dken

I've been following your posts for 2 days now and after about 12 hours of frustration and reading through all of your advice to john Q public I think I've gotten rid of my problem! I can't thank you enough!

Results of screen317's Security Check version 0.98.9 Windows XP Service Pack 3 `````````````````````````````` Antivirus/Firewall Check: Windows Firewall Enabled! AVG Free 8.5 `````````````````````````````` Anti-malware/Other Utilities Check: Malwarebytes' Anti-Malware HijackThis 2.0.2 Java Web Start Java 2 Runtime Environment, SE v1.4.2_03 Java 2 Runtime Environment, SE v1.4.1_02 Adobe Flash Player 10 Adobe Reader 7.0.9 Out of date Adobe Reader installed! `````````````````````````````` Process Check: objlist.exe by Laurent AVG avgwdsvc.exe AVG avgtray.exe AVG avgrsx.exe AVG avgnsx.exe AVG avgemc.exe AVG avgemc.exe `````````````````````````````` DNS Vulnerability Check: GREAT! (Not vulnerable to DNS cache poisoning) `````````End of Log```````````

ran the combo fix and here is the log..can someone please take a look and let me know if there is anyhting else I should do? Thank You everyone for all of your posts and help! I think I learned alot ComboFix 09-08-26.05 - Debi 08/26/2009 21:51.1.1 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.510.295 [GMT -4:00] Running from: c:\documents and settings\Debi\Desktop\ComboFix.exe AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\Fonts\WPHV07NB.TTF c:\windows\system32\E95THK16.EXE c:\windows\system32\encapi32.dll Infected copy of c:\windows\system32\imm32.dll was found and disinfected Restored copy from - c:\system volume information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1603\A0157045.dll . ((((((((((((((((((((((((( Files Created from 2009-07-27 to 2009-08-27 ))))))))))))))))))))))))))))))) . 2009-08-27 01:07 . 2009-08-27 01:07 -------- d-----w- c:\documents and settings\All Users\Application Data\F-Secure 2009-08-24 23:36 . 2009-08-24 23:36 -------- d-----w- c:\program files\Enigma Software Group 2009-08-23 23:46 . 2009-08-23 23:46 -------- d-----w- c:\documents and settings\Debi\Application Data\Malwarebytes 2009-08-23 23:45 . 2009-08-03 17:36 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-08-23 23:45 . 2009-08-23 23:45 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2009-08-23 23:45 . 2009-08-03 17:36 19096 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-08-23 23:45 . 2009-08-25 22:01 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-08-19 01:35 . 2009-08-19 01:35 -------- d-----w- c:\documents and settings\Maddison\Application Data\Nikon 2009-08-18 16:42 . 2009-08-18 16:42 -------- d-----w- c:\program files\iPod 2009-08-18 16:42 . 2009-08-18 16:43 -------- d-----w- c:\program files\iTunes 2009-08-18 16:32 . 2009-08-18 16:32 75040 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.2.1.6\SetupAdmin.exe 2009-08-12 12:31 . 2009-07-10 13:27 1315328 ------w- c:\windows\system32\dllcache\msoe.dll 2009-08-05 09:01 . 2009-08-05 09:01 204800 ------w- c:\windows\system32\dllcache\mswebdvd.dll 2009-07-31 20:13 . 2009-08-25 22:03 -------- d-----w- c:\documents and settings\All Users\Application Data\Aventail 2009-07-31 20:13 . 2009-07-31 20:13 -------- d-----w- c:\program files\Aventail Connect . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-08-27 02:35 . 2005-02-02 18:50 -------- d-----w- c:\program files\Greetings Workshop 2009-08-22 00:56 . 2009-05-09 12:25 -------- d-----w- c:\documents and settings\All Users\Application Data\avg8 2009-08-18 16:49 . 2008-12-29 13:30 -------- d-----w- c:\program files\Safari 2009-08-18 16:42 . 2007-12-26 04:20 -------- d-----w- c:\program files\Common Files\Apple 2009-08-07 08:03 . 2005-02-02 22:57 -------- d-----w- c:\program files\PhotoDeluxe 2.0 2009-08-05 09:01 . 2004-08-04 11:00 204800 ----a-w- c:\windows\system32\mswebdvd.dll 2009-07-30 12:53 . 2009-05-09 12:26 335752 ----a-w- c:\windows\system32\drivers\avgldx86.sys 2009-07-17 19:01 . 2004-08-04 11:00 58880 ----a-w- c:\windows\system32\atl.dll 2009-07-14 00:29 . 2008-01-08 00:48 135158 ----a-w- c:\windows\hpwins10.dat 2009-07-13 14:08 . 2004-08-04 11:00 286720 ----a-w- c:\windows\system32\wmpdxm.dll 2009-06-30 13:59 . 2008-01-10 14:43 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys 2009-06-29 16:12 . 2004-08-04 11:00 827392 ----a-w- c:\windows\system32\wininet.dll 2009-06-29 16:12 . 2004-08-04 11:00 78336 ----a-w- c:\windows\system32\ieencode.dll 2009-06-29 16:12 . 2004-08-04 11:00 17408 ----a-w- c:\windows\system32\corpol.dll 2009-06-28 14:40 . 2009-06-12 13:53 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG Security Toolbar 2009-06-16 14:36 . 2004-08-04 11:00 81920 ----a-w- c:\windows\system32\fontsub.dll 2009-06-16 14:36 . 2004-08-04 11:00 119808 ----a-w- c:\windows\system32\t2embed.dll 2009-06-12 21:00 . 2007-08-22 17:53 157664 ----a-w- c:\documents and settings\Maci\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-06-12 12:31 . 2004-08-04 11:00 76288 ----a-w- c:\windows\system32\telnet.exe 2009-06-10 14:13 . 2004-08-04 11:00 84992 ----a-w- c:\windows\system32\avifil32.dll 2009-06-10 13:19 . 2004-08-04 11:00 2066432 ----a-w- c:\windows\system32\mstscax.dll 2009-06-10 06:14 . 2004-08-04 11:00 132096 ----a-w- c:\windows\system32\wkssvc.dll 2009-06-03 19:09 . 2004-08-04 11:00 1291264 ----a-w- c:\windows\system32\quartz.dll 2009-06-02 17:37 . 2009-06-12 14:10 1004800 ----a-w- c:\documents and settings\All Users\Application Data\AVG Security Toolbar\IEToolbar.dll 2009-06-01 00:45 . 2005-01-22 04:01 157664 ----a-w- c:\documents and settings\Debi\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-05-31 16:16 . 2009-04-08 22:45 390664 ----a-w- c:\documents and settings\Mark\Application Data\Real\RealPlayer\Update\RealPlayer11.exe 2009-05-29 17:36 . 2009-03-12 19:27 2060288 ----a-w- c:\windows\system32\usbaaplrc.dll 2009-05-29 17:36 . 2007-12-26 04:21 39424 ----a-w- c:\windows\system32\drivers\usbaapl.sys 2000-09-14 01:38 . 2000-09-14 01:38 584458 ----a-w- c:\program files\maddison's famiy age 4.jpg 2006-10-11 08:04 . 2008-03-30 01:40 61036 ----a-w- c:\program files\mozilla firefox\components\jar50.dll 2006-10-11 08:04 . 2008-03-30 01:40 48742 ----a-w- c:\program files\mozilla firefox\components\jsd3250.dll 2006-10-11 08:05 . 2008-03-30 01:40 29313 ----a-w- c:\program files\mozilla firefox\components\myspell.dll 2006-10-11 08:05 . 2008-03-30 01:40 41082 ----a-w- c:\program files\mozilla firefox\components\spellchk.dll 2006-10-11 08:04 . 2008-03-30 01:40 166510 ----a-w- c:\program files\mozilla firefox\components\xpinstal.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-06-26 1008896] [HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}] 2009-06-26 14:36 1008896 ----a-w- c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-06-26 1008896] [HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-06-26 1008896] [HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "DellSupport"="c:\program files\DellSupport\DSAgnt.exe" [2007-03-15 460784] "MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-09 68856] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2004-10-14 1404928] "SunJavaUpdateSched"="c:\program files\Java\jre1.5.0_11\bin\jusched.exe" [2006-12-15 75520] "IntelMeM"="c:\program files\Intel\Modem Event Monitor\IntelMEM.exe" [2003-09-04 221184] "PCMService"="c:\program files\Dell\Media Experience\PCMService.exe" [2004-04-12 290816] "DVDLauncher"="c:\program files\CyberLink\PowerDVD\DVDLauncher.exe" [2004-10-12 57344] "UpdateManager"="c:\program files\Common Files\Sonic\Update Manager\sgtray.exe" [2004-01-07 110592] "igfxtray"="c:\windows\system32\igfxtray.exe" [2005-09-20 94208] "igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-09-20 77824] "igfxpers"="c:\windows\system32\igfxpers.exe" [2005-09-20 114688] "MSKAGENTEXE"="c:\progra~1\McAfee\SPAMKI~1\MskAgent.exe" [2005-09-26 110592] "mcagent_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2007-08-04 582992] "mxomssmenu"="c:\program files\Maxtor\OneTouch Status\maxmenumgr.exe" [2007-07-13 169264] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-12-11 49152] "Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" [2007-03-09 63712] "NapsterShell"="c:\program files\Napster\napster.exe" [2008-05-29 323216] "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-03-30 185896] "dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2007-11-15 16384] "AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-05-14 177472] "AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-06-12 1948440] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-07-13 292128] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-09 68856] c:\documents and settings\Maci\Start Menu\Programs\Startup\ PowerReg Scheduler.exe [2006-4-8 256000] c:\documents and settings\Debi\Start Menu\Programs\Startup\ Greetings Workshop Reminders.lnk - c:\program files\Greetings Workshop\GWREMIND.EXE [1997-9-4 50688] c:\documents and settings\All Users\Start Menu\Programs\Startup\ Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-23 29696] America Online 9.0 Tray Icon.lnk - c:\program files\America Online 9.0\aoltray.exe [2005-1-17 156784] HotSync Manager.lnk - c:\program files\Sony Handheld\HOTSYNC.EXE [2005-5-15 299008] HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-1-2 210520] Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360] NkbMonitor.exe.lnk - c:\program files\Nikon\PictureProject\NkbMonitor.exe [2005-2-27 118784] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter] 2009-05-09 12:26 11952 ----a-w- c:\windows\SYSTEM32\avgrsstx.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc] @="" [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"= "c:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"= "c:\\Program Files\\America Online 9.0\\waol.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\WINDOWS\\SYSTEM32\\DPVSETUP.EXE"= "c:\\Program Files\\Common Files\\McAfee\\MNA\\McNASvc.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Documents and Settings\\Mark\\Application Data\\Aventail\\ewpca\\ewpca.exe"= "c:\\Program Files\\AVG\\AVG8\\avgemc.exe"= "c:\\Program Files\\AVG\\AVG8\\avgupd.exe"= "c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= R1 ATMhelpr;ATMhelpr;c:\windows\SYSTEM32\DRIVERS\ATMHELPR.SYS [2/2/2005 10:42 PM 4064] R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\SYSTEM32\DRIVERS\avgldx86.sys [5/9/2009 8:26 AM 335752] R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\SYSTEM32\DRIVERS\avgtdix.sys [5/9/2009 8:26 AM 108552] R1 Odptdi;Odptdi;c:\windows\SYSTEM32\DRIVERS\odptdi.sys [3/24/2009 9:06 AM 46744] R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [5/9/2009 8:25 AM 907032] R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [5/9/2009 8:25 AM 298776] R2 NgVpnMgr;Aventail VPN Client;c:\windows\SYSTEM32\ngvpnmgr.exe [4/17/2009 1:04 PM 224867] R3 NgLog;Aventail VPN Logging;c:\windows\SYSTEM32\DRIVERS\nglog.sys [4/17/2009 1:01 PM 25216] R3 NgVpn;Aventail VPN Adapter;c:\windows\SYSTEM32\DRIVERS\ngvpn.sys [4/17/2009 1:02 PM 77952] S3 NgFilter;Aventail VPN Filter;c:\windows\SYSTEM32\DRIVERS\ngfilter.sys [4/17/2009 1:03 PM 20608] S3 NgWfp;Aventail VPN Callout;c:\windows\SYSTEM32\DRIVERS\ngwfp.sys [4/17/2009 1:03 PM 23168] S3 Wdm1;USB Bridge Cable Driver;c:\windows\SYSTEM32\DRIVERS\usbbc.sys [2/2/2005 6:35 PM 15576] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc . Contents of the 'Scheduled Tasks' folder 2009-08-26 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-04-11 17:34] 2009-08-15 c:\windows\Tasks\McDefragTask.job - c:\windows\system32\DEFRAG.EXE [2004-08-04 00:12] . . ------- Supplementary Scan ------- . uStart Page = www.usatoday.com/ uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 mSearch Bar = hxxp://www.searchalot.com/search.htm uInternet Settings,ProxyServer = proxy.ups.com:8080 uInternet Settings,ProxyOverride = localhost;lv2gardn;*.ups.com;*.wwwlog.com;*.iimorrow.com IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\Office10\EXCEL.EXE/3000 IE: {{9239E4EC-C9A6-11D2-A844-00C04F68D538} Trusted Zone: microsoft.com\office FF - ProfilePath - c:\documents and settings\Debi\Application Data\Mozilla\Firefox\Profiles\sn63c42d.default\ FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q= FF - prefs.js: browser.search.selectedEngine - Google FF - component: c:\program files\Mozilla Firefox\components\xpinstal.dll FF - component: c:\program files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar.dll FF - component: c:\program files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\metrics.dll FF - component: c:\program files\Mozilla Firefox\extensions\talkback@mozilla.org\components\qfaservices.dll FF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-08-26 22:34 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation] "Enabled"=dword:00000001 [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32] @="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10c.exe" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}] @Denied: (A 2) (Everyone) @="IFlashBroker3" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'explorer.exe'(576) c:\windows\system32\WININET.dll c:\progra~1\McAfee\SPAMKI~1\mskoeplg.dll c:\windows\system32\IEFRAME.dll . ------------------------ Other Running Processes ------------------------ . c:\progra~1\COMMON~1\AOL\ACS\AOLacsd.exe c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Maxtor\Sync\SyncServices.exe c:\program files\AVG\AVG8\avgrsx.exe c:\progra~1\AVG\AVG8\avgnsx.exe c:\windows\SYSTEM32\wdfmgr.exe c:\program files\AVG\AVG8\avgcsrvx.exe c:\program files\iPod\bin\iPodService.exe c:\program files\HP\Digital Imaging\bin\hpqste08.exe c:\program files\Java\jre1.5.0_11\bin\jucheck.exe . ************************************************************************** . Completion time: 2009-08-27 22:50 - machine was rebooted ComboFix-quarantined-files.txt 2009-08-27 02:50 Pre-Run: 23,721,234,432 bytes free Post-Run: 26,030,534,656 bytes free WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect 248 --- E O F --- 2009-08-25 07:02

Still trying to run DDS but the pop ups just won't allow it...Any other suggestions? please help dken

figured out how to post hjt file Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 8:18:28 PM, on 8/25/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16876) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\ngvpnmgr.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\svchost.exe C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Maxtor\Sync\SyncServices.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\PROGRA~1\AVG\AVG8\avgnsx.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe c:\program files\common files\mcafee\mna\mcnasvc.exe C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe C:\Program Files\Dell\Media Experience\PCMService.exe C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wdfmgr.exe C:\PROGRA~1\AVG\AVG8\avgemc.exe C:\Program Files\AVG\AVG8\avgcsrvx.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe C:\Program Files\Napster\napster.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\Program Files\QuickTime\QTTask.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter3.exe C:\Program Files\DellSupport\DSAgnt.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\PROGRA~1\McAfee.com\Agent\mcagent.exe C:\WINDOWS\System32\alg.exe C:\Program Files\Sony Handheld\HOTSYNC.EXE C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Nikon\PictureProject\NkbMonitor.exe C:\Program Files\Greetings Workshop\GWREMIND.EXE C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe c:\PROGRA~1\mcafee\msc\mcuimgr.exe C:\Program Files\Java\jre1.5.0_11\bin\jucheck.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Outlook Express\MSIMN.EXE C:\Documents and Settings\Debi\Desktop\HijackThis.exe C:\WINDOWS\system32\wbem\wmiprvse.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com/0SEENUS/SAOS10 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.usatoday.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.searchalot.com/search.htm R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.ups.com:8080 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;lv2gardn;*.ups.com;*.wwwlog.com;*.iimorrow.com ;*.local R3 - URLSearchHook: (no name) - *{4D25F926-B9FE-4682-BF72-8AB8210D6D75} - (no file) R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file) R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: McAfee AntiPhishing Filter - {41D68ED8-4CFF-4115-88A6-6EBB8AF19000} - c:\program files\mcafee\spamkiller\mcapfbho.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file) O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe" O4 - HKLM\..\Run: [intelMeM] C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe" O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" O4 - HKLM\..\Run: [updateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey O4 - HKLM\..\Run: [mxomssmenu] "C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" O4 - HKLM\..\Run: [NapsterShell] C:\Program Files\Napster\napster.exe /systray O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe" O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKUS\S-1-5-18\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'Default user') O4 - Startup: Greetings Workshop Reminders.lnk = C:\Program Files\Greetings Workshop\GWREMIND.EXE O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe O4 - Global Startup: HotSync Manager.lnk = C:\Program Files\Sony Handheld\HOTSYNC.EXE O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O9 - Extra button: (no name) - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\program files\mcafee\spamkiller\mcapfbho.dll O9 - Extra 'Tools' menuitem: McAfee AntiPhishing Filter - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\program files\mcafee\spamkiller\mcapfbho.dll O9 - Extra button: (no name) - {9239E4EC-C9A6-11D2-A844-00C04F68D538} - (no file) O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing) O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.1...toUploader5.cab O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnotes.com/download/mnviewer.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1146830347078 O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/software/...tiveXPlugin.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O16 - DPF: {FD3FF62E-61A7-48EE-A4A4-97CE7BD1F99D} (SodaAgt Class) - https://www.remote.ups.com/postauthACC/SodaAgent.CAB O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O18 - Filter hijack: text/html - {a538686e-fb8f-40f4-a6ba-a1de25576941} - C:\WINDOWS\system32\mst122.dll O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Maxtor Service (Maxtor Sync Service) - Seagate Technology LLC - C:\Program Files\Maxtor\Sync\SyncServices.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe O23 - Service: McAfee SpamKiller Server (MskService) - McAfee Inc. - C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe O23 - Service: Aventail VPN Client (NgVpnMgr) - Aventail Corporation - C:\WINDOWS\system32\ngvpnmgr.exe -- End of file - 13462 bytes does this help?

sorry ! downloaded DDS but when I try to run the scan the blockups keep coming up and the scan doesn't seem to run?It also says something about script blocking tools? where would I turn those off? Thanx

I am having problems with pop ups because of a trojan abth virus...I think the virus is in AVG vault but I can't get rid of the pop ups and I'm not very techno savy with all of this..I did download malware and am including the scan log Please Help! Thank You! Malwarebytes' Anti-Malware 1.40 Database version: 2685 Windows 5.1.2600 Service Pack 3 8/24/2009 8:27:13 PM mbam-log-2009-08-24 (20-27-13).txt Scan type: Quick Scan Objects scanned: 21860 Time elapsed: 2 minute(s), 49 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected)