1.

Solve : Yahoo Msg will not open ....can anybody sort this issue out ? w/log?

Answer»

The ESET log doesn't show that the infections were removed. Please run it again. There should be a box just above the "Scan archives" box alread checked. Please ensure that this box remains checked and run the scan. I ran the scanner again and selected both boxes this time:

C:\Desktop\Flash_Disinfector.exeprobably a variant of Win32/Agent.BWFKHA trojancleaned by deleting - quarantined
C:\Documents and Settings\User\My Documents\setupxv.exe.virprobably a variant of Win32/TrojanDownloader.Banload.KDRCNRT trojancleaned by deleting - quarantined
C:\Program Files\RegistryFix7\UninstlDll.dllWin32/Adware.ErrorClean applicationcleaned by deleting - quarantined
C:\Program Files\Sony\Welcome to VAIO life\Internet Services.exeprobably a variant of Win32/TrojanDropper.Agent.BLQHZVO trojancleaned by deleting - quarantined
C:\Program Files\Sony\Welcome to VAIO life\VAIO zone.exeprobably a variant of Win32/TrojanDropper.Agent.FYKSNPZ trojancleaned by deleting - quarantined
C:\System Volume Information\_restore{0803D443-492F-46D4-A7CD-A0F2180414C9}\RP15\A0006085.DLLa variant of Win32/Toolbar.MyWebSearch applicationcleaned by deleting - quarantined
C:\System Volume Information\_restore{0803D443-492F-46D4-A7CD-A0F2180414C9}\RP16\A0006125.DLLWin32/Toolbar.AskSBar applicationcleaned by deleting - quarantined
C:\System Volume Information\_restore{0803D443-492F-46D4-A7CD-A0F2180414C9}\RP22\A0007280.exeprobably a variant of Win32/Agent.BWFKHA trojancleaned by deleting - quarantined
C:\System Volume Information\_restore{0803D443-492F-46D4-A7CD-A0F2180414C9}\RP22\A0007281.dllWin32/Adware.ErrorClean applicationcleaned by deleting - quarantined
C:\System Volume Information\_restore{0803D443-492F-46D4-A7CD-A0F2180414C9}\RP22\A0007282.exeprobably a variant of Win32/TrojanDropper.Agent.BLQHZVO trojancleaned by deleting - quarantined
C:\System Volume Information\_restore{0803D443-492F-46D4-A7CD-A0F2180414C9}\RP22\A0007283.exeprobably a variant of Win32/TrojanDropper.Agent.FYKSNPZ trojancleaned by deleting - quarantined
Dave, okay so progress update at the ready. Yahoo msg now opens fine....but there are some serious time delays now from the time I startup till my browser opens .....and with closing one webpage and opening another , the closing webpage takes longer to dissappear than before and also the activity light on my pc seems to be working really hard at something all the time....I mean all the time ......what do you think?Download the Fix IE Utility to your desktop.

Before running the utility, make sure that all your Internet Explorer windows are closed!

* Extract the CONTENTS of the .zip file to your desktop.
* Double click the Fix IE Utility button to run the tool.
* Click Run Utility
* Click OK when you see 'Re-registered all files'
* Open Internet Explorer and see how it works.

******************************************
Download Process Explorer: http://technet.microsoft.com/en-us/sysinternals/bb896653.aspx
Unzip ProcessExplorer.zip, and double click on procexp.exe to run the program.
Click on View > Select Colunms.
In addition to already pre-selected options, make sure, the Command Line is selected, and press OK.
Go File>Save As, and save the report as Procexp.txt.
Attach the file to your next reply.The Procexp log as requested:

ProcessPIDCPUPrivate BytesWorking SetDescriptionCompany NameCommand Line
System Idle Process098.460 K28 K
Interruptsn/a0 K0 KHardware Interrupts
DPCsn/a0 K0 KDeferred Procedure Calls
System40 K57,188 K
smss.exe764172 K276 KWindows NT Session ManagerMicrosoft Corporation\SystemRoot\System32\smss.exe
csrss.exe8362,368 K5,928 KClient SERVER Runtime ProcessMicrosoft CorporationC:\WINDOWS\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
winlogon.exe8606,760 K4,048 KWindows NT Logon ApplicationMicrosoft Corporationwinlogon.exe
services.exe9041.541,956 K2,824 KServices and Controller appMicrosoft CorporationC:\WINDOWS\system32\services.exe
svchost.exe10803,288 K3,568 KGeneric Host Process for Win32 ServicesMicrosoft CorporationC:\WINDOWS\system32\svchost -k DcomLaunch
igfxext.exe6681,508 K2,396 Kigfxext ModuleIntel CorporationC:\WINDOWS\system32\igfxext.exe -Embedding
COCIManager.exe3002,848 K2,712 KCamera Control InterfaceLogitech Inc."C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe" -Embedding
wmiprvse.exe59683,092 K8,140 KWMIMicrosoft CorporationC:\WINDOWS\system32\wbem\wmiprvse.exe
SkypeNames2.exe1500888 K3,408 KSkypeNamesSkype Technologies S.A."C:\Program Files\Skype\Toolbars\Shared\SkypeNames2.exe" -Embedding
svchost.exe11322,144 K3,088 KGeneric Host Process for Win32 ServicesMicrosoft CorporationC:\WINDOWS\system32\svchost -k rpcss
svchost.exe128026,324 K34,664 KGeneric Host Process for Win32 ServicesMicrosoft CorporationC:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe13481,868 K3,208 KGeneric Host Process for Win32 ServicesMicrosoft CorporationC:\WINDOWS\system32\svchost.exe -k NetworkService
svchost.exe15961,580 K2,692 KGeneric Host Process for Win32 ServicesMicrosoft CorporationC:\WINDOWS\system32\svchost.exe -k LocalService
spoolsv.exe18923,320 K3,268 KSpooler SubSystem AppMicrosoft CorporationC:\WINDOWS\system32\spoolsv.exe
svchost.exe7201,456 K2,400 KGeneric Host Process for Win32 ServicesMicrosoft CorporationC:\WINDOWS\system32\svchost.exe -k LocalService
AOLacsd.exe7565,644 K4,308 KAOL Connectivity ServiceAOL LLCC:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
avgwdsvc.exe7884,824 K2,544 KAVG Watchdog ServiceAVG Technologies CZ, s.r.o.C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
avgrsx.exe152815,672 K14,068 KAVG Resident Shield ServiceAVG Technologies CZ, s.r.o.avgrsx.exe
avgnsx.exe31611,276 K792 KAVG Network scanner ServiceAVG Technologies CZ, s.r.o.avgnsx.exe
LVPrcSrv.exe10441,080 K1,864 KLogitech LVPrcSrv Module.Logitech Inc."C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe"
McciCMService.exe14922,140 K2,084 Kmcci+McciCMServiceMotive Communications, Inc."C:\Program Files\Common Files\Motive\McciCMService.exe"
RegSrvc.exe1688824 K1,456 KRegSrvc ModuleIntel Corporation"C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe"
svchost.exe16082,588 K3,316 KGeneric Host Process for Win32 ServicesMicrosoft CorporationC:\WINDOWS\system32\svchost.exe -k imgsvc
wdfmgr.exe1681,656 K1,100 KWindows User Mode Driver ManagerMicrosoft CorporationC:\WINDOWS\system32\wdfmgr.exe
VESMgr.exe2043,540 K2,668 KVAIO Event Service (Service Module)Sony Corporation"C:\Program Files\Sony\VAIO Event Service\VESMgr.exe"
VCSW.exe2483,096 K3,280 KVAIO Entertainment UPnP Client AdapterSony Corporation"C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe" -RunBySCM
wanmpsvc.exe352916 K340 KWan Miniport (ATW) ServiceAmerica Online, Inc."C:\WINDOWS\wanmpsvc.exe"
YahooAUService.exe4566,420 K6,712 KAutoUpater Service ModuleYahoo! Inc."C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe"
avgemc.exe5364,252 K868 KAVG E-Mail ScannerAVG Technologies CZ, s.r.o.C:\PROGRA~1\AVG\AVG8\avgemc.exe
avgcsrvx.exe22608,912 K3,292 KAVG Scanning Core Module - Server PartAVG Technologies CZ, s.r.o. /pipeName=83687938-965e-4ed7-9ddd-566c19f0c761 /coreSdkOptions=0 /binaryPath="C:\Program Files\AVG\AVG8\"
VzCdbSvc.exe6245,752 K4,256 KVAIO Entertainment Database ServiceSony Corporation"C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe"
VzFw.exe8244,524 K4,408 KVAIO Entertainment File Import ServiceSony Corporation"C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe"
alg.exe25561,292 K1,980 KApplication Layer Gateway ServiceMicrosoft CorporationC:\WINDOWS\System32\alg.exe
lsass.exe9164,112 K1,456 KLSA Shell (Export Version)Microsoft CorporationC:\WINDOWS\system32\lsass.exe
explorer.exe268022,192 K19,532 KWindows ExplorerMicrosoft CorporationC:\WINDOWS\Explorer.EXE
avgtray.exe29603,688 K796 KAVG Tray MonitorAVG Technologies CZ, s.r.o."C:\PROGRA~1\AVG\AVG8\avgtray.exe"
SearchProtection.exe29883,792 K1,524 KYahoo! ApplicationYahoo! Inc"C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe"
InstallService.exe30081,524 K432 KNetscape Communications Corporation"C:\Program Files\Common Files\ISPCOMP\InstallService.exe"
aolsoftware.exe30248,732 K7,392 KAOLAOL LLC"C:\Program Files\Common Files\AOL\1217722696\ee\AOLSoftware.exe"
LWS.exe304818,972 K2,532 KCamera SoftwareLogitech Inc."C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide
Skype.exe138028,152 K16,292 KSkype Skype Technologies S.A."C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
skypePM.exe132816,188 K3,804 KSkype Extras ManagerSkype Technologies"C:\Program Files\Skype\Plugin Manager\skypePM.exe" /SILENT
ctfmon.exe33361,152 K2,228 KCTF LoaderMicrosoft Corporation"C:\WINDOWS\system32\ctfmon.exe"
SSScheduler.exe3360808 K80 KMcAfee Security Scanner SchedulerMcAfee, Inc."C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe"
firefox.exe221685,124 K97,740 KFirefoxMozilla Corporation"C:\Program Files\Mozilla Firefox\firefox.exe"
procexp.exe501610,828 K16,528 KSysinternals Process ExplorerSysinternals - www.sysinternals.com"C:\DOCUME~1\User\LOCALS~1\Temp\Temporary Directory 1 for ProcessExplorer.zip\procexp.exe"
Vid.exe2804619,868 K14,132 KLogitech Vid HDLogitech Inc."C:\Program Files\Logitech\Vid HD\Vid.exe" -installmode
YahooMessenger.exe4264109,724 K48,556 KYahoo! MessengerYahoo! Inc."C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE"
iexplore.exe12966,048 K1,004 KInternet ExplorerMicrosoft Corporation"C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome
iexplore.exe466822,604 K912 KInternet ExplorerMicrosoft Corporation"C:\Program Files\Internet Explorer\IEXPLORE.EXE" SCODEF:1296 CREDAT:14337
iexplore.exe33005,584 K884 KInternet ExplorerMicrosoft Corporation"C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome
iexplore.exe591613,372 K700 KInternet ExplorerMicrosoft Corporation"C:\Program Files\Internet Explorer\IEXPLORE.EXE" SCODEF:3300 CREDAT:14337
iexplore.exe18325,636 K896 KInternet ExplorerMicrosoft Corporation"C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome
iexplore.exe580813,336 K548 KInternet ExplorerMicrosoft Corporation"C:\Program Files\Internet Explorer\IEXPLORE.EXE" SCODEF:1832 CREDAT:14337
iexplore.exe51885,580 K888 KInternet ExplorerMicrosoft Corporation"C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome
iexplore.exe490413,512 K544 KInternet ExplorerMicrosoft Corporation"C:\Program Files\Internet Explorer\IEXPLORE.EXE" SCODEF:5188 CREDAT:14337
iexplore.exe32325,592 K896 KInternet ExplorerMicrosoft Corporation"C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome
iexplore.exe406813,580 K544 KInternet ExplorerMicrosoft Corporation"C:\Program Files\Internet Explorer\IEXPLORE.EXE" SCODEF:3232 CREDAT:14337
iexplore.exe49165,632 K904 KInternet ExplorerMicrosoft Corporation"C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome
iexplore.exe43613,516 K540 KInternet ExplorerMicrosoft Corporation"C:\Program Files\Internet Explorer\IEXPLORE.EXE" SCODEF:4916 CREDAT:14337
iexplore.exe40005,536 K1,824 KInternet ExplorerMicrosoft Corporation"C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome
iexplore.exe330416,040 K2,008 KInternet ExplorerMicrosoft Corporation"C:\Program Files\Internet Explorer\IEXPLORE.EXE" SCODEF:4000 CREDAT:14337
iexplore.exe42085,600 K1,756 KInternet ExplorerMicrosoft Corporation"C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome
iexplore.exe510013,488 K1,704 KInternet ExplorerMicrosoft Corporation"C:\Program Files\Internet Explorer\IEXPLORE.EXE" SCODEF:4208 CREDAT:14337
waol.exe1444118,588 K11,248 KAOL SoftwareAOL, LLC. -Brestart
shellmon.exe5716656 K2,632 KwaolmonAOL, LLC."C:\Program Files\AOL 9.1\shellmon.exe"
aoltpsd3.exe44082,456 K5,680 KAOL TopSpeedAOL LLC -p11535 -q"11536,11537,11538,11539,11540,11541,11542,11543" -S256 -G"C:\Documents and Settings\All Users\Application Data\AOL\Topspeed\3.0\vph.ph" -g"{9C6D947A-D1B5-4271-A40A-7EFA70080F11}" -e1

A quick update for you . I booted up my pc this morning and some little gremlin must have got into my system last night. My yahoo msg will not open now and it was working perfectly yesterday. I did gather this info from the error msg box in yahoo :

Checking virtual IP servers...
[VIP Raw] Connecting to Virtual IP server 98.136.48.32...
[VIP Raw] Connecting to Virtual IP server 67.195.186.241...
[VIP Raw] Connecting to Virtual IP server 68.180.217.15...
[VIP Raw] Connecting to Virtual IP server 76.13.15.38...
[VIP Raw] FAILED
*** 'COMPONENT_TYPE_YCP' YCPError: 'YMSG.ColoSelectionTimeout' ***

Checking HTTP virtual IP servers...
[VIP Http] Connecting to HTTP Virtual IP server 216.155.194.34...
[VIP Http] Connecting to HTTP Virtual IP server 98.136.112.56...
[VIP Http] Connecting to HTTP Virtual IP server 216.155.194.137...
[VIP Http] Connecting to HTTP Virtual IP server 98.136.112.142...
[VIP Http] FAILED
*** 'COMPONENT_TYPE_YCP' YCPError: 'YMSG.ColoSelectionTimeout' ***

What could have happened to the connection as my firefox is working fine . However, my aol hompage is static and as for now just shows a white screen upon sign on . The status bar at the top of the aol screen shows connected and signed on.. I wonder if the rereg of files performed yesterday had anything to do with it ?

Please re-run RootRepeal again and post the log as instructed in Reply # 9Rootrepeal log just run:


ROOTREPEAL (c) AD, 2007-2009
==================================================
Scan Start Time:2010/09/17 11:16
Program Version:Version 1.3.5.0
Windows Version:Windows XP SP3
==================================================

Drivers
-------------------
Name: dump_atapi.sys
Image Path: C:\WINDOWS\System32\Drivers\dump_atapi.sys
Address: 0xA9BFE000Size: 98304File Visible: NoSigned: -
Status: -

Name: dump_WMILIB.SYS
Image Path: C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS
Address: 0xF7BD0000Size: 8192File Visible: NoSigned: -
Status: -

Name: rootrepeal.sys
Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys
Address: 0xA8AA7000Size: 49152File Visible: NoSigned: -
Status: -

Hidden/Locked Files
-------------------
Path: C:\hiberfil.sys
Status: Locked to the Windows API!

Path: c:\documents and settings\user\application data\skype\etilqs_qfyjmfnvxg56fsf6sbxi
Status: Allocation size mismatch (API: 65536, Raw: 0)

Path: c:\documents and settings\user\application data\skype\etilqs_ywj25zmdo50r3v004jnd
Status: Allocation size mismatch (API: 8192, Raw: 0)

==EOF==Your copy of ComboFix has passed it's shelf life. Please delete it, download a new one and run another scan.

Download ComboFix by sUBs from one of the below links.

Important! You MUST save ComboFix to your desktop

link # 1
Link # 2

Temporarily disable your Anti-virus and any Antispyware real time protection before performing a scan. Click this link to see a list of security programs that should be disabled and how to disable them.

Double click on ComboFix.exe & follow the prompts.

Vista users Right-Click on ComboFix.exe and select Run as administrator (you will receive a UAC prompt, please allow it)

Do not mouse-click ComboFix's window while it is running. That may CAUSE it to stall.

When the scan completes it will open a text window.

Post the contents of that log in your next reply.

Remember to re-enable your Anti-virus and Antispyware protection when ComboFix is complete.ComboFix 10-09-17.04 - User 09/18/2010 16:09:28.4.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1014.402 [GMT -7:00]
Running from: c:\documents and settings\User\Desktop\ComboFix1.exe
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\TEMP\logishrd\LVPrcInj01.dll

.
((((((((((((((((((((((((( Files Created from 2010-08-18 to 2010-09-18 )))))))))))))))))))))))))))))))
.

2010-09-18 23:05 . 2010-09-18 23:05--------d-----r-C:\32788R22FWJFW
2010-09-17 18:06 . 2010-09-17 18:0642816----a-w-c:\documents and settings\User\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-09-17 04:25 . 2010-09-17 04:25--------d-----w-c:\documents and settings\User\Application Data\Registry Mechanic
2010-09-17 04:21 . 2010-08-05 15:4637336----a-w-c:\windows\system32\CleanMFT32.exe
2010-09-17 04:21 . 2010-09-17 04:21--------d-----w-c:\program files\Common Files\PC Tools
2010-09-15 21:28 . 2010-09-16 03:16--------d-----w-c:\documents and settings\All Users\Application Data\Yahoo! Companion
2010-09-15 21:25 . 2010-09-16 03:11--------d-----w-c:\windows\SxsCaPendDel
2010-09-12 00:29 . 2010-09-12 00:29--------d-----w-c:\program files\ESET
2010-09-10 19:58 . 2010-09-10 19:580----a-w-c:\documents and settings\User\settings.dat
2010-09-09 21:55 . 2009-10-07 08:47266008----a-r-c:\windows\system32\drivers\lvrs.sys
2010-09-09 21:55 . 2009-10-07 08:2434068----a-r-c:\windows\system32\Repository.reg
2010-09-09 21:55 . 2009-10-07 08:48539160----a-r-c:\windows\system32\LVUI2RC.dll
2010-09-09 21:55 . 2009-10-07 08:48539160----a-r-c:\windows\system32\LVUI2.dll
2010-09-09 21:55 . 2009-10-07 08:43199192----a-r-c:\windows\system32\lvci12101110.dll
2010-09-09 21:55 . 2009-10-07 08:43416280----a-r-c:\windows\system32\lvcodec2.dll
2010-09-09 21:55 . 2009-10-07 08:496756632----a-r-c:\windows\system32\drivers\lvuvc.sys
2010-09-09 21:41 . 2010-09-09 21:41--------d-----w-c:\documents and settings\User\Local Settings\Application Data\LogiShrd
2010-09-09 21:39 . 2009-10-07 08:4923832----a-r-c:\windows\system32\drivers\lvuvcflt.sys
2010-09-09 21:39 . 2010-09-09 21:40--------dc----w-c:\windows\system32\DRVSTORE
2010-09-09 21:37 . 2010-09-09 21:55--------d-----w-c:\program files\Common Files\LogiShrd
2010-09-09 21:37 . 2010-09-10 22:29--------d-----w-c:\documents and settings\All Users\Application Data\LogiShrd
2010-09-09 21:37 . 2010-09-16 03:11--------d-----w-c:\program files\Logitech
2010-09-09 21:37 . 2008-04-13 18:395504-c--a-w-c:\windows\system32\dllcache\mstee.sys
2010-09-09 21:37 . 2008-04-13 18:395504----a-w-c:\windows\system32\drivers\MSTEE.sys
2010-09-09 21:37 . 2008-04-13 18:4610880-c--a-w-c:\windows\system32\dllcache\ndisip.sys
2010-09-09 21:37 . 2008-04-13 18:4610880----a-w-c:\windows\system32\drivers\NdisIP.sys
2010-09-09 21:36 . 2008-04-13 18:4615232-c--a-w-c:\windows\system32\dllcache\streamip.sys
2010-09-09 21:36 . 2008-04-13 18:4615232----a-w-c:\windows\system32\drivers\StreamIP.sys
2010-09-09 21:36 . 2008-04-13 18:4611136-c--a-w-c:\windows\system32\dllcache\slip.sys
2010-09-09 21:36 . 2008-04-13 18:4611136----a-w-c:\windows\system32\drivers\SLIP.sys
2010-09-09 21:36 . 2008-04-13 18:4619200-c--a-w-c:\windows\system32\dllcache\wstcodec.sys
2010-09-09 21:36 . 2008-04-13 18:4619200----a-w-c:\windows\system32\drivers\WSTCODEC.SYS
2010-09-09 21:36 . 2008-04-13 18:4685248-c--a-w-c:\windows\system32\dllcache\nabtsfec.sys
2010-09-09 21:36 . 2008-04-13 18:4685248----a-w-c:\windows\system32\drivers\NABTSFEC.sys
2010-09-09 21:36 . 2008-04-13 18:4617024-c--a-w-c:\windows\system32\dllcache\ccdecode.sys
2010-09-09 21:36 . 2008-04-13 18:4617024----a-w-c:\windows\system32\drivers\CCDECODE.sys
2010-09-09 21:36 . 2008-04-13 18:4560032-c--a-w-c:\windows\system32\dllcache\usbaudio.sys
2010-09-09 21:36 . 2008-04-13 18:4560032----a-w-c:\windows\system32\drivers\USBAUDIO.sys
2010-09-09 21:35 . 2008-04-14 00:1253760-c--a-w-c:\windows\system32\dllcache\vfwwdm32.dll
2010-09-09 21:35 . 2008-04-14 00:1253760----a-w-c:\windows\system32\vfwwdm32.dll
2010-09-09 21:35 . 2008-04-13 18:4532128-c--a-w-c:\windows\system32\dllcache\usbccgp.sys
2010-09-09 21:35 . 2008-04-13 18:4532128----a-w-c:\windows\system32\drivers\usbccgp.sys
2010-09-09 00:12 . 2010-09-09 00:12--------d-----w-c:\program files\MetaStream
2010-09-07 23:48 . 2010-09-07 23:48--------d-----w-c:\documents and settings\LocalService\Application Data\McAfee
2010-09-07 03:49 . 2010-04-29 22:3938224----a-w-c:\windows\system32\drivers\mbamswissarmy.sys
2010-09-07 03:49 . 2010-04-29 22:3920952----a-w-c:\windows\system32\drivers\mbam.sys
2010-09-07 03:49 . 2010-09-07 03:49--------d-----w-c:\program files\Malwarebytes' Anti-Malware
2010-09-07 01:09 . 2010-09-07 01:09--------d-----w-c:\documents and settings\User\Application Data\SUPERAntiSpyware.com
2010-09-07 01:09 . 2010-09-07 01:09--------d-----w-c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2010-09-07 01:09 . 2010-09-07 01:09--------d-----w-c:\program files\SUPERAntiSpyware
2010-08-25 04:31 . 2010-08-25 04:31--------d-----w-c:\documents and settings\NetworkService\Local Settings\Application Data\Google
2010-08-25 04:30 . 2010-08-25 04:3056---ha-w-c:\windows\system32\ezsidmv.dat
2010-08-25 04:30 . 2010-09-18 23:04--------d-----w-c:\documents and settings\User\Application Data\skypePM
2010-08-25 04:26 . 2010-09-18 23:14--------d-----w-c:\documents and settings\User\Application Data\Skype
2010-08-25 04:26 . 2010-09-18 22:31--------d-----w-c:\documents and settings\User\Local Settings\Application Data\Temp
2010-08-25 04:26 . 2010-09-08 00:28--------d-----w-c:\documents and settings\LocalService\Local Settings\Application Data\Google
2010-08-25 04:25 . 2010-08-25 04:25--------d-----w-c:\program files\Common Files\Skype
2010-08-25 04:25 . 2010-08-25 04:26--------d-----r-c:\program files\Skype
2010-08-25 04:25 . 2010-08-25 04:25--------d-----w-c:\documents and settings\All Users\Application Data\Skype

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-17 04:25 . 2008-08-03 02:45--------d---a-w-c:\documents and settings\All Users\Application Data\TEMP
2010-09-16 00:18 . 2010-09-09 21:550----a-w-c:\windows\system32\drivers\lvuvc.hs
2010-09-16 00:17 . 2010-09-09 21:390----a-w-c:\windows\system32\drivers\logiflt.iad
2010-09-15 21:32 . 2009-06-06 21:24--------d-----w-c:\documents and settings\User\Application Data\Yahoo!
2010-09-15 21:28 . 2008-08-30 21:40--------d-----w-c:\program files\Yahoo!
2010-09-14 02:30 . 2001-01-02 07:46--------d-----w-c:\program files\RegistryFix7
2010-09-13 00:34 . 2010-09-17 19:1858368----a-w-c:\documents and settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\extensions\{23256f20-0d9b-4323-b005-6e5de569c4b7}\components\FFExternalAlert.dll
2010-09-13 00:34 . 2010-09-17 19:18101376----a-w-c:\documents and settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\extensions\{23256f20-0d9b-4323-b005-6e5de569c4b7}\components\RadioWMPCore.dll
2010-09-11 14:46 . 2001-02-23 06:38--------d-----w-c:\program files\Microsoft Silverlight
2010-09-07 23:26 . 2001-01-31 21:18--------d-----w-c:\program files\McAfee Security Scan
2010-09-07 03:28 . 2008-08-03 02:22--------d-----w-c:\documents and settings\User\Application Data\Comodo
2010-09-07 03:28 . 2008-08-03 02:22--------d-----w-c:\program files\COMODO
2010-09-07 01:10 . 2010-09-07 01:1063488----a-w-c:\documents and settings\User\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
2010-09-07 01:10 . 2010-09-07 01:1052224----a-w-c:\documents and settings\User\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
2010-09-07 01:10 . 2010-09-07 01:10117760----a-w-c:\documents and settings\User\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2010-09-05 23:42 . 2010-09-17 19:1858368----a-w-c:\documents and settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\extensions\[emailprotected]\components\FFExternalAlert.dll
2010-09-05 23:42 . 2010-09-17 19:18101376----a-w-c:\documents and settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\extensions\[emailprotected]\components\RadioWMPCore.dll
2010-08-25 04:31 . 2004-11-21 02:35--------d-----w-c:\program files\Google
2010-08-23 05:46 . 2008-08-03 02:13--------d-----w-c:\documents and settings\All Users\Application Data\avg8
2010-08-17 13:17 . 2004-11-21 00:0458880----a-w-c:\windows\system32\spoolsv.exe
2010-07-31 05:47 . 2010-07-31 05:47--------d-----w-c:\program files\Microsoft CAPICOM 2.1.0.2
2010-07-22 15:49 . 2004-11-21 00:04590848----a-w-c:\windows\system32\rpcrt4.dll
2010-07-22 05:57 . 2009-04-14 20:085120----a-w-c:\windows\system32\xpsp4res.dll
2010-06-30 12:31 . 2004-11-21 00:04149504----a-w-c:\windows\system32\schannel.dll
2010-06-24 12:22 . 2004-11-21 00:04916480----a-w-c:\windows\system32\wininet.dll
2010-06-23 13:44 . 2004-11-21 00:041851904----a-w-c:\windows\system32\win32k.sys
2010-06-21 15:27 . 2004-11-21 00:04354304----a-w-c:\windows\system32\drivers\srv.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-11-25 1230080]

[HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-11-25 1230080]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-11-25 1230080]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Search Protection"="c:\program files\Yahoo!\Search Protection\SearchProtection.exe" [2009-02-23 111856]
"AOL Fast Start"="c:\program files\AOL 9.1\AOL.EXE" [2008-06-03 50528]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2010-05-13 26192168]
"Messenger (Yahoo!)"="c:\progra~1\Yahoo!\Messenger\YahooMessenger.exe" [2010-06-01 5252408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2001-02-18 2048352]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2004-11-06 5406720]
"YSearchProtection"="c:\program files\Yahoo!\Search Protection\SearchProtection.exe" [2009-02-23 111856]
"Netscape"="c:\program files\Common Files\ISPCOMP\InstallService.exe" [2005-09-07 173568]
"HostManager"="c:\program files\Common Files\AOL\1217722696\ee\AOLSoftware.exe" [2007-05-25 42032]
"LogitechQuickCamRibbon"="c:\program files\Logitech\Logitech WebCam Software\LWS.exe" [2009-10-14 2793304]

c:\documents and settings\User\Start Menu\Programs\Startup\
Logitech . Product Registration.lnk - c:\program files\Logitech\Logitech WebCam Software\eReg.exe [2009-10-14 517384]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 22:21548352----a-w-c:\program files\SUPERAntiSpyware\SASWINLO.DLL

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2001-01-02 16:0811952----a-w-c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2004-10-27 23:4073728----a-w-c:\windows\system32\VESWinlogon.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
2004-10-14 00:0057344-c--a-w-c:\windows\ALCMTR.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOL Fast Start]
2008-06-03 05:3550528----a-w-c:\program files\AOL 9.1\aol.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOLDialer]
2006-10-23 12:5071216----a-r-c:\program files\Common Files\AOL\ACS\AOLDial.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint]
2003-11-08 00:21114688-c--a-w-c:\program files\Apoint\Apoint.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\COMODO SafeSurf]
2008-08-03 02:23278264-c--a-w-c:\program files\COMODO\SafeSurf\cssurf.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CreateCD_Reminder]
2004-07-16 19:1753248-c--a-w-c:\windows\SONYSYS\VAIO Recovery\Reminder.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 00:1215360----a-w-c:\windows\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTHelper]
2007-04-09 19:3219456-c--a-w-c:\windows\system32\CtHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTxfiHlp]
2007-04-09 19:3219968-c--a-w-c:\windows\system32\Ctxfihlp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HostManager]
2007-05-25 17:1642032----a-w-c:\program files\Common Files\AOL\1217722696\ee\aolsoftware.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2004-10-08 15:27126976-c--a-w-c:\windows\system32\hkcmd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2004-10-08 15:31155648-c--a-w-c:\windows\system32\igfxtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISBMgr.exe]
2004-02-20 22:1232768-c--a-w-c:\program files\Sony\ISB Utility\ISBMgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2004-11-06 05:055406720----a-w-c:\windows\system32\nvcpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OM2_Monitor]
2007-09-04 21:5254576-c--a-w-c:\program files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray]
2008-08-02 20:5026112----a-w-c:\program files\Real\RealPlayer\realplay.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SetDefaultMIDI]
2007-04-09 19:1928672-c--a-w-c:\windows\system32\MIDIDEF.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SonyPowerCfg]
2004-10-22 03:12184320----a-w-c:\program files\Sony\VAIO Power Management\SPMgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Switcher.exe]
2004-10-26 06:20167936----a-w-c:\program files\Sony\Wireless Switch Setting Utility\Switcher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VAIO Recovery]
2003-04-20 05:0828672-c--a-w-c:\windows\SONYSYS\VAIO Recovery\PartSeal.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VAIO Update 2]
2004-09-22 02:54151552----a-w-c:\program files\Sony\VAIO Update 2\VAIOUpdt.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
2010-06-01 17:175252408----a-w-c:\program files\Yahoo!\Messenger\YahooMessenger.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"=
"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"=
"c:\\Program Files\\America Online 9.0\\waol.exe"=
"c:\\Program Files\\Common Files\\AOL\\1217722696\\ee\\aolsoftware.exe"=
"c:\\Program Files\\Common Files\\AOL\\TopSpeed\\3.0\\aoltpsd3.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\Common Files\\AOL\\System Information\\sinf.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\AOL 9.1\\waol.exe"=
"c:\\Documents and Settings\\User\\My Documents\\Downloads\\SweetImSetup.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Logitech\\Vid HD\\Vid.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [8/2/2008 7:13 PM 335240]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [8/2/2008 7:13 PM 108552]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [2/17/2010 11:25 AM 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [5/10/2010 11:41 AM 67656]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [8/2/2008 7:13 PM 908056]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [8/2/2008 7:13 PM 297752]
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\Common Files\PC Tools\sMonitor\StartManSvc.exe [9/16/2010 9:21 PM 583640]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [8/24/2010 9:26 PM 136176]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [1/15/2010 5:49 AM 227232]
.
Contents of the 'Scheduled Tasks' folder

2010-09-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-08-25 04:26]

2010-09-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-08-25 04:26]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com
mStart Page = hxxp://www.yahoo.com
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
uInternet Settings,ProxyOverride =
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
IE: &Google Search - c:\program files\Google\GoogleToolbar1.dll/cmsearch.html
IE: Backward Links - c:\program files\Google\GoogleToolbar1.dll/cmbacklinks.html
IE: Cached Snapshot of Page - c:\program files\Google\GoogleToolbar1.dll/cmcache.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
IE: Similar Pages - c:\program files\Google\GoogleToolbar1.dll/cmsimilar.html
IE: Translate into English - c:\program files\Google\GoogleToolbar1.dll/cmtrans.html
FF - ProfilePath - c:\documents and settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2642707&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - TranslatorBar 5.2 Customized Web Search
FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT2642707&SearchSource=13
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=ffds1&p=
FF - component: c:\documents and settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\extensions\{23256f20-0d9b-4323-b005-6e5de569c4b7}\components\FFExternalAlert.dll
FF - component: c:\documents and settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\extensions\{23256f20-0d9b-4323-b005-6e5de569c4b7}\components\RadioWMPCore.dll
FF - component: c:\documents and settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\extensions\[emailprotected]\components\FFExternalAlert.dll
FF - component: c:\documents and settings\User\Application Data\Mozilla\Firefox\Profiles\a1qipwmg.default\extensions\[emailprotected]\components\RadioWMPCore.dll
FF - component: c:\program files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}\components\SkypeFfComponent.dll
FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\Java\jre1.5.0\bin\NPJava11.dll
FF - plugin: c:\program files\Java\jre1.5.0\bin\NPJava12.dll
FF - plugin: c:\program files\Java\jre1.5.0\bin\NPJava13.dll
FF - plugin: c:\program files\Java\jre1.5.0\bin\NPJava14.dll
FF - plugin: c:\program files\Java\jre1.5.0\bin\NPJava32.dll
FF - plugin: c:\program files\Java\jre1.5.0\bin\NPJPI150.dll
FF - plugin: c:\program files\Java\jre1.5.0\bin\NPOJI610.dll

---- FIREFOX POLICIES ----
FF - user.js: yahoo.ytff.general.dontshowhpoffer - truec:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-09-18 16:22
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(868)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\WININET.dll
c:\windows\system32\VESWinlogon.dll

- - - - - - - > 'explorer.exe'(5696)
c:\windows\system32\WININET.dll
c:\windows\TEMP\logishrd\LVPrcInj01.dll
c:\program files\Microsoft Office\OFFICE11\msohev.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
.
------------------------ Other Running Processes ------------------------
.
c:\progra~1\COMMON~1\AOL\ACS\AOLacsd.exe
c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
c:\program files\Common Files\Motive\McciCMService.exe
c:\progra~1\AVG\AVG8\avgrsx.exe
c:\progra~1\AVG\AVG8\avgnsx.exe
c:\program files\Intel\Wireless\Bin\RegSrvc.exe
c:\windows\system32\wdfmgr.exe
c:\program files\Sony\VAIO Event Service\VESMgr.exe
c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
c:\windows\wanmpsvc.exe
c:\program files\Yahoo!\SoftwareUpdate\YahooAUService.exe
c:\windows\system32\igfxext.exe
c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
c:\program files\AVG\AVG8\avgcsrvx.exe
c:\windows\system32\wscntfy.exe
c:\program files\AOL 9.1\waol.exe
c:\program files\Common Files\Logishrd\LQCVFX\COCIManager.exe
c:\progra~1\Yahoo!\Messenger\ymsgr_tray.exe
c:\program files\AOL 9.1\shellmon.exe
.
**************************************************************************
.
Completion time: 2010-09-18 16:31:44 - machine was rebooted
ComboFix-quarantined-files.txt 2010-09-18 23:31
ComboFix2.txt 2010-09-11 05:26
ComboFix3.txt 2010-09-09 00:22
ComboFix4.txt 2010-09-08 18:27

Pre-Run: 41,830,486,016 bytes free
Post-Run: 42,044,772,352 bytes free

- - End Of File - - 3E5B0F3FE448F4C9FD26029C9B93F9C4
Quote

What could have happened to the connection as my firefox is working fine . However, my aol hompage is static and as for now just shows a white screen upon sign on . The status bar at the top of the aol screen shows connected and signed on
You said Firefox is working well but what browser is your AOL homepage on? Can you please give me a screenprint.

How to post screenshots or images

Have you tried uninstalling AOL and downloading a new version?
Dave, I have resolved the issue with logging onto AOL by uninstalling and then installing the updated version. Now, the only issue left over isto do with the much increased wait time from the time I logon to windows till I can actually run any programs. Also, and more surprisingly is the time taken to open new browser windows in Firefox etc....I notice that the time taken for such processes is approx twice as much as before...We should do some cleanup and then I will give you a couple of links to try to speed up your computer while booting. You should investigate how much RAM you're running and what programs start when you boot. Also check to see how much free space you have on your C: drive. You should have at least 15/% in order for your computer to run correctly. If all these fail to speed up your computer, perhaps, you should start a new thread in the appropriate software forum.

Slow Computer? It may not be Malware for free cleaning/maintenance tools to help keep your computer running smoothly.
**********************************

StartupLite

Download StartupLite by MalwareBytes to your Desktop.
Doubleclick StartupLite.exe to launch the program.
Ensure the Disable box is checked.
Click Continue.
A pop up message will tell you the unecessary startup items in your list have been disabled and ask you to restart your computer.
Re-start your computer.
*****************************
Clean-up

* Click START then RUN - Vista users press the Windows Key and the R keys for the Run box.
* Now type Combofix /uninstall in the runbox
* Make sure there's a space between Combofix and /Uninstall
* Then hit Enter

* The above procedure will:
* Delete the following:
* ComboFix and its associated files and folders.
* Reset the clock settings.
* Hide file extensions, if required.
* Hide System/Hidden files, if required.
* Set a new, clean Restore POINT.

*********************************

Clean out your temporary internet files and temp files.

Download TFC by OldTimer to your desktop.

Double-click TFC.exe to run it.

Note: If you are running on Vista, right-click on the file and choose Run As Administrator

TFC will close all programs when run, so make sure you have saved all your work before you begin.

* Click the Start button to begin the cleaning process.
* Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two.
* Please let TFC run uninterrupted until it is finished.

Once TFC is finished it should restart your computer. If it does not, please manually restart the computer yourself to ensure a complete cleaning.

**********************************

Use the Secunia Software Inspector to check for out of date software.

•Click Start Now

•Check the box next to Enable thorough system inspection.

•Click Start

•Allow the scan to finish and scroll down to see if any updates are needed.
•Update anything listed.
.
----------

Go to Microsoft Windows Update and get all critical updates.

----------

I suggest using WOT - Web of Trust. WOT is a free Internet security addon for your browser. It will keep you safe from online scams, identity theft, spyware, spam, viruses and unreliable shopping sites. WOT warns you before you interact with a risky website. It's easy and it's free.

SpywareBlaster- SECURE your Internet Explorer to make it harder for ActiveX programs to run on your computer. Also stop certain cookies from being added to your computer when running Mozilla based browsers like Firefox.
* Using SpywareBlaster to protect your computer from Spyware and Malware
* If you don't know what ActiveX controls are, see here

Protect yourself against spyware using the Immunize feature in Spybot - Search & Destroy. Guide: Use Spybot's Immunize Feature to prevent spyware infection in real-time. Note: To ensure you have the latest Immunizations always update Spybot - Search & Destroy before Immunizing. Spybot - Search & Destroy FAQ

Check out Keeping Yourself Safe On The Web for tips and free tools to help keep you safe in the future.

Safe Surfing!Super D, I have completed the steps outlined in the last post. However, it seems that there is a very long system lag issue from the time of logging on to windows to getting something to appear on screen takes close to 8 minutes. I know we have completed alot of processes to get yahoo msg up and running but this system lag is a bummer. Take for instance my AOL , at times it will just freeze on screen and requires a close down of program and reopen. What do you think can be done to rid the system of the lag?

Btw I did a system check and it seems I have adequate ram resources and no other issues were evident on the system performance diagnosis. You could try this tool. If it doesn't improve I would suggest that you start a new thread in the proper Windows software forum.

StartupLite

Download StartupLite by MalwareBytes to your Desktop.
Doubleclick StartupLite.exe to launch the program.
Ensure the Disable box is checked.
Click Continue.
A pop up message will tell you the unecessary startup items in your list have been disabled and ask you to restart your computer.
Re-start your computer.


Discussion

No Comment Found

Related InterviewSolutions