My XP3 loses time. I mulitply boot between Unbuntu, on a separate HD, and XP Linux OS maintaintains time.

[eagleseye]

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_29

Run by Bob de C at 20:04:53 on 2012-03-28

Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.511.100 [GMT -6:00]

.

AV: ZoneAlarm Antivirus *Disabled/Updated* {5D467B10-818C-4CAB-9FF7-6893B5B8F3CF}

FW: ZoneAlarm Firewall *Disabled*

.

============== Running Processes ===============

.

C:\WINDOWS\system32\svchost.exe -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

svchost.exe

F:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Nuance\PDF Viewer Plus\pdfpro5hook.exe

C:\Program Files\CheckPoint\ZAForceField\ForceField.exe

C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\devldr32.exe

svchost.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

svchost.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Mozilla Thunderbird\thunderbird.exe

C:\WINDOWS\system32\wscntfy.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://isearch.avg.com/?cid={A2412AB7-D8F0-4FD6-BE4E-E281E7321E28}&mid=3bba11005ed147d19eecd148443ffe8f-f418f84674d047b399523e52b1982eb9344a6197〈=en&ds=ft011&pr=sa&d=2012-03-07 20:58:43&v=10.0.0.7&sap=hp

uDefault_Search_URL = hxxp://www.google.com/ie

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: PlusIEEventHelper Class: {551a852f-39a6-44a7-9c13-afbec9185a9d} - c:\program files\nuance\pdf viewer plus\bin\PlusIEContextMenu.dll

BHO: ZoneAlarm Security Engine Registrar: {8a4a36c2-0535-4d2c-bd3d-496cb7eed6e3} - c:\program files\checkpoint\zaforcefield\trustchecker\bin\TrustCheckerIEPlugin.dll

BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

TB: ZoneAlarm Security Engine: {ee2ac4e5-b0b0-4ec6-88a9-bca1a32ab107} - c:\program files\checkpoint\zaforcefield\trustchecker\bin\TrustCheckerIEPlugin.dll

mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [PDFHook] c:\program files\nuance\pdf viewer plus\pdfpro5hook.exe

mRun: [PDF5 Registry Controller] c:\program files\nuance\pdf viewer plus\RegistryController.exe

mRun: [ControlCenter4] c:\program files\controlcenter4\BrCcBoot.exe /autorun

mRun: [brStsMon00] c:\program files\browny02\brother\BrStMonW.exe /AUTORUN

mRun: [ZoneAlarm] "f:\program files\checkpoint\zonealarm\zatray.exe"

mRun: [iSW] "c:\program files\checkpoint\zaforcefield\ForceField.exe" /icon="hidden"

uPolicies-explorer: NoInstrumentation = 1

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\documents and settings\bob de c\application data\mozilla\firefox\profiles\uwvibrrm.default\

FF - prefs.js: browser.startup.homepage - hxxp://isearch.avg.com?cid=%7B9acbac65-1a10-4f50-bef6-88ea5d429d0e%7D&mid=3bba11005ed147d19eecd148443ffe8f-f418f84674d047b399523e52b1982eb9344a6197&ds=ft011&v=10.2.0.3〈=en&pr=sa&d=2012-03-07%2020%3A58%3A43

FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7B9acbac65-1a10-4f50-bef6-88ea5d429d0e%7D&mid=3bba11005ed147d19eecd148443ffe8f-f418f84674d047b399523e52b1982eb9344a6197&ds=ft011&v=10.2.0.3〈=en&pr=sa&d=2012-03-07%2020%3A58%3A43&sap=ku&q=

FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll

FF - plugin: c:\program files\checkpoint\zaforcefield\trustchecker\bin\npFFApi.dll

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: f:\program files\google\picasa3\npPicasa3.dll

.

============= SERVICES / DRIVERS ===============

.

R0 KL1;kl1;c:\windows\system32\drivers\kl1.sys [2012-3-19 133208]

R1 kl2;kl2;c:\windows\system32\drivers\kl2.sys [2012-3-19 11352]

R1 KLIF;Kaspersky Lab Driver;c:\windows\system32\drivers\klif.sys [2012-3-19 485808]

R1 Vsdatant;vsdatant;c:\windows\system32\vsdatant.sys [2012-3-9 526608]

R2 ISWKL;ZoneAlarm LTD Toolbar ISWKL;c:\program files\checkpoint\zaforcefield\ISWKL.sys [2011-11-3 27016]

R2 IswSvc;ZoneAlarm LTD Toolbar IswSvc;c:\program files\checkpoint\zaforcefield\ISWSVC.exe [2011-11-3 497280]

R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-11-1 652360]

R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\common files\pc tools\smonitor\StartManSvc.exe [2011-11-3 793048]

R3 BrSerIb;Brother Serial Interface Driver(WDM);c:\windows\system32\drivers\BrSerIb.sys [2012-1-7 71424]

R3 BrUsbSIb;Brother Serial USB Driver(WDM);c:\windows\system32\drivers\BrUsbSib.sys [2012-1-7 11520]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-11-1 20464]

S?2 vsmon;TrueVector Internet Monitor;f:\program files\checkpoint\zonealarm\vsmon.exe -service --> f:\program files\checkpoint\zonealarm\vsmon.exe -service [?]

S3 BrYNSvc;BrYNSvc;c:\program files\browny02\BrYNSvc.exe [2012-1-7 245760]

S3 m4301a;Linksys Wireless-B USB Network Adapter v4.0 Driver;c:\windows\system32\drivers\m4301A.sys [2011-11-18 116192]

.

=============== Created Last 30 ================

.

2012-03-25 22:21:26 -------- d-----w- c:\documents and settings\bob de c\local settings\application data\NPE

2012-03-25 22:21:26 -------- d-----w- c:\documents and settings\all users\application data\Norton

2012-03-20 15:47:03 592824 ----a-w- c:\program files\mozilla firefox\gkmedias.dll

2012-03-20 15:47:03 44472 ----a-w- c:\program files\mozilla firefox\mozglue.dll

2012-03-19 23:12:02 11352 ----a-w- c:\windows\system32\drivers\kl2.sys

2012-03-19 23:11:59 133208 ----a-w- c:\windows\system32\drivers\kl1.sys

2012-03-14 01:44:23 388096 ----a-r- c:\documents and settings\bob de c\application data\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe

2012-03-12 23:53:31 -------- d-----w- c:\windows\system32\cache

2012-03-10 01:32:32 4431872 ----a-w- c:\windows\system32\GPhotos.scr

2012-03-08 03:58:13 -------- d--h--w- c:\documents and settings\all users\application data\Common Files

.

==================== Find3M ====================

.

2012-02-21 03:14:07 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-02-03 09:22:18 1860096 ----a-w- c:\windows\system32\win32k.sys

2012-01-11 19:06:47 3072 ------w- c:\windows\system32\iacenc.dll

2012-01-09 16:20:25 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys

.

============= FINISH: 20:06:37.68 ===============

[screen317]

Hi and welcome to Malwarebytes.

Please update MBAM, run a Quick Scan, and post its log.

Next, download DDS by sUBs and save it to your Desktop.

Double-click on the DDS icon and let the scan run. When it has run two logs will be produced, please post only DDS.txt directly into your reply.

[Maurice Naggar]

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!