I can NOT install any antivirus applications nor open any antivirus websites, and the system sometimes restarts by itself.

Also, my desktop has changed to "Active Desktop Recovery" and I can not change it to its original one through the control panel that is giving me a "rundll32.exe" error continuesly.

I hope to help me and solve these problems, thanks.



.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_31
Run by dell at 15:24:22 on 2012-08-22
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2012.926 [GMT 3:00]
.
FW: AVG Firewall *Disabled*
.
============== Running Processes ===============
.
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVG\AVG2012\avgwdsvc.exe
C:\Program Files\D-Link\DWA-121 revA\ANIWConnService.exe
C:\WINDOWS\system32\svchost.exe -k hpdevmgmt
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\AVG\AVG2012\avgemcx.exe
C:\Program Files\Intel\AMT\LMS.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\Documents and Settings\dell\Local Settings\Application Data\NVIDIA Corporation\Update\daemonupd.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\Installer\{0CBE5BBE-71D8-8699-879A-555067763DE9}\syshost.exe
C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe
C:\WINDOWS\system32\UTSCSI.EXE
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.0.2\ToolbarUpdater.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Linksys\Compact Wireless-G USB Adapter Wireless Network Monitor\WLService.exe
C:\Program Files\Linksys\Compact Wireless-G USB Adapter Wireless Network Monitor\WUSB54GC.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Cyberlink\Shared files\brs.exe
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\Program Files\AVG Secure Search\vprot.exe
C:\Documents and Settings\dell\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\arus.exe
C:\WINDOWS\system32\drivers\svchost.exe
C:\WINDOWS\system32\arus.exe
C:\WINDOWS\TEMP\VRT13.tmp
C:\Program Files\AVG\AVG2012\avgui.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Documents and Settings\dell\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Documents and Settings\dell\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Documents and Settings\dell\Local Settings\Application Data\Google\Update\Install\{1021FF4C-A61B-4A11-AC35-A94DDD8CEF8D}\21.0.1180.83_21.0.1180.79_chrome_updater.exe
C:\DOCUME~1\dell\LOCALS~1\Temp\CR_CFCA0.tmp\setup.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.alnaddy.com/?afltid=sfto
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
mDefault_Page_URL = hxxp://www.yahoo.com/?ilc=8
mStart Page = hxxp://home.sweetim.com/?crg=3.1010000.10011&barid={87EE803E-E388-11E1-9864-B8AC6F3EA71D}
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
mSearchAssistant = hxxp://www.google.com/ie
uURLSearchHooks: YTNavAssistPlugin Class: {81017ea9-9aa8-4a6a-9734-7af40e7d593f} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
uURLSearchHooks: Download Energy Toolbar: {ad708c09-d51b-45b3-9d28-4eba2681febf} - c:\program files\download_energy\prxtbDow0.dll
uURLSearchHooks: BrotherSoft Extreme3 Toolbar: {62d40876-df18-411f-9d34-a9dd7a197bc5} - c:\program files\brothersoft_extreme3\prxtbBro0.dll
mURLSearchHooks: YTNavAssistPlugin Class: {81017ea9-9aa8-4a6a-9734-7af40e7d593f} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: AVG Do Not Track: {31332eef-cb9f-458f-afeb-d30e9a66b6ba} - c:\program files\avg\avg2012\avgdtiex.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg2012\avgssie.dll
BHO: Alnaddy.com Helper Object: {55928dd2-8878-4275-aab3-b3a09a67a1eb} - c:\program files\alnaddy.com\alnaddytoolbar\1.6.4.5\bh\alnaddyToolbar.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: BrotherSoft Extreme3 Toolbar: {62d40876-df18-411f-9d34-a9dd7a197bc5} - c:\program files\brothersoft_extreme3\prxtbBro0.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: AppGraffiti: {6f6a5334-78e9-4d9b-8182-8b41ea8c39ef} - c:\progra~1\appgra~1\APPGRA~1.DLL
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~2\office12\GRA8E1~1.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - c:\program files\avg secure search\11.0.0.10\AVG Secure Search_toolbar.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Download Energy Toolbar: {ad708c09-d51b-45b3-9d28-4eba2681febf} - c:\program files\download_energy\prxtbDow0.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.7227.1100\swg.dll
BHO: {BA0454C5-FD30-428E-8DB9-3FF87A612F64} - No File
BHO: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\msn toolbar\platform\5.0.1449.0\npwinext.dll
BHO: Inbox Toolbar: {d3d233d5-9f6d-436c-b6c7-e63f77503b30} - c:\progra~1\inboxt~1\Inbox.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: VideoFileDownload: {e78a5c92-6a2b-4369-ab14-0ed3b2b18584} - c:\program files\oapps\bho_project.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
TB: @c:\program files\msn toolbar\platform\5.0.1449.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - c:\program files\msn toolbar\platform\5.0.1449.0\npwinext.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
TB: Download Energy Toolbar: {ad708c09-d51b-45b3-9d28-4eba2681febf} - c:\program files\download_energy\prxtbDow0.dll
TB: &Inbox Toolbar: {d7e97865-918f-41e4-9cd0-25ab1c574ce8} - c:\progra~1\inboxt~1\Inbox.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: BrotherSoft Extreme3 Toolbar: {62d40876-df18-411f-9d34-a9dd7a197bc5} - c:\program files\brothersoft_extreme3\prxtbBro0.dll
TB: Alnaddy.com Toolbar: {cd3aed25-23ab-4543-b915-159449c37197} - c:\program files\alnaddy.com\alnaddytoolbar\1.6.4.5\alnaddyToolbarTlbr.dll
TB: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - c:\program files\avg secure search\11.0.0.10\AVG Secure Search_toolbar.dll
{e7df6bff-55a5-4eb7-a673-4ed3e9456d39}
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
uRun: [Ydlaugr] "c:\documents and settings\dell\application data\orpau\fydur.exe"
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Yahoo! Pager] "c:\program files\yahoo!\messenger\YahooMessenger.exe" -quiet
uRun: [VoipStunt] "c:\program files\voipstunt.com\voipstunt\VoipStunt.exe" -nosplash -minimized
uRun: [uTorrent] "c:\program files\utorrent\uTorrent.exe" /MINIMIZED
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [PC Suite Tray] "c:\program files\nokia\nokia pc suite 7\PCSuite.exe" -onlytray
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [Messenger (Yahoo!)] "c:\progra~1\yahoo!\messen~1\YahooMessenger.exe" -quiet
uRun: [Google Update] "c:\documents and settings\dell\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [FreeCall] "c:\program files\freecall.com\freecall\FreeCall.exe" -nosplash -minimized
uRun: [cdoosoft] c:\docume~1\dell\locals~1\temp\herss.exe
uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\ahead\lib\NMBgMonitor.exe"
uRun: [Beabuff] "c:\documents and settings\dell\application data\ogomci\dyozn.exe"
uRun: [HKCU] c:\windows\install\server.exe
mRun: [xMain] c:\windows\system32\xlaunch.exe
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
mRun: [SwitchBoard] c:\program files\common files\adobe\switchboard\SwitchBoard.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [SonyAgent] c:\windows\temp\temp70.exe
mRun: [Seagate Dashboard] c:\program files\seagate\seagate dashboard\MemeoLauncher.exe --silent --no_ui
mRun: [RemoteControl9] "c:\program files\cyberlink\powerdvd9\PDVD9Serv.exe"
mRun: [picon] "c:\program files\common files\intel\privacy icon\PrivacyIconClient.exe" -startup
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [PDVD9LanguageShortcut] "c:\program files\cyberlink\powerdvd9\language\Language.exe"
mRun: [NeroFilterCheck] c:\program files\common files\ahead\lib\NeroCheck.exe
mRun: [Microsoft Default Manager] "c:\program files\microsoft\search enhancement pack\default manager\DefMgr.exe" -resume
mRun: [Memeo Instant Backup] c:\program files\memeo\autobackup\MemeoLauncher2.exe --silent --no_ui
mRun: [Memeo AutoSync] c:\program files\memeo\autosync\MemeoLauncher2.exe --silent
mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [DownloadAccelerator] "c:\program files\dap\DAP.EXE" /STARTUP
mRun: [D-Link DWA-121 WZCSLDR2] c:\program files\d-link\dwa-121 reva\WZCSLDR2.exe
mRun: [D-Link D-Link DWA-121] c:\program files\d-link\dwa-121 reva\AirNCFG.exe
mRun: [Bing Bar] "c:\program files\msn toolbar\platform\5.0.1449.0\mswinext.exe"
mRun: [BDRegion] c:\program files\cyberlink\shared files\brs.exe
mRun: [autodetect] c:\windows\system32\supportappxl\AutoDect.exe
mRun: [Alfa Autorun Killer 3] c:\program files\alfa programs\alfa autorun killer 3.0\Alfa Autorun Killer 3.exe /A
mRun: [AGRSMMSG] AGRSMMSG.exe
mRun: [AdobeCS5ServiceManager] "c:\program files\common files\adobe\cs5servicemanager\CS5ServiceManager.exe" -launchedbylogin
mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [HKLM] c:\windows\install\server.exe
mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe"
mRun: [vProt] "c:\program files\avg secure search\vprot.exe"
mRun: [yblxrhoj] c:\windows\system32\yblxrhoj.exe
mRun: [smwcore] c:\windows\system32\arus.exe
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
dRun: [yblxrhoj] c:\documents and settings\dell\yblxrhoj.exe
dRun: [Google Update] c:\documents and settings\dell\local settings\application data\google\update\gupdate.exe /app 60FE69A7AFB726836EBCED27D1B8EA7A
dRun: [Windows Time] rundll32.exe "c:\documents and settings\all users\application data\OvnixsekGamh.dll",EntryPoint
mExplorerRun: [Policies] c:\windows\install\server.exe
mExplorerRun: [23473] c:\docume~1\alluse~1\locals~1\temp\msoyazc.bat
StartupFolder: c:\docume~1\dell\startm~1\programs\startup\winupd~1.lnk - c:\documents and settings\dell\local settings\application data\microsoft\windows\winupdate.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 0 (0x0)
mPolicies-system: EnableLUA = 0 (0x0)
IE: &Clean Traces - c:\program files\dap\privacy package\dapcleanerie.htm
IE: &Download with &DAP - c:\program files\dap\dapextie.htm
IE: &Search - http://tbedits.mywebsearch.com/one-toolbaredits/menusearch.jhtml?s=100000349&p=ZNxpt809YYKW&si=162600726&a=WedR87lL_IDh1R.Pb6iuNA&n=2012061404
IE: Download &all with DAP - c:\program files\dap\dapextie2.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - c:\program files\avg\avg2012\avgdtiex.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} - hxxps://secure.logmein.com/activex/ractrl.cab?lmi=100
TCP: DhcpNameServer = 195.226.228.72 195.226.228.74
TCP: Interfaces\{80E24CEE-9268-4AA5-BEFF-4D05416D728C} : DhcpNameServer = 195.226.228.72 195.226.228.74
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\progra~1\micros~2\office12\GR99D3~1.DLL
Handler: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - c:\progra~1\inboxt~1\Inbox.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\11.0.2\ViProtocol.dll
Name-Space Handler: ftp\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\progra~1\dap\dapie.dll
Name-Space Handler: http\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\progra~1\dap\dapie.dll
Notify: igfxcui - igfxdev.dll
AppInit_DLLs: c:\progra~1\google\google~1\GOEC62~1.DLL
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~2\office12\GRA8E1~1.DLL
SecurityProviders: msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, OvnixsekGamh.dll
LSA: Authentication Packages = msv1_0 nwprovau
LSA: Notification Packages = ae08pu.dll 2fon.dll 2ymi.dll 28eaqc.dll a18dj8rg.dll aluple.dll 2y.dll arus.dll 2s6yx4.dll scecli
mASetup: {177I5DKJ-LLVJ-S8NK-T0D5-UM4NX5AAO40T} - c:\windows\system32\install\server.exe
mASetup: {5460C4DF-B266-909E-CB58-E32B79832EB2} - c:\windows\system32\installdir\Faceb2.exe restart
mASetup: {C22884E4-2933-29CB-F225-D633B6F3AF9E} - c:\windows\system32\24-5\Server.exe s
IFEO: AlphaAV - svchost.exe
IFEO: apimonitor.exe - svchost.exe
IFEO: aplica32.exe - svchost.exe
IFEO: ashSkPck.exe - svchost.exe
IFEO: aswRunDll.exe - svchost.exe
.
Note: multiple IFEO entries found. Please refer to Attach.txt
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\dell\application data\mozilla\firefox\profiles\3ocbtuvs.default\
FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7B2777a7ed-62f1-49ed-a460-4730e1e4704d%7D&mid=6b7c244807db47d1b54169e529da4eee-d70b096804b35950f1b758b014d7e692b76ad9b5&ds=AVG&v=11.0.0.10&lang=en&pr=fr&d=2012-08-17%2015%3A58%3A46&sap=ku&q=
FF - component: c:\program files\avg\avg2012\firefox4\components\avgssff4.dll
FF - component: c:\program files\avg\avg2012\firefox4\components\avgssff5.dll
FF - component: c:\program files\avg\avg2012\firefox4\components\avgssff6.dll
FF - component: c:\program files\avg\avg2012\firefox4\components\avgssff7.dll
FF - component: c:\program files\avg\avg2012\firefox4\components\avgssff8.dll
FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll
FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: c:\documents and settings\dell\application data\mozilla\firefox\profiles\3ocbtuvs.default\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}\plugins\np-mswmp.dll
FF - plugin: c:\documents and settings\dell\application data\mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\documents and settings\dell\application data\mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: c:\documents and settings\dell\local settings\application data\google\update\1.3.21.115\npGoogleUpdate3.dll
FF - plugin: c:\documents and settings\dell\local settings\application data\yahoo!\browserplus\2.9.8\plugins\npybrowserplus_2.9.8.dll
FF - plugin: c:\program files\common files\avg secure search\sitesafetyinstaller\11.0.2\npsitesafety.dll
FF - plugin: c:\program files\google\update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.115\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\3.0.40818.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\nprpplugin.dll
FF - plugin: c:\program files\msn toolbar\platform\5.0.1449.0\npwinext.dll
FF - plugin: c:\program files\real\realplayer\netscape6\nprpplugin.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_3_300_270.dll
.
---- FIREFOX POLICIES ----
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
.
============= SERVICES / DRIVERS ===============
.
R2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2010/04/25 19:17:58];c:\program files\cyberlink\powerdvd9\000.fcl [2009-2-28 87536]
R2 ANPD;ANPD Service;c:\windows\system32\ANPD.SYS [2011-5-21 29411]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2012-2-14 193288]
R2 D_Link_DWA-121_WPS;D_Link_DWA-121_WPS Service;c:\program files\d-link\dwa-121 reva\ANIWConnService.exe [2011-5-21 81920]
R2 MemeoBackgroundService;MemeoBackgroundService;c:\program files\memeo\autobackup\MemeoBackgroundService.exe [2011-5-5 25824]
R2 NvUpdService;NVIDIA Update Service;c:\documents and settings\dell\local settings\application data\nvidia corporation\update\daemonupd.exe [2012-8-15 78336]
R2 SeagateDashboardService;Seagate Dashboard Service;c:\program files\seagate\seagate dashboard\SeagateDashboardService.exe [2011-6-1 14088]
R2 System Information N321;System Information N321;c:\windows\system32\drivers\svchost.exe [2012-8-22 221696]
R2 UNS;Intel(R) Active Management Technology User Notification Service;c:\program files\common files\intel\privacy icon\uns\UNS.exe [2009-10-7 2116120]
R2 vToolbarUpdater11.0.2;vToolbarUpdater11.0.2;c:\program files\common files\avg secure search\vtoolbarupdater\11.0.2\ToolbarUpdater.exe [2012-8-17 934496]
R3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\drivers\e1k5132.sys [2009-10-7 144480]
R3 pfwdevice;pfwdevice;c:\windows\system32\drivers\pfwdevice.sys [2012-6-13 331072]
RUnknown syshost32;syshost32; [x]
S0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-4-19 24896]
S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2012-1-31 31952]
S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2012-2-22 235216]
S1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-12-23 41040]
S1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2012-3-19 301248]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2012\avgidsagent.exe [2012-7-4 5160568]
S2 D_Link_DWA-121;D_Link_DWA-121 Service;c:\program files\d-link\dwa-121 reva\ANIWZCSdS.exe [2011-5-21 217088]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2012-5-15 197616]
S2 ifnhoqmt;Support Manager;c:\windows\system32\svchost.exe -k netsvcs [2004-8-4 41472]
S2 MSIconfig;Windows Installer Manager;c:\windows\system32\msiexec64.exe [2012-8-16 40448]
S2 vygzhf;Security Task;c:\windows\system32\svchost.exe -k netsvcs [2004-8-4 41472]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-9 250056]
S3 aic32p;aic32p;\??\c:\windows\system32\drivers\opqihj.sys --> c:\windows\system32\drivers\opqihj.sys [?]
S3 anpxd;anpxd;\??\c:\windows\system32\05.tmp --> c:\windows\system32\05.tmp [?]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2011-12-23 139856]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\avgidsfilterx.sys [2011-12-23 24144]
S3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2011-12-23 17232]
S3 bslnw;bslnw;\??\c:\windows\system32\05.tmp --> c:\windows\system32\05.tmp [?]
S3 dezpehl;dezpehl;\??\c:\windows\system32\05.tmp --> c:\windows\system32\05.tmp [?]
S3 DRTL8192cu;D-Link DWA Wireless N USB Adapter;c:\windows\system32\drivers\RTL8192cu.sys [2011-5-21 894696]
S3 ekxxevboz;ekxxevboz;\??\c:\windows\system32\05.tmp --> c:\windows\system32\05.tmp [?]
S3 ertmyo;ertmyo;\??\c:\windows\system32\05.tmp --> c:\windows\system32\05.tmp [?]
S3 esxyl;esxyl;\??\c:\windows\system32\05.tmp --> c:\windows\system32\05.tmp [?]
S3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\drivers\ewusbnet.sys [2011-9-22 100992]
S3 GoogleDesktopManager-060409-093314;Google Desktop Manager 5.9.906.4286;c:\program files\google\google desktop search\GoogleDesktop.exe [2009-10-7 91632]
S3 hawmnpvbe;hawmnpvbe;\??\c:\windows\system32\05.tmp --> c:\windows\system32\05.tmp [?]
S3 hpmvvlzmz;hpmvvlzmz;\??\c:\windows\system32\05.tmp --> c:\windows\system32\05.tmp [?]
S3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\drivers\ewusbdev.sys [2011-9-22 100992]
S3 larxm;larxm;\??\c:\windows\system32\05.tmp --> c:\windows\system32\05.tmp [?]
S3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [2010-11-3 9728]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-4-25 113120]
S3 myjkplub;myjkplub;\??\c:\windows\system32\05.tmp --> c:\windows\system32\05.tmp [?]
S3 NPF;WinPcap Packet Driver (NPF);c:\windows\system32\drivers\npf.sys [2012-8-17 50704]
S3 rbvhuyfa;rbvhuyfa;\??\c:\windows\system32\05.tmp --> c:\windows\system32\05.tmp [?]
S3 rdusmxbuj;rdusmxbuj;\??\c:\windows\system32\05.tmp --> c:\windows\system32\05.tmp [?]
S3 rzhjg;rzhjg;\??\c:\windows\system32\05.tmp --> c:\windows\system32\05.tmp [?]
S3 SwitchBoard;SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 656360]
S3 vkacbt;vkacbt;\??\c:\windows\system32\05.tmp --> c:\windows\system32\05.tmp [?]
S3 vmdganygp;vmdganygp;\??\c:\windows\system32\05.tmp --> c:\windows\system32\05.tmp [?]
S3 vqtmwy;vqtmwy;\??\c:\windows\system32\05.tmp --> c:\windows\system32\05.tmp [?]
S3 yycmdz;yycmdz;\??\c:\windows\system32\05.tmp --> c:\windows\system32\05.tmp [?]
S3 zkwhrc;zkwhrc;\??\c:\windows\system32\05.tmp --> c:\windows\system32\05.tmp [?]
.
=============== Created Last 30 ================
.
2012-08-22 12:17:02 7371 ----a-w- c:\windows\system32\adsnds.exe
2012-08-22 12:15:35 292864 ----a-w- c:\windows\system32\arus.exe
2012-08-22 12:15:35 221696 --sha-w- c:\windows\system32\drivers\svchost.exe
2012-08-18 06:43:25 79920 --sh--w- c:\windows\system32\ae08pu.dll
2012-08-17 13:20:16 -------- d-----w- c:\windows\system32\cache
2012-08-17 12:59:42 -------- d-----w- c:\documents and settings\dell\local settings\application data\AVG Secure Search
2012-08-17 12:58:52 -------- d-----w- c:\documents and settings\dell\application data\AVG Secure Search
2012-08-17 12:58:45 -------- d-----w- c:\documents and settings\all users\application data\AVG Secure Search
2012-08-17 12:58:30 -------- d-----w- c:\program files\common files\AVG Secure Search
2012-08-17 12:58:25 -------- d-----w- c:\program files\AVG Secure Search
2012-08-17 12:53:32 -------- d--h--w- C:\$AVG
2012-08-17 12:53:32 -------- d-----w- c:\windows\system32\drivers\AVG
2012-08-17 12:11:44 -------- d-----w- c:\documents and settings\dell\application data\SpeedyPC Software
2012-08-17 12:11:35 -------- d-----w- c:\program files\common files\SpeedyPC Software
2012-08-17 12:11:34 -------- d-----w- c:\program files\SpeedyPC Software
2012-08-17 12:11:34 -------- d-----w- c:\documents and settings\all users\application data\SpeedyPC Software
2012-08-17 11:10:00 -------- d-----w- c:\program files\TeaTimer (Spybot - Search & Destroy)
2012-08-17 11:10:00 -------- d-----w- c:\program files\File Scanner Library (Spybot - Search & Destroy)
2012-08-17 11:04:46 -------- d-----w- c:\program files\Spybot - Search & Destroy
2012-08-17 11:04:46 -------- d-----w- c:\documents and settings\all users\application data\Spybot - Search & Destroy
2012-08-17 10:27:57 -------- d-----w- c:\windows\install
2012-08-17 09:41:12 50704 ----a-w- c:\windows\system32\drivers\npf.sys
2012-08-17 09:41:12 281104 ----a-w- c:\windows\system32\wpcap.dll
2012-08-17 09:41:12 100880 ----a-w- c:\windows\system32\Packet.dll
2012-08-17 09:31:08 70528 ----a-w- c:\windows\system32\drivers\f83d7e26529e54ac.sys
2012-08-16 11:24:07 79920 --sh--w- c:\windows\system32\2fon.dll
2012-08-16 11:00:55 323584 ----a-w- c:\windows\system32\ANPDApi.exe
2012-08-16 10:58:43 79920 --sh--w- c:\windows\system32\2ymi.dll
2012-08-16 10:57:05 13824 ----a-w- c:\windows\system32\OvnixsekGamh.dll
2012-08-16 10:57:04 67072 ----a-w- c:\windows\system32\28eaqc.exe
2012-08-16 10:55:59 40448 ----a-w- c:\windows\system32\msiexec64.exe
2012-08-16 10:52:35 79920 --sh--w- c:\windows\system32\28eaqc.dll
2012-08-16 09:40:48 323584 ----a-w- c:\windows\system32\amstream.exe
2012-08-16 07:45:37 323584 ----a-w- c:\windows\system32\admparse.exe
2012-08-16 07:41:51 323584 ----a-w- c:\windows\system32\apcups.exe
2012-08-16 07:07:17 324096 ----a-w- c:\windows\system32\clbcatq.exe
2012-08-15 19:37:46 13824 ----a-w- c:\documents and settings\all users\application data\OvnixsekGamh.dll
2012-08-15 19:35:35 79920 --sh--w- c:\windows\system32\a18dj8rg.dll
2012-08-15 19:21:28 324096 ----a-w- c:\windows\system32\adsldpc.exe
2012-08-15 11:32:24 324096 ----a-w- c:\windows\system32\adsnt.exe
2012-08-15 11:30:10 79920 --sh--w- c:\windows\system32\aluple.dll
2012-08-15 11:12:34 4096 ----a-w- c:\windows\system32\04.tmp
2012-08-15 11:10:42 4096 ----a-w- c:\windows\system32\03.tmp
2012-08-15 11:08:48 4096 ----a-w- c:\windows\system32\02.tmp
2012-08-15 11:07:43 79920 --sh--w- c:\windows\system32\2y.dll
2012-08-15 10:58:30 9232584 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe
2012-08-15 10:55:13 77824 ----a-w- c:\windows\system32\drivers\Cam Looka.exe
2012-08-15 10:53:48 79920 --sh--w- c:\windows\system32\arus.dll
2012-08-15 10:49:45 79920 --sh--w- c:\windows\system32\2s6yx4.dll
2012-08-15 10:49:45 -------- d-----w- c:\documents and settings\dell\local settings\application data\NVIDIA Corporation
2012-08-15 10:49:29 187904 ----a-w- c:\windows\system32\yblxrhoj.exe
2012-08-15 10:49:29 187904 ----a-w- c:\documents and settings\dell\yblxrhoj.exe
2012-08-15 08:34:44 -------- d-----w- c:\documents and settings\dell\application data\Alnaddy.com
2012-08-15 07:04:00 -------- d-----w- c:\documents and settings\all users\application data\AVG2012
2012-08-14 10:17:13 -------- d-----w- c:\program files\Alnaddy.com
2012-08-13 12:03:31 -------- d-----w- c:\documents and settings\dell\application data\PriceGong
2012-08-13 11:59:45 -------- d-----w- c:\documents and settings\all users\AVG Secure Search
2012-08-13 08:32:23 -------- d-----w- c:\program files\RegistryFix8
2012-08-13 08:31:22 -------- d-----w- c:\documents and settings\dell\local settings\application data\BrotherSoft_Extreme3
2012-08-13 08:31:15 -------- d-----w- c:\program files\BrotherSoft_Extreme3
2012-08-13 08:04:32 -------- d-----w- c:\documents and settings\dell\application data\IObit
2012-08-11 12:21:21 4096 ----a-w- c:\windows\system32\01.tmp
2012-08-11 08:40:48 -------- d-----w- c:\program files\Realtek
2012-08-11 08:40:41 1706640 ----a-w- c:\windows\RtlExUpd.dll
2012-08-11 08:40:39 757760 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\iKernel.dll
2012-08-11 08:40:39 69715 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\ctor.dll
2012-08-11 08:40:39 331908 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\setup.dll
2012-08-11 08:40:39 32768 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\DotNetInstaller.exe
2012-08-11 08:40:39 274432 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\iscript.dll
2012-08-11 08:40:39 204800 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\iuser.dll
2012-08-11 08:40:39 200836 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\iGdi.dll
2012-08-11 07:44:58 -------- d-----w- c:\program files\1ClickDownload
2012-08-11 07:42:22 -------- d-----w- c:\program files\TSearch
2012-08-11 07:42:10 -------- d-----w- c:\program files\OpenApp
2012-08-11 07:41:56 -------- d-----w- c:\program files\smartdl
2012-08-11 07:13:00 -------- d-----w- c:\documents and settings\dell\application data\PC Utility Kit
2012-08-11 07:13:00 -------- d-----w- c:\documents and settings\dell\application data\DriverCure
2012-08-11 07:12:53 -------- d-----w- c:\program files\PC Utility Kit
2012-08-11 07:12:53 -------- d-----w- c:\program files\common files\PC Utility Kit
2012-08-11 07:12:53 -------- d-----w- c:\documents and settings\all users\application data\PC Utility Kit
2012-08-09 08:26:23 -------- d-----w- c:\program files\VoipStunt.com
2012-08-07 22:10:28 338361 ----a-w- C:\torrent.exe
2012-08-05 07:07:40 -------- d-----w- c:\documents and settings\dell\application data\Ogomci
2012-08-05 07:07:40 -------- d-----w- c:\documents and settings\dell\application data\Lutamu
2012-08-05 07:07:40 -------- d-----w- c:\documents and settings\dell\application data\Gyafk
2012-08-05 06:54:56 -------- d-----w- c:\documents and settings\dell\application data\Orpau
2012-08-05 06:54:56 -------- d-----w- c:\documents and settings\dell\application data\Opre
2012-08-05 06:54:56 -------- d-----w- c:\documents and settings\dell\application data\Myxu
.
==================== Find3M ====================
.
2012-08-04 08:58:23 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-08-04 08:58:23 487624 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-07-22 18:29:10 558133 ----a-w- c:\windows\system32\sqlite3.dll
2012-07-18 19:10:02 2892922 ----a-w- c:\windows\system32\xmain.exe
2012-07-18 19:08:10 801264 ----a-w- c:\program files\ChromeSetup.exe
2012-07-16 10:46:34 102912 ----a-w- c:\windows\cadkasdeinst01e.exe
2012-06-14 08:05:30 38320 ----a-w- c:\windows\system32\f3PSSavr.scr
2012-06-07 06:42:35 2905964 ----a-w- c:\windows\system32\xlaunch.exe
.
============= FINISH: 15:25:59.87 ===============

Hi BigBasha, welcome to the forum.

To make cleaning this machine easier
Please do not uninstall/install any programs unless asked to
It is more difficult when files/programs are appearing in/disappearing from the logs.
Please do not run any scans other than those requested
Please follow all instructions in the order posted
All logs/reports, etc.. must be posted in Notepad. Please ensure that word wrap is unchecked. In notepad click format, uncheck word wrap if it is checked.
Do not attach any logs/reports, etc.. unless specifically requested to do so.
If you have problems with or do not understand the instructions, Please ask before continuing.
Please stay with this thread until given the All Clear. A absence of symptoms does not mean a clean machine.


Please read through the instructions to familarize youself with what to expect when the tool runs.

It is vitally important that combofix is renamed before it is even started to download


Please download ComboFix from Link 1 (http://download.bleepingcomputer.com/sUBs/ComboFix.exe)or Link 2 (http://www.infospyware.net/antimalware/combofix/) to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**

If you are using Firefox, make sure that your download settings are as follows:
-Tools->Options->Main tab
-Set to "Always ask me where to Save the files".

During the download, before you save it to your desktop, rename Combofix to jgh.exe


It is important you rename Combofix during the download, but not after.
Please do not rename Combofix to other names, but only to the one indicated.
Close any open browsers.
Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix



-----------------------------------------------------------

Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
Click on this link (http://www.bleepingcomputer.com/forums/topic114351.html) to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.

-----------------------------------------------------------

Double click on ComboFix.exe (jgh.exe in your case) & follow the prompts.

As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.


**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.


http://img.photobucket.com/albums/v706/ried7/RCUpdate1.png

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

http://img.photobucket.com/albums/v706/ried7/RC2-1.png

Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.

Notes:

1.Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser.
3. CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.[/b]

Please post back with
combofix log
How is the computer?

Thanks

ComboFix 12-08-25.04 - Dell 08/25/2012 23:12:43.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.2.1256.965.1033.18.2012.1430 [GMT 3:00]
Running from: c:\documents and settings\Dell\Desktop\jgh.exe
.
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_AIC32P
-------\Service_aic32p
.
.
((((((((((((((((((((((((( Files Created from 2012-07-25 to 2012-08-25 )))))))))))))))))))))))))))))))
.
.
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-14 00:17 . 2012-08-25 19:58 136672 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\DELL\\drivers\\R197547\\setup.exe"=
"c:\\DELL\\drivers\\R197546\\setup.exe"=
"c:\\DELL\\drivers\\R197387\\DxSetup.exe"=
"c:\\WINDOWS\\system32\\wscntfy.exe"=
.
R3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\drivers\e1k5132.sys [8/25/2012 10:53 PM 144480]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [8/25/2012 10:58 PM 113120]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
.
------- Supplementary Scan -------
.
TCP: DhcpNameServer = 195.226.228.72 195.226.228.74
FF - ProfilePath - c:\documents and settings\Dell\Application Data\Mozilla\Firefox\Profiles\imtm48vg.default\
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-08-25 23:15
Windows 5.1.2600 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(904)
c:\windows\system32\browselc.dll
c:\program files\Spybot - Search & Destroy\SDHelper.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\wscntfy.exe
c:\windows\system32\imapi.exe
.
**************************************************************************
.
Completion time: 2012-08-25 23:15:47 - machine was rebooted
ComboFix-quarantined-files.txt 2012-08-25 20:15
.
Pre-Run: 103,685,083,136 bytes free
Post-Run: 103,638,966,272 bytes free
.
- - End Of File - - AEFC3660A83A1ED82EE3AD33DF537032

Hi BigBasha,

How's the computer? Better, the same or worse?

Please rerun DDS and post the log.

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 6.0.2900.2180
Run by Dell at 15:22:41 on 2012-08-26
Microsoft Windows XP Professional 5.1.2600.2.1256.965.1033.18.2012.1472 [GMT 3:00]
.
AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
============== Running Processes ===============
.
C:\PROGRA~1\AVG\AVG2012\avgrsx.exe
C:\Program Files\AVG\AVG2012\avgcsrvx.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\AVG\AVG2012\avgwdsvc.exe
C:\Program Files\AVG\AVG2012\avgidsagent.exe
C:\Program Files\AVG\AVG2012\avgnsx.exe
C:\Program Files\AVG\AVG2012\avgemcx.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
.
============== Pseudo HJT Report ===============
.
BHO: AVG Do Not Track: {31332eef-cb9f-458f-afeb-d30e9a66b6ba} - c:\program files\avg\avg2012\avgdtiex.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy\SDHelper.dll
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe"
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - c:\program files\avg\avg2012\avgdtiex.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
TCP: DhcpNameServer = 195.226.228.72 195.226.228.74
TCP: Interfaces\{51F1DCD2-1DBC-462F-8BD8-314F0DC328EC} : DhcpNameServer = 195.226.228.72 195.226.228.74
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\dell\application data\mozilla\firefox\profiles\imtm48vg.default\
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-4-19 24896]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2012-1-31 31952]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2012-2-22 235216]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-12-23 41040]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2012-3-19 301248]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2012\avgidsagent.exe [2012-7-4 5160568]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2012-2-14 193288]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2011-12-23 139856]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\avgidsfilterx.sys [2011-12-23 24144]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2011-12-23 17232]
R3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\drivers\e1k5132.sys [2012-8-25 144480]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-8-25 113120]
.
=============== Created Last 30 ================
.
2012-08-25 20:29:21 -------- d-----w- c:\documents and settings\dell\application data\AVG2012
2012-08-25 20:28:48 -------- d--h--w- C:\$AVG
2012-08-25 20:28:48 -------- d-----w- c:\windows\system32\drivers\AVG
2012-08-25 20:28:48 -------- d-----w- c:\documents and settings\all users\application data\AVG2012
2012-08-25 20:28:36 -------- d-----w- c:\program files\AVG
2012-08-25 20:21:59 -------- d--h--w- c:\documents and settings\all users\application data\Common Files
2012-08-25 20:21:59 -------- d-----w- c:\documents and settings\all users\application data\MFAData
2012-08-25 20:11:20 98816 ----a-w- c:\windows\sed.exe
2012-08-25 20:11:20 518144 ----a-w- c:\windows\SWREG.exe
2012-08-25 20:11:20 256000 ----a-w- c:\windows\PEV.exe
2012-08-25 20:11:20 208896 ----a-w- c:\windows\MBR.exe
.
==================== Find3M ====================
.
.
============= FINISH: 15:22:55.84 ===============

Hi BigBasha,

I need some feedback from you. The logs only will tell me so much. Before we can continue I need to know what issues you are currently having?

I formatted the PC 3 times and every time I get virus alerts, now it seems fine and no virus alert appears.

Hi BigBasha,

When did you reformar? Before or after we started?

The last format was on 25/8/2012.

I found the virus was still existing on the other partition (D:) and it was infecting the formatted partition (C:) when it was starting.

The virus infected every single (.exe) file on the hard drives (C:) and (D:).

Now every thing is working fine, thank you very much.

Since this issue appears to be resolved ... this Topic has been closed.