Resolved [Closed] Www.Google-analytics.com

Status
Not open for further replies.
S

sawzalot

Posts: 20   +0
Hi folks, I am new here and really need your help in the easiest layman terms possible, yes I am not very computer savvy I actually don't know a whole bunch but what happens on my laptop is a re-direct to google analytics . com but I end up with a blank white screen that just stays like that and also everything else is slower than a snails pace, I am using an HP with windows XP, and fire fox latest version with an ad block, avast , I tried to install Malware but the trojan will not let it run no matter what, could I please get the easiest help available to fix this before fantasy football Sunday, oh yeah this just happened yesterday, I think I was tricked when prompted to open up some video on football fanatics Thank You for your thoughts about this.sawz.
 
Welcome to TechSpot! I'll help you sort this out. What do you have set as your homepage?

Please follow the steps in the Preliminary Virus and Malware Removal thread HERE.

When you have finished, please paste the logs for review in your next reply . OK to use more than one posts if needed.

It's not clear to me whether you were able to install Malwarebytes, but just no run the scan. Either way, try this:
Please download randmbam.exe

It will try to create random names and shortcuts for Malwarebytes Anti Malware(MBAM) if you have it installed already.

Once done, try running a scan again

Please do not use any other cleaning programs or scans while I'm helping you, unless I direct you to. Do not use a Registry cleaner or make any changes in the Registry.
 
I am using comcast.net as my homepage, I do have Malwarebytes installed but it just will not start up.
I am sorry but I already used a atf to clear stuff out as directed by a fellow audioholic but that did not work and also I can only run in safe mode for about two minutes and then the computer shuts down as well.
 
Boot into Safe Mode
  • Restart your computer and start pressing the F8 key on your keyboard.
  • Select the Safe Mode option when the Windows Advanced Options menu appears, and then press ENTER.
Click on Start> Run> type in eventvwr

Do this on each the System and the Applications logs:
[1]. Click to open the log>
[2]. Look for the Errors corresponding to time of crash- Errors are time coded, so check the computer clock time when you crash>
[3] .Double click on the Error to open to Properties>
[4]. Click on Copy button, top right, below the down arrow >
[5]. Paste here (Ctrl V)
[6].NOTES
  • You can ignore Warnings and Information Events.
  • If you have a recurring Error with same ID#, same Source and same Description, only one copy is needed.
  • You don't need to include the lines of code in the box below the Description, if any.
  • Please do not copy the entire Event log.
Errors are time coded. Check the computer clock on freeze.
 
I followed the last instructions and when I double click on the errors that shut down the computer the log says that the error can not be located the error is listed like this the first one is hpqcxso8 then the second one a second later is hpqddsvc I think the computer is getting slower and slower as we go and some sites will not even appear now just that white screen, i wish I knew more I tried the 6-7 step virus removal but that is almost impossible to get done at this point, thanks again sawz.
 
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-10-10.03)

Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume1
Install Date: 8/9/2009 9:36:51 PM
System Uptime: 10/16/2010 4:15:26 PM (2 hours ago)

Motherboard: Hewlett-Packard | | 30B5
Processor: AMD Turion(tm) 64 X2 | U1 | 1607/200mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 83 GiB total, 56.319 GiB free.
D: is FIXED (FAT32) - 9 GiB total, 1.408 GiB free.
E: is CDROM ()

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP376: 8/27/2010 8:39:58 AM - System Checkpoint
RP377: 8/29/2010 12:24:24 PM - System Checkpoint
RP378: 8/30/2010 6:55:55 PM - System Checkpoint
RP379: 8/31/2010 7:54:16 PM - System Checkpoint
RP380: 9/2/2010 5:13:33 PM - System Checkpoint
RP381: 9/4/2010 12:38:31 PM - System Checkpoint
RP382: 9/6/2010 7:49:14 AM - System Checkpoint
RP383: 9/7/2010 10:14:59 AM - System Checkpoint
RP384: 9/7/2010 11:20:59 AM - Restore Operation
RP385: 9/8/2010 9:19:18 AM - Installed Java(TM) 6 Update 21
RP386: 9/8/2010 9:20:32 AM - Installed Java Runtime Environment
RP387: 9/8/2010 10:23:00 AM - Advanced SystemCare RestorePoint
RP388: 9/8/2010 12:31:28 PM - Installed Super Ad Blocker
RP389: 9/9/2010 1:23:18 PM - System Checkpoint
RP390: 9/10/2010 2:10:58 PM - System Checkpoint
RP391: 9/11/2010 2:57:37 PM - System Checkpoint
RP392: 9/12/2010 3:31:28 PM - System Checkpoint
RP393: 9/13/2010 5:40:23 PM - System Checkpoint
RP394: 9/14/2010 7:56:49 PM - System Checkpoint
RP395: 9/15/2010 9:03:53 PM - System Checkpoint
RP396: 9/16/2010 3:00:32 AM - Software Distribution Service 3.0
RP397: 9/17/2010 8:17:39 AM - System Checkpoint
RP398: 9/18/2010 8:28:14 AM - System Checkpoint
RP399: 9/19/2010 11:13:34 AM - System Checkpoint
RP400: 9/19/2010 1:39:05 PM - Removed Skype™ 4.2
RP401: 9/19/2010 1:40:26 PM - Removed Super Ad Blocker
RP402: 9/20/2010 2:13:51 PM - System Checkpoint
RP403: 9/21/2010 3:03:30 PM - System Checkpoint
RP404: 9/23/2010 12:20:11 PM - System Checkpoint
RP405: 9/24/2010 12:24:24 PM - System Checkpoint
RP406: 9/25/2010 12:41:25 PM - System Checkpoint
RP407: 9/26/2010 1:08:11 PM - System Checkpoint
RP408: 9/27/2010 7:06:23 PM - System Checkpoint
RP409: 9/28/2010 7:13:26 PM - System Checkpoint
RP410: 9/30/2010 12:40:50 AM - Software Distribution Service 3.0
RP411: 10/1/2010 9:54:03 AM - System Checkpoint
RP412: 10/3/2010 7:58:24 PM - System Checkpoint
RP413: 10/4/2010 8:05:21 PM - Restore Operation
RP414: 10/4/2010 9:01:52 PM - Removed Super Ad Blocker
RP415: 10/4/2010 11:35:23 PM - Software Distribution Service 3.0
RP416: 10/6/2010 5:36:11 PM - System Checkpoint
RP417: 10/7/2010 6:19:45 PM - System Checkpoint
RP418: 10/8/2010 8:05:09 PM - System Checkpoint
RP419: 10/8/2010 9:19:00 PM - Software Distribution Service 3.0
RP420: 10/10/2010 9:38:55 PM - System Checkpoint
RP421: 10/14/2010 6:04:50 PM - Restore Operation
RP422: 10/14/2010 9:45:36 PM - Software Distribution Service 3.0
RP423: 10/14/2010 10:10:28 PM - Software Distribution Service 3.0
RP424: 10/14/2010 10:24:31 PM - Advanced SystemCare RestorePoint
RP425: 10/15/2010 9:09:37 AM - Installed Java(TM) 6 Update 22
RP426: 10/15/2010 5:20:23 PM - Restore Operation
RP427: 10/15/2010 5:41:28 PM - Software Distribution Service 3.0
RP428: 10/15/2010 7:13:23 PM - avast! Free Antivirus Setup
RP429: 10/15/2010 7:19:15 PM - Restore Operation
RP430: 10/15/2010 8:00:37 PM - Removed Skype™ 4.2
RP431: 10/15/2010 8:07:08 PM - avast! Free Antivirus Setup
RP432: 10/15/2010 8:44:52 PM - Installed AVG 2011
RP433: 10/15/2010 8:45:21 PM - Installed AVG 2011
RP434: 10/16/2010 9:11:46 AM - Software Distribution Service 3.0
RP435: 10/16/2010 9:28:21 AM - Software Distribution Service 3.0
RP436: 10/16/2010 11:55:06 AM - Removed AVG 2011
RP437: 10/16/2010 11:55:57 AM - Removed AVG 2011
RP438: 10/16/2010 12:13:38 PM - Revo Uninstaller Pro's restore point - ashampoo firewall
RP439: 10/16/2010 12:15:04 PM - Revo Uninstaller Pro's restore point - avg
RP440: 10/16/2010 12:15:30 PM - Revo Uninstaller Pro's restore point - avast
RP441: 10/16/2010 12:16:11 PM - Revo Uninstaller Pro's restore point - google-analytics.com
RP442: 10/16/2010 3:56:45 PM - avast! Free Antivirus Setup

==== Installed Programs ======================

32 Bit HP CIO Components Installer
Adobe Download Manager
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.3.4
Apple Application Support
Apple Software Update
avast! Free Antivirus
BufferChm
Conexant HD Audio
Copy
CP_AtenaShokunin1Config
CP_CalendarTemplates1
cp_LightScribeConfig
cp_OnlineProjectsConfig
CP_Package_Basic1
CP_Package_Variety1
CP_Package_Variety2
CP_Package_Variety3
CP_Panorama1Config
cp_PosterPrintConfig
cp_UpdateProjectsConfig
CueTour
CustomerResearchQFolder
Destination Component
DeviceDiscovery
DJ_AIO_03_F4200_ProductContext
DJ_AIO_03_F4200_Software
DJ_AIO_03_F4200_Software_Min
eSupportQFolder
F4200
F4200_Help
FullDPAppQFolder
GPBaseService
GPBaseService2
HDAUDIO Soft Data Fax Modem with SmartCP
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
HP Customer Participation Program 10.0
HP Deskjet F4200 All-In-One Driver Software 10.0 Rel .3
HP Help and Support
HP Imaging Device Functions 10.0
HP Pavilion Webcam Tray Icon
HP Photosmart Essential 3.5
HP Photosmart Premier Software 6.0
HP Quick Launch Buttons 6.00 G2
HP QuickPlay 2.1
HP Rhapsody
HP Smart Web Printing
HP Solution Center 13.0
HP Update
HP User Guides 0027
HP Wireless Assistant 2.00 E1
HPPhotoSmartDiscLabelContent1
HPPhotosmartEssential
HPProductAssistant
HpSdpAppCoreApp
HPSSupply
ImgBurn
InstantShareDevices
J2SE Runtime Environment 5.0 Update 6
Java Auto Updater
Java(TM) 6 Update 21
LightScribe 1.4.74.1
Macromedia Flash Player 8
Malwarebytes' Anti-Malware
MarketResearch
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Office Standard Edition 2003
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Works
Movie Player Pro ActiveX Control
MSVCSetup
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
NVIDIA Drivers
Office 2003 Trial Assistant
OptionalContentQFolder
PhotoGallery
Picasa 3
PSSWCORE
QuickTime
RandMap
RealPlayer
RealUpgrade 1.0
Revo Uninstaller Pro 2.4.1
Scan
Security Update for CAPICOM (KB931906)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2183461)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360131)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972260)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981349)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982381)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Shop for HP Supplies
SkinsHP1
SmartAudio
SolutionCenter
Sonic_PrimoSDK
Status
Synaptics Pointing Device Driver
Toolbox
TourSetup
TrayApp
Unload
UnloadSupport
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
VideoToolkit01
WebFldrs XP
WebReg
Windows Driver Package - Advanced Micro Devices (AmdK8) Processor (04/28/2006 1.3.1.0)
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray
Windows Genuine Advantage Validation Tool
Windows Media Format Runtime
Windows Media Player 10
Windows Media Player Firefox Plugin
Windows XP Service Pack 3
Wireless Home Network Setup

==== Event Viewer Messages From Past Week ========

10/16/2010 9:13:00 AM, error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error: An instance of the service is already running.
10/16/2010 4:12:21 PM, error: Service Control Manager [7034] - The LightScribeService Direct Disc Labeling Service service terminated unexpectedly. It has done this 1 time(s).
10/16/2010 4:12:21 PM, error: Service Control Manager [7034] - The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).
10/16/2010 4:12:21 PM, error: Service Control Manager [7034] - The hpqwmiex service terminated unexpectedly. It has done this 1 time(s).
10/16/2010 12:56:50 PM, error: AmdK8 [2] - The Acpi 2.0 _PCT object returned an invalid value of 255
10/16/2010 12:50:29 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD AmdK8 Fips IPSec KLIF MRxSmb NetBIOS NetBT RasAcd Rdbss SABKUTIL Tcpip
10/16/2010 12:50:29 PM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.
10/16/2010 12:50:29 PM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
10/16/2010 12:50:29 PM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
10/16/2010 12:50:29 PM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
10/16/2010 12:49:45 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
10/16/2010 12:49:42 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
10/16/2010 12:49:38 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
10/15/2010 8:46:34 PM, error: Service Control Manager [7000] - The AVG Mini-Filter Resident Anti-Virus Shield service failed to start due to the following error: The parameter is incorrect.
10/15/2010 8:01:14 PM, error: Service Control Manager [7023] - The Application Management service terminated with the following error: The specified module could not be found.
10/15/2010 7:56:53 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: SABKUTIL
10/15/2010 7:56:53 PM, error: Service Control Manager [7022] - The HP CUE DeviceDiscovery Service service hung on starting.
10/15/2010 7:42:57 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Print Spooler service to connect.
10/15/2010 7:42:57 PM, error: Service Control Manager [7000] - The Print Spooler service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
10/15/2010 7:42:47 PM, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.
10/15/2010 7:41:57 PM, error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
10/15/2010 7:35:21 PM, error: Service Control Manager [7022] - The avast! Antivirus service hung on starting.
10/15/2010 7:13:38 PM, error: Service Control Manager [7034] - The Print Spooler service terminated unexpectedly. It has done this 3 time(s).
10/15/2010 7:11:12 PM, error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
10/15/2010 7:07:36 PM, error: Service Control Manager [7034] - The NVIDIA Display Driver Service service terminated unexpectedly. It has done this 1 time(s).
10/14/2010 9:56:06 PM, error: Ftdisk [49] - Configuring the Page file for crash dump failed. Make sure there is a page file on the boot partition and that is large enough to contain all physical memory.
10/14/2010 9:56:06 PM, error: Ftdisk [45] - The system could not sucessfully load the crash dump driver.
10/14/2010 9:50:16 PM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x80246007: Windows Malicious Software Removal Tool - October 2010 (KB890830).

==== End Of File ===========================
 
DDS (Ver_10-10-10.03) - NTFSx86
Run by Robert at 18:20:37.06 on Sat 10/16/2010
Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 1.6.0_21
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.959.429 [GMT -4:00]

AV: avast! Antivirus *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: Norton Internet Worm Protection *disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
svchost.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Hewlett-Packard\HP Pavilion Webcam\tsnp2std.exe
C:\WINDOWS\system32\svchost.exe -k hpdevmgmt
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\PROGRA~1\HPQ\Shared\HPQTOA~1.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
C:\Documents and Settings\Robert\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.comcast.net/
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q306&bd=pavilion&pf=laptop
uDefault_Search_URL = hxxp://www.google.com/ie
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q306&bd=pavilion&pf=laptop
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
uURLSearchHooks: H - No File
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
TB: {C4069E3A-68F1-403E-B40E-20066696354B} - No File
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Advanced SystemCare 3] "c:\program files\iobit\advanced systemcare 3\AWC.exe" /startup
mRun: [hpWirelessAssistant] c:\program files\hpq\hp wireless assistant\HP Wireless Assistant.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [QPService] "c:\program files\hp\quickplay\QPService.exe"
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [ISUSPM Startup] "c:\program files\common files\installshield\updateservice\isuspm.exe" -startup
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
mRun: [Cpqset] c:\program files\hpq\default settings\cpqset.exe
mRun: [RecGuard] c:\windows\sminst\RecGuard.exe
mRun: [nwiz] nwiz.exe /install
mRun: [hpqSRMon] c:\program files\hp\digital imaging\bin\hpqSRMon.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [avast5] c:\progra~1\alwils~1\avast5\avastUI.exe /nogui
mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hppavi~1.lnk - c:\program files\hewlett-packard\hp pavilion webcam\tsnp2std.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpphot~1.lnk - c:\program files\hp\digital imaging\bin\hpqthb08.exe
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
DPF: {361E6B79-4A69-4376-B0F2-3D1EBEE9D7E2} - hxxp://74.73.125.189:8888/RtspVaPgDec.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

============= SERVICES / DRIVERS ===============

R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2010-9-13 25680]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-10-16 162768]
R1 KLIF;Kaspersky Lab Driver;c:\windows\system32\drivers\klif.sys [2010-6-23 315408]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-10-16 19024]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2010-10-16 40384]
R3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast5\AvastSvc.exe [2010-10-16 40384]
R3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast5\AvastSvc.exe [2010-10-16 40384]
S1 SABKUTIL;SABKUTIL;\??\c:\program files\superadblocker.com\super ad blocker\sabkutil.sys --> c:\program files\superadblocker.com\super ad blocker\SABKUTIL.sys [?]
S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [2010-10-16 27064]

=============== Created Last 30 ================

2010-10-16 17:20:23 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-10-16 17:20:21 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-10-16 16:11:30 -------- d-----w- c:\docume~1\robert\locals~1\applic~1\VS Revo Group
2010-10-16 16:08:46 27064 ----a-w- c:\windows\system32\drivers\revoflt.sys
2010-10-16 16:08:44 -------- d-----w- c:\program files\VS Revo Group
2010-10-16 15:43:03 -------- d-----w- c:\docume~1\alluse~1\applic~1\Kaspersky Lab Setup Files
2010-10-16 00:49:11 -------- d-----w- c:\docume~1\robert\applic~1\AVG10
2010-10-16 00:47:13 -------- d--h--w- c:\docume~1\alluse~1\applic~1\Common Files
2010-10-16 00:45:34 -------- d-----w- c:\docume~1\alluse~1\applic~1\AVG10
2010-10-16 00:39:57 -------- d-----w- c:\docume~1\alluse~1\applic~1\MFAData
2010-10-16 00:10:51 -------- d-----w- c:\program files\PC Tools Security
2010-10-16 00:04:36 -------- d-----w- c:\docume~1\alluse~1\applic~1\PC Tools
2010-10-15 23:29:16 -------- d-----w- c:\windows\system32\wbem\repository\FS
2010-10-15 23:29:16 -------- d-----w- c:\windows\system32\wbem\Repository
2010-10-15 23:26:42 -------- d-----w- c:\docume~1\robert\locals~1\applic~1\WMTools Downloaded Files
2010-10-15 23:26:42 -------- d-----w- c:\docume~1\robert\applic~1\IObit
2010-10-15 23:26:41 -------- d-----w- c:\program files\Carbonite
2010-10-15 22:49:45 -------- d-----w- c:\program files\Trend Micro
2010-10-15 22:20:07 -------- d-----w- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
2010-10-15 01:42:36 954368 ------w- c:\windows\system32\dllcache\mfc40.dll
2010-10-15 01:42:35 974848 ------w- c:\windows\system32\dllcache\mfc42.dll
2010-10-15 01:42:35 953856 ------w- c:\windows\system32\dllcache\mfc40u.dll
2010-10-15 01:42:21 617472 ------w- c:\windows\system32\dllcache\comctl32.dll
2010-10-13 14:46:07 -------- d-----w- C:\spoolerlogs
2010-09-18 16:23:26 974848 ------w- c:\windows\system32\dllcache\mfc42u.dll

==================== Find3M ====================

2010-09-18 16:23:26 974848 ----a-w- c:\windows\system32\mfc42u.dll
2010-09-18 06:53:25 974848 ----a-w- c:\windows\system32\mfc42.dll
2010-09-18 06:53:25 954368 ----a-w- c:\windows\system32\mfc40.dll
2010-09-18 06:53:25 953856 ----a-w- c:\windows\system32\mfc40u.dll
2010-09-09 15:04:03 0 ----a-w- c:\windows\YOURAPP.EXE
2010-09-09 15:03:58 0 ----a-w- c:\windows\ORUN32.EXE
2010-09-09 15:03:47 0 ----a-w- c:\windows\system32\CMMGR32.EXE
2010-09-09 14:16:31 667136 ----a-w- c:\windows\system32\wininet.dll
2010-09-09 14:16:31 667136 ----a-w- c:\windows\system32\wininet(2)(2).dll
2010-09-09 14:16:31 627712 ----a-w- c:\windows\system32\urlmon(2)(2).dll
2010-09-09 14:16:30 61952 ----a-w- c:\windows\system32\tdc.ocx
2010-09-09 14:16:30 1510400 ----a-w- c:\windows\system32\shdocvw(2)(2).dll
2010-09-09 14:16:29 81920 ----a-w- c:\windows\system32\ieencode.dll
2010-09-08 16:49:49 369664 ----a-w- c:\windows\system32\html.iec
2010-09-01 11:51:14 285824 ----a-w- c:\windows\system32\atmfd.dll
2010-08-31 13:42:52 1852800 ----a-w- c:\windows\system32\win32k.sys
2010-08-31 13:42:52 1852800 ----a-w- c:\windows\system32\win32k(2)(2).sys
2010-08-27 08:02:29 119808 ----a-w- c:\windows\system32\t2embed.dll
2010-08-27 05:57:43 99840 ----a-w- c:\windows\system32\srvsvc.dll
2010-08-27 05:57:43 99840 ----a-w- c:\windows\system32\srvsvc(2)(2).dll
2010-08-26 12:52:45 5120 ----a-w- c:\windows\system32\xpsp4res.dll
2010-08-23 16:12:04 617472 ----a-w- c:\windows\system32\comctl32.dll
2010-08-23 16:12:04 617472 ----a-w- c:\windows\system32\comctl32(2)(2).dll
2010-08-17 13:17:06 58880 ----a-w- c:\windows\system32\spoolsv.exe
2010-08-16 08:45:00 590848 ----a-w- c:\windows\system32\rpcrt4.dll
2010-08-16 08:45:00 590848 ----a-w- c:\windows\system32\rpcrt4(2)(3).dll

============= FINISH: 18:22:13.70 ===============
 
I am sorry for all of that but i dont know what the heck I am doing and nothing has worked so far I am ready to give up,Thanks for all of your help, sawz.
 
This is from hijack this:

Scan saved at 6:39:17 PM, on 10/16/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Hewlett-Packard\HP Pavilion Webcam\tsnp2std.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\PROGRA~1\HPQ\Shared\HPQTOA~1.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q306&bd=pavilion&pf=laptop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q306&bd=pavilion&pf=laptop
R3 - URLSearchHook: (no name) - {472734EA-242A-422b-ADF8-83D1E48CC825} - (no file)
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "c:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Advanced SystemCare 3] "C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe" /startup
O4 - S-1-5-18 Startup: Vongo Tray.lnk = C:\Program Files\Vongo\Tray.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: Vongo Tray.lnk = C:\Program Files\Vongo\Tray.exe (User 'Default user')
O4 - .DEFAULT User Startup: Vongo Tray.lnk = C:\Program Files\Vongo\Tray.exe (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Pavilion Webcam Tray Icon.lnk = ?
O4 - Global Startup: HP Photosmart Premier Fast Start.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqthb08.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q306&bd=pavilion&pf=laptop
O16 - DPF: {361E6B79-4A69-4376-B0F2-3D1EBEE9D7E2} (RtspVaPgCtrl Class) - http://74.73.125.189:8888/RtspVaPgDec.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 8865 bytes
 
MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows XP Home Edition
Windows Information: Service Pack 3 (build 2600)
Logical Drives Mask: 0x0000001c

Kernel Drivers (total 142):
0x804D7000 \WINDOWS\system32\ntkrnlpa.exe
0x806E4000 \WINDOWS\system32\hal.dll
0xF7AF0000 \WINDOWS\system32\KDCOM.DLL
0xF7A00000 \WINDOWS\system32\BOOTVID.dll
0xF74C1000 ACPI.sys
0xF7AF2000 \WINDOWS\system32\DRIVERS\WMILIB.SYS
0xF74B0000 pci.sys
0xF75F0000 isapnp.sys
0xF7600000 ohci1394.sys
0xF7610000 \WINDOWS\system32\DRIVERS\1394BUS.SYS
0xF7A04000 compbatt.sys
0xF7A08000 \WINDOWS\system32\DRIVERS\BATTC.SYS
0xF7BB8000 pciide.sys
0xF7870000 \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
0xF7AF4000 intelide.sys
0xF7AF6000 viaide.sys
0xF7AF8000 aliide.sys
0xF7492000 pcmcia.sys
0xF7620000 MountMgr.sys
0xF7473000 ftdisk.sys
0xF7A0C000 ACPIEC.sys
0xF7BB9000 \WINDOWS\system32\DRIVERS\OPRGHDLR.SYS
0xF7878000 PartMgr.sys
0xF7630000 VolSnap.sys
0xF745B000 atapi.sys
0xF7442000 nvata.sys
0xF7640000 disk.sys
0xF7650000 \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
0xF7422000 fltmgr.sys
0xF7410000 sr.sys
0xF7880000 PxHelp20.sys
0xF73F9000 KSecDD.sys
0xF736C000 Ntfs.sys
0xF733F000 NDIS.sys
0xF7660000 Serial.sys
0xF7325000 Mup.sys
0xF7670000 AVGIDSEH.Sys
0xF7680000 \SystemRoot\system32\DRIVERS\nic1394.sys
0xF7830000 \SystemRoot\system32\DRIVERS\AmdK8.sys
0xF704D000 \SystemRoot\system32\DRIVERS\cpqbttn.sys
0xF7840000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0xF7910000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0xF7049000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0xF6495000 \SystemRoot\system32\DRIVERS\bcmwl5.sys
0xF6117000 \SystemRoot\system32\DRIVERS\nv4_mini.sys
0xF6103000 \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
0xF7AA0000 \SystemRoot\system32\DRIVERS\nvsmu.sys
0xF7918000 \SystemRoot\system32\DRIVERS\usbohci.sys
0xF60DF000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0xF7920000 \SystemRoot\system32\DRIVERS\usbehci.sys
0xF7850000 \SystemRoot\system32\DRIVERS\imapi.sys
0xF7860000 \SystemRoot\system32\DRIVERS\cdrom.sys
0xF7690000 \SystemRoot\system32\DRIVERS\redbook.sys
0xF60BC000 \SystemRoot\system32\DRIVERS\ks.sys
0xF60A8000 \SystemRoot\system32\DRIVERS\sdbus.sys
0xF7928000 \SystemRoot\system32\DRIVERS\rimmptsk.sys
0xF6A8A000 \SystemRoot\system32\DRIVERS\rimsptsk.sys
0xF605C000 \SystemRoot\system32\DRIVERS\rixdptsk.sys
0xF6034000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0xF7AB4000 \SystemRoot\system32\DRIVERS\nvnetbus.sys
0xF5FE9000 \SystemRoot\system32\DRIVERS\NVNRM.SYS
0xF5FB2000 \SystemRoot\system32\DRIVERS\NVSNPU.SYS
0xF6A7A000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0xF7930000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0xF5F82000 \SystemRoot\system32\DRIVERS\SynTP.sys
0xF7B26000 \SystemRoot\system32\DRIVERS\USBD.SYS
0xF7938000 \SystemRoot\system32\DRIVERS\mouclass.sys
0xF7AB8000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0xF7C62000 \SystemRoot\system32\DRIVERS\audstub.sys
0xF6A6A000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0xF7ABC000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0xF5F6B000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0xF6A5A000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0xF6A4A000 \SystemRoot\system32\DRIVERS\raspptp.sys
0xF7940000 \SystemRoot\system32\DRIVERS\TDI.SYS
0xF5F5A000 \SystemRoot\system32\DRIVERS\psched.sys
0xF6A3A000 \SystemRoot\system32\DRIVERS\msgpc.sys
0xF7948000 \SystemRoot\system32\DRIVERS\ptilink.sys
0xF7950000 \SystemRoot\system32\DRIVERS\raspti.sys
0xF6A2A000 \SystemRoot\system32\DRIVERS\termdd.sys
0xF7B28000 \SystemRoot\system32\DRIVERS\swenum.sys
0xF5EFC000 \SystemRoot\system32\DRIVERS\update.sys
0xF7AC8000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0xF66B3000 \SystemRoot\system32\DRIVERS\kbdhid.sys
0xF64FD000 \SystemRoot\System32\Drivers\NDProxy.SYS
0xEE970000 \SystemRoot\system32\DRIVERS\usbhub.sys
0xEE960000 \SystemRoot\system32\DRIVERS\NVENETFD.sys
0xB9727000 \SystemRoot\system32\drivers\CHDAud.sys
0xB9703000 \SystemRoot\system32\drivers\portcls.sys
0xEE950000 \SystemRoot\system32\drivers\drmk.sys
0xB96D0000 \SystemRoot\system32\DRIVERS\HSFHWAZL.sys
0xB95DC000 \SystemRoot\system32\DRIVERS\HSF_DPV.sys
0xB952A000 \SystemRoot\system32\DRIVERS\HSF_CNXT.sys
0xF4BF8000 \SystemRoot\System32\Drivers\Modem.SYS
0xF0A5F000 \SystemRoot\System32\Drivers\i2omgmt.SYS
0xB94B1000 \SystemRoot\system32\DRIVERS\klif.sys
0xEEE80000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0xF0A53000 \SystemRoot\system32\DRIVERS\hidusb.sys
0xEE49C000 \SystemRoot\system32\DRIVERS\mouhid.sys
0xB9493000 \SystemRoot\System32\Drivers\usbvideo.sys
0xF7B98000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0xED8D6000 \SystemRoot\System32\Drivers\Null.SYS
0xF7B9A000 \SystemRoot\System32\Drivers\Beep.SYS
0xED9DA000 \SystemRoot\System32\drivers\vga.sys
0xF7B9C000 \SystemRoot\System32\Drivers\mnmdd.SYS
0xF7B9E000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0xED9D2000 \SystemRoot\System32\Drivers\Msfs.SYS
0xED9CA000 \SystemRoot\System32\Drivers\Npfs.SYS
0xEE484000 \SystemRoot\system32\DRIVERS\rasacd.sys
0xB8753000 \SystemRoot\system32\DRIVERS\ipsec.sys
0xB86FA000 \SystemRoot\system32\DRIVERS\tcpip.sys
0xEDD56000 \SystemRoot\System32\Drivers\aswTdi.SYS
0xB86D4000 \SystemRoot\system32\DRIVERS\ipnat.sys
0xEDD46000 \SystemRoot\system32\DRIVERS\wanarp.sys
0xB86AC000 \SystemRoot\system32\DRIVERS\netbt.sys
0xB868A000 \SystemRoot\System32\drivers\afd.sys
0xEDD36000 \SystemRoot\system32\DRIVERS\netbios.sys
0xF7B0A000 \SystemRoot\system32\DRIVERS\eabfiltr.sys
0xECF1B000 \SystemRoot\system32\DRIVERS\arp1394.sys
0xB7693000 \SystemRoot\system32\DRIVERS\rdbss.sys
0xB713B000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xF7730000 \SystemRoot\System32\Drivers\Fips.SYS
0xB6397000 \SystemRoot\System32\Drivers\aswSP.SYS
0xF4C20000 \SystemRoot\System32\Drivers\Aavmker4.SYS
0xB6373000 \SystemRoot\System32\Drivers\Fastfat.SYS
0xBF800000 \SystemRoot\System32\win32k.sys
0xB692A000 \SystemRoot\System32\drivers\Dxapi.sys
0xF4C08000 \SystemRoot\System32\watchdog.sys
0xBF000000 \SystemRoot\System32\drivers\dxg.sys
0xF7C37000 \SystemRoot\System32\drivers\dxgthk.sys
0xBF012000 \SystemRoot\System32\nv4_disp.dll
0xB648D000 \SystemRoot\System32\Drivers\aswFsBlk.SYS
0xF72F1000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0xB3BF7000 \SystemRoot\System32\Drivers\aswMon2.SYS
0xB39EA000 \SystemRoot\system32\DRIVERS\mrxdav.sys
0xB39AD000 \SystemRoot\system32\drivers\wdmaud.sys
0xECF0B000 \SystemRoot\system32\drivers\sysaudio.sys
0xB3657000 \SystemRoot\system32\DRIVERS\srv.sys
0xB386F000 \SystemRoot\system32\DRIVERS\mdmxsdk.sys
0xB31B6000 \SystemRoot\System32\Drivers\HTTP.sys
0xF7908000 \SystemRoot\System32\Drivers\aswRdr.SYS
0x7C900000 \WINDOWS\system32\ntdll.dll

Processes (total 50):
0 System Idle Process
4 System
820 C:\WINDOWS\system32\smss.exe
876 csrss.exe
904 C:\WINDOWS\system32\winlogon.exe
948 C:\WINDOWS\system32\services.exe
960 C:\WINDOWS\system32\lsass.exe
1112 C:\WINDOWS\system32\svchost.exe
1172 svchost.exe
1212 C:\WINDOWS\system32\svchost.exe
1384 svchost.exe
1524 svchost.exe
1568 C:\WINDOWS\explorer.exe
1788 C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
1908 C:\Program Files\HPQ\HP Wireless Assistant\HP Wireless Assistant.exe
1988 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
2000 C:\Program Files\Hp\QuickPlay\QPService.exe
2012 C:\Program Files\Hp\HP Software Update\hpwuSchd2.exe
168 C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
212 C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
520 C:\Program Files\Common Files\Real\Update_OB\realsched.exe
528 C:\WINDOWS\system32\rundll32.exe
536 C:\Program Files\Common Files\Java\Java Update\jusched.exe
568 C:\PROGRA~1\ALWILS~1\Avast5\AvastUI.exe
624 C:\WINDOWS\system32\ctfmon.exe
728 C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe
1084 C:\Program Files\Hewlett-Packard\HP Pavilion Webcam\tsnp2std.exe
1680 svchost.exe
2044 C:\Program Files\Hp\Digital Imaging\bin\hpqimzone.exe
200 C:\WINDOWS\system32\svchost.exe
744 C:\Program Files\Java\jre6\bin\jqs.exe
1644 C:\Program Files\Common Files\LightScribe\LSSrvc.exe
1872 C:\WINDOWS\system32\svchost.exe
2056 C:\WINDOWS\system32\nvsvc32.exe
2116 C:\WINDOWS\system32\svchost.exe
2184 C:\WINDOWS\system32\svchost.exe
2320 wdfmgr.exe
2420 C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
3144 wmiprvse.exe
3656 alg.exe
4080 C:\PROGRA~1\HPQ\Shared\HPQTOA~1.EXE
2744 C:\Program Files\Hp\Digital Imaging\bin\hpqste08.exe
2884 C:\Program Files\Hp\Digital Imaging\bin\hpqbam08.exe
2948 C:\Program Files\Hp\Digital Imaging\bin\hpqgpc01.exe
3344 C:\Program Files\Common Files\Java\Java Update\jucheck.exe
2592 C:\Program Files\Mozilla Firefox\firefox.exe
2440 C:\Program Files\Hp\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
3460 C:\Program Files\Mozilla Firefox\plugin-container.exe
2372 C:\Documents and Settings\Robert\My Documents\Downloads\MBRCheck.exe
656 C:\Program Files\Real\RealPlayer\realplay.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00007e00 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000014`ace6d600 (FAT32)

PhysicalDrive0 Model Number: ST9100824AS, Rev: 3.05

Size Device Name MBR Status
--------------------------------------------
93 GB \\.\PhysicalDrive0 Unknown MBR code
SHA1: 6CFADD51C7C23062276CFACC2EEF26A447A44C7C


Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:
 
  • Open Notepad
  • Copy and paste the text in the codebox into Notepad:
    Code: 
    @ECHO OFF
START 
remover.exe fix \.\PhysicalDrive0    
EXIT
  • Go File > Save As
  • Save as Type choose All Files
  • For File Name type fix.bat
  • Save In> choose Desktop
  • Save
  • Double click to Run fix.bat
(You may see a black box appear; this is normal.)

Run remover.exe again and post its output.

Do NOT reboot computer!
 
I want to run the (remover.exe) properly without fail could I get a little direction on that process thank you , sawz

When I run( fix.bat ) the results are very minimal almost like it did not run through is that the result I should have seen ?
 
I have not installed or un-installed anything since you last directed me , I am sorry if I did prior to today but I think frustration led me down a panic path, thanks for your help, sawzalot (Robert).
 
I found the remover.exe download but I can not down load it I get a re-rirect to some virus protection site in german called G Data software, don't know what to do next so I'll wait for a reply Thank You sawz.
 
Okay, we need to get on the same track here:

Prelim programs were:
1. Malwarebytes: it wouldn't run so I gave you a program to help that. But I have not seen the Mbam log yet.
2. DDS: Program was run and the 2 logs were left.
3. GMER: No mention, no log.
=====================================
1. Errors: I requested a copy of the Errors from the Event Viewer but you couldn't show it.
2. HijackThis: you ran this which I did not request and left a log. The version was missing
3. MRBCheck: you ran this which I did not request.
4. Bootfix Remover: my bad> I mistakenly gave you this program not realizing that you had not run the Bootfix program, but ran MBRCheck instead. So you did not have the 'remover.exe.'
=====================================================
Let's get this aimed in the right direction. Please stop running random scans. It is specifically asked that you do not run these while you are being helped.
===================================
Before you run any more scans, please describe what is happening with your system. Originally it was a problem with google analytics. You mentioned the system is slow which may or may not be related to malware.
================================
The following restore points are some that were set mainly between 10/14-10/16:
RP421: 10/14/2010 6:04:50 PM - Restore Operation
RP424: 10/14/2010 10:24:31 PM - Advanced SystemCare RestorePoint
RP426: 10/15/2010 5:20:23 PM - Restore Operation
RP428: 10/15/2010 7:13:23 PM - avast! Free Antivirus Setup
RP429: 10/15/2010 7:19:15 PM - Restore Operation
RP431: 10/15/2010 8:07:08 PM - avast! Free Antivirus Setup 2nd download
RP432: 10/15/2010 8:44:52 PM - Installed AVG 2011
RP433: 10/15/2010 8:45:21 PM - Installed AVG 2011 2nd install
RP436: 10/16/2010 11:55:06 AM - Removed AVG 2011
RP437: 10/16/2010 11:55:57 AM - Removed AVG 2011 2nd uninstall
RP438: 10/16/2010 12:13:38 PM - Revo Uninstaller Pro's restore point - ashampoo firewall
RP439: 10/16/2010 12:15:04 PM - Revo Uninstaller Pro's restore point - avg
RP440: 10/16/2010 12:15:30 PM - Revo Uninstaller Pro's restore point - avast
RP441: 10/16/2010 12:16:11 PM - Revo Uninstaller Pro's restore point - google-analytics.com
RP442: 10/16/2010 3:56:45 PM - avast! Free Antivirus Setup 1st install, 2 downloads

And these 2 programs show you uninstalled them twice:
RP400: 9/19/2010 1:39:05 PM - Removed Skype™ 4.2>> and again
RP430: 10/15/2010 8:00:37 PM - Removed Skype™ 4.2
RP401: 9/19/2010 1:40:26 PM - Removed Super Ad Blocker>> and again
RP414: 10/4/2010 9:01:52 PM - Removed Super Ad Blocker
==============================================
It would be best if you stopped using the Revo Uninstaller at this point. Do not do any System Restores while I'm helping you- they will undo anything that was done on the system previously. It looks like you couldn't remove all of AVG (there is a tools to do this) so used Revo.

Please uninstall the following programs: Do NOT use Revo. Go to Add/Remove Programs in the Control Panel:
[Advanced SystemCare 3]> this is not a good program to have on the system and some sites that have it are questionable.
MBRCheck.
=========================================
The system must be very confused about what it has and what to run. If I have you do something and an entry remains from it, I can move it after you run Combofix.
===========================================
To get rid of some of the temporary internet files slowing you down, please run this program> it does not produce a log:TFC (Temp File Cleaner)

Download TFC to your desktop
  • Open the file and close any other windows.
  • It will close all programs itself when run, make sure to let it run uninterrupted.
  • Click the Start button to begin the process. The program should not take long to finish its job
  • Once its finished it should reboot your machine, if not, do this yourself to ensure a complete clean

TFC only cleans temp folders. TFC will not clean URL history, prefetch, or cookies. TFC requires a reboot immediately after running. Be sure to save any unsaved work before running TFC.
TFC (Temp File Cleaner) will clear out all temp folders for all user accounts (temp, IE temp, java, FF, Opera, Chrome, Safari), including Administrator, All Users, LocalService, NetworkService, and any other accounts in the user folder.
==============================
Then please download ComboFix from Here and save to your Desktop.

  • [1]. Do NOT rename Combofix unless instructed.
    [2].Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
    [3].Close any open browsers.
    [4]. Double click combofix.exe & follow the prompts to run.
  • NOTE: Combofix will disconnect your machine from the Internet as soon as it starts. The connection is automatically restored before CF completes its run. If it does not, restart your computer to restore your connection.
    [5]. If Combofix asks you to install Recovery Console, please allow it.
    [6]. If Combofix asks you to update the program, always allow.
  • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
    [7]. A report will be generated after the scan. Please paste the C:\ComboFix.txt in next reply.
Note: Do not mouseclick combofix's window while it's running. That may cause it to stall.
Note: Make sure you re-enable your security programs, when you're done with Combofix..

Nothing else! No other installs or uninstalls, no other scans!
 
Thanks and yes I will stop doing any thing but what you advise, I was getting too many suggestions from other kind folks but then when they realized that they were out of their league they stepped off, you responded so I will only go with your suggestions, I apologize for the side track.
Symptoms are still the google re-direct to a blank white screen and some other various re directs that I never experienced before.

The Malware bytes worked after your link to give a short cut and it did create a log and quaranteend some virus' but I don't know how to copy a log report from that program, it seems like it won't let me.

I am on a different computer right now so I will copy all of your directions , perform said actions on the infected unit and post back any results that you requested, Thank You Sawz.

On infected machine..
when I go to add /remove there are no traces of (advance system care) and or (mbr check).


Update* I ran the TFC and it worked fine.
I saved combofix to desktop > closed avast > I don't know how to turn off Malwarebytes other then just not running it > then I closed browsers > dbl click on combofix > follow prompts. but it acts just like the first malwarebytes something will not allow the program to run or even open for that matter, so I will wait for advise, Thank You ,sawz.
 
I tried to run the combo fix again at 9:43 pm again no luck , it just will not start, will not respond at all, thanks again sawz (Robert).
Good Night.
 
Oh my goodness, I experienced yet another set-back, talk about dumb luck. I was using an older desktop HP Pav. 523x, latest firefox, zone alarm, super Ad Block, it asked for an update auto update for windows and I let it run it was taking a while like the machine was struggling but it was slowly making progress then bam the screen goes dark and the machine starts to really chgurn up working extra hard and nothing ever came back up I go to it this morning and start it up nothing happens, it makes a high pitched alrm type beep every 4 seconds but no screen and no keyboard, this machine was working absolutely perfectly and some what fast for its age but now its dead. This brings me back to the infected unit , at least its working for now the ghostery add on helps me get around but the virus is still in there, please see my above two posts as to what I have done so far, Thanks sawz..
 
I wanted to mention that I get a new warning now that I never saw before it says >Norton internet worm protection is turned off.I never saw that before, I never knew I had that and really don't know anything about it.
 
Does this thread involve 2 different computers? You must be very confused by now- I am!

I'd like you to run the Error checking, also known as CHKDSK:

Where to set Error Checking up
You can do the Error Check from Command Prompt:
Using the Command Prompt should have been this: Start> Run> type in cmd> type in Chkdsk /f /r followed by a reboot. Chkdsk will start in a few seconds

Or Windows Explorer:
Right click on Start> Explore> My Computer> Right click on Local Drive (usually C)> Properties> Tools> Error Check> check both boxes on the screen that comes up> Apply> Close the message and reboot for the Error Checking to start.

You have nothing else to do except wait for the system to reboot after the Error Checking has finished.

The choices in Error Checking:
  1. CHKDSK or Error Check alone will only scan the current drive but will not fix errors on the disc or attempt to recover bad sectors. Using Start or Enter begins the process without a reboot.
  2. VolumeSpecifies the drive letter other than the Local Drive (followed by a colon), mount point, or volume name.) To have the checking use a different drive, the Command Chkdsk is followed by the drive letter, then a colon such as chkdsk volume E:
  3. File Errors can be found and fixed using the switch /F The nag message that comes up can be closed and the system rebooted to start the checking.
  4. Recovery of readable information in bad sectors can be done by using the switch /R This implies that the /F switch has also been used. Locates bad sectors and recovers readable information (implies /F).The nag message that comes up can be closed and the system rebooted to start the checking.

This is going t take a while if it runs at all, but so much has been done to the system that there has got to be files and sectors messed up. Friends mean well, but malware help is very specific. What worked for them might not be appropriate for you. Unless you can get the system stable, you are going to have to face a reformat/reinstall.

You might want to check this for the Beep Codes:
Go to this section AMI BIOS beep codes HERE.
Find the entry that describes yours exactly. Note that beep code significant in both number and intervals of the beeps.

If you don't see the exact beep code description you're getting in this table, scroll down to the other tables and look for it there.
 
No this is about the same computer I was merely pointing out that my back-up is now DOA as well ,so all I have to work with is this infected laptop I am blackballed from my wifes machine as well as my sons, they say I kill the poor things, HMMM.
 
Bobbye said:
Does this thread involve 2 different computers? You must be very confused by now- I am!

I'd like you to run the Error checking, also known as CHKDSK:

Where to set Error Checking up
You can do the Error Check from Command Prompt:
Using the Command Prompt should have been this: Start> Run> type in cmd> type in Chkdsk /f /r followed by a reboot. Chkdsk will start in a few seconds

Or Windows Explorer:
Right click on Start> Explore> My Computer> Right click on Local Drive (usually C)> Properties> Tools> Error Check> check both boxes on the screen that comes up> Apply> Close the message and reboot for the Error Checking to start.

You have nothing else to do except wait for the system to reboot after the Error Checking has finished.

The choices in Error Checking:
  1. CHKDSK or Error Check alone will only scan the current drive but will not fix errors on the disc or attempt to recover bad sectors. Using Start or Enter begins the process without a reboot.
  2. VolumeSpecifies the drive letter other than the Local Drive (followed by a colon), mount point, or volume name.) To have the checking use a different drive, the Command Chkdsk is followed by the drive letter, then a colon such as chkdsk volume E:
  3. File Errors can be found and fixed using the switch /F The nag message that comes up can be closed and the system rebooted to start the checking.
  4. Recovery of readable information in bad sectors can be done by using the switch /R This implies that the /F switch has also been used. Locates bad sectors and recovers readable information (implies /F).The nag message that comes up can be closed and the system rebooted to start the checking.

This is going t take a while if it runs at all, but so much has been done to the system that there has got to be files and sectors messed up. Friends mean well, but malware help is very specific. What worked for them might not be appropriate for you. Unless you can get the system stable, you are going to have to face a reformat/reinstall.

You might want to check this for the Beep Codes:
Go to this section AMI BIOS beep codes HERE.
Find the entry that describes yours exactly. Note that beep code significant in both number and intervals of the beeps.

If you don't see the exact beep code description you're getting in this table, scroll down to the other tables and look for it there.
Click to expand...

I ran the error check or CHKDSC it took a while but it finished all 5 steps the system started back up and I came back here to see the next step, I am totally unsure as to your directions on the next process so I will wait to see your next post, Happy Birthday, have a great day, sawz.
 
I managed to get combo fix to run through :LOG:

ComboFix 10-10-19.01 - Robert 10/19/2010 23:26:12.1.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.959.567 [GMT -4:00]
Running from: c:\documents and settings\Robert\Desktop\ComboFix.exe
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: Norton Internet Worm Protection *disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\ORUN32.EXE
c:\windows\system32\CMMGR32.EXE
c:\windows\YOURAPP.EXE
D:\Autorun.inf

.
((((((((((((((((((((((((( Files Created from 2010-09-20 to 2010-10-20 )))))))))))))))))))))))))))))))
.

2010-10-19 12:50 . 2010-10-19 12:50 -------- d-----w- c:\documents and settings\All Users\Application Data\Gtek
2010-10-19 12:50 . 2010-10-19 12:50 -------- d-----w- c:\documents and settings\Robert\Application Data\GTek
2010-10-16 19:57 . 2010-04-14 16:35 162768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-10-16 19:57 . 2010-04-14 16:31 19024 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-10-16 19:57 . 2010-04-14 16:35 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-10-16 19:57 . 2010-04-14 16:31 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-10-16 19:57 . 2010-04-14 16:31 100432 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-10-16 19:57 . 2010-04-14 16:31 94800 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-10-16 19:57 . 2010-04-14 16:30 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-10-16 19:56 . 2010-04-14 16:47 38848 ----a-w- c:\windows\system32\avastSS.scr
2010-10-16 19:56 . 2010-04-14 16:47 153184 ----a-w- c:\windows\system32\aswBoot.exe
2010-10-16 17:20 . 2010-04-29 19:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-10-16 17:20 . 2010-04-29 19:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-10-16 16:49 . 2010-10-17 01:35 -------- d-----w- c:\documents and settings\Administrator
2010-10-16 16:11 . 2010-10-16 16:11 -------- d-----w- c:\documents and settings\Robert\Local Settings\Application Data\VS Revo Group
2010-10-16 16:08 . 2009-12-30 16:20 27064 ----a-w- c:\windows\system32\drivers\revoflt.sys
2010-10-16 16:08 . 2010-10-16 16:08 -------- d-----w- c:\program files\VS Revo Group
2010-10-16 15:43 . 2010-10-16 15:43 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files
2010-10-16 00:49 . 2010-10-16 00:49 -------- d-----w- c:\documents and settings\Robert\Application Data\AVG10
2010-10-16 00:47 . 2010-10-16 00:47 -------- d--h--w- c:\documents and settings\All Users\Application Data\Common Files
2010-10-16 00:45 . 2010-10-16 15:55 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG10
2010-10-16 00:39 . 2010-10-16 00:45 -------- d-----w- c:\documents and settings\All Users\Application Data\MFAData
2010-10-16 00:10 . 2010-10-16 00:50 -------- d-----w- c:\program files\PC Tools Security
2010-10-16 00:06 . 2010-10-16 02:47 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2010-10-16 00:04 . 2010-10-16 00:36 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Tools
2010-10-15 23:29 . 2010-10-15 23:29 -------- d-----w- c:\windows\system32\wbem\Repository
2010-10-15 23:26 . 2010-10-15 23:26 -------- d-----w- c:\documents and settings\Robert\Local Settings\Application Data\WMTools Downloaded Files
2010-10-15 23:26 . 2010-10-15 23:26 -------- d-----w- c:\documents and settings\Robert\Application Data\IObit
2010-10-15 23:26 . 2010-10-15 23:26 -------- d-----w- c:\program files\Carbonite
2010-10-15 22:49 . 2010-10-17 16:39 -------- d-----w- c:\program files\Trend Micro
2010-10-15 22:20 . 2010-10-17 16:41 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2010-10-15 01:42 . 2010-09-18 06:53 954368 ------w- c:\windows\system32\dllcache\mfc40.dll
2010-10-15 01:42 . 2010-09-18 06:53 974848 ------w- c:\windows\system32\dllcache\mfc42.dll
2010-10-15 01:42 . 2010-09-18 06:53 953856 ------w- c:\windows\system32\dllcache\mfc40u.dll
2010-10-15 01:42 . 2010-08-23 16:12 617472 ------w- c:\windows\system32\dllcache\comctl32.dll
2010-10-13 14:46 . 2010-10-13 14:46 -------- d-----w- C:\spoolerlogs

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpWirelessAssistant"="c:\program files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe" [2006-02-15 454656]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-04-21 7561216]
"High Definition Audio Property Page Shortcut"="CHDAudPropShortcut.exe" [2006-04-18 61952]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-03-04 761948]
"QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2006-04-12 102400]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-10-15 49152]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-08-11 81920]
"QlbCtrl"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2006-03-23 131072]
"RecGuard"="c:\windows\SMINST\RecGuard.exe" [2005-10-11 1187840]
"nwiz"="nwiz.exe" [2006-04-21 1519616]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-08-20 150016]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-02-15 417792]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-05-31 202256]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-04-14 2790472]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\Hp\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360]
HP Pavilion Webcam Tray Icon.lnk - c:\program files\Hewlett-Packard\HP Pavilion Webcam\tsnp2std.exe [2009-8-9 98304]
HP Photosmart Premier Fast Start.lnk - c:\program files\Hp\Digital Imaging\bin\hpqthb08.exe [2005-9-24 73728]

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\Hp\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\Hp\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqpse.exe"=
"c:\\Program Files\\Common Files\\HP\\Digital Imaging\\Bin\\hpqPhotoCrm.exe"=
"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqsudi.exe"=
"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqpsapp.exe"=

R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [9/13/2010 4:27 PM 25680]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [10/16/2010 3:57 PM 162768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [10/16/2010 3:57 PM 19024]
S1 SABKUTIL;SABKUTIL;\??\c:\program files\SuperAdBlocker.com\Super Ad Blocker\SABKUTIL.sys --> c:\program files\SuperAdBlocker.com\Super Ad Blocker\SABKUTIL.sys [?]
S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [10/16/2010 12:08 PM 27064]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - KLMDB
*Deregistered* - klmdb

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
getPlusHelper REG_MULTI_SZ getPlusHelper
.
Contents of the 'Scheduled Tasks' folder

2010-10-18 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 16:34]

2010-10-20 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-196392244-1619933075-25941823-1006.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-25 02:09]

2010-10-20 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-196392244-1619933075-25941823-1006.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-25 02:09]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.comcast.net/
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
DPF: {361E6B79-4A69-4376-B0F2-3D1EBEE9D7E2} - hxxp://74.73.125.189:8888/RtspVaPgDec.cab
FF - ProfilePath - c:\documents and settings\Robert\Application Data\Mozilla\Firefox\Profiles\uig03ldk.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2611275&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.startup.homepage - hxxp://www.comcast.net/
FF - component: c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordext.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpClipBook.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpClipBookDB.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpNeoLogger.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSaturn.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSeymour.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSmartSelect.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSmartWebPrinting.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSWPOperation.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPLogging.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPMTC.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPMTL.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXREStub.dll
FF - plugin: c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: c:\documents and settings\Robert\Application Data\Mozilla\Firefox\Profiles\uig03ldk.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\plugins\np_gp.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\plugins\nphpclipbook.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPcol400.dll

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - ORPHANS REMOVED - - - -

Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
HKCU-Run-Advanced SystemCare 3 - c:\program files\IObit\Advanced SystemCare 3\AWC.exe
HKLM-Run-ISUSPM Startup - c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe
HKLM-Run-Cpqset - c:\program files\HPQ\Default Settings\cpqset.exe
SafeBoot-klmdb.sys
SafeBoot-mcmscsvc
SafeBoot-MCODS



[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ASFWHide]
"ImagePath"="\??\c:\docume~1\Robert\LOCALS~1\Temp\ASFWHide"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Completion time: 2010-10-19 23:33:55
ComboFix-quarantined-files.txt 2010-10-20 03:33

Pre-Run: 59,312,234,496 bytes free
Post-Run: 59,319,799,808 bytes free

WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect /usepmtimer

- - End Of File - - FAA8284F5F7C4E310EA4A2CF67C880DD
 
Is the above log helpful at all, I was just wondering if my Laptop is on it's way to recovery or not, Thank You, sawz.
 
Are you using or did you use a USB flash drive while I've been helping you? There is one removal in the Combofix log that points to this. If you, did, I will have you disinfect the flash drive.

It's 3 PM and I haven't had lunch yet. I'll be back later this afternoon to try and finish you up..

Your patience is appreciated.
 
Status
Not open for further replies.

Latest posts

Back