hi i have issues with my computer i cant seem to remove win32.fraudload spybot keeps locating it ,say its removed it but it keeps coming back...my computer keeps crashing on the net(debug),very slow,and keep opening windows automatically there may be other items but this is the one that is allways there..., i have backed my system with erunt , and here is my DDS report i hope thats all o.k?, please i am an amature on the computer highway so please be patient with me thanks....Dave.



UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-03-17.01)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 22/10/2009 15:59:00
System Uptime: 16/07/2010 21:55:10 (1 hours ago)

Motherboard: | | RS/RX482SB400
Processor: AMD Athlon(tm) 64 Processor 3200+ | Socket 939 | 1999/200mhz

==== Disk Partitions =========================

A: is Removable
C: is FIXED (NTFS) - 149 GiB total, 114.61 GiB free.
D: is CDROM ()

==== Disabled Device Manager Items =============

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: Video Controller (VGA Compatible)
Device ID: PCI\VEN_1002&DEV_5974&SUBSYS_0A56174B&REV_00\4&1C9EB71F&0&2808
Manufacturer:
Name: Video Controller (VGA Compatible)
PNP Device ID: PCI\VEN_1002&DEV_5974&SUBSYS_0A56174B&REV_00\4&1C9EB71F&0&2808
Service:

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: SM Bus Controller
Device ID: PCI\VEN_1002&DEV_4372&SUBSYS_0A56174B&REV_11\3&61AAA01&0&A0
Manufacturer:
Name: SM Bus Controller
PNP Device ID: PCI\VEN_1002&DEV_4372&SUBSYS_0A56174B&REV_11\3&61AAA01&0&A0
Service:

==== System Restore Points ===================

RP201: 08/06/2010 16:38:06 - Restore Operation
RP202: 09/06/2010 16:45:26 - System Checkpoint
RP203: 09/06/2010 23:21:48 - Restore Operation
RP204: 09/06/2010 23:25:11 - Restore Operation
RP205: 10/06/2010 18:13:03 - Installed Java(TM) 6 Update 20
RP206: 12/06/2010 00:41:12 - System Checkpoint
RP207: 13/06/2010 23:45:59 - System Checkpoint
RP208: 14/06/2010 23:36:04 - Restore Operation
RP209: 16/06/2010 00:12:18 - System Checkpoint
RP210: 17/06/2010 10:12:40 - System Checkpoint
RP211: 18/06/2010 10:17:17 - System Checkpoint
RP212: 19/06/2010 11:08:16 - System Checkpoint
RP213: 20/06/2010 14:07:25 - System Checkpoint
RP214: 20/06/2010 21:56:02 - Restore Operation
RP215: 20/06/2010 22:02:04 - Restore Operation
RP216: 22/06/2010 09:20:41 - System Checkpoint
RP217: 23/06/2010 12:15:16 - System Checkpoint
RP218: 23/06/2010 19:25:29 - Restore Operation
RP219: 23/06/2010 19:31:02 - Restore Operation
RP220: 24/06/2010 19:41:39 - System Checkpoint
RP221: 26/06/2010 11:26:33 - System Checkpoint
RP222: 27/06/2010 14:19:36 - System Checkpoint
RP223: 28/06/2010 15:46:13 - System Checkpoint
RP224: 30/06/2010 15:29:52 - System Checkpoint
RP225: 30/06/2010 19:51:17 - Avira AntiVir Personal - 30/06/2010 19:51
RP226: 30/06/2010 20:04:32 - Removed Microsoft Visual C++ 2005 Redistributable
RP227: 30/06/2010 20:04:51 - Installed AVG Free 9.0
RP228: 01/07/2010 20:39:22 - System Checkpoint
RP229: 02/07/2010 23:05:07 - System Checkpoint
RP230: 03/07/2010 23:28:32 - System Checkpoint
RP231: 04/07/2010 23:39:29 - System Checkpoint
RP232: 06/07/2010 18:35:21 - System Checkpoint
RP233: 07/07/2010 22:20:16 - System Checkpoint
RP234: 08/07/2010 23:33:12 - System Checkpoint
RP235: 09/07/2010 23:42:38 - System Checkpoint
RP236: 11/07/2010 00:43:03 - System Checkpoint
RP237: 12/07/2010 11:25:34 - System Checkpoint
RP238: 13/07/2010 12:05:51 - System Checkpoint
RP239: 14/07/2010 17:26:36 - System Checkpoint
RP240: 15/07/2010 19:31:35 - System Checkpoint

==== Installed Programs ======================

Acrobat.com
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.3.2
ArcSoft PhotoBase 3
ArcSoft PhotoStudio 5
AVG Free 9.0
Canon CanoScan Toolbox 4.0
CanoScan LiDE20,30 Manual
CCleaner (remove only)
ConvertXtoDVD 4.0.9.322
DriverMax 5
EPSON CardMonitor
EPSON PhotoQuicker3.5
EPSON PhotoStarter3.1
EPSON Print CD
EPSON PRINT Image Framer Tool2.1
EPSON Printer Software
ERUNT 1.1j
ESPR300 Software Guide
Jasc Paint Shop Pro 9
Java Auto Updater
Java(TM) 6 Update 20
K-Lite Mega Codec Pack 6.1.0
Malwarebytes' Anti-Malware
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Software Update for Web Folders (English) 12
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Mozilla Firefox (3.6.6)
MSXML 4.0 SP2 Parser and SDK
Nero 6 Ultra Edition
OmniPage SE
PeerBlock 1.0.0 (r181)
PIF DESIGNER2.1
Realtek AC'97 Audio
ScanToWeb
Spybot - Search & Destroy
SpywareBlaster 4.3
Update for Windows XP (KB898461)
VLC media player 1.0.5
WebFldrs XP
Windows Genuine Advantage Validation Tool (KB892130)
Windows Installer 3.1 (KB893803)
WinRAR archiver

==== Event Viewer Messages From Past Week ========

16/07/2010 22:42:23, error: Service Control Manager [7016] - The SmartLinkService service has reported an invalid current state 0.
13/07/2010 22:00:09, error: Ftdisk [49] - Configuring the Page file for crash dump failed. Make sure there is a page file on the boot partition and that is large enough to contain all physical memory.
13/07/2010 22:00:09, error: Ftdisk [45] - The system could not sucessfully load the crash dump driver.

==== End Of File ===========================

:snwelcome:


Please read Before You Post (http://forums.spybot.info/showthread.php?t=288)
While best efforts are made to assist in removing infections safely, unexpected stuff can happen. It is advisable that you back up your important data before starting any clean up procedure. Neither Safer Networking Forums nor the Analyst providing the advice may be held responsible for any loss.

Sorry for the delay but we are very busy, but i am linked to you know.

You did not post the entire DDS log, do it this way please and post the log


Download DDS by sUBs from one of the following links. Save it to your desktop.

DDS.com (http://www.techsupportforum.com/sectools/sUBs/dds)
DDS.scr (http://download.bleepingcomputer.com/sUBs/dds.scr)
DDS.pif (http://www.forospyware.com/sUBs/dds)

Double click on the DDS icon, allow it to run.
A small box will open, with an explaination about the tool. No input is needed, the scan is running.
Notepad will open with the results, click no to the Optional_Scan
Follow the instructions that pop up for posting the results.
Close the program window, and delete the program from your desktop.

Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

hi ken thanks for response, it will not let me post the dds report it keeps losing connection but will go on to other pages???

Can you attach it ? I have no idea whats going on until I see a scan of your system. Look at the bottom of this post for Manage Attachments

it wont even attatch just say page has expired or cannot connect but works on every other page i have the log i know this is not normal but could i email it to you as an attatchment? ,

Hi,

Sorry but for security reasons we do not divulge private information.

Download ComboFix from one of these locations:

Link 1 (http://download.bleepingcomputer.com/sUBs/ComboFix.exe)
Link 2 (http://www.forospyware.com/sUBs/ComboFix.exe)


* IMPORTANT !!! Save ComboFix.exe to your Desktop


Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
See this Link (http://www.bleepingcomputer.com/forums/topic114351.html) for programs that need to be disabled and instruction on how to disable them.
Remember to re-enable them when we're done.


Double click on ComboFix.exe & follow the prompts.


As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.


Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.



http://img.photobucket.com/albums/v706/ried7/RC1.png


Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

http://img.photobucket.com/albums/v706/ried7/RC2-1.png

Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.

*If there is no internet connection when Combofix has completely finished then restart your computer to restore back the connections.

Still with us ?