Help, removing VBD Generic virus and win 32/heur virus please

Inactive
By rdb17
Oct 29, 2010
Topic Status:
Not open for further replies.
  1. hey, im a little desperate. my computer got infected with "win 32/heur" virus and "VBD generic" virus and both have almost destroyed or infected all my files. my AVG has moved 800 files into the virus vault already. if anyone can help me?


    [HJT log removed - Broni]
  2. Broni

    Broni Malware Annihilator Posts: 46,339   +252

    Welcome aboard :)

    Please, complete all steps listed here: http://www.techspot.com/vb/topic58138.html
    All required logs have to be PASTED.

    If some log exceeds 50,000 characters, split it between couple of posts.
    The above rule will be strictly enforced.
    Attached logs will NOT be reviewed
  3. rdb17

    rdb17 Newcomer, in training Topic Starter

    okay heres the 3 logs required, i think i did them right? please let me know :)

    Malwarebytes' Anti-Malware 1.46
    www.malwarebytes.org

    Database version: 4982

    Windows 5.1.2600 Service Pack 2 (Safe Mode)
    Internet Explorer 6.0.2900.2180

    10/29/2010 12:53:31 AM
    mbam-log-2010-10-29 (00-53-31).txt

    Scan type: Full scan (A:\|C:\|D:\|E:\|F:\|G:\|)
    Objects scanned: 186556
    Time elapsed: 52 minute(s), 0 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 2
    Registry Values Infected: 0
    Registry Data Items Infected: 0
    Folders Infected: 0
    Files Infected: 3

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.

    Registry Values Infected:
    (No malicious items detected)

    Registry Data Items Infected:
    (No malicious items detected)

    Folders Infected:
    (No malicious items detected)

    Files Infected:
    C:\WINDOWS\system32\config\systemprofile\Templates\memory.tmp (Spyware.Passwords.XGen) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Shuashe Lee\Application Data\avdrn.dat (Malware.Trace) -> Quarantined and deleted successfully.
    C:\Documents and Settings\All Users\Documents\Server\admin.txt (Malware.Trace) -> Quarantined and deleted successfully.
  4. rdb17

    rdb17 Newcomer, in training Topic Starter

    GMER 1.0.15.15477 - http://www.gmer.net
    Rootkit scan 2010-10-29 01:20:05
    Windows 5.1.2600 Service Pack 2
    Running: qqnwfhkz.exe; Driver: C:\DOCUME~1\SHUASH~1\LOCALS~1\Temp\uwlyrpog.sys


    ---- System - GMER 1.0.15 ----

    SSDT sptd.sys ZwCreateKey [0xF7442C04]
    SSDT sptd.sys ZwEnumerateKey [0xF7442D48]
    SSDT sptd.sys ZwEnumerateValueKey [0xF74430C0]
    SSDT sptd.sys ZwOpenKey [0xF7442AE2]
    SSDT sptd.sys ZwQueryKey [0xF744318A]
    SSDT sptd.sys ZwQueryValueKey [0xF7443022]
    SSDT sptd.sys ZwSetValueKey [0xF7443212]

    ---- Kernel code sections - GMER 1.0.15 ----

    ? C:\WINDOWS\system32\drivers\sptd.sys The process cannot access the file because it is being used by another process.
    ? C:\WINDOWS\System32\Drivers\SPTD9885.SYS The process cannot access the file because it is being used by another process.

    ---- User code sections - GMER 1.0.15 ----

    .text C:\Program Files\Mozilla Firefox\firefox.exe[1960] ntdll.dll!LdrLoadDll 7C915CBB 5 Bytes JMP 004013F0 C:\Program Files\Mozilla Firefox\firefox.exe (Firefox/Mozilla Corporation)

    ---- Kernel IAT/EAT - GMER 1.0.15 ----

    IAT pci.sys[ntoskrnl.exe!IoDetachDevice] [F744BF52] sptd.sys
    IAT pci.sys[ntoskrnl.exe!IoAttachDeviceToDeviceStack] [F7462658] sptd.sys
    IAT ftdisk.sys[ntoskrnl.exe!IoGetAttachedDeviceReference] [F744C550] sptd.sys
    IAT ftdisk.sys[ntoskrnl.exe!IoGetDeviceObjectPointer] [F744C454] sptd.sys
    IAT ftdisk.sys[ntoskrnl.exe!IofCallDriver] [F744C620] sptd.sys
    IAT dmio.sys[ntoskrnl.exe!IofCallDriver] [F744C620] sptd.sys
    IAT dmio.sys[ntoskrnl.exe!IoGetAttachedDeviceReference] [F744C550] sptd.sys
    IAT dmio.sys[ntoskrnl.exe!IoGetDeviceObjectPointer] [F744C454] sptd.sys
    IAT PartMgr.sys[ntoskrnl.exe!IoAttachDeviceToDeviceStack] [F7461F6C] sptd.sys
    IAT PartMgr.sys[ntoskrnl.exe!IoDetachDevice] [F744C10E] sptd.sys
    IAT atapi.sys[ntoskrnl.exe!IofCompleteRequest] [F7461BB0] sptd.sys
    IAT atapi.sys[ntoskrnl.exe!IoConnectInterrupt] [F744BFA6] sptd.sys
    IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [F743EA32] sptd.sys
    IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [F743EB6E] sptd.sys
    IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [F743EAF6] sptd.sys
    IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [F743F6CC] sptd.sys
    IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [F743F5A2] sptd.sys
    IAT disk.sys[ntoskrnl.exe!IoAttachDeviceToDeviceStack] [F746279E] sptd.sys
    IAT \WINDOWS\System32\DRIVERS\CLASSPNP.SYS[ntoskrnl.exe!IoDetachDevice] [F74511BA] sptd.sys
    IAT \SystemRoot\System32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [F7461BBC] sptd.sys
    IAT \SystemRoot\System32\DRIVERS\cdrom.sys[ntoskrnl.exe!IoAttachDeviceToDeviceStack] [F746279E] sptd.sys
    IAT \SystemRoot\System32\DRIVERS\USBPORT.SYS[ntoskrnl.exe!IofCompleteRequest] [F7461BB0] sptd.sys
    IAT \SystemRoot\System32\DRIVERS\rdbss.sys[ntoskrnl.exe!IofCallDriver] [F743E020] sptd.sys
    IAT \SystemRoot\System32\DRIVERS\mrxsmb.sys[ntoskrnl.exe!IofCallDriver] [F743E020] sptd.sys

    ---- Devices - GMER 1.0.15 ----

    Device \FileSystem\Ntfs \Ntfs 82F9AC78
    Device \FileSystem\Fastfat \FatCdrom 82D31CF0

    AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

    Device \Driver\dmio \Device\DmControl\DmIoDaemon 82F9B590
    Device \Driver\dmio \Device\DmControl\DmConfig 82F9B590
    Device \Driver\dmio \Device\DmControl\DmPnP 82F9B590
    Device \Driver\dmio \Device\DmControl\DmInfo 82F9B590

    AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

    Device \Driver\Ftdisk \Device\HarddiskVolume1 82F9B7C8
    Device \Driver\Ftdisk \Device\HarddiskVolume2 82F9B7C8
    Device \Driver\Cdrom \Device\CdRom0 82F690E8
    Device \FileSystem\Rdbss \Device\FsWrap 82DAF720
    Device \Driver\atapi \Device\Ide\IdePort0 [F73942F0] atapi.sys[unknown section] {MOV EAX, 0x82f9a008; XCHG [ESP], EAX; PUSH EAX; PUSH 0xf7453684; RET }
    Device \Driver\atapi \Device\Ide\IdePort1 [F73942F0] atapi.sys[unknown section] {MOV EAX, 0x82f9a008; XCHG [ESP], EAX; PUSH EAX; PUSH 0xf7453684; RET }
    Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-4 [F73942F0] atapi.sys[unknown section] {MOV EAX, 0x82f9a008; XCHG [ESP], EAX; PUSH EAX; PUSH 0xf7453684; RET }
    Device \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-c [F73942F0] atapi.sys[unknown section] {MOV EAX, 0x82f9a008; XCHG [ESP], EAX; PUSH EAX; PUSH 0xf7453684; RET }
    Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-18 [F73942F0] atapi.sys[unknown section] {MOV EAX, 0x82f9a008; XCHG [ESP], EAX; PUSH EAX; PUSH 0xf7453684; RET }
    Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-20 [F73942F0] atapi.sys[unknown section] {MOV EAX, 0x82f9a008; XCHG [ESP], EAX; PUSH EAX; PUSH 0xf7453684; RET }
    Device \Driver\Ftdisk \Device\HarddiskVolume3 82F9B7C8
    Device \Driver\Cdrom \Device\CdRom1 82F690E8
    Device \Driver\NetBT \Device\NetBT_Tcpip_{D0D32872-9660-4C9F-8B74-F3EF4FDE0AF6} 82DB2748
    Device \Driver\NetBT \Device\NetBt_Wins_Export 82DB2748
    Device \Driver\NetBT \Device\NetbiosSmb 82DB2748

    AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

    Device \Driver\Disk \Device\Harddisk0\DR0 82F9AEB0

    AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

    Device \Driver\Disk \Device\Harddisk1\DR1 82F9AEB0
    Device \Driver\USBSTOR \Device\0000006b 82D96CF0
    Device \Driver\USBSTOR \Device\0000006c 82D96CF0
    Device \Driver\Disk \Device\Harddisk2\DR4 82F9AEB0
    Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 82DD8738
    Device \FileSystem\MRxSmb \Device\LanmanRedirector 82DD8738
    Device \FileSystem\Npfs \Device\NamedPipe 82DD4B30
    Device \Driver\Ftdisk \Device\FtControl 82F9B7C8
    Device \FileSystem\Msfs \Device\Mailslot 82DD8B30
    Device \FileSystem\Fastfat \Fat 82D31CF0
    Device \FileSystem\Cdfs \Cdfs 82D37540

    ---- Registry - GMER 1.0.15 ----

    Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s0 -1280111750
    Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 675041679
    Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 730269321
    Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1
    Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04
    Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
    Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x89 0xE7 0x75 0x8A ...
    Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
    Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
    Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x89 0xE7 0x75 0x8A ...

    ---- Disk sectors - GMER 1.0.15 ----

    Disk \Device\Harddisk0\DR0 sector 00 (MBR): rootkit-like behavior; <-- ROOTKIT !!!
    Disk \Device\Harddisk0\DR0 sector 02: rootkit-like behavior;
    Disk \Device\Harddisk0\DR0 sector 08: rootkit-like behavior; copy of MBR
    Disk \Device\Harddisk0\DR0 sector 62: rootkit-like behavior;
    Disk \Device\Harddisk0\DR0 sector 63: rootkit-like behavior;
    Disk \Device\Harddisk0\DR0 sectors 78165104 (+255): rootkit-like behavior;

    ---- EOF - GMER 1.0.15 ----
  5. rdb17

    rdb17 Newcomer, in training Topic Starter

    DDS (Ver_10-10-21.02) - NTFSx86 NETWORK
    Run by Shuashe Lee at 1:22:35.84 on Fri 10/29/2010
    Internet Explorer: 6.0.2900.2180 BrowserJavaVersion: 1.6.0_14
    Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.767.447 [GMT -4:00]

    AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
    AV: Anti-Virus - Rogers Yahoo! Online Protection *On-access scanning disabled* (Outdated) {17CFD1EA-56CF-40B5-A06B-BD3A27397C93}

    ============== Running Processes ===============

    C:\WINDOWS\system32\svchost -k DcomLaunch
    svchost.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    C:\Program Files\AVG\AVG9\avgchsvx.exe
    svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\WgaTray.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\Shuashe Lee\Desktop\dds.scr

    ============== Pseudo HJT Report ===============

    uStart Page = hxxp://google.com/
    uSearch Page = hxxp://us.rd.yahoo.com/customize/ycomp/defaults/sp/*http://www.yahoo.com
    uSearch Bar = hxxp://us.rd.yahoo.com/customize/ycomp/defaults/sb/*http://www.yahoo.com/search/ie.html
    uInternet Settings,ProxyServer = http=127.0.0.1:5555
    uInternet Settings,ProxyOverride = <local>
    uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
    mSearchAssistant =
    uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn1\yt.dll
    mWinlogon: Userinit=c:\windows\system32\userinit.exe,c:\program files\microsoft\watermark.exe,
    BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn1\yt.dll
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg9\avgssie.dll
    BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
    BHO: jZip Webmail plugin: {647fd14a-c4f1-46f4-8fc3-0b40f54226f7} - c:\program files\jzip\WebmailPlugin.dll
    BHO: {A057A204-BACC-4D26-C39E-35F1D2A32EC8} - No File
    BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    BHO: {f3cee00a-03bf-46d1-8657-d8163b224843} - No File
    TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn1\yt.dll
    TB: {1CE4EE89-2D5C-4361-AF3B-D902AB545381} - No File
    TB: {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No File
    EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
    uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
    uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    mRun: [IntelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe"
    mRun: [itype] "c:\program files\microsoft intellitype pro\itype.exe"
    mRun: [LVCOMS] "c:\program files\common files\logitech\qcdriver3\LVCOMS.EXE"
    mRun: [NvMediaCenter] "c:\windows\system32\rundll32.exe" c:\windows\system32\NvMcTray.dll,NvTaskbarInit
    mRun: [NvCplDaemon] "c:\windows\system32\rundll32.exe" c:\windows\system32\NvCpl.dll,NvStartup
    mRun: [nwiz] "c:\windows\system32\nwiz.exe" /install
    mRun: [Cmaudio] "RunDll32" cmicnfg.cpl,CMICtrlWnd
    mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\bin\AppleSyncNotifier.exe
    mRun: [LXCFCATS] rundll32 c:\windows\system32\spool\drivers\w32x86\3\LXCFtime.dll,_RunDLLEntry@16
    mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
    mRun: [AVG9_TRAY] c:\progra~1\avg\avg9\avgtray.exe
    mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
    mRun: [MSConfig] c:\windows\pchealth\helpctr\binaries\MSConfig.exe /auto
    mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
    mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
    StartupFolder: c:\documents and settings\shuashe lee\start menu\programs\startup\logtec32.exe
    StartupFolder: c:\documents and settings\shuashe lee\start menu\programs\startup\sysqgv32.exe
    IE: &Search - ?s=100000343&p=ZKfox000&si=&a=p_q_9ENM8z2_yZGso64X.g&n=2010040422
    IE: Copy to &Lightning Note - c:\program files\corel\wordperfect lightning\programs\WPLightningCopyToNote.hta
    IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office12\EXCEL.EXE/3000
    IE: Open with WordPerfect - c:\program files\corel\wordperfect office x4\programs\WPLauncher.hta
    IE: {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - c:\program files\partygaming\partypoker\RunApp.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
    LSP: c:\windows\system32\VetRedir.dll
    DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204
    DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
    DPF: {33564D57-0000-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB
    DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} - hxxp://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
    DPF: {5D6F45B3-9043-443D-A792-115447494D24} - hxxp://messenger.zone.msn.com/EN-CA/a-UNO1/GAME_UNO1.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
    DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
    DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} - hxxp://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
    DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} - hxxps://secure.gopetslive.com/dev/GoPetsWeb.cab
    Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg9\avgpp.dll
    Notify: avgrsstarter - avgrsstx.dll
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
    LSA: Authentication Packages = msv1_0 nwprovau
    LSA: Notification Packages = scecli c:\windows\system32\seyayewi.dll
    Hosts: 127.0.0.1 www.spywareinfo.com

    ================= FIREFOX ===================

    FF - ProfilePath - c:\docume~1\shuash~1\applic~1\mozilla\firefox\profiles\q3a9b3n2.default\
    FF - prefs.js: browser.search.selectedEngine - Yahoo
    FF - prefs.js: browser.startup.homepage - google.com
    FF - prefs.js: keyword.URL - hxxp://ca.search.yahoo.com/search?ei=utf-8&fr=megaup&p=
    FF - prefs.js: network.proxy.ftp - http://www.xroxy.com/proxylist.php?...=ssl&country=&latency=1000&reliability=#table
    FF - prefs.js: network.proxy.gopher - http://www.xroxy.com/proxylist.php?...=ssl&country=&latency=1000&reliability=#table
    FF - prefs.js: network.proxy.http - http://www.xroxy.com/proxylist.php?...=ssl&country=&latency=1000&reliability=#table
    FF - prefs.js: network.proxy.socks - http://www.xroxy.com/proxylist.php?...=ssl&country=&latency=1000&reliability=#table
    FF - prefs.js: network.proxy.ssl - http://www.xroxy.com/proxylist.php?...=ssl&country=&latency=1000&reliability=#table
    FF - prefs.js: network.proxy.type - 2
    FF - component: c:\program files\avg\avg9\firefox\components\avgssff.dll
    FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
    FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\

    ---- FIREFOX POLICIES ----
    FF - user.js: network.cookie.cookieBehavior - 0
    FF - user.js: privacy.clearOnShutdown.cookies - false
    FF - user.js: security.warn_viewing_mixed - false
    FF - user.js: security.warn_viewing_mixed.show_once - false
    FF - user.js: security.warn_submit_insecure - false
    FF - user.js: security.warn_submit_insecure.show_once - false
    c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
    c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqz9s", true); // Traditional
    c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqs8s", true); // Simplified
    c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--j6w193g", true);
    c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
    c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4a87g", true);
    c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7c0a67fbc", true);
    c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7cvafr", true);
    c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kpry57d", true); // Traditional
    c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kprw13d", true); // Simplified

    ============= SERVICES / DRIVERS ===============

    R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-11-25 243024]
    R1 VETFDDNT;VET Floppy Boot Sector Monitor;c:\windows\system32\drivers\VetFDDNT.sys [2006-1-10 15735]
    S0 Lbd;Lbd;c:\windows\system32\drivers\lbd.sys --> c:\windows\system32\drivers\Lbd.sys [?]
    S1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-11-25 216400]
    S1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2009-11-25 29584]
    S1 VET-FILT;VET File System Filter;c:\windows\system32\drivers\Vet-Filt.sys [2006-1-10 21031]
    S1 VET-REC;VET File System Recognizer;c:\windows\system32\drivers\Vet-Rec.sys [2006-1-10 15478]
    S1 VETEFILE;VET File Scan Engine;c:\windows\system32\drivers\VetEFile.sys [2006-1-10 525812]
    S1 VETMONNT;VET File Monitor;c:\windows\system32\drivers\VetMonNT.sys [2006-1-10 25703]
    S2 avg9wd;AVG Free WatchDog;c:\program files\avg\avg9\avgwdsvc.exe [2010-7-15 308136]
    S2 CAISafe;CAISafe;c:\program files\yahoo!\antivirus\isafe.exe --> c:\program files\yahoo!\antivirus\ISafe.exe [?]
    S2 VETMSGNT;VET Message Service;c:\program files\yahoo!\antivirus\vetmsg.exe --> c:\program files\yahoo!\antivirus\VetMsg.exe [?]
    S3 3xHybrid;3xHybrid service;c:\windows\system32\drivers\3xHybrid.sys [2008-7-27 946816]
    S3 Cap713x;Philips Cap713x Video Capture;c:\windows\system32\drivers\Cap713x.sys [2006-9-23 686080]
    S3 NAVENG;NAVENG;\??\c:\progra~1\common~1\symant~1\virusd~1\20090225.021\naveng.sys --> c:\progra~1\common~1\symant~1\virusd~1\20090225.021\NAVENG.sys [?]
    S3 vaxscsi;vaxscsi;c:\windows\system32\drivers\vaxscsi.sys [2006-6-14 223128]
    S3 VETEBOOT;VET Boot Scan Engine;c:\windows\system32\drivers\VetEBoot.sys [2006-1-10 101956]

    =============== Created Last 30 ================

    2010-10-29 03:59:45 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2010-10-29 03:59:44 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
    2010-10-29 03:59:44 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2010-10-29 03:57:11 -------- d-----w- c:\program files\Trend Micro
    2010-10-28 06:41:38 -------- d-----w- c:\program files\tmp
    2010-10-28 06:41:33 -------- d-----w- c:\docume~1\shuash~1\applic~1\Upgo
    2010-10-24 00:06:09 74072 ----a-w- c:\windows\system32\XAPOFX1_5.dll
    2010-10-24 00:06:09 527192 ----a-w- c:\windows\system32\XAudio2_7.dll
    2010-10-24 00:06:06 239960 ----a-w- c:\windows\system32\xactengine3_7.dll
    2010-10-24 00:06:04 2106216 ----a-w- c:\windows\system32\D3DCompiler_43.dll
    2010-10-24 00:06:03 1868128 ----a-w- c:\windows\system32\d3dcsx_43.dll
    2010-10-24 00:06:01 248672 ----a-w- c:\windows\system32\d3dx11_43.dll
    2010-10-24 00:04:59 4178264 ----a-w- c:\windows\system32\D3DX9_41.dll
    2010-10-24 00:04:54 69464 ----a-w- c:\windows\system32\XAPOFX1_3.dll
    2010-10-24 00:04:54 517448 ----a-w- c:\windows\system32\XAudio2_4.dll
    2010-10-24 00:04:51 235352 ----a-w- c:\windows\system32\xactengine3_4.dll
    2010-10-24 00:04:48 22360 ----a-w- c:\windows\system32\X3DAudio1_6.dll
    2010-10-24 00:04:45 452440 ----a-w- c:\windows\system32\d3dx10_40.dll
    2010-10-24 00:04:45 2036576 ----a-w- c:\windows\system32\D3DCompiler_40.dll
    2010-10-24 00:04:29 4379984 ----a-w- c:\windows\system32\D3DX9_40.dll
    2010-10-24 00:04:13 70992 ----a-w- c:\windows\system32\XAPOFX1_2.dll
    2010-10-24 00:04:12 514384 ----a-w- c:\windows\system32\XAudio2_3.dll
    2010-10-24 00:04:07 235856 ----a-w- c:\windows\system32\xactengine3_3.dll
    2010-10-24 00:04:02 23376 ----a-w- c:\windows\system32\X3DAudio1_5.dll
    2010-10-24 00:02:59 3497832 ----a-w- c:\windows\system32\d3dx9_34.dll
    2010-10-24 00:01:21 2297552 ----a-w- c:\windows\system32\d3dx9_26.dll
    2010-10-23 23:40:25 -------- d-----w- c:\windows\Logs

    ==================== Find3M ====================

    2010-09-15 05:04:09 3 ----a-w- c:\windows\treeskp.sys
    2010-09-15 05:04:09 3 ----a-w- c:\windows\sbacknt.bin
    2010-09-15 05:01:47 152904 ----a-w- c:\windows\system32\vghd.scr

    ============= FINISH: 1:24:21.26 ===============

    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT

    DDS (Ver_10-10-21.02)

    Microsoft Windows XP Professional
    Boot Device: \Device\HarddiskVolume1
    Install Date: 1/10/2006 4:48:15 PM
    System Uptime: 10/29/2010 1:03:03 AM (0 hours ago)

    Motherboard: | | K7S41GX
    Processor: AMD Sempron(tm) 2200+ | Socket-A | 1511/166mhz

    ==== Disk Partitions =========================

    A: is Removable
    C: is FIXED (NTFS) - 37 GiB total, 9.27 GiB free.
    D: is CDROM ()
    E: is CDROM ()
    F: is FIXED (NTFS) - 128 GiB total, 68.251 GiB free.
    G: is FIXED (FAT32) - 233 GiB total, 17.794 GiB free.

    ==== Disabled Device Manager Items =============

    ==== System Restore Points ===================

    No restore point in system.

    ==== Installed Programs ======================

    ĀµTorrent
    32 Bit HP CIO Components Installer
    AbiWord 2.8.2
    Adobe Flash Player 10 Plugin
    Adobe Reader 9.3.2
    AoA Audio Extractor 1.0
    Apple Mobile Device Support
    Apple Software Update
    AVG Free 9.0
    AviSynth 2.5
    BufferChm
    C-Media WDM Audio Driver
    CCleaner
    DivX Player
    DivX Plus DirectShow Filters
    DivX Setup
    DivX Version Checker
    DVD Flick
    EVGA Display Driver
    F2100_doccd
    FrostWire 4.18.6
    HijackThis 2.0.2
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    Hotfix for Windows Media Format 11 SDK (KB929399)
    Hotfix for Windows XP (KB926239)
    Hotfix for Windows XP (KB942288-v3)
    Hotfix for Windows XP (KB954550-v5)
    Hotfix for Windows XP (KB961118)
    Hotfix for Windows XP (KB970653-v3)
    ImgBurn
    iTunes
    Java(TM) 6 Update 14
    jZip
    Lexmark 730 Series
    Malwarebytes' Anti-Malware
    Microsoft .NET Framework 2.0 Service Pack 2
    Microsoft .NET Framework 3.0 Service Pack 2
    Microsoft .NET Framework 3.5 SP1
    Microsoft Application Error Reporting
    Microsoft Choice Guard
    Microsoft Compression Client Pack 1.0 for Windows XP
    Microsoft IntelliPoint 6.1
    Microsoft IntelliType Pro 6.2
    Microsoft User-Mode Driver Framework Feature Pack 1.0
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
    MobileMe Control Panel
    Movavi Video Converter 9
    Mozilla Firefox (3.6.12)
    MSVCRT
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 and SOAP Toolkit 3.0
    MSXML 6 Service Pack 2 (KB954459)
    OpenMG Limited Patch 4.4-06-13-19-01
    OpenMG Secure Module 4.4.00
    QuickTime
    Rogers Yahoo! Applications
    Security Update for Windows Media Player (KB911564)
    Security Update for Windows Media Player (KB952069)
    Security Update for Windows Media Player (KB973540)
    Security Update for Windows Media Player 10 (KB911565)
    Security Update for Windows Media Player 10 (KB917734)
    Security Update for Windows Media Player 6.4 (KB925398)
    Security Update for Windows XP (KB890046)
    Security Update for Windows XP (KB893066)
    Security Update for Windows XP (KB893756)
    Security Update for Windows XP (KB896358)
    Security Update for Windows XP (KB896422)
    Security Update for Windows XP (KB896423)
    Security Update for Windows XP (KB896424)
    Security Update for Windows XP (KB896428)
    Security Update for Windows XP (KB899587)
    Security Update for Windows XP (KB899589)
    Security Update for Windows XP (KB899591)
    Security Update for Windows XP (KB900725)
    Security Update for Windows XP (KB901017)
    Security Update for Windows XP (KB901214)
    Security Update for Windows XP (KB902400)
    Security Update for Windows XP (KB904706)
    Security Update for Windows XP (KB905414)
    Security Update for Windows XP (KB905749)
    Security Update for Windows XP (KB905915)
    Security Update for Windows XP (KB908519)
    Security Update for Windows XP (KB908531)
    Security Update for Windows XP (KB911280)
    Security Update for Windows XP (KB911562)
    Security Update for Windows XP (KB911567)
    Security Update for Windows XP (KB911927)
    Security Update for Windows XP (KB912812)
    Security Update for Windows XP (KB912919)
    Security Update for Windows XP (KB913446)
    Security Update for Windows XP (KB913580)
    Security Update for Windows XP (KB914388)
    Security Update for Windows XP (KB914389)
    Security Update for Windows XP (KB916281)
    Security Update for Windows XP (KB917159)
    Security Update for Windows XP (KB917344)
    Security Update for Windows XP (KB917422)
    Security Update for Windows XP (KB917953)
    Security Update for Windows XP (KB918118)
    Security Update for Windows XP (KB918439)
    Security Update for Windows XP (KB918899)
    Security Update for Windows XP (KB919007)
    Security Update for Windows XP (KB920213)
    Security Update for Windows XP (KB920214)
    Security Update for Windows XP (KB920670)
    Security Update for Windows XP (KB920683)
    Security Update for Windows XP (KB920685)
    Security Update for Windows XP (KB921398)
    Security Update for Windows XP (KB921503)
    Security Update for Windows XP (KB921883)
    Security Update for Windows XP (KB922616)
    Security Update for Windows XP (KB922760)
    Security Update for Windows XP (KB922819)
    Security Update for Windows XP (KB923191)
    Security Update for Windows XP (KB923414)
    Security Update for Windows XP (KB923561)
    Security Update for Windows XP (KB923689)
    Security Update for Windows XP (KB923694)
    Security Update for Windows XP (KB923980)
    Security Update for Windows XP (KB924191)
    Security Update for Windows XP (KB924270)
    Security Update for Windows XP (KB924496)
    Security Update for Windows XP (KB924667)
    Security Update for Windows XP (KB925454)
    Security Update for Windows XP (KB925486)
    Security Update for Windows XP (KB925902)
    Security Update for Windows XP (KB926255)
    Security Update for Windows XP (KB926436)
    Security Update for Windows XP (KB927779)
    Security Update for Windows XP (KB927802)
    Security Update for Windows XP (KB928090)
    Security Update for Windows XP (KB928255)
    Security Update for Windows XP (KB928843)
    Security Update for Windows XP (KB929969)
    Security Update for Windows XP (KB930178)
    Security Update for Windows XP (KB931261)
    Security Update for Windows XP (KB931768)
    Security Update for Windows XP (KB931784)
    Security Update for Windows XP (KB932168)
    Security Update for Windows XP (KB938464-v2)
    Security Update for Windows XP (KB948881)
    Security Update for Windows XP (KB952004)
    Security Update for Windows XP (KB954600)
    Security Update for Windows XP (KB955069)
    Security Update for Windows XP (KB956572)
    Security Update for Windows XP (KB956802)
    Security Update for Windows XP (KB956803)
    Security Update for Windows XP (KB957097)
    Security Update for Windows XP (KB958470)
    Security Update for Windows XP (KB958644)
    Security Update for Windows XP (KB958687)
    Security Update for Windows XP (KB959426)
    Security Update for Windows XP (KB960225)
    Security Update for Windows XP (KB960803)
    Security Update for Windows XP (KB960859)
    Security Update for Windows XP (KB961371)
    Security Update for Windows XP (KB961373)
    Security Update for Windows XP (KB961501)
    Security Update for Windows XP (KB968537)
    Security Update for Windows XP (KB969897)
    Security Update for Windows XP (KB969898)
    Security Update for Windows XP (KB970238)
    Security Update for Windows XP (KB971032)
    Security Update for Windows XP (KB971557)
    Security Update for Windows XP (KB971633)
    Security Update for Windows XP (KB971657)
    Security Update for Windows XP (KB972260)
    Security Update for Windows XP (KB973346)
    Security Update for Windows XP (KB973354)
    Security Update for Windows XP (KB973507)
    Security Update for Windows XP (KB973869)
    Segoe UI
    SiS 900 PCI Fast Ethernet Adapter Driver
    Spybot - Search & Destroy
    TBS WMP Plug-in
    UnloadSupport
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    Update for Windows XP (KB894391)
    Update for Windows XP (KB898461)
    Update for Windows XP (KB900485)
    Update for Windows XP (KB910437)
    Update for Windows XP (KB916595)
    Update for Windows XP (KB920872)
    Update for Windows XP (KB922582)
    Update for Windows XP (KB925720)
    Update for Windows XP (KB929338)
    Update for Windows XP (KB930916)
    Update for Windows XP (KB931836)
    Update for Windows XP (KB955839)
    Update for Windows XP (KB961503)
    Update for Windows XP (KB967715)
    Update for Windows XP (KB973815)
    VC80CRTRedist - 8.0.50727.4053
    Video Cutter 1.0
    Videora iPod classic Converter 5.04
    Visual C++ 2008 x86 Runtime - (v9.0.30729)
    Visual C++ 2008 x86 Runtime - v9.0.30729.01
    VLC media player 1.0.0
    WebFldrs XP
    Windows Genuine Advantage Notifications (KB905474)
    Windows Genuine Advantage v1.3.0254.0
    Windows Imaging Component
    Windows Installer 3.1 (KB893803)
    Windows Live Call
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Messenger
    Windows Live Sign-in Assistant
    Windows Media Format 11 runtime
    Windows XP Hotfix - KB873339
    Windows XP Hotfix - KB885250
    Windows XP Hotfix - KB885835
    Windows XP Hotfix - KB885836
    Windows XP Hotfix - KB886185
    Windows XP Hotfix - KB887472
    Windows XP Hotfix - KB887742
    Windows XP Hotfix - KB888113
    Windows XP Hotfix - KB888302
    Windows XP Hotfix - KB890859
    Windows XP Hotfix - KB891781
    Windows XP Service Pack 2
    WinRAR archiver

    ==== Event Viewer Messages From Past Week ========

    10/28/2010 9:40:57 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD AmdK7 AvgLdx86 AvgMfx86 AvgTdiX Fips IPSec Lbd MRxSmb NetBIOS NetBT RasAcd Rdbss Tcpip VET-FILT VET-REC VETEFILE VETMONNT
    10/28/2010 9:40:57 PM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD Networking Support Environment service which failed to start because of the following error: A device attached to the system is not functioning.
    10/28/2010 9:40:57 PM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
    10/28/2010 9:40:57 PM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
    10/28/2010 9:40:57 PM, error: Service Control Manager [7001] - The Apple Mobile Device service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
    10/28/2010 9:40:15 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
    10/28/2010 6:21:49 PM, information: Windows File Protection [64002] - File replacement was attempted on the protected system file c:\program files\common files\system\wab32.dll. This file was restored to the original version to maintain system stability. The file version of the system file is 6.0.2900.3028.
    10/28/2010 6:21:47 PM, information: Windows File Protection [64002] - File replacement was attempted on the protected system file c:\program files\common files\system\directdb.dll. This file was restored to the original version to maintain system stability. The file version of the system file is 6.0.2900.3028.
    10/28/2010 6:21:46 PM, information: Windows File Protection [64002] - File replacement was attempted on the protected system file c:\program files\common files\system\ado\msjro.dll. This file was restored to the original version to maintain system stability. The file version of the system file is 2.81.1128.0.
    10/28/2010 6:21:44 PM, information: Windows File Protection [64002] - File replacement was attempted on the protected system file c:\program files\common files\system\ado\msadox.dll. This file was restored to the original version to maintain system stability. The file version of the system file is 2.81.1128.0.
    10/28/2010 6:21:43 PM, information: Windows File Protection [64002] - File replacement was attempted on the protected system file c:\program files\common files\system\ado\msadomd.dll. This file was restored to the original version to maintain system stability. The file version of the system file is 2.81.1128.0.
    10/28/2010 6:21:41 PM, information: Windows File Protection [64002] - File replacement was attempted on the protected system file c:\program files\common files\system\ado\msado15.dll. This file was restored to the original version to maintain system stability. The file version of the system file is 2.81.1128.0.
    10/28/2010 5:55:57 PM, error: Dhcp [1002] - The IP address lease 192.168.100.2 for the Network Card with network address 000B6A76AF7E has been denied by the DHCP server 192.168.100.1 (The DHCP Server sent a DHCPNACK message).
    10/28/2010 5:46:23 PM, error: Dhcp [1002] - The IP address lease 99.235.208.222 for the Network Card with network address 000B6A76AF7E has been denied by the DHCP server 192.168.100.1 (The DHCP Server sent a DHCPNACK message).
    10/28/2010 4:15:22 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
    10/28/2010 3:09:47 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AmdK7 AvgLdx86 AvgMfx86 Fips Lbd VET-FILT VET-REC VETEFILE VETMONNT
    10/28/2010 3:08:47 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
    10/26/2010 6:06:47 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the lxcf_device service to connect.
    10/26/2010 6:06:47 AM, error: Service Control Manager [7000] - The lxcf_device service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    10/26/2010 6:06:47 AM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service lxcf_device with arguments "" in order to run the server: {323CE21C-A448-40AA-BA74-7FCF1E44106F}
    10/25/2010 6:16:25 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Lbd
    10/25/2010 6:16:25 PM, error: Service Control Manager [7001] - The VET Message Service service depends on the CAISafe service which failed to start because of the following error: The system cannot find the file specified.
    10/25/2010 6:16:25 PM, error: Service Control Manager [7000] - The CAISafe service failed to start due to the following error: The system cannot find the file specified.

    ==== End Of File ===========================

    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT

    DDS (Ver_10-10-21.02)

    Microsoft Windows XP Professional
    Boot Device: \Device\HarddiskVolume1
    Install Date: 1/10/2006 4:48:15 PM
    System Uptime: 10/29/2010 1:03:03 AM (0 hours ago)

    Motherboard: | | K7S41GX
    Processor: AMD Sempron(tm) 2200+ | Socket-A | 1511/166mhz

    ==== Disk Partitions =========================

    A: is Removable
    C: is FIXED (NTFS) - 37 GiB total, 9.27 GiB free.
    D: is CDROM ()
    E: is CDROM ()
    F: is FIXED (NTFS) - 128 GiB total, 68.251 GiB free.
    G: is FIXED (FAT32) - 233 GiB total, 17.794 GiB free.

    ==== Disabled Device Manager Items =============

    ==== System Restore Points ===================

    No restore point in system.

    ==== Installed Programs ======================

    ĀµTorrent
    32 Bit HP CIO Components Installer
    AbiWord 2.8.2
    Adobe Flash Player 10 Plugin
    Adobe Reader 9.3.2
    AoA Audio Extractor 1.0
    Apple Mobile Device Support
    Apple Software Update
    AVG Free 9.0
    AviSynth 2.5
    BufferChm
    C-Media WDM Audio Driver
    CCleaner
    DivX Player
    DivX Plus DirectShow Filters
    DivX Setup
    DivX Version Checker
    DVD Flick
    EVGA Display Driver
    F2100_doccd
    FrostWire 4.18.6
    HijackThis 2.0.2
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    Hotfix for Windows Media Format 11 SDK (KB929399)
    Hotfix for Windows XP (KB926239)
    Hotfix for Windows XP (KB942288-v3)
    Hotfix for Windows XP (KB954550-v5)
    Hotfix for Windows XP (KB961118)
    Hotfix for Windows XP (KB970653-v3)
    ImgBurn
    iTunes
    Java(TM) 6 Update 14
    jZip
    Lexmark 730 Series
    Malwarebytes' Anti-Malware
    Microsoft .NET Framework 2.0 Service Pack 2
    Microsoft .NET Framework 3.0 Service Pack 2
    Microsoft .NET Framework 3.5 SP1
    Microsoft Application Error Reporting
    Microsoft Choice Guard
    Microsoft Compression Client Pack 1.0 for Windows XP
    Microsoft IntelliPoint 6.1
    Microsoft IntelliType Pro 6.2
    Microsoft User-Mode Driver Framework Feature Pack 1.0
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
    MobileMe Control Panel
    Movavi Video Converter 9
    Mozilla Firefox (3.6.12)
    MSVCRT
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 and SOAP Toolkit 3.0
    MSXML 6 Service Pack 2 (KB954459)
    OpenMG Limited Patch 4.4-06-13-19-01
    OpenMG Secure Module 4.4.00
    QuickTime
    Rogers Yahoo! Applications
    Security Update for Windows Media Player (KB911564)
    Security Update for Windows Media Player (KB952069)
    Security Update for Windows Media Player (KB973540)
    Security Update for Windows Media Player 10 (KB911565)
    Security Update for Windows Media Player 10 (KB917734)
    Security Update for Windows Media Player 6.4 (KB925398)
    Security Update for Windows XP (KB890046)
    Security Update for Windows XP (KB893066)
    Security Update for Windows XP (KB893756)
    Security Update for Windows XP (KB896358)
    Security Update for Windows XP (KB896422)
    Security Update for Windows XP (KB896423)
    Security Update for Windows XP (KB896424)
    Security Update for Windows XP (KB896428)
    Security Update for Windows XP (KB899587)
    Security Update for Windows XP (KB899589)
    Security Update for Windows XP (KB899591)
    Security Update for Windows XP (KB900725)
    Security Update for Windows XP (KB901017)
    Security Update for Windows XP (KB901214)
    Security Update for Windows XP (KB902400)
    Security Update for Windows XP (KB904706)
    Security Update for Windows XP (KB905414)
    Security Update for Windows XP (KB905749)
    Security Update for Windows XP (KB905915)
    Security Update for Windows XP (KB908519)
    Security Update for Windows XP (KB908531)
    Security Update for Windows XP (KB911280)
    Security Update for Windows XP (KB911562)
    Security Update for Windows XP (KB911567)
    Security Update for Windows XP (KB911927)
    Security Update for Windows XP (KB912812)
    Security Update for Windows XP (KB912919)
    Security Update for Windows XP (KB913446)
    Security Update for Windows XP (KB913580)
    Security Update for Windows XP (KB914388)
    Security Update for Windows XP (KB914389)
    Security Update for Windows XP (KB916281)
    Security Update for Windows XP (KB917159)
    Security Update for Windows XP (KB917344)
    Security Update for Windows XP (KB917422)
    Security Update for Windows XP (KB917953)
    Security Update for Windows XP (KB918118)
    Security Update for Windows XP (KB918439)
    Security Update for Windows XP (KB918899)
    Security Update for Windows XP (KB919007)
    Security Update for Windows XP (KB920213)
    Security Update for Windows XP (KB920214)
    Security Update for Windows XP (KB920670)
    Security Update for Windows XP (KB920683)
    Security Update for Windows XP (KB920685)
    Security Update for Windows XP (KB921398)
    Security Update for Windows XP (KB921503)
    Security Update for Windows XP (KB921883)
    Security Update for Windows XP (KB922616)
    Security Update for Windows XP (KB922760)
    Security Update for Windows XP (KB922819)
    Security Update for Windows XP (KB923191)
    Security Update for Windows XP (KB923414)
    Security Update for Windows XP (KB923561)
    Security Update for Windows XP (KB923689)
    Security Update for Windows XP (KB923694)
    Security Update for Windows XP (KB923980)
    Security Update for Windows XP (KB924191)
    Security Update for Windows XP (KB924270)
    Security Update for Windows XP (KB924496)
    Security Update for Windows XP (KB924667)
    Security Update for Windows XP (KB925454)
    Security Update for Windows XP (KB925486)
    Security Update for Windows XP (KB925902)
    Security Update for Windows XP (KB926255)
    Security Update for Windows XP (KB926436)
    Security Update for Windows XP (KB927779)
    Security Update for Windows XP (KB927802)
    Security Update for Windows XP (KB928090)
    Security Update for Windows XP (KB928255)
    Security Update for Windows XP (KB928843)
    Security Update for Windows XP (KB929969)
    Security Update for Windows XP (KB930178)
    Security Update for Windows XP (KB931261)
    Security Update for Windows XP (KB931768)
    Security Update for Windows XP (KB931784)
    Security Update for Windows XP (KB932168)
    Security Update for Windows XP (KB938464-v2)
    Security Update for Windows XP (KB948881)
    Security Update for Windows XP (KB952004)
    Security Update for Windows XP (KB954600)
    Security Update for Windows XP (KB955069)
    Security Update for Windows XP (KB956572)
    Security Update for Windows XP (KB956802)
    Security Update for Windows XP (KB956803)
    Security Update for Windows XP (KB957097)
    Security Update for Windows XP (KB958470)
    Security Update for Windows XP (KB958644)
    Security Update for Windows XP (KB958687)
    Security Update for Windows XP (KB959426)
    Security Update for Windows XP (KB960225)
    Security Update for Windows XP (KB960803)
    Security Update for Windows XP (KB960859)
    Security Update for Windows XP (KB961371)
    Security Update for Windows XP (KB961373)
    Security Update for Windows XP (KB961501)
    Security Update for Windows XP (KB968537)
    Security Update for Windows XP (KB969897)
    Security Update for Windows XP (KB969898)
    Security Update for Windows XP (KB970238)
    Security Update for Windows XP (KB971032)
    Security Update for Windows XP (KB971557)
    Security Update for Windows XP (KB971633)
    Security Update for Windows XP (KB971657)
    Security Update for Windows XP (KB972260)
    Security Update for Windows XP (KB973346)
    Security Update for Windows XP (KB973354)
    Security Update for Windows XP (KB973507)
    Security Update for Windows XP (KB973869)
    Segoe UI
    SiS 900 PCI Fast Ethernet Adapter Driver
    Spybot - Search & Destroy
    TBS WMP Plug-in
    UnloadSupport
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    Update for Windows XP (KB894391)
    Update for Windows XP (KB898461)
    Update for Windows XP (KB900485)
    Update for Windows XP (KB910437)
    Update for Windows XP (KB916595)
    Update for Windows XP (KB920872)
    Update for Windows XP (KB922582)
    Update for Windows XP (KB925720)
    Update for Windows XP (KB929338)
    Update for Windows XP (KB930916)
    Update for Windows XP (KB931836)
    Update for Windows XP (KB955839)
    Update for Windows XP (KB961503)
    Update for Windows XP (KB967715)
    Update for Windows XP (KB973815)
    VC80CRTRedist - 8.0.50727.4053
    Video Cutter 1.0
    Videora iPod classic Converter 5.04
    Visual C++ 2008 x86 Runtime - (v9.0.30729)
    Visual C++ 2008 x86 Runtime - v9.0.30729.01
    VLC media player 1.0.0
    WebFldrs XP
    Windows Genuine Advantage Notifications (KB905474)
    Windows Genuine Advantage v1.3.0254.0
    Windows Imaging Component
    Windows Installer 3.1 (KB893803)
    Windows Live Call
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Messenger
    Windows Live Sign-in Assistant
    Windows Media Format 11 runtime
    Windows XP Hotfix - KB873339
    Windows XP Hotfix - KB885250
    Windows XP Hotfix - KB885835
    Windows XP Hotfix - KB885836
    Windows XP Hotfix - KB886185
    Windows XP Hotfix - KB887472
    Windows XP Hotfix - KB887742
    Windows XP Hotfix - KB888113
    Windows XP Hotfix - KB888302
    Windows XP Hotfix - KB890859
    Windows XP Hotfix - KB891781
    Windows XP Service Pack 2
    WinRAR archiver

    ==== Event Viewer Messages From Past Week ========

    10/28/2010 9:40:57 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD AmdK7 AvgLdx86 AvgMfx86 AvgTdiX Fips IPSec Lbd MRxSmb NetBIOS NetBT RasAcd Rdbss Tcpip VET-FILT VET-REC VETEFILE VETMONNT
    10/28/2010 9:40:57 PM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD Networking Support Environment service which failed to start because of the following error: A device attached to the system is not functioning.
    10/28/2010 9:40:57 PM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
    10/28/2010 9:40:57 PM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
    10/28/2010 9:40:57 PM, error: Service Control Manager [7001] - The Apple Mobile Device service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
    10/28/2010 9:40:15 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
    10/28/2010 6:21:49 PM, information: Windows File Protection [64002] - File replacement was attempted on the protected system file c:\program files\common files\system\wab32.dll. This file was restored to the original version to maintain system stability. The file version of the system file is 6.0.2900.3028.
    10/28/2010 6:21:47 PM, information: Windows File Protection [64002] - File replacement was attempted on the protected system file c:\program files\common files\system\directdb.dll. This file was restored to the original version to maintain system stability. The file version of the system file is 6.0.2900.3028.
    10/28/2010 6:21:46 PM, information: Windows File Protection [64002] - File replacement was attempted on the protected system file c:\program files\common files\system\ado\msjro.dll. This file was restored to the original version to maintain system stability. The file version of the system file is 2.81.1128.0.
    10/28/2010 6:21:44 PM, information: Windows File Protection [64002] - File replacement was attempted on the protected system file c:\program files\common files\system\ado\msadox.dll. This file was restored to the original version to maintain system stability. The file version of the system file is 2.81.1128.0.
    10/28/2010 6:21:43 PM, information: Windows File Protection [64002] - File replacement was attempted on the protected system file c:\program files\common files\system\ado\msadomd.dll. This file was restored to the original version to maintain system stability. The file version of the system file is 2.81.1128.0.
    10/28/2010 6:21:41 PM, information: Windows File Protection [64002] - File replacement was attempted on the protected system file c:\program files\common files\system\ado\msado15.dll. This file was restored to the original version to maintain system stability. The file version of the system file is 2.81.1128.0.
    10/28/2010 5:55:57 PM, error: Dhcp [1002] - The IP address lease 192.168.100.2 for the Network Card with network address 000B6A76AF7E has been denied by the DHCP server 192.168.100.1 (The DHCP Server sent a DHCPNACK message).
    10/28/2010 5:46:23 PM, error: Dhcp [1002] - The IP address lease 99.235.208.222 for the Network Card with network address 000B6A76AF7E has been denied by the DHCP server 192.168.100.1 (The DHCP Server sent a DHCPNACK message).
    10/28/2010 4:15:22 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
    10/28/2010 3:09:47 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AmdK7 AvgLdx86 AvgMfx86 Fips Lbd VET-FILT VET-REC VETEFILE VETMONNT
    10/28/2010 3:08:47 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
    10/26/2010 6:06:47 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the lxcf_device service to connect.
    10/26/2010 6:06:47 AM, error: Service Control Manager [7000] - The lxcf_device service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    10/26/2010 6:06:47 AM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service lxcf_device with arguments "" in order to run the server: {323CE21C-A448-40AA-BA74-7FCF1E44106F}
    10/25/2010 6:16:25 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Lbd
    10/25/2010 6:16:25 PM, error: Service Control Manager [7001] - The VET Message Service service depends on the CAISafe service which failed to start because of the following error: The system cannot find the file specified.
    10/25/2010 6:16:25 PM, error: Service Control Manager [7000] - The CAISafe service failed to start due to the following error: The system cannot find the file specified.

    ==== End Of File ===========================
  6. Broni

    Broni Malware Annihilator Posts: 46,339   +252

    All scans have to be run in normal mode, not safe mode.
    GMER in safe mode is OK.
    Please, redo MBAM and DDS.
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.