[Closed]David Malware Virus Capture

TFC only cleans temp folders. TFC will not clean URL history, prefetch, or cookies.
TFC (Temp File Cleaner) will clear out all temp folders for all user accounts (temp, IE temp, java, FF, Opera, Chrome, Safari), including Administrator, All Users, LocalService, NetworkService, and any other accounts in the user folder.
Hi, seemingly similar problem to many - PC appears to be hijacked by a vedor of AV software. Am using my laptop to post this so have to switch between machines to follow the instructions - I ahve read the intro and downloaded the programmes tpo a memory stick.
My PC is a Dell optiplex 1700, windows XP Explorer 6 ( because I have to remain compatible with company web sites and servers for remote working. I use MS office pro and have some company specific programmes loaded Epic (for xml work)
My AV is ESET Smart Security and it is up to date
I have a C drive - programmes. D drive working documents and a stand alone G drive for Backups. I have disconnected the G drive while I have this problem.

Symptoms - on shut down last night I did not notice that the process had 'hung' and was waiting for a programme to respond until I came in this morning.

On rebooting I tried too Open usual programmes - Outlook - faild to open, IE6 opened, showing default address of google but screen was a supposed MS warning page about a need for a AV programme, then noticed a new shield icon in the bottom tray which generates various warning bubbles at about 2 minute intervals followed by small panel with a variety of Virus attack warnings and inviting me to update software. If left finally get a ESET aning that page 3w’s porno.com has been blocked. System re-launched IE after it was closed to a variety of sites all being blocked by ESET.
Can not open any programme, control panel etc always get a warning g that xxxxx is infected and cannot operate.

Have tried to run TFC - all I get is a warning cannot run the file tfc.exe is infected. Do you want to run AV software. (I have not run the software). Same result for Malware bytes so not sure where to go from here and there is no attached/pasted result. Cannot even capture a screen shot to show the situation

I am stuck should I try safe mode to start with, most grateful any assistance.
David

Hope I have got this right = gonee to the Malware Removal Forum and created a new Thread.

have managed to start and run the tests as suggested in the Malware user advice with the PC in the safe mode. I downloaded the programmes onto a USB sick on my lap top and transfered them to the PC. Do not know if this will have affected the results.

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4345

Windows 5.1.2600 Service Pack 3 (Safe Mode)
Internet Explorer 6.0.2900.2180

18/11/2010 17:18:25
mbam-log-2010-11-18 (17-18-25).txt

Scan type: Quick scan
Objects scanned: 145414
Time elapsed: 12 minute(s), 44 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Documents and Settings\Ewing Consultants\Local Settings\Application Data\syssvc.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.

GMERE would not run, tried downloads from both sites but when double clicked after placing on the Desk top the PC froze - Tried 4 times - issue because I was in safe mode?


DDS (Ver_10-11-10.01) - NTFSx86 MINIMAL
Run by Administrator at 19:02:24.09 on 18/11/2010
Internet Explorer: 6.0.2900.2180
Microsoft Windows XP Home Edition 5.1.2600.3.1252.44.1033.18.1022.793 [GMT 0:00]

AV: ESET Smart Security 4.2 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET Personal firewall *enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxsrvc.exe
C:\Documents and Settings\Administrator\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.euro.dell.com/
uDefault_Page_URL = hxxp://www.euro.dell.com/
mDefault_Page_URL = hxxp://www.msn.com
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: WOT Helper: {c920e44a-7f78-4e64-bdd7-a57026e7feb7} - c:\program files\wot\WOT.dll
TB: Copernic Agent: {f2e259e8-0fc8-438c-a6e0-342dd80fa53e} - c:\program files\copernic agent\CopernicAgentExt.dll
TB: WOT: {71576546-354d-41c9-aae8-31f2ec22bf0d} - c:\program files\wot\WOT.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [HPDJ Taskbar Utility] c:\windows\system32\spool\drivers\w32x86\3\hpztsb04.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [SpeedTouch USB Diagnostics] "c:\program files\thomson\speedtouch usb\Dragdiag.exe" /icon
mRun: [igfxtray] c:\windows\system32\igfxtray.exe
mRun: [igfxpers] c:\windows\system32\igfxpers.exe
mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe
mRun: [egui] "c:\program files\eset\eset smart security\egui.exe" /hide /waitservice
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [Malwarebytes Anti-Malware (reboot)] "c:\documents and settings\administrator\desktop\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe
IE: {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - c:\progra~1\copern~1\COPERN~1.EXE
IE: {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - c:\progra~1\copern~1\COPERN~1.EXE
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBC}
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office11\REFIEBAR.DLL
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://www.apple.com/qtactivex/qtplugin.cab
DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://download.microsoft.com/download/e/4/9/e494c802-dd90-4c6b-a074-469358f075a6/OGAControl.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} - hxxp://www.linkedin.com/cab/LinkedInContactFinderControl.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.4.2/jinstall-1_4_2_03-windows-i586.cab
DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} - hxxp://office.microsoft.com/officeupdate/content/opuc4.cab
DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.4.2/jinstall-1_4_2_03-windows-i586.cab
DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.1.66.0.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://ihs.webex.com/client/T27L/support/ieatgpc.cab
DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} - hxxps://ras-uk.ihs.com/dana-cached/sc/JuniperSetupClient.cab
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll
Handler: copernicagent - {A979B6BD-E40B-4A07-ABDD-A62C64A4EBF6} - c:\progra~1\copern~1\COPERN~1.DLL
Handler: copernicagentcache - {AAC34CFD-274D-4A9D-B0DC-C74C05A67E1D} - c:\progra~1\copern~1\COPERN~1.DLL
Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - c:\program files\wot\WOT.dll
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
Hosts: 10.105.10.4 fuji
============= SERVICES / DRIVERS ===============

S0 iidkxdd;iidkxdd;c:\windows\system32\drivers\hheb.sys --> c:\windows\system32\drivers\hheb.sys [?]
S1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2009-4-9 114984]
S1 eusk2par;EUTRON SmartKey Parallel Driver;c:\windows\system32\drivers\eusk2par.sys [2007-10-2 24786]
S2 ekrn;ESET Service;c:\program files\eset\eset smart security\ekrn.exe [2010-3-24 810120]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-1-14 135664]
S3 ADM8511;%ADM8511.Service.DispName%;c:\windows\system32\drivers\ADM8511.SYS [2001-8-17 20160]
S3 cpudrv;cpudrv;c:\program files\systemrequirementslab\cpudrv.sys [2009-12-18 11336]
S3 eusk3usb;SmartKey 3 USB;c:\windows\system32\drivers\eusk3usb.sys [2007-10-2 45534]

=============== Created Last 30 ================

2010-11-18 16:33:00 -------- d-----w- c:\docume~1\admini~1\applic~1\Malwarebytes
2010-11-11 11:53:28 -------- d-----w- c:\program files\PC Speed Up

==================== Find3M ====================

2010-09-18 11:23:26 974848 ----a-w- c:\windows\system32\mfc42u.dll
2010-09-18 06:53:25 974848 --sha-w- c:\windows\system32\mfc42.dll
2010-09-18 06:53:25 954368 ----a-w- c:\windows\system32\mfc40.dll
2010-09-18 06:53:25 953856 ----a-w- c:\windows\system32\mfc40u.dll
2010-09-01 11:51:14 285824 ----a-w- c:\windows\system32\atmfd.dll
2010-08-31 13:42:52 1852800 ----a-w- c:\windows\system32\win32k.sys
2010-08-27 08:02:29 119808 ----a-w- c:\windows\system32\t2embed.dll
2010-08-27 05:57:43 99840 ----a-w- c:\windows\system32\srvsvc.dll
2010-08-26 12:52:45 5120 ----a-w- c:\windows\system32\xpsp4res.dll
2010-08-23 16:12:04 617472 ----a-w- c:\windows\system32\comctl32.dll
2010-02-28 12:30:53 2169915 ----a-w- c:\program files\ImgBurn_2.5.0.0.exe
2009-09-07 16:21:04 1648478 ----a-w- c:\program files\FileManager.exe
2007-10-04 07:10:27 12531691 -c--a-w- c:\program files\Kd50e.exe
2006-06-20 17:16:12 774144 -c--a-w- c:\program files\RngInterstitial.dll
2005-07-04 14:00:21 217088 -c--a-w- c:\program files\SpaceMonger.exe
2005-04-08 11:11:11 121558528 -c--a-w- c:\program files\AcTR7EFG.exe
2005-03-21 19:52:41 4320768 ----a-w- c:\program files\MSMONEY.EXE
2004-08-04 05:00:00 94784 -csh--w- c:\windows\twain.dll
2008-04-14 00:12:07 50688 --sh--w- c:\windows\twain_32.dll
2008-04-14 00:12:01 57344 --sh--w- c:\windows\system32\msvcirt.dll
2008-04-14 00:12:32 11776 --sh--w- c:\windows\system32\regsvr32.exe

============= FINISH: 19:04:37.29 ===============


UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-11-10.01)

Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume2
Install Date: 21/03/2005 10:06:37
System Uptime: 18/11/2010 17:38:43 (2 hours ago)

Motherboard: Dell Computer Corp. | | 0U2575
Processor: Intel(R) Pentium(R) 4 CPU 2.80GHz | Microprocessor | 2793/800mhz

==== Disk Partitions =========================

A: is Removable
C: is FIXED (NTFS) - 37 GiB total, 6.328 GiB free.
D: is FIXED (NTFS) - 149 GiB total, 139.893 GiB free.
E: is CDROM ()
F: is FIXED (FAT) - 2 GiB total, 0.93 GiB free.

==== Disabled Device Manager Items =============

Class GUID:
Description: Network Controller
Device ID: PCI\VEN_14E4&DEV_4320&SUBSYS_70011799&REV_03\4&1C660DD6&0&00F0
Manufacturer:
Name: Network Controller
PNP Device ID: PCI\VEN_14E4&DEV_4320&SUBSYS_70011799&REV_03\4&1C660DD6&0&00F0
Service:

==== System Restore Points ===================

RP37: 29/09/2010 10:24:01 - System Checkpoint
RP38: 29/09/2010 21:54:01 - Software Distribution Service 3.0
RP39: 30/09/2010 09:15:26 - Installed Microsoft Office Outlook Connector
RP40: 01/10/2010 09:33:32 - System Checkpoint
RP41: 02/10/2010 15:39:57 - System Checkpoint
RP42: 03/10/2010 16:32:34 - System Checkpoint
RP43: 04/10/2010 18:15:07 - System Checkpoint
RP44: 06/10/2010 12:55:08 - System Checkpoint
RP45: 07/10/2010 14:29:14 - System Checkpoint
RP46: 08/10/2010 13:47:21 - Software Distribution Service 3.0
RP47: 10/10/2010 09:51:18 - System Checkpoint
RP48: 11/10/2010 10:17:57 - System Checkpoint
RP49: 12/10/2010 11:21:39 - System Checkpoint
RP50: 13/10/2010 14:59:36 - System Checkpoint
RP51: 14/10/2010 22:37:01 - Software Distribution Service 3.0
RP52: 16/10/2010 15:48:36 - System Checkpoint
RP53: 17/10/2010 16:51:39 - System Checkpoint
RP54: 18/10/2010 18:33:08 - System Checkpoint
RP55: 19/10/2010 18:56:33 - System Checkpoint
RP56: 21/10/2010 19:01:14 - System Checkpoint
RP57: 23/10/2010 13:40:32 - System Checkpoint
RP58: 24/10/2010 18:41:12 - System Checkpoint
RP59: 27/10/2010 13:20:00 - System Checkpoint
RP60: 28/10/2010 20:58:47 - System Checkpoint
RP61: 31/10/2010 09:06:49 - System Checkpoint
RP62: 01/11/2010 10:44:25 - System Checkpoint
RP63: 02/11/2010 19:51:17 - System Checkpoint
RP64: 04/11/2010 20:41:04 - System Checkpoint
RP65: 08/11/2010 10:00:14 - System Checkpoint
RP66: 09/11/2010 13:46:36 - System Checkpoint
RP67: 10/11/2010 09:03:05 - Software Distribution Service 3.0
RP68: 10/11/2010 09:04:56 - Software Distribution Service 3.0
RP69: 12/11/2010 09:19:36 - System Checkpoint
RP70: 13/11/2010 18:30:39 - System Checkpoint
RP71: 15/11/2010 19:14:50 - System Checkpoint
RP72: 17/11/2010 08:04:48 - System Checkpoint

==== Installed Programs ======================


7200
7200_Help
7200Trb
ACDSee
Acrobat.com
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Photoshop 7.0
Adobe Reader 9.4.0
Adobe Shockwave Player 11.5
Adobe SVG Viewer 3.0
AiO_Scan
AiOSoftware
Apple Mobile Device Support
Avanquest update
Belarc Advisor 7.2
BT Broadband Desktop Help
BT Email Configuration Tool
BT Yahoo! Applications
BTHomeHub
BufferChm
CCleaner
Compatibility Pack for the 2007 Office system
Conexant D850 56K V.9x DFVc Modem
Copernic Agent Basic
Copy
CP_AtenaShokunin1Config
cp_dwShrek2Albums1
cp_dwShrek2Cards1
CreativeProjects
CreativeProjectsTemplates
CueTour
Destinations
Digital Line Detect
Director
DocProc
DocumentViewer
DWG TrueView 2009
Epic 5.1
ESET Online Scanner v3
ESET Smart Security
Fax
FLV Player X 1.0.1
GDR 4053 for SQL Server Database Services 2005 ENU (KB970892)
GDR 4053 for SQL Server Tools and Workstation Components 2005 ENU (KB970892)
Google Earth
Google Toolbar for Internet Explorer
Google Update Helper
HighMAT Extension to Microsoft Windows XP CD Writing Wizard
HijackThis 2.0.2
HMRC Employer CD-ROM 2009
HMRC Employer CD-ROM 2010
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB915800-v4)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB976002-v5)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
hp deskjet 940c series (Remove only)
HP Extended Capabilities 4.7
HP Image Zone 4.7
HP Photo Printing Software
HP Product Assistant
HP PSC & OfficeJet 4.7
HP Update
HPSSupply
HPSystemDiagnostics
ImgBurn
InstantShare
Intel(R) Extreme Graphics 2 Driver
Intel(R) PRO Network Connections Drivers
Intel(R) PROSet
Java 2 Runtime Environment, SE v1.4.2_03
Java Auto Updater
Juniper Networks Network Connect 6.4.0
Malwarebytes' Anti-Malware
MarketResearch
Maxtor Backup
Maxtor Encryption
Maxtor OneTouch III
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Calculator Plus
Microsoft Choice Guard
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Date and Phone XML Smart Tags
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Live Add-in 1.4
Microsoft Office Outlook Connector
Microsoft Office Professional Edition 2003
Microsoft Office Project Standard 2003
Microsoft Office Small Business Connectivity Components
Microsoft Office Visio Professional 2003
Microsoft Office Visio Viewer 2003 (English)
Microsoft Outlook Personal Folders Backup
Microsoft Silverlight
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
Microsoft SQL Server 2005 Tools Express Edition
Microsoft SQL Server Native Client
Microsoft SQL Server Setup Support Files (English)
Microsoft SQL Server VSS Writer
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Windows Journal Viewer
Modem Helper
Motorola Phone Tools
MSN
MSVCRT
MSXML 4.0 SP2 (KB925672)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
MSXML 6.0 Parser
Nero - Burning Rom
NetWaiting
OMCI
PanoStandAlone
PhotoGallery
PowerDVD 5.1
ProductContext
Project Report Presentation Add-in for Microsoft Office Project 2003
QFolder
Readme
RealPlayer
Remove Hidden Data Tool
Sage Instant Accounts
Sage Instant Accounts V12.00
Scan
ScannerCopy
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 9 (KB911565)
Security Update for Windows Media Player 9 (KB936782)
Security Update for Windows Search 4 - KB963093
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981349)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982381)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Segoe UI
Shop for HP Supplies
SkinsHP1
Sonic RecordNow! Plus
Sonic Update Manager
SoundMAX
SpeedTouch USB Software
System Requirements Lab for Intel
TrayApp
Unload
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB955759)
Update for Windows XP (KB961503)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB978207)
Update for Windows XP (KB980182)
USB Device Driver v1.25r004
User Profile Hive Cleanup Service
WebEx
WebFldrs XP
WebReg
Windows Defender Signatures
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage v1.3.0254.0
Windows Genuine Advantage Validation Tool
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Messenger
Windows Live OneCare safety scanner
Windows Live Upload Tool
Windows Media Format 11 runtime
Windows Media Player 11
Windows Presentation Foundation
Windows Search 4.0
Windows XP Service Pack 3
WOT for Internet Explorer
XML Paper Specification Shared Components Pack 1.0
Yahoo! Toolbar

==== Event Viewer Messages From Past Week ========

18/11/2010 17:22:33, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD agp440 BANTExt ehdrv epfwtdi eusk2par Fips IntelIde intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss szkg Tcpip
18/11/2010 16:23:10, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service Iap with arguments "-Service" in order to run the server: {B0C61A79-0870-4BE4-9153-9CCAF422E31F}
18/11/2010 15:55:15, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
18/11/2010 15:55:08, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD BANTExt ehdrv epfwtdi eusk2par Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss szkg Tcpip
18/11/2010 15:55:08, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.
18/11/2010 15:55:08, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
18/11/2010 15:55:08, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
18/11/2010 15:55:08, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
18/11/2010 15:54:44, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
18/11/2010 15:54:38, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

==== End Of File ===========================
That is the 3 files I could get. Thank you for starting the4 healing process.

David

David Malware Virus Capture

I have managed to start and run the tests as suggested in the Malware user advice with the PC in the safe mode. I downloaded the programmes onto a USB sick on my lap top and transfered them to the PC. Do not know if this will have affected the results.

Please let me know when/if I should post them bach and to whom.

Loking forward to more help - Thank you all
David

David, I have asked the moderator to move this description of the problem to the thread with the logs:https://www.techspot.com/vb/topic156798.html
Everything pertaining to this problem should be posted there. I am closing this thread.