Do I understand correctly that you do not want me to attach my scanning logs, and to, instead, paste each log into this message window?

Please advise...
Thanks very much
Mark

Welcome aboard

Please, complete all steps listed here: HERE
All logs have to be pasted.

Please, observe following rules:

• Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
• If you're stuck, or you're not sure about certain step, always ask before doing anything else.
• Please refrain from running tools or applying updates other than those I suggest.
• Never run more than one scan at a time.
• Keep updating me regarding your computer behavior, good, or bad.
• The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
• If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
• I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

Hi Broni... here are the following logs, pasted into this reply per your instructions
•Malwarebytes (MBAM)
•GMER
•MBRCheck
•DDS(2 logs)

Please let me know if you see any items of concern... Thanks much ... Mark

here they are:

Malwarebytes' Anti-Malware 1.51.0.1200
Malwarebytes : Free anti-malware, anti-virus and spyware removal download

Database version: 6837

Windows 5.1.2600 Service Pack 3 (Safe Mode)
Internet Explorer 8.0.6001.18702

6/12/2011 9:14:24 PM
mbam-log-2011-06-12 (21-14-24).txt

Scan type: Full scan (C:\|)
Objects scanned: 228573
Time elapsed: 14 minute(s), 34 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

--------

GMER 1.0.15.15640 - GMER - Rootkit Detector and Remover
Rootkit scan 2011-06-12 20:20:29
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 ST9160314AS rev.0001SDM1
Running: 9eyugdok.exe; Driver: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\fgtdypoc.sys


---- Kernel code sections - GMER 1.0.15 ----

? rvho.sys The system cannot find the file specified. !

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\Internet Explorer\iexplore.exe[584] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 3E2154BD C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[584] USER32.dll!CreateWindowExW 7E42D0A3 5 Bytes JMP 3E2EDB5C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[584] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 3E3E5117 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[584] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 3E3E5049 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[584] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 3E3E50B4 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[584] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 3E3E4F1A C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[584] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 3E3E4F7C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[584] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 3E3E517A C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[584] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 3E3E4FDE C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1136] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 3E2154BD C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1136] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 3E2E9B01 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1136] USER32.dll!CallNextHookEx 7E42B3C6 5 Bytes JMP 3E2DD125 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1136] USER32.dll!CreateWindowExW 7E42D0A3 5 Bytes JMP 3E2EDB5C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1136] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 3E254664 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1136] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 3E3E5117 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1136] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 3E3E5049 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1136] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 3E3E50B4 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1136] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 3E3E4F1A C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1136] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 3E3E4F7C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1136] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 3E3E517A C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1136] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 3E3E4FDE C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1136] ole32.dll!CoCreateInstance 774FF1AC 5 Bytes JMP 3E2EDBB8 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1136] ole32.dll!OleLoadFromStream 7752981B 5 Bytes JMP 3E3E547F C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1404] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 3E2154BD C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1404] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 3E2E9B01 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1404] USER32.dll!CallNextHookEx 7E42B3C6 5 Bytes JMP 3E2DD125 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1404] USER32.dll!CreateWindowExW 7E42D0A3 5 Bytes JMP 3E2EDB5C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1404] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 3E254664 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1404] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 3E3E5117 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1404] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 3E3E5049 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1404] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 3E3E50B4 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1404] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 3E3E4F1A C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1404] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 3E3E4F7C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1404] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 3E3E517A C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1404] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 3E3E4FDE C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1404] ole32.dll!CoCreateInstance 774FF1AC 5 Bytes JMP 3E2EDBB8 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1404] ole32.dll!OleLoadFromStream 7752981B 5 Bytes JMP 3E3E547F C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Program Files\Internet Explorer\iexplore.exe[1136] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [451F1ACB] C:\Program Files\Internet Explorer\xpshims.dll (Internet Explorer Compatibility Shims for XP/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[1404] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [451F1ACB] C:\Program Files\Internet Explorer\xpshims.dll (Internet Explorer Compatibility Shims for XP/Microsoft Corporation)

---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)

--------

aswMBR version 0.9.6.399 Copyright(c) 2011 AVAST Software
Run date: 2011-06-12 20:32:40
-----------------------------
20:32:40.656 OS Version: Windows 5.1.2600 Service Pack 3
20:32:40.656 Number of processors: 2 586 0xE08
20:32:40.656 ComputerName: MARK UserName:
20:32:41.281 Initialize success
20:32:47.781 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
20:32:47.796 Disk 0 Vendor: ST9160314AS 0001SDM1 Size: 152627MB BusType: 3
20:32:50.046 Disk 0 MBR read successfully
20:32:50.062 Disk 0 MBR scan
20:32:50.078 Disk 0 Windows XP default MBR code
20:32:52.093 Disk 0 scanning sectors +312576705
20:32:52.296 Disk 0 scanning C:\WINDOWS\system32\drivers
20:33:24.500 Service scanning
20:33:26.562 Disk 0 trace - called modules:
20:33:26.609 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
20:33:26.640 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86f47ab8]
20:33:26.640 3 CLASSPNP.SYS[f76aefd7] -> nt!IofCallDriver -> \Device\0000007b[0x86ee79e8]
20:33:26.640 5 ACPI.sys[f75f5620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x86f74940]
20:33:26.640 Scan finished successfully
20:34:34.687 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Administrator\My Documents\MBR.dat"
20:34:34.718 The log file has been saved successfully to "C:\Documents and Settings\Administrator\My Documents\aswMBR.txt"

---------

DDS (Ver_2011-06-12.02) - NTFSx86 NETWORK
Internet Explorer: 8.0.6001.18702
Run by Administrator at 20:48:51 on 2011-06-12
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1014.653 [GMT -6:00]
.
AV: Trend Micro Titanium Internet Security *Enabled/Updated* {7D2296BC-32CC-4519-917E-52E652474AF5}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.toshibadirect.com/dpdstart
uSearch Bar = hxxp://www.toshiba.com/search
uInternet Connection Wizard,ShellNext = hxxp://www.toshibadirect.com/dpdstart
mSearchAssistant =
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: TmIEPlugInBHO Class: {1ca1377b-dc1d-4a52-9585-6e06050fac53} - c:\program files\trend micro\amsp\module\20004\1.5.1464\6.6.1079\TmIEPlg. dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy\SDHelper.dll
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\DLASHX_W.DLL
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\googletoolbar1.dll
BHO: TmBpIeBHO Class: {bbacbafd-fa5e-4079-8b33-00eb9f13d4ac} - c:\program files\trend micro\amsp\module\20002\6.5.1234\6.5.1234\TmBpIe32 .dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn\YTSingleInstan ce.dll
TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar1.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [TOSCDSPD] c:\program files\toshiba\toscdspd\toscdspd.exe
uRunOnce: [Setup.exe] D:\Setup.exe
mRun: [TFncKy] TFncKy.exe
mRun: [TDispVol] TDispVol.exe
mRun: [igfxtray] c:\windows\system32\igfxtray.exe
mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe
mRun: [igfxpers] c:\windows\system32\igfxpers.exe
mRun: [ehTray] c:\windows\ehome\ehtray.exe
mRun: [THotkey] c:\program files\toshiba\toshiba applet\thotkey.exe
mRun: [SynTPLpr] c:\program files\synaptics\syntp\SynTPLpr.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [LtMoh] c:\program files\ltmoh\Ltmoh.exe
mRun: [AGRSMMSG] AGRSMMSG.exe
mRun: [NDSTray.exe] NDSTray.exe
mRun: [Tvs] c:\program files\toshiba\tvs\TvsTray.exe
mRun: [TPSMain] TPSMain.exe
mRun: [PadTouch] c:\program files\toshiba\touch and launch\PadExe.exe
mRun: [SmoothView] c:\program files\toshiba\toshiba zooming utility\SmoothView.exe
mRun: [dla] c:\windows\system32\dla\DLACTRLW.exe
mRun: [Pinger] c:\toshiba\ivp\ism\pinger.exe /run
mRun: [IntelZeroConfig] "c:\program files\intel\wireless\bin\ZCfgSvc.exe"
mRun: [IntelWireless] "c:\program files\intel\wireless\bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
mRun: [HP Software Update] "c:\program files\hp\hp software update\HPWuSchd2.exe"
mRun: [zBrowser Launcher] c:\program files\logitech\itouch\iTouch.exe
mRun: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
mRun: [<NO NAME>]
mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpd igi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpi mag~1.lnk - c:\program files\hp\digital imaging\bin\hpqthb08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\log ite~1.lnk - c:\program files\logitech\setpoint\SetPoint.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\met ama~1.lnk - c:\program files\metamail inc\metamail tray\Metamail Trust Manager.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\mic ros~1.lnk - c:\program files\microsoft office\office\OSA9.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\ram asst.lnk - c:\windows\system32\RAMASST.exe
IE: &Google Search - c:\program files\google\GoogleToolbar1.dll/cmsearch.html
IE: Backward Links - c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
IE: Cached Snapshot of Page - c:\program files\google\GoogleToolbar1.dll/cmcache.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: Similar Pages - c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
IE: Translate into English - c:\program files\google\GoogleToolbar1.dll/cmtrans.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBC} - c:\program files\java\jre1.5.0_04\bin\npjpi150_04.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab
TCP: DhcpNameServer = 192.168.0.1 205.171.3.65
TCP: Interfaces\{E6BEA809-4E1E-4433-A900-09A6276A191A} : DhcpNameServer = 192.168.0.1 205.171.3.65
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} -
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} -
Notify: igfxcui - igfxdev.dll
mASetup: {A509B1FF-37FF-4bFF-8CFF-4F3A747040FF} - c:\windows\system32\rundll32.exe c:\windows\system32\advpack.dll,launchinfsectionex c:\program files\internet explorer\clrtour.inf,DefaultInstall.ResetTour,,12
.
============= SERVICES / DRIVERS ===============
.
S1 lkbdhlpr;Logitech Keyboard Class Helper Driver;c:\windows\system32\drivers\LKBDHLPR.SYS [2011-6-1 9952]
S2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-6-11 366640]
S2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\dr ivers\mbam.sys [2011-6-11 22712]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\dr ivers\mbamswissarmy.sys [2011-6-11 39984]
.
=============== Created Last 30 ================
.
2011-06-11 19:38:50 -------- d-----w- c:\documents and settings\administrator\application data\Malwarebytes
2011-06-11 19:38:45 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-06-11 19:38:44 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
2011-06-11 19:38:42 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-06-11 19:38:42 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-06-11 05:32:24 -------- d-----w- c:\program files\CCleaner
2011-06-11 05:28:12 -------- d-sh--w- c:\documents and settings\administrator\PrivacIE
2011-06-11 03:45:05 -------- d-----w- c:\program files\Spybot - Search & Destroy
2011-06-11 03:45:05 -------- d-----w- c:\documents and settings\all users\application data\Spybot - Search & Destroy
2011-06-11 03:30:25 -------- d-----w- c:\program files\ARO 2011
2011-06-10 20:09:59 -------- d-sh--w- c:\documents and settings\administrator\IETldCache
2011-06-02 04:52:16 69760 ----a-w- c:\windows\system32\drivers\LMOUKE.sys
2011-06-02 04:52:16 55808 ----a-w- c:\windows\system32\drivers\L8042MOU.SYS
2011-06-02 04:52:07 53248 ----a-w- c:\windows\system32\KemXML.dll
2011-06-02 04:52:07 155648 ----a-w- c:\windows\system32\kemutb.dll
2011-06-02 04:52:07 126976 ----a-w- c:\windows\system32\KemUtil.dll
2011-06-02 04:52:07 110592 ----a-w- c:\windows\system32\KemWnd.dll
2011-06-02 04:51:41 94208 ----a-w- c:\windows\KHALMNPR.Exe
2011-06-02 04:51:41 27008 ----a-w- c:\windows\system32\drivers\LHidKE.Sys
2011-06-02 04:51:41 13568 ----a-w- c:\windows\system32\drivers\L8042Kbd.sys
2011-06-02 0457 -------- d-----w- c:\program files\common files\Logitech
2011-06-02 04:17:15 9952 ------w- c:\windows\system32\drivers\LKBDHLPR.SYS
2011-06-02 04:17:13 322832 ----a-w- c:\windows\system32\MFC30.DLL
2011-06-01 02:24:34 581632 ----a-w- c:\windows\system32\hpotscl.dll
2011-06-01 02:24:34 229376 ----a-w- c:\windows\system32\hpovst08.dll
2011-06-01 02:24:01 139345 ----a-w- c:\windows\system32\hpzlnt12.dll
2011-05-31 19:33:19 954368 -c----w- c:\windows\system32\dllcache\mfc40.dll
2011-05-31 19:33:18 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll
2011-05-31 19:32:56 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll
2011-05-31 19:31:05 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys
2011-05-31 19:26:53 45568 -c----w- c:\windows\system32\dllcache\wab.exe
2011-05-31 05:37:36 -------- d-----w- c:\windows\system32\scripting
2011-05-31 05:37:35 -------- d-----w- c:\windows\l2schemas
2011-05-31 05:37:34 -------- d-----w- c:\windows\system32\en
2011-05-31 05:37:34 -------- d-----w- c:\windows\system32\bits
2011-05-31 05:30:16 -------- d-----w- c:\windows\network diagnostic
2011-05-31 03:58:05 -------- d-----w- c:\program files\common files\HP
2011-05-31 03:54:58 -------- d-----w- c:\program files\common files\Hewlett-Packard
2011-05-31 0135 -------- d-----w- C:\temp
2011-05-31 0126 16496 ----a-r- c:\windows\system32\drivers\HPZipr12.sys
2011-05-31 0116 21504 ----a-w- c:\windows\system32\hidserv.dll
2011-05-31 0110 12160 -c--a-w- c:\windows\system32\dllcache\mouhid.sys
2011-05-31 0110 12160 ----a-w- c:\windows\system32\drivers\mouhid.sys
2011-05-31 0105 14592 ----a-w- c:\windows\system32\drivers\kbdhid.sys
2011-05-31 0103 51120 ----a-r- c:\windows\system32\drivers\HPZid412.sys
2011-05-31 01:19:38 10368 ----a-w- c:\windows\system32\drivers\hidusb.sys
2011-05-31 01:19:34 21744 ----a-r- c:\windows\system32\drivers\HPZius12.sys
2011-05-31 01:19:31 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
2011-05-31 01:19:08 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2011-05-31 01:18:49 32128 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2011-05-31 01:15:28 94208 ----a-w- c:\windows\system32\HPZipt12.dll
2011-05-31 01:15:28 69632 ----a-w- c:\windows\system32\HPZipm12.exe
2011-05-31 01:15:28 61440 ----a-w- c:\windows\system32\HPZinw12.exe
2011-05-31 01:15:28 57344 ----a-w- c:\windows\system32\HPZisn12.dll
2011-05-31 01:15:28 278584 ----a-w- c:\windows\system32\HPZidr12.dll
2011-05-31 01:15:28 204800 ----a-w- c:\windows\system32\HPZipr12.dll
2011-05-31 01:13:27 -------- d-----w- c:\program files\HP
2011-05-31 01:00:15 73216 ------w- c:\windows\system32\drivers\atintuxx.sys
2011-05-31 00:39:03 -------- d-----w- c:\program files\MSXML 4.0
2011-05-31 00:37:26 -------- d-----w- c:\windows\ServicePackFiles
2011-05-31 00:32:38 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe
2011-05-31 00:29:46 455936 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2011-05-31 00:29:38 3558912 -c----w- c:\windows\system32\dllcache\moviemk.exe
2011-05-31 00:29:14 343040 -c----w- c:\windows\system32\dllcache\mspaint.exe
2011-05-31 00:29:08 357888 -c----w- c:\windows\system32\dllcache\srv.sys
2011-05-31 00:28:02 81920 -c----w- c:\windows\system32\dllcache\fontsub.dll
2011-05-31 00:28:02 119808 -c----w- c:\windows\system32\dllcache\t2embed.dll
2011-05-31 00:27:12 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2011-05-31 00:23:32 153088 -c----w- c:\windows\system32\dllcache\triedit.dll
2011-05-31 00:22:57 2066432 -c----w- c:\windows\system32\dllcache\mstscax.dll
2011-05-31 00:19:48 5120 ----a-w- c:\windows\system32\xpsp4res.dll
2011-05-31 00:19:47 218112 -c----w- c:\windows\system32\dllcache\wordpad.exe
2011-05-31 00:19:06 1172480 -c----w- c:\windows\system32\dllcache\msxml3.dll
2011-05-31 00:18:57 337408 -c----w- c:\windows\system32\dllcache\netapi32.dll
2011-05-31 00:18:50 331776 -c----w- c:\windows\system32\dllcache\msadce.dll
2011-05-31 00:18:18 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2011-05-31 00:18:18 272128 ------w- c:\windows\system32\drivers\bthport.sys
2011-05-31 00:18:13 203136 -c----w- c:\windows\system32\dllcache\rmcast.sys
2011-05-31 00:17:44 23040 ------w- c:\windows\kb913800.exe
2011-05-31 00:15:05 -------- d-----w- c:\windows\system32\PreInstall
2011-05-31 00:08:58 -------- d-----w- c:\windows\ie8updates
2011-05-31 00:07:03 -------- dc-h--w- c:\windows\ie8
2011-05-31 00:06:53 -------- d--h--w- c:\windows\msdownld.tmp
2011-05-31 00:00:55 149504 -c----w- c:\windows\system32\dllcache\schannel.dll
2011-05-30 23:53:07 602112 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2011-05-30 23:53:07 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2011-05-30 23:53:06 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2011-05-30 23:53:06 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2011-05-30 23:53:05 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2011-05-30 23:53:05 1991680 -c----w- c:\windows\system32\dllcache\iertutil.dll
2011-05-30 23:53:03 11080704 -c----w- c:\windows\system32\dllcache\ieframe.dll
2011-05-30 23:44:03 -------- d-----w- c:\windows\system32\SoftwareDistribution
2011-05-30 23:40:24 -------- d-----w- c:\documents and settings\all users\application data\Trend Micro
2011-05-30 22:01:42 33104 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\msonpppr .dll
2011-05-30 22:01:42 32592 ----a-w- c:\windows\system32\msonpmon.dll
2011-05-30 21:46:47 -------- d-----w- c:\documents and settings\all users\application data\SBT
2011-05-30 21:46:36 -------- d-----w- c:\program files\Snapshot Viewer
2011-05-30 21:42:37 94208 ----a-w- c:\program files\common files\microsoft shared\web server extensions\40\bin\fpencode.dll
2011-05-30 19:30:28 21275 ----a-w- c:\windows\system32\drivers\AegisP.sys
2011-05-30 19:30:06 -------- d-----w- c:\documents and settings\administrator\application data\Intel
2011-05-30 19:10:49 -------- d-----w- c:\program files\AVerMedia
2011-05-30 19:10:39 45056 ----a-r- c:\documents and settings\administrator\application data\microsoft\installer\{6815fcdd-401d-481e-ba88-31b4754c2b46}\ARPPRODUCTICON.exe
2011-05-30 19:10:34 69632 ----a-r- c:\windows\system32\MCSysUtil.dll
2011-05-30 19:10:34 50176 ----a-w- c:\windows\system32\CSH.DLL
2011-05-30 19:10:34 4528 ----a-r- c:\windows\system32\SETBROWS.EXE
2011-05-30 19:10:34 163840 ----a-w- c:\windows\system32\MCCoreUtil.dll
2011-05-30 19:10:34 135168 ----a-w- c:\windows\system32\XML30Lib.dll
2011-05-30 19:10:32 -------- d-----w- c:\program files\Metamail Inc
2011-05-30 19:10:02 -------- d-----w- c:\program files\common files\InterVideo
2011-05-30 19:09:40 135168 ----a-w- c:\windows\system32\igfxres.dll
.
==================== Find3M ====================
.
.
============= FINISH: 20:49:09.00 ===============


--------

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-06-12.02)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 5/30/2011 1:30:52 PM
System Uptime: 6/11/2011 4:10:55 PM (28 hours ago)
.
Motherboard: Intel Corporation | | MPAD-MSAE Customer Reference Boards
Processor: Genuine Intel(R) CPU T2050 @ 1.60GHz | U1 | 1595/mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 149 GiB total, 128.936 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
6200
6200_Help
6200Trb
Adobe Flash Player 10 ActiveX
Adobe Reader 7.0
AiO_Scan
AiOSoftware
America Online (Choose which version to remove)
ARO 2011
Blasterball 2 Revolution
Bluetooth Stack for Windows by Toshiba
BufferChm
CCleaner
CD/DVD Drive Acoustic Silencer
Copy
CP_AtenaShokunin1Config
cp_dwShrek2Albums1
cp_dwShrek2Cards1
CreativeProjects
CreativeProjectsTemplates
CueTour
Destinations
Director
DocProc
DocumentViewer
DVD-RAM Driver
ESPNMotion
FATE
Fax
GemMaster Mystic
Google Toolbar for Internet Explorer
High Definition Audio Driver Package - KB888111
Hotfix for Windows Media Player 10 (KB903157)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB981793)
HP Extended Capabilities 4.7
HP Image Zone 4.7
HP Product Assistant
HP PSC & OfficeJet 4.7
HP Software Update
HPSystemDiagnostics
InstantShare
Intel(R) Graphics Media Accelerator Driver
Intel(R) PRO Network Connections Drivers
Intel(R) PROSet/Wireless Software
InterVideo WinDVD Creator 2
InterVideo WinDVD for TOSHIBA
J2SE Runtime Environment 5.0 Update 4
KhalSetup
Logitech iTouch Software
Logitech SetPoint
Logitech User's Guide
Macromedia Flash Player 8
Malwarebytes' Anti-Malware version 1.51.0.1200
MarketResearch
mCore
mDrWiFi
Metamail (Toshiba Registration Utility)
mHelp
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft Office 2000 Disc 2
Microsoft Office 2000 Small Business
Microsoft Office Excel MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Standard Edition 2003
Microsoft Office Word MUI (English) 2007
Microsoft Software Update for Web Folders (English) 12
Microsoft Visual C++ 2005 Redistributable
Microsoft Works
mIWA
mLogView
mMHouse
mPfMgr
mPfWiz
mProSafe
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
mWlsSafe
mXML
MyConnect Special Offer
mZConfig
Office 2003 Trial Assistant
Otto
PanoStandAlone
PhotoGallery
Polar Golfer
ProductContext
Pure Networks Port Magic
QFolder
QuickTime
Readme
RealPlayer Basic
Realtek High Definition Audio Driver
Scan
ScannerCopy
SCRABBLE
SD Secure Module
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2491683)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982665)
SkinsHP1
Sonic DLA
Sonic Encoders
Sonic RecordNow!
Spybot - Search & Destroy
Synaptics Pointing Device Driver
Texas Instruments PCIxx21/x515/xx12 drivers.
TIPCI
TOSHIBA Assist
TOSHIBA ConfigFree
TOSHIBA Controls
TOSHIBA Game Console
TOSHIBA Hotkey Utility
TOSHIBA PC Diagnostic Tool
TOSHIBA Power Saver
TOSHIBA SD Memory Card Format
TOSHIBA Software Modem
TOSHIBA Software Upgrades
TOSHIBA Speech System Applications
TOSHIBA Speech System SR Engine(U.S.) Version1.0
TOSHIBA Speech System TTS Engine(U.S.) Version1.0
TOSHIBA TouchPad ON/Off Utility
TOSHIBA TV Tuner 4.0.12.73
TOSHIBA Utilities
TOSHIBA Virtual Sound
TOSHIBA Zooming Utility
TrayApp
Unload
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Media Player 10 (KB910393)
Update for Windows Media Player 10 (KB913800)
Update for Windows XP (KB2345886)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update Rollup 2 for Windows XP Media Center Edition 2005
Viewpoint Media Player
WebFldrs XP
WebReg
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 8
Windows Media Format Runtime
Windows XP Media Center Edition 2005 KB2502898
Windows XP Media Center Edition 2005 KB888316
Windows XP Media Center Edition 2005 KB894553
Windows XP Media Center Edition 2005 KB895678
Windows XP Media Center Edition 2005 KB908250
Windows XP Media Center Edition 2005 KB973768
Windows XP Service Pack 3
Yahoo! Messenger
Yahoo! Music Engine
Yahoo! Software Update
Yahoo! Toolbar
.
==== Event Viewer Messages From Past Week ========
.
6/9/2011 9:50:45 PM, error: Dhcp [1002] - The IP address lease 192.168.0.4 for the Network Card with network address 0018DE06A28A has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).
6/8/2011 11:58:21 AM, error: Dhcp [1002] - The IP address lease 192.168.0.4 for the Network Card with network address 0018DE06A28A has been denied by the DHCP server 192.168.5.1 (The DHCP Server sent a DHCPNACK message).
6/10/2011 6:28:11 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
6/10/2011 631 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Fips intelppm lkbdhlpr
6/10/2011 2:11:17 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Fips intelppm lkbdhlpr tmtdi
6/10/2011 2:10:45 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
6/10/2011 2:10:00 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
6/10/2011 12:59:14 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the AOL TopSpeed Monitor service to connect.
6/10/2011 12:59:13 PM, error: Service Control Manager [7031] - The AOL TopSpeed Monitor service terminated unexpectedly. It has done this 4 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service.
6/10/2011 12:59:07 PM, error: Service Control Manager [7031] - The AOL TopSpeed Monitor service terminated unexpectedly. It has done this 3 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service.
6/10/2011 12:59:03 PM, error: Service Control Manager [7031] - The AOL TopSpeed Monitor service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service.
6/10/2011 12:59:00 PM, error: Service Control Manager [7031] - The AOL TopSpeed Monitor service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service.
6/10/2011 12:58:56 PM, error: Service Control Manager [7034] - The Pml Driver HPZ12 service terminated unexpectedly. It has done this 1 time(s).
6/10/2011 12:58:45 PM, error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
6/10/2011 1:26:44 PM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC000007F' while processing the file 'desktop.ini' on the volume 'HarddiskVolume2'. It has stopped monitoring the volume.
6/10/2011 1:23:32 PM, error: SideBySide [59] - Generate Activation Context failed for C:\WINDOWS\system32\cleanmgr.exe. Reference error message: The operation completed successfully. .
6/10/2011 1:23:32 PM, error: SideBySide [58] - Syntax error in manifest or policy file "C:\WINDOWS\system32\cleanmgr.exe" on line 0.
6/10/2011 1:11:03 PM, error: Service Control Manager [7034] - The Print Spooler service terminated unexpectedly. It has done this 3 time(s).
6/10/2011 1:08:02 PM, error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
6/10/2011 1:05:20 PM, error: Service Control Manager [7034] - The AOL TopSpeed Monitor service terminated unexpectedly. It has done this 5 time(s).
.
==== End Of File ===========================



Please let me know if I've gotten rid of the worm

Thanks much

Any particular reason why all scan have been done in Safe Mode?

I had to use Safe Mode because the worm would not let me log into my usual account, nor access any programs.

So... am I now cleansed of this worm?

Please advise and Thanks much!

We just barely started

Please download ComboFix from Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**

1. Please, never rename Combofix unless instructed.
2. Close any open browsers.
3. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
   
   • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
   • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
   
   NOTE1. If Combofix asks you to install Recovery Console, please allow it.
   NOTE 2. If Combofix asks you to update the program, always do so.
   
   • Close any open browsers.
   • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
   • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
   • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
4. Double click on combofix.exe & follow the prompts.
5. When finished, it will produce a report for you.
6. Please post the "C:\ComboFix.txt"

**Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall
**Note 2 for AVG users: ComboFix will not run until AVG is uninstalled as a protective measure against the anti-virus. This is because AVG "falsely" detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results". Since AVG cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG first.
Use AppRemover to uninstall it: Uninstall & Remove McAfee, Symantec, Norton, AVG, Avast & More Antivirus and Security Applications and Programs
We can reinstall it when we're done with CF.
**Note 3: If you receive an error "Illegal operation attempted on a registery key that has been marked for deletion", restart computer to fix the issue.



Make sure, you re-enable your security programs, when you're done with Combofix.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~

NOTE.
If, for some reason, Combofix refuses to run, try one of the following:

1. Run Combofix from Safe Mode.

2. Delete Combofix file, download fresh one, but rename combofix.exe to yourname.exe BEFORE saving it to your desktop.
Do NOT run it yet.

Please download and run the below tool named Rkill (courtesy of BleepingComputer.com) which may help allow other programs to run.

There are 4 different versions. If one of them won't run then download and try to run the other one.

Vista and Win7 users need to right click Rkill and choose Run as Administrator

You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

Rkill.com
Rkill.scr
Rkill.exe

• Double-click on the Rkill desktop icon to run the tool.
• If using Vista or Windows 7 right-click on it and choose Run As Administrator.
• A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
• If not, delete the file, then download and use the one provided in Link 2.
• If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
• Do not reboot until instructed.
• If the tool does not run from any of the links provided, please let me know.

Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

If normal mode still doesn't work, run BOTH tools from safe mode.

In case #2, please post BOTH logs, rKill and Combofix.

DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!