| I ran combo fix but it did not finish and put my clock settings back to normal. Here is the log that it ran before locking up. Any help would be appreciated.
ComboFix 08-03-05.3 - Owner 2008-03-06 6:04:28.5 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.358 [GMT -6:00]
Running from: C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\21CJU9U5\ComboFix[1].exe
* Created a new restore point
[color=red][b]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/b][/color]
.
((((((((((((((((((((((((( Files Created from 2008-02-06 to 2008-03-06 )))))))))))))))))))))))))))))))
.
2008-03-05 05:59 . 2008-03-05 05:59 318,369 --a------ C:\HiJackThis.zip
2008-03-04 08:23 . 2008-03-04 08:23 <DIR> d-------- C:\Program Files\Lavasoft
2008-03-04 08:23 . 2008-03-04 08:23 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-03-04 08:22 . 2008-03-04 08:22 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-03-04 08:16 . 2004-08-04 13:00 388,608 --a------ C:\CF16817.exe
2008-03-04 08:15 . 2004-08-04 13:00 388,608 --a------ C:\CF16713.exe
2008-03-04 08:15 . 2004-08-04 13:00 388,608 --a------ C:\CF16585.exe
2008-03-04 08:13 . 2004-08-04 13:00 388,608 --a------ C:\CF16291.exe
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-24 03:12 524 ----a-w C:\Documents and Settings\Owner\Application Data\wklnhst.dat
2008-01-17 23:45 --------- d-----w C:\Documents and Settings\Owner\Application Data\GTek
2008-01-17 23:45 --------- d-----w C:\Documents and Settings\All Users\Application Data\Gtek
2008-01-11 23:34 82,380 ----a-w C:\WINDOWS\system32\drivers\AFS2K.SYS
2008-01-11 23:34 --------- d-----w C:\Program Files\Hewlett-Packard
2008-01-11 23:32 --------- d-----w C:\Program Files\HP Photosmart 11
2008-01-08 12:29 --------- d-----w C:\Program Files\DivX
2007-12-14 17:32 12,632 ----a-w C:\WINDOWS\system32\lsdelete.exe
2007-12-07 01:07 659,456 ----a-w C:\WINDOWS\system32\wininet.dll
2007-12-04 23:48 10,240 --sha-w C:\WINDOWS\rnapxs\rnapxs.dat
.
((((((((((((((((((((((((((((( snapshot@2008-03-04_19.54.51.48 ))))))))))))))))))))))))))))))))))))))))) . + 2008-03-04 14:23:30 1,038,336 ----a-r C:\WINDOWS\Installer\{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}\Icon0E6AB9FC.exe + 2008-03-04 14:23:30 178,688 ----a-r C:\WINDOWS\Installer\{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}\Icon0E6AB9FC1.exe + 2008-03-04 14:23:30 171,008 ----a-r C:\WINDOWS\Installer\{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}\IconDED53B0B.exe + 2008-03-04 14:23:30 8,704 ----a-r C:\WINDOWS\Installer\{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}\IconDED53B0B1.exe + 2007-07-11 19:37:26 6,272 ----a-w C:\WINDOWS\system32\drivers\AWRTPD.sys + 2007-08-07 18:58:08 8,320 ----a-w C:\WINDOWS\system32\drivers\AWRTRD.sys + 2007-08-07 18:56:58 9,344 ----a-w C:\WINDOWS\system32\drivers\NSDriver.sys . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 13:50 155648]
"SunKistEM"="C:\Program Files\Digital Media Reader\shwiconem.exe" [2004-11-15 17:04 135168]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-03-17 23:05 339968]
"CHotkey"="zHotkey.exe" [2005-05-03 16:02 543232 C:\WINDOWS\zHotkey.exe]
"SoundMan"="SOUNDMAN.EXE" [2005-04-15 13:01 77824 C:\WINDOWS\SOUNDMAN.EXE]
"Recguard"="%WINDIR%\SMINST\RECGUARD.EXE" [ ]
"Reminder"="%WINDIR%\Creator\Remind_XP.exe" [ ]
"HostManager"="C:\Program Files\Common Files\AOL\1196733170\EE\AOLHostManager.exe" [2004-11-03 15:03 125528]
"RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 22:24 32768]
"HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe" [2002-05-24 06:46 188416]
"F-Secure Manager"="C:\Program Files\PCSecurityShield\Common\FSM32.exe" [2005-10-25 19:51 122929]
"F-Secure TNB"="C:\Program Files\PCSecurityShield\TNB\TNBUtil.exe" [2005-07-18 08:51 700416]
"F-Secure Startup Wizard"="C:\Program Files\PCSecurityShield\FSGUI\FSSW.exe" [2005-10-18 02:29 372736]
"Pure Networks Port Magic"="C:\PROGRA~1\PURENE~1\PORTMA~1\PortAOL.exe" [2004-04-05 15:33 99480]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51 39792]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-12-11 10:56 286720]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-12-11 12:10 267048]
"DACSMiniApp"="C:\Program Files\Fisher-Price\DACS\MiniApp\DACSMiniApp.exe" [2007-07-24 12:20 197888]
"HPHmon04"="C:\WINDOWS\system32\hphmon04.exe" [2002-06-20 13:06 339968]
"HPHUPD04"="C:\Program Files\HP Photosmart 11\hphinstall\UniPatch\hphupd04.exe" [2002-05-24 06:47 49152]
"Share-to-Web Namespace Daemon"="C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe" [2002-04-17 10:42 69632]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
BigFix.lnk - C:\Program Files\BigFix\BigFix.exe [2007-12-03 19:39:35 1742384]
PCSecurityShield.lnk - C:\Program Files\PCSecurityShield\backweb\1226612\Program\fspex.exe [2007-12-04 17:47:02 32807]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
R0 FSFW;F-Secure Firewall Driver;C:\WINDOWS\system32\drivers\fsdfw.sys [2005-11-18 09:04]
R2 BackWeb Plug-in - 1226612;PCSecurityShield;C:\PROGRA~1\PCSECU~1\backweb\1226612\Program\SERVIC~1.EXE [2007-12-04 17:47]
R2 F-Secure Filter;F-Secure File System Filter;C:\Program Files\PCSecurityShield\Anti-Virus\Win2K\FSfilter.sys [2004-09-10 09:14]
R2 F-Secure Gatekeeper;F-Secure Gatekeeper;C:\Program Files\PCSecurityShield\Anti-Virus\Win2K\FSgk.sys [2008-02-13 11:09]
R2 F-Secure Recognizer;F-Secure File System Recognizer;C:\Program Files\PCSecurityShield\Anti-Virus\Win2K\FSrec.sys [2004-06-01 03:03]
.
Contents of the 'Scheduled Tasks' folder
"2008-02-01 04:27:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-03-06 00:28:09 C:\WINDOWS\Tasks\Scheduled scanning task.job"
- C:\PROGRA~1\PCSECU~1\ANTI-V~1\fsav.exeZ /HARD /ARCHIVE /DISINF /SCHED /NOBREAK /REPORT=C:\PROGRA~1\PCSECU~1\ANTI-V~1\report.txt
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2008-03-06 06:06:32 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2008-03-06 6:07:19
.
2008-02-13 09:01:54 --- E O F --- | 
|