Below are the two logs you requested. FYI, my system appears more normal now...able to reset the time on the PC and have my control panel back...not receiving the two irritating trojan-related messages...I uninstalled many of the tools I downloaded while trying to troubleshoot myself...also done a scan disk repair followed by a defrag...one again, thanks for your continued help, I sincerely appreciate it!!!
ComboFix 08-01-09.2 - Owner 2008-01-09 11:57:04.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.574 [GMT -6:00]
Running from: C:\Documents and Settings\Owner.YOUR-E92F6775CF\Desktop\ComboFix.exe
* Created a new restore point
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
D:\Autorun.inf
.
((((((((((((((((((((((((( Files Created from 2007-12-09 to 2008-01-09 )))))))))))))))))))))))))))))))
.
2008-01-09 11:56 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
2008-01-07 07:17 . 2008-01-07 07:17 <DIR> d-------- C:\WINDOWS\ERUNT
2008-01-07 06:49 . 2008-01-07 06:49 <DIR> d-------- C:\Documents and Settings\Owner.YOUR-E92F6775CF\Application Data\Uniblue
2008-01-07 02:52 . 2008-01-07 02:53 <DIR> d-------- C:\Documents and Settings\Owner.YOUR-E92F6775CF\Application Data\RegClean
2008-01-07 00:55 . 2008-01-07 08:52 <DIR> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-01-06 13:53 . 2007-07-30 19:19 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui
2008-01-06 13:52 . 2007-07-30 19:18 34,136 --a------ C:\WINDOWS\system32\wucltui.dll.mui
2008-01-06 13:52 . 2007-07-30 19:19 25,944 --a------ C:\WINDOWS\system32\wuaucpl.cpl.mui
2008-01-06 13:52 . 2007-07-30 19:19 25,944 --a------ C:\WINDOWS\system32\wuapi.dll.mui
2008-01-06 13:52 . 2007-07-30 19:18 20,312 --a------ C:\WINDOWS\system32\wuaueng.dll.mui
2008-01-06 10:02 . 2007-03-17 07:43 292,864 -----c--- C:\WINDOWS\system32\dllcache\winsrv.dll
2008-01-06 09:44 . 2008-01-06 09:44 <DIR> d-------- C:\Documents and Settings\Owner.YOUR-E92F6775CF\Application Data\TrojanHunter
2008-01-06 09:28 . 2008-01-06 09:28 5,376 --a------ C:\WINDOWS\system32\drivers\MS1000.sys
2008-01-06 09:26 . 2008-01-07 05:09 <DIR> d-------- C:\Program Files\The Cleaner Free
2008-01-06 09:17 . 2008-01-06 08:55 <DIR> d-------- C:\Program Files\TrojanHunter 4.0
2008-01-06 09:09 . 2008-01-07 06:25 250 --a------ C:\WINDOWS\gmer.ini
2008-01-06 09:02 . 2008-01-07 08:49 <DIR> d-------- C:\Program Files\TrojanHunter 5.0
2008-01-06 08:57 . 2008-01-06 08:57 75 --a------ C:\WINDOWS\pccillin.ini
2008-01-06 02:34 . 2006-08-13 17:38 221 --ah----- C:\boot.ini.SAB
2008-01-04 12:21 . 2008-01-07 08:47 <DIR> d-------- C:\Program Files\SUPERAntiSpyware
2008-01-04 12:21 . 2008-01-07 08:47 <DIR> d-------- C:\Documents and Settings\Owner.YOUR-E92F6775CF\Application Data\SUPERAntiSpyware.com
2008-01-04 12:21 . 2008-01-04 12:21 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-01-04 12:20 . 2008-01-04 12:20 5,914,648 --a------ C:\SUPERAntiSpyware.exe
2008-01-03 23:28 . 2008-01-03 23:29 977 --a------ C:\WINDOWS\Active Setup Log.BAK
2008-01-03 23:24 . 2007-07-09 07:16 582,656 -----c--- C:\WINDOWS\system32\dllcache\rpcrt4.dll
2008-01-03 23:05 . 2008-01-03 23:06 5,154,304 --a------ C:\WindowsDefender.msi
2008-01-03 21:43 . 2007-06-30 21:31 2,455,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dat
2008-01-03 21:43 . 2007-06-30 21:36 991,232 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll.mui
2008-01-03 21:43 . 2007-10-10 17:55 459,264 -----c--- C:\WINDOWS\system32\dllcache\msfeeds.dll
2008-01-03 21:43 . 2007-06-27 08:34 383,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dll
2008-01-03 21:43 . 2007-10-10 17:55 267,776 -----c--- C:\WINDOWS\system32\dllcache\iertutil.dll
2008-01-03 21:43 . 2007-10-10 17:55 63,488 -----c--- C:\WINDOWS\system32\dllcache\icardie.dll
2008-01-03 21:43 . 2007-10-10 17:55 52,224 -----c--- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2008-01-03 21:43 . 2007-10-10 04:59 13,824 -----c--- C:\WINDOWS\system32\dllcache\ieudinit.exe
2008-01-03 21:42 . 2007-10-10 17:55 6,065,664 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll
2008-01-03 21:42 . 2007-08-13 18:54 33,792 --a--c--- C:\WINDOWS\system32\dllcache\custsat.dll
2008-01-03 21:27 . 2008-01-03 21:27 15,452,536 --a------ C:\IE7-WindowsXP-x86-enu.exe
2008-01-03 19:54 . 2007-04-25 08:21 144,896 -----c--- C:\WINDOWS\system32\dllcache\schannel.dll
2008-01-03 19:52 . 2007-02-28 03:55 2,182,144 -----c--- C:\WINDOWS\system32\dllcache\ntoskrnl.exe
2008-01-03 19:52 . 2007-02-28 03:53 2,137,600 -----c--- C:\WINDOWS\system32\dllcache\ntkrnlmp.exe
2008-01-03 19:52 . 2007-02-28 03:15 2,017,280 -----c--- C:\WINDOWS\system32\dllcache\ntkrpamp.exe
2008-01-03 19:51 . 2007-02-05 14:17 185,344 -----c--- C:\WINDOWS\system32\dllcache\upnphost.dll
2008-01-03 19:50 . 2007-05-17 05:28 549,376 -----c--- C:\WINDOWS\system32\dllcache\oleaut32.dll
2008-01-03 19:14 . 2007-03-08 07:47 1,843,584 -----c--- C:\WINDOWS\system32\dllcache\win32k.sys
2008-01-03 19:14 . 2007-03-08 09:36 577,536 -----c--- C:\WINDOWS\system32\dllcache\user32.dll
2008-01-03 19:14 . 2007-06-19 07:31 282,112 -----c--- C:\WINDOWS\system32\dllcache\gdi32.dll
2008-01-03 19:14 . 2007-03-08 09:36 40,960 -----c--- C:\WINDOWS\system32\dllcache\mf3216.dll
2008-01-03 18:21 . 2008-01-03 19:15 <DIR> d-------- C:\cccb75b2548ce3daf1dff0f94b
2008-01-03 15:22 . 2008-01-03 15:24 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Trend Micro
2008-01-03 15:22 . 2007-09-17 14:31 1,126,072 --a------ C:\WINDOWS\system32\drivers\vsapint.sys
2008-01-03 15:22 . 2006-12-29 00:53 288,848 --a------ C:\WINDOWS\system32\drivers\TM_CFW.sys
2008-01-03 15:22 . 2007-09-17 14:40 202,768 --a------ C:\WINDOWS\system32\drivers\tmxpflt.sys
2008-01-03 15:22 . 2006-12-29 00:53 111,888 --a------ C:\WINDOWS\system32\drivers\tm_mbd_c.sys
2008-01-03 15:22 . 2006-12-29 00:53 75,088 --a------ C:\WINDOWS\system32\drivers\tmtdi.sys
2008-01-03 15:22 . 2007-09-17 14:40 35,856 --a------ C:\WINDOWS\system32\drivers\tmpreflt.sys
2008-01-03 13:00 . 2008-01-06 20:34 <DIR> d-------- C:\Program Files\Trend Micro
2008-01-01 22:55 . 2008-01-05 06:57 4,224 --a--c--- C:\WINDOWS\system32\dllcache\beep.sys
2007-12-26 21:17 . 2007-12-26 21:17 14,848 --ahs---- C:\WINDOWS\system32\Thumbs.db
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-07 14:51 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-01-07 14:51 --------- d-----w C:\Program Files\CyberLink
2008-01-05 12:57 4,224 ----a-w C:\WINDOWS\system32\drivers\beep.sys
2007-12-25 20:46 --------- d-----w C:\Program Files\Napster
2007-11-18 02:09 --------- d-----w C:\Documents and Settings\Owner.YOUR-E92F6775CF\Application Data\Roxio
2007-11-17 15:56 --------- d-----w C:\Program Files\Real
2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 17:24 1694208]
"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 16:45 313472]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 13:00 15360]
"Uniblue RegistryBooster 2"="C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe" [ ]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Recguard"="%WINDIR%\SMINST\RECGUARD.EXE" [ ]
"AGRSMMSG"="AGRSMMSG.exe" [2005-12-12 17:50 88204 C:\WINDOWS\AGRSMMSG.exe]
"NvCplDaemon"="RUNDLL32.exe" [2004-08-10 13:00 33280 C:\WINDOWS\system32\rundll32.exe]
"DriveIcons"="C:\Program Files\DriveIcon\DriveIcon.exe" [2006-03-16 23:07 655360]
"acEventServ"="C:\Program Files\ActivCard\ActivCard Gold\acevtsrv.exe" [2003-07-01 05:42 28672]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2003-01-01 22:04 98304]
"OrderReminder"="C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe" [2006-07-21 10:00 98304]
"pccguide.exe"="C:\Program Files\Trend Micro\Internet Security 2007\pccguide.exe" [2007-01-23 00:26 3429904]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Power2GoExpress"="NA" []
"DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-03-22 19:29 39264]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\acAuth]
acauth.dll 2002-12-17 09:11 65536 C:\WINDOWS\system32\acauth.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray]
--a------ 2005-08-05 22:56 64512 C:\WINDOWS\ehome\ehtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSKDetectorExe]
C:\Program Files\McAfee\SpamKiller\MSKDetct.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Reminder]
%WINDIR%\Creator\Remind_XP.exe
R2 ACachSrv;ActivCard Authentication Service;C:\Program Files\Common Files\ActivCard\acachsrv.exe [2002-12-17 06:38]
R2 acautoreg;ActivCard Gold Autoregister;C:\Program Files\Common Files\ActivCard\acautoreg.exe [2002-11-29 12:43]
R2 Accoca;ActivCard Gold service;C:\Program Files\Common Files\ActivCard\accoca.exe [2002-08-12 14:54]
R3 nvsmu;nvsmu;C:\WINDOWS\system32\DRIVERS\nvsmu.sys [2006-03-06 15:49]
S3 RTSTOR;USB Mass Stroage Device;C:\WINDOWS\system32\drivers\RTSTOR.SYS [2005-12-15 19:00]
S3 SCRx31 USB Reader;SCRx31 USB Reader;C:\WINDOWS\system32\DRIVERS\stc2.sys [2004-01-15 12:27]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D]
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe folder.htt 480 480
.
Contents of the 'Scheduled Tasks' folder
"2006-08-13 21:21:23 C:\WINDOWS\Tasks\ISP signup reminder 2.job"
- C:\WINDOWS\system32\OOBE\oobebaln.exe
"2008-01-07 14:30:41 C:\WINDOWS\Tasks\RegClean Scheduled Scan.job"
- C:\Program Files\RegClean\RegClean.ex
- C:\Program Files\RegClean
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2008-01-09 12:01:05
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2008-01-09 12:02:52 - machine was rebooted
ComboFix-quarantined-files.txt 2008-01-09 18:02:07
.
2008-01-09 03:50:52 --- E O F ---
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:05:16 PM, on 1/9/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\ActivCard\acachsrv.exe
C:\Program Files\Common Files\ActivCard\acautoreg.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
C:\WINDOWS\system32\dllhost.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\PcScnSrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\DriveIcon\DriveIcon.exe
C:\Program Files\ActivCard\ActivCard Gold\acevtsrv.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe
C:\Program Files\Trend Micro\Internet Security 2007\pccguide.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ActivCard\ActivCard Gold\agquickp.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
http://www.gateway.com/g/startpage.html ... B&M=MX3414O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [DriveIcons] C:\Program Files\DriveIcon\DriveIcon.exe
O4 - HKLM\..\Run: [acEventServ] "C:\Program Files\ActivCard\ActivCard Gold\acevtsrv.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 2007\pccguide.exe"
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - Global Startup: ActivCard Gold Smart Card Agent.lnk = C:\Program Files\ActivCard\ActivCard Gold\agquickp.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O20 - Winlogon Notify: acAuth - C:\WINDOWS\SYSTEM32\acauth.dll
O23 - Service: ActivCard Authentication Service (ACachSrv) - ActivCard - C:\Program Files\Common Files\ActivCard\acachsrv.exe
O23 - Service: ActivCard Gold Autoregister (acautoreg) - ActivCard S.A. - C:\Program Files\Common Files\ActivCard\acautoreg.exe
O23 - Service: ActivCard Gold service (Accoca) - ActivCard - C:\Program Files\Common Files\ActivCard\accoca.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
O23 - Service: Trend Micro Protection Against Spyware (PcScnSrv) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcScnSrv.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
--
End of file - 4401 bytes