This computer will not connect to the internet. I know that it's the computer and not the modem because it will connect with my laptop, but not the desktop in question. ISP customer service said that the ethernet card may be bad. With the problems that I've been having with malware on this computer (see thread http://www.pcguide.com/vb/showthread.php?t=63010), I'm not sure that there isn't some malware that is preventing it from working properly.

I downloaded the updated driver from http://support.3com.com/infodeli/tools/nic/3c905c.htm and restarted the computer to re-try the connection - failed.

Any other suggestions?

I've ran combofix already and have that log and an HJT log available. They are posted below:

ComboFix 08-04-09.1 - bulldog 04/09/2008 15:45:14.2 - NTFSx86 MINIMAL
Microsoft Windows 2000 Professional 5.0.2195.4.1252.1.1033.18.139 [GMT -4:00]
Running from: C:\Documents and Settings\Administrator\Desktop\ComboFix.exe

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((( Files Created from 2008-03-09 to 2008-04-09 )))))))))))))))))))))))))))))))
.

2008-04-09 15:45 . 04/09/08 03:45p 16,384 --a----t- C:\WINNT\system32\Perflib_Perfdata_1ac.dat
2008-04-09 14:51 . 04/09/08 03:32p 918,164 ---h----- C:\WINNT\ShellIconCache
2008-04-09 12:21 . 04/09/08 12:21p 16,384 --a----t- C:\WINNT\system32\Perflib_Perfdata_398.dat
2008-04-09 12:15 . 04/09/08 12:15p 16,384 --a----t- C:\WINNT\system32\Perflib_Perfdata_3a4.dat
2008-04-07 09:44 . 04/07/08 09:44a 16,384 --a----t- C:\WINNT\system32\Perflib_Perfdata_330.dat
2008-04-07 09:30 . 04/07/08 09:30a 16,384 --a----t- C:\WINNT\system32\Perflib_Perfdata_524.dat
2008-04-04 17:52 . 04/04/08 05:52p 16,384 --a----t- C:\WINNT\system32\Perflib_Perfdata_38c.dat
2008-04-04 17:51 . 04/04/08 05:51p 158,208 --a------ C:\WINNT\msconfig.exe
2008-04-04 17:45 . 04/09/08 02:24p <DIR> d-------- C:\Nate's fixes
2008-04-04 16:50 . 04/04/08 05:34p <DIR> d-------- C:\Program Files\XoftSpySE
2008-04-04 15:01 . 04/04/08 03:01p 16,384 --a----t- C:\WINNT\system32\Perflib_Perfdata_394.dat
2008-04-04 12:23 . 04/04/08 12:23p <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\InstallShield
2008-04-04 10:48 . 04/04/08 10:48a 16,384 --a----t- C:\WINNT\system32\Perflib_Perfdata_380.dat
2008-04-04 08:52 . 08/01/07 10:47p 102,664 --a------ C:\WINNT\system32\drivers\tmcomm.sys
2008-04-04 07:25 . 04/04/08 09:00a <DIR> d-------- C:\Documents and Settings\Administrator\.housecall6.6
2008-03-28 18:25 . 06/19/03 12:05p 1,015,859 --a------ C:\WINNT\system32\MFC42.1
2008-03-28 18:25 . 12/10/07 12:39p 575,488 --a------ C:\WINNT\system32\WININET.1
2008-03-28 18:25 . 07/26/00 08:00a 565,760 --a------ C:\WINNT\system32\MSVCP50.1
2008-03-28 18:25 . 06/19/03 12:05p 286,773 --a------ C:\WINNT\system32\MSVCRT.1
2008-03-28 18:12 . 07/26/00 08:00a 438 --a------ C:\WINNT\system32\autoexec.nt
2008-03-28 14:45 . 03/28/08 02:45p <DIR> d-------- C:\Program Files\Trend Micro
2008-03-28 14:21 . 03/28/08 03:00p <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\PC-Cleaner
2008-03-28 14:20 . 04/04/08 10:11a <DIR> d-------- C:\Program Files\PC-Cleaner
2008-03-28 13:06 . 03/28/08 01:06p <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\OfficeUpdate12
2008-03-28 12:22 . 05/11/07 03:41a 524,560 -----c--- C:\WINNT\system32\dllcache\kodakimg.exe
2008-03-28 12:22 . 08/17/07 02:48a 448,272 -----c--- C:\WINNT\system32\dllcache\oieng400.dll
2008-03-28 12:22 . 05/11/07 03:42a 73,488 -----c--- C:\WINNT\system32\dllcache\kodakprv.exe
2008-03-28 12:22 . 08/17/07 02:48a 39,184 -----c--- C:\WINNT\system32\dllcache\jpeg2x32.dll
2008-03-28 11:03 . 03/28/08 11:03a <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
2008-03-28 09:00 . 05/28/07 03:56a 6,258,688 --a------ C:\WINNT\system32\sp3res.dll
2008-03-28 09:00 . 05/28/07 03:56a 6,258,688 --a--c--- C:\WINNT\system32\dllcache\sp3res.dll
2008-03-28 09:00 . 06/25/07 02:25a 53,008 --a--c--- C:\WINNT\system32\dllcache\agentdpv.dll
2008-03-28 08:57 . 04/23/07 02:22a 939,280 --a------ C:\WINNT\system32\ntdsa.dll
2008-03-28 08:57 . 04/23/07 02:22a 939,280 --a--c--- C:\WINNT\system32\dllcache\ntdsa.dll
2008-03-28 08:32 . 04/05/07 03:17a 2,854,400 --a------ C:\WINNT\system32\msi.dll
2008-03-28 08:32 . 04/05/07 03:17a 2,854,400 -----c--- C:\WINNT\system32\dllcache\msi.dll
2008-03-28 08:21 . 10/16/07 07:34a 513,808 --a------ C:\WINNT\system32\LSASRV.DLL
2008-03-27 12:33 . 03/27/08 01:45p <DIR> d-------- C:\f69767954c0b14435fc70dc7594e6c
2008-03-27 12:08 . 03/27/08 12:08p 98,304 --a------ C:\WINNT\system32\maxifciu.exe
2008-03-27 11:58 . 04/04/08 12:28p <DIR> d-------- C:\WINNT\winsxs
2008-03-27 11:57 . 03/27/08 11:57a <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Hewlett-Packard
2008-03-27 11:57 . 08/17/07 09:29p 118,272 --a------ C:\WINNT\system32\hpz3l4x6.dll
2008-03-27 11:57 . 12/22/98 02:38p 3,144 --a--c--- C:\WINNT\system32\dllcache\srgb.icm
2008-03-27 11:56 . 06/19/03 12:05p 12,592 --a------ C:\WINNT\system32\drivers\usbscan.sys
2008-03-27 11:56 . 06/19/03 12:05p 12,592 --a--c--- C:\WINNT\system32\dllcache\usbscan.sys
2008-03-27 11:50 . 07/10/07 05:01a 258,048 --a------ C:\WINNT\system32\hpzids01.dll
2008-03-27 11:50 . 07/10/07 04:23a 49,920 --a------ C:\WINNT\system32\drivers\HPZid412.sys
2008-03-27 11:50 . 07/10/07 04:23a 21,568 --a------ C:\WINNT\system32\drivers\HPZius12.sys
2008-03-27 11:50 . 07/10/07 04:23a 16,496 --a------ C:\WINNT\system32\drivers\HPZipr12.sys
2008-03-27 11:49 . 03/27/08 11:50a <DIR> d----c--- C:\WINNT\system32\DRVSTORE
2008-03-27 11:49 . 03/27/08 11:49a <DIR> d-------- C:\WINNT\marco
2008-03-27 11:49 . 07/10/07 04:23a 892,928 --a------ C:\WINNT\system32\hpwtiop2.dll
2008-03-27 11:49 . 07/10/07 04:23a 364,544 --a------ C:\WINNT\system32\hppldcoi.dll
2008-03-27 11:49 . 07/10/07 04:23a 309,760 --a------ C:\WINNT\system32\difxapi.dll
2008-03-27 11:49 . 07/10/07 04:23a 294,912 --a------ C:\WINNT\system32\hpovst11.dll
2008-03-27 11:49 . 07/10/07 04:23a 233,472 --a------ C:\WINNT\system32\hpwtusd1.dll
2008-03-27 11:48 . 03/27/08 12:06p 136,053 --a------ C:\WINNT\hpwins10.dat
2008-03-27 11:46 . 07/10/07 05:01a 1,269,760 --a------ C:\WINNT\hpzshl01.exe
2008-03-27 11:46 . 07/10/07 05:01a 1,126,400 --a------ C:\WINNT\hpzmsi01.exe
2008-03-27 11:46 . 09/17/07 04:48a 10,376 --a------ C:\WINNT\hpwscr10.dat
2008-03-27 11:46 . 09/17/07 04:45a 1,042 --a------ C:\WINNT\hpwmdl10.dat
2008-03-27 10:34 . 03/27/08 10:35a <DIR> d-------- C:\temp\FixEngine
2008-03-17 14:49 . 03/17/08 02:49p 524,288 --a------ C:\WINNT\opuc.dll
2008-03-13 12:32 . 03/13/08 12:32p 26,112 --a------ C:\WINNT\system32\winuwh32.dll
2008-03-13 08:38 . 07/30/07 07:18p 34,136 --a------ C:\WINNT\system32\wucltui.dll.mui
2008-03-13 08:38 . 07/30/07 07:19p 25,944 --a------ C:\WINNT\system32\wuaucpl.cpl.mui
2008-03-13 08:38 . 07/30/07 07:19p 25,944 --a------ C:\WINNT\system32\wuapi.dll.mui
2008-03-13 08:38 . 07/30/07 07:18p 20,312 --a------ C:\WINNT\system32\wuaueng.dll.mui

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2008-04-09 19:42 --------- d-----w C:\Program Files\Insight
2008-04-04 16:29 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-04-04 16:25 --------- d-----w C:\Documents and Settings\Administrator\Application Data\AdobeUM
2008-03-27 14:34 --------- d-----w C:\Program Files\HP
2008-02-04 22:23 693,792 ----a-w C:\WINNT\system32\OGACheckControl.DLL
2007-03-06 21:07 34,632 ----a-w C:\Documents and Settings\Administrator\Application Data\GDIPFONTCACHEV1.DAT
2002-02-05 17:05 271 ---h--w C:\Program Files\desktop.ini
2002-02-05 17:05 21,952 ---h--w C:\Program Files\folder.htt
2000-07-26 12:00 32,528 ----a-w C:\WINNT\inf\wbfirdma.sys
.

((((((((((((((((((((((((((((( snapshot@Tue 2008-04-01_ 8.13.45.21 )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-11-20 20:04:32 1,523,536 ----a-w C:\WINNT\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe
+ 2007-09-21 19:53:44 385,536 ----a-w C:\WINNT\Downloaded Program Files\Housecall_ActiveX.dll
- 2000-08-31 12:00:00 163,328 ----a-w C:\WINNT\erdnt\Hiv-backup\ERDNT.EXE
+ 2005-10-21 00:02:28 163,328 ----a-w

C:\WINNT\erdnt\Hiv-backup\ERDNT.EXE
+ 2000-08-31 12:00:00 73,728 ----a-w C:\WINNT\fdsv.exe
+ 2000-08-31 12:00:00 80,412 ----a-w C:\WINNT\grep.exe
+ 2000-08-31 12:00:00 98,816 ----a-w C:\WINNT\sed.exe
+ 2000-08-31 12:00:00 161,792 ----a-w C:\WINNT\swreg.exe
+ 2000-08-31 12:00:00 136,704 ----a-w C:\WINNT\swsc.exe
+ 2000-08-31 12:00:00 212,480 ----a-w C:\WINNT\swxcacls.exe
- 2001-06-21 01:50:54 1,585,152 ----a-w C:\WINNT\system32\actrpt2.dll
+ 2007-07-10 06:16:34 1,823,800 ----a-w C:\WINNT\system32\actrpt2.dll
- 2001-06-21 01:51:34 847,872 ----a-w C:\WINNT\system32\ardesign2.dll
+ 2007-07-10 06:16:34 904,248 ----a-w C:\WINNT\system32\ardesign2.dll
+ 2007-08-23 14:49:42 45,056 ----a-w C:\WINNT\system32\arxinstall.dll
- 2004-05-06 02:23:00 147,456 ----a-w C:\WINNT\system32\ATRauthentec.dll
+ 2006-09-18 18:05:00 147,456 ----a-w C:\WINNT\system32\ATRauthentec.dll
- 2003-09-28 21:45:00 1,109,512 ----a-w C:\WINNT\system32\ATSC51.dll
+ 2005-09-13 13:39:44 1,109,512 ----a-r C:\WINNT\system32\ATSC51.dll
- 2002-09-17 21:10:44 73,728 ----a-w C:\WINNT\system32\bioapi_dummy100.dll
+ 2005-09-13 13:38:52 73,728 ----a-w C:\WINNT\system32\bioapi_dummy100.dll
- 2002-09-17 21:07:32 131,072 ----a-w C:\WINNT\system32\bioapi_mds300.dll
+ 2005-09-13 13:38:52 131,072 ----a-w C:\WINNT\system32\bioapi_mds300.dll
- 2002-09-17 21:10:54 94,208 ----a-w C:\WINNT\system32\bioapi100.dll
+ 2005-09-13 13:38:52 94,208 ----a-w C:\WINNT\system32\bioapi100.dll
+ 2007-01-22 16:27:16 746,400 ----a-w C:\WINNT\system32\ChilkatFtp2.dll
+ 2007-01-22 16:27:48 1,483,680 ----a-w C:\WINNT\system32\ChilkatMail2.dll
+ 2007-01-22 16:28:38 1,647,520 ----a-w C:\WINNT\system32\ChilkatZip2.dll
- 2001-06-12 17:21:30 266,240 ----a-w C:\WINNT\system32\exclexpt.dll
+ 2007-07-10 06:16:36 355,384 ----a-w C:\WINNT\system32\exclexpt.dll
+ 2006-03-16 16:12:02 122,880 ----a-w C:\WINNT\system32\FKNet300.dll
+ 2006-02-22 00:14:00 45,056 ----a-w C:\WINNT\system32\FKRS300.dll
- 2001-06-12 17:21:58 544,768 ----a-w C:\WINNT\system32\htmlexpt.dll
+ 2007-07-10 06:16:36 551,992 ----a-w C:\WINNT\system32\htmlexpt.dll
+ 2003-06-19 16:05:04 21,776 ----a-w C:\WINNT\system32\lpdsvc.dll
+ 2003-06-19 16:05:04 18,192 ----a-w C:\WINNT\system32\lprmon.dll
+ 2007-11-21 00:04:14 218,496 ----a-r C:\WINNT\system32\Macromed\Flash\FlashUtil9e.exe
- 2007-09-10 23:25:00 48,238 ----a-w C:\WINNT\system32\Macromed\Flash\uninstall_activeX .exe
+ 2008-04-04 15:17:35 74,649 ----a-w C:\WINNT\system32\Macromed\Flash\uninstall_activeX .exe
- 2001-04-05 16:43:20 118,784 ----a-w C:\WINNT\system32\msstdfmt.dll
+ 2004-02-23 05:00:00 119,808 ----a-w C:\WINNT\system32\MSSTDFMT.DLL
- 2001-06-12 19:59:58 253,952 ----a-w C:\WINNT\system32\pdfexpt.dll
+ 2007-07-10 06:16:36 375,864 ----a-w C:\WINNT\system32\pdfexpt.dll
- 2002-09-17 21:11:00 81,920 ----a-w C:\WINNT\system32\pwbsp.dll
+ 2005-09-13 13:38:54 81,920 ----a-w C:\WINNT\system32\pwbsp.dll
- 2001-06-12 17:19:36 106,496 ----a-w C:\WINNT\system32\rtfexpt.dll
+ 2007-07-10 06:16:38 207,928 ----a-w C:\WINNT\system32\rtfexpt.dll
- 2001-06-12 17:19:18 90,112 ----a-w C:\WINNT\system32\textexpt.dll
+ 2007-07-10 06:16:38 130,104 ----a-w C:\WINNT\system32\textexpt.dll
- 2001-06-12 17:22:30 262,144 ----a-w C:\WINNT\system32\tiffexpt.dll
+ 2007-07-10 06:16:38 257,080 ----a-w C:\WINNT\system32\tiffexpt.dll
- 2001-03-28 23:46:24 28,672 ----a-w C:\WINNT\system32\TimerLite.dll
+ 2005-09-13 13:39:22 28,672 ----a-w C:\WINNT\system32\TimerLite.dll
- 2002-12-02 20:01:40 208,896 ----a-w C:\WINNT\system32\touchChipBsp.dll
+ 2005-09-13 13:38:54 208,896 ----a-w C:\WINNT\system32\touchChipBsp.dll
+ 1998-06-18 05:00:00 89,360 ----a-w C:\WINNT\system32\VB5DB.DLL
+ 2000-08-31 12:00:00 49,152 ----a-w C:\WINNT\VFind.exe
+ 2005-09-23 03:48:08 479,232 ----a-w C:\WINNT\winsxs\x86_Microsoft.VC80.CRT_1fc8b3b9a1e 18e3b_8.0.50727.42_x-ww_0de06acd\msvcm80.dll
+ 2005-09-23 03:48:08 548,864 ----a-w C:\WINNT\winsxs\x86_Microsoft.VC80.CRT_1fc8b3b9a1e 18e3b_8.0.50727.42_x-ww_0de06acd\msvcp80.dll
+ 2005-09-23 03:48:06 626,688 ----a-w C:\WINNT\winsxs\x86_Microsoft.VC80.CRT_1fc8b3b9a1e 18e3b_8.0.50727.42_x-ww_0de06acd\msvcr80.dll
+ 2005-09-23 05:16:02 1,093,632 ----a-w C:\WINNT\winsxs\x86_Microsoft.VC80.MFC_1fc8b3b9a1e 18e3b_8.0.50727.42_x-ww_dec6ddd2\mfc80.dll
+ 2005-09-23 05:16:06 1,079,808 ----a-w C:\WINNT\winsxs\x86_Microsoft.VC80.MFC_1fc8b3b9a1e 18e3b_8.0.50727.42_x-ww_dec6ddd2\mfc80u.dll
+ 2005-09-23 05:16:08 69,632 ----a-w C:\WINNT\winsxs\x86_Microsoft.VC80.MFC_1fc8b3b9a1e 18e3b_8.0.50727.42_x-ww_dec6ddd2\mfcm80.dll
+ 2005-09-23 05:16:10 57,344 ----a-w C:\WINNT\winsxs\x86_Microsoft.VC80.MFC_1fc8b3b9a1e 18e3b_8.0.50727.42_x-ww_dec6ddd2\mfcm80u.dll
+ 2000-08-31 12:00:00 68,096 ----a-w C:\WINNT\zip.exe
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe" [06/14/07 02:58a 68856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"OfficeScanNT Monitor"="C:\OfficeScan NT\pccntmon.exe" [03/15/05 05:55p 335872]
"Synchronization Manager"="mobsync.exe" [06/19/03 12:05p 111376 C:\WINNT\system32\mobsync.exe]
"MULTIMEDIA KEYBOARD"="C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe" [09/21/00 03:34p 126976]
"HP Lamp"="C:\Program Files\Hewlett-Packard\HP PrecisionScan\PrecisionScan Pro\hplamp.exe" [06/25/99 02:00a 45056]
"utgj"="C:\WINNT\utgj.exe" [ ]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [09/12/05 09:26a 180269]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [12/05/05 10:59a 155648]
"CreateCD50"="C:\Program Files\Common Files\Adaptec Shared\CreateCD\CreateCD50.exe" [12/17/02 01:14p 131157]
"AdaptecDirectCD"="C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe" [12/17/02 12:28p 684032]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [ ]
"maxifciu"="C:\WINNT\system32\maxifciu.exe" [03/27/08 12:08p 98304]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\RunOnce]
"^SetupICWDesktop"="C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe" [06/19/03 12:05p 186640]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Attendance Rx.lnk - C:\Program Files\Acroprint\Attendance Rx\AttendanceRx.exe [2008-04-04 12:29:09 5750784]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\explorer\run]
"j6bXyjKcO8"= C:\WINNT\system32\winver.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"RemoteRegistry"=2 (0x2)
"mnmsrvc"=2 (0x2)
"IDriverT"=3 (0x3)
"DWMRCS"=2 (0x2)

R0 IntelATA;Intel Ultra ATA Controller;C:\WINNT\system32\DRIVERS\IntelAta.sys [03/23/01 01:00a]
R1 CCDevice;CCDevice;C:\WINNT\system32\drivers\CCDevi ce.sys [06/23/00 07:50a]
R1 cdudf;cdudf;C:\WINNT\system32\drivers\cdudf.sys [12/17/02 12:29p]
R1 msikbd2k;Multimedia Keyboard Filter Driver;C:\WINNT\system32\DRIVERS\msikbd2k.sys [06/06/00 02:51p]
R3 usbprint;Microsoft USB PRINTER Class;C:\WINNT\system32\DRIVERS\usbprint.sys [06/19/03 12:05p]
S2 nhksrv;Netropa NHK Server;C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe [09/13/00 05:18p]
S3 EL90BC;3Com EtherLink XL B/C Adapter Driver;C:\WINNT\system32\DRIVERS\el90xbc5.sys [10/03/01 07:58a]
S3 PCX500;Cisco Wireless LAN Adapters Driver;C:\WINNT\system32\DRIVERS\pcx500.sys [05/14/01 09:01a]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

*Newly Created Service* - CATCHME
.
************************************************** ************************

catchme 0.3.1351 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [url]http://www.gmer.net[/url]
Rootkit scan 2008-04-09 15:46:35
Windows 5.0.2195 Service Pack 4 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

************************************************** ************************
.
Completion time: 04/09/2008 15:47:16
ComboFix-quarantined-files.txt 2008-04-09 19:47:00
ComboFix2.txt 2008-04-01 12:15:44
Pre-Run: 15,656,529,920 bytes free
Post-Run: 15,646,285,824 bytes free

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:49:31 PM, on 4/9/2008
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe
C:\Program Files\Hewlett-Packard\HP PrecisionScan\PrecisionScan Pro\hplamp.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Adaptec Shared\CreateCD\CreateCD50.exe
C:\Program Files\Netropa\Multimedia Keyboard\mmusbkb2.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\WINNT\system32\maxifciu.exe
C:\Program Files\Netropa\Multimedia Keyboard\TrayMon.exe
C:\Program Files\Netropa\Onscreen Display\OSD.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
C:\Program Files\Acroprint\Attendance Rx\AttendanceRx.exe
C:\WINNT\explorer.exe
C:\Nate's fixes\avg75free_519a1276.exe
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\RarSFX0\avgsetu p.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.espn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.espn.com/
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\sw g.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [MULTIMEDIA KEYBOARD] C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe
O4 - HKLM\..\Run: [HP Lamp] "C:\Program Files\Hewlett-Packard\HP PrecisionScan\PrecisionScan Pro\hplamp.exe"
O4 - HKLM\..\Run: [utgj] C:\WINNT\utgj.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [CreateCD50] "C:\Program Files\Common Files\Adaptec Shared\CreateCD\CreateCD50.exe" -r
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [maxifciu] C:\WINNT\system32\maxifciu.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
O4 - HKCU\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE
O4 - HKLM\..\Policies\Explorer\Run: [j6bXyjKcO8] C:\WINNT\system32\winver.exe
O4 - HKUS\S-1-5-21-790525478-1383384898-839522115-1165\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User '?')
O4 - HKUS\S-1-5-21-790525478-1383384898-839522115-1166\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User '?')
O4 - HKUS\S-1-5-21-790525478-1383384898-839522115-1172\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User '?')
O4 - HKUS\S-1-5-21-790525478-1383384898-839522115-1178\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User '?')
O4 - HKUS\S-1-5-21-790525478-1383384898-839522115-1181\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User '?')
O4 - HKUS\S-1-5-21-790525478-1383384898-839522115-1183\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User '?')
O4 - HKUS\S-1-5-21-790525478-1383384898-839522115-1184\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User '?')
O4 - HKUS\S-1-5-21-790525478-1383384898-839522115-1185\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User '?')
O4 - HKUS\S-1-5-21-790525478-1383384898-839522115-1187\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User '?')
O4 - HKUS\S-1-5-21-790525478-1383384898-839522115-1189\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User '?')
O4 - HKUS\S-1-5-21-790525478-1383384898-839522115-1191\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User '?')
O4 - HKUS\S-1-5-21-790525478-1383384898-839522115-1199\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User '?')
O4 - HKUS\S-1-5-21-790525478-1383384898-839522115-1202\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User '?')
O4 - HKUS\S-1-5-21-790525478-1383384898-839522115-1234\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User '?')
O4 - HKUS\S-1-5-21-790525478-1383384898-839522115-1246\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User '?')
O4 - HKUS\S-1-5-21-790525478-1383384898-839522115-1256\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User '?')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop (User 'Default user')
O4 - Global Startup: Attendance Rx.lnk = C:\Program Files\Acroprint\Attendance Rx\AttendanceRx.exe
O8 - Extra context menu item: &Search - [url]http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZUxdm265YYUS[/url]
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - [url]http://go.microsoft.com/fwlink/?linkid=67633[/url]
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - [url]http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab[/url]
O16 - DPF: {54BE6B6F-3056-470B-97E1-BB92E051B6C4} (DeviceEnum Class) - [url]http://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab[/url]
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - [url]http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1205411822644[/url]
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - [url]http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1205411793822[/url]
O16 - DPF: {FC11A119-C2F7-46F4-9E32-937ABA26816E} (AMI DicomDir TreeView Control 2.1) - file://D:\CDVIEWER\CdViewer.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = rkpt.com
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = rkpt.com
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = rkpt.com
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: DameWare Mini Remote Control (DWMRCS) - DameWare Development LLC - C:\WINNT\SYSTEM32\DWRCS.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe
O24 - Desktop Component 0: (no name) - [url]http://www.insightbb.com/images/nav/webmail.gif[/url]

--
End of file - 8600 bytes

recovery console not run b/c I don't have access to install discs and obviously can't re-install windows

Do you get an IP address?

I ran ipconfig and got 0.0.0.0. Rebooted, then was able to connect. Earlier today, I received a message from another staff member that they can't connect to the internet on it again today...

Anything in the HJT log that jumps out at you?

This:
2008-04-04 16:50 . 04/04/08 05:34p <DIR> d-------- C:\Program Files\XoftSpySE

Is a rogue spyware remover program...

This is a baddie:

O4 - HKLM\..\Run: [utgj] C:\WINNT\utgj.exe

Download AVG Anti-Spyware from HERE (http://www.ewido.net/en/download/)
Install AVG Anti-Spyware
Double-click the icon on Desktop to launch AVG Anti-Spyware
You will need to update AVG Anti-Spyware to the latest definition files.
On the top of the main screen click Shield and then [active] to change it to inactive
On the top of the main screen click Update and then Start Update.
Once the update has completed select the "Scanner" icon at the top of the screen, then select the "Settings" tab.
Once in the Settings screen click on "Recommended actions" and then select "Quarantine".


Close ALL open Windows / Programs / Folders. Run AVG Anti-Spyware with it's updated definitions: (...it's important that all windows must be closed)

* Click Scanner and then the Scan tab
* Click Complete System Scan to begin scanning.

Once the scan is complete do the following:
* If you have any infections you will prompted, then select "Apply all actions"
* Once finished, click the Save report button, then click Save Report As and save it to your Desktop. (make sure to remember where you saved that file, this is important).

Close AVG Anti-Spyware and Reboot.

Post the logs and let me know how things seem to be running...

I removed XoftSpySE with Add/Remove Programs, deleted the file folder from windows explorer and from the registry.

I ran HJT and had it fix O4 - HKLM\..\Run: [utgj] C:\WINNT\utgj.exe.

Installed AVG Anti-spyware (couldn't update due to no internet connectivity) and ran the scan (log posted below):

---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 8:31:58 AM 4/14/2008

+ Scan result:



HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a} -> Adware.Generic : No action taken.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\\{c95fe080-8f5d-11d2-a20b-00aa003c157a} -> Adware.Generic : No action taken.
HKU\S-1-5-21-2304168523-1078616364-1084331957-500\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\\{c95fe080-8f5d-11d2-a20b-00aa003c157a} -> Adware.Generic : No action taken.
C:\Program Files\Common Files\Real\WeatherBug\MiniBugTransporter.dll -> Adware.Minibug : No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\ins -> Adware.WebRebates : No action taken.
C:\Documents and Settings\Default User\Cookies\administrator@2o7[1].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\Administrator\Cookies\bulldog@atdmt[2].txt -> TrackingCookie.Atdmt : No action taken.
C:\Documents and Settings\Administrator\Cookies\bulldog@doubleclick [1].txt -> TrackingCookie.Doubleclick : No action taken.
C:\Documents and Settings\Administrator\Cookies\bulldog@mediaplex[1].txt -> TrackingCookie.Mediaplex : No action taken.
C:\Documents and Settings\Administrator\Cookies\bulldog@questionmar ket[2].txt -> TrackingCookie.Questionmarket : No action taken.
C:\Documents and Settings\Administrator\Cookies\bulldog@tribalfusio n[1].txt -> TrackingCookie.Tribalfusion : No action taken.
C:\Documents and Settings\Default User\Cookies\administrator@statse.webtrendslive[1].txt -> TrackingCookie.Webtrendslive : No action taken.
C:\Documents and Settings\Administrator\Cookies\bulldog@ad.yieldman ager[2].txt -> TrackingCookie.Yieldmanager : No action taken.


::Report end

I rebooted the computer and noticed no changes (I couldn't connect to the internet) and now I can't print. I ran combofix again and here's that log file:

ComboFix 08-04-09.1 - bulldog 04/14/2008 8:47:07.2 - NTFSx86 MINIMAL
Microsoft Windows 2000 Professional 5.0.2195.4.1252.1.1033.18.99 [GMT -4:00]
Running from: C:\Documents and Settings\Administrator\Desktop\ComboFix.exe

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((( Files Created from 2008-03-14 to 2008-04-14 )))))))))))))))))))))))))))))))
.

2008-04-14 08:47 . 04/14/08 08:47a 16,384 --a----t- C:\WINNT\system32\Perflib_Perfdata_1b8.dat
2008-04-14 08:04 . 04/14/08 08:04a <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Grisoft
2008-04-14 08:03 . 05/30/07 08:10a 10,872 --a------ C:\WINNT\system32\drivers\AvgAsCln.sys
2008-04-09 18:10 . 04/14/08 08:05a 746,372 ---h----- C:\WINNT\ShellIconCache
2008-04-09 17:35 . 04/09/08 06:42p <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\AVG7
2008-04-09 16:35 . 04/09/08 04:35p <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-04-09 16:35 . 04/11/08 02:39p <DIR> d-------- C:\Documents and Settings\All Users\Application Data\avg7
2008-04-09 12:21 . 04/09/08 12:21p 16,384 --a----t- C:\WINNT\system32\Perflib_Perfdata_398.dat
2008-04-07 09:44 . 04/07/08 09:44a 16,384 --a----t- C:\WINNT\system32\Perflib_Perfdata_330.dat
2008-04-07 09:30 . 04/07/08 09:30a 16,384 --a----t- C:\WINNT\system32\Perflib_Perfdata_524.dat
2008-04-04 17:52 . 04/04/08 05:52p 16,384 --a----t- C:\WINNT\system32\Perflib_Perfdata_38c.dat
2008-04-04 17:51 . 04/04/08 05:51p 158,208 --a------ C:\WINNT\msconfig.exe
2008-04-04 17:45 . 04/09/08 05:44p <DIR> d-------- C:\Nate's fixes
2008-04-04 16:50 . 04/04/08 05:34p <DIR> d-------- C:\Program Files\XoftSpySE
2008-04-04 15:01 . 04/04/08 03:01p 16,384 --a----t- C:\WINNT\system32\Perflib_Perfdata_394.dat
2008-04-04 12:23 . 04/04/08 12:23p <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\InstallShield
2008-04-04 08:52 . 08/01/07 10:47p 102,664 --a------ C:\WINNT\system32\drivers\tmcomm.sys
2008-04-04 07:25 . 04/04/08 09:00a <DIR> d-------- C:\Documents and Settings\Administrator\.housecall6.6
2008-03-28 18:25 . 06/19/03 12:05p 1,015,859 --a------ C:\WINNT\system32\MFC42.1
2008-03-28 18:25 . 12/10/07 12:39p 575,488 --a------ C:\WINNT\system32\WININET.1
2008-03-28 18:25 . 07/26/00 08:00a 565,760 --a------ C:\WINNT\system32\MSVCP50.1
2008-03-28 18:25 . 06/19/03 12:05p 286,773 --a------ C:\WINNT\system32\MSVCRT.1
2008-03-28 18:12 . 07/26/00 08:00a 438 --a------ C:\WINNT\system32\autoexec.nt
2008-03-28 14:45 . 03/28/08 02:45p <DIR> d-------- C:\Program Files\Trend Micro
2008-03-28 14:21 . 03/28/08 03:00p <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\PC-Cleaner
2008-03-28 13:06 . 03/28/08 01:06p <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\OfficeUpdate12
2008-03-28 12:22 . 05/11/07 03:41a 524,560 -----c--- C:\WINNT\system32\dllcache\kodakimg.exe
2008-03-28 12:22 . 08/17/07 02:48a 448,272 -----c--- C:\WINNT\system32\dllcache\oieng400.dll
2008-03-28 12:22 . 05/11/07 03:42a 73,488 -----c--- C:\WINNT\system32\dllcache\kodakprv.exe
2008-03-28 12:22 . 08/17/07 02:48a 39,184 -----c--- C:\WINNT\system32\dllcache\jpeg2x32.dll
2008-03-28 11:03 . 03/28/08 11:03a <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
2008-03-28 09:00 . 05/28/07 03:56a 6,258,688 --a------ C:\WINNT\system32\sp3res.dll
2008-03-28 09:00 . 05/28/07 03:56a 6,258,688 --a--c--- C:\WINNT\system32\dllcache\sp3res.dll
2008-03-28 09:00 . 06/25/07 02:25a 53,008 --a--c--- C:\WINNT\system32\dllcache\agentdpv.dll
2008-03-28 08:57 . 04/23/07 02:22a 939,280 --a------ C:\WINNT\system32\ntdsa.dll
2008-03-28 08:57 . 04/23/07 02:22a 939,280 --a--c--- C:\WINNT\system32\dllcache\ntdsa.dll
2008-03-28 08:32 . 04/05/07 03:17a 2,854,400 --a------ C:\WINNT\system32\msi.dll
2008-03-28 08:32 . 04/05/07 03:17a 2,854,400 -----c--- C:\WINNT\system32\dllcache\msi.dll
2008-03-28 08:21 . 10/16/07 07:34a 513,808 --a------ C:\WINNT\system32\LSASRV.DLL
2008-03-27 12:33 . 03/27/08 01:45p <DIR> d-------- C:\f69767954c0b14435fc70dc7594e6c
2008-03-27 12:08 . 03/27/08 12:08p 98,304 --a------ C:\WINNT\system32\maxifciu.exe
2008-03-27 11:58 . 04/04/08 12:28p <DIR> d-------- C:\WINNT\winsxs
2008-03-27 11:57 . 03/27/08 11:57a <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Hewlett-Packard
2008-03-27 11:57 . 08/17/07 09:29p 118,272 --a------ C:\WINNT\system32\hpz3l4x6.dll
2008-03-27 11:57 . 12/22/98 02:38p 3,144 --a--c--- C:\WINNT\system32\dllcache\srgb.icm
2008-03-27 11:56 . 06/19/03 12:05p 12,592 --a------ C:\WINNT\system32\drivers\usbscan.sys
2008-03-27 11:56 . 06/19/03 12:05p 12,592 --a--c--- C:\WINNT\system32\dllcache\usbscan.sys
2008-03-27 11:50 . 07/10/07 05:01a 258,048 --a------ C:\WINNT\system32\hpzids01.dll
2008-03-27 11:50 . 07/10/07 04:23a 49,920 --a------ C:\WINNT\system32\drivers\HPZid412.sys
2008-03-27 11:50 . 07/10/07 04:23a 21,568 --a------ C:\WINNT\system32\drivers\HPZius12.sys
2008-03-27 11:50 . 07/10/07 04:23a 16,496 --a------ C:\WINNT\system32\drivers\HPZipr12.sys
2008-03-27 11:49 . 03/27/08 11:50a <DIR> d----c--- C:\WINNT\system32\DRVSTORE
2008-03-27 11:49 . 03/27/08 11:49a <DIR> d-------- C:\WINNT\marco
2008-03-27 11:49 . 07/10/07 04:23a 892,928 --a------ C:\WINNT\system32\hpwtiop2.dll
2008-03-27 11:49 . 07/10/07 04:23a 364,544 --a------ C:\WINNT\system32\hppldcoi.dll
2008-03-27 11:49 . 07/10/07 04:23a 309,760 --a------ C:\WINNT\system32\difxapi.dll
2008-03-27 11:49 . 07/10/07 04:23a 294,912 --a------ C:\WINNT\system32\hpovst11.dll
2008-03-27 11:49 . 07/10/07 04:23a 233,472 --a------ C:\WINNT\system32\hpwtusd1.dll
2008-03-27 11:48 . 03/27/08 12:06p 136,053 --a------ C:\WINNT\hpwins10.dat
2008-03-27 11:46 . 07/10/07 05:01a 1,269,760 --a------ C:\WINNT\hpzshl01.exe
2008-03-27 11:46 . 07/10/07 05:01a 1,126,400 --a------ C:\WINNT\hpzmsi01.exe
2008-03-27 11:46 . 09/17/07 04:48a 10,376 --a------ C:\WINNT\hpwscr10.dat
2008-03-27 11:46 . 09/17/07 04:45a 1,042 --a------ C:\WINNT\hpwmdl10.dat
2008-03-27 10:34 . 03/27/08 10:35a <DIR> d-------- C:\temp\FixEngine
2008-03-17 14:49 . 03/17/08 02:49p 524,288 --a------ C:\WINNT\opuc.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2008-04-09 19:42 --------- d-----w C:\Program Files\Insight
2008-04-04 16:29 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-04-04 16:25 --------- d-----w C:\Documents and Settings\Administrator\Application Data\AdobeUM
2008-03-27 14:34 --------- d-----w C:\Program Files\HP
2008-02-04 22:23 693,792 ----a-w C:\WINNT\system32\OGACheckControl.DLL
2007-03-06 21:07 34,632 ----a-w C:\Documents and Settings\Administrator\Application Data\GDIPFONTCACHEV1.DAT
2002-02-05 17:05 271 ---h--w C:\Program Files\desktop.ini
2002-02-05 17:05 21,952 ---h--w C:\Program Files\folder.htt
2000-07-26 12:00 32,528 ----a-w C:\WINNT\inf\wbfirdma.sys
.

((((((((((((((((((((((((((((( snapshot@Tue 2008-04-01_ 8.13.45.21 )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-11-20 20:04:32 1,523,536 ----a-w C:\WINNT\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe
+ 2007-09-21 19:53:44 385,536 ----a-w C:\WINNT\Downloaded Program Files\Housecall_ActiveX.dll
- 2000-08-31 12:00:00 163,328 ----a-w C:\WINNT\erdnt\Hiv-backup\ERDNT.EXE
+ 2005-10-21 00:02:28 163,328 ----a-w C:\WINNT\erdnt\Hiv-backup\ERDNT.EXE
+ 2000-08-31 12:00:00 73,728 ----a-w C:\WINNT\fdsv.exe
+ 2000-08-31 12:00:00 80,412 ----a-w C:\WINNT\grep.exe
+ 2000-08-31 12:00:00 98,816 ----a-w C:\WINNT\sed.exe
+ 2000-08-31 12:00:00 161,792 ----a-w C:\WINNT\swreg.exe
+ 2000-08-31 12:00:00 136,704 ----a-w C:\WINNT\swsc.exe
+ 2000-08-31 12:00:00 212,480 ----a-w C:\WINNT\swxcacls.exe
- 2001-06-21 01:50:54 1,585,152 ----a-w C:\WINNT\system32\actrpt2.dll
+ 2007-07-10 06:16:34 1,823,800 ----a-w C:\WINNT\system32\actrpt2.dll
- 2001-06-21 01:51:34 847,872 ----a-w C:\WINNT\system32\ardesign2.dll
+ 2007-07-10 06:16:34 904,248 ----a-w C:\WINNT\system32\ardesign2.dll
+ 2007-08-23 14:49:42 45,056 ----a-w C:\WINNT\system32\arxinstall.dll
- 2004-05-06 02:23:00 147,456 ----a-w C:\WINNT\system32\ATRauthentec.dll
+ 2006-09-18 18:05:00 147,456 ----a-w C:\WINNT\system32\ATRauthentec.dll
- 2003-09-28 21:45:00 1,109,512 ----a-w C:\WINNT\system32\ATSC51.dll
+ 2005-09-13 13:39:44 1,109,512 ----a-r C:\WINNT\system32\ATSC51.dll
- 2002-09-17 21:10:44 73,728 ----a-w C:\WINNT\system32\bioapi_dummy100.dll
+ 2005-09-13 13:38:52 73,728 ----a-w C:\WINNT\system32\bioapi_dummy100.dll
- 2002-09-17 21:07:32 131,072 ----a-w C:\WINNT\system32\bioapi_mds300.dll
+ 2005-09-13 13:38:52 131,072 ----a-w C:\WINNT\system32\bioapi_mds300.dll
- 2002-09-17 21:10:54 94,208 ----a-w C:\WINNT\system32\bioapi100.dll
+ 2005-09-13 13:38:52 94,208 ----a-w C:\WINNT\system32\bioapi100.dll
+ 2007-01-22 16:27:16 746,400 ----a-w C:\WINNT\system32\ChilkatFtp2.dll
+ 2007-01-22 16:27:48 1,483,680 ----a-w C:\WINNT\system32\ChilkatMail2.dll
+ 2007-01-22 16:28:38 1,647,520 ----a-w C:\WINNT\system32\ChilkatZip2.dll
+ 2008-04-09 20:35:25 821,856 ----a-w C:\WINNT\system32\drivers\avg7core.sys
- 2001-06-12 17:21:30 266,240 ----a-w C:\WINNT\system32\exclexpt.dll
+ 2007-07-10 06:16:36 355,384 ----a-w C:\WINNT\system32\exclexpt.dll
+ 2006-03-16 16:12:02 122,880 ----a-w C:\WINNT\system32\FKNet300.dll
+ 2006-02-22 00:14:00 45,056 ----a-w C:\WINNT\system32\FKRS300.dll
- 2001-06-12 17:21:58 544,768 ----a-w C:\WINNT\system32\htmlexpt.dll
+ 2007-07-10 06:16:36 551,992 ----a-w C:\WINNT\system32\htmlexpt.dll
+ 2003-06-19 16:05:04 21,776 ----a-w C:\WINNT\system32\lpdsvc.dll
+ 2003-06-19 16:05:04 18,192 ----a-w C:\WINNT\system32\lprmon.dll
+ 2007-11-21 00:04:14 218,496 ----a-r C:\WINNT\system32\Macromed\Flash\FlashUtil9e.exe
- 2007-09-10 23:25:00 48,238 ----a-w C:\WINNT\system32\Macromed\Flash\uninstall_activeX .exe
+ 2008-04-04 15:17:35 74,649 ----a-w C:\WINNT\system32\Macromed\Flash\uninstall_activeX .exe
- 2001-04-05 16:43:20 118,784 ----a-w C:\WINNT\system32\msstdfmt.dll
+ 2004-02-23 05:00:00 119,808 ----a-w C:\WINNT\system32\MSSTDFMT.DLL
- 2001-06-12 19:59:58 253,952 ----a-w C:\WINNT\system32\pdfexpt.dll
+ 2007-07-10 06:16:36 375,864 ----a-w C:\WINNT\system32\pdfexpt.dll
- 2002-09-17 21:11:00 81,920 ----a-w C:\WINNT\system32\pwbsp.dll
+ 2005-09-13 13:38:54 81,920 ----a-w C:\WINNT\system32\pwbsp.dll
- 2001-06-12 17:19:36 106,496 ----a-w C:\WINNT\system32\rtfexpt.dll
+ 2007-07-10 06:16:38 207,928 ----a-w C:\WINNT\system32\rtfexpt.dll
- 2001-06-12 17:19:18 90,112 ----a-w C:\WINNT\system32\textexpt.dll
+ 2007-07-10 06:16:38 130,104 ----a-w C:\WINNT\system32\textexpt.dll
- 2001-06-12 17:22:30 262,144 ----a-w C:\WINNT\system32\tiffexpt.dll
+ 2007-07-10 06:16:38 257,080 ----a-w C:\WINNT\system32\tiffexpt.dll
- 2001-03-28 23:46:24 28,672 ----a-w C:\WINNT\system32\TimerLite.dll
+ 2005-09-13 13:39:22 28,672 ----a-w C:\WINNT\system32\TimerLite.dll
- 2002-12-02 20:01:40 208,896 ----a-w C:\WINNT\system32\touchChipBsp.dll
+ 2005-09-13 13:38:54 208,896 ----a-w C:\WINNT\system32\touchChipBsp.dll
+ 1998-06-18 05:00:00 89,360 ----a-w C:\WINNT\system32\VB5DB.DLL
+ 2000-08-31 12:00:00 49,152 ----a-w C:\WINNT\VFind.exe
+ 2005-09-23 03:48:08 479,232 ----a-w C:\WINNT\winsxs\x86_Microsoft.VC80.CRT_1fc8b3b9a1e 18e3b_8.0.50727.42_x-ww_0de06acd\msvcm80.dll
+ 2005-09-23 03:48:08 548,864 ----a-w C:\WINNT\winsxs\x86_Microsoft.VC80.CRT_1fc8b3b9a1e 18e3b_8.0.50727.42_x-ww_0de06acd\msvcp80.dll
+ 2005-09-23 03:48:06 626,688 ----a-w C:\WINNT\winsxs\x86_Microsoft.VC80.CRT_1fc8b3b9a1e 18e3b_8.0.50727.42_x-ww_0de06acd\msvcr80.dll
+ 2005-09-23 05:16:02 1,093,632 ----a-w C:\WINNT\winsxs\x86_Microsoft.VC80.MFC_1fc8b3b9a1e 18e3b_8.0.50727.42_x-ww_dec6ddd2\mfc80.dll
+ 2005-09-23 05:16:06 1,079,808 ----a-w C:\WINNT\winsxs\x86_Microsoft.VC80.MFC_1fc8b3b9a1e 18e3b_8.0.50727.42_x-ww_dec6ddd2\mfc80u.dll
+ 2005-09-23 05:16:08 69,632 ----a-w C:\WINNT\winsxs\x86_Microsoft.VC80.MFC_1fc8b3b9a1e 18e3b_8.0.50727.42_x-ww_dec6ddd2\mfcm80.dll
+ 2005-09-23 05:16:10 57,344 ----a-w C:\WINNT\winsxs\x86_Microsoft.VC80.MFC_1fc8b3b9a1e 18e3b_8.0.50727.42_x-ww_dec6ddd2\mfcm80u.dll
+ 2000-08-31 12:00:00 68,096 ----a-w C:\WINNT\zip.exe
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe" [06/14/07 02:58a 68856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"Synchronization Manager"="mobsync.exe" [06/19/03 12:05p 111376 C:\WINNT\system32\mobsync.exe]
"MULTIMEDIA KEYBOARD"="C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe" [09/21/00 03:34p 126976]
"HP Lamp"="C:\Program Files\Hewlett-Packard\HP PrecisionScan\PrecisionScan Pro\hplamp.exe" [06/25/99 02:00a 45056]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [09/12/05 09:26a 180269]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [12/05/05 10:59a 155648]
"CreateCD50"="C:\Program Files\Common Files\Adaptec Shared\CreateCD\CreateCD50.exe" [12/17/02 01:14p 131157]
"AdaptecDirectCD"="C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe" [12/17/02 12:28p 684032]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [ ]
"maxifciu"="C:\WINNT\system32\maxifciu.exe" [03/27/08 12:08p 98304]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [04/09/08 04:35p 579072]
"OfficeScanNT Monitor"="C:\OfficeScan NT\pccntmon.exe" [ ]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [06/11/07 05:25a 6731312]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Run]
"AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [04/09/08 04:35p 219136]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\RunOnce]
"^SetupICWDesktop"="C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe" [06/19/03 12:05p 186640]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Attendance Rx.lnk - C:\Program Files\Acroprint\Attendance Rx\AttendanceRx.exe [2008-04-04 12:29:09 5750784]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\explorer\run]
"j6bXyjKcO8"= C:\WINNT\system32\winver.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"RemoteRegistry"=2 (0x2)
"mnmsrvc"=2 (0x2)
"IDriverT"=3 (0x3)
"DWMRCS"=2 (0x2)

R0 IntelATA;Intel Ultra ATA Controller;C:\WINNT\system32\DRIVERS\IntelAta.sys [03/23/01 01:00a]
R1 CCDevice;CCDevice;C:\WINNT\system32\drivers\CCDevi ce.sys [06/23/00 07:50a]
R1 cdudf;cdudf;C:\WINNT\system32\drivers\cdudf.sys [12/17/02 12:29p]
R1 msikbd2k;Multimedia Keyboard Filter Driver;C:\WINNT\system32\DRIVERS\msikbd2k.sys [06/06/00 02:51p]
R3 usbprint;Microsoft USB PRINTER Class;C:\WINNT\system32\DRIVERS\usbprint.sys [06/19/03 12:05p]
S2 nhksrv;Netropa NHK Server;C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe [09/13/00 05:18p]
S3 EL90BC;3Com EtherLink XL B/C Adapter Driver;C:\WINNT\system32\DRIVERS\el90xbc5.sys [10/03/01 07:58a]
S3 PCX500;Cisco Wireless LAN Adapters Driver;C:\WINNT\system32\DRIVERS\pcx500.sys [05/14/01 09:01a]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

.
************************************************** ************************

catchme 0.3.1351 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [url]http://www.gmer.net[/url]
Rootkit scan 2008-04-14 08:48:46
Windows 5.0.2195 Service Pack 4 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

************************************************** ************************
.
Completion time: 04/14/2008 8:49:28
ComboFix-quarantined-files.txt 2008-04-14 12:49:12
ComboFix2.txt 2008-04-09 19:47:16
ComboFix3.txt 2008-04-01 12:15:44
Pre-Run: 15,707,484,160 bytes free
Post-Run: 15,695,876,096 bytes free

I also cannot print. I can't even install any printers. Start>> Settings>> Printers>> Add Printer opens a dialog box stating:

Out of Resources
Printer operation cannot continue due to lack of resources. The print subsystem is unavailable.

Going to Control Panel>> Administrative Tools>> Services, the Print Spooler startup is set to automatic and log on tab is set to log on as system account (and the check box is checked for "Allow service to interact with desktop"). The general tab shows that it is stopped and when I click start, I get Error 1077: No attempts to start the service have been made since the last boot.

Still can't connect to internet. I can plug the cable into my laptop, reset the modem, and it works fine (no additional software needed). When I plug it back into the desktop, reset the modem again, I can't get online.

Help...

Control Panel>> Users and Passwords When I click the advanced tab and advanced button, I get:

MMC
snap-in failed to initialize
Name: local users and groups
CLSID {5d6179c8-17EC-11D1-9AA9-00C0-4FD8FE93}

Does this matter?

Nevermind. After trying to fix it myself for 3 hours, I gave up, removed Win2000 and installed XP and the applications that I actually use...

Thanks for your help!

Just a little off subject, but i thought id bring it up.
Classic,
XoftSpySE is not a bad application.
XoftSpySE's Wikipedia page states so
and XoftSpySE's website recieves a green rating from McAfee Site Advisor.
i believe there were problems before, but as of now it is a legitimate product.

I steer clear of it. I stick with what I know.

I was getting ready to recommend a reformat as windows appeared too corrupted to salvage.