Not sure of what Virus I have but I cannot browse internet

I hope this is it.


SpiderKill by DragonMaster Jay ( Oct 2009 )


Microsoft Windows XP [Version 5.1.2600]

********************Drivers list********************


Volume in drive C is PRESARIO
Volume Serial Number is 0CAC-A95D

Directory of C:\Windows\System32\Drivers

02/04/2010 02:54 PM .
02/04/2010 02:54 PM ..
10/09/2009 10:31 PM 315,408 0618218.sys
09/25/2009 04:59 PM 128,016 06182181.sys
10/22/2009 12:54 PM 37,392 06182182.sys
08/04/2004 04:00 AM 53,248 1394bus.sys
10/09/2009 10:31 PM 315,408 9384562.sys
09/25/2009 04:59 PM 128,016 93845621.sys
10/22/2009 12:54 PM 37,392 93845622.sys
10/09/2009 10:31 PM 315,408 9574416.sys
09/25/2009 04:59 PM 128,016 95744161.sys
10/22/2009 12:54 PM 37,392 95744162.sys
11/24/2009 03:47 PM 27,408 aavmker4.sys
08/04/2004 04:00 AM 187,776 acpi.sys
08/04/2004 04:00 AM 11,648 acpiec.sys
08/04/2004 04:39 AM 142,464 aec.sys
08/14/2008 01:51 AM 138,368 afd.sys
06/29/2004 09:07 AM 1,268,204 AGRSM.sys
08/01/2003 11:37 AM 1,040 alcxinit.dat
04/20/2005 10:00 AM 2,317,696 ALCXWDM.SYS
08/04/2004 10:00 AM 36,992 amdk6.sys
08/04/2004 10:00 AM 37,376 amdk7.sys
03/09/2005 01:53 PM 36,352 AmdK8.sys
08/04/2004 10:00 AM 60,800 arp1394.sys
11/24/2009 03:50 PM 20,560 aswFsBlk.sys
11/24/2009 03:51 PM 93,424 aswmon.sys
11/24/2009 03:50 PM 94,160 aswmon2.sys
11/24/2009 03:48 PM 23,120 aswRdr.sys
11/24/2009 03:50 PM 114,768 aswSP.sys
11/24/2009 03:49 PM 48,560 aswTdi.sys
08/04/2004 04:00 AM 14,336 asyncmac.sys
08/04/2004 04:00 AM 95,360 atapi.sys
08/04/2004 04:00 AM 59,904 atmarpc.sys
08/04/2004 04:00 AM 31,360 atmepvc.sys
08/04/2004 04:00 AM 55,936 atmlane.sys
08/04/2004 04:00 AM 352,256 atmuni.sys
08/17/2001 11:59 AM 3,072 audstub.sys
02/04/2010 08:00 PM Avg
01/26/2010 03:04 PM 333,192 avgldx86.sys
01/26/2010 03:04 PM 28,424 avgmfx86.sys
01/26/2010 03:04 PM 360,584 avgtdix.sys
08/04/2004 04:00 AM 4,224 beep.sys
08/04/2004 04:00 AM 71,552 bridge.sys
06/13/2008 05:10 AM 272,128 bthport.sys
08/04/2004 04:00 AM 13,952 cbidf2k.sys
08/03/2004 10:10 PM 17,024 CCDECODE.sys
08/04/2004 10:00 AM 18,688 cdaudio.sys
08/04/2004 04:00 AM 63,744 cdfs.sys
05/02/2008 01:05 AM 62,592 cdrom.sys
08/04/2004 10:00 AM 262,528 cinemst2.sys
08/04/2004 04:00 AM 49,664 classpnp.sys
08/04/2004 10:00 AM 11,776 cpqdap01.sys
08/04/2004 10:00 AM 36,480 crusoe.sys
08/17/2001 11:19 AM 96,256 ctlsb16.sys
01/27/2005 01:30 PM disdn
08/04/2004 04:00 AM 36,352 disk.sys
08/04/2004 04:00 AM 14,208 diskdump.sys
08/04/2004 04:00 AM 799,744 dmboot.sys
08/04/2004 04:00 AM 153,344 dmio.sys
08/04/2004 04:00 AM 5,888 dmload.sys
08/04/2004 05:07 AM 52,864 DMusic.sys
08/03/2004 10:08 PM 60,288 drmk.sys
08/04/2004 05:07 AM 2,944 drmkaud.sys
08/04/2004 04:00 AM 10,496 dxapi.sys
08/04/2004 04:00 AM 71,040 dxg.sys
08/04/2004 04:00 AM 3,328 dxgthk.sys
08/17/2001 11:46 AM 6,400 enum1394.sys
01/27/2010 01:35 PM etc
08/04/2004 04:00 AM 143,360 fastfat.sys
12/02/2003 05:23 PM 142,336 Fasttx2k.sys
08/04/2004 04:00 AM 27,392 fdc.sys
08/04/2004 04:00 AM 34,944 fips.sys
08/04/2004 04:00 AM 20,480 flpydisk.sys
08/04/2004 04:00 AM 124,800 fltMgr.sys
08/04/2004 10:00 AM 12,160 fsvga.sys
08/04/2004 04:00 AM 7,936 fs_rec.sys
08/04/2004 04:00 AM 125,056 ftdisk.sys
08/04/2004 05:07 AM 46,464 GAGP30KX.SYS
08/04/2004 04:00 AM 3,440,660 gm.dls
08/04/2004 04:00 AM 646 gmreadme.txt
08/04/2004 04:00 AM 36,224 hidclass.sys
08/04/2004 04:00 AM 24,960 hidparse.sys
08/17/2001 01:02 PM 9,600 hidusb.sys
10/20/2009 06:58 AM 263,552 http.sys
08/03/2004 10:14 PM 52,736 i8042prt.sys
12/16/2008 08:50 PM 13,584 iKeyLgFT.dll
08/04/2004 04:00 AM 41,856 imapi.sys
08/04/2004 04:00 AM 5,504 intelide.sys
08/04/2004 04:00 AM 29,056 ip6fw.sys
08/04/2004 04:00 AM 32,896 ipfltdrv.sys
08/04/2004 04:00 AM 20,992 ipinip.sys
08/04/2004 04:00 AM 134,912 ipnat.sys
08/04/2004 04:00 AM 74,752 ipsec.sys
08/04/2004 04:00 AM 11,264 irenum.sys
08/04/2004 04:00 AM 35,840 isapnp.sys
08/03/2004 09:58 PM 24,576 kbdclass.sys
08/04/2004 05:07 AM 171,776 kmixer.sys
08/03/2004 10:15 PM 140,928 ks.sys
06/22/2009 03:34 AM 92,544 ksecdd.sys
01/13/2010 03:18 AM 0 logiflt.iad
12/16/2008 08:38 PM 69,592 LVFaL000.cfg
12/16/2008 08:38 PM 227,172 LVFeL000.cfg
12/16/2008 08:38 PM 146,680 LVFeL001.cfg
12/16/2008 08:38 PM 85,302 LVFeL002.cfg
12/16/2008 09:58 PM 114,712 lvpopflt.sys
12/16/2008 08:58 PM 25,624 LVPr2Mon.sys
12/16/2008 10:00 PM 768,024 lvrs.sys
12/16/2008 10:01 PM 41,752 LVUSBSta.sys
01/16/2010 04:21 AM 0 lvuvc.hs
12/16/2008 10:01 PM 6,364,440 lvuvc.sys
12/16/2008 10:02 PM 23,832 lvuvcflt.sys
08/03/2009 12:36 PM 19,096 mbam.sys
08/03/2009 12:36 PM 38,160 mbamswissarmy.sys
08/04/2004 04:00 AM 7,680 mcd.sys
08/04/2004 10:00 AM 63,744 mf.sys
08/04/2004 04:00 AM 4,224 mnmdd.sys
08/04/2004 10:00 AM 30,080 modem.sys
08/04/2004 10:00 AM 23,040 mouclass.sys
08/04/2004 04:00 AM 42,240 mountmgr.sys
08/04/2004 04:00 AM 181,248 mrxdav.sys
10/24/2008 03:10 AM 453,632 mrxsmb.sys
08/04/2004 04:00 AM 19,072 msfs.sys
08/04/2004 04:00 AM 35,072 msgpc.sys
08/04/2004 04:58 AM 7,552 MSKSSRV.sys
08/04/2004 04:58 AM 5,376 MSPCLOCK.sys
08/04/2004 04:58 AM 4,992 MSPQM.sys
08/04/2004 10:00 AM 15,488 mssmbios.sys
08/03/2004 09:58 PM 5,504 MSTEE.sys
08/04/2004 04:00 AM 107,904 mup.sys
08/03/2004 10:10 PM 85,376 NABTSFEC.sys
08/04/2004 04:00 AM 182,912 ndis.sys
08/03/2004 10:10 PM 10,880 NdisIP.sys
08/04/2004 04:00 AM 9,600 ndistapi.sys
08/04/2004 10:00 AM 12,928 ndisuio.sys
08/04/2004 04:00 AM 91,776 ndiswan.sys
08/04/2004 04:00 AM 38,016 ndproxy.sys
08/04/2004 04:00 AM 34,560 netbios.sys
08/04/2004 04:00 AM 162,816 netbt.sys
08/04/2004 10:00 AM 61,824 nic1394.sys
08/04/2004 10:00 AM 12,032 nikedrv.sys
08/04/2004 04:00 AM 40,320 nmnt.sys
08/04/2004 04:00 AM 30,848 npfs.sys
08/04/2004 10:00 AM 574,592 ntfs.sys
08/04/2004 04:00 AM 2,944 null.sys
08/04/2004 04:00 AM 12,416 nwlnkflt.sys
08/04/2004 04:00 AM 32,512 nwlnkfwd.sys
08/04/2004 04:00 AM 88,448 nwlnkipx.sys
08/04/2004 04:00 AM 63,232 nwlnknb.sys
08/04/2004 04:00 AM 55,936 nwlnkspx.sys
08/04/2004 04:00 AM 61,056 ohci1394.sys
08/04/2004 04:00 AM 3,456 oprghdlr.sys
08/04/2004 10:00 AM 42,496 p3.sys
08/04/2004 10:00 AM 80,128 parport.sys
08/04/2004 04:00 AM 18,688 partmgr.sys
08/04/2004 04:00 AM 6,784 parvdm.sys
08/04/2004 04:00 AM 68,224 pci.sys
08/04/2004 04:00 AM 3,328 pciide.sys
08/04/2004 04:00 AM 25,088 pciidex.sys
08/04/2004 04:00 AM 119,936 pcmcia.sys
08/03/2004 10:15 PM 145,792 portcls.sys
08/04/2004 10:00 AM 35,328 processr.sys
07/29/2002 01:43 PM 23,808 PS2.sys
08/04/2004 04:00 AM 69,120 psched.sys
08/04/2004 04:00 AM 17,792 ptilink.sys
01/26/2005 08:03 AM 20,576 pxhelp20.sys
08/04/2004 04:00 AM 8,832 rasacd.sys
08/04/2004 04:00 AM 51,328 rasl2tp.sys
08/04/2004 04:00 AM 41,472 raspppoe.sys
08/04/2004 04:00 AM 48,384 raspptp.sys
08/04/2004 04:00 AM 16,512 raspti.sys
08/04/2004 04:00 AM 34,432 rawwan.sys
10/28/2004 12:13 AM 174,592 rdbss.sys
08/04/2004 04:00 AM 4,224 rdpcdd.sys
08/04/2004 05:01 AM 196,864 rdpdr.sys
08/04/2004 04:00 AM 139,400 rdpwd.sys
08/03/2004 08:59 PM 57,472 redbook.sys
08/04/2004 10:00 AM 12,032 rio8drv.sys
08/04/2004 10:00 AM 12,032 riodrv.sys
05/08/2008 04:28 AM 202,752 rmcast.sys
08/04/2004 04:00 AM 30,080 rndismp.sys
08/04/2004 04:00 AM 5,888 rootmdm.sys
08/03/2004 08:31 PM 20,992 RTL8139.sys
08/04/2004 04:00 AM 96,256 scsiport.sys
08/04/2004 04:00 AM 67,584 sdbus.sys
08/04/2004 04:00 AM 27,440 secdrv.sys
08/04/2004 04:00 AM 15,488 serenum.sys
08/04/2004 04:00 AM 64,896 serial.sys
08/04/2004 04:00 AM 11,136 sffdisk.sys
08/04/2004 04:00 AM 10,240 sffp_sd.sys
08/04/2004 04:00 AM 11,392 sfloppy.sys
04/12/2005 10:08 AM 247,296 sisgrp.sys
07/11/2003 02:28 PM 32,768 sisnic.sys
08/03/2004 10:10 PM 11,136 SLIP.sys
08/04/2004 04:00 AM 14,592 smclib.sys
08/04/2004 10:00 AM 25,472 sonydcam.sys
08/04/2004 05:07 AM 6,400 splitter.sys
08/04/2004 04:00 AM 73,472 sr.sys
12/11/2008 03:57 AM 333,184 srv.sys
04/12/2005 10:42 AM 11,904 srvkp.sys
08/03/2004 10:08 PM 48,640 stream.sys
08/03/2004 10:10 PM 15,360 StreamIP.sys
08/04/2004 10:00 AM 4,352 swenum.sys
08/17/2001 08:00 PM 54,272 swmidi.sys
08/04/2004 05:15 AM 60,800 sysaudio.sys
08/04/2004 04:00 AM 14,976 tape.sys
06/20/2008 02:45 AM 360,320 tcpip.sys
06/20/2008 01:52 AM 225,920 tcpip6.sys
08/04/2004 04:00 AM 18,560 tdi.sys
08/04/2004 04:00 AM 12,040 tdpipe.sys
08/04/2004 04:00 AM 21,896 tdtcp.sys
08/04/2004 07:01 AM 40,840 termdd.sys
08/04/2004 10:00 AM 51,712 tosdvd.sys
08/04/2004 10:00 AM 21,376 tsbvcap.sys
08/04/2004 10:00 AM 12,416 tunmp.sys
08/04/2004 04:00 AM 66,176 udfs.sys
08/04/2004 04:00 AM 209,408 update.sys
08/04/2004 04:00 AM 12,672 usb8023.sys
08/03/2004 10:07 PM 59,264 USBAUDIO.sys
08/04/2004 10:00 AM 23,808 usbcamd.sys
08/04/2004 10:00 AM 23,936 usbcamd2.sys
08/03/2004 10:08 PM 31,616 usbccgp.sys
08/04/2004 04:00 AM 4,736 usbd.sys
08/04/2004 04:00 AM 26,624 usbehci.sys
08/04/2004 04:00 AM 57,600 usbhub.sys
08/04/2004 10:00 AM 16,000 usbintel.sys
08/04/2004 04:00 AM 17,024 usbohci.sys
08/04/2004 04:00 AM 142,976 usbport.sys
08/03/2004 10:01 PM 25,856 usbprint.sys
08/03/2004 09:58 PM 15,104 usbscan.sys
08/04/2004 04:00 AM 26,496 USBSTOR.SYS
08/04/2004 04:00 AM 20,480 usbuhci.sys
08/03/2004 10:10 PM 78,464 usbvideo.sys
01/30/2010 05:23 AM 7,168 utmyndy4.sys
08/04/2004 10:00 AM 58,112 vdmindvd.sys
08/04/2004 04:00 AM 20,992 vga.sys
08/04/2004 04:00 AM 5,376 viaide.sys
08/04/2004 04:00 AM 79,744 videoprt.sys
08/04/2004 04:00 AM 52,352 volsnap.sys
08/04/2004 04:00 AM 34,560 wanarp.sys
08/04/2004 05:15 AM 82,944 wdmaud.sys
08/04/2004 04:00 AM 4,352 wmilib.sys
08/11/2004 07:45 AM 18,944 wpdusb.sys
08/04/2004 04:00 AM 12,032 ws2ifsl.sys
08/03/2004 10:10 PM 19,328 WSTCODEC.SYS
239 File(s) 30,644,496 bytes

Directory of C:\Windows\System32\Drivers\Avg

02/04/2010 08:00 PM .
02/04/2010 08:00 PM ..
01/26/2010 03:04 PM 6,061,540 avi7.avg
01/26/2010 03:04 PM 113,461 iavichjw.avm
02/04/2010 08:00 PM 55,111,383 incavi.avm
01/26/2010 03:04 PM 142,495 microavi.avg
01/26/2010 03:04 PM 492,629 miniavi.avg
5 File(s) 61,921,508 bytes

Directory of C:\Windows\System32\Drivers\disdn

01/27/2005 01:30 PM .
01/27/2005 01:30 PM ..
0 File(s) 0 bytes

Directory of C:\Windows\System32\Drivers\etc

01/27/2010 01:35 PM .
01/27/2010 01:35 PM ..
01/27/2010 01:35 PM 27 hosts
08/04/2004 04:00 AM 3,683 lmhosts.sam
08/04/2004 10:00 AM 407 networks
08/04/2004 10:00 AM 799 protocol
08/04/2004 10:00 AM 7,116 services
5 File(s) 12,032 bytes

Total Files Listed:
249 File(s) 92,578,036 bytes
11 Dir(s) 109,661,822,976 bytes free


***********************Hidden Drivers********************
Volume in drive C is PRESARIO
Volume Serial Number is 0CAC-A95D

Directory of C:\Windows\System32\Drivers

05/04/2009 07:24 AM 1,849 103C_HP_CPC_PX801AA-ABA SR1520NX NA530_YC_0Pres_QCNH520_E53NAheRED2_47_ISalmon_SASUSTek Computer INC._V1.04_B3.12_T050420_WXH2_L409_M384_J160_7AMD_8Sempron_91.81_#050701_N10390900_Z11C1048C_G10396330.MRK
1 File(s) 1,849 bytes
0 Dir(s) 109,661,822,976 bytes free


*********************Processes*******************


PROCESS PID PRIO PATH
smss.exe 476 Normal C:\WINDOWS\System32\smss.exe
csrss.exe 560 Normal C:\WINDOWS\system32\csrss.exe
winlogon.exe 588 High C:\WINDOWS\system32\winlogon.exe
services.exe 640 Normal C:\WINDOWS\system32\services.exe
lsass.exe 652 Normal C:\WINDOWS\system32\lsass.exe
svchost.exe 804 Normal C:\WINDOWS\system32\svchost.exe
svchost.exe 868 Normal C:\WINDOWS\system32\svchost.exe
svchost.exe 944 Normal C:\WINDOWS\System32\svchost.exe
svchost.exe 1028 Normal C:\WINDOWS\system32\svchost.exe
avgchsvx.exe 1076 Normal C:\Program Files\AVG\AVG9\avgchsvx.exe
avgrsx.exe 1104 Normal C:\Program Files\AVG\AVG9\avgrsx.exe
svchost.exe 1148 Normal C:\WINDOWS\system32\svchost.exe
avgcsrvx.exe 1224 Normal C:\Program Files\AVG\AVG9\avgcsrvx.exe
Explorer.EXE 1776 Normal C:\WINDOWS\Explorer.EXE
aswUpdSv.exe 1856 Normal C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
IswSvc.exe 1936 Normal C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
ashServ.exe 2004 Normal C:\Program Files\Alwil Software\Avast4\ashServ.exe
ForceField.exe 168 Normal C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
spoolsv.exe 552 Normal C:\WINDOWS\system32\spoolsv.exe
svchost.exe 1264 Normal C:\WINDOWS\system32\svchost.exe
avgwdsvc.exe 1432 Normal C:\Program Files\AVG\AVG9\avgwdsvc.exe
jqs.exe 1488 Idle C:\Program Files\Java\jre6\bin\jqs.exe
LVPrcSrv.exe 1528 Normal C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
lxddserv.exe 1668 Normal C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxddserv.exe
avgnsx.exe 1732 Normal C:\Program Files\AVG\AVG9\avgnsx.exe
lxddcoms.exe 1784 High C:\WINDOWS\system32\lxddcoms.exe
mbamservice.exe 1892 Normal C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
MDM.EXE 2040 Normal C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
svchost.exe 252 Normal C:\WINDOWS\system32\svchost.exe
wdfmgr.exe 372 Normal C:\WINDOWS\system32\wdfmgr.exe
YahooAUService.exe 984 Normal C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
avgemc.exe 1176 Normal C:\Program Files\AVG\AVG9\avgemc.exe
avgcsrvx.exe 1480 Normal C:\Program Files\AVG\AVG9\avgcsrvx.exe
alg.exe 2944 Normal C:\WINDOWS\System32\alg.exe
wuauclt.exe 3184 Normal C:\WINDOWS\system32\wuauclt.exe
realsched.exe 3676 Normal C:\Program Files\Common Files\Real\Update_OB\realsched.exe
ashDisp.exe 3704 Normal C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
jusched.exe 3716 Normal C:\Program Files\Java\jre6\bin\jusched.exe
ALCXMNTR.EXE 3740 Normal C:\WINDOWS\ALCXMNTR.EXE
qttask.exe 3776 Normal C:\Program Files\QuickTime\qttask.exe
Quickcam.exe 3792 Normal C:\Program Files\Logitech\QuickCam\Quickcam.exe
lxddmon.exe 3824 Normal C:\Program Files\Lexmark 2500 Series\lxddmon.exe
lxddamon.exe 3868 Normal C:\Program Files\Lexmark 2500 Series\lxddamon.exe
SearchProtection.exe 3924 Normal C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
mbamgui.exe 3948 Normal C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
avgtray.exe 3968 Normal C:\PROGRA~1\AVG\AVG9\avgtray.exe
zlclient.exe 3988 Normal C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
ctfmon.exe 308 Normal C:\WINDOWS\system32\ctfmon.exe
COCIManager.exe 2500 Normal C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
iexplore.exe 3112 Normal C:\Program Files\internet explorer\iexplore.exe
vsmon.exe 3484 Normal C:\WINDOWS\system32\ZoneLabs\vsmon.exe
KBD.EXE 3400 High C:\HP\KBD\KBD.EXE
AGRSMMSG.exe 1504 Normal C:\WINDOWS\AGRSMMSG.exe
hpsysdrv.exe 1924 Normal c:\windows\system\hpsysdrv.exe
cmd.exe 188 Normal C:\WINDOWS\system32\cmd.exe
processes.exe 4092 Normal C:\Documents and Settings\Compaq_Owner.YOUR-F78BF48CE2\Desktop\SpiderKill\SpiderKill\processes.exe


Module information for 'Explorer.EXE'(1776)
MODULE BASE SIZE PATH
Explorer.EXE 1000000 1044480 C:\WINDOWS\Explorer.EXE 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) Windows Explorer
ntdll.dll 7c900000 729088 C:\WINDOWS\system32\ntdll.dll 5.1.2600.3520 (xpsp_sp2_gdr.090206-1233) NT Layer DLL
kernel32.dll 7c800000 1003520 C:\WINDOWS\system32\kernel32.dll 5.1.2600.3541 (xpsp_sp2_gdr.090321-1320) Windows NT BASE API Client DLL
msvcrt.dll 77c10000 360448 C:\WINDOWS\system32\msvcrt.dll 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows NT CRT DLL
ADVAPI32.dll 77dd0000 634880 C:\WINDOWS\system32\ADVAPI32.dll 5.1.2600.3520 (xpsp_sp2_gdr.090206-1233) Advanced Windows 32 Base API
RPCRT4.dll 77e70000 598016 C:\WINDOWS\system32\RPCRT4.dll 5.1.2600.3555 (xpsp_sp2_gdr.090415-1235) Remote Procedure Call Runtime
Secur32.dll 77fe0000 69632 C:\WINDOWS\system32\Secur32.dll 5.1.2600.3592 (xpsp_sp2_gdr.090622-1453) Security Support Provider Interface
GDI32.dll 77f10000 294912 C:\WINDOWS\system32\GDI32.dll 5.1.2600.3466 (xpsp_sp2_gdr.081022-1254) GDI Client DLL
USER32.dll 77d40000 589824 C:\WINDOWS\system32\USER32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows XP USER API Client DLL
SHLWAPI.dll 77f60000 483328 C:\WINDOWS\system32\SHLWAPI.dll 6.00.2900.3562 (xpsp_sp2_gdr.090427-1232) Shell Light-weight Utility Library
SHELL32.dll 7c9c0000 8478720 C:\WINDOWS\system32\SHELL32.dll 6.00.2900.3402 (xpsp_sp2_gdr.080702-1233) Windows Shell Common Dll
ole32.dll 774e0000 1294336 C:\WINDOWS\system32\ole32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Microsoft OLE for Windows
OLEAUT32.dll 77120000 573440 C:\WINDOWS\system32\OLEAUT32.dll 5.1.2600.2180 5.1.2600.2180
BROWSEUI.dll 75f80000 1036288 C:\WINDOWS\system32\BROWSEUI.dll 6.00.2900.3562 (xpsp_sp2_gdr.090427-1232) Shell Browser UI Library
SHDOCVW.dll 7e290000 1503232 C:\WINDOWS\system32\SHDOCVW.dll 6.00.2900.3562 (xpsp_sp2_gdr.090427-1232) Shell Doc Object and Control Library
CRYPT32.dll 77a80000 606208 C:\WINDOWS\system32\CRYPT32.dll 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158) Crypto API32
MSASN1.dll 77b20000 73728 C:\WINDOWS\system32\MSASN1.dll 5.1.2600.3624 (xpsp_sp2_gdr.090904-1413) ASN.1 Runtime APIs
CRYPTUI.dll 754d0000 524288 C:\WINDOWS\system32\CRYPTUI.dll 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158) Microsoft Trust UI Provider
WINTRUST.dll 76c30000 188416 C:\WINDOWS\system32\WINTRUST.dll 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158) Microsoft Trust Verification APIs
IMAGEHLP.dll 76c90000 163840 C:\WINDOWS\system32\IMAGEHLP.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows NT Image Helper
NETAPI32.dll 5b860000 344064 C:\WINDOWS\system32\NETAPI32.dll 5.1.2600.3462 (xpsp_sp2_gdr.081015-1244) Net Win32 API DLL
WININET.dll 3d930000 856064 C:\WINDOWS\system32\WININET.dll 7.00.6000.16981 (vista_gdr.091215-2244) Internet Extensions for Win32
Normaliz.dll 400000 36864 C:\WINDOWS\system32\Normaliz.dll 6.0.5441.0 (winmain(wmbla).060628-1735) Unicode Normalization DLL
iertutil.dll 3dfd0000 282624 C:\WINDOWS\system32\iertutil.dll 7.00.6000.16981 (vista_gdr.091215-2244) Run time utility for Internet Explorer
WLDAP32.dll 76f60000 180224 C:\WINDOWS\system32\WLDAP32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Win32 LDAP API DLL
VERSION.dll 77c00000 32768 C:\WINDOWS\system32\VERSION.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Version Checking and File Installation Libraries
UxTheme.dll 5ad70000 229376 C:\WINDOWS\system32\UxTheme.dll 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) Microsoft UxTheme Library
ShimEng.dll 5cb70000 155648 C:\WINDOWS\system32\ShimEng.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Shim Engine DLL
AcGenral.DLL 6f880000 1875968 C:\WINDOWS\AppPatch\AcGenral.DLL 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows Compatibility DLL
WINMM.dll 76b40000 184320 C:\WINDOWS\system32\WINMM.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) MCI API DLL
MSACM32.dll 77be0000 86016 C:\WINDOWS\system32\MSACM32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Microsoft ACM Audio Filter
USERENV.dll 769c0000 733184 C:\WINDOWS\system32\USERENV.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Userenv
IMM32.DLL 76390000 118784 C:\WINDOWS\system32\IMM32.DLL 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows XP IMM32 API Client DLL
comctl32.dll 773d0000 1056768 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll 6.0 (xpsp_sp2_rtm.040803-2158) User Experience Controls Library
comctl32.dll 5d090000 618496 C:\WINDOWS\system32\comctl32.dll 5.82 (xpsp_sp2_rtm.040803-2158) Common Controls Library
msctfime.ime 755c0000 188416 C:\WINDOWS\system32\msctfime.ime 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Microsoft Text Frame Work Service IME
appHelp.dll 77b40000 139264 C:\WINDOWS\system32\appHelp.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Application Compatibility Client Library
CLBCATQ.DLL 76fd0000 520192 C:\WINDOWS\system32\CLBCATQ.DLL 2001.12.4414.258 2001.12.4414.258
COMRes.dll 77050000 806912 C:\WINDOWS\system32\COMRes.dll 2001.12.4414.258 2001.12.4414.258
cscui.dll 77a20000 344064 C:\WINDOWS\System32\cscui.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Client Side Caching UI
CSCDLL.dll 76600000 118784 C:\WINDOWS\System32\CSCDLL.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Offline Network Agent
themeui.dll 5ba60000 462848 C:\WINDOWS\system32\themeui.dll 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) Windows Theme API
MSIMG32.dll 76380000 20480 C:\WINDOWS\system32\MSIMG32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) GDIEXT Client DLL
xpsp2res.dll 20000000 2904064 C:\WINDOWS\system32\xpsp2res.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Service Pack 2 Messages
ISWSHEX.dll 20c20000 626688 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll 1, 5, 53, 4 ZoneAlarm ForceField
MSVCR80.dll 78130000 634880 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\MSVCR80.dll 8.00.50727.4053 Microsoft C Runtime Library
MSVCP80.dll 7c420000 552960 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\MSVCP80.dll 8.00.50727.4053 Microsoft C++ Runtime Library
NTMARTA.DLL 77690000 135168 C:\WINDOWS\system32\NTMARTA.DLL 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows NT MARTA provider
SAMLIB.dll 71bf0000 77824 C:\WINDOWS\system32\SAMLIB.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) SAM Library DLL
actxprxy.dll 71d40000 114688 C:\WINDOWS\system32\actxprxy.dll 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) ActiveX Interface Marshaling Library
LVPrcInj01.dll 13f0000 110592 C:\WINDOWS\TEMP\logishrd\LVPrcInj01.dll 11.90.1262.0 Camera Helper Library.
LINKINFO.dll 76980000 32768 C:\WINDOWS\system32\LINKINFO.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows Volume Tracking
ntshrui.dll 76990000 151552 C:\WINDOWS\system32\ntshrui.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Shell extensions for sharing
ATL.DLL 76b20000 69632 C:\WINDOWS\system32\ATL.DLL 3.05.2284 ATL Module for Windows XP (Unicode)
SETUPAPI.dll 77920000 995328 C:\WINDOWS\system32\SETUPAPI.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows Setup API
WINSTA.dll 76360000 65536 C:\WINDOWS\system32\WINSTA.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Winstation Library
ieframe.dll 3e1c0000 6082560 C:\WINDOWS\system32\ieframe.dll 7.00.6000.16981 (vista_gdr.091215-2244) Internet Explorer
PSAPI.DLL 76bf0000 45056 C:\WINDOWS\system32\PSAPI.DLL 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Process Status Helper
webcheck.dll 42e40000 245760 C:\WINDOWS\system32\webcheck.dll 7.00.6000.16981 (vista_gdr.091215-2244) Web Site Monitor
NETSHELL.dll 76400000 1728512 C:\WINDOWS\system32\NETSHELL.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Network Connections Shell
rtutils.dll 76e80000 57344 C:\WINDOWS\system32\rtutils.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Routing Utilities
credui.dll 76c00000 188416 C:\WINDOWS\system32\credui.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Credential Manager User Interface
WS2_32.dll 71ab0000 94208 C:\WINDOWS\system32\WS2_32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows Socket 2.0 32-Bit DLL
WS2HELP.dll 71aa0000 32768 C:\WINDOWS\system32\WS2HELP.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows Socket 2.0 Helper for Windows NT
iphlpapi.dll 76d60000 102400 C:\WINDOWS\system32\iphlpapi.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) IP Helper API
stobject.dll 76280000 135168 C:\WINDOWS\system32\stobject.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Systray shell service object
BatMeter.dll 74af0000 40960 C:\WINDOWS\system32\BatMeter.dll 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) Battery Meter Helper DLL
POWRPROF.dll 74ad0000 32768 C:\WINDOWS\system32\POWRPROF.dll 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) Power Profile Helper DLL
WTSAPI32.dll 76f50000 32768 C:\WINDOWS\system32\WTSAPI32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows Terminal Server SDK APIs
urlmon.dll 1750000 1212416 C:\WINDOWS\system32\urlmon.dll 7.00.6000.16981 (vista_gdr.091215-2244) OLE32 Extensions for Win32
msi.dll 47600000 2867200 C:\WINDOWS\system32\msi.dll 3.1.4000.2805 Windows Installer
wdmaud.drv 72d20000 36864 C:\WINDOWS\system32\wdmaud.drv 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) WDM Audio driver mapper
msacm32.drv 72d10000 32768 C:\WINDOWS\system32\msacm32.drv 5.1.2600.0 (xpclient.010817-1148) Microsoft Sound Mapper
midimap.dll 77bd0000 28672 C:\WINDOWS\system32\midimap.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Microsoft MIDI Mapper
MPR.dll 71b20000 73728 C:\WINDOWS\system32\MPR.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Multiple Provider Router DLL
drprov.dll 75f60000 28672 C:\WINDOWS\System32\drprov.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Microsoft Terminal Server Network Provider
ntlanman.dll 71c10000 57344 C:\WINDOWS\System32\ntlanman.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Microsoft Lan Manager
NETUI0.dll 71cd0000 94208 C:\WINDOWS\System32\NETUI0.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) NT LM UI Common Code - GUI Classes
NETUI1.dll 71c90000 262144 C:\WINDOWS\System32\NETUI1.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) NT LM UI Common Code - Networking classes
NETRAP.dll 71c80000 28672 C:\WINDOWS\System32\NETRAP.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Net Remote Admin Protocol DLL
davclnt.dll 75f70000 36864 C:\WINDOWS\System32\davclnt.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Web DAV Client DLL
MLANG.dll 75cf0000 593920 C:\WINDOWS\system32\MLANG.dll 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) Multi Language Support DLL
fxsst.dll 68df0000 577536 C:\WINDOWS\system32\fxsst.dll 5.2.2600.2180 (xpsp_sp2_rtm.040803-2158) Fax Service
WINSPOOL.DRV 73000000 155648 C:\WINDOWS\system32\WINSPOOL.DRV 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows Spooler Driver
FXSAPI.dll 5a980000 466944 C:\WINDOWS\system32\FXSAPI.dll 5.2.2600.2180 (xpsp_sp2_rtm.040803-2158) Microsoft Fax API Support DLL
MSCTF.dll 74720000 307200 C:\WINDOWS\system32\MSCTF.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) MSCTF Server DLL
mslbui.dll 605d0000 36864 C:\WINDOWS\system32\mslbui.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) LangageBar Add In
SXS.DLL 7e720000 720896 C:\WINDOWS\system32\SXS.DLL 5.1.2600.3295 (xpsp_sp2_qfe.080117-1235) Fusion 2.5
rarext.dll 10000000 180224 C:\Program Files\WinRAR\rarext.dll
mbamext.dll be0000 73728 C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll 1, 2, 0, 0 Malwarebytes' Anti-Malware
avgse.dll 6c330000 118784 C:\Program Files\AVG\AVG9\avgse.dll 9.0.0.663 AVG Shell Extension
ashShell.dll 64f00000 73728 C:\Program Files\Alwil Software\Avast4\ashShell.dll 4, 8, 1367, 0 avast! Shell Extension
browselc.dll fb0000 73728 C:\WINDOWS\system32\browselc.dll 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) Shell Browser UI Library
TrustCheckerIEPlugin.dll 21300000 577536 C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll 1, 5, 53, 4 ZoneAlarm ForceField
DUSER.dll 6c1b0000 315392 C:\WINDOWS\system32\DUSER.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows DirectUser Engine
PDFShell.dll 31a0000 372736 C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll 9.1.0.2009022700 PDF Shell Extension
rsaenh.dll ffd0000 163840 C:\WINDOWS\system32\rsaenh.dll 5.1.2600.2161 (xpsp.040706-1629) Microsoft Enhanced Cryptographic Provider



******************************************
EOF

Please go HERE. Copy and paste the following file path in to the box.

c:\windows\system32\drivers\0618218.sys

Then click submit.

Please post the results (URL) to your next reply.

This what you wanted

File has already been analysed:
MD5: 66ef49622baa18e4d4f1fe4bae1d51b8
First received: 2009.10.16 14:44:03 UTC
Date: 2010.02.05 10:09:32 UTC [<1D]
Results: 0/39
Permalink: analisis/d30daffafc29919c891c8952fc27890d735e4368c706ef452aa86b8b05cd7884-1265364572

Now to get you off to a good start we will clean your restore points so that all the bad stuff is gone for good. Then if you need to restore at some stage you will be clean. There are several ways to reset your restore points, but this is my method:

• Select Start > All Programs > Accessories > System tools > System Restore.
  
• On the dialogue box that appears select Create a Restore Point
  
• Click NEXT
  
• Enter a name e.g. Clean
  
• Click CREATE

You now have a clean restore point, to get rid of the bad ones:

• Select Start > All Programs > Accessories > System tools > Disk Cleanup.
  
• In the Drop down box that appears select your main drive e.g. C
  
• Click OK
  
• The System will do some calculation and the display a dialogue box with TABS
  
• Select the More Options Tab.
  
• At the bottom will be a system restore box with a CLEANUP button click this
  
• Accept the Warning and select OK again, the program will close and you are done
  

To remove all of the tools we used and the files and folders they created, please do the following:
Please download OTC.exe by OldTimer:

• Save it to your Desktop.
  
• Double click OTC.exe.
  
• Click the CleanUp! button.
  
• If you are prompted to Reboot during the cleanup, select Yes.
  
• The tool will delete itself once it finishes.
  

Note: If any tool, file or folder (belonging to the program we have used) hasn't been deleted, please delete it manually.

==

Please download TFC by OldTimer to your desktop

• Please double-click TFC.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).
  
• It will close all programs when run, so make sure you have saved all your work before you begin.
  
• Click the Start
  button to begin the process. Depending on how often you clean temp
  files, execution time should be anywhere from a few seconds to a minute
  or two. Let it run uninterrupted to completion.
  
• Once it's finished it should reboot your machine. If it does not, please manually reboot the machine yourself to ensure a complete clean.

==

Download Security Check by screen317 from SpywareInfoforum.org or Changelog.fr.

• Save it to your Desktop.
• Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
• A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Results of screen317's Security Check version 0.99.1
Windows XP Service Pack 2
Out of date service pack!!
``````````````````````````````
Antivirus/Firewall Check:
Windows Firewall Disabled!
avast! Antivirus
AVG Free 9.0
ZoneAlarm
ZoneAlarm Toolbar
``````````````````````````````
Anti-malware/Other Utilities Check:
Java(TM) 6 Update 13
Out of date Java installed!
Adobe Flash Player 10
Adobe Reader 9.1
``````````````````````````````
Process Check:
objlist.exe by Laurent
Malwarebytes' Anti-Malware mbamservice.exe
Malwarebytes' Anti-Malware mbamgui.exe
AVG avgwdsvc.exe
AVG avgtray.exe
AVG avgrsx.exe
AVG avgnsx.exe
AVG avgemc.exe
AVG avgemc.exe
Alwil Software Avast4 aswUpdSv.exe
Alwil Software Avast4 ashServ.exe
Alwil Software Avast4 ashDisp.exe
Zone Labs ZoneAlarm zlclient.exe
``````````````````````````````
DNS Vulnerability Check:
GREAT! (Not vulnerable to DNS cache poisoning)

`````````End of Log```````````

Please upgrade to Windows XP SP3, because it includes all previously released updates. It also includes a small number of new functionalities. Some of the updates that Service Pack 3 provides, you may not have. It is now available via Windows Update.

More info about SP3: http://www.GeekPolice.net/operating-systems-f20/windows-xp-service-pack-3-information-t16956.htm

=====

Please download the newest version of Java from Java.com.

Before installing: it is important to remove older versions of Java since it does not do so automatically and old versions still leave you vulnerable.
Go to the Control Panel and enter Add or Remove Programs.
Search in the list for all previous installed versions of Java. (J2SE Runtime Environment). Please uninstall/remove each of them.

Once old versions are gone, please install the newest version.

=====

I notice that you are using more than one antivirus program.

• AVG
  
• Avast!
  

This is very dangerous, as multiple AVs can interfere with one another and actually allow MORE viruses to get through.
It is important that only ONE antivirus program is running realtime protection.
I strongly suggest you either (1) uninstall all but one antivirus program through Control Panel->Add or remove Programs,
OR (2) keep the programs, but leave all but one of them disabled most of the time.
You can still use them for scanning your computer.

======

Please read the following information that I have provided, which will help you prevent malicious software in the future. Please keep in mind, malware is a continuous danger on the Internet. It is highly important to stay safe while browsing, to prevent re-infection.

Software recommendations

AntiSpyware

• SpywareBlaster
  SpywareBlaster is a program that prevents spyware from installing on your computer. A tutorial on using SpywareBlaster may be found here.
  
• Spybot - Search & Destroy.
  Spybot - Search & Destroy is a spyware and adware removal program. It also has realtime protection, TeaTimer to help safeguard your computer against spyware. (The link for Spybot - Search & Destroy contains a tutorial that will help you download, install, and begin using Spybot).
  

NOTE: Please keep ALL of these programs up-to-date and run them whenever you suspect a problem to prevent malware problems.

Resident Protection help
A number of programs have resident protection and it is a good idea to run the resident protection of one of each type of program to maintain protection. However, it is important to run only one resident program of each type since they can conflict and become less effective. That means only one antivirus, firewall, and scanning anti-spyware program at a time. Passive protectors such as SpywareBlaster can be run with any of them.

Rogue programs help
There are a lot of rogue programs out there that want to scare you into giving them your money and some malware actually claims to be security programs. If you get a popup for a security program that you did not install yourself, do NOT click on it and ask for help immediately. It is very important to run an antivirus and firewall, but you can't always rely on reviews and ads for information. Ask in a security forum that you trust if you are not sure. If you are unsure and looking for anti-spyware programs, you can find out if it is a rogue here:
http://www.spywarewarrior.com/rogue_anti-spyware.htm

Securing your computer

• Windows Updates - It is very important to make sure that both Internet Explorer and Windows are kept current with the latest critical security patches from Microsoft. To do this just start Internet Explorer and select Tools > Windows Update, and follow the online instructions from there.
  
• hpHosts file replaces your current HOSTS file with one containing well known ad sites and other bad sites. This prevents your computer from connecting to those sites by redirecting them to 127.0.0.1, which is your local computer's loopback address, meaning it will be difficult to infect your computer in the future.
  

Please consider using an alternate browser
Mozilla's Firefox browser is a very good alternative. In addition to being generally more secure than Internet Explorer, it has a very good built-in popup blocker and add-ons, like NoScript, can make it even more secure. Opera is another good option.

If you are interested:

• Firefox may be downloaded from here: http://www.getfirefox.com
  
• Opera is available here: http://www.opera.com/download/
  

Thank you for choosing GeekPolice. Please see this page if you would like to leave feedback or contribute to our site. Do you have any more questions?

I was working on these this weekend. The Windows XP Pack 3 will not download. I updated my Windows, firefox and Java. I also downloaded SpyBLaster. I have not done the hpHosts yet and I got rid of the Z alarm and AVG.

I will have another question when I get this other fixed.

We Need to Diagnose a Possible Problem with WGA
This may be preventing you from installing that service pack.

1. Please download MGADiag and save it to your desktop.
   
2. Double click the icon on your desktop.
   
3. Push
   
4. Push
   
5. Go to Start -> Run and type in "Notepad"
   
6. Go to Edit -> Paste in notepad.
   
7. x out all of the numbers and letters in the line beginning with "Windows Product Key:"
   
8. Copy and paste that log here.

Here is the log from the above message.

I cannot activate my avast and I get an error about Setup detecting another program and need to reboot, but that doesn't help. I have tried to uninstall it but it won't do that either.

Diagnostic Report (1.9.0019.0):
-----------------------------------------
WGA Data-->
Validation Status: Genuine
Validation Code: 0

Cached Validation Code: N/A
Windows Product Key: *****-*****-xxxxxxxxxxxxxxxxxxxxx
Windows Product Key Hash: 2V2VyxlfhiaCt/JkDzYQfiNOHMA=
Windows Product ID: 76477-OEM-2111907-00106
Windows Product ID Type: 2
Windows License Type: OEM SLP
Windows OS version: 5.1.2600.2.00010300.2.0.hom
ID: {966594BA-E0EC-494B-AE58-342FB989F845}(1)
Is Admin: Yes
TestCab: 0x0
WGA Version: Registered, 1.7.69.2
Signed By: Microsoft
Product Name: N/A
Architecture: N/A
Build lab: N/A
TTS Error: N/A
Validation Diagnostic: 025D1FF3-230-1
Resolution Status: N/A

WgaER Data-->
ThreatID(s): N/A
Version: N/A

WGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
File Exists: No
Version: N/A, hr = 0x80070002
WgaTray.exe Signed By: N/A, hr = 0x80070002
WgaLogon.dll Signed By: N/A, hr = 0x80070002

OGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
OGAExec.exe Signed By: N/A, hr = 0x80070002
OGAAddin.dll Signed By: N/A, hr = 0x80070002

OGA Data-->
Office Status: 109 N/A
OGA Version: N/A, 0x80070002
Signed By: N/A, hr = 0x80070002
Office Diagnostics: 025D1FF3-230-1

Browser Data-->
Proxy settings: N/A
User Agent: Mozilla/4.0 (compatible; MSIE 7.0; Win32)
Default Browser: C:\Program Files\Mozilla Firefox\firefox.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
script ActiveX controls marked as safe for scripting: Allowed

File Scan Data-->

Other data-->
Office Details: {966594BA-E0EC-494B-AE58-342FB989F845}1.9.0019.05.1.2600.2.00010300.2.0.homx32*****-*****-*****-*****-3PMFT76477-OEM-2111907-001062S-1-5-21-2658222305-1247595720-3682839384Compaq Presario 061PX801AA-ABA SR1520NX NA530Phoenix Technologies, LTD 3.1220050420000000.000000+000HP PAVILIOND1D23AD70184405D04090409Pacific Standard Time(GMT-08:00)02Hewlett-Packard CompanyCompaq Presario109

Licensing Data-->
N/A

Windows Activation Technologies-->
N/A

HWID Data-->
N/A

OEM Activation 1.0 Data-->
BIOS string matches: yes
Marker string from BIOS: E06B:Compaq Computer Corporation|1085F:Compaq Computer Corporation|E10D:Compaq Computer Corporation|108FD:Compaq Computer Corporation|108FD:Compaq Computer Corporation|E10D:Hewlett-Packard Company|1DA50:Hewlett-Packard Company
Marker string from OEMBIOS.DAT: HP PAVILION

OEM Activation 2.0 Data-->
N/A

Odd.

Please navigate to this webpage: http://support.microsoft.com/kb/313222 and see the section "Fix it for me" and click the Microsoft Fix-It button. This will download a fix utility to repair the security settings on your computer, due to damages of malware or other harmful system changes. Install the file after download.

Then, let me know if you can do the update.

Well, the computer came close to the trash can lastnight. I think I got the Microsoft Fix it done, but the mouse kept highlighting everything and making me double click on everything and being VERY slow, so I went to my daughters ballgame instead of killing it. I will check it tonight and let you know. Sorry.

Please download avast! ANTIROOTKIT from avast.com and save it to your Desktop.

Note: to prevent false positives, please quit all running programs before starting the scan!

• Double-click on aswar.exe to start the program.
  
• Click Show Scan Options.
  
• Make sure the following checkboxes have checkmarks in them: hȋdden Files and Directories, hȋdden Services and Drivers, hȋdden Registry Keys and Values, hȋdden Processes, Log all scanned items.
  
• Click the big Scan Now! button.
  
• Click View scan log. Please post the contents of that log in your next reply. If the scan log will not launch, please tell me.

I will do this when I get home... Thanks

Ok. Post when ready. I think there is an infection hiding.

I could not do anything. I would get on internet and all would freeze.

Should I be in Safe Mode?

You can try it. Let me know what happens.

okay, I will after I get home.

Post when ready.

Couldn't get the computer to reboot at all lastnight. I will try one more time tonight. I was not DBL clicking on the Windows XP, but it wouldn't reboot normal either. I will let you know tonight, if it works, or tomorrow.

Thanks

Ok

still nothing. I hit the F8 key before it boots....then select safe mode.... the words safe mode appear at the bottom in blue...then I have the choice of which windows...but I can't dbl click. What about the "Quick Restore" disk?
Don't have a clue at this point.

What I highly recommend now is a reformat and a reinstallation of Windows XP.

Please let me know if you are prepared to do so.


So, with that said, do you have your Windows XP CD?

Guides for format and reinstall: http://www.GeekPolice.net/tutorials-guides-f13/how-to-reformat-and-reinstall-your-operating-system-t15119.htm#95115

http://www.helpmyos.com/tutorials-software-alternatives-to-proprietary-f19/how-to-reformat-and-reinstall-your-operating-system-the-easy-way-t1307.htm#3143