Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Icons & Programs Open as Properties Keyboard acts as if the alt key is pressed


  • Please log in to reply
5 replies to this topic

#1 SoSassy

SoSassy

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Yorkshire UK
  • Local time:11:55 AM

Posted 10 May 2012 - 09:30 AM

Hi there

I'm having a problem which is strangely affecting both my laptop and my PC. Both run on XP Pro SP3.

The desktop Icons & Programs open as properties unless I right click, then click open, plus the keyboard acts as if the alt key is pressed and either some keys don't work, or just type alternatives, such as accents etc.

The PC was unable to carry out a system restore, as the "next" buttons couldn't be operated. However, after a couple of restarts, it did then appear to be normal and I carried out a restore going back to the 1st April which is as far as I can go back. Unfortunately, this didn't work. It did however make a difference to the laptop. it is now usable, but if I leave it running unused, it reverts back to its old tricks.

I saw that someone else on here had a similar problem and have followed the procedure as directed on this link http://www.bleepingcomputer.com/forums/topic413307.html/page__st__15

Obviously I can't post them on here from the PC, but I can copy them to an external drive hopefully and then post them from the laptop. My problem is, I'm worried that if it is a virus, will it transfer?

I'm at a loss as to how this has affected both machines, but if its any help, I had recently used Ccleaner on both. However, I hadn't messed with any of the check boxes, so would have been as normal, but the program had just been updated on both. Is this a likely cause?

FYI, I run Avast free on the Sony Vaio laptop and Eset Smart security on the Dell PC. Both have scanned and shown nothing.

I have downloaded Sophos virus removal tool, but still nothing.

In addition to the list of instructions provided in the above thread, I have updated and run the following in safe mode on both machines and come up with nothing:
Spybot
Superantispyware
Malwarebytes
Dr Web Cureit
AFT cleaner.

I've been searching for ideas and found a number of forums suggested this - Start--Run and type in: regsvr32 /i shell32 I thought doing this had worked initially as the PC ran as normal, but again only for a couple of minutes then reverted back to normal.

After carrying out the process in the above thread, I have saved all the logs, in addition to the list run in safe mode and also have now run a Hijackthis report.

all can be posted if it helps, as they don't mean much to the untrained eye such as mine.

One other thing, since this has been happening, on 3 occasions whilst running some form of scan, the PC has crashed and thrown a Blue Screen saying windows had to close.

Not sure if any of this is related, but last year my PC was running really slow and then crashed. A friend looked at it and appeared to get it running again, but the CD/DVD burner no longer worked. So I can't burn from itunes or WMP. I was advised to try CDburner, which does work most times, but its not ideal and I just wonder if I have some hidden virus in my system.
However, the CD burner is the least of my issues and probably needs to be in a seperate thread, so won't rabbit on about that.

Phew, I hope there is enough meat for someone to chew at here as I'm climbing the walls trying to resolve this problem.

I'm feeling either a full reinstallation or nervous breakdown coming on very shortly, in fact, it may be both if I have to start from scratch!

Thanks for reading this, but I hope its not sent you to sleep and desperately hope someone can throw some light on the dismall situation.

Cheers and Pip Pip

Annie
Edit: I forgot to say, I've recently noticed that whenever I carry out a search, the top of the list is always traffic.adwitty.com
I've never seen this untill the past couple of weeks and downright annoying, but I can assume there is some spyware attached to this which isn't showing up in my scans!

Edited by SoSassy, 10 May 2012 - 11:16 AM.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:55 AM

Posted 12 May 2012 - 12:56 AM

This doesnt look like a malware issue.Did you try an external keyboard to see if you can launch applications?

Edited by narenxp, 12 May 2012 - 12:56 AM.


#3 SoSassy

SoSassy
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Yorkshire UK
  • Local time:11:55 AM

Posted 12 May 2012 - 04:41 AM

Hi narenxp

Yes I did try an external keyboard on the PC as its using a MS keyboard and mouse with intellitype software.
but not on the laptop.

Its strange how both were affected by the same problem within hours of each other and the only thing I can think that I did to both, was run Ccleaner as normal weekly routine.

AS mentioned, the laptop appears to be running ok unless I leave it stood, but the PC is completely unusable, which is a bit of a mare.

Any other ideas would be SO very gratefully received, as I would really rather not have to reinstall if possible.

Thanks for your comments.

Regards

Annie

#4 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:08:55 PM

Posted 12 May 2012 - 05:26 AM

Hello -
Could you please type or copy / paste traffic.adwitty.com into GOOGLE search -
The results that I am getting are actually very strange to me -

I actually do think that you must have a minor problem (Maybe infection related)
Do you always update your Malwarbytes and your Avast Antivirus most days ? ?
Please update and run Malwarebytes and post a log ONLY if it finds anything -
Next -
Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
•Flush DNS
•Report IE Proxy Settings
•Reset IE Proxy Settings
•Report FF Proxy Settings
•Reset FF Proxy Settings
•List content of Hosts
•List IP configuration
•List last 10 Event Viewer log
•List Installed Programs
•List Users, Partitions and Memory size.
•List Minidump Files

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
Finally -
Also run (http://www.f-secure.com/en/web/labs_global/removal/online-scanner)
F-Secure online scanner, and see if there is a result (this will take a while)
Only post a log if there is a result -

Thank You -

Edited by noknojon, 12 May 2012 - 05:29 AM.


#5 Guest_Xircal_*

Guest_Xircal_*

  • Guests
  • OFFLINE
  •  

Posted 12 May 2012 - 10:36 AM

Adwitty.com is a pay-per-click marketing company. If you're seeing that name above your searches, you might have a trojan installed which is hijacking your searches and redirecting them though proxies. These proxies will only display search results from companies which participate in pay-per-click schemes. Here's an example of one: Trojan:Win32/Sirefef.AB

Whether or not that has anything to do with the keyboard problems you have is hard to say, but generally speaking, if your system has been compromised, then the possibility exists that more malware can be installed by the existing rogue. That may lead to system instability in some form or another.

#6 SoSassy

SoSassy
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Yorkshire UK

Posted 14 May 2012 - 01:28 PM

Hi guys

I did wonder if it may be infected, but even SAS malwarebytes and Dr Web Cureit haven't shown anything at all. I always update my software, so the scans done previously were using upto date definitions etc.

This is the minitoolbox scan result, carried out checking all boxes as stated,

MiniToolBox by Farbar Version: 18-01-2012
Ran by AuthUser (administrator) on 14-05-2012 at 17:42:49
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================
Windows IP ConfigurationSuccessfully flushed the DNS Resolver Cache.
========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



127.0.0.1 localhost

========================= IP Configuration: ================================

Belkin N Wireless USB Adapter = Wireless Network Connection 2 (Connected)
Intel® PRO/1000 MT Network Connection = Local Area Connection (Media disconnected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=static addr=192.168.10.21 mask=255.255.255.0
set address name="Local Area Connection" gateway=192.168.1.1 gwmetric=0
set dns name="Local Area Connection" source=static addr=192.168.10.20 register=PRIMARY
set wins name="Local Area Connection" source=static addr=none

# Interface IP Configuration for "Wireless Network Connection 2"

set address name="Wireless Network Connection 2" source=dhcp
set dns name="Wireless Network Connection 2" source=dhcp register=PRIMARY
set wins name="Wireless Network Connection 2" source=dhcp


popd
# End of interface IP configuration


Windows IP Configuration Host Name . . . . . . . . . . . . : PC Primary Dns Suffix . . . . . . . : Node Type . . . . . . . . . . . . : Hybrid IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : NoEthernet adapter Local Area Connection: Media State . . . . . . . . . . . : Media disconnected Description . . . . . . . . . . . : Intel® PRO/1000 MT Network Connection Physical Address. . . . . . . . . : 00-11-43-01-BA-39Ethernet adapter Wireless Network Connection 2: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Belkin N Wireless USB Adapter Physical Address. . . . . . . . . : 94-44-52-28-5F-8A Dhcp Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes IP Address. . . . . . . . . . . . : 192.168.0.10 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 192.168.0.1 DHCP Server . . . . . . . . . . . : 192.168.0.1 DNS Servers . . . . . . . . . . . : 192.168.0.1 Lease Obtained. . . . . . . . . . : 14 May 2012 17:23:35 Lease Expires . . . . . . . . . . : 15 May 2012 17:23:35Server: www.routerlogin.com
Address: 192.168.0.1

Name: google.com
Addresses: 74.125.230.99, 74.125.230.100, 74.125.230.101, 74.125.230.102
74.125.230.103, 74.125.230.104, 74.125.230.105, 74.125.230.110, 74.125.230.96
74.125.230.97, 74.125.230.98

Pinging google.com [74.125.230.96] with 32 bytes of data:Reply from 74.125.230.96: bytes=32 time=28ms TTL=57Reply from 74.125.230.96: bytes=32 time=27ms TTL=57Ping statistics for 74.125.230.96: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 27ms, Maximum = 28ms, Average = 27msServer: www.routerlogin.com
Address: 192.168.0.1

Name: yahoo.com
Addresses: 72.30.38.140, 98.139.183.24, 209.191.122.70

Pinging yahoo.com [209.191.122.70] with 32 bytes of data:Reply from 209.191.122.70: bytes=32 time=149ms TTL=52Reply from 209.191.122.70: bytes=32 time=157ms TTL=52Ping statistics for 209.191.122.70: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 149ms, Maximum = 157ms, Average = 153msServer: www.routerlogin.com
Address: 192.168.0.1

Name: bleepingcomputer.com
Address: 208.43.87.2

Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:Reply from 208.43.87.2: Destination host unreachable.Reply from 208.43.87.2: Destination host unreachable.Ping statistics for 208.43.87.2: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0msPinging 127.0.0.1 with 32 bytes of data:Reply from 127.0.0.1: bytes=32 time<1ms TTL=64Reply from 127.0.0.1: bytes=32 time<1ms TTL=64Ping statistics for 127.0.0.1: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 11 43 01 ba 39 ...... Intel® PRO/1000 MT Network Connection - Packet Scheduler Miniport
0x10004 ...94 44 52 28 5f 8a ...... Belkin N Wireless USB Adapter - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.10 25
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.0.0 255.255.255.0 192.168.0.10 192.168.0.10 25
192.168.0.10 255.255.255.255 127.0.0.1 127.0.0.1 25
192.168.0.255 255.255.255.255 192.168.0.10 192.168.0.10 25
224.0.0.0 240.0.0.0 192.168.0.10 192.168.0.10 25
255.255.255.255 255.255.255.255 192.168.0.10 192.168.0.10 1
255.255.255.255 255.255.255.255 192.168.0.10 2 1
Default Gateway: 192.168.0.1
===========================================================================
Persistent Routes:
None

========================= Event log errors: ===============================

Application errors:
==================
Error: (05/10/2012 09:41:54 AM) (Source: Microsoft Office 11) (User: )
Description: Faulting application outlook.exe, version 11.0.8326.0, stamp 4c1c2372, faulting module msmapi32.dll, version 11.0.8323.0, stamp 4b7ea430, debug? 0, fault address 0x0002cfe5.

Error: (05/10/2012 09:25:50 AM) (Source: Application Error) (User: )
Description: Faulting application drwtsn32.exe, version 5.1.2600.0, faulting module dbghelp.dll, version 5.1.2600.5512, fault address 0x0001295d.
Processing media-specific event for [drwtsn32.exe!ws!]

Error: (05/10/2012 09:19:19 AM) (Source: Application Error) (User: )
Description: Faulting application mrt.exe, version 4.8.6201.0, faulting module mpengine.dll, version 1.1.8304.0, fault address 0x001d4081.
Processing media-specific event for [mrt.exe!ws!]

Error: (05/10/2012 03:19:54 AM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown

Error: (05/10/2012 01:28:15 AM) (Source: LoadPerf) (User: )
Description: The performance counter name string value in the registry is incorrectly
formatted. The bogus string is 16664, the bogus index value is the first
DWORD in Data section while the last valid index values are the second and
third DWORD in Data section.

Error: (05/10/2012 01:28:14 AM) (Source: LoadPerf) (User: )
Description: Unloading the performance counter strings for service aspnet_state (ASP.NET State Service) failed. The
Error code is the first DWORD in Data section.

Error: (05/10/2012 01:28:14 AM) (Source: LoadPerf) (User: )
Description: The performance counter name string value in the registry is incorrectly
formatted. The bogus string is 16664, the bogus index value is the first
DWORD in Data section while the last valid index values are the second and
third DWORD in Data section.

Error: (05/10/2012 01:28:10 AM) (Source: LoadPerf) (User: )
Description: Unloading the performance counter strings for service ASP.NET_2.0.50727 (ASP.NET_2.0.50727) failed. The
Error code is the first DWORD in Data section.

Error: (05/10/2012 01:28:10 AM) (Source: LoadPerf) (User: )
Description: The performance counter name string value in the registry is incorrectly
formatted. The bogus string is 16664, the bogus index value is the first
DWORD in Data section while the last valid index values are the second and
third DWORD in Data section.

Error: (05/10/2012 00:53:18 AM) (Source: LoadPerf) (User: )
Description: Unloading the performance counter strings for service MSDTC Bridge 4.0.0.0 (MSDTC Bridge 4.0.0.0) failed. The
Error code is the first DWORD in Data section.


System errors:
=============
Error: (05/14/2012 05:23:39 PM) (Source: Service Control Manager) (User: )
Description: The LogMeIn Kernel Information Provider service failed to start due to the following error:
%%2

Error: (05/14/2012 05:19:01 PM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for a transaction response from the Belkin Wifi Service service.

Error: (05/14/2012 05:18:31 PM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for a transaction response from the Belkin Wifi Service service.

Error: (05/14/2012 05:18:01 PM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for a transaction response from the Belkin Wifi Service service.

Error: (05/14/2012 05:17:31 PM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for a transaction response from the Belkin Wifi Service service.

Error: (05/14/2012 05:17:01 PM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for a transaction response from the Belkin Wifi Service service.

Error: (05/14/2012 05:16:31 PM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for a transaction response from the Belkin Wifi Service service.

Error: (05/14/2012 05:16:01 PM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for a transaction response from the Belkin Wifi Service service.

Error: (05/14/2012 05:15:30 PM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for a transaction response from the Belkin Wifi Service service.

Error: (05/14/2012 05:15:00 PM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for a transaction response from the Belkin Wifi Service service.


Microsoft Office Sessions:
=========================
Error: (05/10/2012 09:41:54 AM) (Source: Microsoft Office 11)(User: )
Description: outlook.exe11.0.8326.04c1c2372msmapi32.dll11.0.8323.04b7ea43000002cfe5

Error: (05/10/2012 09:25:50 AM) (Source: Application Error)(User: )
Description: drwtsn32.exe5.1.2600.0dbghelp.dll5.1.2600.55120001295d

Error: (05/10/2012 09:19:19 AM) (Source: Application Error)(User: )
Description: mrt.exe4.8.6201.0mpengine.dll1.1.8304.0001d4081

Error: (05/10/2012 03:19:54 AM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown

Error: (05/10/2012 01:28:15 AM) (Source: LoadPerf)(User: )
Description: 16664

Error: (05/10/2012 01:28:14 AM) (Source: LoadPerf)(User: )
Description: aspnet_stateASP.NET State Service

Error: (05/10/2012 01:28:14 AM) (Source: LoadPerf)(User: )
Description: 16664

Error: (05/10/2012 01:28:10 AM) (Source: LoadPerf)(User: )
Description: ASP.NET_2.0.50727ASP.NET_2.0.50727

Error: (05/10/2012 01:28:10 AM) (Source: LoadPerf)(User: )
Description: 16664

Error: (05/10/2012 00:53:18 AM) (Source: LoadPerf)(User: )
Description: MSDTC Bridge 4.0.0.0MSDTC Bridge 4.0.0.0


=========================== Installed Programs ============================

3CXPhone (Version: 4.0.9878.0)
7-Zip 4.65
ABBYY FineReader 6.0 Sprint (Version: 6.00.1395.4512)
Adobe AIR (Version: 2.0.2.12610)
Adobe Flash Player 11 ActiveX (Version: 11.1.102.62)
Adobe Flash Player 11 Plugin (Version: 11.2.202.228)
Adobe Reader X (10.1.3) (Version: 10.1.3)
Advanced SystemCare 5 (Version: 5.2.0)
Belkin N Wireless USB Adapter Setup (Version: 2.20)
Camera RAW Plug-In for EPSON Creativity Suite (Version: 2.3.0.0)
CCleaner (Version: 3.16)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Corel Paint Shop Pro X (Version: 10.03)
Corel Photo Album 6 (Version: 6.00)
Coupon Printer (Version: 2.0)
CutePDF Writer 2.8
Defraggler (Version: 2.06)
EPSON Easy Photo Print (Version: 1.5.1.0)
EPSON File Manager (Version: 1.3.1.0)
EPSON Printer Software
EPSON Scan
EPSON Scan Assistant (Version: 1.10.00)
EPSON Stylus SX200_SX400_TX200_TX400 Manual
EPSON Stylus SX400 Series Printer Uninstall
ESET Smart Security (Version: 5.0.95.0)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.3.2710.138)
Google Update Helper (Version: 1.3.21.111)
HighMAT Extension to Microsoft Windows XP CD Writing Wizard (Version: 1.1.1905.1)
HiJackThis (Version: 1.0.0)
Iconix® eMail ID for Microsoft® Outlook (Version: 1.2.4)
Inkscape 0.48.0 (Version: 0.48.0)
Intel ® Pro Alerting Agent (Version: 4.2.0)
Intel® Extreme Graphics 2 Driver (Version: 6.14.10.4396)
Intel® PRO Network Connections Drivers
Intel® PROSet (Version: 6.05.2001)
Java Auto Updater (Version: 2.1.6.0)
Java™ 7 Update 4 (Version: 7.0.40)
JavaFX 2.1.0 (Version: 2.1.0)
Junk Mail filter update (Version: 14.0.8117.416)
Malwarebytes Anti-Malware version 1.60.1.1000 (Version: 1.60.1.1000)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft IntelliPoint 7.1 (Version: 7.10.344.0)
Microsoft IntelliType Pro 7.1 (Version: 7.10.344.0)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft National Language Support Downlevel APIs
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1)
Microsoft Office Professional Edition 2003 (Version: 11.0.8173.0)
Microsoft SQL Server Desktop Engine (Version: 8.00.760)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual J# 2.0 Redistributable Package
Microsoft Visual J# 2.0 Redistributable Package (Version: 2.0.50727)
Mobile Broadband Drivers (Version: 2.01.07.10)
Mozilla Firefox 11.0 (x86 en-GB) (Version: 11.0)
MSVC80_x86_v2 (Version: 1.0.3.0)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 6 Service Pack 2 (KB973686) (Version: 6.20.2003.0)
Nokia Connectivity Cable Driver (Version: 7.1.29.0)
OMCI (Version: 7.01.0382)
PC Connectivity Solution (Version: 10.24.0.0)
Picasa 3 (Version: 3.8)
PictureProject (Version: 1.0)
PIXresizer 2.0.4
QuickTime (Version: 7.2.0.240)
Recuva (Version: 1.42)
Revo Uninstaller 1.93 (Version: 1.93)
Sage Instant Accounts V11.01 (Version: 11.01.0010)
Sage MIS 3.01
SageInst (Version: 11.01.0010)
Segoe UI (Version: 14.0.4327.805)
Sentinel System Driver (Version: 5.39.2)
Spybot - Search & Destroy (Version: 1.6.2)
SUPERAntiSpyware (Version: 4.41.1000)
System Requirements Lab for Intel (Version: 4.1.66.0)
TuneUp Utilities Language Pack (en-US) (Version: 10.0.2011.65)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Windows Internet Explorer 8 (KB2598845) (Version: 1)
Update for Windows Internet Explorer 8 (KB2632503) (Version: 1)
Update for Windows XP (KB2492386) (Version: 1)
Update for Windows XP (KB2607712) (Version: 1)
Update for Windows XP (KB2616676) (Version: 1)
Update for Windows XP (KB2641690) (Version: 1)
Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (Version: 9.0.30729.01)
WebFldrs XP (Version: 9.50.7523)
Windows Genuine Advantage Notifications (KB905474) (Version: 1.9.0040.0)
Windows Genuine Advantage v1.3.0254.0 (Version: 1.3.0254.0)
Windows Imaging Component (Version: 3.0.0.0)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Mail (Version: 14.0.8117.0416)
Windows Live Writer (Version: 14.0.8117.0416)
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3 (Version: 20080414.031525)
Xmarks Thumbnails for IE (Version: 1.0.12)

========================= Memory info: ===================================

Percentage of memory in use: 58%
Total physical RAM: 765.98 MB
Available physical RAM: 315.32 MB
Total Pagefile: 1493.37 MB
Available Pagefile: 981.37 MB
Total Virtual: 2047.88 MB
Available Virtual: 1975.21 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:37.18 GB) (Free:14.62 GB) NTFS
3 Drive d: (IPITP71) (CDROM) (Total:0.33 GB) (Free:0 GB) CDFS

========================= Users: ========================================

User accounts for \\PC

Administrator AuthUser Guest
HelpAssistant SUPPORT_388945a0

========================= Minidump Files ==================================

No minidump file found

**** End of log ****

As I was initially following the instructions given to someone with a similar problem, as in the link in my 1st post, I have logs for GMER, SAS, Malwarebytes and also a Hijackthis and a DR web log.

I'm currently running the F-secure scan as per your link, but I'm really worried, as my PC now appears to have changed its display settings and looks like something produced by Andy Warhol! - Think, the iconic Marilyn Monroe picture and thats not far off what my screen looks like.

Very weird! Anyway, the scan is running, but very slowly and not sure the screen should be looking like this. Please let me know if it should be looking this weird.

I was going to run the scan on my laptop too, as its the laptop which I've noticed the adwitty search coming up on, but I'm scared to run it on here as I don't want to be without any form of machine.

I'll run the minitoolbox on the laptop too and post that if it helps.

Thanks for your time and help. Its much appreciated.

Cheers

Annie

Thanks




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users