Here are the logs & info you requested from the other thread:.....
1st,..DDS Log;...
DDS (Ver_09-06-26.01) - NTFSx86
Run by Ron.M at 11:24:51.31 on Tue 11/10/2009
Internet Explorer: 7.0.5730.13
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1014.614 [GMT -8:00]
AV: avast! antivirus 4.8.1356 [VPS 091110-1] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
============== Running Processes ===============
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\slmdmsr.exe
C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Documents and Settings\Ron.M\Desktop\New Folder\NetZero\exec.exe
C:\Program Files\DNA\btdna.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Greenshot\Greenshot.exe
C:\Documents and Settings\Ron.M\Desktop\New Folder\NetZero\exec.exe
C:\PROGRA~1\SPEEDB~1\VideoAcceleratorEngine.exe
C:\Documents and Settings\Ron.M\Desktop\New Folder\NetZero\qsacc\x1exec.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Ron.M\Desktop\dds.scr
============== Pseudo HJT Report ===============
uSearch Page = hxxp://my.netzero.net/s/search?r=minisearch
uSearch Bar = hxxp://my.netzero.net/s/search?r=minisearch
uInternet Connection Wizard,ShellNext = hxxp://my.netzero.net/s/sp?r=al&cf=sp&ClientVersion=8.4.0&mem=ron.m&login=3a0ba2a1607571fd0cce61dbca618e1b/ron.m:netzero.net/1239416131/30/sss.8.48463/&ts=49dffd43&A=739741990000009&B=1212476400000&C=1212476400000&D=1222153200000&I=8.NH4&N=PLHSNAVUSERSSUSER&O=I&UT=
uInternet Settings,ProxyServer = http=127.0.0.1:7900
uInternet Settings,ProxyOverride = searchap.untd.com;127.0.0.1;localhost;*microsoft.com;*windowsupdate.com;*wustat.
windows.com;*test-speed.com;liveupdate.symantecliveupdate.com;*symantec.com;*.nai.com;*.networkass
ociates.com;cf.netzero.net;qs.netzero.net;*.quicken.com;*.pogo.com;<local>
uSearchURL,(Default) = hxxp://my.netzero.net/s/search?r=minisearch
mSearchAssistant = hxxp://my.netzero.net/s/search?r=minisearch
uURLSearchHooks: URLSearchHook Class: {37d2cdbf-2af4-44aa-8113-bd0d2da3c2b8} - c:\documents and settings\ron.m\desktop\new folder\netzero\SearchEnh1.dll
BHO: GetGo URLCatch: {0315aa2c-10c7-4504-a1c4-f552aba8a095} - c:\program files\getgo software\getgo download manager\URLCatch.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AskBar BHO: {201f27d4-3704-41d6-89c1-aa35e39143ed} - c:\program files\askbardis\bar\bin\askBar.dll
BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No File
BHO: Pop-up Blocker: {52706ef7-d7a2-49ad-a615-e903858cf284} - c:\documents and settings\ron.m\desktop\new folder\netzero\qsacc\X1IEBHO.dll
BHO: RoboForm: {724d43a9-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll
BHO: TBSB00982 Class: {da3d342f-ff20-4e31-9e82-22334155730c} - c:\program files\antbar\ant.com toolbar\tbcore3.dll
BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: &RoboForm: {724d43a0-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll
TB: ZeroBar: {f0f8ecbe-d460-4b34-b007-56a92e8f84a7} - c:\documents and settings\ron.m\desktop\new folder\netzero\Toolbar.dll
TB: Foxit Toolbar: {3041d03e-fd4b-44e0-b742-2d9b88305f98} - c:\program files\askbardis\bar\bin\askBar.dll
TB: GetGo Toolbar: {075bbe29-fec0-404a-a459-ff58713616fa} - c:\program files\getgo software\getgo download manager\GGToolBand.dll
TB: Ant.com Toolbar: {6cd56c02-cb4d-41b5-a0fe-b479061ccb41} - c:\program files\antbar\ant.com toolbar\tbcore3.dll
TB: {71576546-354D-41C9-AAE8-31F2EC22BF0D} - No File
TB: {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No File
uRun: [NetZero_uoltray] c:\documents and settings\ron.m\desktop\new folder\netzero\exec.exe regrun
uRun: [BitTorrent DNA] "c:\program files\dna\btdna.exe"
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [RoboForm] "c:\program files\siber systems\ai roboform\RoboTaskBarIcon.exe"
mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [avast!] c:\progra~1\alwils~1\avast4\ashDisp.exe
mRun: [LXCFCATS] rundll32 c:\windows\system32\spool\drivers\w32x86\3\LXCFtime.dll,_RunDLLEntry@16
mRun: [Windows Defender] "c:\program files\windows defender\MSASCui.exe" -hide
mRun: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] c:\program files\google\gmail notifier\gnotify.exe
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [PC Pitstop Optimize Reminder] c:\program files\pcpitstop\optimize3\Reminder-Optimize3.exe
StartupFolder: c:\docume~1\ron~1\startm~1\programs\startup\cnette~1.lnk - c:\documents and settings\ron.m\application data\cbs interactive\cnet techtracker\TechTracker.exe
StartupFolder: c:\docume~1\ronald~1\startm~1\programs\startup\erunta~1.lnk - c:\program files\erunt\AUTOBACK.EXE
StartupFolder: c:\docume~1\ronald~1\startm~1\programs\startup\greens~1.lnk - c:\program files\greenshot\Greenshot.exe
IE: &Down&load &Link& Us&ing Ge&tGo - c:\program files\getgo software\getgo download manager\GGCatch.htm
IE: &Down&load All &Links& Us&ing Ge&tGo - c:\program files\getgo software\getgo download manager\GGCatchAll.htm
IE: &GetGo Toolbar Search - c:\program files\getgo software\getgo download manager\GGToolBand.dll/MENUSEARCH.HTM
IE: Customize Menu - file://c:\program files\siber systems\ai roboform\RoboFormComCustomizeIEMenu.html
IE: Display All Images with Full Quality - c:\documents and settings\ron.m\desktop\new folder\netzero\qsacc\appres.dll/228
IE: Display Image with Full Quality - c:\documents and settings\ron.m\desktop\new folder\netzero\qsacc\appres.dll/227
IE: Fill Forms - file://c:\program files\siber systems\ai roboform\RoboFormComFillForms.html
IE: RoboForm Toolbar - file://c:\program files\siber systems\ai roboform\RoboFormComShowToolbar.html
IE: Save Forms - file://c:\program files\siber systems\ai roboform\RoboFormComSavePass.html
IE: {01A13E40-2F55-4397-B39B-7851BCFB8008} - c:\program files\getgo software\getgo download manager\GetGoDM.exe
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - c:\program files\siber systems\ai roboform\RoboFormComFillForms.html
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - c:\program files\siber systems\ai roboform\RoboFormComSavePass.html
IE: {724d43aa-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\RoboFormComShowToolbar.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
LSP: c:\progra~1\speedb~1\sblsp.dll
DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} - hxxp://pcpitstop.com/pcpitstop/pcpitstop.cab
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} - hxxp://www.systemrequirementslab.com/srl_bin/sysreqlab_srl.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1240693214421
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} - hxxp://utilities.pcpitstop.com/Optimize3/pcpitstop2.dll
TCP: {F4D53855-1F88-4FE7-873A-E5693E89EF5E} = 64.136.52.73 64.136.44.73
Notify: igfxcui - igfxsrvc.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - c:\progra~1\wifd1f~1\MpShHook.dll
============= SERVICES / DRIVERS ===============
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-4-11 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-4-11 20560]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast4\ashServ.exe [2009-4-11 138680]
R2 VideoAcceleratorService;VideoAcceleratorService;c:\progra~1\speedb~1\videoacceleratorservice.exe -start -scm --> c:\progra~1\speedb~1\VideoAcceleratorService.exe -start -scm [?]
R2 WinDefend;Windows Defender;c:\program files\windows defender\MsMpEng.exe [2006-11-3 13592]
R3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast4\ashMaiSv.exe [2009-4-11 254040]
R3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast4\ashWebSv.exe [2009-4-11 352920]
S3 cpuz132;cpuz132;c:\windows\system32\drivers\cpuz132_x32.sys [2009-5-18 12672]
S4 PCPitstop Scheduling;PCPitstop Scheduling;c:\program files\pcpitstop\PCPitstopScheduleService.exe [2009-11-9 90352]
=============== Created Last 30 ================
2009-11-09 09:54 82 a------- c:\windows\wininit.ini
2009-11-07 17:25 <DIR> --d----- c:\windows\pss
2009-10-31 15:49 <DIR> --d----- c:\windows\system32\wbem\Repository
2009-10-31 15:48 <DIR> --d----- c:\program files\WindoFix
2009-10-31 15:48 <DIR> --d----- c:\program files\Antbar
2009-10-31 15:46 <DIR> --d----- c:\program files\JPEG to PDF
2009-10-31 15:46 <DIR> --d----- c:\windows\CD95F661A5C444F5A6AAECDD91C240B8.TMP
2009-10-31 15:46 <DIR> --d----- c:\docume~1\ron~1\applic~1\GetGo Software
2009-10-31 15:46 <DIR> --d----- C:\DownloaderData
2009-10-31 15:46 <DIR> --d----- c:\docume~1\ron~1\applic~1\GrabPro
2009-10-31 15:46 <DIR> --d----- c:\windows\system32\drivers\SLDRV
2009-10-31 15:45 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Canneverbe Limited
2009-10-31 15:45 <DIR> --d----- c:\program files\Perfect Uninstaller
2009-10-31 15:14 <DIR> --d----- c:\windows\LastGood(2)
2009-10-17 17:04 1,679,952 a------- C:\JPEG Power.PDF
2009-10-17 17:02 1,679,949 a------- C:\JPEG Power t.PDF
2009-10-17 16:57 25,029 a------- C:\JPEG_Output.PDF
2009-10-17 16:32 <DIR> --d----- c:\program files\AZ PNG to PDF Converter
2009-10-13 15:58 0 ac------ c:\windows\system32\FOXIT_PDF
2009-10-12 18:57 <DIR> --d----- c:\program files\IrfanView
==================== Find3M ====================
2009-10-11 04:17 411,368 a------- c:\windows\system32\deploytk.dll
2009-10-01 09:29 195,440 -------- c:\windows\system32\MpSigStub.exe
2009-09-28 20:57 7,168 a------- c:\windows\system32\drivers\StarOpen.sys
2009-09-11 06:13 136,704 a------- c:\windows\system32\msv1_0.dll
2009-09-04 13:03 58,880 a------- c:\windows\system32\msasn1.dll
2009-08-28 23:36 832,512 a------- c:\windows\system32\wininet.dll
2009-08-28 23:36 78,336 a------- c:\windows\system32\ieencode.dll
2009-08-28 23:36 17,408 a------- c:\windows\system32\corpol.dll
2009-08-26 00:00 247,326 a------- c:\windows\system32\strmdll.dll
2009-05-28 17:23 70,984 a------- c:\documents and settings\ron.m\g2mdlhlpx.exe
============= FINISH: 11:25:18.92 ===============
2nd;....Kaspersky Log;....
-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7.0: scan report
Sunday, November 8, 2009
Operating system: Microsoft Windows XP Professional Service Pack 3 (build 2600)
Kaspersky Online Scanner version: 7.0.26.13
Last database update: Monday, November 09, 2009 02:41:58
Records in database: 3179435
--------------------------------------------------------------------------------
Scan settings:
scan using the following database: extended
Scan archives: yes
Scan e-mail databases: yes
Scan area - My Computer:
A:\
C:\
D:\
Scan statistics:
Objects scanned: 42438
Threats found: 2
Infected objects found: 3
Suspicious objects found: 0
Scan duration: 00:58:38
File name / Threat / Threats count
C:\Documents and Settings\Ron.M\Local Settings\Application Data\Microsoft\Windows Defender\FileTracker\{60B71BEA-9772-4445-BEE7-744AC19A8F28} Infected: Trojan.Win32.Qhost.mcf 1
C:\Documents and Settings\Ron.M\Local Settings\Application Data\Microsoft\Windows Defender\FileTracker\{64B05E9B-9AA8-45B9-B737-9AACB66448D7} Infected: Trojan.Win32.Qhost.mcf 1
C:\Documents and Settings\Ron.M\My Documents\dolphin.exe Infected: Worm.Win32.AutoRun.azsz 1
Selected area has been scanned.
3rd;...Rootrepeal Log
Attach_Rootrepeal.txt 11.87KB 625 downloads
I did not uninstall the "dolphin" file yet...
I don't know if you can get rid of the worm only or if the file has to go...
Can you also help me with this;....
Yesterday I ran SpyBot & Avast....
SpyBot found 45 problems that I went ahead & fixed....
1 nasty cookie , etc....
Avast found nothing before I fixed them with SpyBot....
But there are 2 infected files in the "chest"....(Avast)
I can delete those files , but I'm VERY concerned what would happen if I did....
I have some questions to ask about this stuff....
#1=...How safe is it to delete the 2 infected files found on Avast ???..ANY complications to worry about ???
#2=...If I did delete those 2 files , & had a problem develop , how would I correct it ???
Mr TomK, ..You have NO idea how much I appreciate your help...THANK YOU.... ....
Later...Ron.M.... ....