Hi Dan. This is my home computer (the one with the problem). My work computer (who's google works) was how I found you guys.
I have removed Limewire & the Ask Toolbar as requested.
Here is the DDS results:DDS (Ver_09-02-01.01) - NTFSx86
Run by Chelsea at 17:59:06.90 on Thu 26/02/2009
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_11
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2037.1424 [GMT 11:00]
AV: avast! antivirus 4.8.1335 [VPS 090225-1] *On-access scanning disabled* (Updated)
============== Running Processes ===============
H:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
H:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
H:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
H:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
H:\Program Files\Alwil Software\Avast4\ashServ.exe
H:\WINDOWS\Explorer.EXE
H:\WINDOWS\system32\igfxtray.exe
H:\WINDOWS\system32\igfxsrvc.exe
H:\WINDOWS\system32\igfxpers.exe
H:\WINDOWS\RTHDCPL.EXE
H:\Program Files\CyberLink\PCM4Everio\EverioService.exe
H:\Program Files\Java\jre6\bin\jusched.exe
H:\Program Files\Windows Live\Family Safety\fsui.exe
H:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
H:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
H:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
H:\WINDOWS\system32\ctfmon.exe
H:\Program Files\Windows Live\Messenger\msnmsgr.exe
H:\Program Files\Windows Desktop Search\WindowsSearch.exe
H:\WINDOWS\system32\spoolsv.exe
H:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
H:\Program Files\Windows Live\Family Safety\fsssvc.exe
H:\Program Files\Java\jre6\bin\jqs.exe
H:\Program Files\Common Files\LightScribe\LSSrvc.exe
H:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
H:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
h:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
H:\WINDOWS\system32\SearchIndexer.exe
H:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
H:\Program Files\Alwil Software\Avast4\ashWebSv.exe
H:\Program Files\Windows Live\Contacts\wlcomm.exe
H:\WINDOWS\system32\wuauclt.exe
H:\WINDOWS\system32\wuauclt.exe
H:\WINDOWS\system32\notepad.exe
H:\WINDOWS\system32\SearchProtocolHost.exe
H:\WINDOWS\system32\wscntfy.exe
H:\Documents and Settings\Chelsea\Desktop\dds.scr
============== Pseudo HJT Report ===============
uStart Page =
hxxp://www.google.com.au/uInternet Settings,ProxyServer = http=10.16.63.13:9877
BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - h:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: Windows Live Family Safety Browser Helper Class: {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - h:\program files\windows live\family safety\fssbho.dll
BHO: Click-to-Call BHO: {5c255c8a-e604-49b4-9d64-90988571cecb} - h:\program files\windows live\messenger\wlchtc.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - h:\program files\microsoft\search enhancement pack\search helper\SearchHelper.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - h:\program files\java\jre6\bin\ssv.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - h:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - h:\program files\google\googletoolbarnotifier\5.0.926.3450\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - h:\program files\java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - h:\program files\windows live\toolbar\wltcore.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - h:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - h:\program files\windows live\toolbar\wltcore.dll
uRun: [LightScribe Control Panel] h:\program files\common files\lightscribe\LightScribeControlPanel.exe -hidden
uRun: [ctfmon.exe] h:\windows\system32\ctfmon.exe
uRun: [MsnMsgr] "h:\program files\windows live\messenger\msnmsgr.exe" /background
mRun: [IgfxTray] h:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] h:\windows\system32\hkcmd.exe
mRun: [Persistence] h:\windows\system32\igfxpers.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [Alcmtr] ALCMTR.EXE
mRun: [GEST] =
mRun: [NeroFilterCheck] h:\program files\common files\nero\lib\NeroCheck.exe
mRun: [EverioService] "h:\program files\cyberlink\pcm4everio\EverioService.exe"
mRun: [SunJavaUpdateSched] "h:\program files\java\jre6\bin\jusched.exe"
mRun: [fssui] "h:\program files\windows live\family safety\fsui.exe" -autorun
mRun: [avast!] h:\progra~1\alwils~1\avast4\ashDisp.exe
mRun: [Ad-Watch] h:\program files\lavasoft\ad-aware\AAWTray.exe
dRun: [CTFMON.EXE] h:\windows\system32\CTFMON.EXE
StartupFolder: h:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - h:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
StartupFolder: h:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - h:\program files\windows desktop search\WindowsSearch.exe
IE: E&xport to Microsoft Excel - h:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - h:\program files\messenger\msmsgs.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - h:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - h:\progra~1\micros~2\office12\REFIEBAR.DLL
Trusted Zone: ebay.com.au\signin
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} -
hxxp://upload.facebook.com/controls/200 ... oader5.cabDPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} -
hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cabDPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} -
hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cabDPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} -
hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cabDPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} -
hxxp://fpdownload2.macromedia.com/get/s ... wflash.cabTCP: {B4399E96-14B6-4220-9C3D-FD3AC2BBE8D0} = 61.88.88.88
Notify: igfxcui - igfxdev.dll
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - h:\program files\windows desktop search\MSNLNamespaceMgr.dll
================= FIREFOX ===================
FF - ProfilePath - h:\docume~1\chelsea\applic~1\mozilla\firefox\profiles\ctu4c0p3.default\
FF - prefs.js: browser.search.defaulturl -
hxxp://search.live.com/results.aspx?FORM=IEFM1&q=FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage -
hxxp://www.google.com.auFF - prefs.js: keyword.URL -
hxxp://search.live.com/results.aspx?FORM=IEFM1&q=FF - prefs.js: network.proxy.http - 10.16.63.13
FF - prefs.js: network.proxy.http_port - 9877
FF - prefs.js: network.proxy.type - 1
FF - plugin: h:\program files\google\google updater\2.4.1487.6512\npCIDetect13.dll
FF - plugin: h:\program files\microsoft\office live\npOLW.dll
FF - plugin: h:\program files\windows live\photo gallery\NPWLPG.dll
============= SERVICES / DRIVERS ===============
R1 aswSP;avast! Self Protection;h:\windows\system32\drivers\aswSP.sys [2009-2-24 114768]
R2 aswFsBlk;aswFsBlk;h:\windows\system32\drivers\aswFsBlk.sys [2009-2-24 20560]
R2 avast! Antivirus;avast! Antivirus;h:\program files\alwil software\avast4\ashServ.exe [2009-2-24 138680]
R2 BcmSqlStartupSvc;Business Contact Manager SQL Server Startup Service;h:\program files\microsoft small business\business contact manager\BcmSqlStartupSvc.exe [2008-1-11 30312]
R2 fssfltr;FssFltr;h:\windows\system32\drivers\fssfltr_tdi.sys [2008-12-21 55136]
R2 fsssvc;Windows Live Family Safety;h:\program files\windows live\family safety\fsssvc.exe [2009-2-6 533360]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;h:\program files\lavasoft\ad-aware\AAWService.exe [2009-1-19 921936]
R2 SeaPort;SeaPort;h:\program files\microsoft\search enhancement pack\seaport\SeaPort.exe [2009-1-14 226656]
R3 avast! Mail Scanner;avast! Mail Scanner;h:\program files\alwil software\avast4\ashMaiSv.exe [2009-2-24 254040]
R3 avast! Web Scanner;avast! Web Scanner;h:\program files\alwil software\avast4\ashWebSv.exe [2009-2-24 352920]
R3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ);h:\program files\microsoft sql server\mssql.1\mssql\binn\sqlservr.exe [2008-12-18 29181272]
=============== Created Last 30 ================
2009-02-24 22:59 15,688 a------- h:\windows\system32\lsdelete.exe
2009-02-24 22:10 <DIR> -cd-h--- h:\docume~1\alluse~1\applic~1\{83C91755-2546-441D-AC40-9A6B4B860800}
2009-02-24 22:10 <DIR> --d----- h:\program files\Lavasoft
2009-02-24 20:54 <DIR> --d----- h:\docume~1\chelsea\applic~1\Malwarebytes
2009-02-24 20:54 15,504 a------- h:\windows\system32\drivers\mbam.sys
2009-02-24 20:54 38,496 a------- h:\windows\system32\drivers\mbamswissarmy.sys
2009-02-24 20:54 <DIR> --d----- h:\program files\Malwarebytes' Anti-Malware
2009-02-24 20:54 <DIR> --d----- h:\docume~1\alluse~1\applic~1\Malwarebytes
2009-02-22 19:07 <DIR> --d----- h:\program files\SmartDraw 2009
2009-02-18 18:09 0 a------- H:\p3.bat
2009-02-12 21:13 <DIR> --d----- h:\windows\SQLTools9_KB960089_ENU
2009-02-12 21:11 <DIR> --d----- h:\windows\SQL9_KB960089_ENU
2009-02-06 19:03 307,576 a------- h:\windows\WLXPGSS.SCR
2009-02-06 18:52 49,504 a------- h:\windows\system32\sirenacm.dll
2009-02-04 18:59 344,064 a------- h:\windows\system32\msvcr70.dll
2009-02-04 18:58 <DIR> --d----- h:\program files\DVDVideoSoft
2009-02-04 18:58 <DIR> --d----- h:\program files\common files\DVDVideoSoft
2009-02-03 22:29 24 a------- h:\windows\system32\sysogg.dll
2009-02-03 22:24 1,703,936 a------- h:\windows\system32\NCTAudioFile.dll
2009-02-03 22:24 233,472 a------- h:\windows\system32\lame_enc.dll
2009-02-03 22:24 140,288 a------- h:\windows\system32\Comdlg32.ocx
2009-02-03 22:24 <DIR> --d----- h:\program files\MP3 Converter Simple
2009-02-03 22:18 <DIR> --d----- h:\docume~1\chelsea\applic~1\LimeWire
2009-02-03 22:17 410,984 a------- h:\windows\system32\deploytk.dll
2009-02-03 22:17 73,728 a------- h:\windows\system32\javacpl.cpl
==================== Find3M ====================
2008-12-31 17:04 691,560 a------- h:\windows\system32\OGACheckControl.dll
2008-12-31 17:04 528,744 a------- h:\windows\system32\OGAVerify.exe
2008-12-31 17:04 502,120 a------- h:\windows\system32\OGAAddin.dll
2008-12-21 10:15 826,368 a------- h:\windows\system32\wininet.dll
2008-12-13 15:35 1,851,544 a------- H:\install_flash_player.exe
============= FINISH: 17:59:19.95 ===============
Here is the DDS Attach results:UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
DDS (Ver_09-02-01.01)
Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume1
Install Date: 25/11/2008 6:50:21 PM
System Uptime: 26/02/2009 5:50:42 PM (0 hours ago)
Motherboard: Gigabyte Technology Co., Ltd. | | G31M-S2L
Processor: Intel Pentium III Xeon processor | Socket 775 | 2666/266mhz
==== Disk Partitions =========================
D: is Removable
E: is Removable
F: is Removable
G: is CDROM ()
H: is FIXED (NTFS) - 233 GiB total, 216.909 GiB free.
I: is Removable
==== Disabled Device Manager Items =============
==== System Restore Points ===================
RP13: 27/11/2008 9:12:39 PM - Installed Microsoft Office Outlook Connector
RP14: 27/11/2008 9:21:38 PM - Installed Windows XP KB915800-v4.
RP15: 27/11/2008 9:21:55 PM - Installed Windows XP Windows Search 4.0.
RP16: 27/11/2008 9:54:50 PM - Software Distribution Service 3.0
RP17: 27/11/2008 9:56:22 PM - Installed Windows NLSDownlevelMapping.
RP18: 27/11/2008 9:56:35 PM - Installed Windows IDNMitigationAPIs.
RP19: 27/11/2008 9:57:35 PM - Installed Windows Internet Explorer 7.
RP20: 27/11/2008 9:58:02 PM - Software Distribution Service 3.0
RP21: 27/11/2008 10:08:26 PM - Software Distribution Service 3.0
RP22: 27/11/2008 10:23:00 PM - Software Distribution Service 3.0
RP23: 29/11/2008 5:59:37 PM - Installed Windows Live installer
RP24: 29/11/2008 6:00:18 PM - Installed Windows Live
RP25: 29/11/2008 6:16:43 PM - Installed Windows Live Messenger
RP26: 29/11/2008 6:17:50 PM - Installed Windows Live Sign-in Assistant
RP27: 5/12/2008 7:35:36 AM - System Checkpoint
RP28: 6/12/2008 6:34:08 PM - System Checkpoint
RP29: 9/12/2008 8:03:13 PM - System Checkpoint
RP30: 13/12/2008 4:06:02 PM - Software Distribution Service 3.0
RP31: 18/12/2008 6:33:53 PM - Software Distribution Service 3.0
RP32: 20/12/2008 9:18:20 PM - Removed Microsoft Office Outlook Connector
RP33: 20/12/2008 9:18:39 PM - Installed Microsoft Office Outlook Connector
RP34: 21/12/2008 3:54:42 PM - Installed Windows XP KB954708.
RP35: 21/12/2008 3:54:57 PM - Installed DirectX
RP36: 24/12/2008 5:19:32 PM - System Checkpoint
RP37: 26/12/2008 11:16:31 AM - Installed Digital Photo Navigator 1.5
RP38: 29/12/2008 8:00:42 PM - System Checkpoint
RP39: 2/01/2009 10:20:07 AM - System Checkpoint
RP40: 3/01/2009 6:24:22 PM - System Checkpoint
RP41: 7/01/2009 1:08:41 PM - System Checkpoint
RP42: 14/01/2009 1:11:43 PM - Software Distribution Service 3.0
RP43: 15/01/2009 3:16:45 PM - Software Distribution Service 3.0
RP44: 17/01/2009 5:52:40 PM - System Checkpoint
RP45: 19/01/2009 8:00:54 PM - System Checkpoint
RP46: 21/01/2009 9:04:36 PM - System Checkpoint
RP47: 23/01/2009 2:34:44 PM - System Checkpoint
RP48: 25/01/2009 11:37:41 AM - System Checkpoint
RP49: 27/01/2009 8:01:10 PM - System Checkpoint
RP50: 3/02/2009 10:51:12 PM - System Checkpoint
RP51: 7/02/2009 5:00:36 PM - System Checkpoint
RP52: 8/02/2009 6:11:38 PM - System Checkpoint
RP53: 10/02/2009 10:23:07 AM - System Checkpoint
RP54: 11/02/2009 8:22:28 PM - Software Distribution Service 3.0
RP55: 12/02/2009 8:33:07 PM - System Checkpoint
RP56: 12/02/2009 9:11:00 PM - Software Distribution Service 3.0
RP57: 14/02/2009 5:25:17 PM - System Checkpoint
RP58: 15/02/2009 6:58:57 PM - System Checkpoint
RP59: 18/02/2009 6:35:01 PM - System Checkpoint
RP60: 21/02/2009 10:00:07 PM - System Checkpoint
RP61: 21/02/2009 10:03:46 PM - Installed DirectX
RP62: 23/02/2009 7:40:22 PM - System Checkpoint
RP63: 25/02/2009 6:15:41 PM - Removed Kaspersky Anti-Virus 6.0.
RP64: 25/02/2009 7:00:14 PM - Software Distribution Service 3.0
==== Installed Programs ======================
2007 Microsoft Office Suite Service Pack 1 (SP1)
Ad-Aware
Adobe Flash Player 10 ActiveX
Adobe Reader 7.0
avast! Antivirus
Business Contact Manager for Outlook 2007 SP1
Choice Guard
Digital Photo Navigator 1.5
Free YouTube to Mp3 Converter version 3.1
GDR 3077 for SQL Server Database Services 2005 ENU (KB960089)
GDR 3077 for SQL Server Tools and Workstation Components 2005 ENU (KB960089)
Google Updater
HijackThis 2.0.2
Hotfix for Windows XP (KB915800-v4)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954708)
Intel(R) Graphics Media Accelerator Driver
Java(TM) 6 Update 11
Junk Mail filter update
LightScribe System Software 1.10.16.1
Malwarebytes' Anti-Malware
Microsoft .NET Framework 2.0 Service Pack 1
Microsoft Application Error Reporting
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office 2003 Web Components
Microsoft Office 2007 Primary Interop Assemblies
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Accounting 2008
Microsoft Office Accounting 2008 Equifax Addin
Microsoft Office Accounting 2008 Fixed Asset Manager
Microsoft Office Accounting 2008 PayPal Addin
Microsoft Office Accounting ADP Payroll Addin
Microsoft Office Excel MUI (English) 2007
Microsoft Office Live Add-in 1.3
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Small Business Connectivity Components
Microsoft Office Word MUI (English) 2007
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft Software Update for Web Folders (English) 12
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
Microsoft SQL Server 2005 Tools Express Edition
Microsoft SQL Server Native Client
Microsoft SQL Server Setup Support Files (English)
Microsoft SQL Server VSS Writer
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Mozilla Firefox (3.0.6)
MP3 Converter Simple
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 6.0 Parser
Nero 8 Essentials
neroxml
OGA Notifier 1.7.0105.35.0
PowerCinema NE for Everio
REALTEK GbE & FE Ethernet PCI-E NIC Driver
Realtek High Definition Audio Driver
Security Update for 2007 Microsoft Office System (KB951550)
Security Update for 2007 Microsoft Office System (KB951944)
Security Update for 2007 Microsoft Office System (KB958439)
Security Update for Microsoft Office Excel 2007 (KB958437)
Security Update for Microsoft Office PowerPoint 2007 (KB951338)
Security Update for Microsoft Office Publisher 2007 (KB950114)
Security Update for Microsoft Office system 2007 (KB954326)
Security Update for Microsoft Office system 2007 (KB956828)
Security Update for Microsoft Office Word 2007 (KB956358)
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Media Player (KB952069)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956390)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB960715)
Segoe UI
Uninstall 1.0.0.1
Update for Microsoft Office Outlook 2007 (KB952142)
Update for Office 2007 (KB946691)
Update for Outlook 2007 Junk Email Filter (kb959634)
Update for Windows XP (KB898461)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
VCRedistSetup
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
WebFldrs XP
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 7
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live Mail
Windows Live Messenger
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Toolbar
Windows Live Upload Tool
Windows Live Writer
Windows Media Format Runtime
Windows Search 4.0
==== Event Viewer Messages From Past Week ========
21/02/2009 10:03:27 PM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
21/02/2009 10:03:27 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Windows Search service to connect.
21/02/2009 10:03:27 PM, error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
==== End Of File ===========================
And finally here is the GMER ... I did this in two rounds because I wasnt sure if the first bit was enough so I did the full scan too.
1st results:GMER 1.0.14.14536 -
http://www.gmer.netRootkit scan 2009-02-26 18:03:58
Windows 5.1.2600 Service Pack 3
---- Devices - GMER 1.0.14 ----
AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
---- EOF - GMER 1.0.14 ----
Full scan from GmerGMER 1.0.14.14536 -
http://www.gmer.netRootkit scan 2009-02-26 18:07:44
Windows 5.1.2600 Service Pack 3
---- System - GMER 1.0.14 ----
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwClose [0xA79D76B8]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwCreateKey [0xA79D7574]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwDeleteValueKey [0xA79D7A52]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwDuplicateObject [0xA79D714C]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenKey [0xA79D764E]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenProcess [0xA79D708C]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenThread [0xA79D70F0]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwQueryValueKey [0xA79D776E]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwRestoreKey [0xA79D772E]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwSetValueKey [0xA79D78AE]
---- User code sections - GMER 1.0.14 ----
.text H:\Program Files\Windows Live\Family Safety\fsssvc.exe[824] ADVAPI32.dll!RegOpenKeyExA 77DD7842 5 Bytes JMP 0101F7BF H:\Program Files\Windows Live\Family Safety\fsssvc.exe (Family Safety Service/Microsoft Corporation)
.text H:\WINDOWS\system32\SearchIndexer.exe[2180] kernel32.dll!WriteFile 7C810E17 7 Bytes JMP 00585C0C H:\WINDOWS\system32\MSSRCH.DLL (mssrch.dll/Microsoft Corporation)
---- User IAT/EAT - GMER 1.0.14 ----
IAT H:\WINDOWS\system32\services.exe[748] @ H:\WINDOWS\system32\services.exe [ADVAPI32.dll!CreateProcessAsUserW] 003A0002
IAT H:\WINDOWS\system32\services.exe[748] @ H:\WINDOWS\system32\services.exe [KERNEL32.dll!CreateProcessW] 003A0000
---- Devices - GMER 1.0.14 ----
AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
---- Registry - GMER 1.0.14 ----
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS@StateIndex 1
---- EOF - GMER 1.0.14 ----
Really hope you can help