Hello,
I was playing around with my sister's laptop trying to plug with s-video with T.V.
I was able to connect laptop to T.V after help from tech support from HP. I also, installed uniblue's registry booster 2.1 and Emule. Everything work fine. When I tried to connect emule my sister's laptop was not able to connect to KAD network. I "typed server.met file" and selected one of different server listed in emule. I was able to connect to both KAD and E2dk. My sister left laptop overnight while running emule. Next morning her Interent connection is no longer working. She can't access the Internet. However, her wireless Lan connection is fine. Her IP, Dns, Dhcp servers are same as rest of my pc and my compaq laptop. IP=192.168.1.x, dns=192.168.1.x. When she reboot the computer it does connect to Internet, but connection fail after few minutes. She usually use firefox and sent a error message saying," connection timed out." Her I.E 7 has a same problem but, says "page can not displayed." Dns error. I tried to reset router and cable modem. Problem still exist. I have Comcast and linksys wireless router. Her laptop can pickup wireless signal and
download file from emule, but no Internet Access. After surfing Internet for answer to my sister's problems so site recommanded I type "regsvr32, softpub.dll, wintrust.dll, Initpki.dll, Rsaenh.dll, Mssip32, cryptdlg.dll and for win xp regsvr32, Dssenh.dll, Gpksp.dll, slbcsp.dll, and sccbase.dll." It didn't do anything. However, after rebooting windows briefly displayed warning saying, "IP address Mismatch." I don't understand because when I type "ipconfig/all" results were same as before. I tried to restore previous setting, but no luck. I uninstalled both emule and registrybooster yet I still can't connect to Internet. Now When I press Firefox icon it doesn't even load. I ping google and received no lost packets. I just don't know what is wrong? It is possible my sister's laptop is infected with virus or spyware. Because she was complainning her IE connection to homepage was slow. Past few days. She doesn't regularly run AV or Anti-spyware program. When she was running emule her AV and Ad-Aware. Her laptop is HP Pavilion with Win XP home edition, Amd Sempron, I.E 7, and firefox 2.0.7.
Thanks.

Let's see, you run on a peer to peer network with an unsecured machine and you think you might be infected????

Download a copy of Hijackthis (http://filehippo.com/download_hijackthis/) and save it to your desktop. Run the program and choose the option to scan and create a log. Post the contents of the log here for review.

Hello,
I am posting result of scanned result below. I hope scanned result provide you with more information.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:09:03 PM, on 9/25/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\hphmon06.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb1 1.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\HPQ\SHARED\HPQWMI.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [HPHUPD06] C:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb1 1.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Researcher - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Common Files\Microsoft Shared\Encarta Researcher\EROPROJ.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q305&bd=pavilion&pf=laptop
O15 - ESC Trusted Zone: [url]http://*.update.microsoft.com[/url]
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - [url]http://go.microsoft.com/fwlink/?linkid=39204[/url]
O16 - DPF: {1DE9BB01-B121-401D-8877-BCD5ED5B7EE5} (Tpwin Control) - [url]http://www.crezio.com/test/leeyunho/AlwaysOn/AlwaysOn.CAB[/url]
O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - [url]http://h20270.www2.hp.com/ediags/gmn/install/hpobjinstaller_gmn.cab[/url]
O16 - DPF: {340CCF52-D65F-4A11-80B3-13DC23697B59} (BugsInstall Control) - [url]http://player.bugs.co.kr/install/BugsInstall_2006_02_11.cab[/url]
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - [url]http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1121353026359[/url]
O16 - DPF: {87B9BA5F-0028-4CA2-8FC3-E07658AB4D4E} (¼O¸®¹U´U ¿A¸￡°n A￥ ÆÐA°Ao ¼³A¡ AAÆ®·N) - [url]http://download.soribada.com/down/Orgel/SBORGELI.OCX[/url]
O16 - DPF: {9BED3AC7-E6D4-43E7-B8A1-1FA502F639E1} (XTools Control) - [url]http://player.bugs.co.kr/install/XTools.cab[/url]
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - [url]https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx[/url]
O16 - DPF: {BF628973-1E86-4D0E-B42C-EDDECFFABDBC} (Bugs AoD Class) - [url]http://player.bugs.co.kr/install/BugsLoader20041018.cab[/url]
O16 - DPF: {D572CD64-9310-4712-8FFC-A4F9DC9D4AC1} (QbicUpdate Control) - [url]http://qbic.hanafos.com/component/QbicUpdate.CAB[/url]
O16 - DPF: {DDE6FED7-88AB-405B-9D77-FD4CDA8B9EB5} (Qbic Control) - [url]http://qbic.hanafos.com/component/Qbic.CAB[/url]
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: CA ISafe (CAISafe) - Computer Associates International, Inc. - C:\WINDOWS\system32\ZoneLabs\isafe.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 9767 bytes

Thanks for your interest and hope to hear from you soon.

Hello,
After posting scanned log. I left my sister's laptop idle for 30 minutes. Her laptop monitor became gray at first than change in to light black. This spread rest of the monitor. Eventually, entire monitor is black and non-responsive. It happened before whenever, computer is having a problem. However, incident is not regular it happens at random. Rebooting seem to solve problem. I don't know whether this information is helpful.
Thanks and Have nice day.

Download this file - combofix.exe (http://download.bleepingcomputer.com/sUBs/combofix.exe)
2. Double click combofix.exe & follow the prompts.
3. When finished, it will produce a log for you. Post that log in your next reply

Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall...

tell me if the system is improved....

Hello,
I am posting result of Combofix log as you requested it.

Combofix Log
ComboFix 07-09-21.2 - "anonymous" 2007-09-25 23:51:02.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.949.82.1033.18.104 [GMT -5:00]
* Created a new restore point

Other Deletions


C:\DOCUME~1\ALLUSE~1\APPLIC~1.\Starware
C:\DOCUME~1\ALLUSE~1\APPLIC~1.\Starware\buttons\cu rsorcafeA.bmp
C:\DOCUME~1\ALLUSE~1\APPLIC~1.\Starware\buttons\ga mesA.bmp
C:\DOCUME~1\ALLUSE~1\APPLIC~1.\Starware\buttons\mo viesA.bmp
C:\DOCUME~1\ALLUSE~1\APPLIC~1.\Starware\buttons\Re ference.bmp
C:\DOCUME~1\ALLUSE~1\APPLIC~1.\Starware\buttons\Re ferenceHot.bmp
C:\DOCUME~1\ALLUSE~1\APPLIC~1.\Starware\buttons\re ferencehotxp.png
C:\DOCUME~1\ALLUSE~1\APPLIC~1.\Starware\buttons\re ferencexp.png
C:\DOCUME~1\ALLUSE~1\APPLIC~1.\Starware\buttons\sc reensaverA.bmp
C:\DOCUME~1\ALLUSE~1\APPLIC~1.\Starware\buttons\We ather.bmp
C:\DOCUME~1\ALLUSE~1\APPLIC~1.\Starware\buttons\we atherhotxp.png
C:\DOCUME~1\ALLUSE~1\APPLIC~1.\Starware\buttons\we atherxp.png
C:\DOCUME~1\ALLUSE~1\APPLIC~1.\Starware\images\wal ertXP.bmp
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware\buttons\cur sorcafeA.bmp
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware\buttons\gam esA.bmp
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware\buttons\mov iesA.bmp
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware\buttons\Ref erence.bmp
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware\buttons\Ref erenceHot.bmp
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware\buttons\ref erencehotxp.png
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware\buttons\ref erencexp.png
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware\buttons\scr eensaverA.bmp
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware\buttons\Wea ther.bmp
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware\buttons\wea therhotxp.png
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware\buttons\wea therxp.png
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware\images\wale rtXP.bmp
C:\WINDOWS\hosts

.
((((((((((((((((((((((((( Files Created from 2007-08-26 to 2007-09-26 )))))))))))))))))))))))))))))))
.

2007-09-25 23:49 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-09-25 13:08 <DIR> d-------- C:\Program Files\Trend Micro

.
Find3M Report
.
2007-09-25 03:33 --------- d-------- C:\Program Files\eMule
2007-09-25 03:32 --------- d-------- C:\Program Files\iolo
2007-09-25 03:31 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\iolo
2007-07-30 19:19 92504 --a------ C:\WINDOWS\system32\dllcache\cdm.dll
2007-07-30 19:19 92504 --a------ C:\WINDOWS\system32\cdm.dll
2007-07-30 19:19 549720 --a------ C:\WINDOWS\system32\wuapi.dll
2007-07-30 19:19 549720 --a------ C:\WINDOWS\system32\dllcache\wuapi.dll
2007-07-30 19:19 53080 --a------ C:\WINDOWS\system32\wuauclt.exe
2007-07-30 19:19 53080 --a------ C:\WINDOWS\system32\dllcache\wuauclt.exe
2007-07-30 19:19 43352 --a------ C:\WINDOWS\system32\wups2.dll
2007-07-30 19:19 325976 --a------ C:\WINDOWS\system32\wucltui.dll
2007-07-30 19:19 325976 --a------ C:\WINDOWS\system32\dllcache\wucltui.dll
2007-07-30 19:19 203096 --a------ C:\WINDOWS\system32\wuweb.dll
2007-07-30 19:19 203096 --a------ C:\WINDOWS\system32\dllcache\wuweb.dll
2007-07-30 19:19 1712984 --a------ C:\WINDOWS\system32\wuaueng.dll
2007-07-30 19:19 1712984 --a------ C:\WINDOWS\system32\dllcache\wuaueng.dll
2007-07-30 19:18 33624 --a------ C:\WINDOWS\system32\wups.dll
2007-07-30 19:18 33624 --a------ C:\WINDOWS\system32\dllcache\wups.dll
2007-07-19 01:59 3583488 --a------ C:\WINDOWS\system32\dllcache\mshtml.dll
2007-07-12 18:31 765952 --a------ C:\WINDOWS\system32\dllcache\vgx.dll
2007-06-27 09:34 823808 --a------ C:\WINDOWS\system32\dllcache\wininet.dll
2007-06-27 09:34 671232 --a------ C:\WINDOWS\system32\dllcache\mstime.dll
2007-06-27 09:34 6058496 --------- C:\WINDOWS\system32\dllcache\ieframe.dll
2007-06-27 09:34 52224 --------- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2007-06-27 09:34 477696 --a------ C:\WINDOWS\system32\dllcache\mshtmled.dll
2007-06-27 09:34 459264 --------- C:\WINDOWS\system32\dllcache\msfeeds.dll
2007-06-27 09:34 44544 --------- C:\WINDOWS\system32\dllcache\iernonce.dll
2007-06-27 09:34 384512 --------- C:\WINDOWS\system32\dllcache\iedkcs32.dll
2007-06-27 09:34 383488 --------- C:\WINDOWS\system32\dllcache\ieapfltr.dll
2007-06-27 09:34 27648 --a------ C:\WINDOWS\system32\dllcache\jsproxy.dll
2007-06-27 09:34 267776 --------- C:\WINDOWS\system32\dllcache\iertutil.dll
2007-06-27 09:34 232960 --------- C:\WINDOWS\system32\dllcache\webcheck.dll
2007-06-27 09:34 230400 --------- C:\WINDOWS\system32\dllcache\ieaksie.dll
2007-06-27 09:34 193024 --a------ C:\WINDOWS\system32\dllcache\msrating.dll
2007-06-27 09:34 153088 --------- C:\WINDOWS\system32\dllcache\ieakeng.dll
2007-06-27 09:34 132608 --a------ C:\WINDOWS\system32\dllcache\extmgr.dll
2007-06-27 09:34 124928 --------- C:\WINDOWS\system32\dllcache\advpack.dll
2007-06-27 09:34 1152000 --a------ C:\WINDOWS\system32\dllcache\urlmon.dll
2007-06-27 09:34 105984 --------- C:\WINDOWS\system32\dllcache\url.dll
2007-06-27 09:34 102400 --------- C:\WINDOWS\system32\dllcache\occache.dll
2007-06-27 03:27 63488 --------- C:\WINDOWS\system32\dllcache\ie4uinit.exe
2007-06-27 03:27 625152 --------- C:\WINDOWS\system32\dllcache\iexplore.exe
2007-06-27 03:27 13824 --------- C:\WINDOWS\system32\dllcache\ieudinit.exe
2007-06-27 02:00 161792 --------- C:\WINDOWS\system32\dllcache\ieakui.dll
2007-06-26 22:10 317440 --a------ C:\WINDOWS\system32\dllcache\unregmp2.exe
2007-06-26 01:08 1104896 --a------ C:\WINDOWS\system32\msxml3.dll
2007-06-26 01:08 1104896 --------- C:\WINDOWS\system32\dllcache\msxml3.dll
.

Reg Loading Points
.

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"hpWirelessAssistant"="C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe" [2005-04-01 17:11]
"eabconfg.cpl"="C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe" [2004-12-03 13:24]
"HP Component Manager"="C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" [2005-01-12 14:54]
"HPHmon06"="C:\WINDOWS\system32\hphmon06.exe" [2004-06-06 23:42]
"SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [2005-02-02 07:12]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2005-02-02 07:11]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2005-04-29 08:02]
"LSBWatcher"="c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe" [2004-10-14 15:54]
"HPHUPD06"="C:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe" [2004-06-06 23:53]
"HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb1 1.exe" [2004-04-06 05:28]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-04-11 10:00]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 03:00]
"Uniblue RegistryBooster 2"="C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe" []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Acrobat Speed Launcher.lnk]
backup=C:\WINDOWS\pss\Adobe Acrobat Speed Launcher.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]
backup=C:\WINDOWS\pss\Adobe Gamma Loader.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Image Zone Fast Start.lnk]
backup=C:\WINDOWS\pss\HP Image Zone Fast Start.lnkCommon Startup


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 7.0]
"C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG7_CC]
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ioloDelayModule]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
"C:\Program Files\Messenger\msmsgs.exe" /background

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NWEReboot]


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uniblue RegistryBooster 2]
C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr]
C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AdobeUpdateManager.exe AcPro7_0_5 -reboot 1

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zone Labs Client]
"C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"

*Newly Created Service* - CATCHME
.
Contents of the 'Scheduled Tasks' folder
"2007-09-25 21:12:02 C:\WINDOWS\Tasks\HP Usg Daily.job"
- C:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\pexpress\hphped05.exe
.
************************************************** ************************

catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [url]http://www.gmer.net[/url]
Rootkit scan 2007-09-25 23:56:10
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

************************************************** ************************
.
Completion time: 2007-09-25 23:58:01
C:\ComboFix-quarantined-files.txt ... 2007-09-25 23:57
.
--- E O F ---
Thanks again for your continuing support Classicsoftware.

How is the system running??????

Hello,
Rest of system is working fine. I just can't access the Internet. However, I contacted HP online chat support and she suggested few simple methods such as, dumping Tcp and renewing it. However, I when tried to dump tcp and renew it I received a command shell error that prevent me from dumping tcp. Also, I tried to installed counterspy, but there was error in installing due to script error.
Also, her laptop doesn't react whenever, I try to install new software. I tried to install winare and Nero than computer was causing problems. I had to uninstalled softwares. Also, My sister mention her Internet connection was getting slow. It took long time to open her I.E.'s homepage which is the Television website with fancy flash,CSS, and provided streaming media. However, loading speed is slower than before. Does combofix scan shows any possible cause of problems? Or simple Dns or Dncp problems. This another incident doesn't happen regularly, but last night while she was watching DVd with her laptop she left her computer idle for 20 minutes. Her bottom of right monitor start turning in to gray than black which eventually, spread to rest of monitor. It also became non-responsive. I assume video driver is out of date or something more serious? However, it only happens at random and maybe 1 or twice per month. Is there any virus or spyware present? I can't excute tcp dump through dos prompt. There is no major system failure other than can't access the Internet. My past experience showed problem is not major, but rather small, yet I can't figure out what is wrong.

Thanks again for your continuing interest.