McAfee & IE errors/closing plus spotty internet

[gertuxia]

I use a wusb54g adapter and my internet will only work for minutes at a time despite a strong connection to the linksys router and a year of relatively undistrubed internet (I only use Firefox btw). I tried changing channels to fix this. However, I later discovered McAfee & IE would not open because of errors and I was directed here.

For Step 1 I uninstalled 'View Point Media Player' and also found something called 'Media Motor' but it could not be found for uninstalling.
Then unexpectedly, after restarting my PC, McAfee did an update of its own (which hasn't happend in months) and seemed to be working again. A virus scan yielded nothing. IE also worked but both programs have alternated between error messages and properly running since then (they seem to do so in unison). The internet connection is still spotty.

I think I carried out the other steps correctly.

Extra Tidbit:
More than a year ago my PC was hit by a 'WinKRoot' and I went online to fix it (McAfee would only recognize the problem but wouldn't remove it). I dl'd a program (I don't remember where & I have since removed it) that seemed to work. I attached the log of its actions.

Also, I regularly run AdAware, Spybot S&D, McAfee, and get Windows Updates so I'm a little alarmed that Panda ActiveScan is finding spyware and viruses! I attached Panda's report.

Here's the HiJackThis log:

Deckard's System Scanner v20071014.68
Run by Richard on 2007-12-23 19:44:44
Computer is in Normal Mode.
--------------------------------------------------------------------------------

Total Physical Memory: 511 MiB (512 MiB recommended).


-- HijackThis (run as Richard.exe) ---------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:45:23 PM, on 12/23/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe
C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WUSB54GSv2.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\BCMSMMSG.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\System32\DSentry.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
C:\WINDOWS\atiptaxx.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Common Files\AOL\1108398742\ee\AOLSoftware.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe
C:\Program Files\Microsoft Encarta\Encarta World English Dictionary 2001\QSHLFED.EXE
C:\Program Files\McAfee.com\VSO\mcmnhdlr.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\Documents and Settings\Richard\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Richard.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.gaysbase.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = "C:\Program Files\Outlook Express\msimn.exe"
R3 - URLSearchHook: (no name) - _{707E6F76-9FFB-4920-A976-EA101271BC25} - (no file)
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: SuperBar - {3F559D6F-E769-466F-B890-ACED1E434AC5} - C:\Program Files\_SUPERBAR\_SUPERBAR.dll (file missing)
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll (file missing)
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [diagent] "C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe" startup
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
O4 - HKLM\..\Run: [ATIPTA] C:\WINDOWS\atiptaxx.exe
O4 - HKLM\..\Run: [bYVHRo1x] C:\PROGRA~1\srtqpxsr\bMwCG8xM.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1108398742\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\E_SRCV02.EXE
O4 - Global Startup: Quick Shelf.lnk = ?
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Define - C:\Program Files\Common Files\Microsoft Shared\Reference 2001\A\ERS_DEF.HTM
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Look Up in &Encyclopedia - C:\Program Files\Common Files\Microsoft Shared\Reference 2001\A\ERS_ENC.HTM
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Encarta Encyclopedia - {2FDEF853-0759-11D4-A92E-006097DBED37} - C:\Program Files\Common Files\Microsoft Shared\Reference 2001\A\ERS_ENC.HTM
O9 - Extra 'Tools' menuitem: Encarta Encyclopedia - {2FDEF853-0759-11D4-A92E-006097DBED37} - C:\Program Files\Common Files\Microsoft Shared\Reference 2001\A\ERS_ENC.HTM
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll (file missing)
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll (file missing)
O9 - Extra button: Define - {5DA9DE80-097A-11D4-A92E-006097DBED37} - C:\Program Files\Common Files\Microsoft Shared\Reference 2001\A\ERS_DEF.HTM
O9 - Extra 'Tools' menuitem: Define - {5DA9DE80-097A-11D4-A92E-006097DBED37} - C:\Program Files\Common Files\Microsoft Shared\Reference 2001\A\ERS_DEF.HTM
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: Researcher - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Common Files\Microsoft Shared\Reference 2001\EROProj.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YahooMessenger.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.av.aol.com/molbin/sh...3/mcinsctl.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/Ms...Downloader.cab
O16 - DPF: {B49C4597-8721-4789-9250-315DFBD9F525} (IWinAmpActiveX Class) - http://cdn.digitalcity.com/radio/amp...1.11_en_dl.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary...o.cab32846.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.av.aol.com/molbin/sh...20/mcgdmgr.cab
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\SYSTEM32\ati2sgag.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - Networks Associates Technology, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Networks Associates Technology, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
O23 - Service: WUSB54GSv2SVC - GEMTEKS - C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe

--
End of file - 11837 bytes

-- Files created between 2007-11-23 and 2007-12-23 -----------------------------

2007-12-23 19:44:55 0 d-------- C:\Program Files\Trend Micro
2007-12-23 17:36:52 0 d-------- C:\WINDOWS\LastGood
2007-12-23 15:37:25 0 d-------- C:\WINDOWS\system32\ActiveScan
2007-12-23 00:59:46 17801 --a------ C:\WINDOWS\system32\drivers\AegisP.sys <Not Verified; Meetinghouse Data Communications; AEGIS Client 3.2.0.3>
2007-12-23 00:59:45 94208 --a------ C:\WINDOWS\system32\GTW32N50.dll
2007-12-23 00:59:45 15872 --a------ C:\WINDOWS\system32\GTNDIS5.sys <Not Verified; Printing Communications Assoc., Inc. (PCAUSA); PCAUSA Rawether for Windows>
2007-12-23 00:59:42 147456 --a------ C:\WINDOWS\system32\ssleay32.dll
2007-12-23 00:59:42 651264 --a------ C:\WINDOWS\system32\libeay32.dll
2007-12-23 00:59:41 1396831 --a------ C:\WINDOWS\system32\AegisE5.dll <Not Verified; Meetinghouse Data Communications; AEGIS Client API>
2007-12-23 00:59:35 0 d-------- C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor
2007-12-17 11:14:59 0 d-------- C:\Documents and Settings\Richard\Application Data\AOL


-- Find3M Report ---------------------------------------------------------------

2007-12-23 00:59:41 0 d--h----- C:\Program Files\InstallShield Installation Information
2007-12-17 11:20:12 0 d-------- C:\Program Files\Common Files\AOL
2007-10-24 19:10:41 0 d-------- C:\Program Files\Microsoft Works
2007-10-24 19:10:03 0 d-a------ C:\Program Files\Common Files
2007-10-24 19:09:25 0 d-------- C:\Program Files\Microsoft.NET


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{3F559D6F-E769-466F-B890-ACED1E434AC5}"= C:\Program Files\_SUPERBAR\_SUPERBAR.dll [ ]

[-HKEY_CLASSES_ROOT\CLSID\{3F559D6F-E769-466F-B890-ACED1E434AC5}]
[HKEY_CLASSES_ROOT\SuperBar.Component]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\WINDOWS\System32\igfxtray.exe" [04/06/2003 10:19 PM]
"HotKeysCmds"="C:\WINDOWS\System32\hkcmd.exe" [04/06/2003 10:07 PM]
"BCMSMMSG"="BCMSMMSG.exe" [08/29/2003 04:59 AM C:\WINDOWS\BCMSMMSG.exe]
"dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" [08/05/2003 11:04 PM]
"StorageGuard"="C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" [02/12/2003 11:01 PM]
"DVDSentry"="C:\WINDOWS\System32\DSentry.exe" [08/13/2003 08:27 AM]
"PCMService"="C:\Program Files\Dell\Media Experience\PCMService.exe" [08/26/2003 05:47 PM]
"diagent"="C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe" [04/02/2002 11:01 PM]
"UpdReg"="C:\WINDOWS\UpdReg.EXE" [05/10/2000 11:00 PM]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [12/23/2003 04:07 PM]
"VSOCheckTask"="c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" [08/08/2003 06:02 PM]
"MCAgentExe"="c:\PROGRA~1\mcafee.com\agent\mcagent.exe" [08/27/2003 11:00 AM]
"mmtask"="c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe" [10/06/2003 08:05 AM]
"VirusScan Online"="c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe" [08/17/2003 09:50 PM]
"ATIPTA"="C:\WINDOWS\atiptaxx.exe" [04/28/2003 09:00 PM]
"bYVHRo1x"="C:\PROGRA~1\srtqpxsr\bMwCG8xM.exe" []
"Microsoft Works Update Detection"="C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe" [07/16/2002 05:21 AM]
"MCUpdateExe"="C:\PROGRA~1\mcafee.com\agent\McUpdate.exe" [08/21/2003 06:10 PM]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [07/12/2007 04:00 AM]
"AOLDialer"="C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" [10/23/2006 04:50 AM]
"HostManager"="C:\Program Files\Common Files\AOL\1108398742\ee\AOLSoftware.exe" [09/25/2006 04:52 PM]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [10/10/2007 07:51 PM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MoneyAgent"="C:\Program Files\Microsoft Money\System\mnyexpr.exe" [07/17/2002 09:00 AM]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [10/13/2004 08:24 AM]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/03/2004 11:56 PM]
"Yahoo! Pager"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" [01/19/2007 12:49 PM]

C:\Documents and Settings\Richard\Start Menu\Programs\Startup\
DESKTOP.INI [9/3/2002 7:00:00 AM]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
DESKTOP.INI [9/3/2002 7:00:00 AM]
EPSON Status Monitor 3 Environment Check 2.lnk - C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\E_SRCV02.EXE [1/12/2004 8:59:11 PM]
Quick Shelf.lnk - C:\WINDOWS\Installer\{04001101-5D65-445A-B3B4-3DCE72BA0C6C}\ENCICONS.EXE [5/9/2004 1:40:26 PM]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
@=

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Kodak EasyShare software.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Kodak EasyShare software.lnk
backup=C:\WINDOWS\pss\Kodak EasyShare software.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOLDialer]
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HostManager]
C:\Program Files\Common Files\AOL\1108398742\ee\AOLHostManager.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray]
C:\Program Files\Logitech\Video\LogiTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MCUpdateExe]
C:\PROGRA~1\mcafee.com\agent\McUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pure Networks Port Magic]
"C:\PROGRA~1\PURENE~1\PORTMA~1\PortAOL.exe" -Run

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sonic RecordNow!]


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"AOL TopSpeedMonitor"=2 (0x2)
"AOL ACS"=2 (0x2)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"LogitechSoftwareUpdate"="C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
"Yahoo! Pager"="C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" -atboottime
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"




-- End of Deckard's System Scanner: finished at 2007-12-23 19:45:50 ------------

[gertuxia]

I redid the Panda ActiveScan and found more crap. I attached the report from that.


Incident Status Location

Adware:adware/adlogix Not disinfected c:\windows\system32\retpdat32.xml
Adware:adware/keenvalue Not disinfected c:\windows\system32\drivers\etc\hosts.bho
Adware:adware/delfinmedia Not disinfected c:\keys.ini
Adware:adware/tvmedia Not disinfected C:\Documents and Settings\Richard\Application Data\tvmcwrd.dll
Adware:adware/ncase Not disinfected c:\windows\180ax.log
Adware:adware/toprebates Not disinfected c:\program files\WebSavingsfromEbates
Adware:adware/sidesearch Not disinfected C:\Documents and Settings\Richard\Application Data\Lycos
Adware:adware/savenow Not disinfected c:\documents and settings\all users\application data\vmss
Hacktool:hacktool/rootkit.m Not disinfected hkey_local_machine\system\controlset002\enum\root\LEGACY_WINIK
Adware:adware/portalscan Not disinfected Windows Registry
Spyware:spyware/clipgenie Not disinfected Windows Registry
Adware:adware/ist.istbar Not disinfected Windows Registry
Adware:adware/dyfuca Not disinfected Windows Registry
Spyware:spyware/media-motor Not disinfected Windows Registry
Potentially unwanted tool:application/myway Not disinfected hkey_local_machine\software\classes\MyWayToolBar.SettingsPlugin
Adware:adware/cws Not disinfected Windows Registry
Adware:adware/memorywatcher Not disinfected Windows Registry
Adware:adware/searchexe Not disinfected Windows Registry
Adware:adware/exact.bargainbuddy Not disinfected Windows Registry
Adware:Adware/IEDriver Not disinfected C:\Documents and Settings\Default User\My Documents\Data\all_files4.exe[setup233.exe]
Virus:Trj/Downloader.OE Not disinfected C:\Documents and Settings\Default User\My Documents\Data\all_files4.exe[setup233.exe][dp-k13w13.exe]
Adware:Adware/IEDriver Not disinfected C:\Documents and Settings\Default User\My Documents\Data\all_files4.exe[setup233.exe][IEDRIVER.EXE]
Adware:Adware/IEDriver Not disinfected C:\Documents and Settings\Default User\My Documents\Data\all_files4.exe[setup233.exe][sx.htm]
Adware:Adware/IEDriver Not disinfected C:\Documents and Settings\Default User\My Documents\Data\all_files4.exe[setup233.exe][ieupdate.exe]
Adware:Adware/IEDriver Not disinfected C:\Documents and Settings\Default User\My Documents\Data\all_files4.exe[setup233.exe][td.exe]
Adware:Adware/BrowserAid Not disinfected C:\Documents and Settings\Default User\My Documents\Data\all_files4.exe[dist1_1_00.exe]
Adware:Adware/SaveNow Not disinfected C:\Documents and Settings\Default User\My Documents\Data\all_files4.exe[SaveInstCsSm.exe]
Adware:Adware/eZula Not disinfected C:\Documents and Settings\Default User\My Documents\Data\all_files4.exe[ezStub.exe]
Spyware:Spyware/Apropos Not disinfected C:\Documents and Settings\Default User\My Documents\Data\all_files4.exe[sys_ai_client_loader.exe]
Adware:Adware/KeenValue Not disinfected C:\Documents and Settings\Default User\My Documents\Data\all_files4.exe[incredifind.exe]
Adware:Adware/IEDriver Not disinfected C:\Documents and Settings\Default User\My Documents\Data\Data\all_files4.exe[setup233.exe]
Virus:Trj/Downloader.OE Not disinfected C:\Documents and Settings\Default User\My Documents\Data\Data\all_files4.exe[setup233.exe][dp-k13w13.exe]
Adware:Adware/IEDriver Not disinfected C:\Documents and Settings\Default User\My Documents\Data\Data\all_files4.exe[setup233.exe][IEDRIVER.EXE]
Adware:Adware/IEDriver Not disinfected C:\Documents and Settings\Default User\My Documents\Data\Data\all_files4.exe[setup233.exe][sx.htm]
Adware:Adware/IEDriver Not disinfected C:\Documents and Settings\Default User\My Documents\Data\Data\all_files4.exe[setup233.exe][ieupdate.exe]
Adware:Adware/IEDriver Not disinfected C:\Documents and Settings\Default User\My Documents\Data\Data\all_files4.exe[setup233.exe][td.exe]
Adware:Adware/BrowserAid Not disinfected C:\Documents and Settings\Default User\My Documents\Data\Data\all_files4.exe[dist1_1_00.exe]
Adware:Adware/SaveNow Not disinfected C:\Documents and Settings\Default User\My Documents\Data\Data\all_files4.exe[SaveInstCsSm.exe]
Adware:Adware/eZula Not disinfected C:\Documents and Settings\Default User\My Documents\Data\Data\all_files4.exe[ezStub.exe]
Spyware:Spyware/Apropos Not disinfected C:\Documents and Settings\Default User\My Documents\Data\Data\all_files4.exe[sys_ai_client_loader.exe]
Adware:Adware/KeenValue Not disinfected C:\Documents and Settings\Default User\My Documents\Data\Data\all_files4.exe[incredifind.exe]
Adware:Adware/StatBlaster Not disinfected C:\Documents and Settings\Default User\My Documents\Data\Data\update_1.exe[update.exe]
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.9s2\cookies.txt[.atdmt.com/]
Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.9s2\cookies.txt[.com.com/]
Spyware:Cookie/onestat.com Not disinfected C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.9s2\cookies.txt[stat.onestat.com/]
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\Kale\cookies.txt[.atwola.com/]
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\Kale\cookies.txt[.doubleclick.net/]
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\Kale\cookies.txt[.atdmt.com/]
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\Kale\cookies.txt[.advertising.com/]
Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\Kale\cookies.txt[.questionmarket.com/]
Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\Kale\cookies.txt[.ads.pointroll.com/]
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\Kale\cookies.txt[.tribalfusion.com/]
Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\Kale\cookies.txt[.com.com/]
Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\Kale\cookies.txt[.mediaplex.com/]
Spyware:Cookie/Bluestreak Not disinfected C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\Kale\cookies.txt[.bluestreak.com/]
Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\Kale\cookies.txt[.adrevolver.com/]
Spyware:Cookie/adultfriendfinder Not disinfected C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\Kale\cookies.txt[.adultfriendfinder.com/]
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\Kale\cookies.txt[.bs.serving-sys.com/]
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\Kale\cookies.txt[.serving-sys.com/]
Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\Kale\cookies.txt[.fastclick.net/]
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\Kale\cookies.txt[ad.yieldmanager.com/]
Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\Kale\cookies.txt[.casalemedia.com/]
Spyware:Cookie/WebtrendsLive Not disinfected C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\Kale\cookies.txt[statse.webtrendslive.com/]
Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\Kale\cookies.txt[.casalemedia.com/]
Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\Kale\cookies.txt[.zedo.com/]
Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\Kale\cookies.txt[.statcounter.com/]
Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\Kale\cookies.txt[.overture.com/]
Spyware:Cookie/Apmebf Not disinfected C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\Kale\cookies.txt[.apmebf.com/]
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\Kale\cookies.txt[.realmedia.com/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\Kale\cookies.txt[.trafficmp.com/]
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Richard\Cookies\richard@atdmt[1].txt
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Richard\Cookies\richard@atwola[1].txt
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Richard\Cookies\richard@doubleclick[1].txt
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Richard\Cookies\richard@tribalfusion[1].txt
Possible Virus. Not disinfected C:\Program Files\InstallShield Installation Information\{7F142D56-3326-11D5-B229-002078017FBF}\Setup.exe
Adware:Adware/VirtualBouncer Not disinfected C:\WINDOWS\bundles\2504041110.exe
Adware:Adware/IST.ISTBar Not disinfected C:\WINDOWS\istinstall_si.exe
Adware:Adware/SAHAgent Not disinfected C:\WINDOWS\mmups.exe
Adware:Adware/WebHancer Not disinfected C:\WINDOWS\prelimhanse.exe
Adware:Adware/SideSearch Not disinfected C:\WINDOWS\ss_neonapster_setup.exe[²êÇ.dll]
Spyware:Spyware/ClearSearch Not disinfected C:\WINDOWS\ss_neonapster_setup.exe[ClrSchUninstall_78_86.exe]

[gertuxia]

I went ahead and bought Panda ActiveScan Pro (just thought it would be fast and easiest). It removed all but one thing---something the scan identified as a 'hacking tool'. Also, I received a wmp54gs adapter for Christmas, and my internet seems to be working better with Firefox.

However, IE and my McAfee still aren't opening all the time because of errors and the hacking tool that Panda can't disinfect has me worried.

Any suggestions?

[Ried]

Hello gertuxia,

Download Combofix from any of the links below, and save it to your desktop.

Link 1
Link 2
Link 3

**Note: It is important that it is saved directly to your desktop**

--------------------------------------------------------------------

1. Disconnect from the internet.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

--------------------------------------------------------------------

Double click on ComboFix.exe & follow the prompts.

• When finished, it will produce a report for you.
• Please post the C:\ComboFix.txt along with a new HijackThis log so we can continue cleaning the system.

Note:
Do not mouseclick combofix's window while it's running. That may cause it to stall


--------------------------------------------------------------------

Please run this online scan to search for any remnants. It can take some time, so please be patient and allow it to run it's full course:

Using Internet Explorer, visit http://www.kaspersky.com/service?chapter=161739400

Answer Yes, when prompted to install an ActiveX component.

• The program will then begin downloading the latest definition files.
• Once the files have been downloaded click on NEXT
• Locate the Scan Settings button & configure to:
  • Scan using the following Anti-Virus database:
    • Extended
  • Scan Options:
    • Scan Archives
    • Scan Mail Bases
• Click OK & have it scan My Computer
• Once the scan is complete, it will display if your system has been infected. It does not provide an option to clean/disinfect. We only require a report from it.
  
  
  
  
• Click the Save as Text button to save the file to your desktop so that you may post it in your next reply

* Turn off the real time scanner of any existing antivirus program while performing the online scan

---------------------------------------------------------------

Run a new scan with HijackThis and save the log.

---------------------------------------------------------------

Please include the following in your next reply:

C:\ComboFix.txt
Kaspersky results
New HijackThis log

[gertuxia]

Here they are. Kaspersky claims to have found more viruses than ActiveScan--

ComboFix 07-12-29.3 - Richard 2007-12-29 15:05:37.3 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.246 [GMT -8:00]
Running from: C:\Documents and Settings\Richard\Desktop\ComboFix.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
C:\Documents and Settings\Kelly\Application Data\{2CF0B992-5EEB-4143-99C0-5297EF71F444}
C:\Documents and Settings\Richard\Application Data\macromedia\Flash Player\#SharedObjects\E8463C5U\www.broadcaster.com
C:\Documents and Settings\Richard\Application Data\macromedia\Flash Player\#SharedObjects\E8463C5U\www.broadcaster.com\played_list.sol
C:\Documents and Settings\Richard\Application Data\macromedia\Flash Player\#SharedObjects\E8463C5U\www.broadcaster.com\video_queue.sol
C:\Documents and Settings\Richard\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.broadcaster.com
C:\Documents and Settings\Richard\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.broadcaster.com\settings.sol
C:\WINDOWS\system32\Cache

.
((((((((((((((((((((((((( Files Created from 2007-11-28 to 2007-12-29 )))))))))))))))))))))))))))))))
.

2007-12-28 12:58 . 2007-12-28 12:58 3,377 --a------ C:\WINDOWS\SYSTEM32\.ico
2007-12-27 21:26 . 2007-12-27 21:26 <DIR> d-------- C:\Program Files\Micro Application
2007-12-25 16:59 . 2007-12-25 18:21 <DIR> d-------- C:\Documents and Settings\Richard\Application Data\The Longest Journey
2007-12-25 16:42 . 2007-12-25 16:42 <DIR> d-------- C:\Program Files\Funcom
2007-12-25 15:06 . 2007-12-28 13:39 <DIR> d-------- C:\Program Files\Linksys Wireless-G PCI Network Adapter with SpeedBooster
2007-12-25 15:06 . 2004-12-22 01:32 1,396,831 --a------ C:\WINDOWS\SYSTEM32\AegisE5.dll
2007-12-25 15:06 . 2003-11-20 22:03 651,264 --a------ C:\WINDOWS\SYSTEM32\libeay32.dll
2007-12-25 15:06 . 2004-12-22 01:32 369,024 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\bcmwl5.sys
2007-12-25 15:06 . 2003-11-20 22:03 147,456 --a------ C:\WINDOWS\SYSTEM32\ssleay32.dll
2007-12-25 15:06 . 2005-03-04 03:13 71,520 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\WMP54GS.inf
2007-12-25 15:06 . 2007-12-25 15:06 17,801 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\AegisP.sys
2007-12-25 15:06 . 2005-03-07 11:50 7,986 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\WMP54GS.cat
2007-12-25 14:59 . 2007-12-25 14:59 <DIR> d-------- C:\Program Files\ATI
2007-12-25 12:55 . 2007-12-25 12:59 <DIR> d-------- C:\Program Files\viewsonic
2007-12-25 12:54 . 2007-12-25 13:24 102 --a------ C:\WINDOWS\VSWizard.ini
2007-12-25 12:14 . 2003-10-13 15:30 94,208 --a------ C:\WINDOWS\SYSTEM32\GTW32N50.dll
2007-12-25 12:14 . 2003-09-25 23:28 31,930 --a------ C:\WINDOWS\SYSTEM32\GTNDIS3.VXD
2007-12-25 12:14 . 2005-02-01 18:18 17,992 --a------ C:\WINDOWS\SYSTEM32\bcm42rly.sys
2007-12-25 12:14 . 2003-09-25 22:15 15,872 --a------ C:\WINDOWS\SYSTEM32\GTNDIS5.sys
2007-12-24 23:18 . 2007-12-24 23:19 10,915,840 --a------ C:\621.tmp
2007-12-24 22:44 . 2007-12-28 12:58 30,590 --a------ C:\WINDOWS\SYSTEM32\pavaspro.ico
2007-12-24 22:17 . 2007-12-24 22:17 81,277,679 --a------ C:\WINDOWS\pav.sig
2007-12-24 22:09 . 2005-10-20 10:34 69,632 --a------ C:\WINDOWS\SYSTEM32\asprouni.exe
2007-12-24 22:08 . 2007-12-28 14:01 <DIR> d-------- C:\WINDOWS\SYSTEM32\ASPRO
2007-12-24 22:08 . 2007-12-28 12:58 2,550 --a------ C:\WINDOWS\SYSTEM32\Uninstallpro.ico
2007-12-24 22:08 . 2007-12-28 12:58 1,406 --a------ C:\WINDOWS\SYSTEM32\Helppro.ico
2007-12-24 19:22 . 2007-12-24 19:22 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\McAfee
2007-12-23 19:55 . 2007-12-23 19:57 <DIR> d-------- C:\Program Files\SpywareBlaster
2007-12-23 19:44 . 2007-12-23 19:44 <DIR> d-------- C:\Program Files\Trend Micro
2007-12-23 17:23 . 2007-12-23 17:23 <DIR> d-------- C:\Deckard
2007-12-23 15:37 . 2007-12-24 19:55 2,550 --a------ C:\WINDOWS\SYSTEM32\Uninstall.ico
2007-12-23 15:37 . 2007-12-24 19:54 1,406 --a------ C:\WINDOWS\SYSTEM32\Help.ico
2007-12-17 11:14 . 2007-12-17 11:14 <DIR> d-------- C:\Documents and Settings\Richard\Application Data\AOL
2007-12-04 19:05 . 2007-12-04 19:05 368,640 --a------ C:\WINDOWS\SYSTEM32\ATIDEMGX.dll
2007-12-04 18:55 . 2007-12-04 18:55 43,520 --a------ C:\WINDOWS\SYSTEM32\ati2edxx.dll
2007-12-04 18:48 . 2007-12-04 18:48 9,535,488 --a------ C:\WINDOWS\SYSTEM32\atioglx2.dll
2007-12-04 18:33 . 2007-12-04 18:33 3,107,788 --a------ C:\WINDOWS\SYSTEM32\ativvaxx.dat
2007-12-04 18:33 . 2007-12-04 18:33 3,107,788 --a------ C:\WINDOWS\SYSTEM32\ativva5x.dat
2007-12-04 18:33 . 2007-12-04 18:33 887,724 --a------ C:\WINDOWS\SYSTEM32\ativva6x.dat
2007-12-04 18:19 . 2007-12-04 18:19 385,024 --a------ C:\WINDOWS\SYSTEM32\atikvmag.dll
2007-12-04 18:16 . 2007-12-04 18:16 49,152 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\ati2erec.dll
2007-12-04 18:14 . 2007-12-04 18:14 180,224 --a------ C:\WINDOWS\SYSTEM32\atiok3x2.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-12-28 05:26 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-12-25 22:58 --------- d-----w C:\Program Files\ATI Technologies
2007-12-24 02:44 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
2007-12-23 22:57 --------- d-----w C:\Documents and Settings\All Users\Application Data\Viewpoint
2007-12-17 19:20 --------- d-----w C:\Program Files\Common Files\AOL
2007-12-17 19:14 --------- d-----w C:\Documents and Settings\All Users\Application Data\AOL
2007-12-05 22:17 593,920 ------w C:\WINDOWS\SYSTEM32\ati2sgag.exe
2007-12-05 05:26 2,782,208 ----a-w C:\WINDOWS\system32\drivers\ati2mtag.sys
2007-12-05 05:26 2,782,208 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\ati2mtag.sys
2007-12-05 03:04 269,312 ----a-w C:\WINDOWS\SYSTEM32\ati2dvag.dll
2007-12-05 02:56 147,456 ----a-w C:\WINDOWS\SYSTEM32\atipdlxx.dll
2007-12-05 02:55 26,112 ----a-w C:\WINDOWS\SYSTEM32\Ati2mdxx.exe
2007-12-05 02:55 122,880 ----a-w C:\WINDOWS\SYSTEM32\Oemdspif.dll
2007-12-05 02:55 122,880 ----a-w C:\WINDOWS\SYSTEM32\ati2evxx.dll
2007-12-05 02:54 307,200 ----a-w C:\WINDOWS\SYSTEM32\atiiiexx.dll
2007-12-05 02:53 53,248 ----a-w C:\WINDOWS\SYSTEM32\ATIDDC.DLL
2007-12-05 02:53 495,616 ----a-w C:\WINDOWS\SYSTEM32\ati2evxx.exe
2007-12-05 02:44 3,175,584 ----a-w C:\WINDOWS\SYSTEM32\ati3duag.dll
2007-12-05 02:33 1,640,192 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\ativvaxx.dll
2007-12-05 02:33 1,640,192 ----a-w C:\WINDOWS\SYSTEM32\ativvaxx.dll
2007-12-05 02:19 5,435,392 ----a-w C:\WINDOWS\SYSTEM32\atioglxx.dll
2007-12-05 02:17 17,408 ----a-w C:\WINDOWS\SYSTEM32\atitvo32.dll
2007-12-05 02:11 499,712 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\ati2cqag.dll
2007-12-05 02:11 499,712 ----a-w C:\WINDOWS\SYSTEM32\ati2cqag.dll
2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
2007-10-30 23:42 3,590,656 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\mshtml.dll
2007-10-29 22:43 1,287,680 ----a-w C:\WINDOWS\SYSTEM32\quartz.dll
2007-10-29 22:43 1,287,680 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\quartz.dll
2007-10-28 01:40 222,720 ----a-w C:\WINDOWS\SYSTEM32\wmasf.dll
2007-10-28 01:40 222,720 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\wmasf.dll
2007-10-26 03:34 8,460,288 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\shell32.dll
2007-10-10 23:56 824,832 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\wininet.dll
2007-10-10 23:56 232,960 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\webcheck.dll
2007-10-10 23:56 1,159,680 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\urlmon.dll
2007-10-10 23:55 671,232 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\mstime.dll
2007-10-10 23:55 63,488 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\icardie.dll
2007-10-10 23:55 6,065,664 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\ieframe.dll
2007-10-10 23:55 52,224 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\msfeedsbs.dll
2007-10-10 23:55 478,208 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\mshtmled.dll
2007-10-10 23:55 459,264 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\msfeeds.dll
2007-10-10 23:55 44,544 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\iernonce.dll
2007-10-10 23:55 384,512 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\iedkcs32.dll
2007-10-10 23:55 383,488 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\ieapfltr.dll
2007-10-10 23:55 27,648 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\jsproxy.dll
2007-10-10 23:55 267,776 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\iertutil.dll
2007-10-10 23:55 230,400 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\ieaksie.dll
2007-10-10 23:55 214,528 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\dxtrans.dll
2007-10-10 23:55 193,024 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\msrating.dll
2007-10-10 23:55 153,088 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\ieakeng.dll
2007-10-10 23:55 132,608 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\extmgr.dll
2007-10-10 23:55 124,928 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\advpack.dll
2007-10-10 23:55 105,984 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\url.dll
2007-10-10 23:55 102,400 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\occache.dll
2007-10-10 10:59 70,656 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\ie4uinit.exe
2007-10-10 10:59 625,152 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\iexplore.exe
2007-10-10 10:59 13,824 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\ieudinit.exe
2007-10-10 05:46 161,792 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\ieakui.dll
2007-06-26 02:50 59,960 -c--a-w C:\Documents and Settings\Richard\Application Data\GDIPFONTCACHEV1.DAT
2004-06-26 19:25 134,815 -c--a-w C:\Program Files\DeIsL1.isu
2004-06-05 05:25 79 -c--a-w C:\Documents and Settings\Richard\ub.dat
2004-05-28 00:54 0 -c--a-w C:\Documents and Settings\Richard\ad.dat
2004-01-24 00:14 0 -c--a-w C:\Documents and Settings\Kelly\ub.dat
2004-01-24 00:14 0 -c--a-w C:\Documents and Settings\Kelly\ad.dat
1998-09-12 09:01 8,359 -c--a-w C:\Program Files\browser_info.html
1998-09-12 09:01 19 -c--a-w C:\Program Files\buildnum.txt
1998-09-12 02:31 8,583 -c--a-w C:\Program Files\FIXLIST.TXT
1998-09-12 02:31 750 -c--a-w C:\Program Files\DEPLOY.TXT
1998-09-12 02:31 7,276 -c--a-w C:\Program Files\LICENSE.TXT
1998-09-12 02:31 26,628 -c--a-w C:\Program Files\HINTSANDTIPS.TXT
1998-09-12 02:31 2,155 -c--a-w C:\Program Files\README.TXT
1998-09-12 02:31 1,242 -c--a-w C:\Program Files\INSTALL.TXT
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{3F559D6F-E769-466F-B890-ACED1E434AC5}
{4982D40A-C53B-4615-B15B-B5B5E98D167C}
{BA52B914-B692-46C4-B683-905236F6F655}

[HKEY_CLASSES_ROOT\clsid\{3f559d6f-e769-466f-b890-aced1e434ac5}]
[HKEY_CLASSES_ROOT\SuperBar.Component]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{3F559D6F-E769-466F-B890-ACED1E434AC5}"= C:\Program Files\_SUPERBAR\_SUPERBAR.dll [ ]

[HKEY_CLASSES_ROOT\clsid\{3f559d6f-e769-466f-b890-aced1e434ac5}]
[HKEY_CLASSES_ROOT\SuperBar.Component]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MoneyAgent"="C:\Program Files\Microsoft Money\System\mnyexpr.exe" [2002-07-17 09:00]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-03 23:56]
"Yahoo! Pager"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" [2007-01-19 12:49]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\WINDOWS\System32\igfxtray.exe" [2003-04-06 22:19]
"HotKeysCmds"="C:\WINDOWS\System32\hkcmd.exe" [2003-04-06 22:07]
"BCMSMMSG"="BCMSMMSG.exe" [2003-08-29 04:59 C:\WINDOWS\BCMSMMSG.exe]
"dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" [2003-08-05 23:04]
"StorageGuard"="C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" [2003-02-12 23:01]
"DVDSentry"="C:\WINDOWS\System32\DSentry.exe" [2003-08-13 08:27]
"PCMService"="C:\Program Files\Dell\Media Experience\PCMService.exe" [2003-08-26 17:47]
"diagent"="C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe" [2002-04-02 23:01]
"UpdReg"="C:\WINDOWS\UpdReg.EXE" [2000-05-10 23:00]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2003-12-23 16:07]
"VSOCheckTask"="c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" [2003-08-08 18:02]
"MCAgentExe"="c:\PROGRA~1\mcafee.com\agent\mcagent.exe" [2003-08-27 11:00]
"mmtask"="c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe" [2003-10-06 08:05]
"VirusScan Online"="c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe" [2003-08-17 21:50]
"ATIPTA"="C:\WINDOWS\atiptaxx.exe" [2003-04-28 21:00]
"bYVHRo1x"="C:\PROGRA~1\srtqpxsr\bMwCG8xM.exe" []
"Microsoft Works Update Detection"="C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe" [2002-07-16 05:21]
"MCUpdateExe"="c:\PROGRA~1\mcafee.com\agent\McUpdate.exe" [2003-08-21 18:10]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 04:00]
"AOLDialer"="C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" [2006-10-23 04:50]
"HostManager"="C:\Program Files\Common Files\AOL\1108398742\ee\AOLSoftware.exe" [2006-09-25 16:52]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51]
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 12:35]
"ATICustomerCare"="C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe" [2007-10-04 18:38]

C:\Documents and Settings\Richard\Start Menu\Programs\Startup\
PowerReg Scheduler.exe [2007-12-25 13:24:17]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
EPSON Status Monitor 3 Environment Check 2.lnk - C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\E_SRCV02.EXE [2004-01-12 20:59:11]
Quick Shelf.lnk - C:\WINDOWS\Installer\{04001101-5D65-445A-B3B4-3DCE72BA0C6C}\ENCICONS.EXE [2004-05-09 13:40:26]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Kodak EasyShare software.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Kodak EasyShare software.lnk
backup=C:\WINDOWS\pss\Kodak EasyShare software.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOLDialer]
2006-10-23 04:50 71216 -ra--c--- C:\Program Files\Common Files\AOL\ACS\AOLDial.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HostManager]
2006-09-25 16:52 14384 --a--c--- C:\Program Files\Common Files\AOL\1108398742\ee\AOLHostManager.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray]
C:\Program Files\Logitech\Video\LogiTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MCUpdateExe]
2003-08-21 18:10 180224 --a------ C:\PROGRA~1\mcafee.com\agent\McUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pure Networks Port Magic]
C:\PROGRA~1\PURENE~1\PORTMA~1\PortAOL.exe -Run

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sonic RecordNow!]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"AOL TopSpeedMonitor"=2 (0x2)
"AOL ACS"=2 (0x2)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"LogitechSoftwareUpdate"="C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
"Yahoo! Pager"="C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" -atboottime
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"

R2 X4HSX32;X4HSX32;C:\Program Files\GameTap\bin\Release\X4HSX32.Sys [2007-07-20 07:37]

.
Contents of the 'Scheduled Tasks' folder
"2007-12-29 23:05:00 C:\WINDOWS\Tasks\McAfee.com Update Check (DG32C241-Owner).job"
- c:\PROGRA~1\mcafee.com\agent\mcupdate.ex
- c:\PROGRA~1\mcafee.com\agent
"2007-12-29 23:07:00 C:\WINDOWS\Tasks\McAfee.com Update Check (KALE-Kelly).job"
- C:\PROGRA~1\mcafee.com\agent\mcupdate.ex
- C:\PROGRA~1\mcafee.com\agent
"2007-12-29 23:09:00 C:\WINDOWS\Tasks\McAfee.com Update Check (KALE-Richard).job"
- C:\PROGRA~1\mcafee.com\agent\mcupdate.ex
- C:\PROGRA~1\mcafee.com\agent
.
**************************************************************************

catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-29 15:09:09
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2007-12-29 15:09:49
.
2007-12-26 03:08:04 --- E O F ---


-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Saturday, December 29, 2007 8:25:11 PM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 29/12/2007
Kaspersky Anti-Virus database records: 499254
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
A:\
C:\
D:\
E:\

Scan Statistics:
Total number of scanned objects: 118694
Number of viruses found: 14
Number of infected objects: 27
Number of suspicious objects: 2
Duration of the scan process: 01:38:43

Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\All Users\Application Data\AOL\ACS\1.0\ph Object is locked skipped
C:\Documents and Settings\All Users\Application Data\AOL\ACS\1.0\variable Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\a33e128def50bcee4cc719c5ad181c74_1dce0e75-1303-433a-bfc1-6b582bd25551 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SecondThoughtSTCLoader.zip/stcloader.exe Suspicious: Password-protected-EXE skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SecondThoughtSTCLoader.zip ZIP: suspicious - 1 skipped
C:\Documents and Settings\Default User\My Documents\Data\all_files4.exe/data0003 Infected: Trojan-Downloader.Win32.Agent.ec skipped
C:\Documents and Settings\Default User\My Documents\Data\all_files4.exe/data0005 Infected: not-a-virus:AdWare.Win32.EZula skipped
C:\Documents and Settings\Default User\My Documents\Data\all_files4.exe/data0006 Infected: Trojan.Win32.SecondThought.h skipped
C:\Documents and Settings\Default User\My Documents\Data\all_files4.exe/data0008/data0002 Infected: not-a-virus:AdWare.Win32.Broadcap.c skipped
C:\Documents and Settings\Default User\My Documents\Data\all_files4.exe/data0008 Infected: not-a-virus:AdWare.Win32.Broadcap.c skipped
C:\Documents and Settings\Default User\My Documents\Data\all_files4.exe NSIS: infected - 5 skipped
C:\Documents and Settings\Default User\My Documents\Data\Data\all_files4.exe/data0003 Infected: Trojan-Downloader.Win32.Agent.ec skipped
C:\Documents and Settings\Default User\My Documents\Data\Data\all_files4.exe/data0005 Infected: not-a-virus:AdWare.Win32.EZula skipped
C:\Documents and Settings\Default User\My Documents\Data\Data\all_files4.exe/data0006 Infected: Trojan.Win32.SecondThought.h skipped
C:\Documents and Settings\Default User\My Documents\Data\Data\all_files4.exe/data0008/data0002 Infected: not-a-virus:AdWare.Win32.Broadcap.c skipped
C:\Documents and Settings\Default User\My Documents\Data\Data\all_files4.exe/data0008 Infected: not-a-virus:AdWare.Win32.Broadcap.c skipped
C:\Documents and Settings\Default User\My Documents\Data\Data\all_files4.exe NSIS: infected - 5 skipped
C:\Documents and Settings\Default User\My Documents\Data\Data\update_1.exe/data0002 Infected: not-a-virus:AdWare.Win32.WinFetcher.b skipped
C:\Documents and Settings\Default User\My Documents\Data\Data\update_1.exe NSIS: infected - 1 skipped
C:\Documents and Settings\LocalService\Cookies\INDEX.DAT Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\INDEX.DAT Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\INDEX.DAT Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\Richard\Application Data\Microsoft\Templates\Normal.dotm Object is locked skipped
C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\Kale\cert8.db Object is locked skipped
C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\Kale\history.dat Object is locked skipped
C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\Kale\key3.db Object is locked skipped
C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\Kale\parent.lock Object is locked skipped
C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\Kale\search.sqlite Object is locked skipped
C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\Kale\urlclassifier2.sqlite Object is locked skipped
C:\Documents and Settings\Richard\Cookies\INDEX.DAT Object is locked skipped
C:\Documents and Settings\Richard\Desktop\TechSupportForumInstructions.docx Object is locked skipped
C:\Documents and Settings\Richard\Local Settings\Application Data\AOL\UserProfiles\All Users\cls\common.cls Object is locked skipped
C:\Documents and Settings\Richard\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat Object is locked skipped
C:\Documents and Settings\Richard\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Richard\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Richard\Local Settings\Application Data\Mozilla\Firefox\Profiles\Kale\Cache\_CACHE_001_ Object is locked skipped
C:\Documents and Settings\Richard\Local Settings\Application Data\Mozilla\Firefox\Profiles\Kale\Cache\_CACHE_002_ Object is locked skipped
C:\Documents and Settings\Richard\Local Settings\Application Data\Mozilla\Firefox\Profiles\Kale\Cache\_CACHE_003_ Object is locked skipped
C:\Documents and Settings\Richard\Local Settings\Application Data\Mozilla\Firefox\Profiles\Kale\Cache\_CACHE_MAP_ Object is locked skipped
C:\Documents and Settings\Richard\Local Settings\History\History.IE5\INDEX.DAT Object is locked skipped
C:\Documents and Settings\Richard\Local Settings\History\History.IE5\MSHist012007122920071230\index.dat Object is locked skipped
C:\Documents and Settings\Richard\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped
C:\Documents and Settings\Richard\Local Settings\Temporary Internet Files\Content.IE5\INDEX.DAT Object is locked skipped
C:\Documents and Settings\Richard\Local Settings\Temporary Internet Files\Content.Word\~WRF{32572247-9D57-4895-9374-271685036A56}.tmp Object is locked skipped
C:\Documents and Settings\Richard\Local Settings\Temporary Internet Files\Content.Word\~WRS{25C16C73-1224-4963-AFD0-3B103A12ED8F}.tmp Object is locked skipped
C:\Documents and Settings\Richard\Local Settings\Temporary Internet Files\Content.Word\~WRS{50D218CF-FB21-43EA-A664-D23B82C63096}.tmp Object is locked skipped
C:\Documents and Settings\Richard\Local Settings\Temporary Internet Files\Content.Word\~WRS{93CAE4B4-5D4B-4E6F-98C7-C43AE3A5208A}.tmp Object is locked skipped