15 replies to this topic

[Dezvouz1946]

Hi! I am having a nightmare with my laptop. Occassionally I will get a message that my pc is unable to connect to internet...http error something I cant understand. I tried installing Firefox but installation won't proceed...the interface just dies out. I am also unable to run MBAM(I was lucky I was able to install it maybe)...I can't even run F-Secure Online Scanner coz the screen keeps on getting back to "start scan" . I'd like to run HijckThis but don't know where to get the latest installer. I have run Spybot and SuperAntispyware OK...found mostly tracking cookies and quarantined it BUT still I can't run my MBAM and why I cant install Firefox? I've ran Process Explorer and the report is in my desktop but dont know if you would require it. Help please. What kind of infection is this?

[IndiGenus]

Hello Dezvouz1946 and welcome back to the forums here at MalwareBytes.

In order to get a better idea of what might be going on it would help if we could get some scans/logs.

Let's try these.

Download This file. Note its name and save it to your root folder, such as C:\.

• Disconnect from the Internet and close all running programs.
  
• Temporarily disable any real-time active protection so your security program drivers will not conflict with this file.
  
• Click on this link to see a list of programs that should be disabled.
  
• Double-click on the downloaded file to start the program. (If running Vista, right click on it and select "Run as an Administrator")
  
• Allow the driver to load if asked.
  
• You may be prompted to scan immediately if it detects rootkit activity.
  
• If you are prompted to scan your system click "Yes" to begin the scan.
  
• If not prompted, click the "Rootkit/Malware" tab.
  
• On the right-side, all items to be scanned should be checked by default except for "Show All". Leave that box unchecked.
  
• Select all drives that are connected to your system to be scanned.
  
• Click the Scan button to begin. (Please be patient as it can take some time to complete)
  
• When the scan is finished, click Save to save the scan results to your Desktop.
  
• Save the file as Results.log and copy/paste the contents in your next reply.
  
• Exit the program and re-enable all active protection when done.

Download DDS and save it to your desktop from here or here or here.
Disable any script blocker, and then double click dds.scr to run the tool.

• When done, DDS will open two (2) logs:
  • DDS.txt
    
  • Attach.txt
• Save both reports to your desktop. Post them back to your topic.

[Dezvouz1946]

Thank for replying to my post. Here is the result of the ot the antirootkit.the scan took about 40 minutes to finished.

---- System - GMER 1.0.15 ----

SSDT \??\C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSShim.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies ) ZwOpenProcess [0xF782C470]
SSDT \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys (SASKUTIL.SYS/SUPERAdBlocker.com and SUPERAntiSpyware.com) ZwTerminateProcess [0xF1A390B0]
SSDT \??\C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSShim.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies ) ZwTerminateThread [0xF782C5C0]
SSDT \??\C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSShim.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies ) ZwWriteVirtualMemory [0xF782C660]

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\AVG\AVG9\avgfws9.exe[188] ntdll.dll!NtOpenKey 7C90D5CE 5 Bytes JMP 10003D7C
.text C:\Program Files\AVG\AVG9\avgfws9.exe[188] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10003BEC
.text C:\Program Files\AVG\AVG9\avgfws9.exe[188] kernel32.dll!ExitProcess 7C81CB12 5 Bytes JMP 10003DEC
.text C:\Program Files\AVG\AVG9\avgfws9.exe[188] WS2_32.dll!connect 71AB4A07 5 Bytes JMP 10003AA0
.text C:\Program Files\AVG\AVG9\avgfws9.exe[188] WS2_32.dll!send 71AB4C27 5 Bytes JMP 10003214
.text C:\Program Files\AVG\AVG9\avgfws9.exe[188] WS2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 100027E4
.text C:\Program Files\AVG\AVG9\avgfws9.exe[188] WS2_32.dll!recv 71AB676F 5 Bytes JMP 10002778
.text C:\Program Files\AVG\AVG9\avgfws9.exe[188] WS2_32.dll!WSASend 71AB68FA 5 Bytes JMP 10003A4C
.text C:\WINDOWS\system32\svchost.exe[228] ntdll.dll!NtOpenKey 7C90D5CE 5 Bytes JMP 10003D7C
.text C:\WINDOWS\system32\svchost.exe[228] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10003BEC
.text C:\WINDOWS\system32\svchost.exe[228] kernel32.dll!ExitProcess 7C81CB12 5 Bytes JMP 10003DEC
.text C:\WINDOWS\system32\svchost.exe[228] ws2_32.dll!connect 71AB4A07 5 Bytes JMP 10003AA0
.text C:\WINDOWS\system32\svchost.exe[228] ws2_32.dll!send 71AB4C27 5 Bytes JMP 10003214
.text C:\WINDOWS\system32\svchost.exe[228] ws2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 100027E4
.text C:\WINDOWS\system32\svchost.exe[228] ws2_32.dll!recv 71AB676F 5 Bytes JMP 10002778
.text C:\WINDOWS\system32\svchost.exe[228] ws2_32.dll!WSASend 71AB68FA 5 Bytes JMP 10003A4C
.text C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe[276] ntdll.dll!NtOpenKey 7C90D5CE 5 Bytes JMP 10003D7C
.text C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe[276] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10003BEC
.text C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe[276] kernel32.dll!ExitProcess 7C81CB12 5 Bytes JMP 10003DEC
.text C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe[276] ws2_32.dll!connect 71AB4A07 5 Bytes JMP 10003AA0
.text C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe[276] ws2_32.dll!send 71AB4C27 5 Bytes JMP 10003214
.text C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe[276] ws2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 100027E4
.text C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe[276] ws2_32.dll!recv 71AB676F 5 Bytes JMP 10002778
.text C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe[276] ws2_32.dll!WSASend 71AB68FA 5 Bytes JMP 10003A4C
.text C:\Program Files\Intel\Wireless\Bin\EvtEng.exe[524] ntdll.dll!NtOpenKey 7C90D5CE 5 Bytes JMP 10033D7C
.text C:\Program Files\Intel\Wireless\Bin\EvtEng.exe[524] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10033BEC
.text C:\Program Files\Intel\Wireless\Bin\EvtEng.exe[524] kernel32.dll!ExitProcess 7C81CB12 5 Bytes JMP 10033DEC
.text C:\Program Files\Intel\Wireless\Bin\EvtEng.exe[524] ws2_32.dll!connect 71AB4A07 5 Bytes JMP 10033AA0
.text C:\Program Files\Intel\Wireless\Bin\EvtEng.exe[524] ws2_32.dll!send 71AB4C27 5 Bytes JMP 10033214
.text C:\Program Files\Intel\Wireless\Bin\EvtEng.exe[524] ws2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 100327E4
.text C:\Program Files\Intel\Wireless\Bin\EvtEng.exe[524] ws2_32.dll!recv 71AB676F 5 Bytes JMP 10032778
.text C:\Program Files\Intel\Wireless\Bin\EvtEng.exe[524] ws2_32.dll!WSASend 71AB68FA 5 Bytes JMP 10033A4C
.text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[608] ntdll.dll!NtOpenKey 7C90D5CE 5 Bytes JMP 10033D7C
.text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[608] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10033BEC
.text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[608] kernel32.dll!ExitProcess 7C81CB12 5 Bytes JMP 10033DEC
.text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[608] WS2_32.dll!connect 71AB4A07 5 Bytes JMP 10033AA0
.text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[608] WS2_32.dll!send 71AB4C27 5 Bytes JMP 10033214
.text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[608] WS2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 100327E4
.text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[608] WS2_32.dll!recv 71AB676F 5 Bytes JMP 10032778
.text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[608] WS2_32.dll!WSASend 71AB68FA 5 Bytes JMP 10033A4C
.text C:\Program Files\Bonjour\mDNSResponder.exe[724] ntdll.dll!NtOpenKey 7C90D5CE 5 Bytes JMP 10003D7C
.text C:\Program Files\Bonjour\mDNSResponder.exe[724] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10003BEC
.text C:\Program Files\Bonjour\mDNSResponder.exe[724] kernel32.dll!ExitProcess 7C81CB12 5 Bytes JMP 10003DEC
.text C:\Program Files\Bonjour\mDNSResponder.exe[724] WS2_32.dll!connect 71AB4A07 5 Bytes JMP 10003AA0
.text C:\Program Files\Bonjour\mDNSResponder.exe[724] WS2_32.dll!send 71AB4C27 5 Bytes JMP 10003214
.text C:\Program Files\Bonjour\mDNSResponder.exe[724] WS2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 100027E4
.text C:\Program Files\Bonjour\mDNSResponder.exe[724] WS2_32.dll!recv 71AB676F 5 Bytes JMP 10002778
.text C:\Program Files\Bonjour\mDNSResponder.exe[724] WS2_32.dll!WSASend 71AB68FA 5 Bytes JMP 10003A4C
.text C:\Program Files\Dell Photo AIO Printer 922\dlbtbmon.exe[744] ntdll.dll!NtOpenKey 7C90D5CE 5 Bytes JMP 10043D7C
.text C:\Program Files\Dell Photo AIO Printer 922\dlbtbmon.exe[744] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10043BEC
.text C:\Program Files\Dell Photo AIO Printer 922\dlbtbmon.exe[744] kernel32.dll!ExitProcess 7C81CB12 5 Bytes JMP 10043DEC
.text C:\Program Files\Dell Photo AIO Printer 922\dlbtbmon.exe[744] ws2_32.dll!connect 71AB4A07 5 Bytes JMP 10043AA0
.text C:\Program Files\Dell Photo AIO Printer 922\dlbtbmon.exe[744] ws2_32.dll!send 71AB4C27 5 Bytes JMP 10043214
.text C:\Program Files\Dell Photo AIO Printer 922\dlbtbmon.exe[744] ws2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 100427E4
.text C:\Program Files\Dell Photo AIO Printer 922\dlbtbmon.exe[744] ws2_32.dll!recv 71AB676F 5 Bytes JMP 10042778
.text C:\Program Files\Dell Photo AIO Printer 922\dlbtbmon.exe[744] ws2_32.dll!WSASend 71AB68FA 5 Bytes JMP 10043A4C
.text C:\Program Files\Dell Support\DSAgnt.exe[776] ntdll.dll!NtOpenKey 7C90D5CE 5 Bytes JMP 10003D7C
.text C:\Program Files\Dell Support\DSAgnt.exe[776] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10003BEC
.text C:\Program Files\Dell Support\DSAgnt.exe[776] kernel32.dll!ExitProcess 7C81CB12 5 Bytes JMP 10003DEC
.text C:\Program Files\Dell Support\DSAgnt.exe[776] ws2_32.dll!connect 71AB4A07 5 Bytes JMP 10003AA0
.text C:\Program Files\Dell Support\DSAgnt.exe[776] ws2_32.dll!send 71AB4C27 5 Bytes JMP 10003214
.text C:\Program Files\Dell Support\DSAgnt.exe[776] ws2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 100027E4
.text C:\Program Files\Dell Support\DSAgnt.exe[776] ws2_32.dll!recv 71AB676F 5 Bytes JMP 10002778
.text C:\Program Files\Dell Support\DSAgnt.exe[776] ws2_32.dll!WSASend 71AB68FA 5 Bytes JMP 10003A4C
.text C:\Program Files\Windows Live\Family Safety\fsssvc.exe[796] ntdll.dll!NtOpenKey 7C90D5CE 5 Bytes JMP 10003D7C
.text C:\Program Files\Windows Live\Family Safety\fsssvc.exe[796] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10003BEC
.text C:\Program Files\Windows Live\Family Safety\fsssvc.exe[796] kernel32.dll!ExitProcess 7C81CB12 5 Bytes JMP 10003DEC
.text C:\Program Files\Windows Live\Family Safety\fsssvc.exe[796] ADVAPI32.dll!RegOpenKeyExA 77DD7852 5 Bytes JMP 0101F7BF C:\Program Files\Windows Live\Family Safety\fsssvc.exe (Family Safety Service/Microsoft Corporation)
.text C:\Program Files\Windows Live\Family Safety\fsssvc.exe[796] WS2_32.dll!connect 71AB4A07 5 Bytes JMP 10003AA0
.text C:\Program Files\Windows Live\Family Safety\fsssvc.exe[796] WS2_32.dll!send 71AB4C27 5 Bytes JMP 10003214
.text C:\Program Files\Windows Live\Family Safety\fsssvc.exe[796] WS2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 100027E4
.text C:\Program Files\Windows Live\Family Safety\fsssvc.exe[796] WS2_32.dll!recv 71AB676F 5 Bytes JMP 10002778
.text C:\Program Files\Windows Live\Family Safety\fsssvc.exe[796] WS2_32.dll!WSASend 71AB68FA 5 Bytes JMP 10003A4C
.text C:\WINDOWS\system32\svchost.exe[932] ntdll.dll!NtOpenKey 7C90D5CE 5 Bytes JMP 10003D7C
.text C:\WINDOWS\system32\svchost.exe[932] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10003BEC
.text C:\WINDOWS\system32\svchost.exe[932] kernel32.dll!ExitProcess 7C81CB12 5 Bytes JMP 10003DEC
.text C:\WINDOWS\system32\svchost.exe[932] ws2_32.dll!connect 71AB4A07 5 Bytes JMP 10003AA0
.text C:\WINDOWS\system32\svchost.exe[932] ws2_32.dll!send 71AB4C27 5 Bytes JMP 10003214
.text C:\WINDOWS\system32\svchost.exe[932] ws2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 100027E4
.text C:\WINDOWS\system32\svchost.exe[932] ws2_32.dll!recv 71AB676F 5 Bytes JMP 10002778
.text C:\WINDOWS\system32\svchost.exe[932] ws2_32.dll!WSASend 71AB68FA 5 Bytes JMP 10003A4C
.text C:\Program Files\Java\jre6\bin\jqs.exe[1216] ntdll.dll!NtOpenKey 7C90D5CE 5 Bytes JMP 10003D7C
.text C:\Program Files\Java\jre6\bin\jqs.exe[1216] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10003BEC
.text C:\Program Files\Java\jre6\bin\jqs.exe[1216] kernel32.dll!ExitProcess 7C81CB12 5 Bytes JMP 10003DEC
.text C:\Program Files\Java\jre6\bin\jqs.exe[1216] WS2_32.dll!connect 71AB4A07 5 Bytes JMP 10003AA0
.text C:\Program Files\Java\jre6\bin\jqs.exe[1216] WS2_32.dll!send 71AB4C27 5 Bytes JMP 10003214
.text C:\Program Files\Java\jre6\bin\jqs.exe[1216] WS2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 100027E4
.text C:\Program Files\Java\jre6\bin\jqs.exe[1216] WS2_32.dll!recv 71AB676F 5 Bytes JMP 10002778
.text C:\Program Files\Java\jre6\bin\jqs.exe[1216] WS2_32.dll!WSASend 71AB68FA 5 Bytes JMP 10003A4C
.text C:\WINDOWS\system32\svchost.exe[1320] ntdll.dll!NtOpenKey 7C90D5CE 5 Bytes JMP 10003D7C
.text C:\WINDOWS\system32\svchost.exe[1320] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10003BEC
.text C:\WINDOWS\system32\svchost.exe[1320] kernel32.dll!ExitProcess 7C81CB12 5 Bytes JMP 10003DEC
.text C:\WINDOWS\system32\svchost.exe[1320] ws2_32.dll!connect 71AB4A07 5 Bytes JMP 10003AA0
.text C:\WINDOWS\system32\svchost.exe[1320] ws2_32.dll!send 71AB4C27 5 Bytes JMP 10003214
.text C:\WINDOWS\system32\svchost.exe[1320] ws2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 100027E4
.text C:\WINDOWS\system32\svchost.exe[1320] ws2_32.dll!recv 71AB676F 5 Bytes JMP 10002778
.text C:\WINDOWS\system32\svchost.exe[1320] ws2_32.dll!WSASend 71AB68FA 5 Bytes JMP 10003A4C
.text C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe[1356] ntdll.dll!NtOpenKey 7C90D5CE 5 Bytes JMP 10003D7C
.text C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe[1356] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10003BEC
.text C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe[1356] kernel32.dll!ExitProcess 7C81CB12 5 Bytes JMP 10003DEC
.text C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe[1356] WS2_32.dll!connect 71AB4A07 5 Bytes JMP 10003AA0
.text C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe[1356] WS2_32.dll!send 71AB4C27 5 Bytes JMP 10003214
.text C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe[1356] WS2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 100027E4
.text C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe[1356] WS2_32.dll!recv 71AB676F 5 Bytes JMP 10002778
.text C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe[1356] WS2_32.dll!WSASend 71AB68FA 5 Bytes JMP 10003A4C
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[1372] ntdll.dll!NtOpenKey 7C90D5CE 5 Bytes JMP 10003D7C
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[1372] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10003BEC
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[1372] kernel32.dll!ExitProcess 7C81CB12 5 Bytes JMP 10003DEC
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[1372] WS2_32.dll!connect 71AB4A07 5 Bytes JMP 10003AA0
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[1372] WS2_32.dll!send 71AB4C27 5 Bytes JMP 10003214
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[1372] WS2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 100027E4
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[1372] WS2_32.dll!recv 71AB676F 5 Bytes JMP 10002778
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[1372] WS2_32.dll!WSASend 71AB68FA 5 Bytes JMP 10003A4C
.text C:\WINDOWS\system32\winlogon.exe[1460] ntdll.dll!NtOpenKey 7C90D5CE 5 Bytes JMP 10003D7C
.text C:\WINDOWS\system32\winlogon.exe[1460] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10003BEC
.text C:\WINDOWS\system32\winlogon.exe[1460] kernel32.dll!ExitProcess 7C81CB12 5 Bytes JMP 10003DEC
.text C:\WINDOWS\system32\winlogon.exe[1460] WS2_32.dll!connect 71AB4A07 5 Bytes JMP 10003AA0
.text C:\WINDOWS\system32\winlogon.exe[1460] WS2_32.dll!send 71AB4C27 5 Bytes JMP 10003214
.text C:\WINDOWS\system32\winlogon.exe[1460] WS2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 100027E4
.text C:\WINDOWS\system32\winlogon.exe[1460] WS2_32.dll!recv 71AB676F 5 Bytes JMP 10002778
.text C:\WINDOWS\system32\winlogon.exe[1460] WS2_32.dll!WSASend 71AB68FA 5 Bytes JMP 10003A4C
.text C:\WINDOWS\system32\spoolsv.exe[1488] ntdll.dll!NtOpenKey 7C90D5CE 5 Bytes JMP 10003D7C
.text C:\WINDOWS\system32\spoolsv.exe[1488] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10003BEC
.text C:\WINDOWS\system32\spoolsv.exe[1488] kernel32.dll!ExitProcess 7C81CB12 5 Bytes JMP 10003DEC
.text C:\WINDOWS\system32\spoolsv.exe[1488] ws2_32.dll!connect 71AB4A07 5 Bytes JMP 10003AA0
.text C:\WINDOWS\system32\spoolsv.exe[1488] ws2_32.dll!send 71AB4C27 5 Bytes JMP 10003214
.text C:\WINDOWS\system32\spoolsv.exe[1488] ws2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 100027E4
.text C:\WINDOWS\system32\spoolsv.exe[1488] ws2_32.dll!recv 71AB676F 5 Bytes JMP 10002778
.text C:\WINDOWS\system32\spoolsv.exe[1488] ws2_32.dll!WSASend 71AB68FA 5 Bytes JMP 10003A4C
.text C:\WINDOWS\system32\lsass.exe[1524] ntdll.dll!NtOpenKey 7C90D5CE 5 Bytes JMP 10003D7C
.text C:\WINDOWS\system32\lsass.exe[1524] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10003BEC
.text C:\WINDOWS\system32\lsass.exe[1524] kernel32.dll!ExitProcess 7C81CB12 5 Bytes JMP 10003DEC
.text C:\WINDOWS\system32\lsass.exe[1524] WS2_32.dll!connect 71AB4A07 5 Bytes JMP 10003AA0
.text C:\WINDOWS\system32\lsass.exe[1524] WS2_32.dll!send 71AB4C27 5 Bytes JMP 10003214
.text C:\WINDOWS\system32\lsass.exe[1524] WS2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 100027E4
.text C:\WINDOWS\system32\lsass.exe[1524] WS2_32.dll!recv 71AB676F 5 Bytes JMP 10002778
.text C:\WINDOWS\system32\lsass.exe[1524] WS2_32.dll!WSASend 71AB68FA 5 Bytes JMP 10003A4C
.text C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe[1584] ntdll.dll!NtOpenKey 7C90D5CE 5 Bytes JMP 10003D7C
.text C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe[1584] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10003BEC
.text C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe[1584] kernel32.dll!ExitProcess 7C81CB12 5 Bytes JMP 10003DEC
.text C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe[1584] ws2_32.dll!connect 71AB4A07 5 Bytes JMP 10003AA0
.text C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe[1584] ws2_32.dll!send 71AB4C27 5 Bytes JMP 10003214
.text C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe[1584] ws2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 100027E4
.text C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe[1584] ws2_32.dll!recv 71AB676F 5 Bytes JMP 10002778
.text C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe[1584] ws2_32.dll!WSASend 71AB68FA 5 Bytes JMP 10003A4C
.text C:\Program Files\AVG\AVG9\avgwdsvc.exe[1868] ntdll.dll!NtOpenKey 7C90D5CE 5 Bytes JMP 10003D7C
.text C:\Program Files\AVG\AVG9\avgwdsvc.exe[1868] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10003BEC
.text C:\Program Files\AVG\AVG9\avgwdsvc.exe[1868] kernel32.dll!ExitProcess 7C81CB12 5 Bytes JMP 10003DEC
.text C:\Program Files\AVG\AVG9\avgwdsvc.exe[1868] ws2_32.dll!connect 71AB4A07 5 Bytes JMP 10003AA0
.text C:\Program Files\AVG\AVG9\avgwdsvc.exe[1868] ws2_32.dll!send 71AB4C27 5 Bytes JMP 10003214
.text C:\Program Files\AVG\AVG9\avgwdsvc.exe[1868] ws2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 100027E4
.text C:\Program Files\AVG\AVG9\avgwdsvc.exe[1868] ws2_32.dll!recv 71AB676F 5 Bytes JMP 10002778
.text C:\Program Files\AVG\AVG9\avgwdsvc.exe[1868] ws2_32.dll!WSASend 71AB68FA 5 Bytes JMP 10003A4C
.text C:\WINDOWS\system32\svchost.exe[1960] ntdll.dll!NtOpenKey 7C90D5CE 5 Bytes JMP 10003D7C
.text C:\WINDOWS\system32\svchost.exe[1960] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10003BEC
.text C:\WINDOWS\system32\svchost.exe[1960] kernel32.dll!ExitProcess 7C81CB12 5 Bytes JMP 10003DEC
.text C:\WINDOWS\system32\svchost.exe[1960] ws2_32.dll!connect 71AB4A07 5 Bytes JMP 10003AA0
.text C:\WINDOWS\system32\svchost.exe[1960] ws2_32.dll!send 71AB4C27 5 Bytes JMP 10003214
.text C:\WINDOWS\system32\svchost.exe[1960] ws2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 100027E4
.text C:\WINDOWS\system32\svchost.exe[1960] ws2_32.dll!recv 71AB676F 5 Bytes JMP 10002778
.text C:\WINDOWS\system32\svchost.exe[1960] ws2_32.dll!WSASend 71AB68FA 5 Bytes JMP 10003A4C
.text C:\Program Files\AVG\AVG9\avgam.exe[2260] ntdll.dll!NtOpenKey 7C90D5CE 5 Bytes JMP 10003D7C
.text C:\Program Files\AVG\AVG9\avgam.exe[2260] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10003BEC
.text C:\Program Files\AVG\AVG9\avgam.exe[2260] kernel32.dll!ExitProcess 7C81CB12 5 Bytes JMP 10003DEC
.text C:\Program Files\AVG\AVG9\avgam.exe[2260] ws2_32.dll!connect 71AB4A07 5 Bytes JMP 10003AA0
.text C:\Program Files\AVG\AVG9\avgam.exe[2260] ws2_32.dll!send 71AB4C27 5 Bytes JMP 10003214
.text C:\Program Files\AVG\AVG9\avgam.exe[2260] ws2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 100027E4
.text C:\Program Files\AVG\AVG9\avgam.exe[2260] ws2_32.dll!recv 71AB676F 5 Bytes JMP 10002778
.text C:\Program Files\AVG\AVG9\avgam.exe[2260] ws2_32.dll!WSASend 71AB68FA 5 Bytes JMP 10003A4C
.text C:\Program Files\AVG\AVG9\avgemc.exe[2384] ntdll.dll!NtOpenKey 7C90D5CE 5 Bytes JMP 10003D7C
.text C:\Program Files\AVG\AVG9\avgemc.exe[2384] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10003BEC
.text C:\Program Files\AVG\AVG9\avgemc.exe[2384] kernel32.dll!ExitProcess 7C81CB12 5 Bytes JMP 10003DEC
.text C:\Program Files\AVG\AVG9\avgemc.exe[2384] WS2_32.dll!connect 71AB4A07 5 Bytes JMP 10003AA0
.text C:\Program Files\AVG\AVG9\avgemc.exe[2384] WS2_32.dll!send 71AB4C27 5 Bytes JMP 10003214
.text C:\Program Files\AVG\AVG9\avgemc.exe[2384] WS2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 100027E4
.text C:\Program Files\AVG\AVG9\avgemc.exe[2384] WS2_32.dll!recv 71AB676F 5 Bytes JMP 10002778
.text C:\Program Files\AVG\AVG9\avgemc.exe[2384] WS2_32.dll!WSASend 71AB68FA 5 Bytes JMP 10003A4C
.text C:\Program Files\AVG\AVG9\avgnsx.exe[2424] ntdll.dll!NtOpenKey 7C90D5CE 5 Bytes JMP 10003D7C
.text C:\Program Files\AVG\AVG9\avgnsx.exe[2424] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10003BEC
.text C:\Program Files\AVG\AVG9\avgnsx.exe[2424] kernel32.dll!ExitProcess 7C81CB12 5 Bytes JMP 10003DEC
.text C:\Program Files\AVG\AVG9\avgnsx.exe[2424] ws2_32.dll!connect 71AB4A07 5 Bytes JMP 10003AA0
.text C:\Program Files\AVG\AVG9\avgnsx.exe[2424] ws2_32.dll!send 71AB4C27 5 Bytes JMP 10003214
.text C:\Program Files\AVG\AVG9\avgnsx.exe[2424] ws2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 100027E4
.text C:\Program Files\AVG\AVG9\avgnsx.exe[2424] ws2_32.dll!recv 71AB676F 5 Bytes JMP 10002778
.text C:\Program Files\AVG\AVG9\avgnsx.exe[2424] ws2_32.dll!WSASend 71AB68FA 5 Bytes JMP 10003A4C
.text C:\Program Files\Creative\Shared Files\CamTray.exe[2560] ntdll.dll!NtOpenKey 7C90D5CE 5 Bytes JMP 10003D7C
.text C:\Program Files\Creative\Shared Files\CamTray.exe[2560] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10003BEC
.text C:\Program Files\Creative\Shared Files\CamTray.exe[2560] kernel32.dll!ExitProcess 7C81CB12 5 Bytes JMP 10003DEC
.text C:\Program Files\Creative\Shared Files\CamTray.exe[2560] ws2_32.dll!connect 71AB4A07 5 Bytes JMP 10003AA0
.text C:\Program Files\Creative\Shared Files\CamTray.exe[2560] ws2_32.dll!send 71AB4C27 5 Bytes JMP 10003214
.text C:\Program Files\Creative\Shared Files\CamTray.exe[2560] ws2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 100027E4
.text C:\Program Files\Creative\Shared Files\CamTray.exe[2560] ws2_32.dll!recv 71AB676F 5 Bytes JMP 10002778
.text C:\Program Files\Creative\Shared Files\CamTray.exe[2560] ws2_32.dll!WSASend 71AB68FA 5 Bytes JMP 10003A4C
.text C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[2744] ntdll.dll!NtOpenKey 7C90D5CE 5 Bytes JMP 10003D7C
.text C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[2744] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10003BEC
.text C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[2744] kernel32.dll!ExitProcess 7C81CB12 5 Bytes JMP 10003DEC
.text C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[2744] ws2_32.dll!connect 71AB4A07 5 Bytes JMP 10003AA0
.text C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[2744] ws2_32.dll!send 71AB4C27 5 Bytes JMP 10003214
.text C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[2744] ws2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 100027E4
.text C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[2744] ws2_32.dll!recv 71AB676F 5 Bytes JMP 10002778
.text C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[2744] ws2_32.dll!WSASend 71AB68FA 5 Bytes JMP 10003A4C
.text C:\WINDOWS\system32\ctfmon.exe[2756] ntdll.dll!NtOpenKey 7C90D5CE 5 Bytes JMP 10003D7C
.text C:\WINDOWS\system32\ctfmon.exe[2756] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10003BEC
.text C:\WINDOWS\system32\ctfmon.exe[2756] kernel32.dll!ExitProcess 7C81CB12 5 Bytes JMP 10003DEC
.text C:\WINDOWS\system32\ctfmon.exe[2756] ws2_32.dll!connect 71AB4A07 5 Bytes JMP 10003AA0
.text C:\WINDOWS\system32\ctfmon.exe[2756] ws2_32.dll!send 71AB4C27 5 Bytes JMP 10003214
.text C:\WINDOWS\system32\ctfmon.exe[2756] ws2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 100027E4
.text C:\WINDOWS\system32\ctfmon.exe[2756] ws2_32.dll!recv 71AB676F 5 Bytes JMP 10002778
.text C:\WINDOWS\system32\ctfmon.exe[2756] ws2_32.dll!WSASend 71AB68FA 5 Bytes JMP 10003A4C
.text C:\WINDOWS\System32\alg.exe[2820] ntdll.dll!NtOpenKey 7C90D5CE 5 Bytes JMP 10003D7C
.text C:\WINDOWS\System32\alg.exe[2820] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10003BEC
.text C:\WINDOWS\System32\alg.exe[2820] kernel32.dll!ExitProcess 7C81CB12 5 Bytes JMP 10003DEC
.text C:\WINDOWS\System32\alg.exe[2820] WS2_32.dll!connect 71AB4A07 5 Bytes JMP 10003AA0
.text C:\WINDOWS\System32\alg.exe[2820] WS2_32.dll!send 71AB4C27 5 Bytes JMP 10003214
.text C:\WINDOWS\System32\alg.exe[2820] WS2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 100027E4
.text C:\WINDOWS\System32\alg.exe[2820] WS2_32.dll!recv 71AB676F 5 Bytes JMP 10002778
.text C:\WINDOWS\System32\alg.exe[2820] WS2_32.dll!WSASend 71AB68FA 5 Bytes JMP 10003A4C
.text C:\PROGRA~1\AVG\AVG9\avgtray.exe[3296] ntdll.dll!NtOpenKey 7C90D5CE 5 Bytes JMP 10003D7C
.text C:\PROGRA~1\AVG\AVG9\avgtray.exe[3296] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10003BEC
.text C:\PROGRA~1\AVG\AVG9\avgtray.exe[3296] kernel32.dll!ExitProcess 7C81CB12 5 Bytes JMP 10003DEC
.text C:\PROGRA~1\AVG\AVG9\avgtray.exe[3296] ws2_32.dll!connect 71AB4A07 5 Bytes JMP 10003AA0
.text C:\PROGRA~1\AVG\AVG9\avgtray.exe[3296] ws2_32.dll!send 71AB4C27 5 Bytes JMP 10003214
.text C:\PROGRA~1\AVG\AVG9\avgtray.exe[3296] ws2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 100027E4
.text C:\PROGRA~1\AVG\AVG9\avgtray.exe[3296] ws2_32.dll!recv 71AB676F 5 Bytes JMP 10002778
.text C:\PROGRA~1\AVG\AVG9\avgtray.exe[3296] ws2_32.dll!WSASend 71AB68FA 5 Bytes JMP 10003A4C
.text C:\WINDOWS\system32\wscntfy.exe[5380] ntdll.dll!NtOpenKey 7C90D5CE 5 Bytes JMP 10003D7C
.text C:\WINDOWS\system32\wscntfy.exe[5380] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10003BEC
.text C:\WINDOWS\system32\wscntfy.exe[5380] kernel32.dll!ExitProcess 7C81CB12 5 Bytes JMP 10003DEC
.text C:\WINDOWS\system32\wscntfy.exe[5380] ws2_32.dll!connect 71AB4A07 5 Bytes JMP 10003AA0
.text C:\WINDOWS\system32\wscntfy.exe[5380] ws2_32.dll!send 71AB4C27 5 Bytes JMP 10003214
.text C:\WINDOWS\system32\wscntfy.exe[5380] ws2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 100027E4
.text C:\WINDOWS\system32\wscntfy.exe[5380] ws2_32.dll!recv 71AB676F 5 Bytes JMP 10002778
.text C:\WINDOWS\system32\wscntfy.exe[5380] ws2_32.dll!WSASend 71AB68FA 5 Bytes JMP 10003A4C

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Ntfs \Ntfs AVGIDSFilter.sys (IDS Application Activity Monitor Filter Driver./AVG Technologies )
AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Tcp fssfltr_tdi.sys (Family Safety Filter Driver (TDI)/Microsoft Corporation)
AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Udp fssfltr_tdi.sys (Family Safety Filter Driver (TDI)/Microsoft Corporation)
AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\RawIp fssfltr_tdi.sys (Family Safety Filter Driver (TDI)/Microsoft Corporation)

Device mrxsmb.sys (Windows NT SMB Minirdr/Microsoft Corporation)
Device EDBC9D20

AttachedDevice fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

Device \FileSystem\Fs_Rec \FileSystem\UdfsCdRomRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\Fs_Rec \FileSystem\FatCdRomRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\Fs_Rec \FileSystem\CdfsRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\Fs_Rec \FileSystem\FatDiskRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\Fs_Rec \FileSystem\UdfsDiskRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\Cdfs \Cdfs tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)

---- Registry - GMER 1.0.15 ----

Reg HKLM\SOFTWARE\Classes\CLSID\{087F3405-C50C-733B-1D4C-B82680176732}\InProcServer32@ %SystemRoot%\system32\dsuiext.dll
Reg HKLM\SOFTWARE\Classes\CLSID\{087F3405-C50C-733B-1D4C-B82680176732}\InProcServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{087F3405-C50C-733B-1D4C-B82680176732}\ShellEx\MayChangeDefaultMenu
Reg HKLM\SOFTWARE\Classes\CLSID\{087F3405-C50C-733B-1D4C-B82680176732}\ShellEx\MayChangeDefaultMenu@ 1
Reg HKLM\SOFTWARE\Classes\CLSID\{156F457B-4571-256D-D57D-647A582984D3}\InprocServer32@ C:\WINDOWS\system32\CLBCatQ.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{156F457B-4571-256D-D57D-647A582984D3}\InprocServer32@ThreadingModel Both
Reg HKLM\SOFTWARE\Classes\CLSID\{4FED0344-3AEA-8BD4-B455-1990AE7C334F}\InprocServer32@ C:\Program Files\Common Files\Microsoft Shared\DAO\dao360.dll
Reg HKLM\SOFTWARE\Classes\CLSID\{4FED0344-3AEA-8BD4-B455-1990AE7C334F}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{4FED0344-3AEA-8BD4-B455-1990AE7C334F}\ProgID@ DAO.Index.36

---- EOF - GMER 1.0.15 ----



















Here is the result of DDS scan.

FW: AVG Firewall *enabled* {8decf618-9569-4340-b34a-d78d28969b66}

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
svchost.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\AVG\AVG9\avgfws9.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Windows Live\Family Safety\fsssvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\Program Files\AVG\AVG9\avgam.exe
C:\Program Files\AVG\AVG9\avgemc.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\Creative\Shared Files\CamTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Dell Photo AIO Printer 922\dlbtbmon.exe
C:\Program Files\Windows Live\Mail\wlmail.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Evelyn Dequilla\My Documents\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.pep.ph/index.php
uDefault_Page_URL = hxxp://www.dell.co.uk/myway

[IndiGenus]

The DDS log got cut off. Can you please post the rest.

[Dezvouz1946]

Sorry if the DDS Log got cut off.I am new to the forum like this.Here is the DDS Log again.I need to run the DDS scan again to get this scan result.


Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume2
Install Date: 15/11/2007 19:17:57
System Uptime: 22/11/2009 17:07:22 (4 hours ago)

Motherboard: Dell Inc. | | 0X9238
Processor: Intel® Pentium® M processor 1.73GHz | Microprocessor | 1729/133mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 53 GiB total, 23.32 GiB free.
D: is CDROM ()

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP149: 24/08/2009 14:19:44 - System Checkpoint
RP150: 26/08/2009 11:37:48 - System Checkpoint
RP151: 26/08/2009 16:22:15 - Software Distribution Service 3.0
RP152: 28/08/2009 10:05:46 - System Checkpoint
RP153: 30/08/2009 13:40:12 - System Checkpoint
RP154: 09/09/2009 17:09:42 - Software Distribution Service 3.0
RP155: 22/09/2009 23:25:24 - System Checkpoint
RP156: 14/10/2009 17:42:57 - System Checkpoint
RP157: 17/10/2009 15:17:59 - Software Distribution Service 3.0
RP158: 22/10/2009 14:55:12 - System Checkpoint
RP159: 06/11/2009 12:36:49 - System Checkpoint
RP160: 06/11/2009 13:06:28 - Software Distribution Service 3.0
RP161: 11/11/2009 23:09:29 - Software Distribution Service 3.0
RP162: 18/11/2009 17:17:24 - Removed Norton Security Center
RP163: 18/11/2009 19:52:20 - Installed AVG 9.0
RP164: 19/11/2009 01:52:21 - Removed Skype™ 4.1
RP165: 19/11/2009 01:53:12 - Removed Skype web features
RP166: 19/11/2009 02:52:50 - Avg8 Update
RP167: 19/11/2009 03:07:49 - Installed SUPERAntiSpyware Free Edition
RP168: 19/11/2009 13:15:16 - Removed Java 2 Runtime Environment, SE v1.4.2_03
RP169: 19/11/2009 13:21:24 - Installed Java™ 6 Update 17
RP170: 22/11/2009 20:31:51 - System Checkpoint

==== Installed Programs ======================

AAC Decoder
ABBYY FineReader 5.0 Sprint Plus
Adobe Flash Player 10 ActiveX
Adobe Reader 7.0
Advanced Video FX Utility
ALPS Touch Pad Driver
AOL Connectivity Services
AOL Spyware Protection
AOL UK (Choose which version to remove)
AOL You've Got Pictures Screensaver
Apple Mobile Device Support
Apple Software Update
ARTEuro
ATI Control Panel
ATI Display Driver
AutoUpdate
AVG 9.0
AVS Video Editor 3.5
AVS Video ReMaker 2.4
AVS4YOU Software Navigator 1.2
Bonjour
Broadcom Management Programs 2
CCleaner
Chikka Messenger V4
Choice Guard
Conexant D110 MDC V.9x Modem
Creative Live! Cam Notebook Pro Driver (1.01.03.0405)
Creative Live! Cam Notebook Pro User's Guide (English)
Creative Photo Calendar
Creative Photo Manager
Creative Software AutoUpdate
Creative System Information
Creative WebCam Center
Critical Update for Windows Media Player 11 (KB959772)
Dell Driver Reset Tool
Dell Media Experience
Dell Photo AIO Printer 922
Dell Picture Studio v3.0
Dell Support 5.0.0 (630)
Dell System Restore
Digital Line Detect
DivX Codec
DivX Converter
DivX Player
DivX Plus DirectShow Filters
DivX Version Checker
DivX Web Player
DVD to VCD AVI DivX Converter v3.2 (build 069)
Eusing Free Registry Cleaner
G15A922EN
Get Yahoo! Messenger
H.264 Decoder
Highlight Viewer (Windows Live Toolbar)
HostsMan 3.1.57
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB954708)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Intel® PROSet/Wireless Software
Internal Network Card Power Management
Internet Explorer Default Page
iTunes
Jasc Paint Shop Photo Album 5
Jasc Paint Shop Pro Studio, Dell Editon
Java™ 6 Update 17
Junk Mail filter update
Learn2 Player (Uninstall Only)
Malwarebytes' Anti-Malware
Map Button (Windows Live Toolbar)
mCore
mDrWiFi
mHlpDell
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB953297)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Search Enhancement Pack
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Works 7.0
mIWA
mIWCA
MKV Splitter
mLogView
mMHouse
MobileMe Control Panel
Modem Helper
Movie Splitter
mPfMgr
mPfWiz
mProSafe
mSSO
MSVCRT
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 6.0 Parser (KB933579)
mToolkit
mWlsSafe
mXML
My Way Search Assistant
mZConfig
Nero 6
NetWaiting
Nokia Connectivity Cable Driver
Nokia Home Media Server
Nokia Map Loader
Nokia Multimedia Common Components 2.4
Nokia Music
Nokia Ovi Application Installer
Nokia Ovi Application Installer 6.85.3011
Nokia Ovi Content Copier
Nokia Ovi Content Copier 6.85.3011
Nokia Ovi One Touch Access
Nokia Ovi One Touch Access 6.85.3019
Nokia Ovi Suite
Nokia Ovi System Utilities
Nokia Ovi System Utilities 6.85.3018
Nokia Photos
Nokia Software Updater
Orb
PC Connectivity Solution
PowerDVD 5.5
QuickSet
QuickTime
SA31xx Device Manager & Media Converter
Safari
SAMSUNG Mobile Modem Driver Set
Samsung Mobile phone USB driver Software
SAMSUNG Mobile USB Modem 1.0 Software
SAMSUNG Mobile USB Modem Software
Samsung PC Studio 3
Samsung PC Studio 3 USB Driver Installer
Samsung Samples Installer
Security Update for CAPICOM (KB931906)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 9 (KB936782)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950759)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953838)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Segoe UI
SightSpeed (remove only)
Smart Menus (Windows Live Toolbar)
Sonic DLA
Sonic MyDVD LE
Sonic RecordNow Audio
Sonic RecordNow Copy
Sonic RecordNow Data
Sonic Update Manager
Spybot - Search & Destroy
SUPERAntiSpyware Free Edition
Tiscali Internet
TomTom HOME 2.6.2.1586
TomTom HOME Visual Studio Merge Modules
TwonkyMedia
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB972636)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955839)
Update for Windows XP (KB961503)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB973815)
VC80CRTRedist - 8.0.50727.4053
Viewpoint Media Player
Wanadoo Europe Installer
Wanadoo UK
WebFldrs XP
Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Imaging Component
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live Favorites for Windows Live Toolbar
Windows Live Mail
Windows Live Messenger
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Toolbar
Windows Live Toolbar Extension (Windows Live Toolbar)
Windows Live Upload Tool
Windows Live Writer
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3
Yahoo! Browser Services
Yahoo! Install Manager
Yahoo! Internet Mail
Yahoo! Messenger
Yahoo! Search Protection
Yahoo! Toolbar

==== Event Viewer Messages From Past Week ========

21/11/2009 18:54:20, error: atapi [9] - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
19/11/2009 13:15:53, error: Service Control Manager [7023] - The Application Management service terminated with the following error: The specified module could not be found.
19/11/2009 12:58:41, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the AVG9IDSAgent service to connect.
19/11/2009 12:58:41, error: Service Control Manager [7000] - The AVG9IDSAgent service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
19/11/2009 12:58:22, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the WLANKEEPER service to connect.
19/11/2009 12:58:22, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the NICCONFIGSVC service to connect.
19/11/2009 12:58:22, error: Service Control Manager [7000] - The WLANKEEPER service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
19/11/2009 12:58:22, error: Service Control Manager [7000] - The NICCONFIGSVC service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
19/11/2009 12:23:41, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
19/11/2009 10:59:09, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: APPDRV ASPI32 AvgLdx86 AvgMfx86 Fips intelppm SASDIFSV SASKUTIL StarOpen
19/11/2009 09:50:37, error: Disk [11] - The driver detected a controller error on \Device\Harddisk0\D.
19/11/2009 07:01:37, error: PSched [14103] - QoS [Adapter {847A5482-DBE8-4FFC-8AA4-88AC9E4E51F5}]: The netcard driver failed the query for OID_GEN_LINK_SPEED.
19/11/2009 01:36:09, error: Service Control Manager [7034] - The SeaPort service terminated unexpectedly. It has done this 1 time(s).
18/11/2009 20:11:24, error: Service Control Manager [7031] - The Windows Driver Foundation - User-mode Driver Framework service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
18/11/2009 18:04:56, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
18/11/2009 18:04:21, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD APPDRV ASPI32 Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss StarOpen Tcpip
18/11/2009 18:04:21, error: Service Control Manager [7001] - The Windows Live Family Safety service depends on the fssfltr service which failed to start because of the following error: The dependency service or group failed to start.
18/11/2009 18:04:21, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.
18/11/2009 18:04:21, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
18/11/2009 18:04:21, error: Service Control Manager [7001] - The fssfltr service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
18/11/2009 18:04:21, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
18/11/2009 18:04:21, error: Service Control Manager [7001] - The Bonjour Service service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
18/11/2009 18:04:21, error: Service Control Manager [7001] - The Apple Mobile Device service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.

==== End Of File ===========================


Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume2
Install Date: 15/11/2007 19:17:57
System Uptime: 22/11/2009 17:07:22 (4 hours ago)

Motherboard: Dell Inc. | | 0X9238
Processor: Intel® Pentium® M processor 1.73GHz | Microprocessor | 1729/133mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 53 GiB total, 23.32 GiB free.
D: is CDROM ()

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP149: 24/08/2009 14:19:44 - System Checkpoint
RP150: 26/08/2009 11:37:48 - System Checkpoint
RP151: 26/08/2009 16:22:15 - Software Distribution Service 3.0
RP152: 28/08/2009 10:05:46 - System Checkpoint
RP153: 30/08/2009 13:40:12 - System Checkpoint
RP154: 09/09/2009 17:09:42 - Software Distribution Service 3.0
RP155: 22/09/2009 23:25:24 - System Checkpoint
RP156: 14/10/2009 17:42:57 - System Checkpoint
RP157: 17/10/2009 15:17:59 - Software Distribution Service 3.0
RP158: 22/10/2009 14:55:12 - System Checkpoint
RP159: 06/11/2009 12:36:49 - System Checkpoint
RP160: 06/11/2009 13:06:28 - Software Distribution Service 3.0
RP161: 11/11/2009 23:09:29 - Software Distribution Service 3.0
RP162: 18/11/2009 17:17:24 - Removed Norton Security Center
RP163: 18/11/2009 19:52:20 - Installed AVG 9.0
RP164: 19/11/2009 01:52:21 - Removed Skype™ 4.1
RP165: 19/11/2009 01:53:12 - Removed Skype web features
RP166: 19/11/2009 02:52:50 - Avg8 Update
RP167: 19/11/2009 03:07:49 - Installed SUPERAntiSpyware Free Edition
RP168: 19/11/2009 13:15:16 - Removed Java 2 Runtime Environment, SE v1.4.2_03
RP169: 19/11/2009 13:21:24 - Installed Java™ 6 Update 17
RP170: 22/11/2009 20:31:51 - System Checkpoint

==== Installed Programs ======================

AAC Decoder
ABBYY FineReader 5.0 Sprint Plus
Adobe Flash Player 10 ActiveX
Adobe Reader 7.0
Advanced Video FX Utility
ALPS Touch Pad Driver
AOL Connectivity Services
AOL Spyware Protection
AOL UK (Choose which version to remove)
AOL You've Got Pictures Screensaver
Apple Mobile Device Support
Apple Software Update
ARTEuro
ATI Control Panel
ATI Display Driver
AutoUpdate
AVG 9.0
AVS Video Editor 3.5
AVS Video ReMaker 2.4
AVS4YOU Software Navigator 1.2
Bonjour
Broadcom Management Programs 2
CCleaner
Chikka Messenger V4
Choice Guard
Conexant D110 MDC V.9x Modem
Creative Live! Cam Notebook Pro Driver (1.01.03.0405)
Creative Live! Cam Notebook Pro User's Guide (English)
Creative Photo Calendar
Creative Photo Manager
Creative Software AutoUpdate
Creative System Information
Creative WebCam Center
Critical Update for Windows Media Player 11 (KB959772)
Dell Driver Reset Tool
Dell Media Experience
Dell Photo AIO Printer 922
Dell Picture Studio v3.0
Dell Support 5.0.0 (630)
Dell System Restore
Digital Line Detect
DivX Codec
DivX Converter
DivX Player
DivX Plus DirectShow Filters
DivX Version Checker
DivX Web Player
DVD to VCD AVI DivX Converter v3.2 (build 069)
Eusing Free Registry Cleaner
G15A922EN
Get Yahoo! Messenger
H.264 Decoder
Highlight Viewer (Windows Live Toolbar)
HostsMan 3.1.57
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB954708)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Intel® PROSet/Wireless Software
Internal Network Card Power Management
Internet Explorer Default Page
iTunes
Jasc Paint Shop Photo Album 5
Jasc Paint Shop Pro Studio, Dell Editon
Java™ 6 Update 17
Junk Mail filter update
Learn2 Player (Uninstall Only)
Malwarebytes' Anti-Malware
Map Button (Windows Live Toolbar)
mCore
mDrWiFi
mHlpDell
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB953297)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Search Enhancement Pack
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Works 7.0
mIWA
mIWCA
MKV Splitter
mLogView
mMHouse
MobileMe Control Panel
Modem Helper
Movie Splitter
mPfMgr
mPfWiz
mProSafe
mSSO
MSVCRT
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 6.0 Parser (KB933579)
mToolkit
mWlsSafe
mXML
My Way Search Assistant
mZConfig
Nero 6
NetWaiting
Nokia Connectivity Cable Driver
Nokia Home Media Server
Nokia Map Loader
Nokia Multimedia Common Components 2.4
Nokia Music
Nokia Ovi Application Installer
Nokia Ovi Application Installer 6.85.3011
Nokia Ovi Content Copier
Nokia Ovi Content Copier 6.85.3011
Nokia Ovi One Touch Access
Nokia Ovi One Touch Access 6.85.3019
Nokia Ovi Suite
Nokia Ovi System Utilities
Nokia Ovi System Utilities 6.85.3018
Nokia Photos
Nokia Software Updater
Orb
PC Connectivity Solution
PowerDVD 5.5
QuickSet
QuickTime
SA31xx Device Manager & Media Converter
Safari
SAMSUNG Mobile Modem Driver Set
Samsung Mobile phone USB driver Software
SAMSUNG Mobile USB Modem 1.0 Software
SAMSUNG Mobile USB Modem Software
Samsung PC Studio 3
Samsung PC Studio 3 USB Driver Installer
Samsung Samples Installer
Security Update for CAPICOM (KB931906)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 9 (KB936782)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950759)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953838)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Segoe UI
SightSpeed (remove only)
Smart Menus (Windows Live Toolbar)
Sonic DLA
Sonic MyDVD LE
Sonic RecordNow Audio
Sonic RecordNow Copy
Sonic RecordNow Data
Sonic Update Manager
Spybot - Search & Destroy
SUPERAntiSpyware Free Edition
Tiscali Internet
TomTom HOME 2.6.2.1586
TomTom HOME Visual Studio Merge Modules
TwonkyMedia
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB972636)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955839)
Update for Windows XP (KB961503)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB973815)
VC80CRTRedist - 8.0.50727.4053
Viewpoint Media Player
Wanadoo Europe Installer
Wanadoo UK
WebFldrs XP
Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Imaging Component
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live Favorites for Windows Live Toolbar
Windows Live Mail
Windows Live Messenger
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Toolbar
Windows Live Toolbar Extension (Windows Live Toolbar)
Windows Live Upload Tool
Windows Live Writer
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3
Yahoo! Browser Services
Yahoo! Install Manager
Yahoo! Internet Mail
Yahoo! Messenger
Yahoo! Search Protection
Yahoo! Toolbar

==== Event Viewer Messages From Past Week ========

21/11/2009 18:54:20, error: atapi [9] - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
19/11/2009 13:15:53, error: Service Control Manager [7023] - The Application Management service terminated with the following error: The specified module could not be found.
19/11/2009 12:58:41, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the AVG9IDSAgent service to connect.
19/11/2009 12:58:41, error: Service Control Manager [7000] - The AVG9IDSAgent service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
19/11/2009 12:58:22, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the WLANKEEPER service to connect.
19/11/2009 12:58:22, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the NICCONFIGSVC service to connect.
19/11/2009 12:58:22, error: Service Control Manager [7000] - The WLANKEEPER service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
19/11/2009 12:58:22, error: Service Control Manager [7000] - The NICCONFIGSVC service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
19/11/2009 12:23:41, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
19/11/2009 10:59:09, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: APPDRV ASPI32 AvgLdx86 AvgMfx86 Fips intelppm SASDIFSV SASKUTIL StarOpen
19/11/2009 09:50:37, error: Disk [11] - The driver detected a controller error on \Device\Harddisk0\D.
19/11/2009 07:01:37, error: PSched [14103] - QoS [Adapter {847A5482-DBE8-4FFC-8AA4-88AC9E4E51F5}]: The netcard driver failed the query for OID_GEN_LINK_SPEED.
19/11/2009 01:36:09, error: Service Control Manager [7034] - The SeaPort service terminated unexpectedly. It has done this 1 time(s).
18/11/2009 20:11:24, error: Service Control Manager [7031] - The Windows Driver Foundation - User-mode Driver Framework service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
18/11/2009 18:04:56, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
18/11/2009 18:04:21, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD APPDRV ASPI32 Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss StarOpen Tcpip
18/11/2009 18:04:21, error: Service Control Manager [7001] - The Windows Live Family Safety service depends on the fssfltr service which failed to start because of the following error: The dependency service or group failed to start.
18/11/2009 18:04:21, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.
18/11/2009 18:04:21, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
18/11/2009 18:04:21, error: Service Control Manager [7001] - The fssfltr service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
18/11/2009 18:04:21, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
18/11/2009 18:04:21, error: Service Control Manager [7001] - The Bonjour Service service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
18/11/2009 18:04:21, error: Service Control Manager [7001] - The Apple Mobile Device service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.

==== End Of File ===========================

[IndiGenus]

Quote

Sorry if the DDS Log got cut off.I am new to the forum like this.Here is the DDS Log again.I need to run the DDS scan again to get this scan result.

No problem, don't worry about it.

This last post has the attach.txt posted twice. I need the DDS.txt. It was the first log you had posted that got cut off. If you need to just run it again as it doesn't take long. Then only post DDS.txt.

[Dezvouz1946]

Sorry again. I can see that you are really there to help me. Thanks for your patience. Here again is the complete DDS scan log:

DDS (Ver_09-10-26.01) - NTFSx86
Run by Evelyn Dequilla at 21:10:37.61 on 23/11/2009
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.767.245 [GMT 0:00]

AV: AVG Internet Security *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: AVG Firewall *enabled* {8decf618-9569-4340-b34a-d78d28969b66}

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
svchost.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\AVG\AVG9\avgfws9.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Windows Live\Family Safety\fsssvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\AVG\AVG9\avgam.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\Program Files\AVG\AVG9\avgemc.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\Creative\Shared Files\CamTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Dell Photo AIO Printer 922\dlbtbmon.exe
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Evelyn Dequilla\My Documents\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.pep.ph/index.php
uDefault_Page_URL = hxxp://www.dell.co.uk/myway
uSearch Bar = hxxp://bfc.myway.com/search/de_srchlft.html?p=DK
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
uURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg9\toolbar\IEToolbar.dll
uURLSearchHooks: H - No File
uURLSearchHooks: H - No File
uURLSearchHooks: H - No File
BHO: Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg9\avgssie.dll
BHO: Windows Live Family Safety Browser Helper Class: {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - c:\program files\windows live\family safety\fssbho.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: Yahoo! IE Services Button: {5bab4b5b-68bc-4b02-94d6-2fc0de4a7897} - c:\program files\yahoo!\common\yiesrvc.dll
BHO: Click-to-Call BHO: {5c255c8a-e604-49b4-9d64-90988571cecb} - c:\program files\windows live\messenger\wlchtc.dll
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\tfswshx.dll
BHO: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - No File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg9\toolbar\IEToolbar.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program files\avg\avg9\toolbar\IEToolbar.dll
TB: {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File
TB: {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No File
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
uRun: [DellSupport] "c:\program files\dell support\DSAgnt.exe" /startup
uRun: [Creative WebCam Tray] "c:\program files\creative\shared files\CamTray.exe"
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [ccleaner] "c:\program files\ccleaner\CCleaner.exe" /AUTO
mRun: [ATIPTA] c:\program files\ati technologies\ati control panel\atiptaxx.exe
mRun: [IntelWireless] c:\program files\intel\wireless\bin\ifrmewrk.exe /tf Intel PROSet/Wireless
mRun: [Dell Photo AIO Printer 922] "c:\program files\dell photo aio printer 922\dlbtbmgr.exe"
mRun: [AVG9_TRAY] c:\progra~1\avg\avg9\avgtray.exe
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
IE: &Windows Live Search - c:\program files\windows live toolbar\msntb.dll/search.htm
IE: Add to Windows &Live Favorites - http://favorites.liv...m/quickadd.aspx
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - c:\program files\yahoo!\common\yiesrvc.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: {22492231-AEF0-49FC-9180-CE8969AB1273} - hxxp://download.sp.f-secure.com/ols/f-secure-rtm/resources/fslauncher.cab
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
Filter: application/x-internet-signup - {A173B69A-1F9B-4823-9FDA-412F641E65D6} - c:\program files\tiscali\tiscali internet\dlls\tiscalifilter.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg9\avgpp.dll
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll
Notify: AtiExtEvent - Ati2evxx.dll
Notify: avgrsstarter - avgrsstx.dll
Notify: IntelWireless - c:\program files\intel\wireless\bin\LgNotify.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - No File

============= SERVICES / DRIVERS ===============

R0 AVGIDSErHrxpx;AVG9IDSErHr;c:\windows\system32\drivers\AVGIDSxx.sys [2009-11-18 25608]
R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [2009-11-18 161800]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-11-18 333192]
R1 AvgTdiX;AVG Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-11-18 360584]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2009-11-11 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2009-11-11 74480]
R2 avg9emc;AVG E-mail Scanner;c:\program files\avg\avg9\avgemc.exe [2009-11-18 906520]
R2 avg9wd;AVG WatchDog;c:\program files\avg\avg9\avgwdsvc.exe [2009-11-18 285392]
R2 avgfws9;AVG Firewall;c:\program files\avg\avg9\avgfws9.exe [2009-11-18 2304192]
R2 AVGIDSAgent;AVG9IDSAgent;c:\program files\avg\avg9\identity protection\agent\bin\AVGIDSAgent.exe [2009-11-18 5832712]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-5-2 55152]
R2 fsssvc;Windows Live Family Safety;c:\program files\windows live\family safety\fsssvc.exe [2009-2-6 533360]
R2 TomTomHOMEService;TomTomHOMEService;c:\program files\tomtom home 2\TomTomHOMEService.exe [2009-4-8 92008]
R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [2009-11-18 30104]
R3 AVGIDSDriverxpx;AVG9IDSDriver;c:\program files\avg\avg9\identity protection\agent\driver\platform_xp\AVGIDSDriver.sys [2009-11-18 122376]
R3 AVGIDSFilterxpx;AVG9IDSFilter;c:\program files\avg\avg9\identity protection\agent\driver\platform_xp\AVGIDSFilter.sys [2009-11-18 30216]
R3 AVGIDSShimxpx;AVG9IDSShim;c:\program files\avg\avg9\identity protection\agent\driver\platform_xp\AVGIDSShim.sys [2009-11-18 25736]
S2 SeaPort;SeaPort;c:\program files\microsoft\search enhancement pack\seaport\SeaPort.exe [2009-5-19 240512]
S2 TwonkyMedia;TwonkyMedia;c:\program files\nokia\nokia home media server\media server\twonkymedia.exe -serviceversion 0 --> c:\program files\nokia\nokia home media server\media server\TwonkyMedia.exe -serviceversion 0 [?]
S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [2009-11-18 30104]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2009-11-19 38224]
S3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2009-11-11 7408]
S3 V0250Dev;Live! Cam Notebook Pro;c:\windows\system32\drivers\V0250Dev.sys [2007-11-15 163840]

=============== Created Last 30 ================

2009-11-19 14:36:44 0 d-----w- c:\program files\Eusing Free Registry Cleaner
2009-11-19 13:21:50 73728 ----a-w- c:\windows\system32\javacpl.cpl
2009-11-19 13:21:49 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-11-19 03:08:23 0 d-----w- c:\docume~1\alluse~1\applic~1\SUPERAntiSpyware.com
2009-11-19 03:07:51 0 d-----w- c:\program files\SUPERAntiSpyware
2009-11-19 03:07:51 0 d-----w- c:\docume~1\evelyn~1\applic~1\SUPERAntiSpyware.com
2009-11-19 03:06:30 0 d-----w- c:\program files\common files\Wise Installation Wizard
2009-11-19 02:04:26 0 d-----w- c:\program files\Spybot - Search & Destroy
2009-11-19 02:04:26 0 d-----w- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
2009-11-19 01:05:47 0 d-----w- c:\program files\MALWAREBYTES ANTI-MALWARE
2009-11-19 01:05:36 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-11-19 01:05:35 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-11-19 01:05:34 0 d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-11-18 19:54:10 0 d--h--w- C:\$AVG
2009-11-18 19:53:43 12464 ----a-w- c:\windows\system32\avgrsstx.dll
2009-11-18 19:53:42 333192 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-11-18 19:53:29 0 d-----w- c:\windows\system32\drivers\Avg
2009-11-18 19:53:26 0 d-----w- c:\docume~1\alluse~1\applic~1\AVG Security Toolbar
2009-11-18 19:53:02 25608 ----a-w- c:\windows\system32\drivers\AVGIDSxx.sys
2009-11-18 19:53:01 161800 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
2009-11-18 19:52:56 360584 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2009-11-18 19:52:24 50968 ----a-w- c:\windows\system32\avgfwdx.dll
2009-11-18 19:52:24 30104 ----a-w- c:\windows\system32\drivers\avgfwdx.sys
2009-11-18 19:52:23 0 d-----w- c:\program files\AVG
2009-11-18 19:47:40 0 d-----w- c:\docume~1\alluse~1\applic~1\avg9
2009-11-18 17:57:11 0 d-----w- c:\docume~1\evelyn~1\applic~1\abelhadigital.com
2009-11-18 17:57:11 0 d-----w- c:\docume~1\alluse~1\applic~1\abelhadigital.com
2009-11-18 17:57:05 0 d-----w- c:\program files\HostsMan
2009-11-18 17:42:08 0 d-----w- c:\program files\CCleaner
2009-11-18 17:40:10 0 d-----w- c:\docume~1\evelyn~1\applic~1\Malwarebytes
2009-11-18 17:40:03 0 d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
2009-11-18 16:58:28 0 d-----w- c:\windows\pss
2009-11-11 21:06:20 0 d-----w- C:\divx
2009-11-11 18:26:56 9464 ------w- c:\windows\system32\drivers\cdralw2k.sys
2009-11-11 18:26:56 9336 ------w- c:\windows\system32\drivers\cdr4_xp.sys
2009-11-11 18:26:55 129784 ------w- c:\windows\system32\pxafs.dll
2009-11-11 18:20:28 0 d-----w- c:\program files\common files\DivX Shared
2009-11-11 18:20:26 0 d-----w- c:\program files\DivX
2009-11-08 08:16:12 12160 ----a-w- c:\windows\system32\drivers\mouhid.sys
2009-11-08 08:16:12 12160 ----a-w- c:\windows\system32\dllcache\mouhid.sys

==================== Find3M ====================

2009-10-22 09:19:04 5939712 ------w- c:\windows\system32\dllcache\mshtml.dll
2009-09-25 16:42:38 43528 ------w- c:\windows\system32\drivers\pxhelp20.sys
2009-09-25 16:42:38 120056 ------w- c:\windows\system32\pxcpyi64.exe
2009-09-25 16:42:38 118520 ------w- c:\windows\system32\pxinsi64.exe
2009-09-25 16:41:28 90112 ----a-w- c:\windows\system32\dpl100.dll
2009-09-25 16:41:26 856064 ----a-w- c:\windows\system32\divx_xx0c.dll
2009-09-25 16:41:26 856064 ----a-w- c:\windows\system32\divx_xx07.dll
2009-09-25 16:41:26 847872 ----a-w- c:\windows\system32\divx_xx0a.dll
2009-09-25 16:41:26 843776 ----a-w- c:\windows\system32\divx_xx16.dll
2009-09-25 16:41:26 839680 ----a-w- c:\windows\system32\divx_xx11.dll
2009-09-25 16:41:26 696320 ----a-w- c:\windows\system32\DivX.dll
2009-09-11 14:18:39 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-11 14:18:39 136192 ------w- c:\windows\system32\dllcache\msv1_0.dll
2009-09-04 21:03:36 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-09-04 21:03:36 58880 ------w- c:\windows\system32\dllcache\msasn1.dll
2009-08-28 10:35:52 173056 ------w- c:\windows\system32\dllcache\ie4uinit.exe
2009-08-26 08:00:21 247326 ----a-w- c:\windows\system32\strmdll.dll
2009-08-26 08:00:21 247326 ------w- c:\windows\system32\dllcache\strmdll.dll
2008-09-27 10:41:50 32768 --sha-w- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008092720080928\index.dat

============= FINISH: 21:11:50.09 ===============


Here is the Attach.txt

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-10-26.01)

Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume2
Install Date: 15/11/2007 19:17:57
System Uptime: 23/11/2009 20:54:25 (1 hours ago)

Motherboard: Dell Inc. | | 0X9238
Processor: Intel® Pentium® M processor 1.73GHz | Microprocessor | 1729/133mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 53 GiB total, 23.382 GiB free.
D: is CDROM ()

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP150: 26/08/2009 11:37:48 - System Checkpoint
RP151: 26/08/2009 16:22:15 - Software Distribution Service 3.0
RP152: 28/08/2009 10:05:46 - System Checkpoint
RP153: 30/08/2009 13:40:12 - System Checkpoint
RP154: 09/09/2009 17:09:42 - Software Distribution Service 3.0
RP155: 22/09/2009 23:25:24 - System Checkpoint
RP156: 14/10/2009 17:42:57 - System Checkpoint
RP157: 17/10/2009 15:17:59 - Software Distribution Service 3.0
RP158: 22/10/2009 14:55:12 - System Checkpoint
RP159: 06/11/2009 12:36:49 - System Checkpoint
RP160: 06/11/2009 13:06:28 - Software Distribution Service 3.0
RP161: 11/11/2009 23:09:29 - Software Distribution Service 3.0
RP162: 18/11/2009 17:17:24 - Removed Norton Security Center
RP163: 18/11/2009 19:52:20 - Installed AVG 9.0
RP164: 19/11/2009 01:52:21 - Removed Skype™ 4.1
RP165: 19/11/2009 01:53:12 - Removed Skype web features
RP166: 19/11/2009 02:52:50 - Avg8 Update
RP167: 19/11/2009 03:07:49 - Installed SUPERAntiSpyware Free Edition
RP168: 19/11/2009 13:15:16 - Removed Java 2 Runtime Environment, SE v1.4.2_03
RP169: 19/11/2009 13:21:24 - Installed Java™ 6 Update 17
RP170: 22/11/2009 20:31:51 - System Checkpoint

==== Installed Programs ======================

AAC Decoder
ABBYY FineReader 5.0 Sprint Plus
Adobe Flash Player 10 ActiveX
Adobe Reader 7.0
Advanced Video FX Utility
ALPS Touch Pad Driver
AOL Connectivity Services
AOL Spyware Protection
AOL UK (Choose which version to remove)
AOL You've Got Pictures Screensaver
Apple Mobile Device Support
Apple Software Update
ARTEuro
ATI Control Panel
ATI Display Driver
AutoUpdate
AVG 9.0
AVS Video Editor 3.5
AVS Video ReMaker 2.4
AVS4YOU Software Navigator 1.2
Bonjour
Broadcom Management Programs 2
CCleaner
Chikka Messenger V4
Choice Guard
Conexant D110 MDC V.9x Modem
Creative Live! Cam Notebook Pro Driver (1.01.03.0405)
Creative Live! Cam Notebook Pro User's Guide (English)
Creative Photo Calendar
Creative Photo Manager
Creative Software AutoUpdate
Creative System Information
Creative WebCam Center
Critical Update for Windows Media Player 11 (KB959772)
Dell Driver Reset Tool
Dell Media Experience
Dell Photo AIO Printer 922
Dell Picture Studio v3.0
Dell Support 5.0.0 (630)
Dell System Restore
Digital Line Detect
DivX Codec
DivX Converter
DivX Player
DivX Plus DirectShow Filters
DivX Version Checker
DivX Web Player
DVD to VCD AVI DivX Converter v3.2 (build 069)
Eusing Free Registry Cleaner
G15A922EN
Get Yahoo! Messenger
H.264 Decoder
Highlight Viewer (Windows Live Toolbar)
HostsMan 3.1.57
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB954708)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Intel® PROSet/Wireless Software
Internal Network Card Power Management
Internet Explorer Default Page
iTunes
Jasc Paint Shop Photo Album 5
Jasc Paint Shop Pro Studio, Dell Editon
Java™ 6 Update 17
Junk Mail filter update
Learn2 Player (Uninstall Only)
Malwarebytes' Anti-Malware
Map Button (Windows Live Toolbar)
mCore
mDrWiFi
mHlpDell
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB953297)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Search Enhancement Pack
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Works 7.0
mIWA
mIWCA
MKV Splitter
mLogView
mMHouse
MobileMe Control Panel
Modem Helper
Movie Splitter
mPfMgr
mPfWiz
mProSafe
mSSO
MSVCRT
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 6.0 Parser (KB933579)
mToolkit
mWlsSafe
mXML
My Way Search Assistant
mZConfig
Nero 6
NetWaiting
Nokia Connectivity Cable Driver
Nokia Home Media Server
Nokia Map Loader
Nokia Multimedia Common Components 2.4
Nokia Music
Nokia Ovi Application Installer
Nokia Ovi Application Installer 6.85.3011
Nokia Ovi Content Copier
Nokia Ovi Content Copier 6.85.3011
Nokia Ovi One Touch Access
Nokia Ovi One Touch Access 6.85.3019
Nokia Ovi Suite
Nokia Ovi System Utilities
Nokia Ovi System Utilities 6.85.3018
Nokia Photos
Nokia Software Updater
Orb
PC Connectivity Solution
PowerDVD 5.5
QuickSet
QuickTime
SA31xx Device Manager & Media Converter
Safari
SAMSUNG Mobile Modem Driver Set
Samsung Mobile phone USB driver Software
SAMSUNG Mobile USB Modem 1.0 Software
SAMSUNG Mobile USB Modem Software
Samsung PC Studio 3
Samsung PC Studio 3 USB Driver Installer
Samsung Samples Installer
Security Update for CAPICOM (KB931906)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 9 (KB936782)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950759)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953838)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Segoe UI
SightSpeed (remove only)
Smart Menus (Windows Live Toolbar)
Sonic DLA
Sonic MyDVD LE
Sonic RecordNow Audio
Sonic RecordNow Copy
Sonic RecordNow Data
Sonic Update Manager
Spybot - Search & Destroy
SUPERAntiSpyware Free Edition
Tiscali Internet
TomTom HOME 2.6.2.1586
TomTom HOME Visual Studio Merge Modules
TwonkyMedia
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB972636)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955839)
Update for Windows XP (KB961503)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB973815)
VC80CRTRedist - 8.0.50727.4053
Viewpoint Media Player
Wanadoo Europe Installer
Wanadoo UK
WebFldrs XP
Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Imaging Component
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live Favorites for Windows Live Toolbar
Windows Live Mail
Windows Live Messenger
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Toolbar
Windows Live Toolbar Extension (Windows Live Toolbar)
Windows Live Upload Tool
Windows Live Writer
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3
Yahoo! Browser Services
Yahoo! Install Manager
Yahoo! Internet Mail
Yahoo! Messenger
Yahoo! Search Protection
Yahoo! Toolbar

==== Event Viewer Messages From Past Week ========

21/11/2009 18:54:20, error: atapi [9] - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
19/11/2009 13:15:58, error: Service Control Manager [7023] - The Application Management service terminated with the following error: The specified module could not be found.
19/11/2009 12:58:41, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the AVG9IDSAgent service to connect.
19/11/2009 12:58:41, error: Service Control Manager [7000] - The AVG9IDSAgent service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
19/11/2009 12:58:22, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the WLANKEEPER service to connect.
19/11/2009 12:58:22, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the NICCONFIGSVC service to connect.
19/11/2009 12:58:22, error: Service Control Manager [7000] - The WLANKEEPER service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
19/11/2009 12:58:22, error: Service Control Manager [7000] - The NICCONFIGSVC service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
19/11/2009 12:23:41, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
19/11/2009 10:59:09, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: APPDRV ASPI32 AvgLdx86 AvgMfx86 Fips intelppm SASDIFSV SASKUTIL StarOpen
19/11/2009 09:50:37, error: Disk [11] - The driver detected a controller error on \Device\Harddisk0\D.
19/11/2009 07:01:37, error: PSched [14103] - QoS [Adapter {847A5482-DBE8-4FFC-8AA4-88AC9E4E51F5}]: The netcard driver failed the query for OID_GEN_LINK_SPEED.
19/11/2009 01:36:09, error: Service Control Manager [7034] - The SeaPort service terminated unexpectedly. It has done this 1 time(s).
18/11/2009 20:11:24, error: Service Control Manager [7031] - The Windows Driver Foundation - User-mode Driver Framework service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
18/11/2009 18:04:56, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
18/11/2009 18:04:21, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD APPDRV ASPI32 Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss StarOpen Tcpip
18/11/2009 18:04:21, error: Service Control Manager [7001] - The Windows Live Family Safety service depends on the fssfltr service which failed to start because of the following error: The dependency service or group failed to start.
18/11/2009 18:04:21, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.
18/11/2009 18:04:21, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
18/11/2009 18:04:21, error: Service Control Manager [7001] - The fssfltr service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
18/11/2009 18:04:21, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
18/11/2009 18:04:21, error: Service Control Manager [7001] - The Bonjour Service service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
18/11/2009 18:04:21, error: Service Control Manager [7001] - The Apple Mobile Device service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.

==== End Of File ===========================


I hope I got it right and complete now. I'll await your reply.

[IndiGenus]

Yes, those are the correct logs. I'm not seeing anything malicious, but that doesn't mean there isn't anything as Malware can hide. We'll do some more scans but wanted to check in to see how things were running at this point as it's been about 4 days since you posted originally.

Are you still having issues? Will MBAM run? Will AVG run? If so can you run a full system scan and report what's found, if anything.

[Dezvouz1946]

Hi again.I am lucky today that i can scan the MBAM and i was surprise.why 4 days ago i can't run the MBAM
Malwarebytes' Anti-Malware 1.41
Database version: 2775
Windows 5.1.2600 Service Pack 3

24/11/2009 18:11:29
MBAM LOG 1

Scan type: Quick Scan
Objects scanned: 100582
Time elapsed: 6 minute(s), 9 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 2
Registry Values Infected: 0
Registry Data Items Infected: 1
Folders Infected: 3
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\CLSID\{4d25f926-b9fe-4682-bf72-8ab8210d6d75} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> No action taken.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.

Folders Infected:
C:\Program Files\MyWaySA (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWaySA\SrchAsDe (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWaySA\SrchAsDe\1.bin (Adware.MyWebSearch) -> No action taken.

Files Infected:
(No malicious items detect

What do i do next?My MBAM still open and i don't know what i am going to do next.

[IndiGenus]

You need to have MBAM fix those items.

When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.

With that said, the adware it found is pretty harmless as far as Malware goes. Shouldn't cause you any serious issues. Still get rid of it though.

Are you having any issues?

[Dezvouz1946]

Im back. I have already "removed" the detections by mbam. Here is the log after I have removed the 6 items/malware>>>

Malwarebytes' Anti-Malware 1.41
Database version: 2775
Windows 5.1.2600 Service Pack 3

24/11/2009 20:27:01
mbam-log-2009-11-24 (20-27-01).txt

Scan type: Quick Scan
Objects scanned: 100582
Time elapsed: 6 minute(s), 9 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 2
Registry Values Infected: 0
Registry Data Items Infected: 1
Folders Infected: 3
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\CLSID\{4d25f926-b9fe-4682-bf72-8ab8210d6d75} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
C:\Program Files\MyWaySA (Adware.MyWebSearch) -> Quarantined and deleted successfully
C:\Program Files\MyWaySA\SrchAsDe (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWaySA\SrchAsDe\1.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Files Infected:
(No malicious items detected)

I have also ran the AVG scan while waiting for your reply. I updated it first...I was surprised that I was able to update it because before it was saying "General Error...Update Failed" but eventually the update was successful. Here is the AVG scan result. overview, Infections, Warnings

By the way I just would like to add that whenever I am posting my reply to you I am having difficulty because the cursor of my mouse keeps on going everywhere...I have to re-write/delete again. Is this another symptom of infection? I am still getting occassional message in my laptop of "Connectivity Problem" which when I click "Diagnose" the connectivity will eventually succeed. Why is it like that? I am sorry if I have lots of questions...my laptop is really just acting weird. I'll wait for your reply again. Thanks!

[IndiGenus]

Quote

By the way I just would like to add that whenever I am posting my reply to you I am having difficulty because the cursor of my mouse keeps on going everywhere...I have to re-write/delete again. Is this another symptom of infection?

I haven't seen anything in the logs we've run that shows you were ever infected. The Mywebsearch/MyWay that MBAM found came installed by Dell on your laptop, so it's been there all along. It's harmless, just annoying.

The mouse issue is more likely due to a hardware/driver issue. Have you tried updating the drivers from Dell?

Quote

I am still getting occassional message in my laptop of "Connectivity Problem" which when I click "Diagnose" the connectivity will eventually succeed. Why is it like that? I am sorry if I have lots of questions...my laptop is really just acting weird. I'll wait for your reply again. Thanks!

No problem on the questions, that's what I'm here for. Again, don't think it's Malware. Could be any number of things here too. Do you have other PC's on the network? What kind of set-up do you have. I'll help as much as I can then if we cannot solve it here you can go over to the Windows help forum here at MBAM.

[Dezvouz1946]

IndiGenus, on Nov 24 2009, 09:07 PM, said:

The mouse issue is more likely due to a hardware/driver issue. Have you tried updating the drivers from Dell?

How do I update it? Can you point me to the proper site? Any step by step guide?

There is no other pc here in my house...we only have this one laptop. Where can I check my connectivity settings?

[IndiGenus]

Quote

How do I update it? Can you point me to the proper site? Any step by step guide?

I would suggest you go to the Dell website and put in your s/n, ect... it should give you some drivers to choose from. You can also go into your Device Manager and look for the name of the pointing device, touchpad, ect.... right click it and select update driver.

Quote

There is no other pc here in my house...we only have this one laptop. Where can I check my connectivity settings?

One place to start could be your ISP. They should at least check the incoming connections, modem, ect....then if you know those are okay then that isolates it to the PC. Have you tried some basic steps, such as resetting the power to the modem?

You also have several network related issues noted in the event viewer from the DDS log. I'll take a look at those and see if we can come up with some ideas.

[IndiGenus]

How are you making out here? Any progress?

[AdvancedSetup]

Due to the lack of feedback this Topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

The fixes and advice in this thread are for this machine only. Do not apply the instructions from this thread to your own machine. Please start a new thread describing your issue and someone will be along to assist you.