Inactive Google redirect

Status
Not open for further replies.
R

rmhughes0711

Posts: 57   +0
I have a Vista computer that has the cursed Google redirect problem. I have run numerous spyware and malware scans but the problem still exists. I downloaded tdsskiller to my desktop and unzipped it, however it never launches even when I try and run it as an administrator. What can I do to resolve the issue?
 
Welcome_crash.gif

(Image courtesy animationplayhouse.com)
\
Welcome to TechSpot![
I'll help with the malware, but you should stop trying to find scans that will fix the problem! The key is finding what the problem is!

Please follow the steps in the Preliminary Virus and Malware Removal thread HERE.

When you have finished, leave the logs for review in your next reply .
NOTE: Logs must be pasted in the replies. Attached logs will not be reviewed.

Important!
Please do not use any other cleaning programs or scans while I'm helping you, unless I direct you to. Do not use a Registry cleaner or make any changes in the Registry.
 
Logs pasted as requested

Please let me know the next step. Thanks for your help!

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 5748

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.19019

2/12/2011 10:55:03 AM
mbam-log-2011-02-12 (10-55-03).txt

Scan type: Quick scan
Objects scanned: 147694
Time elapsed: 3 minute(s), 45 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

***************************************************************************************************************
GMER log below

GMER 1.0.15.15530 - http://www.gmer.net
Rootkit quick scan 2011-02-12 11:04:35
Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0 FUJITSU_ rev.0085
Running: 4hmeymmi.exe; Driver: C:\Users\Linda\AppData\Local\Temp\uglcapob.sys


---- Devices - GMER 1.0.15 ----

Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-0 8520A1F8
Device \Driver\iaStor \Device\Ide\iaStor0 [826D3A60] \SystemRoot\system32\drivers\iastor.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort0 8520A1F8
Device \Driver\iaStor \Device\Ide\IAAStorageDevice-0 [826D3A60] \SystemRoot\system32\drivers\iastor.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\a8q3g4nd \Device\Scsi\a8q3g4nd1Port3Path0Target0Lun0 86BD51F8
Device \Driver\a8q3g4nd \Device\Scsi\a8q3g4nd1 86BD51F8
Device \FileSystem\Ntfs \Ntfs 8520B1F8

AttachedDevice \FileSystem\Ntfs \Ntfs AVGIDSFilter.Sys (IDS Application Activity Monitor Filter Driver./AVG Technologies CZ, s.r.o. )

Device \FileSystem\fastfat \Fat 8F9FC1F8

AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\fastfat \Fat AVGIDSFilter.Sys (IDS Application Activity Monitor Filter Driver./AVG Technologies CZ, s.r.o. )
AttachedDevice \Driver\tdx \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\tdx \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\tdx \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\tdx \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)

---- Threads - GMER 1.0.15 ----

Thread System [4:292] 869439FB
Thread System [4:296] 86945A2C

---- EOF - GMER 1.0.15 ----
**************************************************************************************************************
DDS.txt below


DDS (Ver_10-12-12.02) - NTFSx86
Run by Linda at 11:06:14.97 on Sat 02/12/2011
Internet Explorer: 8.0.6001.19019
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.1.1033.18.2037.920 [GMT -5:00]

AV: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\PROGRA~1\AVG\AVG10\avgchsvx.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Fingerprint Reader Suite\upeksvr.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\aestsrv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG10\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Windows\system32\svchost.exe -k hpdevmgmt
C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Windows\system32\STacSV.exe
C:\Program Files\AVG\AVG10\avgnsx.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\AVG\AVG10\avgtray.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10m_ActiveX.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wuauclt.exe
C:\PROGRA~1\AVG\AVG10\avgrsx.exe
C:\Program Files\AVG\AVG10\avgcsrvx.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Linda\Desktop\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.yahoo.com/
uWindow Title = Internet Explorer provided by Dell
uDefault_Page_URL = hxxp://www.dell.com
mDefault_Page_URL = hxxp://www.dell.com
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg10\toolbar\IEToolbar.dll
mURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg10\toolbar\IEToolbar.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg10\avgssie.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_07\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - c:\program files\windows live\companion\companioncore.dll
BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg10\toolbar\IEToolbar.dll
TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program files\avg\avg10\toolbar\IEToolbar.dll
EB: {D367A4AF-8202-4173-A115-9831108F1E0A} - No File
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
uRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter
mRun: [AVG_TRAY] c:\program files\avg\avg10\avgtray.exe
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [%PROVIDERID%] "bin\sprtcmd.exe" /P %PROVIDERID%
mRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter
mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: DisableCAD = 1 (0x1)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} - c:\progra~1\java\jre16~1.0_0\bin\ssv.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} - hxxps://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
DPF: {80AEEC0E-A2BE-4B8D-985F-350FE869DC40} - hxxp://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsVista.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - c:\program files\avg\avg10\toolbar\IEToolbar.dll
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg10\avgpp.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
Notify: igfxcui - igfxdev.dll
Notify: psfus - c:\windows\system32\psqlpwd.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
LSA: Notification Packages = scecli psqlpwd

================= FIREFOX ===================

FF - ProfilePath - c:\users\linda\appdata\roaming\mozilla\firefox\profiles\4ib0vqk6.default\
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}

============= SERVICES / DRIVERS ===============

R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2010-9-13 25680]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2010-9-7 26064]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2010-12-8 251728]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2010-9-7 34384]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2010-11-12 299984]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2010-2-17 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-5-10 67656]
R2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\AEstSrv.exe [2009-2-4 73728]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg10\identity protection\agent\bin\AVGIDSAgent.exe [2011-1-6 6128720]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg10\avgwdsvc.exe [2010-10-22 265400]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
R2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\logmein\x86\LMIGuardianSvc.exe [2010-10-4 374152]
R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\logmein\x86\rainfo.sys [2010-1-27 12856]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\system32\drivers\LMIRfsDriver.sys [2010-9-9 47640]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2010-8-3 123472]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2010-8-3 30288]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2010-8-3 27216]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-2-3 179712]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI Service;c:\windows\system32\drivers\IntcHdmi.sys [2009-2-3 111616]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\avg\avg10\toolbar\ToolbarBroker.exe [2011-2-9 517448]
S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2011-2-9 39272]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-9-23 1493352]
S3 PCDSRVC{E9D79540-57D5953E-06020101}_0;PCDSRVC{E9D79540-57D5953E-06020101}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\dell support center\pcdsrvc.pkms [2010-11-17 21744]
S3 utm0mjuw;AVZ Kernel Driver;c:\windows\system32\drivers\utm0mjuw.sys [2011-2-11 7168]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2008-5-6 11520]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-22 51040]

=============== Created Last 30 ================

2011-02-11 15:27:08 7168 ----a-w- c:\windows\system32\drivers\utm0mjuw.sys
2011-02-11 15:11:36 -------- d-----w- c:\progra~2\Kaspersky Lab
2011-02-11 04:29:10 420352 ----a-w- c:\windows\system32\vbscript.dll
2011-02-11 04:00:01 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-02-11 04:00:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-02-11 04:00:00 129536 ----a-w- c:\program files\internet explorer\sqmapi.dll
2011-02-10 06:10:09 -------- d-----w- c:\program files\Dell Support Center
2011-02-10 05:59:48 -------- d-----w- c:\progra~2\PCDr
2011-02-10 05:59:24 -------- d-----w- c:\users\linda\appdata\roaming\PCDr
2011-02-10 04:29:55 -------- d-----w- c:\program files\common files\supportsoft
2011-02-09 21:27:01 -------- d-----w- c:\windows\en
2011-02-09 21:26:24 39272 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2011-02-09 21:22:16 -------- d-----w- c:\program files\Microsoft
2011-02-09 21:21:55 69464 ----a-w- c:\windows\system32\XAPOFX1_3.dll
2011-02-09 21:21:55 515416 ----a-w- c:\windows\system32\XAudio2_5.dll
2011-02-09 21:21:55 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2011-02-09 21:21:21 469256 ----a-w- c:\program files\common files\windows live\.cache\4aa6f60b1cbc89f41\InstallManager_WLE_WLE.exe
2011-02-09 21:19:57 15712 ----a-w- c:\program files\common files\windows live\.cache\1949922b1cbc89f34\MeshBetaRemover.exe
2011-02-09 21:18:25 94040 ----a-w- c:\program files\common files\windows live\.cache\e2158d4b1cbc89e27\DSETUP.dll
2011-02-09 21:18:25 525656 ----a-w- c:\program files\common files\windows live\.cache\e2158d4b1cbc89e27\DXSETUP.exe
2011-02-09 21:18:25 1691480 ----a-w- c:\program files\common files\windows live\.cache\e2158d4b1cbc89e27\dsetup32.dll
2011-02-09 21:18:20 94040 ----a-w- c:\program files\common files\windows live\.cache\deb57a2b1cbc89e26\DSETUP.dll
2011-02-09 21:18:20 525656 ----a-w- c:\program files\common files\windows live\.cache\deb57a2b1cbc89e26\DXSETUP.exe
2011-02-09 21:18:20 1691480 ----a-w- c:\program files\common files\windows live\.cache\deb57a2b1cbc89e26\dsetup32.dll
2011-02-09 21:14:08 -------- d-----w- c:\users\linda\appdata\local\Windows Live
2011-02-09 21:14:07 -------- d-----w- c:\program files\common files\Windows Live
2011-02-09 21:13:39 754688 ----a-w- c:\windows\system32\webservices.dll
2011-02-09 20:11:15 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat
2011-02-09 19:39:08 -------- d-----w- c:\progra~2\Roaming
2011-02-09 19:38:55 56 ----a-w- c:\windows\system32\IHV_Install.bat
2011-02-09 19:38:21 -------- d-----w- c:\program files\Cisco
2011-02-09 19:36:13 -------- d-----w- c:\users\linda\appdata\roaming\Intel
2011-02-09 06:09:43 -------- d--h--w- C:\$AVG
2011-02-09 05:33:22 2730536 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\backup\mpengine.dll
2011-02-09 05:33:18 5890896 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\{4f3e2d36-d77e-4a02-a25f-8c92206c245c}\mpengine.dll
2011-02-09 05:16:37 -------- d-----w- c:\users\linda\appdata\roaming\AVG10
2011-02-09 05:15:34 -------- d--h--w- c:\progra~2\Common Files
2011-02-09 05:15:16 -------- d-----w- c:\progra~2\AVG Security Toolbar
2011-02-09 05:13:37 -------- d-----w- c:\windows\system32\drivers\AVG
2011-02-09 05:13:37 -------- d-----w- c:\progra~2\AVG10
2011-02-09 05:11:28 -------- d-----w- c:\program files\AVG
2011-02-09 04:46:09 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-02-09 03:49:01 -------- d-----w- c:\users\linda\appdata\roaming\SUPERAntiSpyware.com
2011-02-09 03:49:01 -------- d-----w- c:\progra~2\SUPERAntiSpyware.com
2011-02-09 03:48:54 -------- d-----w- c:\program files\SUPERAntiSpyware
2011-02-09 03:17:32 -------- d-----w- c:\program files\CleanUp!
2011-02-09 02:51:42 -------- d-----w- c:\users\linda\appdata\roaming\Malwarebytes
2011-02-09 02:51:34 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-02-09 02:51:34 -------- d-----w- c:\progra~2\Malwarebytes
2011-02-09 02:51:30 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-02-09 02:51:30 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-02-08 22:42:48 388096 ----a-r- c:\users\linda\appdata\roaming\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2011-02-08 22:42:47 -------- d-----w- c:\program files\Trend Micro
2011-02-08 21:51:01 -------- d-----w- c:\progra~2\MFAData
2011-02-08 21:31:47 -------- d-----w- c:\users\linda\appdata\local\WindowsUpdate
2011-02-08 21:10:46 -------- d-----w- c:\windows\pss
2011-01-31 15:57:30 -------- d-----w- c:\program files\iPod
2011-01-31 15:57:27 -------- d-----w- c:\program files\iTunes

==================== Find3M ====================

2011-01-20 16:08:16 478720 ----a-w- c:\windows\system32\dxgi.dll
2011-01-20 16:08:06 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
2011-01-20 16:08:06 189952 ----a-w- c:\windows\system32\d3d10core.dll
2011-01-20 16:08:06 160768 ----a-w- c:\windows\system32\d3d10_1.dll
2011-01-20 16:08:06 1029120 ----a-w- c:\windows\system32\d3d10.dll
2011-01-20 16:07:58 37376 ----a-w- c:\windows\system32\cdd.dll
2011-01-20 16:07:42 258048 ----a-w- c:\windows\system32\winspool.drv
2011-01-20 16:07:16 586240 ----a-w- c:\windows\system32\stobject.dll
2011-01-20 16:06:38 2873344 ----a-w- c:\windows\system32\mf.dll
2011-01-20 16:06:35 26112 ----a-w- c:\windows\system32\printfilterpipelineprxy.dll
2011-01-20 16:04:54 98816 ----a-w- c:\windows\system32\mfps.dll
2011-01-20 16:04:54 209920 ----a-w- c:\windows\system32\mfplat.dll
2011-01-20 14:28:38 1554432 ----a-w- c:\windows\system32\xpsservices.dll
2011-01-20 14:27:50 876032 ----a-w- c:\windows\system32\XpsPrint.dll
2011-01-20 14:26:30 667648 ----a-w- c:\windows\system32\printfilterpipelinesvc.exe
2011-01-20 14:25:25 847360 ----a-w- c:\windows\system32\OpcServices.dll
2011-01-20 14:24:32 288768 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-01-20 14:24:26 135680 ----a-w- c:\windows\system32\XpsRasterService.dll
2011-01-20 14:15:10 979456 ----a-w- c:\windows\system32\MFH264Dec.dll
2011-01-20 14:14:39 357376 ----a-w- c:\windows\system32\MFHEAACdec.dll
2011-01-20 14:14:03 302592 ----a-w- c:\windows\system32\mfmp4src.dll
2011-01-20 14:14:03 261632 ----a-w- c:\windows\system32\mfreadwrite.dll
2011-01-20 14:12:46 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
2011-01-20 14:11:34 486400 ----a-w- c:\windows\system32\d3d10level9.dll
2011-01-20 13:47:51 683008 ----a-w- c:\windows\system32\d2d1.dll
2011-01-20 13:44:05 1068544 ----a-w- c:\windows\system32\DWrite.dll
2011-01-20 13:44:03 797184 ----a-w- c:\windows\system32\FntCache.dll
2011-01-08 08:47:50 34304 ----a-w- c:\windows\system32\atmlib.dll
2011-01-08 06:28:49 292352 ----a-w- c:\windows\system32\atmfd.dll
2010-12-31 13:57:01 2039808 ----a-w- c:\windows\system32\win32k.sys
2010-12-28 15:55:03 413696 ----a-w- c:\windows\system32\odbc32.dll
2010-12-18 06:27:04 916480 ----a-w- c:\windows\system32\wininet.dll
2010-12-18 06:22:27 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2010-12-18 06:22:11 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-12-18 06:22:11 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-12-18 05:25:26 385024 ----a-w- c:\windows\system32\html.iec
2010-12-18 04:48:39 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2010-12-14 14:49:23 1169408 ----a-w- c:\windows\system32\sdclt.exe
2010-12-08 18:12:02 83360 ----a-w- c:\windows\system32\LMIRfsClientNP.dll
2010-12-08 18:11:52 53632 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\LMIproc.dll
2010-12-08 18:11:46 29568 ----a-w- c:\windows\system32\LMIport.dll
2010-12-08 18:11:44 87424 ----a-w- c:\windows\system32\LMIinit.dll
2010-11-29 22:38:30 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-11-29 22:38:30 69632 ----a-w- c:\windows\system32\QuickTime.qts

============= FINISH: 11:13:32.39 ===============

**************************************************************************************************************
Attach.txt below


UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-12-12.02)

Microsoft® Windows Vista™ Home Basic
Boot Device: \Device\HarddiskVolume3
Install Date: 2/4/2009 1:20:03 AM
System Uptime: 2/12/2011 10:46:39 AM (1 hours ago)

Motherboard: Dell Inc. | | 0N6705
Processor: Intel(R) Core(TM)2 Duo CPU T5250 @ 1.50GHz | Microprocessor | 1500/166mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 99 GiB total, 12.463 GiB free.
D: is FIXED (NTFS) - 10 GiB total, 5.416 GiB free.
E: is CDROM ()
F: is CDROM (CDFS)
G: is CDROM ()
H: is Removable

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP128: 2/10/2011 11:12:02 PM - Windows Update
RP129: 2/10/2011 11:33:44 PM - Windows Update
RP130: 2/11/2011 3:00:11 AM - Windows Update
RP131: 2/11/2011 10:22:46 AM - Removed Dell DataSafe Online
RP132: 2/12/2011 3:00:11 AM - Windows Update

==== Installed Programs ======================

32 Bit HP CIO Components Installer
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.3.4
Advanced Audio FX Engine
Advanced Video FX Engine
AdVantage (Powering DAEMON Tools)
AIO_CDA_ProductContext
AIO_CDA_Software
AIO_Scan
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Auslogics Duplicate File Finder
AVG 2011
Banctec Service Agreement
Beyond Compare Version 3.1.11
Bonjour
Broadcom Gigabit Integrated Controller
Broadcom Management Programs
BufferChm
C5100
c5100_Help
CleanUp!
Copy
CustomerResearchQFolder
D3DX10
Dell Getting Started Guide
Dell Support Center
Dell Touchpad
Dell Webcam Center
Dell Webcam Manager
DellSupport
Destinations
DeviceManagementQFolder
DocProc
DocProcQFolder
EDocs
eSupportQFolder
Fax
Fingerprint Reader Suite 5.6
HiJackThis
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Customer Participation Program 8.0
HP Driver Diagnostics
HP Imaging Device Functions 8.0
HP OCR Software 8.0
HP Photosmart Essential
HP Photosmart.All-In-One Driver Software 8.0 .A
HP Solution Center 8.0
HP Update
HPProductAssistant
HPSSupply
Intel(R) PROSet/Wireless Software
iTunes
Java(TM) 6 Update 7
Junk Mail filter update
Laptop Integrated Webcam Driver (1.04.01.1011)
Live! Cam Avatar Creator
Live! Cam Avatar v1.0
LogMeIn
Malwarebytes' Anti-Malware
MarketResearch
mCorev32.ism_new
mCPlug
mDriver
MediaDirect
Mesh Runtime
Messenger Companion
mHelp
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
mMHouse
Mozilla Firefox (3.6.13)
Mozilla Thunderbird (3.1.3)
mPfMgr
MSVCRT
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Music, Photos & Videos Launcher
mWMI
OutlookAddinSetup
Product Documentation Launcher
QuickSet
QuickTime
Safari
Scan
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2289158)
Security Update for 2007 Microsoft Office System (KB2344875)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2345035)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office PowerPoint Viewer (KB2413381)
Security Update for Microsoft Office Publisher 2007 (KB2284697)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Segoe UI
SolutionCenter
Status
SUPERAntiSpyware
Toolbox
TrayApp
UnloadSupport
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2412171)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (KB2492475)
WebReg
WIDCOMM Bluetooth Software 6.0.1.3100
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources

==== Event Viewer Messages From Past Week ========

2/12/2011 3:38:16 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB2393802).
2/12/2011 3:29:59 AM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB2393802~31bf3856ad364e35~x86~~6.0.1.3 () into Staged(Staged) state
2/12/2011 3:29:59 AM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB2393802_client~31bf3856ad364e35~x86~~6.0.1.3 () into Staged(Staged) state
2/12/2011 3:29:59 AM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB2393802_client_2~31bf3856ad364e35~x86~~6.0.1.3 () into Staged(Staged) state
2/12/2011 3:29:59 AM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB2393802_client_1~31bf3856ad364e35~x86~~6.0.1.3 () into Staged(Staged) state
2/12/2011 3:29:59 AM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_7_for_KB2393802~31bf3856ad364e35~x86~~6.0.1.3 () into Staged(Staged) state
2/12/2011 3:29:59 AM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_6_for_KB2393802~31bf3856ad364e35~x86~~6.0.1.3 () into Staged(Staged) state
2/12/2011 3:29:59 AM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_3_for_KB2393802~31bf3856ad364e35~x86~~6.0.1.3 () into Staged(Staged) state
2/12/2011 3:29:59 AM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_2_for_KB2393802~31bf3856ad364e35~x86~~6.0.1.3 () into Staged(Staged) state
2/12/2011 3:27:31 AM, Error: Service Control Manager [7023] - The Windows Modules Installer service terminated with the following error: The process cannot access the file because it is being used by another process.
2/12/2011 2:49:21 AM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.1.102 for the Network Card with network address 0013E87A28D9 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
2/12/2011 10:58:22 AM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.1.23 for the Network Card with network address 0013E87A28D9 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
2/12/2011 10:48:39 AM, Error: Service Control Manager [7000] - The SupportSoft Sprocket Service (dellsupportcenter) service failed to start due to the following error: The system cannot find the file specified.
2/10/2011 2:47:49 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Avgldx86 Avgmfx86 SASDIFSV SASKUTIL spldr sptd Wanarpv6
2/10/2011 2:47:49 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
2/10/2011 2:47:33 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
2/10/2011 2:47:25 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
2/10/2011 2:47:17 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
2/10/2011 2:47:00 PM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\System32\IWMSSvc.dll Error Code: 21
2/10/2011 2:45:40 PM, Error: sptd [4] - Driver detected an internal error in its data structures for .
2/10/2011 11:50:20 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
2/10/2011 11:50:20 AM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
2/10/2011 11:38:48 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
2/10/2011 11:20:14 PM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\System32\IWMSSvc.dll Error Code: 258
2/10/2011 11:06:48 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Internet Explorer 8 for Windows Vista.
2/10/2011 11:05:22 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB2482017_ie8~31bf3856ad364e35~x86~~8.0.1.0 () into Absent(Absent) state
2/10/2011 11:05:22 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB2482017_ie8_0~31bf3856ad364e35~x86~~8.0.1.0 () into Absent(Absent) state
2/10/2011 11:05:22 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB2447568_ie8~31bf3856ad364e35~x86~~8.0.1.0 () into Absent(Absent) state
2/10/2011 11:05:22 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB2447568_ie8_0~31bf3856ad364e35~x86~~8.0.1.0 () into Absent(Absent) state
2/10/2011 11:05:22 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_1_for_KB2482017~31bf3856ad364e35~x86~~8.0.1.0 () into Absent(Absent) state
2/10/2011 11:05:22 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_1_for_KB2447568~31bf3856ad364e35~x86~~8.0.1.0 () into Absent(Absent) state
2/10/2011 11:05:22 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Microsoft-Windows-InternetExplorer-8-SP1-Update~31bf3856ad364e35~x86~~8.0.6001.18702 () into Staged(Staged) state
2/10/2011 11:05:22 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Microsoft-Windows-InternetExplorer-8-RTM-Update~31bf3856ad364e35~x86~en-US~8.0.6001.18702 () into Staged(Staged) state
2/10/2011 11:05:22 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Microsoft-Windows-InternetExplorer-8-RTM-Update~31bf3856ad364e35~x86~~8.0.6001.18702 () into Staged(Staged) state
2/10/2011 11:05:22 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Microsoft-Windows-InternetExplorer-8-Package~31bf3856ad364e35~x86~en-US~8.0.6001.18702 () into Staged(Staged) state
2/10/2011 11:05:22 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Microsoft-Windows-InternetExplorer-8-Package~31bf3856ad364e35~x86~~8.0.6001.18702 () into Staged(Staged) state
2/10/2011 11:05:22 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Microsoft-Windows-InternetExplorer-8-Package-MiniLP~31bf3856ad364e35~x86~en-US~8.0.6001.18702 () into Staged(Staged) state
2/10/2011 11:05:18 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB2482017~31bf3856ad364e35~x86~~8.0.1.0 () into Absent(Absent) state
2/10/2011 11:05:17 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB2447568~31bf3856ad364e35~x86~~8.0.1.0 () into Absent(Absent) state
2/10/2011 11:05:15 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Microsoft-Windows-InternetExplorer-8-Package-TopLevel~31bf3856ad364e35~x86~~8.0.6001.18702 () into Staged(Staged) state
2/10/2011 1:31:16 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB2485376).
2/10/2011 1:31:16 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB2483185).
2/10/2011 1:31:16 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB2479628).
2/10/2011 1:29:22 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB2485376_client~31bf3856ad364e35~x86~~6.0.1.3 () into Staged(Staged) state
2/10/2011 1:29:22 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB2485376_client_2~31bf3856ad364e35~x86~~6.0.1.3 () into Staged(Staged) state
2/10/2011 1:29:22 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB2485376_client_1~31bf3856ad364e35~x86~~6.0.1.3 () into Staged(Staged) state
2/10/2011 1:29:22 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB2483185_client~31bf3856ad364e35~x86~~6.0.1.3 () into Resolved(Resolved) state
2/10/2011 1:29:22 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB2483185_client_2~31bf3856ad364e35~x86~~6.0.1.3 () into Resolved(Resolved) state
2/10/2011 1:29:22 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB2483185_client_1~31bf3856ad364e35~x86~~6.0.1.3 () into Resolved(Resolved) state
2/10/2011 1:29:22 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB2479628~31bf3856ad364e35~x86~~6.0.1.1 () into Resolved(Resolved) state
2/10/2011 1:29:22 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB2479628_client~31bf3856ad364e35~x86~~6.0.1.1 () into Resolved(Resolved) state
2/10/2011 1:29:22 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB2479628_client_2~31bf3856ad364e35~x86~~6.0.1.1 () into Resolved(Resolved) state
2/10/2011 1:29:22 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB2479628_client_1~31bf3856ad364e35~x86~~6.0.1.1 () into Resolved(Resolved) state
2/10/2011 1:29:22 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB2393802_client~31bf3856ad364e35~x86~~6.0.1.3 () into Resolved(Resolved) state
2/10/2011 1:29:22 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB2393802_client_2~31bf3856ad364e35~x86~~6.0.1.3 () into Resolved(Resolved) state
2/10/2011 1:29:22 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB2393802_client_1~31bf3856ad364e35~x86~~6.0.1.3 () into Resolved(Resolved) state
2/10/2011 1:29:22 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_7_for_KB2393802~31bf3856ad364e35~x86~~6.0.1.3 () into Resolved(Resolved) state
2/10/2011 1:29:22 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_6_for_KB2393802~31bf3856ad364e35~x86~~6.0.1.3 () into Resolved(Resolved) state
2/10/2011 1:29:22 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_5_for_KB2485376~31bf3856ad364e35~x86~~6.0.1.3 () into Staged(Staged) state
2/10/2011 1:29:22 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_5_for_KB2483185~31bf3856ad364e35~x86~~6.0.1.3 () into Resolved(Resolved) state
2/10/2011 1:29:22 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_5_for_KB2479628~31bf3856ad364e35~x86~~6.0.1.1 () into Resolved(Resolved) state
2/10/2011 1:29:22 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_3_for_KB2393802~31bf3856ad364e35~x86~~6.0.1.3 () into Resolved(Resolved) state
2/10/2011 1:29:22 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_2_for_KB2485376~31bf3856ad364e35~x86~~6.0.1.3 () into Staged(Staged) state
2/10/2011 1:29:22 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_2_for_KB2483185~31bf3856ad364e35~x86~~6.0.1.3 () into Resolved(Resolved) state
2/10/2011 1:29:22 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_2_for_KB2479628~31bf3856ad364e35~x86~~6.0.1.1 () into Resolved(Resolved) state
2/10/2011 1:29:22 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_2_for_KB2393802~31bf3856ad364e35~x86~~6.0.1.3 () into Resolved(Resolved) state
2/10/2011 1:29:03 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB2393802~31bf3856ad364e35~x86~~6.0.1.3 () into Resolved(Resolved) state
2/10/2011 1:29:00 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB2483185~31bf3856ad364e35~x86~~6.0.1.3 () into Resolved(Resolved) state
2/10/2011 1:28:56 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB2485376~31bf3856ad364e35~x86~~6.0.1.3 () into Staged(Staged) state

==== End Of File ===========================
 
Some tips for you:
1. The first thing I did when I got my Dell computers was to stop and uninstall the preloaded junk.
2. The first thing I did after I connected my HP all-in-one was to take all of it's processes off of the start menu, disable Service that wasn't needed and delete some of the processes they put on all the peripherals that isn't needed to run them
3. The second thing I did with all of my computers was to disable all auto-update except the AV and take those processes off of Startup> like Java, Adobe< HP Update, iTunes update, QuickTime update.
4. The next thing I did was open the Event Viewer and look for Error Events. If I saw one that was repeating and didn't know why, I'd search for cause and cure>> such as your multiples of this Error:
Microsoft-Windows-Servicing [4375]
(Windows Servicing failed to complete the process of setting package Microsoft-Windows-InternetExplorer-8-Package~31bf3856ad364e35~x86~en-US~8.0.6001.18702 () into Staged(Staged) state:)
Which I would find on this TechNet site.http://social.technet.microsoft.com...-4375-package-installations-or-removals.aspx=

These things aren't your problem- not directly. But every unnecessary or unneeded process that is connected to the internet can put the system at risk> and everything I said above is directly related to what I see in your system.
=====================================================
It also appears that on 2/10 and 2/11, you combed the internet, trying to find something that would fix the problem- when all you knew at that point was that your searches were being redirected>> but you didn't know why>> so you really didn't know what scan might be appropriate. So you need to remove Kaspersky because you shouldn't have more than 1 AV. (02-11 15:11:36>> - c:\progra~2\Kaspersky Lab.

And you installed SupportSoft which offers remote support and PC Doctor which appears to be more of a tool for the manufacturers rather than users. Both of these were costly, were they not? And so far, I don't see that TDSSKiller is indicated- but that's just based on what I can see here.
===================================================
The Java is very outdated and this is a vulnerability as well as possibly slowing the system down. Please check this site .Java Updates .The most current update is v6u23 Uninstall Java v6u7 and any earlier versions in Add/Remove Programs as they are vulnerabilities for the system.
======================================
I would like you to run Combofix. Unfortunately, you will have to uninstall AVG to do it. You may get by just using this, so try this first:
AVG Remover eliminates all the parts of your AVG installation from your computer, including registry items, installation files, user files, etc.
Note:
  • AVG user settings will be removed.
  • Virus Vault contents will be removed.
  • All other items related to AVG installation and use will be removed.
  • You will be asked during the removal procedure to restart your computer. Please do so.
  • Make sure there is no open work in process prior to launching AVG Remover.
Use the appropriate download for your system for the AVG Remover:
AVG Remover:32bit
AVG Remover:64 bit
========================================
Then go on to the next reply to run Combofix. If you get a message that Combofix won't run because of AVG, let me know and I'll have you use an app remover.
 
Download Combofix to your desktop from one of these locations:
Link 1
Link 2http://www.forospyware.com/sUBs/ComboFix.exe
  • Double click combofix.exe & follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. It is strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode if needed.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
  • Query- Recovery Console image
    RcAuto1.gif

    WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
    Click to expand...
  • Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:
    whatnext.png
  • .Click on Yes, to continue scanning for malware
  • .If Combofix asks you to update the program, allow
  • .Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  • .Close any open browsers.
  • .Double click combofix.exe
    cf-icon.jpg
    & follow the prompts to run.
  • When the scan completes it will open a text window. Please paste that log in your next reply.
Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser.
3. Combofix prevents autorun of ALL CD, floppy and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell your helper.
4. CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.
 
Combofix

Combofix log is below for your review. Please let me know next steps. Thanks for your help!

ComboFix 11-02-13.01 - Linda 02/14/2011 0:49.1.2 - x86
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.1.1033.18.2037.1169 [GMT -5:00]
Running from: c:\users\Linda\Desktop\ComboFix.exe
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\users\Linda\AppData\Roaming\AdVantage
c:\users\Linda\AppData\Roaming\AdVantage\about_AdVantage.mht
c:\users\Linda\AppData\Roaming\AdVantage\advantage.cfg
c:\users\Linda\AppData\Roaming\AdVantage\advantage.cfg.7a02fe140c568113abe8b7ac87900bca
c:\users\Linda\AppData\Roaming\AdVantage\advantage.mht
c:\users\Linda\AppData\Roaming\AdVantage\AdVUninst.exe
c:\users\Linda\AppData\Roaming\AdVantage\diff.cfg.30f9990d6a5bde5bf2c1f3ed8974f228.e31f70f60e237b95d79fb5d18fdc8d1c
c:\users\Linda\AppData\Roaming\AdVantage\diff.cfg.92d38fe0b789c376a35f3e623e72779d.4b842e2da1f19bb9937aa5431fe39b11
c:\users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Disk
c:\users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Disk\Uninstall Windows Disk.lnk
c:\users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Disk\Windows Disk.lnk

Infected copy of c:\windows\system32\drivers\volsnap.sys was found and disinfected
Restored copy from - Kitty had a snack :p
.
((((((((((((((((((((((((( Files Created from 2011-01-14 to 2011-02-14 )))))))))))))))))))))))))))))))
.

2011-02-14 05:55 . 2011-02-14 05:57 -------- d-----w- c:\users\Linda\AppData\Local\temp
2011-02-14 05:55 . 2011-02-14 05:55 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-02-14 05:27 . 2011-02-14 05:27 -------- d-----w- c:\program files\Common Files\Java
2011-02-14 05:08 . 2011-02-14 05:25 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-02-14 05:08 . 2011-02-14 05:25 472808 ----a-w- c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
2011-02-11 15:27 . 2011-02-11 15:27 7168 ----a-w- c:\windows\system32\drivers\utm0mjuw.sys
2011-02-11 15:11 . 2011-02-12 15:23 -------- d-----w- c:\programdata\Kaspersky Lab
2011-02-11 04:29 . 2010-03-05 14:01 420352 ----a-w- c:\windows\system32\vbscript.dll
2011-02-11 04:00 . 2010-12-18 04:47 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-02-11 04:00 . 2010-12-18 06:26 129536 ----a-w- c:\program files\Internet Explorer\sqmapi.dll
2011-02-11 04:00 . 2010-12-18 06:22 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-02-10 06:10 . 2011-02-10 06:11 -------- d-----w- c:\program files\Dell Support Center
2011-02-10 05:59 . 2011-02-10 06:14 -------- d-----w- c:\programdata\PCDr
2011-02-10 05:59 . 2011-02-10 06:01 -------- d-----w- c:\users\Linda\AppData\Roaming\PCDr
2011-02-10 04:30 . 2011-02-10 06:09 -------- d-----w- c:\programdata\SupportSoft
2011-02-10 04:29 . 2011-02-10 06:09 -------- d-----w- c:\program files\Common Files\supportsoft
2011-02-09 21:27 . 2011-02-09 21:27 -------- d-----w- c:\windows\en
2011-02-09 21:26 . 2010-09-23 05:21 39272 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2011-02-09 21:22 . 2011-02-09 21:41 -------- d-----w- c:\program files\Microsoft
2011-02-09 21:21 . 2009-09-04 22:44 69464 ----a-w- c:\windows\system32\XAPOFX1_3.dll
2011-02-09 21:21 . 2009-09-04 22:44 515416 ----a-w- c:\windows\system32\XAudio2_5.dll
2011-02-09 21:21 . 2009-09-04 22:29 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2011-02-09 21:14 . 2011-02-09 21:14 -------- d-----w- c:\users\Linda\AppData\Local\Windows Live
2011-02-09 21:14 . 2011-02-09 21:14 -------- d-----w- c:\program files\Common Files\Windows Live
2011-02-09 21:13 . 2009-08-04 08:02 754688 ----a-w- c:\windows\system32\webservices.dll
2011-02-09 21:12 . 2011-02-10 18:27 -------- d-----w- c:\program files\Microsoft Silverlight
2011-02-09 20:17 . 2011-02-09 20:17 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2011-02-09 20:11 . 2011-01-06 10:51 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2011-02-09 19:39 . 2011-02-09 19:39 -------- d-----w- c:\programdata\Roaming
2011-02-09 19:38 . 2011-02-09 19:38 56 ----a-w- c:\windows\system32\IHV_Install.bat
2011-02-09 19:38 . 2011-02-09 19:38 -------- d-----w- c:\program files\Cisco
2011-02-09 19:36 . 2011-02-09 19:36 -------- d-----w- c:\programdata\Intel
2011-02-09 19:36 . 2011-02-09 19:36 -------- d-----w- c:\users\Linda\AppData\Roaming\Intel
2011-02-09 06:09 . 2011-02-09 06:09 -------- d-----w- C:\$AVG
2011-02-09 05:33 . 2011-02-02 22:10 5890896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4F3E2D36-D77E-4A02-A25F-8C92206C245C}\mpengine.dll
2011-02-09 05:16 . 2011-02-09 05:16 -------- d-----w- c:\users\Linda\AppData\Roaming\AVG10
2011-02-09 05:15 . 2011-02-09 05:15 -------- d--h--w- c:\programdata\Common Files
2011-02-09 04:46 . 2011-02-02 22:11 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-02-09 03:49 . 2011-02-09 03:49 -------- d-----w- c:\users\Linda\AppData\Roaming\SUPERAntiSpyware.com
2011-02-09 03:49 . 2011-02-09 03:49 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2011-02-09 03:48 . 2011-02-09 03:49 -------- d-----w- c:\program files\SUPERAntiSpyware
2011-02-09 03:17 . 2011-02-09 03:17 -------- d-----w- c:\program files\CleanUp!
2011-02-09 02:51 . 2011-02-09 02:51 -------- d-----w- c:\users\Linda\AppData\Roaming\Malwarebytes
2011-02-09 02:51 . 2011-02-09 02:51 -------- d-----w- c:\programdata\Malwarebytes
2011-02-09 02:51 . 2010-12-20 23:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-02-09 02:51 . 2011-02-12 15:50 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-02-09 02:51 . 2010-12-20 23:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-02-08 22:42 . 2011-02-08 22:42 388096 ----a-r- c:\users\Linda\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-02-08 22:42 . 2011-02-08 22:42 -------- d-----w- c:\program files\Trend Micro
2011-02-08 21:51 . 2011-02-09 04:55 -------- d-----w- c:\programdata\MFAData
2011-02-08 21:31 . 2011-02-08 21:31 -------- d-----w- c:\users\Linda\AppData\Local\WindowsUpdate
2011-01-31 15:57 . 2011-01-31 15:57 -------- d-----w- c:\program files\iPod
2011-01-31 15:57 . 2011-01-31 15:58 -------- d-----w- c:\program files\iTunes

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-12-28 15:55 . 2011-01-12 22:42 413696 ----a-w- c:\windows\system32\odbc32.dll
2010-12-14 14:49 . 2011-01-12 22:42 1169408 ----a-w- c:\windows\system32\sdclt.exe
2010-12-08 18:12 . 2010-09-09 23:22 83360 ----a-w- c:\windows\system32\LMIRfsClientNP.dll
2010-12-08 18:11 . 2010-09-09 23:22 53632 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\LMIproc.dll
2010-12-08 18:11 . 2010-09-09 23:22 29568 ----a-w- c:\windows\system32\LMIport.dll
2010-12-08 18:11 . 2010-09-09 23:22 87424 ----a-w- c:\windows\system32\LMIinit.dll
2010-11-29 22:38 . 2010-11-29 22:38 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-11-29 22:38 . 2010-11-29 22:38 69632 ----a-w- c:\windows\system32\QuickTime.qts
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlay]
@="{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}"
[HKEY_CLASSES_ROOT\CLSID\{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}]
2007-04-17 05:13 721408 ----a-w- c:\program files\Fingerprint Reader Suite\farchns.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlayOpen]
@="{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}"
[HKEY_CLASSES_ROOT\CLSID\{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}]
2007-04-17 05:13 721408 ----a-w- c:\program files\Fingerprint Reader Suite\farchns.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2011-01-13 2424560]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"DisableCAD"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\psfus]
2007-04-17 05:04 86528 ----a-w- c:\windows\System32\psqlpwd.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
backup=c:\windows\pss\Bluetooth.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^Users^Linda^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]
path=c:\users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
backup=c:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup
backupExtension=.Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
%ProgramFiles%\Windows Defender\MSASCui.exe -hide [X]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-06-09 08:06 976832 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-06-20 02:04 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
2007-08-22 12:06 167368 ----a-w- c:\program files\DAEMON Tools\daemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupport]
2007-03-15 18:09 460784 ----a-w- c:\program files\DellSupport\DSAgnt.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dscactivate]
2007-07-30 19:40 16384 ----a-w- c:\dell\dsca.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2008-10-25 16:44 31072 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2008-04-22 06:11 166424 ----a-w- c:\windows\System32\hkcmd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2006-12-11 01:52 49152 ----a-w- c:\program files\Hp\HP Software Update\hpwuSchd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2008-04-22 06:11 141848 ----a-w- c:\windows\System32\igfxtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2011-01-25 20:08 421160 ----a-w- c:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn GUI]
2010-01-27 16:22 63048 ----a-w- c:\program files\LogMeIn\x86\LogMeInSystray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OEM02Mon.exe]
2007-12-03 05:58 36864 ----a-w- c:\windows\OEM02Mon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCMService]
2007-12-21 16:58 184320 ----a-w- c:\program files\Dell\MediaDirect\PCMService.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
2008-04-22 06:11 133656 ----a-w- c:\windows\System32\igfxpers.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PSQLLauncher]
2007-04-17 04:50 49168 ----a-w- c:\program files\Fingerprint Reader Suite\launcher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-29 22:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
2009-04-11 06:28 1233920 ----a-w- c:\program files\Windows Sidebar\sidebar.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
2007-05-10 07:00 857648 ----a-w- c:\program files\Synaptics\SynTP\SynTPEnh.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001

R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\AVG\AVG10\Toolbar\ToolbarBroker.exe [x]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [x]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [x]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\AVGIDSShim.Sys [x]
R3 PCDSRVC{E9D79540-57D5953E-06020101}_0;PCDSRVC{E9D79540-57D5953E-06020101}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\dell support center\pcdsrvc.pkms [2010-11-18 21744]
R3 utm0mjuw;AVZ Kernel Driver;c:\windows\system32\Drivers\utm0mjuw.sys [2011-02-11 7168]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam.sys [2008-05-06 11520]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-09-09 691696]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2010-02-17 12872]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2010-05-10 67656]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\aestsrv.exe [2008-01-02 73728]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\LogMeIn\x86\LMIGuardianSvc.exe [2010-12-08 374152]
S2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\LogMeIn\x86\RaInfo.sys [2010-01-27 12856]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60x.sys [2007-05-24 179712]
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI Service;c:\windows\system32\drivers\IntcHdmi.sys [2008-04-22 111616]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder

2011-02-10 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\program files\Dell Support Center\uaclauncher.exe [2010-11-18 15:13]

2011-02-14 c:\windows\Tasks\SystemToolsDailyTest.job
- c:\program files\Dell Support Center\pcdrcui.exe [2010-11-18 15:13]

2011-02-14 c:\windows\Tasks\User_Feed_Synchronization-{E25AF0CE-209A-4671-829D-9113D775E90A}.job
- c:\windows\system32\msfeedssync.exe [2011-02-11 04:47]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com/
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} -
FF - ProfilePath - c:\users\Linda\AppData\Roaming\Mozilla\Firefox\Profiles\4ib0vqk6.default\
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
.
- - - - ORPHANS REMOVED - - - -

HKCU-Run-DellSupportCenter - c:\program files\Dell Support Center\bin\sprtcmd.exe
HKLM-Run-%PROVIDERID% - bin\sprtcmd.exe
HKLM-Run-DellSupportCenter - c:\program files\Dell Support Center\bin\sprtcmd.exe
MSConfigStartUp-AdVantage - c:\users\Linda\AppData\Roaming\advantage\AdVantage.exe
MSConfigStartUp-AkmVwFwGWSnRsE - c:\programdata\AkmVwFwGWSnRsE.exe
MSConfigStartUp-b7mBXDCwNdE - c:\programdata\b7mBXDCwNdE.exe
MSConfigStartUp-MskAgentexe - c:\program files\McAfee\MSK\MskAgent.exe
MSConfigStartUp-SigmatelSysTrayApp - %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe
AddRemove-advantage_DAEM - c:\users\Linda\AppData\Roaming\advantage\AdVUninst.exe



**************************************************************************
scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files:

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\PCDSRVC{E9D79540-57D5953E-06020101}_0]
"ImagePath"="\??\c:\program files\dell support center\pcdsrvc.pkms"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'Explorer.exe'(3536)
c:\program files\Fingerprint Reader Suite\farchns.dll
c:\program files\Fingerprint Reader Suite\infra.dll
c:\windows\system32\btncopy.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Fingerprint Reader Suite\upeksvr.exe
c:\windows\system32\WLANExt.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Intel\Wireless\Bin\EvtEng.exe
c:\program files\LogMeIn\x86\RaMaint.exe
c:\program files\LogMeIn\x86\LogMeIn.exe
c:\program files\Intel\Wireless\Bin\RegSrvc.exe
c:\windows\system32\STacSV.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\WUDFHost.exe
c:\\?\c:\windows\system32\wbem\WMIADAP.EXE
c:\program files\Windows Media Player\wmpnscfg.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Completion time: 2011-02-14 01:02:19 - machine was rebooted
ComboFix-quarantined-files.txt 2011-02-14 06:02

Pre-Run: 17,333,583,872 bytes free
Post-Run: 16,971,485,184 bytes free

- - End Of File - - 60225248F246F3A14FC50C0DFBA8A0DA
 
Update

I have just verified that my redirect problem is resolved. In addition, the one Windows update that kept failing has now installed correctly. I assume the two problems were interrelated. Is it safe to reinstall my antivirus now? Currently I am running Superantispyware on start up. Do you recommend I keep that? Also, I have both AVG and Malwarebytes. Do you have a preference for one over the other? If I install one of these, will it have the spyware checking that Superantispyware has? Will the two conflict with each other?

Thanks for your help!!!
 
Yes, please put the AV back on the system. We're not through quite yet. When we are finished, I'll leave you some tips for added security. I'll be back later this afternoon to check the logs.

You can go ahead and Run Eset NOD32 Online AntiVirus scan HEREhttp://www.eset.eu/online-scanner
  1. Tick the box next to YES, I accept the Terms of Use.
  2. Click Start
  3. When asked, allow the Active X control to install
  4. Disable your current Antivirus software. You can usually do this with its Notification Tray icon near the clock.
  5. Click Start
  6. Make sure that the option "Remove found threats" is Unchecked, and the option "Scan unwanted applications" is checked
  7. Click Scan
  8. Wait for the scan to finish
  9. Click on "Copy to Clipboard"> (you won't see the 'clipboard)
  10. Click anywhere in the post where you want the logs to go, the do Ctrl V. The log will be sent from the clipboard and pasted in the post.
  11. Re-enable your Antivirus software.
    NOTE: If you forget to copy to the clipboard, you can find the log here:
    C:\Program Files\EsetOnlineScanner\log.txt. Please include this on your post.
 
ESET log

Here's my log. Please let me know the next steps. Thanks for your help!

C:\Program Files\advantage\AdVUninst.exe a variant of Win32/Adware.Vomba.AA application
C:\Qoobox\Quarantine\C\Users\Linda\AppData\Roaming\advantage\AdVUninst.exe.vir a variant of Win32/Adware.Vomba.AA application
 
Been out of town all day- catching up now!

Please download OTMovit by Old Timer and save to your desktop.
  • Double-click OTMoveIt3.exe to run it. (Vista users, please right click on OTMoveit3.exe and select "Run as an Administrator")
  • Copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy)
    Code: 
    :Files  
C:\Program Files\advantage\AdVUninst.exe
:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]
  • Return to OTMoveIt3, right click in the "Paste Instructions for Items to be Moved" window and choose Paste.
  • Click the red Moveit! button.
  • A log of files and folders moved will be created in the c:\_OTMoveIt\MovedFiles folder in the form of Date and Time (mmddyyyy_hhmmss.log). Please open this log in Notepad and post its contents in your next reply.
  • Close OTMoveIt3
If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.
=====================================
Both of the following antivirus programs are free and known to be good: (use only one)
Avira Free
Avast Home

Please reboot the system after the installation is complete.
Once the programs is installed, you should check for updates immediately.
 
Latest

Here's the requested log. Please let me know the next steps.

All processes killed
========== FILES ==========
C:\Program Files\advantage\AdVUninst.exe moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Linda
->Temp folder emptied: 394595 bytes
->Temporary Internet Files folder emptied: 71738183 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 44836437 bytes
->Flash cache emptied: 743 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 35581 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 35252 bytes
%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 741 bytes
RecycleBin emptied: 6138689 bytes

Total Files Cleaned = 117.00 mb


OTM by OldTimer - Version 3.1.17.2 log created on 02182011_110221

Files moved on Reboot...

Registry entries deleted on Reboot...
 
Please run this Custom CFScript:

  • [1]. Close any open browsers.
    [2]. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
    [3]. Open notepad> click on Format> Uncheck 'Word Wrap'> and copy/paste the text in the code below into it:Be sure to scroll down to include ALL lines.
Code: 
File::
Folder::
c:\progra~2\Kaspersky Lab
c:\progra~2\PCDr
c:\users\linda\appdata\roaming\PCDr
c:\program files\common files\supportsoft
c:\programdata\SupportSoft
DDS::
EB: {D367A4AF-8202-4173-A115-9831108F1E0A} - No File
mRun: [%PROVIDERID%] "bin\sprtcmd.exe" /P %PROVIDERID%???
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} - c:\progra~1\java\jre16~1.0_0\bin\ssv.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab

Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=-
Save this as CFScript.txt, in the same location as ComboFix.exe
CFScriptB-4.gif


Referring to the picture above, drag CFScript into ComboFix.exe

When finished, it will produce a log for you at C:\ComboFix.txt . No log needed unless there is a problem.
====================
If there are no more malware-related problems, after you run the above, go on to this:
Removing all of the tools we used and the files and folders they created
  • Uninstall ComboFix and all Backups of the files it deleted
  • Click START> then RUN
  • Now type Combofix /Uninstall in the runbox and click OK. Note the space between the X and the U, it needs to be there.
    CF_Uninstall-1.jpg
  • Download OTCleanIt by OldTimer and save it to your Desktop.
  • Double click OTCleanIt.exe.
  • Click the CleanUp! button.
  • If you are prompted to Reboot during the cleanup, select Yes.
  • The tool will delete itself once it finishes.

Note: If you receive a warning from your firewall or other security programs regarding OTC attempting to contact the internet, please allow it to do so.
  • You should now set a new Restore Point and remove the old restore points to prevent infection from any previous Restore Points.
  • Go to Start > All Programs > Accessories > System Tools
  • Click "System Restore".
  • Choose "Create a Restore Point" on the first screen then click "Next".
  • Give the Restore Point a name> click "Create".
  • Go back and follow the path to > System Tools.
    [*]Choose Disc Cleanup
    [*]Click "OK" to select the partition or drive you want.
    [*]Click the "More Options" Tab.
    [*]Click "Clean Up" in the System Restore section to remove all previous Restore Points except the newly created one.


Empty the Recycle Bin
Let me know if you have any more questions.
 
1. Copy text from script in codebox and paste into Notepad..
2. Save as CFScript.txt in same location as ComboFix.exe (s/b desktop)
3. Drag CFScript into Combofix.exe> this will launch a new scan.
4. Scan produces a new log at C:\ComboFix.txt

Hopefully you didn't go head with the Combofix uninstall yet. Please try the above again and make sure you are working with the correct file extensions.
 
It is run manually from within Combofix after you drag the script in! The error you are getting indicates you are double-clicking on the setup file on the desktop to install the program, but the script isn't there.

Did you do the Combofix uninstall?
 
BTW, this is what I have copied into CFScript.txt(wordwrap off). It looks like it is blowing up on the mrun statement. Are the question marks at the end of that line correct?

File::
Folder::
c:\progra~2\Kaspersky Lab
c:\progra~2\PCDr
c:\users\linda\appdata\roaming\PCDr
c:\program files\common files\supportsoft
c:\programdata\SupportSoft
DDS::
EB: {D367A4AF-8202-4173-A115-9831108F1E0A} - No File
mRun: [%PROVIDERID%] "bin\sprtcmd.exe" /P %PROVIDERID%???
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} - c:\progra~1\java\jre16~1.0_0\bin\ssv.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab

Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=-
 
I did copy exactly what was in the codebox. Your codebox had 18 lines and my script has 18 lines(includes one blank line). If the codebox is not showing all that it should, can you please repost it in the body of the document? Thanks!
 
It looks like it is blowing up on the mrun statement.
Click to expand...

The entry is correct. It is from the DDS log. Registry entries have already been removed. What do you mean "blowing up?"

Are we still discussing the fact that you have not been able to run the script yet? Those entries need to be removed. I took you through the steps for the script to make sure you were handling the correct file extension. It was meant to help, not to irritate.
 
I still get the error when I drag the .txt file onto the .exe. Since this is not my laptop, I need to return it to its owner, however, I want to run this issue all the way to completion before giving it back. Your help has been great. Please let me know the next steps.
 
Status
Not open for further replies.

Similar threads

D
Google Chrome gets real-time phishing and malware protection with upgraded Safe Browsing...
Replies
7
Views
249
Evrsr
E
Daniel Sims
Thousands of websites infected to redirect users in Google Ads view-pumping scam
Replies
5
Views
633
Feng Lengshun
F
D
Google Fiber launches super-fast 20Gbps internet service for $250 per month
Replies
9
Views
282
drjekelmrhyde
drjekelmrhyde

Latest posts

Back