Petela

Hello,
Will you p[lease help with the followinf issues -
- Browser (IE) loads slowly,
- system (XP) crashes,
- Browser redirects randomly.
- Unwanted "vimax" and other pornographics ads appear on Juno. com email page.
Norton has found "infostealer" but cannot remove it, even with suggested boot in safe mode with system restore off.
PC Tools, Ad Aware and Spybot do not solve the problems.

Here is required DDS:
DDS (Ver_09-05-14.01) - NTFSx86
Run by Administrator at 12:42:22.92 on Sun 06/21/2009
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.425 [GMT -7:00]

AV: Norton AntiVirus *On-access scanning enabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}

============== Running Processes ===============

C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
C:\WINDOWS\system32\svchost -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Lenovo\PkgMgr\HOTKEY\TPONSCR.exe
C:\Program Files\Lenovo\PkgMgr\HOTKEY_1\TpScrex.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Computer Associates\InoculateIT\realmon.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\sohutv_web\SysTrayIcon.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\Documents and Settings\Administrator\Local Settings\Application Data\Autobahn\mlb-nexdef-autobahn.exe
C:\WINDOWS\system32\acs.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\WINDOWS\system32\svchost.exe -k hpdevmgmt
C:\Program Files\Computer Associates\InoculateIT\InoRpc.exe
C:\Program Files\Computer Associates\InoculateIT\InoRT.exe
C:\Program Files\Computer Associates\InoculateIT\InoTask.exe
C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe
C:\Program Files\Java\jre6\bin\jqs.exe
c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\Program Files\Norton AntiVirus\Engine\16.5.0.134\ccSvcHst.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\TightVNC\WinVNC.exe
C:\Program Files\Norton AntiVirus\Engine\16.5.0.134\ccSvcHst.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\msiexec.exe
C:\Documents and Settings\Administrator\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/ie
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy\SDHelper.dll
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\DLASHX_W.DLL
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton antivirus\engine\16.5.0.134\IPSBHO.DLL
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.1.1309.3572\swg.dll
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll
BHO: MSN Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\msn\toolbar\3.0.0983.0\msneshellx.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: MSN Toolbar: {1e61ed7c-7cb8-49d6-b9e9-ab4c880c8414} - c:\program files\msn\toolbar\3.0.0983.0\msneshellx.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar.dll
TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
uRun: [Uniblue RegistryBooster 2009] c:\program files\uniblue\registrybooster\RegistryBooster.exe /S
uRun: [Google Update] "c:\documents and settings\administrator\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
mRun: [SynTPLpr] c:\program files\synaptics\syntp\SynTPLpr.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [TPHOTKEY] c:\progra~1\lenovo\pkgmgr\hotkey\TPHKMGR.exe
mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [SoundMAX] c:\program files\analog devices\soundmax\Smax4.exe /tray
mRun: [ATICCC] "c:\program files\ati technologies\ati.ace\CLIStart.exe"
mRun: [DLA] c:\windows\system32\dla\DLACTRLW.EXE
mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [DiskeeperSystray] "c:\program files\diskeeper corporation\diskeeper\DkIcon.exe"
mRun: [Realtime Monitor] "c:\program files\computer associates\inoculateit\realmon.exe"
mRun: [WinVNC] "c:\program files\tightvnc\WinVNC.exe" -servicehelper
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [ISTray] "c:\program files\spyware doctor\pctsTray.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [Intuit SyncManager] c:\program files\common files\intuit\sync\IntuitSyncManager.exe startup
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [Ad-Watch] c:\program files\lavasoft\ad-aware\AAWTray.exe
mRun: [ËѺüµçÊÓ»úÍøÒ³°æ] c:\program files\sohutv_web\systrayicon.exe "c:\program files\sohutv_web" "ba265e319217b8a6856932c37eebcf91" "1.0.0.10" ""
StartupFolder: c:\docume~1\admini~1\startm~1\programs\startup\mlbtvn~1.lnk - c:\documents and settings\administrator\local settings\application data\autobahn\mlb-nexdef-autobahn.exe
StartupFolder: c:\docume~1\admini~1\startm~1\programs\startup\openof~1.lnk - c:\program files\openoffice.org 3\program\quickstart.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\blueto~1.lnk - c:\program files\thinkpad\bluetooth software\BTTray.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\quickb~1.lnk - c:\program files\common files\intuit\quickbooks\qbupdate\qbupdate.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\winzip~1.lnk - c:\program files\winzip\WZQKPICK.EXE
mPolicies-system: disablecad = 1 (0x1)
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office12\EXCEL.EXE/3000
IE: Send to &Bluetooth Device... - c:\program files\thinkpad\bluetooth software\btsendto_ie_ctx.htm
IE: {022C4009-5283-4365-97BF-144054B40E2E} - http://itv.mop.com
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mi1933~1\office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
DPF: {05C1004E-2596-48E5-8E26-39362985EEB9} - hxxp://p3p.sogou.com/MMCShell.cab
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {31435657-9980-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab
DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {9CA74596-B5BB-4634-971C-F0224115A15F} - hxxp://nba.tom.com/video/tcastV1.cab
DPF: {AC414988-E5BB-4C2C-873B-EA53D2F3D23A} - hxxp://t.live.cctv.com/ieocx/CCTVUpdateInstall.dll
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll
Handler: intu-help-qb2 - {84D77A00-41B5-4b8b-8ADF-86486D72E749} - c:\program files\intuit\quickbooks 2009\HelpAsyncPluggableProtocol.dll
Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - c:\windows\system32\mscoree.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: AtiExtEvent - Ati2evxx.dll
Notify: tpfnf2 - notifyf2.dll
Notify: tphotkey - tphklock.dll
AppInit_DLLs: c:\progra~1\google\go333c~1\GOEC62~1.DLL

============= SERVICES / DRIVERS ===============

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-6-20 64160]
R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2009-5-31 130936]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\nav\1005000.086\SymEFA.sys [2009-6-17 310320]
R1 BHDrvx86;Symantec Heuristics Driver;c:\windows\system32\drivers\nav\1005000.086\BHDrvx86.sys [2009-6-17 258608]
R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\nav\1005000.086\cchpx86.sys [2009-6-17 482352]
R1 IDSxpx86;IDSxpx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\ipsdefs\20090618.002\IDSXpx86.sys [2009-6-20 276344]
R1 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2009-1-9 213640]
R2 IntuitUpdateService;Intuit Update Service;c:\program files\common files\intuit\update service\IntuitUpdateService.exe [2008-12-9 13088]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2009-3-9 1003344]
R2 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ);c:\program files\microsoft sql server\mssql.1\mssql\binn\sqlservr.exe [2008-11-24 29263712]
R2 Norton AntiVirus;Norton AntiVirus;c:\program files\norton antivirus\engine\16.5.0.134\ccSvcHst.exe [2009-6-17 115560]
R2 sdAuxService;PC Tools Auxiliary Service;c:\program files\spyware doctor\pctsAuxs.exe [2008-11-14 348752]
R2 sdCoreService;PC Tools Security Service;c:\program files\spyware doctor\pctsSvc.exe [2008-11-14 1095560]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2009-6-17 101936]
R3 NAVENG;NAVENG;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\virusdefs\20090621.006\NAVENG.SYS [2009-6-21 89104]
R3 NAVEX15;NAVEX15;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\virusdefs\20090621.006\NAVEX15.SYS [2009-6-21 876144]
R3 WSIMD;wsimd Service;c:\windows\system32\drivers\wsimd.sys [2008-5-5 54432]
S2 gupdate1c9bf6f1e284340;Google Update Service (gupdate1c9bf6f1e284340);c:\program files\google\update\GoogleUpdate.exe [2009-4-17 133104]
S2 McShield;McAfee Real-time Scanner;c:\progra~1\mcafee\viruss~1\mcshield.exe --> c:\progra~1\mcafee\viruss~1\mcshield.exe [?]
S3 apusbsnt;Sierra Wireless USB Modem Device Driver;c:\windows\system32\drivers\apusbsnt.sys --> c:\windows\system32\drivers\apusbsnt.sys [?]
S3 McSysmon;McAfee SystemGuards;c:\progra~1\mcafee\viruss~1\mcsysmon.exe --> c:\progra~1\mcafee\viruss~1\mcsysmon.exe [?]
S3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2009-3-16 79304]
S3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2009-3-16 35272]
S3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2009-3-16 34216]
S3 mfesmfk;McAfee Inc. mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2009-3-16 40552]
S3 NWUSBPort2;Novatel Wireless USB Status2 Port Driver;c:\windows\system32\drivers\nwusbser2.sys [2006-7-17 99200]

=============== Created Last 30 ================

2009-06-21 02:26 <DIR> --d----- c:\windows\pss
2009-06-20 20:34 15,688 a------- c:\windows\system32\lsdelete.exe
2009-06-20 19:01 64,160 a------- c:\windows\system32\drivers\Lbd.sys
2009-06-20 18:58 <DIR> -cd-h--- c:\docume~1\alluse~1\applic~1\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}
2009-06-20 18:57 <DIR> --d----- c:\program files\Lavasoft
2009-06-19 20:42 <DIR> --d----- c:\docume~1\admini~1\applic~1\VundoFixTool
2009-06-18 13:50 <DIR> --d----- c:\docume~1\alluse~1\applic~1\DriverScanner
2009-06-18 13:49 <DIR> -cd-h--- c:\docume~1\alluse~1\applic~1\{D5ABFFAD-D592-4F98-B02B-587125B4801F}
2009-06-18 11:59 <DIR> -cd-h--- c:\docume~1\alluse~1\applic~1\{51019853-129C-4EDE-9030-D5FD7BBD9AD0}
2009-06-18 11:29 <DIR> --d----- c:\docume~1\admini~1\applic~1\System Tweaker
2009-06-18 11:27 <DIR> --d----- c:\program files\Uniblue
2009-06-18 11:27 <DIR> -cd-h--- c:\docume~1\alluse~1\applic~1\{2840BBCB-9BEC-47F6-BA0F-10D3C34BF151}
2009-06-18 03:46 1,089,593 -------- c:\windows\system32\dllcache\ntprint.cat
2009-06-17 23:03 48 a---h--- c:\windows\system32\ezsidmv.dat
2009-06-17 23:00 <DIR> --d--r-- c:\program files\Skype
2009-06-17 22:32 91,136 a------- c:\windows\system32\kswdmcap.ax
2009-06-17 22:32 91,136 a------- c:\windows\system32\dllcache\kswdmcap.ax
2009-06-17 22:32 53,760 a------- c:\windows\system32\vfwwdm32.dll
2009-06-17 22:32 53,760 a------- c:\windows\system32\dllcache\vfwwdm32.dll
2009-06-17 22:32 43,008 a------- c:\windows\system32\ksxbar.ax
2009-06-17 22:32 43,008 a------- c:\windows\system32\dllcache\ksxbar.ax
2009-06-17 22:32 61,952 a------- c:\windows\system32\kstvtune.ax
2009-06-17 22:32 61,952 a------- c:\windows\system32\dllcache\kstvtune.ax
2009-06-17 22:32 20,992 a------- c:\windows\system32\dshowext.ax
2009-06-17 22:32 20,992 a------- c:\windows\system32\dllcache\dshowext.ax
2009-06-17 16:00 <DIR> --dsh--- c:\documents and settings\administrator\IECompatCache
2009-06-17 15:58 <DIR> --dsh--- c:\documents and settings\administrator\PrivacIE
2009-06-17 15:50 <DIR> --dsh--- c:\documents and settings\administrator\IETldCache
2009-06-17 14:30 <DIR> --d----- c:\windows\system32\XPSViewer
2009-06-17 14:28 <DIR> --d----- c:\docume~1\admini~1\applic~1\Uniblue
2009-06-17 14:28 597,504 -------- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-06-17 14:28 575,488 -------- c:\windows\system32\xpsshhdr.dll
2009-06-17 14:28 575,488 -------- c:\windows\system32\dllcache\xpsshhdr.dll
2009-06-17 14:28 117,760 -------- c:\windows\system32\prntvpt.dll
2009-06-17 14:28 89,088 -------- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-06-17 14:28 <DIR> --d----- C:\14e9c434c7c088da07ce08e1e7
2009-06-17 14:28 1,676,288 -------- c:\windows\system32\xpssvcs.dll
2009-06-17 14:28 1,676,288 -------- c:\windows\system32\dllcache\xpssvcs.dll
2009-06-17 14:27 <DIR> --d----- c:\windows\SxsCaPendDel
2009-06-17 14:26 <DIR> --d----- c:\program files\Spybot - Search & Destroy
2009-06-17 14:26 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
2009-06-17 14:17 12,800 -------- c:\windows\system32\dllcache\xpshims.dll
2009-06-17 14:17 246,272 -------- c:\windows\system32\dllcache\ieproxy.dll
2009-06-17 14:17 <DIR> --d----- c:\windows\ie8updates
2009-06-17 14:17 102,912 -------- c:\windows\system32\dllcache\iecompat.dll
2009-06-17 14:14 <DIR> -cd-h--- c:\windows\ie8
2009-06-17 11:39 <DIR> --d--r-- c:\program files\Norton Support
2009-06-17 11:28 36,400 a----r-- c:\windows\system32\drivers\SymIM.sys
2009-06-17 11:28 7,386 a------- c:\windows\system32\drivers\SYMEVENT.CAT
2009-06-17 11:28 805 a------- c:\windows\system32\drivers\SYMEVENT.INF
2009-06-17 11:27 <DIR> --d----- c:\windows\system32\drivers\NAV
2009-06-17 11:27 <DIR> --d----- c:\program files\Norton AntiVirus
2009-06-17 11:27 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Norton
2009-06-17 11:27 <DIR> --d----- c:\program files\NortonInstaller
2009-06-17 11:27 <DIR> --d----- c:\docume~1\alluse~1\applic~1\NortonInstaller
2009-06-17 11:26 <DIR> --d----- c:\documents and settings\all users\Symantec Temporary Files
2009-06-10 10:46 <DIR> --d----- c:\program files\common files\supportsoft
2009-06-10 10:45 1,843,200 a------- c:\windows\system32\acXMLParser.dll
2009-06-10 10:45 3,833,856 a------- c:\windows\system32\cdintf300.dll
2009-06-10 10:38 <DIR> --d----- c:\program files\Intuit
2009-06-10 10:36 90 a------- c:\windows\QBChanUtil_Trigger.ini
2009-06-10 10:36 <DIR> --d----- c:\docume~1\alluse~1\applic~1\SQL Anywhere 10
2009-06-10 10:36 <DIR> --d----- c:\docume~1\alluse~1\applic~1\COMMON FILES
2009-06-06 09:36 69,296 a---h--- c:\windows\system32\mlfcache.dat
2009-05-31 12:34 159,600 a------- c:\windows\system32\drivers\pctgntdi.sys
2009-05-31 12:34 130,936 a------- c:\windows\system32\drivers\PCTCore.sys
2009-05-31 12:34 73,840 a------- c:\windows\system32\drivers\PCTAppEvent.sys
2009-05-31 12:34 64,392 a------- c:\windows\system32\drivers\pctplsg.sys
2009-05-31 12:34 <DIR> --d----- c:\program files\common files\PC Tools
2009-05-31 12:34 <DIR> --d----- c:\docume~1\alluse~1\applic~1\PC Tools
2009-05-31 12:34 <DIR> --d----- c:\docume~1\admini~1\applic~1\PC Tools

==================== Find3M ====================

2009-06-21 11:34 82,784 a------- c:\windows\system32\mstaso.dat
2009-06-21 11:34 28,539 a------- c:\windows\system32\rasadhep.dat
2009-06-21 11:34 18,352 a------- c:\windows\system32\kbdhest.dat
2009-06-21 11:34 16,359 a------- c:\windows\system32\dmcogpos.dat
2009-06-17 11:28 124,464 a------- c:\windows\system32\drivers\SYMEVENT.SYS
2009-06-17 11:28 60,808 a------- c:\windows\system32\S32EVNT1.DLL
2009-05-21 11:33 410,984 a------- c:\windows\system32\deploytk.dll
2009-05-12 22:15 915,456 a------- c:\windows\system32\wininet.dll
2009-05-12 22:15 5,936,128 -------- c:\windows\system32\dllcache\mshtml.dll
2009-05-12 22:15 915,456 -------- c:\windows\system32\dllcache\wininet.dll
2009-05-07 08:32 345,600 a------- c:\windows\system32\localspl.dll
2009-05-07 08:32 345,600 -------- c:\windows\system32\dllcache\localspl.dll
2009-05-01 11:30 3,366,912 a------- c:\windows\system32\GPhotos.scr
2009-04-30 14:22 1,985,024 -------- c:\windows\system32\dllcache\iertutil.dll
2009-04-30 14:22 11,064,832 -------- c:\windows\system32\dllcache\ieframe.dll
2009-04-30 14:22 1,207,808 -------- c:\windows\system32\dllcache\urlmon.dll
2009-04-30 14:22 25,600 -------- c:\windows\system32\dllcache\jsproxy.dll
2009-04-30 14:22 385,536 -------- c:\windows\system32\dllcache\iedkcs32.dll
2009-04-30 04:21 173,056 -------- c:\windows\system32\dllcache\ie4uinit.exe
2009-04-28 21:55 133,120 -------- c:\windows\system32\dllcache\extmgr.dll
2009-04-28 02:05 13,824 -------- c:\windows\system32\dllcache\ieudinit.exe
2009-04-17 05:26 1,847,168 a------- c:\windows\system32\win32k.sys
2009-04-17 05:26 1,847,168 -------- c:\windows\system32\dllcache\win32k.sys
2009-04-15 07:51 585,216 a------- c:\windows\system32\rpcrt4.dll
2009-04-15 07:51 585,216 -------- c:\windows\system32\dllcache\rpcrt4.dll
2009-04-13 19:57 361,600 a------- c:\windows\system32\dllcache\TCPIP.SYS
2009-03-25 14:39 86,327 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat

============= FINISH: 12:43:18.06 ===============

Attached Files

Attach.zip (8.9 KB, 1 views)

Angelfire777

Please visit this webpage for download links, and instructions for running combofix:

http://www.bleepingcomputer.com/comb...o-use-combofix

Note: Please rename combofix.exe to cfix.exe

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Please include the C:\ComboFix.txt in your next reply for further review.