
Should I just hook my router back up, it may have been blocking most of this for me, I have symantec antivirus and the scanner won't even work now I get a "Could not start scan. Scan engine returned error 0x20000058."
I downloaded AVG and that has caught a bunch of problems but I can scan every day and find more. I have Spybot-SD running and use ad-aware to get rid/prevent most problems and it was fine until recently.
I get a clicking sound and I have had my outlook open up on me and mozilla browsers pop up with some websites:
Separated so that nobody accidently clicks on the link but those are the sites that are popping up regularly.
http 82.98.235.111
http url.adtrgt.co (there is a longer path but this is all i have left of it for right now)
I'm running some windows updates as well to see if there have been any recent security updates or service packs that I have missed.
I had an old version of internet explorer 6 installed because I have one website from my work that for some reason will not work on any IE over version 6 but I do not run it very often and haven't used it recently. I am using the windows firewall.
I had zone alarm and it worked good for a while and for some reason the free firewall just stopped working so I switched back to the windows firewall.
Any help or suggestions would be appreciated, if there is a good place to look up these files and errors and it would help save time please let me know and I can do more to help myself, I just don't know where to start.
Attached is my attach.txt file:
See attachment
Here is the output from DDS:
DDS (Ver_09-01-19.01) - NTFSx86
Run by Kurt at 18:25:49.78 on Tue 01/27/2009
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_10
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.3327.2188 [GMT -7:00]
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated)
AV: Symantec AntiVirus Corporate Edition *On-access scanning enabled* (Updated)
FW: ZoneAlarm Pro Firewall *disabled*
============== Running Processes ===============
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe
g:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\AVG\AVG8\avgui.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Kurt\Desktop\HiJackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Documents and Settings\Kurt\Desktop\dds.scr
============== Pseudo HJT Report ===============
uStart Page = hxxp://google.com/
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: NoExplorer - No File
BHO: {6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} - c:\windows\system32\tuvVNHyw.dll
BHO: {7d05fb85-305b-4f9d-8214-9b3bfbdb9c14} - c:\windows\system32\cbXRIaaW.dll
BHO: c:\windows\system32\gsdrgfdrrgnd.dll: {d5bf4552-94f1-42bd-f434-3604812c807d} - c:\windows\system32\gsdrgfdrrgnd.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
TB: {F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA} - No File
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"
mRun: [vptray] c:\progra~1\symant~1\VPTray.exe
mRun: [PC Pitstop Optimize2 Reminder] c:\program files\pcpitstop\optimize2\Reminder.exe
mRun: [Launch Ai Booster] "c:\program files\asus\ai booster\OverClk.exe"
mRun: [SunJavaUpdateSched] "g:\java\bin\jusched.exe"
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
mRun: [MSConfig] c:\windows\pchealth\helpctr\binaries\MSConfig.exe /auto
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\apcups~1.lnk - c:\program files\apc\apc powerchute personal
edition\Display.exe
uPolicies-explorer: NoFolderOptions = 1 (0x1)
uPolicies-system: DisableRegistryTools = 1 (0x1)
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} -
hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1197599180295
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab
DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} - hxxp://utilities.pcpitstop.com/optimize2/pcpitstop2.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Notify: avgrsstarter - avgrsstx.dll
Notify: NavLogon - c:\windows\system32\NavLogon.dll
Notify: tuvvnhyw - tuvVNHyw.dll
AppInit_DLLs: hptvap.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
STS: c:\windows\system32\gsdrgfdrrgnd.dll: {d5bf4552-94f1-42bd-f434-3604812c807d} - c:\windows\system32\gsdrgfdrrgnd.dll
SEH: {6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} - c:\windows\system32\tuvVNHyw.dll
SecurityProviders: msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, digeste.dll
LSA: Authentication Packages = msv1_0 c:\windows\system32\cbXRIaaW
================= FIREFOX ===================
FF - ProfilePath - c:\docume~1\kurt\applic~1\mozilla\firefox\profiles\orwgx3un.default\
FF - prefs.js: browser.startup.homepage - hxxp://google.com/
FF - component: c:\program files\avg\avg8\firefox\components\avgssff.dll
FF - plugin: g:\divx\divx player\npDivxPlayerPlugin.dll
FF - plugin: g:\divx\divx web player\npdivx32.dll
FF - plugin: g:\java\bin\new_plugin\npdeploytk.dll
FF - plugin: g:\java\bin\new_plugin\npjp2.dll
============= SERVICES / DRIVERS ===============
R1 avgldx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-1-26 325128]
R1 avgmfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2009-1-26 27656]
R1 avgtdix;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-1-26 107272]
R1 SAVRT;SAVRT;c:\program files\symantec antivirus\savrt.sys [2004-2-9 301200]
R1 vsdatant;vsdatant;c:\windows\system32\vsdatant.sys [2007-12-13 394952]
R3 NAVENG;NAVENG;c:\progra~1\common~1\symant~1\virusd~1\20090125.005\naveng.sys [2009-1-25 89104]
R3 NAVEX15;NAVEX15;c:\progra~1\common~1\symant~1\virusd~1\20090125.005\navex15.sys [2009-1-25 876112]
R4 aawservice;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\aawservice.exe [2008-5-12 611664]
R4 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2009-1-26 298264]
R4 ccEvtMgr;Symantec Event Manager;c:\program files\common files\symantec shared\ccEvtMgr.exe [2004-6-9 255096]
R4 ccSetMgr;Symantec Settings Manager;c:\program files\common files\symantec shared\ccSetMgr.exe [2004-6-9 242808]
R4 SAVRTPEL;SAVRTPEL;c:\program files\symantec antivirus\Savrtpel.sys [2004-2-9 37008]
R4 Symantec AntiVirus;Symantec AntiVirus;c:\program files\symantec antivirus\Rtvscan.exe [2004-10-6 1275216]
S1 KLIF;KLIF;c:\windows\system32\drivers\klif.sys --> c:\windows\system32\drivers\klif.sys [?]
S3 ccPwdSvc;Symantec Password Validation;c:\program files\common files\symantec shared\ccPwdSvc.exe [2004-6-9 87160]
S3 cdavfs;CDAVFS;c:\windows\system32\drivers\CDAVFS.sys [2009-1-25 67424]
S3 PciCon;PciCon;\??\d:\pcicon.sys --> d:\PciCon.sys [?]
S3 SavRoam;SAVRoam;c:\program files\symantec antivirus\SavRoam.exe [2004-10-6 173392]
S3 vsmon;TrueVector Internet Monitor;c:\windows\system32\zonelabs\vsmon.exe -service --> c:\windows\system32\zonelabs\vsmon.exe -service [?]
S4 spupdsvc;Windows Service Pack Installer update service;c:\windows\system32\spupdsvc.exe [2007-12-13 23856]
=============== Created Last 30 ================
2009-01-26 00:15 <DIR> --d-h--- C:\$AVG8.VAULT$
2009-01-26 00:12 107,272 a------- c:\windows\system32\drivers\avgtdix.sys
2009-01-26 00:12 10,520 a------- c:\windows\system32\avgrsstx.dll
2009-01-26 00:12 325,128 a------- c:\windows\system32\drivers\avgldx86.sys
2009-01-26 00:12 <DIR> --d----- c:\windows\system32\drivers\Avg
2009-01-26 00:12 <DIR> --d----- c:\program files\AVG
2009-01-26 00:12 <DIR> --d----- c:\docume~1\alluse~1\applic~1\avg8
2009-01-25 23:56 102,664 a------- c:\windows\system32\drivers\tmcomm.sys
2009-01-25 23:56 <DIR> --d----- c:\documents and settings\kurt\.housecall6.6
2009-01-25 22:01 67,424 a------- c:\windows\system32\drivers\CDAVFS.sys
2009-01-25 21:46 420,534 a--sh--- c:\windows\system32\WaaIRXbc.ini2
2009-01-25 17:39 290 a------- c:\windows\wininit.ini
2009-01-25 13:08 129,024 a------- c:\windows\system32\hptvap.dll
2009-01-25 13:08 129,024 a------- c:\windows\system32\lomotwjp.dll
2009-01-25 13:06 120 a--sh--- c:\windows\system32\krvqjhro.ini
2009-01-25 13:05 420,534 a--sh--- c:\windows\system32\WaaIRXbc.ini
2009-01-25 13:01 93,420 a------- c:\windows\system32\drivers\7a156ad7.sys
2009-01-25 13:01 2,207 a------- c:\windows\system32\TDSSqxum.dll
2009-01-25 13:00 441 a------- c:\windows\system32\TDSSejvk.dat
2009-01-25 13:00 36,352 a------- c:\windows\system32\tuvVNHyw.dll
==================== Find3M ====================
2008-12-11 04:57 333,184 a------- c:\windows\system32\drivers\srv.sys
2008-11-11 16:45 21,840 a------- c:\windows\system32\SIntfNT.dll
2008-11-11 16:45 17,212 a------- c:\windows\system32\SIntf32.dll
2008-11-11 16:45 12,067 a------- c:\windows\system32\SIntf16.dll
2008-11-11 16:44 25,469 a------- c:\windows\DIIUnin.dat
2008-11-11 16:33 94,208 a------- c:\windows\DIIUnin.exe
2008-11-11 16:33 2,829 a------- c:\windows\DIIUnin.pif
2008-11-08 14:20 410,976 a------- c:\windows\system32\deploytk.dll
============= FINISH: 18:26:30.48 ===============