Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Browser Redirect problem ongoing...


  • This topic is locked This topic is locked
4 replies to this topic

#1 BobSuruncle3

BobSuruncle3

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:09:17 PM

Posted 01 April 2011 - 12:10 AM

A week a go I got sick and was home for four days. Being bored I browsed the internet for images, and I swear the website was not porn! Anyway I got a problem that I resolved, windows recovery virus - solved by changing replacing the installer files witha known good exe and disabling the call in msconfig. But I also got a browser redirect that I cannot seem to resolve.
I have since last week.
With Malware bytes installed, IO system mechanic install shield, and spybot, all could not find any virus or stop the virus from havoc. I installed AVAST to no effect. I installed hijackthis and reviewed the logs but don't really see anything that jumps out at me. Then I brought a jump drive to work and trend microsystems found the virus and blocked it, so back at home I downloaded trend micro systems, which conflicts with everything else, so I uninstalled everything else, got Windows Recovery virus back, killed windows recovery virus permanently, finally got trend micro systems installed, and it could not find the redirect virus/malware. So in goes MBAM, IOLO system mechanic/shield, and I left avast out. Over the week I had to restore windows to an earlier date twice (due Windows Recovery virus). I've tried in vain to put the bad websites into the hosts file for loopback. They always find new websites to redirect me too - so that's a never ending problem.

So anyway I've looked high and low for this virus. It does not appear to be the google redirect virus. I'm at a loss of what to do next. Here's a recent highjack this log. If there's more logs to obtain please let me know.
If anyone can help me I'd greatly appreciate it! (As a side note I had to install a keystroke logger about 5 years ago during a nasty divorce. I've since removed that.)


StartupList report, 3/31/2011, 9:53:51 PM
StartupList version: 1.52.2
Started from : C:\Program Files\Trend Micro\HiJackThis\HiJackThis.EXE
Detected: Windows XP SP2 (WinNT 5.01.2600)
Detected: Internet Explorer v8.00 (8.00.6001.18702)
* Using default options
==================================================

Running processes:

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe
C:\Program Files\Compact Wireless-G USB Network Adapter with SpeedBooster\WLService.exe
C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
C:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
C:\Program Files\iolo\System Mechanic Professional\System Shield\ioloSSTray.exe
C:\Program Files\Pure Networks\Network Magic\nmapp.exe
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\taskmgr.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\mmc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe

--------------------------------------------------

Checking Windows NT UserInit:

[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
UserInit = C:\WINDOWS\system32\userinit.exe,

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run

nwiz = nwiz.exe /install
SSBkgdUpdate = "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
nmapp = "C:\Program Files\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash
OpwareSE2 = "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
nmctxth = "C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe"
OpwareSE4 = "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
REGSHAVE = C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
dvd43 = C:\Program Files\dvd43\dvd43_tray.exe
avast = "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run

SpybotSD TeaTimer = C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
ctfmon.exe = C:\WINDOWS\system32\ctfmon.exe

--------------------------------------------------

File association entry for .TXT:
HKEY_CLASSES_ROOT\TXT_File\shell\open\command

(Default) = notepad.exe %1

--------------------------------------------------

Shell & screensaver key from C:\WINDOWS\SYSTEM.INI:

Shell=*INI section not found*
SCRNSAVE.EXE=*INI section not found*
drivers=*INI section not found*

Shell & screensaver key from Registry:

Shell=Explorer.exe
SCRNSAVE.EXE=*Registry value not found*
drivers=*Registry value not found*

Policies Shell key:

HKCU\..\Policies: Shell=*Registry value not found*
HKLM\..\Policies: Shell=*Registry value not found*

--------------------------------------------------


Enumerating Browser Helper Objects:

(no name) - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
(no name) - C:\PROGRA~1\SPYBOT~1\SDHelper.dll - {53707962-6F74-2D53-2644-206D7942484F}
(no name) - (no file) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897}
(no name) - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06}
(no name) - C:\Program Files\Java\jre6\bin\jp2ssv.dll - {DBC80044-A445-435b-BC74-9C25C1C588A9}
JQSIEStartDetectorImpl - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll - {E7E6F031-17CE-4C07-BC86-EABFE594F69C}

--------------------------------------------------

Enumerating Task Scheduler jobs:

Ad-Aware Update (Weekly).job
GoogleUpdateTaskUserS-1-5-21-1482476501-706699826-1060284298-1004Core.job
GoogleUpdateTaskUserS-1-5-21-1482476501-706699826-1060284298-1004UA.job
Spybot - Search & Destroy - Scheduled Task.job

--------------------------------------------------

Enumerating Download Program Files:

[Symantec AntiVirus scanner]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\avsniff.dll
CODEBASE = http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab

[Microsoft Data Collection Control]
InProcServer32 = C:\WINDOWS\System32\odc.dll
CODEBASE = https://support.microsoft.com/OAS/ActiveX/odc.cab

[{30528230-99f7-4bb4-88d8-fa1d4f56a2ab}]

[Office Update Installation Engine]
InProcServer32 = C:\WINDOWS\opuc.dll
CODEBASE = http://office.microsoft.com/officeupdate/content/opuc3.cab

[YVidCapture Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\YVidCapCtrl.dll
CODEBASE = http://ybcontent.bcst.yahoo.com/yvidcap/ie/v1.0.0.4/YVidCapCtrl.cab

[WUWebControl Class]
InProcServer32 = C:\WINDOWS\system32\wuweb.dll
CODEBASE = http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1135223016347

[Symantec RuFSI Utility Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\rufsi.dll
CODEBASE = http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab

[Symantec Download Manager]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\symdlmgr.dll
CODEBASE = https://webdl.symantec.com/activex/symdlmgr.cab

[MUWebControl Class]
InProcServer32 = C:\WINDOWS\system32\muweb.dll
CODEBASE = http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1160933731285

[{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}]
CODEBASE = http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab

[{9F1C11AA-197B-4942-BA54-47A8489BB47F}]
CODEBASE = http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37887.360162037

[{CE28D5D2-60CF-4C7D-9FE8-0F47A3308078}]
CODEBASE = http://www.symantec.com/techsupp/asa/SymAData.cab

[get_atlcom Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\gp.ocx
CODEBASE = http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab

[Shockwave Flash Object]
InProcServer32 = C:\WINDOWS\system32\Macromed\Flash\Flash10l.ocx
CODEBASE = http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

[{E06E2E99-0AA1-11D4-ABA6-0060082AA75C}]

[MSN Chat Control 4.5]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\MSNChat45.ocx
CODEBASE = http://chat.msn.com/bin/msnchat45.cab

--------------------------------------------------

Enumerating Winsock LSP files:

NameSpace #4: C:\Program Files\Bonjour\mdnsNSP.dll

--------------------------------------------------

Enumerating ShellServiceObjectDelayLoad items:

PostBootReminder: C:\WINDOWS\system32\SHELL32.dll
CDBurn: C:\WINDOWS\system32\SHELL32.dll
WebCheck: C:\WINDOWS\system32\webcheck.dll
SysTray: C:\WINDOWS\System32\stobject.dll

--------------------------------------------------
End of report, 8,759 bytes
Report generated in 0.952 seconds

Command line options:
/verbose - to add additional info on each section
/complete - to include empty sections and unsuspicious data
/full - to include several rarely-important sections
/force9x - to include Win9x-only startups even if running on WinNT
/forcent - to include WinNT-only startups even if running on Win9x
/forceall - to include all Win9x and WinNT startups, regardless of platform
/history - to list version history only

BC AdBot (Login to Remove)

 


#2 BobSuruncle3

BobSuruncle3
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:09:17 PM

Posted 02 April 2011 - 10:36 AM

Can anyone please help?

I pasted the DDS.txt and attach.txt logs below

.
DDS (Ver_11-03-05.01) - NTFSx86
Run by My Computer at 5:02:02.27 on Sat 04/02/2011
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_24
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.511.186 [GMT -7:00]
.
AV: Lavasoft Ad-Watch Live! Anti-Virus *Enabled/Updated* {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33}
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: System Shield *Disabled/Outdated* {2565CEEE-6BDB-4A6D-AD6D-F682F2695014}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe
C:\Program Files\Compact Wireless-G USB Network Adapter with SpeedBooster\WLService.exe
C:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe
C:\Program Files\Pure Networks\Network Magic\nmapp.exe
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe
C:\Program Files\iolo\System Mechanic Professional\System Shield\ioloSSTray.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Windows Defender\MsMpEng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Documents and Settings\My Computer\My Documents\Downloads\Defogger.exe
C:\Documents and Settings\My Computer\My Documents\Downloads\dds(5).scr
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uSearch Bar = hxxp://us.rd.yahoo.com/customize/ycomp/defaults/sb/*http://www.yahoo.com/search/ie.html
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = <local>;*.local
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - No File
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Easy-WebPrint: {327c2873-e90d-4c37-aa9d-10ac9baba46c} - c:\program files\canon\easy-webprint\Toolband.dll
TB: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - No File
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
TB: {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No File
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
TB: {C4069E3A-68F1-403E-B40E-20066696354B} - No File
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
EB: {4528BBE0-4E08-11D5-AD55-00010333D0AD} - No File
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [nwiz] nwiz.exe /install
mRun: [SSBkgdUpdate] "c:\program files\common files\scansoft shared\ssbkgdupdate\SSBkgdupdate.exe" -Embedding -boot
mRun: [nmapp] "c:\program files\pure networks\network magic\nmapp.exe" -autorun -nosplash
mRun: [OpwareSE2] "c:\program files\scansoft\omnipagese2.0\OpwareSE2.exe"
mRun: [nmctxth] "c:\program files\common files\pure networks shared\platform\nmctxth.exe"
mRun: [OpwareSE4] "c:\program files\scansoft\omnipagese4.0\OpwareSE4.exe"
mRun: [REGSHAVE] c:\program files\regshave\REGSHAVE.EXE /AUTORUN
mRun: [dvd43] c:\program files\dvd43\dvd43_tray.exe
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
mRun: [Windows Defender] "c:\program files\windows defender\MSASCui.exe" -hide
IE: &Yahoo! Search
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office10\EXCEL.EXE/3000
IE: Easy-WebPrint Add To Print List - c:\program files\canon\easy-webprint\Resource.dll/RC_AddToList.html
IE: Easy-WebPrint High Speed Print - c:\program files\canon\easy-webprint\Resource.dll/RC_HSPrint.html
IE: Easy-WebPrint Preview - c:\program files\canon\easy-webprint\Resource.dll/RC_Preview.html
IE: Easy-WebPrint Print - c:\program files\canon\easy-webprint\Resource.dll/RC_Print.html
IE: Yahoo! &Dictionary
IE: Yahoo! &Maps
IE: Yahoo! &SMS
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897}
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
LSP: c:\windows\system32\iavlsp.dll
Trusted Zone: intuit.com
Trusted Zone: intuit.com\ttlc
DPF: DirectAnimation Java Classes - file://c:\windows\java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} - hxxp://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
DPF: {2ED9BC2B-4DF1-472E-9B5E-55477D2C97F5} - hxxps://support.microsoft.com/OAS/ActiveX/odc.cab
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab}
DPF: {33564D57-9980-0010-8000-00AA00389B71} - hxxp://codecs.microsoft.com/codecs/i386/wmv9dmo.cab
DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} - hxxp://office.microsoft.com/officeupdate/content/opuc3.cab
DPF: {4E8C3231-1C78-412F-8F0F-056210BA5C14} - hxxp://ybcontent.bcst.yahoo.com/yvidcap/ie/v1.0.0.4/YVidCapCtrl.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1135223016347
DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} - hxxp://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} - hxxps://webdl.symantec.com/activex/symdlmgr.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1160933731285
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} - hxxp://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37887.360162037
DPF: {CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} - hxxp://www.symantec.com/techsupp/asa/SymAData.cab
DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} - hxxp://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C}
DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} - hxxp://chat.msn.com/bin/msnchat45.cab
Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - c:\program files\common files\pure networks shared\platform\puresp4.dll
Notify: AtiExtEvent - Ati2evxx.dll
SEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - c:\progra~1\window~4\MpShHook.dll
LSA: Notification Packages = :\windows\system32\srr
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\docume~1\mycomp~1\applic~1\mozilla\firefox\profiles\pdqza1sw.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - www.google.com
FF - plugin: c:\documents and settings\my computer\local settings\application data\google\update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npbyond.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Flashblock: {3d7eb24f-2740-49df-8937-200b1cc08f8a} - %profile%\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff
FF - Ext: avast! WebRep: wrc@avast.com - c:\program files\avast software\avast\webrep\FF
.
============= SERVICES / DRIVERS ===============
.
.
=============== File Associations ===============
.
JSEFile=NOTEPAD.EXE %1
regfile=NOTEPAD.EXE %1
VBEFile=NOTEPAD.EXE %1
VBSFile=NOTEPAD.EXE %1
.txt=TXT_File
.
=============== Created Last 30 ================
.
2011-04-02 11:23:41 2321288 ----a-w- c:\docume~1\alluse~1\applic~1\microsoft\windows defender\definition updates\backup\mpengine.dll
2011-04-02 11:23:31 6792528 ----a-w- c:\docume~1\alluse~1\applic~1\microsoft\windows defender\definition updates\{d72c1c86-ef15-4afc-bebf-442d911625b4}\mpengine.dll
2011-04-02 11:23:29 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-04-02 03:43:31 -------- d-sh--w- C:\found.000
2011-03-31 07:48:37 -------- d-----w- c:\windows\system32\wbem\repository\FS
2011-03-31 07:48:37 -------- d-----w- c:\windows\system32\wbem\Repository
2011-03-31 07:44:57 -------- d-----w- c:\program files\common files\Authentium
2011-03-31 07:44:31 -------- d-----w- c:\program files\iolo
2011-03-31 07:44:09 -------- d--h--w- c:\docume~1\alluse~1\applic~1\{8790345A-AF70-4319-B9E7-AAA25C6DCD42}
2011-03-31 07:10:26 -------- d-----w- c:\docume~1\mycomp~1\locals~1\applic~1\Sunbelt Software
2011-03-31 07:06:48 -------- d-----w- c:\docume~1\alluse~1\applic~1\AVAST Software
2011-03-30 21:55:47 850938 ---ha-w- c:\docume~1\alluse~1\applic~1\dvdshrink317setup.exe2
2011-03-30 21:55:47 850938 ---ha-w- c:\docume~1\alluse~1\applic~1\dvdshrink317setup.exe
2011-03-30 20:28:39 -------- d-----w- c:\docume~1\alluse~1\applic~1\Trend Micro
2011-03-27 00:45:31 16432 ----a-w- c:\windows\system32\lsdelete.exe
2011-03-26 22:28:11 64512 ----a-w- c:\windows\system32\drivers\Lbd.sys
2011-03-26 22:27:00 98392 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2011-03-26 18:17:50 66485 ----a-w- C:\msiexec.exe
2011-03-26 15:46:30 -------- d-----w- c:\windows\system32\XPSViewer
2011-03-26 14:50:15 -------- d-----w- c:\program files\DOT NET CLEANUP TOOL
2011-03-26 14:35:20 -------- d-----w- c:\program files\DOT NET VERIFICATION TOOL
2011-03-25 20:36:02 388096 ----a-r- c:\docume~1\mycomp~1\applic~1\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2011-03-25 20:35:49 -------- d-----w- c:\program files\Trend Micro
2011-03-24 22:14:41 371544 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-03-24 22:13:39 40648 ----a-w- c:\windows\avastSS.scr
2011-03-24 22:13:14 -------- d-----w- c:\program files\AVAST Software
2011-03-21 03:21:53 -------- d-----w- c:\program files\iTunes
2011-03-12 05:02:09 714752 ----a-w- c:\windows\system32\websnap61.bpl
2011-03-10 17:07:20 -------- d-----w- c:\docume~1\alluse~1\applic~1\CSActApp
2011-03-10 17:07:08 472064 ----a-w- c:\windows\system32\imgForm.DLL
2011-03-10 17:07:05 92672 ----a-w- c:\windows\system32\drivers\Fx2Cam64P2.sys
2011-03-10 17:07:05 82560 ----a-w- c:\windows\system32\drivers\Fx2CamP2.sys
2011-03-10 17:07:05 82560 ----a-w- c:\windows\system32\drivers\Fx2Cam.sys
2011-03-10 17:07:05 54908 ----a-w- c:\windows\system32\drivers\Fx2CamP2.bin
2011-03-10 17:07:05 54908 ----a-w- c:\windows\system32\drivers\Fx2Cam.bin
2011-03-10 17:06:56 -------- d-----w- c:\program files\Card Scanning Solutions
2011-03-10 17:02:20 294912 ----a-w- c:\windows\system32\DynamicTwainCtrl.dll
2011-03-09 17:34:34 -------- d-----w- c:\program files\MSDN
2011-03-09 07:08:54 -------- d-----w- c:\windows\system32\js
2011-03-09 07:08:54 -------- d-----w- c:\windows\system32\images
2011-03-09 07:08:54 -------- d-----w- c:\windows\system32\html
2011-03-09 07:08:54 -------- d-----w- c:\windows\system32\css
2011-03-09 07:08:54 -------- d-----w- c:\program files\Business Objects
2011-03-09 07:07:49 -------- d-----w- c:\program files\Microsoft Device Emulator
2011-03-09 07:05:58 -------- d-----w- c:\program files\Windows Mobile 5.0 SDK R2
2011-03-09 06:59:50 18368 ----a-w- c:\docume~1\alluse~1\applic~1\microsoft\vsa\9.0\1033\ResourceCache.dll
2011-03-09 06:59:44 1680128 ----a-w- c:\docume~1\alluse~1\applic~1\microsoft\visualstudio\9.0\1033\ResourceCache.dll
2011-03-09 06:50:41 -------- d-----w- c:\docume~1\alluse~1\applic~1\PreEmptive Solutions
2011-03-09 06:17:52 -------- d-----w- c:\program files\CE Remote Tools
2011-03-09 06:03:59 -------- d-----w- c:\program files\Microsoft Web Designer Tools
2011-03-09 05:59:52 97296 ----a-w- c:\program files\common files\microsoft shared\help 9\microsoft document explorer 2008\install.res.1036.dll
2011-03-09 05:59:52 96272 ----a-w- c:\program files\common files\microsoft shared\help 9\microsoft document explorer 2008\install.res.3082.dll
2011-03-09 05:59:52 96272 ----a-w- c:\program files\common files\microsoft shared\help 9\microsoft document explorer 2008\install.res.1031.dll
2011-03-09 05:59:52 95248 ----a-w- c:\program files\common files\microsoft shared\help 9\microsoft document explorer 2008\install.res.1040.dll
2011-03-09 05:59:52 91152 ----a-w- c:\program files\common files\microsoft shared\help 9\microsoft document explorer 2008\install.res.1033.dll
2011-03-09 05:59:52 81424 ----a-w- c:\program files\common files\microsoft shared\help 9\microsoft document explorer 2008\install.res.1041.dll
2011-03-09 05:59:52 79888 ----a-w- c:\program files\common files\microsoft shared\help 9\microsoft document explorer 2008\install.res.1042.dll
2011-03-09 05:59:52 76304 ----a-w- c:\program files\common files\microsoft shared\help 9\microsoft document explorer 2008\install.res.1028.dll
2011-03-09 05:59:52 75792 ----a-w- c:\program files\common files\microsoft shared\help 9\microsoft document explorer 2008\install.res.2052.dll
2011-03-09 05:59:52 562688 ----a-w- c:\program files\common files\microsoft shared\help 9\microsoft document explorer 2008\install.exe
2011-03-09 04:30:03 -------- d-----w- c:\docume~1\mycomp~1\locals~1\applic~1\ApplicationHistory
2011-03-09 03:36:31 -------- d-----w- c:\program files\HTML Help Workshop
2011-03-09 03:36:31 -------- d-----w- c:\program files\common files\Merge Modules
2011-03-09 03:36:30 -------- d-----w- c:\program files\Microsoft ACT
2011-03-09 03:36:30 -------- d-----w- c:\program files\common files\Crystal Decisions
2011-03-08 05:05:19 -------- d-----w- c:\docume~1\mycomp~1\locals~1\applic~1\Microsoft_Corporation
2011-03-08 02:28:03 344064 ----a-w- c:\windows\system32\msvcr70.dll
2011-03-08 02:28:02 5752320 ----a-w- c:\windows\system32\BCGCBPRO103090.dll
2011-03-08 02:28:01 4419584 ----a-w- c:\windows\system32\BCGCBPRO10180.dll
2011-03-08 02:28:00 73728 ----a-w- c:\windows\system32\RWUXThemeS.dll
2011-03-08 02:28:00 290904 ----a-w- c:\windows\system32\vc6-re200l.dll
2011-03-07 16:21:30 47456 ----a-w- c:\windows\system32\perf-MSSQL10_50.SQLEXPRESS-sqlagtctr.dll
2011-03-07 16:20:30 73568 ----a-w- c:\windows\system32\perf-MSSQL$SQLEXPRESS-sqlctr10.50.1600.1.dll
2011-03-07 16:19:43 348256 ----a-w- c:\docume~1\alluse~1\applic~1\microsoft\vstahost\ssis_scriptcomponent\9.0\1033\ResourceCache.dll
2011-03-07 16:18:27 348256 ----a-w- c:\docume~1\alluse~1\applic~1\microsoft\vstahost\ssis_scripttask\9.0\1033\ResourceCache.dll
2011-03-07 16:14:27 -------- d-----w- c:\windows\system32\RsFx
2011-03-07 16:07:39 416 ----a-w- c:\docume~1\alluse~1\applic~1\microsoft\msdn\9.0\1033\ResourceCache.dll
2011-03-07 16:07:17 -------- d-----w- c:\docume~1\mycomp~1\locals~1\applic~1\Microsoft Help
2011-03-07 16:03:37 -------- d-----w- c:\program files\Microsoft Synchronization Services
2011-03-07 16:02:49 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2011-03-07 15:28:41 -------- d-----w- c:\program files\Microsoft SQL Server
2011-03-05 02:03:50 51200 ----a-w- c:\windows\system32\drivers\ser2pl.sys
2011-03-04 03:40:04 17024 -c--a-w- c:\windows\system32\dllcache\usbohci.sys
2011-03-04 03:40:04 17024 ----a-w- c:\windows\system32\drivers\usbohci.sys
.
==================== Find3M ====================
.
2011-03-03 06:00:24 249856 ------w- c:\windows\Setup1.exe
2011-03-03 06:00:19 73216 ----a-w- c:\windows\ST6UNST.EXE
2011-02-18 23:36:58 4184352 ----a-w- c:\windows\system32\usbaaplrc.dll
2011-02-03 05:40:23 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-02-03 03:19:39 73728 ----a-w- c:\windows\system32\javacpl.cpl
.
============= FINISH: 5:05:59.55 ===============

Please help!!!! PLEASE!
attach.txt log below:

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_11-03-05.01)
.
Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume1
Install Date: 3/1/2003 7:41:51 AM
System Uptime: 4/2/2011 3:45:22 AM (2 hours ago)
.
Motherboard: ASUSTeK Computer INC. | | A7V266-E
Processor: AMD Athlon™ XP2000+ | SOCKET A | 1261/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 75 GiB total, 3.79 GiB free.
D: is FIXED (NTFS) - 75 GiB total, 24.649 GiB free.
F: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP1412: 3/22/2011 10:15:48 PM - Restore Operation
RP1413: 3/22/2011 10:26:41 PM - Software Distribution Service 3.0
RP1414: 3/23/2011 1:00:17 AM - Software Distribution Service 3.0
RP1415: 3/23/2011 10:22:50 AM - Software Distribution Service 3.0
RP1416: 3/24/2011 1:02:13 AM - Software Distribution Service 3.0
RP1417: 3/24/2011 3:13:14 PM - avast! Free Antivirus Setup
RP1418: 3/25/2011 1:00:39 AM - Software Distribution Service 3.0
RP1419: 3/25/2011 6:41:38 AM - Installed TurboTax 2010 wrapper
RP1420: 3/25/2011 1:35:33 PM - Installed HiJackThis
RP1421: 3/25/2011 8:49:28 PM - Installed TurboTax 2010 wrapper
RP1422: 3/25/2011 10:24:09 PM - Software Distribution Service 3.0
RP1423: 3/25/2011 10:35:25 PM - Software Distribution Service 3.0
RP1424: 3/28/2011 3:44:16 AM - System Checkpoint
RP1425: 3/30/2011 12:44:33 AM - avast! Free Antivirus Setup
RP1426: 3/30/2011 11:44:37 PM - Restore Operation
RP1427: 3/31/2011 12:34:51 AM - Restore Operation
RP1428: 3/31/2011 12:36:29 AM - Restore Operation
RP1429: 4/1/2011 10:37:33 PM - System Checkpoint
RP1430: 4/2/2011 1:00:35 AM - Software Distribution Service 3.0
RP1431: 4/2/2011 4:16:29 AM - Installed Windows Defender
RP1432: 4/2/2011 4:21:01 AM - Software Distribution Service 3.0
.
==== Installed Programs ======================
.
Ad-Aware
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Apple Application Support
Apple Mobile Device Support
Apple Software Update
avast! Free Antivirus
AVR Jungo USB
AVRStudio4
AVSDK5
Beyond Compare Version 2.2.3
Bonjour
Borland Delphi 6
Compatibility Pack for the 2007 Office system
Crystal Reports Basic for Visual Studio 2008
DVD Shrink 3.2
DVD43 Plug-in v1.0.0.5
DVD43 v4.6.0
FileOpenPatcher
FTDI USB Serial Converter Drivers
Google Chrome
HiJackThis
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946040)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946308)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946344)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947540)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789)
Hotfix for Microsoft Visual Studio 2008 Professional Edition - ENU (KB971091)
Hotfix for Microsoft Visual Studio 2008 Professional Edition - ENU (KB973674)
Hotfix for Windows XP (KB942288-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
InterBase
iolo technologies' System Mechanic Professional
iTunes
Java Auto Updater
Java™ 6 Update 24
Malwarebytes' Anti-Malware
MICRImage_Demo
Microsoft .NET Compact Framework 2.0 SP2
Microsoft .NET Compact Framework 3.5
Microsoft .NET Framework 2.0 Service Pack 1
Microsoft .NET Framework 3.0 Service Pack 1
Microsoft .NET Framework 3.5
Microsoft Application Error Reporting
Microsoft Device Emulator version 3.0 - ENU
Microsoft Document Explorer 2008
Microsoft FrontPage Client - English
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2)
Microsoft Office Visual Web Developer 2007
Microsoft Office Visual Web Developer MUI (English) 2007
Microsoft Office XP Small Business
Microsoft Report Viewer Redistributable 2008 (KB971119)
Microsoft Report Viewer Redistributable 2008 SP1
Microsoft SQL Server 2008 R2
Microsoft SQL Server 2008 R2 Native Client
Microsoft SQL Server 2008 R2 Policies
Microsoft SQL Server 2008 R2 RsFx Driver
Microsoft SQL Server 2008 R2 Setup (English)
Microsoft SQL Server 2008 Setup Support Files
Microsoft SQL Server Browser
Microsoft SQL Server Compact 3.5 Design Tools ENU
Microsoft SQL Server Compact 3.5 for Devices ENU
Microsoft SQL Server Compact 3.5 SP2 ENU
Microsoft SQL Server Compact 3.5 SP2 Query Tools ENU
Microsoft SQL Server Database Publishing Wizard 1.2
Microsoft SQL Server VSS Writer
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual J# .NET Redistributable Package 1.1
Microsoft Visual Studio .NET Enterprise Architect 2003 - English
Microsoft Visual Studio 2005 Tools for Office Runtime
Microsoft Visual Studio 2008 Professional Edition - ENU
Microsoft Visual Studio Tools for Applications 2.0 - ENU
Microsoft Visual Studio Web Authoring Component
Microsoft Windows SDK for Visual Studio 2008 .NET Framework Tools
Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries
Microsoft Windows SDK for Visual Studio 2008 SDK Reference Assemblies and IntelliSense
Microsoft Windows SDK for Visual Studio 2008 Tools
Microsoft Windows SDK for Visual Studio 2008 Win32 Tools
MobileMe Control Panel
Mozilla Firefox (3.6.15)
MSDN Library for Visual Studio .NET 2003
MSXML 4.0 SP2 (KB973688)
MSXML 6 Service Pack 2 (KB973686)
MySQL Servers and Clients 4.0.17
MySQLDAC Full
PL-2303 USB-to-Serial
QuickTime
ScanShell.Net
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2289158)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player (KB979402)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB976325)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB981350)
Security Update for Windows XP (KB982381)
Spybot - Search & Destroy
SQL Server 2008 R2 Common Files
SQL Server 2008 R2 Database Engine Services
SQL Server 2008 R2 Database Engine Shared
SQL Server 2008 R2 Management Studio
Sql Server Customer Experience Improvement Program
TurboTax 2009
TurboTax 2009 WinPerFedFormset
TurboTax 2009 WinPerReleaseEngine
TurboTax 2009 WinPerTaxSupport
TurboTax 2009 wokiper
TurboTax 2009 wrapper
TurboTax 2010
TurboTax 2010 WinPerFedFormset
TurboTax 2010 WinPerReleaseEngine
TurboTax 2010 WinPerTaxSupport
TurboTax 2010 wrapper
Update for 2007 Microsoft Office System (KB2284654)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Visual Studio 2008 Professional Edition - ENU (KB972221)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB982632)
Update for Windows XP (KB955759)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB978207)
Update for Windows XP (KB980182)
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
Visual Studio .NET Enterprise Architect 2003 - English
Visual Studio 2005 Tools for Office Second Edition Runtime
Visual Studio Tools for the Office system 3.0 Runtime
Visual Studio.NET Baseline - English
WinAVR 20100110 (remove only)
Windows Defender
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 8
Windows Mobile 5.0 SDK R2 for Pocket PC
Windows Mobile 5.0 SDK R2 for Smartphone
Windows PowerShell™ 1.0
WinZip 14.5
.
==== Event Viewer Messages From Past Week ========
.
4/2/2011 1:07:37 AM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft XML Core Services 6.0 Service Pack 2 (KB954459).
4/1/2011 8:14:47 PM, error: Service Control Manager [7034] - The Terminal Services service terminated unexpectedly. It has done this 1 time(s).
4/1/2011 8:14:47 PM, error: Service Control Manager [7031] - The DCOM Server Process Launcher service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Reboot the machine.
4/1/2011 8:14:29 PM, error: Service Control Manager [7031] - The WUSB54GSCSVC service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
4/1/2011 8:14:19 PM, error: Service Control Manager [7034] - The Application Layer Gateway Service service terminated unexpectedly. It has done this 1 time(s).
4/1/2011 8:02:08 PM, error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: This operation returned because the timeout period expired.
4/1/2011 8:02:07 PM, error: Service Control Manager [7022] - The Intuit Update Service service hung on starting.
4/1/2011 7:28:19 PM, error: NtServicePack [4373] - Windows XP KB914882 installation failed.
An internal error occurred.
4/1/2011 7:25:10 PM, error: NtServicePack [4373] - Windows XP KB914882 installation failed.
An internal error occurred.
4/1/2011 7:12:29 PM, error: Service Control Manager [7034] - The DNS Client service terminated unexpectedly. It has done this 1 time(s).
3/31/2011 12:56:23 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: aswSnx
3/31/2011 12:55:59 AM, error: Service Control Manager [7022] - The avast! Antivirus service hung on starting.
3/31/2011 12:55:59 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Lavasoft Ad-Aware Service service to connect.
3/31/2011 12:55:59 AM, error: Service Control Manager [7000] - The Lavasoft Ad-Aware Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
3/31/2011 12:55:59 AM, error: Service Control Manager [7000] - The AMPSE service failed to start due to the following error: The system cannot find the file specified.
3/30/2011 3:04:19 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
3/30/2011 3:04:18 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AmdK7 Fips
3/30/2011 2:23:55 PM, error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume C:.
3/30/2011 12:19:42 PM, error: Service Control Manager [7003] - The iolo System Service service depends on the following nonexistent service: vseamps
3/30/2011 12:19:42 PM, error: Service Control Manager [7000] - The iolo FileInfoList Service service failed to start due to the following error: The system cannot find the file specified.
3/30/2011 12:01:33 PM, error: Service Control Manager [7034] - The iolo FileInfoList Service service terminated unexpectedly. It has done this 1 time(s).
3/30/2011 1:30:59 AM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the Dnscache service.
3/30/2011 1:28:41 PM, error: SideBySide [59] - Resolve Partial Assembly failed for Microsoft.VC80.MFC. Reference error message: The referenced assembly is not installed on your system. .
3/30/2011 1:28:41 PM, error: SideBySide [59] - Generate Activation Context failed for C:\WINDOWS\Temp\TrendMicro_TIMAX_en-US_32-bit[1]\Vizor32\VizorUniclientLibrary.dll. Reference error message: The operation completed successfully. .
3/30/2011 1:28:41 PM, error: SideBySide [32] - Dependent Assembly Microsoft.VC80.MFC could not be found and Last Error was The referenced assembly is not installed on your system.
3/29/2011 2:38:15 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Apple Mobile Device service to connect.
3/29/2011 2:38:15 AM, error: Service Control Manager [7000] - The Apple Mobile Device service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
3/29/2011 2:32:20 AM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
3/29/2011 2:02:12 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the HTTP SSL service to connect.
3/29/2011 2:02:12 AM, error: Service Control Manager [7000] - The HTTP SSL service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
3/29/2011 11:06:01 PM, error: Service Control Manager [7000] - The Upload Manager service failed to start due to the following error: The account specified for this service is different from the account specified for other services running in the same process.
3/29/2011 10:56:58 PM, error: Service Control Manager [7031] - The Lavasoft Ad-Aware Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
3/29/2011 10:56:58 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
3/29/2011 10:52:52 PM, error: Disk [11] - The driver detected a controller error on \Device\Harddisk0\D.
3/29/2011 10:31:29 AM, error: Service Control Manager [7000] - The IMAPI CD-Burning COM Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
3/29/2011 10:31:28 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the IMAPI CD-Burning COM Service service to connect.
3/29/2011 10:30:08 AM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the W32Time service.
3/29/2011 10:30:08 AM, error: Service Control Manager [7000] - The Windows Time service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
3/28/2011 10:53:45 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
3/28/2011 10:52:08 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Aavmker4 AmdK7 aswSnx aswSP aswTdi FileDisk Fips
.
==== End Of File ===========================

#3 oneof4

oneof4

  • Malware Response Team
  • 3,779 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Collective
  • Local time:10:17 PM

Posted 06 April 2011 - 07:12 AM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

Please take note:

  • If you have since resolved the original problem you were having, we would appreciate you letting us know.
  • If you are unable to create a log because your computer cannot start up successfully please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • If you are unable to perform the steps we have recommended please try one more time and if unsuccessful alert us of such and we will design an alternate means of obtaining the necessary information.
  • If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • Upon completing the steps below another staff member will review your topic and do their best to resolve your issues.
  • If you have already posted a DDS log, please do so again, as your situation may have changed.
  • Use the 'Add Reply' and add the new log to this thread.

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from one of the following links if you no longer have it available. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE


We also need a new log from the GMER anti-rootkit Scanner.

Please note that if you are running a 64-bit version of Windows you will not be able to run GMER and you may skip this step.

Please first disable any CD emulation programs using the steps found in this topic:

Why we request you disable CD Emulation when receiving Malware Removal Advice


Then create another GMER log and post it as an attachment to the reply where you post your new DDS log. Instructions on how to properly create a GMER log can be found here:

How to create a GMER log



Thanks and again sorry for the delay.

Best Regards,
oneof4.


#4 oneof4

oneof4

  • Malware Response Team
  • 3,779 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Collective
  • Local time:10:17 PM

Posted 12 April 2011 - 03:21 PM

Do you still need help?

Best Regards,
oneof4.


#5 Blade

Blade

    Strong in the Bleepforce


  • Site Admin
  • 12,702 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:US
  • Local time:10:17 PM

Posted 18 April 2011 - 07:59 PM

Due to the lack of feedback, this topic is now closed.In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days. Please include a link to your topic in the Private Message. Thank you.

Posted Image

If I am helping you, it has been 48 hours since your last post, and I have yet to reply to your topic, please send me a PM
Become a BleepingComputer fan: Facebook
Follow us on Twitter!
Circle us on Google+





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users