&00E2
Service: RTL8169
.
==== System Restore Points ===================
.
RP832: 3/3/2011 3:49:24 PM - Windows Update
RP833: 3/4/2011 12:03:00 AM - Windows Modules Installer
RP834: 3/4/2011 12:19:05 AM - Installed Licensing Service Install
RP835: 3/4/2011 1:44:40 AM - Windows Update
RP836: 3/4/2011 12:52:57 PM - Windows Update
RP837: 3/4/2011 2:02:07 PM - Installed Licensing Service Install
RP838: 3/5/2011 1:17:27 PM - Device Driver Package Install: Cisco Systems, Inc. Network Protocol
RP839: 3/5/2011 1:18:18 PM - Device Driver Package Install: Cisco Systems, Inc. Network Protocol
RP840: 3/6/2011 7:56:59 PM - Scheduled Checkpoint
RP841: 3/7/2011 6:58:25 PM - Scheduled Checkpoint
RP842: 3/7/2011 7:42:24 PM - Device Driver Package Install: Apple, Inc. Universal Serial Bus controllers
RP843: 3/8/2011 12:43:15 PM - Windows Update
RP844: 3/9/2011 3:00:13 AM - Windows Update
RP845: 3/10/2011 9:52:00 AM - Scheduled Checkpoint
RP846: 3/10/2011 2:36:37 PM - Installed Licensing Service Install
RP847: 3/11/2011 11:36:00 AM - Windows Update
RP848: 3/11/2011 11:15:51 PM - Norton 360 Registry Clean
RP849: 3/14/2011 6:10:43 PM - Scheduled Checkpoint
.
==== Installed Programs ======================
.
.
µTorrent
Activation Assistant for the 2007 Microsoft Office suites
Ad-Aware
Adobe AIR
Adobe Download Manager
Adobe Flash Player 10 ActiveX
Adobe Reader X (10.0.1)
AOL Uninstaller (Choose which Products to Remove)
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Battery Care Function
BirdChannel-SS7
Bonjour
Cisco Network Magic
Click to DVD 2.0.05 Menu Data
Click to DVD 2.6.00
Color Efex Pro 3.0 Corel Sampler
Corel MediaOne
Corel Paint Shop Pro Photo X2
Corel Paint Shop Pro Photo XI
Corel Painter Photo Essentials 4
D3DX10
DAO 3.5
DisplayLink Core Software
Download Updater (AOL LLC)
DSD Direct
DSD Playback Plug-in
DVD Shrink 3.2
eFilm Workstation
EPSON Printer Software
ESET Online Scanner v3
Fanbase
Free Mp3 Wma Converter V 1.81
FreeRIP v3.5
Google Earth
Google Update Helper
Grab & Burn, Version 4.0.1 ( Build 2005-09-21, Win32, CSS )
Grouper Screen Saver 1.0
HDAUDIO SoftV92 Data Fax Modem with SmartCP
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Image Converter 3
ImageSkill Background Remover 3
InstallIQ Updater
Instant Mode
Intel(R) Graphics Media Accelerator Driver
InterVideo Register Manager
iTunes
Java Auto Updater
Java(TM) 6 Update 22
Java(TM) SE Runtime Environment 6
Junk Mail filter update
LocationFree Player
Malwarebytes' Anti-Malware
McAfee Security Scan Plus
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Excel MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office Live Add-in 1.5
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server 2005 Express Edition
Microsoft SQL Server 2005 Express Edition (SQLEXPRESS)
Microsoft SQL Server 2005 Express Edition (SQLEXPRESSEFILM)
Microsoft SQL Server 2005 Express Edition (VAIO_VEDB)
Microsoft SQL Server 2005 Tools Express Edition
Microsoft SQL Server Native Client
Microsoft SQL Server Setup Support Files (English)
Microsoft SQL Server VSS Writer
Microsoft VC9 runtime libraries
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Works
MSVCRT
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
Network Magic
Norton 360
Norton PC Checkup
OGA Notifier 2.0.0048.0
OpenMG Limited Patch 4.7-07-13-24-01
OpenMG Secure Module 4.7.00
PHOTORECOVERY LE
Pure Networks Platform
QuickBooks Product Listing Service
Quicken Home & Business 2000
QuickTime
Realtek High Definition Audio Driver
Registry Repair Pro
Roxio Easy Media Creator Home
RTC Client API v1.2
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2289158)
Security Update for 2007 Microsoft Office System (KB2344875)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft Office Excel 2007 (KB2345035)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office PowerPoint Viewer (KB2413381)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Segoe UI
Setting Utility Series
Simple Start Entice
Smilebox
SonicStage 4.3
SonicStage Mastering Studio
SonicStage Mastering Studio Audio Filter
SonicStage Mastering Studio Audio Filter Custom Preset
SonicStage Mastering Studio Plugins
Sony Download Taxi 1.5.0.0
Sony Utilities DLL
SONY VGP-UPR1 (Display Adapter)
SONY VGP-UPR1 (Display Adapter) Utility
Sony Video Shared Library
SSA Benefit Calculator
SupportSoft Assisted Service
Synaptics Pointing Device Driver
TomTom HOME 2.7.6.2056
TomTom HOME Visual Studio Merge Modules
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Vaio Application Uninstaller
VAIO AV Mode Launcher
VAIO Azure Float Wallpaper
VAIO Camera Capture Utility
VAIO Camera Utility
VAIO Care
VAIO Care Update
VAIO Center Access Bar
VAIO Central
VAIO Content Importer VAIO Content Exporter
VAIO Content Importer / VAIO Content Exporter
VAIO Database Converter 1.0
VAIO Database Converter Ver 1.0
VAIO Entertainment Center
VAIO Entertainment Platform
VAIO Event Service
VAIO Floral Dusk Wallpaper
VAIO Help And Support
VAIO Media
VAIO Media 6.0
VAIO Media AC3 Decoder 1.0
VAIO Media Content Collection 6.0
VAIO Media Integrated Server 6.2
VAIO Media Redistribution 6.0
VAIO Media Registration Tool
VAIO Media Registration Tool 6.0
VAIO OOBE
VAIO Photo 2007
VAIO Power Management
VAIO Productivity Center
VAIO Security Center
VAIO Service Utility
VAIO Startup Control
VAIO Survey
VAIO Teal Whisper Wallpaper
Viewpoint Media Player
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
WebEx Support Manager for Internet Explorer
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live OneCare safety scanner
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinDVD for VAIO
WinRAR archiver
Wireless Switch Setting Utility
YouTube Downloader 2.7
YouTube Downloader Toolbar v4.1
.
==== Event Viewer Messages From Past Week ========
.
3/9/2011 11:29:41 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the TrkWks service.
3/7/2011 7:44:26 PM, Error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
3/7/2011 7:42:02 PM, Error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
3/14/2011 4:20:07 PM, Error: BROWSER [8009] - The browser was unable to promote itself to master browser. The computer that currently believes it is the master browser is JANCOMPAQ.
3/14/2011 3:56:36 PM, Error: Service Control Manager [7022] - The KtmRm for Distributed Transaction Coordinator service hung on starting.
3/14/2011 3:43:32 PM, Error: Service Control Manager [7034] - The DisplayLink Service service terminated unexpectedly. It has done this 1 time(s).
3/14/2011 11:22:18 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Cdr4_xp
3/14/2011 11:22:16 PM, Error: Service Control Manager [7000] - The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
3/14/2011 11:20:38 PM, Error: EventLog [6008] - The previous system shutdown at 11:19:07 PM on 3/14/2011 was unexpected.
3/14/2011 11:14:31 PM, Error: netbt [4321] - The name "MSHOME :1d" could not be registered on the interface with IP address 192.168.1.101. The computer with the IP address 192.168.1.100 did not allow the name to be claimed by this computer.
3/13/2011 5:53:06 PM, Error: Service Control Manager [7022] - The Windows Event Collector service hung on starting.
3/13/2011 5:50:49 PM, Error: Service Control Manager [7022] - The VAIO Care Performance Service service hung on starting.
3/13/2011 5:40:52 PM, Error: netbt [4311] - Initialization failed because the driver device could not be created. Use the string "0013E82E9A1D" to identify the interface for which initialization failed. It represents the MAC address of the failed interface or the Globally Unique Interface Identifier (GUID) if NetBT was unable to map from GUID to MAC address. If neither the MAC address nor the GUID were available, the string represents a cluster device name.
3/11/2011 12:29:15 PM, Error: EventLog [6008] - The previous system shutdown at 12:26:41 PM on 3/11/2011 was unexpected.
3/10/2011 8:14:25 AM, Error: Service Control Manager [7022] - The Windows Font Cache Service service hung on starting.
3/10/2011 8:09:45 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the ProtexisLicensing service to connect.
3/10/2011 8:09:45 AM, Error: Service Control Manager [7000] - The ProtexisLicensing service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
3/10/2011 8:06:32 AM, Error: EventLog [6008] - The previous system shutdown at 8:04:14 AM on 3/10/2011 was unexpected.
3/10/2011 8:01:51 AM, Error: Microsoft-Windows-ResourcePublication [1002] - Element Provider\Microsoft.Base.Publication/Publication/Computer failed to publish. Ensure that both PKEY_PUBSVCS_METADATA and PKEY_PUBSVCS_TYPE are set properly on the function instance and there were no errors adding the function instance.
.
==== End Of File ===========================

.
DDS (Ver_11-03-05.01) - NTFSx86
Run by JansWiFi at 23:44:14.31 on Mon 03/14/2011
Internet Explorer: 8.0.6001.19019
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.2038.322 [GMT -4:00]
.
AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}
AV: Norton 360 *Disabled/Updated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton 360 *Enabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}
FW: Norton 360 *Disabled* {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\DisplayLink Core Software\DisplayLinkService.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe
C:\Program Files\Sony\VAIO Care\VCSpt.exe
C:\Program Files\DisplayLink Core Software\DisplayLinkUI.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\svchost.exe -k apphost
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\system32\atashost.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Merge Healthcare\eFilm\Auditor\efAuditorService.exe
C:\Program Files\Merge Healthcare\eFilm\efPMNT.exe
C:\Program Files\Merge Healthcare\eFilm\efServer.exe
C:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE
C:\Windows\system32\inetsrv\inetinfo.exe
C:\Windows\System32\svchost.exe -k LPDService
c:\Program Files\Microsoft SQL Server\MSSQL.3\MSSQL\Binn\sqlservr.exe
c:\Program Files\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe
C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
C:\Program Files\AOL Desktop 9.6\waol.exe
C:\Program Files\Merge Healthcare\eFilm\efDM.exe
C:\Program Files\Merge Healthcare\eFilm\efDBM.exe
c:\Program Files\Microsoft SQL Server\MSSQL.4\MSSQL\Binn\sqlservr.exe
C:\Program Files\Norton 360\Engine\3.8.0.41\ccSvcHst.exe
C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
C:\Program Files\Norton PC Checkup\Engine\2.0.4.131\SymcPCCULaunchSvc.exe
C:\Program Files\Norton PC Checkup\Engine\2.0.4.131\ccSvcHst.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\PSIService.exe
C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\Windows\System32\tcpsvcs.exe
C:\Windows\System32\snmp.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe
C:\Windows\system32\igfxext.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Windows\system32\svchost.exe -k iissvcs
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Norton PC Checkup\Engine\2.0.4.131\ccSvcHst.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Norton 360\Engine\3.8.0.41\ccSvcHst.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\AOL Desktop 9.6\shellmon.exe
C:\Program Files\Common Files\AOL\1299202552\ee\aolsoftware.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Sony\VAIO Care\VCsystray.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Sony\VAIO Care\VCPerfService.exe
C:\Program Files\Sony\VAIO Care\listener.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\DllHost.exe
C:\Users\JansWiFi\Desktop\dds.scr
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.aol.com
mDefault_Page_URL = hxxp://www.sony.com/vaiopeople
uInternet Settings,ProxyOverride = *.local
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton 360\engine\3.8.0.41\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton 360\engine\3.8.0.41\IPSBHO.DLL
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton 360\engine\3.8.0.41\coIEPlg.dll
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [AOL Fast Start] "c:\program files\aol desktop 9.6\AOL.EXE" -b
mRun: [<NO NAME>]
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
StartupFolder: c:\users\janswifi\appdata\roaming\microsoft\windows\start menu\programs\startup\OneNote Table Of Contents.onetoc2
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office12\EXCEL.EXE/3000
IE: Transfer by Image Converter 3 - c:\program files\sony\image converter 3\menu.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~4\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~4\office12\REFIEBAR.DLL
DPF: {02CF1781-EA91-4FA5-A200-646E8241987C} - hxxp://esupport.sony.com/VaioInfo.CAB
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/en-us/wlscctrl2.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - c:\program files\common files\pure networks shared\platform\puresp4.dll
Handler: symres - {AA1061FE-6C41-421f-9344-69640C9732AB} - c:\program files\norton 360\engine\3.8.0.41\CoIEPlg.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
Notify: igfxcui - igfxdev.dll
Notify: VESWinlogon - VESWinlogon.dll
.
============= SERVICES / DRIVERS ===============
.
R0 dlkmdldr;dlkmdldr;c:\windows\system32\drivers\dlkmdldr.sys [2009-11-8 13424]
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2010-8-15 64288]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\n360\0308000.029\SymEFA.sys [2010-2-2 310320]
R1 BHDrvx86;Symantec Heuristics Driver;c:\windows\system32\drivers\n360\0308000.029\BHDrvx86.sys [2010-2-2 259632]
R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\n360\0308000.029\cchpx86.sys [2010-2-2 482432]
R1 IDSVix86;IDSVix86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\ipsdefs\20110314.001\IDSvix86.sys [2011-3-14 353912]
R2 atashost;WebEx Service Host for Support Center;c:\windows\system32\atashost.exe [2011-1-31 20376]
R2 DisplayLinkService;DisplayLink Service;c:\program files\displaylink core software\DisplayLinkService.exe [2008-8-18 443752]
R2 efAuditorService.exe;eFilm Audit Service;c:\program files\merge healthcare\efilm\auditor\efAuditorService.exe [2009-2-11 24576]
R2 eFilmProcessManagerNT;eFilmProcessManagerNT;c:\program files\merge healthcare\efilm\efPMNT.exe [2009-2-11 20480]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2009-9-4 21504]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2010-9-23 1405384]
R2 mrtRate;mrtRate;c:\windows\system32\drivers\MrtRate.sys [2009-11-10 36404]
R2 MSSQL$SQLEXPRESSEFILM;SQL Server (SQLEXPRESSEFILM);c:\program files\microsoft sql server\mssql.2\mssql\binn\sqlservr.exe [2010-12-10 29293408]
R2 N360;Norton 360;c:\program files\norton 360\engine\3.8.0.41\ccSvcHst.exe [2010-2-2 117640]
R2 Norton PC Checkup Application Launcher;Norton PC Checkup Application Launcher;c:\program files\norton pc checkup\engine\2.0.4.131\SymcPCCULaunchSvc.exe [2010-9-29 120248]
R2 PCCUJobMgr;Common Client Job Manager Service;c:\program files\norton pc checkup\engine\2.0.4.131\ccSvcHst.exe [2010-9-29 126392]
R2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-1-3 11032]
R2 TomTomHOMEService;TomTomHOMEService;c:\program files\tomtom home 2\TomTomHOMEService.exe [2010-8-24 92008]
R2 VCFw;VAIO Content Folder Watcher;c:\program files\common files\sony shared\vaio content folder watcher\VCFw.exe [2009-3-5 5189992]
R2 VisualizationServicesRemotingService;Visualization Services Remoting Service;c:\program files\merge healthcare\efilm\visualization services\MergeeFilm.VisualizationServices.Remoting.WindowsServices.exe [2009-2-11 20480]
R3 dlkmd;dlkmd;c:\windows\system32\drivers\dlkmd.sys [2009-11-8 287856]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2011-1-13 102448]
R3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\lavasoft\ad-aware\kernexplorer.sys [2010-9-23 15232]
R3 R5U870FLx86;R5U870 UVC Lower Filter ;c:\windows\system32\drivers\R5U870FLx86.sys [2007-5-3 73472]
R3 R5U870FUx86;R5U870 UVC Upper Filter ;c:\windows\system32\drivers\R5U870FUx86.sys [2007-5-3 43904]
R3 SonyImgF;Sony Image Conversion Filter Driver;c:\windows\system32\drivers\SonyImgF.sys [2007-5-3 31104]
R3 SYMNDISV;Symantec Network Filter Driver;c:\windows\system32\drivers\n360\0308000.029\symndisv.sys [2010-2-2 48688]
R3 ti21sony;ti21sony;c:\windows\system32\drivers\ti21sony.sys [2007-4-23 812544]
RUnknown SampleCollector;SampleCollector; [x]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-4-21 136176]
S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2010-10-20 39272]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-9-23 1493352]
S3 ICScsiSV;Image Converter SCSI Service;c:\program files\sony\image converter 3\ICScsiSV.exe [2009-8-28 75952]
S3 IcVzMonLauncher;IcVzMonLauncher;c:\program files\sony\image converter 3\IcVzMonLauncher.exe [2009-8-28 67760]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\2.0.181\McCHSvc.exe [2010-1-15 227232]
S3 MSSQL$VAIO_VEDB;SQL Server (VAIO_VEDB);c:\program files\microsoft sql server\mssql.1\mssql\binn\sqlservr.exe [2010-12-10 29293408]
S3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\NETw5v32.sys [2009-11-9 4232704]
S3 nosGetPlusHelper;getPlus(R) Helper 3004;c:\windows\system32\svchost.exe -k nosGetPlusHelper [2009-9-4 21504]
S3 slsService;slsService;c:\program files\merge healthcare\efilm\slsService.exe [2008-10-28 70656]
S3 VAIOMediaPlatform-UCLS-AppServer;VAIO Media Content Collection;c:\program files\sony\vaio media integrated server\UCLS.exe [2009-8-28 745472]
S3 VAIOMediaPlatform-UCLS-HTTP;VAIO Media Content Collection (HTTP);c:\program files\sony\vaio media integrated server\platform\SV_Httpd.exe [2009-8-28 397312]
S3 VAIOMediaPlatform-UCLS-UPnP;VAIO Media Content Collection (UPnP);c:\program files\sony\vaio media integrated server\platform\UPnPFramework.exe [2009-8-28 1089536]
S3 WMSvc;Web Management Service;c:\windows\system32\inetsrv\WMSvc.exe [2009-9-4 11264]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2011-03-14 15:05:59 -------- d-----w- c:\program files\iPod
2011-03-14 15:05:11 -------- d-----w- c:\program files\iTunes
2011-03-14 04:05:32 -------- d-----w- c:\users\janswifi\appdata\roaming\com.atlanticrecords.Fanbase.A6C8DD5DA30F5C18C5C42884996720F649F6ED37.1
2011-03-13 04:30:47 -------- d-----w- c:\program files\ESET
2011-03-11 16:41:40 5943120 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\{0ebb36d8-414c-4f05-8174-d089aa2b23b5}\mpengine.dll
2011-03-10 13:18:47 -------- d-----w- c:\windows\system32\Adobe
2011-03-10 13:15:26 -------- d-----w- c:\program files\Fanbase
2011-03-09 01:11:19 429056 ----a-w- c:\windows\system32\EncDec.dll
2011-03-09 01:11:18 322560 ----a-w- c:\windows\system32\sbe.dll
2011-03-09 01:11:18 177664 ----a-w- c:\windows\system32\mpg2splt.ax
2011-03-09 01:11:18 153088 ----a-w- c:\windows\system32\sbeio.dll
2011-03-09 01:11:12 677888 ----a-w- c:\windows\system32\mstsc.exe
2011-03-09 01:11:12 2067968 ----a-w- c:\windows\system32\mstscax.dll
2011-03-08 00:40:40 -------- d-----w- c:\program files\Bonjour
2011-03-05 18:20:49 -------- d-----w- c:\program files\Pure Networks
2011-03-05 18:18:17 26672 ----a-w- c:\windows\system32\drivers\pnarp.sys
2011-03-05 18:17:21 27696 ----a-w- c:\windows\system32\drivers\purendis.sys
2011-03-05 18:17:16 -------- d-----w- c:\program files\common files\Pure Networks Shared
2011-03-05 18:16:58 -------- d-----w- c:\progra~2\Pure Networks
2011-03-04 23:37:40 -------- d-----w- c:\users\janswifi\appdata\local\Smilebox
2011-03-04 23:37:09 -------- d-----w- c:\users\janswifi\appdata\roaming\Smilebox
2011-03-04 19:08:27 -------- d-----w- c:\program files\VAIO Startup
2011-03-04 14:38:00 88576 ----a-w- c:\windows\system32\tlntsess.exe
2011-03-04 14:38:00 71168 ----a-w- c:\windows\system32\telnet.exe
2011-03-04 05:05:33 -------- d-----w- c:\windows\system32\0409
2011-03-04 05:05:25 -------- d-----w- c:\windows\system32\inetsrv
2011-03-04 05:05:20 -------- d-----w- C:\inetpub
2011-03-04 01:38:43 58696 ----a-w- c:\windows\system32\AOLParconLink.exe
2011-03-04 01:35:42 -------- d-----w- c:\program files\common files\AOL
2011-03-04 01:35:41 -------- d-----w- c:\program files\common files\aolshare
2011-03-04 01:35:41 -------- d-----w- c:\program files\AOL Desktop 9.6
2011-03-01 17:34:53 5943120 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\backup\mpengine.dll
2011-03-01 17:34:35 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-02-25 14:42:24 -------- d-----w- C:\unused AOLs to get off desktop
2011-02-24 21:58:02 128104 ----a-r- c:\windows\system32\drivers\WimFltr.sys
.
==================== Find3M ====================
.
2011-03-15 03:20:54 264 ----a-w- c:\windows\system32\winsusrm.dll
2011-03-05 18:20:06 8892928 ----a-w- c:\progra~2\atscie.msi
2011-03-04 23:33:09 5954 ----a-w- c:\windows\system32\KGyGaAvL.sys
2011-03-04 23:19:02 952 --sha-w- c:\progra~2\KGyGaAvL.sys
2011-01-20 16:08:16 478720 ----a-w- c:\windows\system32\dxgi.dll
2011-01-20 16:08:06 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
2011-01-20 16:08:06 189952 ----a-w- c:\windows\system32\d3d10core.dll
2011-01-20 16:08:06 160768 ----a-w- c:\windows\system32\d3d10_1.dll
2011-01-20 16:08:06 1029120 ----a-w- c:\windows\system32\d3d10.dll
2011-01-20 16:07:58 37376 ----a-w- c:\windows\system32\cdd.dll
2011-01-20 16:07:42 258048 ----a-w- c:\windows\system32\winspool.drv
2011-01-20 16:07:16 586240 ----a-w- c:\windows\system32\stobject.dll
2011-01-20 16:06:38 2873344 ----a-w- c:\windows\system32\mf.dll
2011-01-20 16:06:35 26112 ----a-w- c:\windows\system32\printfilterpipelineprxy.dll
2011-01-20 16:04:54 98816 ----a-w- c:\windows\system32\mfps.dll
2011-01-20 16:04:54 209920 ----a-w- c:\windows\system32\mfplat.dll
2011-01-20 14:28:38 1554432 ----a-w- c:\windows\system32\xpsservices.dll
2011-01-20 14:27:50 876032 ----a-w- c:\windows\system32\XpsPrint.dll
2011-01-20 14:26:30 667648 ----a-w- c:\windows\system32\printfilterpipelinesvc.exe
2011-01-20 14:25:25 847360 ----a-w- c:\windows\system32\OpcServices.dll
2011-01-20 14:24:32 288768 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-01-20 14:24:26 135680 ----a-w- c:\windows\system32\XpsRasterService.dll
2011-01-20 14:15:10 979456 ----a-w- c:\windows\system32\MFH264Dec.dll
2011-01-20 14:14:39 357376 ----a-w- c:\windows\system32\MFHEAACdec.dll
2011-01-20 14:14:03 302592 ----a-w- c:\windows\system32\mfmp4src.dll
2011-01-20 14:14:03 261632 ----a-w- c:\windows\system32\mfreadwrite.dll
2011-01-20 14:12:46 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
2011-01-20 14:11:34 486400 ----a-w- c:\windows\system32\d3d10level9.dll
2011-01-20 13:47:51 683008 ----a-w- c:\windows\system32\d2d1.dll
2011-01-20 13:44:05 1068544 ----a-w- c:\windows\system32\DWrite.dll
2011-01-20 13:44:03 797184 ----a-w- c:\windows\system32\FntCache.dll
2011-01-13 11:19:53 499712 ----a-w- c:\windows\system32\msvcp71.dll
2011-01-13 11:19:53 348160 ----a-w- c:\windows\system32\msvcr71.dll
2011-01-08 08:47:50 34304 ----a-w- c:\windows\system32\atmlib.dll
2011-01-08 06:28:49 292352 ----a-w- c:\windows\system32\atmfd.dll
2010-12-31 13:57:01 2039808 ----a-w- c:\windows\system32\win32k.sys
2010-12-28 15:55:03 413696 ----a-w- c:\windows\system32\odbc32.dll
2010-12-18 06:27:04 916480 ----a-w- c:\windows\system32\wininet.dll
2010-12-18 06:22:41 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-12-18 06:22:27 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2010-12-18 06:22:11 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-12-18 06:22:11 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-12-18 05:25:26 385024 ----a-w- c:\windows\system32\html.iec
2010-12-18 04:48:39 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2010-12-18 04:47:11 1638912 ----a-w- c:\windows\system32\mshtml.tlb
.
============= FINISH: 23:45:23.69 ===============
 
EMails are going out as if from me every single day. It is out of control. FYI, I have not been able to use system restore in some time. Nor will my cd player read home made cds, that probably is not related, but thought that I would throw that in just in case.
 
You should not attempt to do a System Restore while I'm helping to clean the system. It could reinfect the system. I'll have you check the status of SR later- it might be turned off. We'll skip the CD problem for now.
==================================================
As for the email problem, I suggest you close the current email account, set up a new email account and generate a new password for it. If it was hacked from the outside, it's not going to get better.
================================================
You have 3 antivirus programs running:
Norton 360 (Norton Removal Tool)
McAfee Security scan. (McAfee Removal)
Lavasoft Ad-Watch Live! Anti-Virus
This makes the system more vulnerable, not less. Please get this down to one AV program. I have left. Reboot the computer when finished
===========================================
Run Eset NOD32 Online AntiVirus scan HEREhttp://www.eset.eu/online-scanner
  1. Tick the box next to YES, I accept the Terms of Use.
  2. Click Start
  3. When asked, allow the Active X control to install
  4. Disable your current Antivirus software. You can usually do this with its Notification Tray icon near the clock.
  5. Click Start
  6. Make sure that the option "Remove found threats" is Unchecked, and the option "Scan unwanted applications" is checked
  7. Click Scan
  8. Wait for the scan to finish
  9. Click on "Copy to Clipboard"> (you won't see the 'clipboard')
  10. Click anywhere in the post where you want the logs to go, the do Ctrl V. The log will be sent from the clipboard and pasted in the post.
  11. Re-enable your Antivirus software.
    NOTE: If you forget to copy to the clipboard you can find the log here:
    C:\Program Files\EsetOnlineScanner\log.txt. Please include this on your post.
==========================================
Download Combofix from HERE or HEREhttp://www.forospyware.com/sUBs/ComboFix.exe
  • Double click combofix.exe & follow the prompts.
  • ComboFix will check to see if the Microsoft Windows Recovery Console is installed. It is recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode if needed.
    **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
  • Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:
    whatnext.png
  • .Click on Yes, to continue scanning for malware
  • .If Combofix asks you to update the program, allow
  • .Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  • .Close any open browsers.
  • .Double click combofix.exe
    cf-icon.jpg
    & follow the prompts to run.
  • When the scan completes , a report will be generated-it will open a text window. Please paste the C:\ComboFix.txt in next reply..
Re-enable your Antivirus software.
Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser.
3. Combofix prevents autorun of ALL CD, floppy and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell your helper.
4. CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.
 
Hi, for what it is worth, my SR will not work, even though it is turned on. It never can finish, says it has some type of error, which it does not specify. As for the AOL account, I have changed the password repeatedly, and the emails are sent out whenever the conputer is off. I think that they are being generated elsewhere and being sent via redirect or diverting. I hesitate on closing the account since it is tied to so many billing accounts and other things, it would cause major issues for me unless I could figure all that out and got to all the accounts in question and change the emails there. I have had the email account over ten years. I have my own email name in my addy book so I get the spam email as well. They all only have one hyperlink in them selling viagra or something like that. Also, they only send them to a couple or three ppl at a time so as not to be flagged as spam. I do think that whether my account is open or not may not matter, but I defer to you to tell me this. It will cause a major problem to close it. I wonder if there is a way to just deactivate it for this period? I hate AOL, they are nonresponsive to issues.
 
I am still waiting to hear fr you...

$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$

I am sorry, I have run the ESET three times. It creates a file in my program files that has a log.txt after I run it but it has nothing there. However, the scan comes back good with no virus' found, it comes back clean. I do not know what else to do. I cannot imagine what I am going wrong. I turn the virus protection, all aspects of it, off, go to your link, click on it, check and uncheck the boxes you specify. After the undated files run, the scan runs. But at the end there is never a copy to clip board anything. Just a finish button and an offer to either buy the sw or sign up for the trial. Then nothing. I have no idea what else to do. However, it shows clean. I humbly await your next steps and I am going to run traces on the ip addys and turn some of these aholes into their providers as well. They have not sent anything from my address in a couple of days. Maybe they have moved on. As I understand it, their whole intention is to make money, and if no one is biting, they do move on.

*******************************************************************************
Still working on the ESET. But, here is the combofix


ComboFix 11-03-16.06 - JansWiFi 03/17/2011 16:55:31.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.2038.829 [GMT -4:00]
Running from: c:\users\JansWiFi\Desktop\ComboFix.exe
AV: Norton 360 *Disabled/Updated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
FW: Norton 360 *Disabled* {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}
SP: Norton 360 *Enabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\birdchannel-ss7\BirdChannel-SS7.exe
c:\programdata\pswi_preloaded.exe
c:\users\JansWiFi\AppData\Local\Temp\c3a0df6204f043d2b503e7f4082b58f6\filesys.dll
c:\users\JansWiFi\AppData\Local\Temp\c3a0df6204f043d2b503e7f4082b58f6\http.dll
c:\users\JansWiFi\videos\AdbeRdr930_en_US.exe
c:\windows\system32\winsusrm.dll
c:\windows\system32\winsusrx.dll
.
.
((((((((((((((((((((((((( Files Created from 2011-02-17 to 2011-03-17 )))))))))))))))))))))))))))))))
.
.
2011-03-17 21:10 . 2011-03-17 21:10 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-03-15 14:59 . 2011-02-23 14:35 5943120 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E4A52A0C-9616-4FA1-9D52-C8DBD9AF3EC4}\mpengine.dll
2011-03-14 15:05 . 2011-03-14 15:05 -------- d-----w- c:\program files\iPod
2011-03-14 15:05 . 2011-03-14 15:07 -------- d-----w- c:\program files\iTunes
2011-03-14 04:05 . 2011-03-14 04:05 -------- d-----w- c:\users\JansWiFi\AppData\Roaming\com.atlanticrecords.Fanbase.A6C8DD5DA30F5C18C5C42884996720F649F6ED37.1
2011-03-13 04:30 . 2011-03-13 04:30 -------- d-----w- c:\program files\ESET
2011-03-10 13:18 . 2011-03-10 13:18 -------- d-----w- c:\windows\system32\Adobe
2011-03-10 13:15 . 2011-03-10 13:15 -------- d-----w- c:\program files\Fanbase
2011-03-10 12:51 . 2011-03-10 13:04 -------- d-----w- c:\programdata\NOS
2011-03-09 01:11 . 2010-12-29 18:28 429056 ----a-w- c:\windows\system32\EncDec.dll
2011-03-09 01:11 . 2010-12-29 18:28 322560 ----a-w- c:\windows\system32\sbe.dll
2011-03-09 01:11 . 2010-12-29 18:28 153088 ----a-w- c:\windows\system32\sbeio.dll
2011-03-09 01:11 . 2010-12-29 18:26 177664 ----a-w- c:\windows\system32\mpg2splt.ax
2011-03-09 01:11 . 2010-12-17 15:45 2067968 ----a-w- c:\windows\system32\mstscax.dll
2011-03-09 01:11 . 2010-12-17 13:54 677888 ----a-w- c:\windows\system32\mstsc.exe
2011-03-08 00:40 . 2011-03-08 00:40 -------- d-----w- c:\program files\Bonjour
2011-03-05 18:20 . 2011-03-05 18:20 -------- d-----w- c:\program files\Pure Networks
2011-03-05 18:18 . 2009-07-07 19:48 26672 ----a-w- c:\windows\system32\drivers\pnarp.sys
2011-03-05 18:17 . 2009-07-07 19:48 27696 ----a-w- c:\windows\system32\drivers\purendis.sys
2011-03-05 18:17 . 2011-03-05 18:17 -------- d-----w- c:\program files\Common Files\Pure Networks Shared
2011-03-05 18:16 . 2011-03-05 18:37 -------- d-----w- c:\programdata\Pure Networks
2011-03-04 23:37 . 2011-03-05 03:25 -------- d-----w- c:\users\JansWiFi\AppData\Local\Smilebox
2011-03-04 23:37 . 2011-03-04 23:46 -------- d-----w- c:\users\JansWiFi\AppData\Roaming\Smilebox
2011-03-04 19:08 . 2011-03-04 19:08 -------- d-----w- c:\program files\VAIO Startup
2011-03-04 14:38 . 2009-06-10 09:43 88576 ----a-w- c:\windows\system32\tlntsess.exe
2011-03-04 14:38 . 2009-06-10 09:43 71168 ----a-w- c:\windows\system32\telnet.exe
2011-03-04 05:05 . 2011-03-04 05:05 -------- d-----w- c:\windows\system32\0409
2011-03-04 05:05 . 2011-03-04 05:05 -------- d-----w- C:\inetpub
2011-03-04 01:38 . 2011-02-01 20:02 58696 ----a-w- c:\windows\system32\AOLParconLink.exe
2011-03-04 01:35 . 2011-03-04 01:38 -------- d-----w- c:\program files\Common Files\AOL
2011-03-04 01:35 . 2011-03-04 01:39 -------- d-----w- c:\program files\AOL Desktop 9.6
2011-03-04 01:35 . 2011-03-04 01:38 -------- d-----w- c:\program files\Common Files\aolshare
2011-03-01 17:34 . 2011-02-02 22:11 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-02-25 14:42 . 2011-02-25 14:43 -------- d-----w- C:\unused AOLs to get off desktop
2011-02-24 21:58 . 2007-05-18 06:31 128104 ----a-r- c:\windows\system32\drivers\WimFltr.sys
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-10 13:10 . 2010-06-24 15:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-03-05 18:20 . 2011-01-31 21:53 8892928 ----a-w- c:\programdata\atscie.msi
2011-03-04 23:19 . 2010-09-10 15:28 952 --sha-w- c:\programdata\KGyGaAvL.sys
2011-01-20 16:37 . 2011-02-09 04:34 638336 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2011-01-20 16:08 . 2011-02-09 04:34 478720 ----a-w- c:\windows\system32\dxgi.dll
2011-01-20 16:08 . 2011-02-09 04:34 160768 ----a-w- c:\windows\system32\d3d10_1.dll
2011-01-20 16:08 . 2011-02-09 04:34 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
2011-01-20 16:08 . 2011-02-09 04:34 189952 ----a-w- c:\windows\system32\d3d10core.dll
2011-01-20 16:08 . 2011-02-09 04:34 1029120 ----a-w- c:\windows\system32\d3d10.dll
2011-01-20 16:07 . 2011-02-09 04:34 37376 ----a-w- c:\windows\system32\cdd.dll
2011-01-20 16:07 . 2011-02-09 04:34 258048 ----a-w- c:\windows\system32\winspool.drv
2011-01-20 16:07 . 2011-02-09 04:34 586240 ----a-w- c:\windows\system32\stobject.dll
2011-01-20 16:06 . 2011-02-09 04:34 2873344 ----a-w- c:\windows\system32\mf.dll
2011-01-20 16:06 . 2011-02-09 04:34 26112 ----a-w- c:\windows\system32\printfilterpipelineprxy.dll
2011-01-20 16:04 . 2011-02-09 04:34 209920 ----a-w- c:\windows\system32\mfplat.dll
2011-01-20 16:04 . 2011-02-09 04:34 98816 ----a-w- c:\windows\system32\mfps.dll
2011-01-20 14:28 . 2011-02-09 04:34 1554432 ----a-w- c:\windows\system32\xpsservices.dll
2011-01-20 14:27 . 2011-02-09 04:34 876032 ----a-w- c:\windows\system32\XpsPrint.dll
2011-01-20 14:26 . 2011-02-09 04:34 667648 ----a-w- c:\windows\system32\printfilterpipelinesvc.exe
2011-01-20 14:25 . 2011-02-09 04:34 847360 ----a-w- c:\windows\system32\OpcServices.dll
2011-01-20 14:24 . 2011-02-09 04:34 288768 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-01-20 14:24 . 2011-02-09 04:34 135680 ----a-w- c:\windows\system32\XpsRasterService.dll
2011-01-20 14:15 . 2011-02-09 04:34 979456 ----a-w- c:\windows\system32\MFH264Dec.dll
2011-01-20 14:14 . 2011-02-09 04:34 357376 ----a-w- c:\windows\system32\MFHEAACdec.dll
2011-01-20 14:14 . 2011-02-09 04:34 261632 ----a-w- c:\windows\system32\mfreadwrite.dll
2011-01-20 14:14 . 2011-02-09 04:34 302592 ----a-w- c:\windows\system32\mfmp4src.dll
2011-01-20 14:12 . 2011-02-09 04:34 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
2011-01-20 14:11 . 2011-02-09 04:34 486400 ----a-w- c:\windows\system32\d3d10level9.dll
2011-01-20 13:47 . 2011-02-09 04:34 683008 ----a-w- c:\windows\system32\d2d1.dll
2011-01-20 13:44 . 2011-02-09 04:34 1068544 ----a-w- c:\windows\system32\DWrite.dll
2011-01-20 13:44 . 2011-02-09 04:34 797184 ----a-w- c:\windows\system32\FntCache.dll
2011-01-13 11:19 . 2011-01-13 11:19 499712 ----a-w- c:\windows\system32\msvcp71.dll
2011-01-13 11:19 . 2011-01-13 11:19 348160 ----a-w- c:\windows\system32\msvcr71.dll
2011-01-08 08:47 . 2011-02-09 02:25 34304 ----a-w- c:\windows\system32\atmlib.dll
2011-01-08 06:28 . 2011-02-09 02:25 292352 ----a-w- c:\windows\system32\atmfd.dll
2010-12-31 13:57 . 2011-02-09 02:25 2039808 ----a-w- c:\windows\system32\win32k.sys
2010-12-30 02:11 . 2010-12-30 02:11 749832 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2010-12-28 15:55 . 2011-01-12 13:53 413696 ----a-w- c:\windows\system32\odbc32.dll
2010-12-20 23:09 . 2010-12-14 17:58 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-12-20 23:08 . 2010-12-14 17:58 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
"AOL Fast Start"="c:\program files\AOL Desktop 9.6\AOL.EXE" [2011-01-13 42320]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-03-07 421160]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2011-01-30 35736]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-10 932288]
.
c:\users\JansWiFi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote Table Of Contents.onetoc2 [2010-7-11 3656]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2007-04-24 00:19 98304 ------w- c:\windows\System32\VESWinlogon.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0SsiEfr.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys]
@="FSFilter Activity Monitor"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Acrobat Speed Launcher.lnk]
backup=c:\windows\pss\Adobe Acrobat Speed Launcher.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Acrobat Synchronizer.lnk]
backup=c:\windows\pss\Adobe Acrobat Synchronizer.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
backup=c:\windows\pss\Adobe Reader Speed Launch.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk]
backup=c:\windows\pss\Adobe Reader Synchronizer.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Billminder.lnk]
backup=c:\windows\pss\Billminder.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
backup=c:\windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Quicken Startup.lnk]
backup=c:\windows\pss\Quicken Startup.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^JansWiFi^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Click to DVD Automatic Mode Launcher.lnk]
backup=c:\windows\pss\Click to DVD Automatic Mode Launcher.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^JansWiFi^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]
backup=c:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^JansWiFi^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Registry Repair Pro.lnk]
path=c:\documents and settings\JansWiFi\Desktop\Registry Repair Pro.lnk
backup=c:\windows\pss\Registry Repair Pro.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^JansWiFi^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Scheduler.lnk]
path=c:\users\JansWiFi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Scheduler.lnk
backup=c:\windows\pss\Scheduler.lnk.Startup
backupExtension=.Startup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NapsterShell
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PestPatrol Control Center
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-11-10 16:49 932288 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-01-30 15:45 35736 ----a-w- c:\program files\Adobe\Reader 10.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOL Fast Start]
2011-01-13 11:19 42320 ----a-w- c:\program files\AOL Desktop 9.6\aol.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
2010-09-22 04:28 47904 ----a-w- c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Corel File Shell Monitor]
2008-08-08 21:30 16712 ----a-r- c:\program files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Corel Photo Downloader]
2008-08-08 21:30 532808 ----a-r- c:\program files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]
2008-01-19 07:33 125952 ----a-w- c:\windows\ehome\ehtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus Photo R260 Series]
2006-10-17 07:01 143360 ----a-w- c:\windows\System32\spool\drivers\w32x86\3\E_FATIBNA.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HostManager]
2010-03-08 07:27 41800 ----a-w- c:\program files\Common Files\AOL\1299202552\ee\aolsoftware.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2007-07-03 14:05 154136 ------w- c:\windows\System32\hkcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2007-07-03 14:10 141848 ------w- c:\windows\System32\igfxtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InstallIQUpdater]
2010-07-07 11:20 1008128 ----a-w- c:\program files\W3i\InstallIQUpdater\InstallIQUpdater.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISBMgr.exe]
2007-04-17 02:06 321656 ----a-w- c:\program files\Sony\ISB Utility\ISBMgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2011-03-07 19:33 421160 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nmapp]
2009-07-08 07:53 472112 ----a-w- c:\program files\Pure Networks\Network Magic\nmapp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nmctxth]
2009-07-07 19:48 647216 ----a-w- c:\program files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
2007-06-26 15:28 137752 ------w- c:\windows\System32\igfxpers.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickBooks Simple Start]
2007-01-31 04:59 371712 ----a-w- c:\program files\Intuit\SimpleStartEntice\entice.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-29 22:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
2007-04-06 18:18 4423680 ----a-w- c:\windows\RtHDVCpl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
2009-04-11 06:28 1233920 ----a-w- c:\program files\Windows Sidebar\sidebar.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel]
2007-04-06 18:18 1822720 ----a-w- c:\windows\SkyTel.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmileboxTray]
2011-01-22 07:13 312640 ----a-w- c:\users\JansWiFi\AppData\Roaming\Smilebox\SmileboxTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SONY VGP-UPR1 (Display Adapter)]
2008-08-28 23:10 233472 ----a-w- c:\program files\DisplayLink Core Software\DisplayLinkUI.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-05-14 16:44 248552 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
2007-03-08 02:38 835584 ----a-w- c:\program files\Synaptics\SynTP\SynTPEnh.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
2010-08-24 09:38 247144 ----a-w- c:\program files\TomTom HOME 2\TomTomHOMERunner.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VAIO Center Access Bar]
2007-03-06 22:22 36864 ----a-w- c:\program files\Sony\VAIO Center Access Bar\VCAB.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VAIOCameraUtility]
2007-04-02 23:49 411768 ----a-w- c:\program files\Sony\VAIO Camera Utility\VCUServe.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VAIORecommender]
2010-11-19 13:57 204152 ----a-w- c:\program files\Sony\VAIO Recommender\VAIORecommender.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VAIOSecurity]
2007-03-14 00:13 2322432 ----a-w- c:\program files\Sony\VAIO Security Center\VSC.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VAIOSurvey]
2006-12-07 00:08 577536 ----a-w- c:\program files\Sony\VAIO Survey\Vista VAIO Survey.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2008-01-19 07:38 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WindowsWelcomeCenter]
2009-04-11 06:28 2153472 ----a-w- c:\windows\System32\oobefldr.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2008-01-19 07:33 202240 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 eFilmProcessManagerNT;eFilmProcessManagerNT;c:\program files\Merge Healthcare\eFilm\efPMNT.exe [2009-02-11 20480]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-04-21 136176]
R3 ICScsiSV;Image Converter SCSI Service;c:\program files\Sony\Image Converter 3\ICScsiSV.exe [2007-01-26 75952]
R3 IcVzMonLauncher;IcVzMonLauncher;c:\program files\Sony\Image Converter 3\IcVzMonLauncher.exe [2007-01-26 67760]
R3 MSSQL$VAIO_VEDB;SQL Server (VAIO_VEDB);c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408]
R3 nosGetPlusHelper;getPlus(R) Helper 3004;c:\windows\System32\svchost.exe [2008-01-19 21504]
R3 slsService;slsService;c:\program files\Merge Healthcare\eFilm\slsService.exe [2008-10-28 70656]
R3 VAIOMediaPlatform-UCLS-AppServer;VAIO Media Content Collection;c:\program files\Sony\VAIO Media Integrated Server\UCLS.exe [2007-01-10 745472]
R3 VAIOMediaPlatform-UCLS-HTTP;VAIO Media Content Collection (HTTP);c:\program files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [2007-08-09 397312]
R3 VAIOMediaPlatform-UCLS-UPnP;VAIO Media Content Collection (UPnP);c:\program files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [2007-08-09 1089536]
R3 WMSvc;Web Management Service;c:\windows\system32\inetsrv\wmsvc.exe [2008-01-19 11264]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S0 dlkmdldr;dlkmdldr;c:\windows\system32\drivers\dlkmdldr.sys [2008-08-18 13424]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2010-09-23 64288]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360\0308000.029\SYMEFA.SYS [2009-08-22 310320]
S1 BHDrvx86;Symantec Heuristics Driver;c:\windows\System32\Drivers\N360\0308000.029\BHDrvx86.sys [2009-08-22 259632]
S1 ccHP;Symantec Hash Provider;c:\windows\System32\Drivers\N360\0308000.029\ccHPx86.sys [2009-08-22 482432]
S1 IDSVix86;IDSVix86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20110316.001\IDSvix86.sys [2010-11-09 353912]
S2 atashost;WebEx Service Host for Support Center;c:\windows\system32\atashost.exe [2009-03-06 20376]
S2 DisplayLinkService;DisplayLink Service;c:\program files\DisplayLink Core Software\DisplayLinkService.exe [2008-08-18 443752]
S2 efAuditorService.exe;eFilm Audit Service;c:\program files\Merge Healthcare\eFilm\Auditor\efAuditorService.exe [2009-02-11 24576]
S2 mrtRate;mrtRate; [x]
S2 MSSQL$SQLEXPRESSEFILM;SQL Server (SQLEXPRESSEFILM);c:\program files\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408]
S2 N360;Norton 360;c:\program files\Norton 360\Engine\3.8.0.41\ccSvcHst.exe [2009-08-22 117640]
S2 Norton PC Checkup Application Launcher;Norton PC Checkup Application Launcher;c:\program files\Norton PC Checkup\Engine\2.0.4.131\SymcPCCULaunchSvc.exe [2010-12-15 120248]
S2 PCCUJobMgr;Common Client Job Manager Service;c:\program files\Norton PC Checkup\Engine\2.0.4.131\ccSvcHst.exe [2009-08-24 126392]
S2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-01-03 11032]
S2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe [2010-08-12 187792]
S2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [2010-08-24 92008]
S2 VCFw;VAIO Content Folder Watcher;c:\program files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2009-03-05 5189992]
S2 VisualizationServicesRemotingService;Visualization Services Remoting Service;c:\program files\Merge Healthcare\eFilm\Visualization Services\MergeeFilm.VisualizationServices.Remoting.WindowsServices.exe [2009-02-11 20480]
S3 dlkmd;dlkmd;c:\windows\system32\drivers\dlkmd.sys [2008-08-18 287856]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2010-08-11 102448]
S3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\NETw5v32.sys [2009-03-04 4232704]
S3 R5U870FLx86;R5U870 UVC Lower Filter ;c:\windows\system32\Drivers\R5U870FLx86.sys [2007-04-04 73472]
S3 R5U870FUx86;R5U870 UVC Upper Filter ;c:\windows\system32\Drivers\R5U870FUx86.sys [2007-04-04 43904]
S3 SonyImgF;Sony Image Conversion Filter Driver;c:\windows\system32\DRIVERS\SonyImgF.sys [2007-04-05 31104]
S3 SYMNDISV;Symantec Network Filter Driver;c:\windows\System32\Drivers\N360\0308000.029\SYMNDISV.SYS [2009-08-22 48688]
S3 ti21sony;ti21sony;c:\windows\system32\drivers\ti21sony.sys [2007-04-23 812544]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
LPDService REG_MULTI_SZ LPDSVC
rsmsvcs REG_MULTI_SZ ntmssvc
ipripsvc REG_MULTI_SZ iprip
nosGetPlusHelper REG_MULTI_SZ nosGetPlusHelper
.
Contents of the 'Scheduled Tasks' folder
.
2011-03-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-21 10:59]
.
2011-03-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-21 10:59]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.aol.com
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000
IE: Transfer by Image Converter 3 - c:\program files\Sony\Image Converter 3\menu.htm
.
- - - - ORPHANS REMOVED - - - -
.
MSConfigStartUp-SearchSettings - c:\program files\Common Files\Spigot\Search Settings\SearchSettings.exe
AddRemove-ESET Online Scanner - c:\program files\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
AddRemove-_{707EB912-C597-49D8-9460-46CC9AB03EBE} - c:\program files\Corel\Corel Painter Photo Essentials 4\MSILauncher {707EB912-C597-49D8-9460-46CC9AB03EBE}
.
.
.
**************************************************************************
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files:
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\N360]
"ImagePath"="\"c:\program files\Norton 360\Engine\3.8.0.41\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton 360\Engine\3.8.0.41\diMaster.dll\" /prefetch:1"
--
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PCCUJobMgr]
"ImagePath"="\"c:\program files\Norton PC Checkup\Engine\2.0.4.131\ccSvcHst.exe\" /s \"PCCUJobMgr\" /m \"c:\program files\Norton PC Checkup\Engine\2.0.4.131\diMaster.dll\" /prefetch:1"
--
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=5000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\% C3 Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=inteldata\""
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-2739981327-1961966216-2112046628-1005\Software\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Common Client\ccIPC]
@Denied: (C D) (Everyone)
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(6028)
c:\program files\Pure Networks\Network Magic\nmspce2.dll
c:\program files\Pure Networks\Network Magic\nmrsrc.dll
c:\program files\Common Files\Pure Networks Shared\Platform\11.2.09195.1.nmcorePS.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\DisplayLink Core Software\DisplayLinkManager.exe
c:\program files\Sony\VAIO Care\VCSpt.exe
c:\windows\system32\DllHost.exe
c:\program files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe
c:\program files\Sony\Wireless Switch Setting Utility\Switcher.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\programdata\EPSON\EPW!3 SSRP\E_S30RP1.EXE
c:\program files\Merge Healthcare\eFilm\efServer.exe
c:\windows\system32\inetsrv\inetinfo.exe
c:\program files\Microsoft SQL Server\MSSQL.3\MSSQL\Binn\sqlservr.exe
c:\program files\Microsoft SQL Server\MSSQL.4\MSSQL\Binn\sqlservr.exe
c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
c:\windows\system32\PSIService.exe
c:\program files\Common Files\Protexis\License Service\PsiService_2.exe
c:\windows\System32\tcpsvcs.exe
c:\windows\System32\snmp.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\program files\Merge Healthcare\eFilm\efDM.exe
c:\program files\Sony\VAIO Event Service\VESMgr.exe
c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Merge Healthcare\eFilm\efDBM.exe
c:\program files\Sony\VAIO Event Service\VESMgrSub.exe
c:\windows\system32\igfxext.exe
c:\windows\system32\igfxsrvc.exe
c:\windows\system32\WUDFHost.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\DRIVERS\xaudio.exe
c:\program files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
c:\program files\Sony\VAIO Power Management\SPMgr.exe
c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
c:\windows\system32\DllHost.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\AOL Desktop 9.6\waol.exe
c:\windows\ehome\ehmsas.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\Common Files\AOL\ACS\AOLAcsd.exe
c:\program files\Sony\VAIO Care\listener.exe
c:\program files\AOL Desktop 9.6\shellmon.exe
c:\program files\Sony\VAIO Care\VCsystray.exe
.
**************************************************************************
.
Completion time: 2011-03-17 17:38:18 - machine was rebooted
ComboFix-quarantined-files.txt 2011-03-17 21:37
.
Pre-Run: 127,398,892,544 bytes free
Post-Run: 127,624,909,824 bytes free
.
- - End Of File - - 928239E5247A07E1974D465852EE50E4


****************************************************************
Ok, I ran the ESET program and it did not give me the option at the end to copy to any clip board. It did create a file in my programs, and a log and it says there were no viruses found. When I tried ot run it again, to see why, it will not run it again, throws an error up saying it has run a scan within the past 24 and will not again. So, did I do something wrong? I will cut and paste that log if you like. I am stumped. Please do not think I am an ***** but please be aware that I do have MS and it affects me a lot cognitively. I have gone from a great career in financial planning to being cognitively disabled and as frustrating and troubling as this may be to you, it is more so to me. It is embarassing to even post this and know it is probably something that I did wrong. I will go to the next one.

would it help you to see the details header of one of the emails? They are all different but they are all seemingly from Yahoo accts.
*************************************************
oh and I did delete all the av programs except for norton360. I am running the sw you requested now, emailing you fr my iBad, since the 2nd out.

******************************************
Gotcha....edit

Yes, I am running them...when it rains, it pours. I received notice that the state is auditing us for 2008 and 2009...Why? Just to be Aholes? umm hmm. I do think so. So, I have been in a tizzy finding that crap as they said we have only x number of days to get it to them, and I cannot get turbo tax to download 08 and for some reason the return is not in my paper work. I am having that GD problem where no matter what I do, when I am on IE, I get the request to dl flash player over and over. I have jninstalled it, reinstalled it, purged, cleaned, used the uninstaller that you are pointed to at the Vista page, nothing works and I think that is why I cannot open the turbo tax forms as they are in pdf form and it is messing up as well. I have uninstalled that one and reinsttaled it but I do not know if it will work again or not. I am telling you, I want to open a vein. Todays priorities: fax geek squad papers to Allstate to try to get my desk top replaced and get off of this lap top. do your thing and then work on the audit. do you have any extra hemlock?
 
If you have something to add, please use the Edit feature to include it in your prior reply. I get email feedback for every reply.

No, I don't want the email header. There is nothing I can do about it. The only thing I can do is look for malware on your system. If infection is found in emails, it will show on one of the logs.

I understand the complications of giving up a long time email account. AOL had most of us chained to them for years. When I left them years ago and wrote to cancel and close my account, they threatened to give my email address to someone else. You will not get any help from them.

IF you want my help in this matter, you need to go ahead with he scans. The logs will give me information that my help me help you. If you aren't going to do this, I will free up the time to help others.

Have you don't anything about the multiple AV programs?
Have you run the Eset scan?
Have you run Combofix?

I can help you troubleshoot the System Restore settings later. at this point, you should not be attempting to use the feature.
 
Thread being reopened at member's request. Edit function was used to input the logs and they did not show when the thread was closed.
 
Take any McAfee and Registry Repair process off of Startup menu> Uninstall any McAfee or Registry Repair entry in Add/Remove> Use Windows Explorer to access My Computer> Local Drive(C)> Programs> right click> Delete on the program folders.
=================================
Sony Software Bundled with VAIO Computers: The applications listed HERE are currently identified as having compatibility issues after installing the Windows Vista operating system.
=================================
Digsby InstallQ:> When it sounds too good to be true, it isn't! This process is insidious. Please see the information HERE about junk software and what this program does and will attempt.
=========================================
The following are being loaded from the Registry at Startup, the running in the background. None of these need to start on boot. Please tell if if you 1. Still use -or-2. No longer use:
VAIO Center Access Bar (2007) A toolbar that provides access to many of the programs installed on Sony laptops.
VAIOCameraUtility
VAIORecommender
VAIOSecurity
VAIOSurvey (2007) "we would like to collect your valuable feedbacks and Information" "Dear Visitor We're conducting a study on the web experience of our VAIO website"
Corel File Shell Monitor (2008)
Corel Photo Downloader (2008)
EPSON Stylus Photo R260 Series (2006)
Click to DVD Automatic Mode Launcher:(VAIO- Automatic Mode is not available on DVD Handycam)
Skytel (2007)
This does not mean you cannot use these programs or apps and it doesn't uninstall them. But none need to start on boot and run in the background.
==========================================
C:\unused AOLs to get off desktop> either delete or move to appropriate folders.
========================================
You are using Telnet (2009): c:\windows\system32\telnet.exe. See this for WHY you shouldn't be using it!
=========================================
Please see if you can run this online virus scan:
Run Kaspersky Online Scanner in Internet Explorer

Note: If you are using Windows Vista, open your browser by right-clicking on its icon and select 'Run as administrator' to perform this scan.
  • Click Accept and the web scanner will begin to load
  • If a yellow warning bar appears at the top of the browser, click it and choose Install ActiveX Control
  • You will be prompted to install an ActiveX component from Kaspersky, click Install
  • If you are prompted about another ActiveX control called Kaspersky Online Scanner GUI part then allow it to be installed also.
  • The program will launch and then begin downloading the latest definition files:
  • Once the files have been downloaded click on NEXT and then Scan Settings
  • In the scan settings make that the following are selected:
    [o] Scan using the following Anti-Virus database> Extended (if available otherwise Standard)
    [o] Scan Options: Scan Archives> Scan Mail Bases
  • Click OK
  • Now under select a target to scan:
    [o] Select My Computer
  • The program will start to scan your system.
  • Once the scan is complete, click on the Save as Text button and save the file to your desktop
Note for Internet Explorer 7 users: If at any time you have trouble with the accept button of the license, click on the Zoom tool located at the right bottom of the IE window and set the zoom to 75 %. Once the license is accepted, reset to 100%.
 
**Bobbye

For some reason, Karpesky will not run. It updated but when it tried to run, it stopped with a message about needing constant internet connection. So I went directly to the internet site and clicked to the free online virus scan and it said that it is on the process of being improved, I guess it is not available right now. It was not available to use, it would not allow a click. I spoke with AOLs fraud division. I don't know if you have ever heard of this but they said that a person will get your password and sign on to your email online. Then not sign out. Long as they do not sign out, regardless of the fact that you change your password, they have access to your acct. They send the emails and immediately delete them from your out box. I am a little skeptical, but they did something that would break any online open connection and reset everything. I still want to pursue this. What would I do about Kaspersky? Do you want me to wait a day or so and try again?
**********************************************************************************************

unforfunately, I have had to be gone all day today to a baby shower then a childs birthday party so I hope to get on it tonight. I have just not been able to work on it yet, but I will tonight or in the morning. When it rains it pours...I have the audits for my income taxes also for 2008 and 2009...for the state of all things. That is really the dark side of hell.


Bobbye

I am going to reply only to be sure you see this since I have so much info in the other reply from editing and I will ony edit this one going forward to add info to you and will reply to provide log info or other info as we discussed.

In the past week, I did discover how to remove the pop up that I was getting to down load flash player, by diabling UAC. I just want you to know that because that will not show in the information you are seeing because I ran and posted the combofix info five days ago.
 
Hey, I don't think that I do the right thing with the edit because you do not seem to see it. The kaspersky was being updated and would not run. I will try again. The message was something like, look for the new and better online scan. Also, AOL did a thing where they went in and made sure no one could have opened my acct via the web and not closed it thereby making my password changes of no consequence to them. But, they did it at noon to oneish on the 29th and one spam went out to three ppl around 3 and no more have since. Could that have been in the works somehow? I am hoping against hope.

here is the message that I get when I try to get to the online scanner through IE

Detect viruses on your computer with Kaspersky’s Online Virus Scanner. Our scanner searches your computer for the latest threats and lets you know which files are infected!

The Kaspersky Online Virus Scanner is being updated and improved!

But you don’t have to wait to protect your computer. Scan, detect and remove malware with a FREE 30-day trial of our latest, most advanced security protection.


If I try to click on your hyper link, I cannot even open the site. it fails. I have no idea what to do. I counted 400 emails that were sent from my account last August when I could see them in my sent box. They were all crazy. When I caught it, and stopped them by blocks, etc. they stopped util this past Feb and they are sending a hyper link to a virus now and nothing is in my outbox and maybe 100+ have gone.

What now?
 
Bobbye

What the hell is this??? Twenty of these popped up on my desk top as individual texts

#
# A fatal error has been detected by the Java Runtime Environment:
#
# EXCEPTION_ACCESS_VIOLATION (0xc0000005) at pc=0x068d3f88, pid=7460, tid=4664
#
# JRE version: 6.0_22-b04
# Java VM: Java HotSpot(TM) Client VM (17.1-b03 mixed mode, sharing windows-x86 )
# Problematic frame:
# C [jp2iexp.dll+0x3f88]
#
# If you would like to submit a bug report, please visit:
# http://java.sun.com/webapps/bugreport/crash.jsp
# The crash happened outside the Java Virtual Machine in native code.
# See problematic frame for where to report the bug.
#

--------------- T H R E A D ---------------

Current thread (0x075d9800): JavaThread "main" [_thread_in_native, id=4664, stack(0x02f30000,0x03130000)]

siginfo: ExceptionCode=0xc0000005, reading address 0x00000001

Registers:
EAX=0x00000001, EBX=0x3410a250, ECX=0x0024d658, EDX=0x0312d00c
ESP=0x0312cfec, EBP=0x0312cff8, ESI=0x00000000, EDI=0x075d9800
EIP=0x068d3f88, EFLAGS=0x00010246

Top of Stack: (sp=0x0312cfec)
0x0312cfec: 0312d00c 3410a250 00000001 0312d038
0x0312cffc: 09189f47 075d9918 0312d040 07139e90
0x0312d00c: 00000000 075d9f18 fffffffe 0312d018
0x0312d01c: 3410a250 0312d04c 34113058 00000000
0x0312d02c: 3410a250 00000000 0312d048 0312d074
0x0312d03c: 09182f07 34112a68 09188286 07139e90
0x0312d04c: 00000000 3219a6a8 0312d054 3410a1bf
0x0312d05c: 0312d07c 34113058 00000000 3410a1d0

Instructions: (pc=0x068d3f88)
0x068d3f78: 33 f6 85 c0 7c 3a 8b 45 fc 8d 55 14 52 89 75 14
0x068d3f88: 8b 08 50 ff 91 a0 00 00 00 85 c0 7c 1a 8b 75 14


Stack: [0x02f30000,0x03130000], sp=0x0312cfec, free space=7f30312cb20k
Native frames: (J=compiled Java code, j=interpreted, Vv=VM code, C=native code)
C [jp2iexp.dll+0x3f88]
j sun.plugin2.main.server.IExplorerPlugin.getDocumentBase0(J)Ljava/lang/String;+0
j sun.plugin2.main.server.IExplorerPlugin.getDocumentBase()Ljava/lang/String;+31
j sun.plugin2.main.server.JVMInstance.startApplet(Ljava/util/Map;Lsun/plugin2/main/server/Plugin;JJZIZZ)Z+14
j sun.plugin2.main.server.JVMManager.startAppletImpl(Ljava/util/Map;Lsun/plugin2/main/server/Plugin;JJZLjava/lang/String;ZIZ)Lsun/plugin2/main/server/AppletID;+240
j sun.plugin2.main.server.JVMManager.startApplet(Ljava/util/Map;Lsun/plugin2/main/server/Plugin;JJZLjava/lang/String;)Lsun/plugin2/main/server/AppletID;+16
j sun.plugin2.main.server.JVMManager.startApplet(Ljava/util/Map;Lsun/plugin2/main/server/Plugin;JJZ)Lsun/plugin2/main/server/AppletID;+19
j sun.plugin2.main.server.IExplorerPlugin.maybeStartApplet()V+192
j sun.plugin2.main.server.IExplorerPlugin.access$200(Lsun/plugin2/main/server/IExplorerPlugin;)V+1
j sun.plugin2.main.server.IExplorerPlugin$BackgroundStarter$1.run()V+7
v ~StubRoutines::call_stub
V [jvm.dll+0xf3a9c]
V [jvm.dll+0x186591]
V [jvm.dll+0xf3b1d]
V [jvm.dll+0xfd5af]
V [jvm.dll+0x1003a7]
C [jp2iexp.dll+0x178d]
C [jp2iexp.dll+0x8670]
C [jp2iexp.dll+0x7b42]
C [USER32.dll+0x1fd72]
C [USER32.dll+0x1fe4a]
C [USER32.dll+0x2018d]
C [USER32.dll+0x2022b]
C [IEFRAME.dll+0xf1b83]
C [IEFRAME.dll+0x111ac6]
C [iertutil.dll+0x140150]
C [IEFRAME.dll+0xffe03]
C [kernel32.dll+0x4d0e9]
C [ntdll.dll+0x416c3]
C [ntdll.dll+0x41696]

Java frames: (J=compiled Java code, j=interpreted, Vv=VM code)
j sun.plugin2.main.server.IExplorerPlugin.getDocumentBase0(J)Ljava/lang/String;+0
j sun.plugin2.main.server.IExplorerPlugin.getDocumentBase()Ljava/lang/String;+31
j sun.plugin2.main.server.JVMInstance.startApplet(Ljava/util/Map;Lsun/plugin2/main/server/Plugin;JJZIZZ)Z+14
j sun.plugin2.main.server.JVMManager.startAppletImpl(Ljava/util/Map;Lsun/plugin2/main/server/Plugin;JJZLjava/lang/String;ZIZ)Lsun/plugin2/main/server/AppletID;+240
j sun.plugin2.main.server.JVMManager.startApplet(Ljava/util/Map;Lsun/plugin2/main/server/Plugin;JJZLjava/lang/String;)Lsun/plugin2/main/server/AppletID;+16
j sun.plugin2.main.server.JVMManager.startApplet(Ljava/util/Map;Lsun/plugin2/main/server/Plugin;JJZ)Lsun/plugin2/main/server/AppletID;+19
j sun.plugin2.main.server.IExplorerPlugin.maybeStartApplet()V+192
j sun.plugin2.main.server.IExplorerPlugin.access$200(Lsun/plugin2/main/server/IExplorerPlugin;)V+1
j sun.plugin2.main.server.IExplorerPlugin$BackgroundStarter$1.run()V+7
v ~StubRoutines::call_stub

--------------- P R O C E S S ---------------

Java Threads: ( => current thread )
0x0c02bc00 JavaThread "JRE 1.6.0.22 Heartbeat Thread" [_thread_blocked, id=5232, stack(0x0cd60000,0x0ce60000)]
0x0c035c00 JavaThread "JRE 1.6.0.22 Worker Thread" [_thread_blocked, id=6312, stack(0x0c3a0000,0x0c4a0000)]
0x0c035800 JavaThread "JRE 1.6.0.22 Output Reader Thread" [_thread_in_native, id=7384, stack(0x0cb60000,0x0cc60000)]
0x0c035000 JavaThread "JRE 1.6.0.22 Output Reader Thread" [_thread_in_native, id=5184, stack(0x0c9a0000,0x0caa0000)]
0x0c034c00 JavaThread "Thread-0" [_thread_in_native, id=356, stack(0x0c800000,0x0c900000)]
0x0c033000 JavaThread "Java Plug-In Pipe Worker Thread (Server-Side)" daemon [_thread_in_native, id=7028, stack(0x0b8b0000,0x0b9b0000)]
0x090fd000 JavaThread "traceMsgQueueThread" daemon [_thread_blocked, id=8040, stack(0x0bef0000,0x0bff0000)]
0x090c7800 JavaThread "Low Memory Detector" daemon [_thread_blocked, id=3520, stack(0x0bb30000,0x0bc30000)]
0x090bfc00 JavaThread "CompilerThread0" daemon [_thread_blocked, id=4260, stack(0x0b9d0000,0x0bad0000)]
0x090bec00 JavaThread "Attach Listener" daemon [_thread_blocked, id=7684, stack(0x0b7a0000,0x0b8a0000)]
0x090bbc00 JavaThread "Signal Dispatcher" daemon [_thread_blocked, id=7592, stack(0x0b4f0000,0x0b5f0000)]
0x090b2400 JavaThread "Finalizer" daemon [_thread_blocked, id=6936, stack(0x0b630000,0x0b730000)]
0x090b1000 JavaThread "Reference Handler" daemon [_thread_blocked, id=1576, stack(0x0b360000,0x0b460000)]
=>0x075d9800 JavaThread "main" [_thread_in_native, id=4664, stack(0x02f30000,0x03130000)]

Other Threads:
0x090af800 VMThread [stack: 0x0b220000,0x0b320000] [id=8108]
0x090d0c00 WatcherThread [stack: 0x0bdd0000,0x0bed0000] [id=7480]

VM state:not at safepoint (normal execution)

VM Mutex/Monitor currently owned by a thread: None

Heap
def new generation total 4928K, used 1371K [0x32100000, 0x32650000, 0x32ba0000)
eden space 4416K, 31% used [0x32100000, 0x32256e78, 0x32550000)
from space 512K, 0% used [0x32550000, 0x32550000, 0x325d0000)
to space 512K, 0% used [0x325d0000, 0x325d0000, 0x32650000)
tenured generation total 10944K, used 0K [0x32ba0000, 0x33650000, 0x34100000)
the space 10944K, 0% used [0x32ba0000, 0x32ba0000, 0x32ba0200, 0x33650000)
compacting perm gen total 12288K, used 710K [0x34100000, 0x34d00000, 0x38100000)
the space 12288K, 5% used [0x34100000, 0x341b1a18, 0x341b1c00, 0x34d00000)
ro space 10240K, 51% used [0x38100000, 0x3862baf8, 0x3862bc00, 0x38b00000)
rw space 12288K, 54% used [0x38b00000, 0x391976d8, 0x39197800, 0x39700000)

Dynamic libraries:
0x00a30000 - 0x00ae8000 C:\Program Files\Internet Explorer\iexplore.exe
0x76f70000 - 0x77098000 C:\Windows\system32\ntdll.dll
0x75640000 - 0x7571c000 C:\Windows\system32\kernel32.dll
0x76580000 - 0x76646000 C:\Windows\system32\ADVAPI32.dll
0x76ae0000 - 0x76ba3000 C:\Windows\system32\RPCRT4.dll
0x767d0000 - 0x7686d000 C:\Windows\system32\USER32.dll
0x76a00000 - 0x76a4b000 C:\Windows\system32\GDI32.dll
0x76240000 - 0x762ea000 C:\Windows\system32\msvcrt.dll
0x76bd0000 - 0x76c29000 C:\Windows\system32\SHLWAPI.dll
0x75720000 - 0x76231000 C:\Windows\system32\SHELL32.dll
0x76680000 - 0x767c5000 C:\Windows\system32\ole32.dll
0x76870000 - 0x76980000 C:\Windows\system32\urlmon.dll
0x77130000 - 0x771bd000 C:\Windows\system32\OLEAUT32.dll
0x763c0000 - 0x76576000 C:\Windows\system32\iertutil.dll
0x76c30000 - 0x76d4a000 C:\Windows\system32\WININET.dll
0x771c0000 - 0x771c3000 C:\Windows\system32\Normaliz.dll
0x76bb0000 - 0x76bce000 C:\Windows\system32\IMM32.DLL
0x762f0000 - 0x763b8000 C:\Windows\system32\MSCTF.dll
0x76a80000 - 0x76a89000 C:\Windows\system32\LPK.DLL
0x76980000 - 0x769fd000 C:\Windows\system32\USP10.dll
0x74380000 - 0x7451e000 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
0x6f6d0000 - 0x70015000 C:\Windows\system32\IEFRAME.dll
0x755a0000 - 0x755a7000 C:\Windows\system32\PSAPI.DLL
0x740d0000 - 0x7410d000 C:\Windows\system32\OLEACC.dll
0x770b0000 - 0x77123000 C:\Windows\system32\comdlg32.dll
0x66dc0000 - 0x66df1000 C:\Program Files\Internet Explorer\IEShims.dll
0x74680000 - 0x746bf000 C:\Windows\system32\uxtheme.dll
0x754d0000 - 0x754e4000 C:\Windows\system32\Secur32.dll
0x76a50000 - 0x76a7d000 C:\Windows\system32\WS2_32.dll
0x770a0000 - 0x770a6000 C:\Windows\system32\NSI.dll
0x74e50000 - 0x74e69000 C:\Windows\system32\iphlpapi.dll
0x74e80000 - 0x74eb5000 C:\Windows\system32\dhcpcsvc.DLL
0x750f0000 - 0x7511c000 C:\Windows\system32\DNSAPI.dll
0x74e70000 - 0x74e77000 C:\Windows\system32\WINNSI.DLL
0x74e20000 - 0x74e42000 C:\Windows\system32\dhcpcsvc6.DLL
0x63d80000 - 0x64938000 C:\Windows\system32\MSHTML.dll
0x74cd0000 - 0x74cd8000 C:\Windows\system32\VERSION.dll
0x76de0000 - 0x76f6a000 C:\Windows\system32\setupapi.dll
0x65450000 - 0x654fb000 C:\Windows\system32\d2d1.dll
0x64fc0000 - 0x650c8000 C:\Windows\system32\DWrite.dll
0x67050000 - 0x670d0000 C:\Windows\system32\dxgi.dll
0x73130000 - 0x7313c000 C:\Windows\system32\dwmapi.dll
0x749b0000 - 0x749eb000 C:\Windows\system32\rsaenh.dll
0x74780000 - 0x747ad000 C:\Windows\system32\WINTRUST.dll
0x74f50000 - 0x75042000 C:\Windows\system32\CRYPT32.dll
0x750b0000 - 0x750c2000 C:\Windows\system32\MSASN1.dll
0x754f0000 - 0x7550e000 C:\Windows\system32\USERENV.dll
0x76650000 - 0x76679000 C:\Windows\system32\imagehlp.dll
0x67f30000 - 0x67f5c000 C:\Windows\system32\d3d10_1.dll
0x67e60000 - 0x67e9a000 C:\Windows\system32\d3d10_1core.dll
0x622d0000 - 0x6234e000 C:\Windows\system32\D3D10Level9.dll
0x10000000 - 0x10026000 C:\Windows\system32\dlumd32.dll
0x04710000 - 0x0498c000 C:\Windows\system32\igdumd32.dll
0x76d50000 - 0x76dd4000 C:\Windows\system32\CLBCatQ.DLL
0x64940000 - 0x64972000 C:\Program Files\Internet Explorer\ieproxy.dll
0x70df0000 - 0x70e43000 C:\Windows\System32\actxprxy.dll
0x75440000 - 0x7546c000 C:\Windows\system32\apphelp.dll
0x69bd0000 - 0x69c2e000 C:\Program Files\Norton 360\Engine\3.8.0.41\coIEPlg.dll
0x71230000 - 0x712b7000 C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d08d7da0442a985d\MSVCP80.dll
0x72ab0000 - 0x72b4b000 C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d08d7da0442a985d\MSVCR80.dll
0x6ae10000 - 0x6ae92000 C:\Program Files\Norton 360\Engine\3.8.0.41\ccL80U.dll
0x72480000 - 0x724f4000 C:\Windows\system32\RICHED20.DLL
0x6ca00000 - 0x6cbb8000 C:\Program Files\Norton 360\Engine\3.8.0.41\SYMHTML.DLL
0x732e0000 - 0x73365000 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_88f3a38569c2c436\COMCTL32.dll
0x74110000 - 0x74142000 C:\Windows\system32\WINMM.dll
0x667a0000 - 0x667b1000 C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
0x74540000 - 0x745e3000 C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2\MSVCR90.dll
0x6d380000 - 0x6d40e000 C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2\MSVCP90.dll
0x66d70000 - 0x66d80000 C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
0x6b050000 - 0x6b067000 C:\Program Files\Norton 360\Engine\3.8.0.41\ccVrTrst.dll
0x69380000 - 0x6938c000 C:\Program Files\Norton 360\Engine\3.8.0.41\EFACli.dll
0x6afb0000 - 0x6aff0000 C:\Program Files\Norton 360\Engine\3.8.0.41\ccSet.dll
0x6ad80000 - 0x6ada6000 C:\Program Files\Norton 360\Engine\3.8.0.41\ccIPC.dll
0x69d90000 - 0x69e3b000 C:\Program Files\Norton 360\Engine\3.8.0.41\coUICtlr.dll
0x69e40000 - 0x69f16000 C:\Program Files\Norton 360\Engine\3.8.0.41\coWPPlg.dll
0x740b0000 - 0x740c5000 C:\Windows\system32\Cabinet.dll
0x72ce0000 - 0x72d40000 C:\Windows\system32\WINHTTP.dll
0x67620000 - 0x67697000 C:\Program Files\Norton 360\Engine\3.8.0.41\isDataPr.dll
0x69f70000 - 0x69fe3000 C:\Program Files\Norton 360\Engine\3.8.0.41\IVPlugin.dll
0x66da0000 - 0x66dae000 C:\Program Files\Norton 360\Engine\3.8.0.41\FFPrefs.dll
0x6a0f0000 - 0x6a21a000 C:\Program Files\Norton 360\Engine\3.8.0.41\rf.dll
0x727b0000 - 0x727f2000 C:\Windows\system32\WINSPOOL.DRV
0x67210000 - 0x6722c000 C:\Windows\system32\oledlg.dll
0x64f30000 - 0x64f48000 C:\Windows\system32\OLEPRO32.DLL
0x6acf0000 - 0x6ad36000 C:\Program Files\Norton 360\Engine\3.8.0.41\ccGEvt.dll
0x6a2a0000 - 0x6a2d1000 C:\Program Files\Norton 360\Engine\3.8.0.41\coParse.dll
0x6bf40000 - 0x6bf5a000 C:\Program Files\Norton 360\Engine\3.8.0.41\IPSBHO.DLL
0x06ba0000 - 0x06c6e000 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20110325.002\Scxpx86.dll
0x75380000 - 0x753df000 C:\Windows\system32\SXS.DLL
0x74950000 - 0x74971000 C:\Windows\system32\NTMARTA.DLL
0x76a90000 - 0x76ad9000 C:\Windows\system32\WLDAP32.dll
0x750d0000 - 0x750e1000 C:\Windows\system32\SAMLIB.dll
0x70070000 - 0x700ba000 C:\Windows\system32\RASAPI32.dll
0x70110000 - 0x70124000 C:\Windows\system32\rasman.dll
0x75300000 - 0x75376000 C:\Windows\system32\NETAPI32.dll
0x6dfa0000 - 0x6dfd1000 C:\Windows\system32\TAPI32.dll
0x703b0000 - 0x703bc000 C:\Windows\system32\rtutils.dll
0x74d70000 - 0x74d77000 C:\Windows\system32\credssp.dll
0x74b70000 - 0x74bb6000 C:\Windows\system32\schannel.dll
0x71070000 - 0x71076000 C:\Windows\system32\sensapi.dll
0x74c60000 - 0x74c9b000 C:\Windows\system32\mswsock.dll
0x74920000 - 0x74925000 C:\Windows\System32\wshtcpip.dll
0x70a20000 - 0x70a50000 C:\Windows\system32\MLANG.dll
0x736e0000 - 0x737d4000 C:\Windows\system32\windowscodecs.dll
0x67780000 - 0x6778c000 C:\Windows\system32\ImgUtil.dll
0x61910000 - 0x6197c000 C:\Windows\system32\ieapfltr.dll
0x65180000 - 0x6533b000 C:\Windows\System32\jscript9.dll
0x67ee0000 - 0x67eeb000 C:\Windows\system32\msimtf.dll
0x73c10000 - 0x73ccb000 C:\Windows\system32\PROPSYS.dll
0x6aff0000 - 0x6b02e000 C:\Program Files\Norton 360\Engine\3.8.0.41\ccsubeng.dll
0x74cc0000 - 0x74cc5000 C:\Windows\System32\wship6.dll
0x74010000 - 0x7401f000 C:\Windows\system32\NLAapi.dll
0x71010000 - 0x7101f000 C:\Windows\system32\napinsp.dll
0x70fd0000 - 0x70fe2000 C:\Windows\system32\pnrpnsp.dll
0x71000000 - 0x71008000 C:\Windows\System32\winrnr.dll
0x70f70000 - 0x70f95000 C:\Program Files\Bonjour\mdnsNSP.dll
0x72e80000 - 0x72e86000 C:\Windows\system32\rasadhlp.dll
0x068d0000 - 0x068ee000 C:\Program Files\Java\jre6\bin\jp2iexp.dll
0x7c340000 - 0x7c396000 C:\Program Files\Java\jre6\bin\MSVCR71.dll
0x733f0000 - 0x733f7000 C:\Windows\system32\wsock32.dll
0x6d7f0000 - 0x6da97000 C:\PROGRA~1\Java\jre6\bin\client\jvm.dll
0x6d7a0000 - 0x6d7ac000 C:\PROGRA~1\Java\jre6\bin\verify.dll
0x6d320000 - 0x6d33f000 C:\PROGRA~1\Java\jre6\bin\java.dll
0x6d280000 - 0x6d288000 C:\PROGRA~1\Java\jre6\bin\hpi.dll
0x6d7e0000 - 0x6d7ef000 C:\PROGRA~1\Java\jre6\bin\zip.dll
0x6d420000 - 0x6d426000 C:\Program Files\Java\jre6\bin\jp2native.dll
0x6d1d0000 - 0x6d1e3000 C:\Program Files\Java\jre6\bin\deploy.dll
0x6d600000 - 0x6d613000 C:\Program Files\Java\jre6\bin\net.dll

VM Arguments:
jvm_args: -Xbootclasspath/a:C:\PROGRA~1\Java\jre6\lib\deploy.jar;C:\PROGRA~1\Java\jre6\lib\javaws.jar;C:\PROGRA~1\Java\jre6\lib\plugin.jar -Xmx32m -Djava.awt.headless=true -Dkernel.background.download=false -Dkernel.download.dialog=false -XX:MaxDirectMemorySize=64m
java_command: <unknown>
Launcher Type: generic

Environment Variables:
CLASSPATH=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
PATH=C:\Program Files\Internet Explorer;;C:\Windows\system32;C:\Windows;C:\Windows\system32\wbem;c:\Program Files\Microsoft SQL Server\90\Tools\binn
USERNAME=JansWiFi
OS=Windows_NT
PROCESSOR_IDENTIFIER=x86 Family 6 Model 15 Stepping 13, GenuineIntel



--------------- S Y S T E M ---------------

OS: Windows Vista Build 6002 Service Pack 2

CPU:total 2 (2 cores per cpu, 1 threads per core) family 6 model 15 stepping 13, cmov, cx8, fxsr, mmx, sse, sse2, sse3, ssse3

Memory: 4k page, physical 2086592k(547552k free), swap 4420244k(1797404k free)

vm_info: Java HotSpot(TM) Client VM (17.1-b03) for windows-x86 JRE (1.6.0_22-b04), built on Sep 15 2010 00:56:36 by "java_re" with MS VC++ 7.1 (VS2003)

time: Thu Mar 31 00:20:57 2011
elapsed time: 0 seconds
 
Remove all of the addons in the browser and add them back one at a time to find the offender.

Check the Event Viewer for Error messages that corresponds the the Fatal Error message. Errors are time coded.

If the problem continues, please post in the Windows BSOD forum.
 
Status
Not open for further replies.
Back