3 files I suspect are the virus are located in C:\Documents and Settings\WheelieD\Local Settings\temp
they were created 2/9/1013 12:13PM
I am not seeing them in the logs, the file name "2jfuweif.exe". There is 2 of them and 1 .TMP file
Symptoms: desktop locked up with full screen page telling me I have to pay to remove their crap off my PC, usual crap. No other issues that I can tell.
DDS (Ver_2012-11-20.01) - NTFS_x86 NETWORK
Internet Explorer: 6.0.2900.2180 BrowserJavaVersion: 1.6.0_26
Run by WheelieD at 12:57:50 on 2013-02-09
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1024.638 [GMT -6:00]
.
AV: AVG Internet Security Business Edition 2012 *Enabled/Outdated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: AVG Internet Security Business Edition 2012 *Enabled*
FW: AVG Firewall *Disabled*
.
============== Running Processes ================
.
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\WheelieD\Application Data\skype.dat
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
.
============== Pseudo HJT Report ===============
.
uWinlogon: Shell = explorer.exe,c:\documents and settings\wheelied\application data\skype.dat
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - c:\program files\divx\divx plus web player\ie\divxhtml5\DivXHTML5.dll
BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - c:\program files\avg\avg2012\avgssie.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
EB: {32683183-48a0-441b-a342-7c2a440a9478} - <orphaned>
mRun: [Smapp] c:\program files\analog devices\soundmax\SMTray.exe
mRun: [ATIPTA] "c:\program files\ati technologies\ati control panel\atiptaxx.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe"
uPolicies-Explorer: NoDriveTypeAutoRun = dword:323
uPolicies-Explorer: NoDriveAutoRun = dword:67108863
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
LSP: c:\program files\speedbit video accelerator\SBLSP.dll
DPF: {31435657-9980-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{251672E1-E781-4284-A357-9FD40756140E} : DHCPNameServer = 75.75.75.75 75.75.76.76
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\wheelied\application data\mozilla\firefox\profiles\nkfu5fx4.default\
FF - prefs.js: browser.startup.homepage - AOL.com - Netscape
FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npwachk.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_4_402_265.dll
FF - ExtSQL: 2013-01-18 01:22; {1E73965B-8B48-48be-9C8D-68B920ABC1C4}; c:\program files\avg\avg2012\Firefox4
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-4-19 24896]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2011-7-11 31952]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2011-7-11 301920]
R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [2011-5-23 30944]
S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2011-7-11 237408]
S1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-8-8 41040]
S2 avgfws;AVG Firewall;c:\program files\avg\avg2012\avgfws.exe [2012-6-13 2321560]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2012\avgidsagent.exe [2012-8-13 5167736]
S2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2012-2-14 193288]
S2 Skype C2C Service;Skype C2C Service;c:\documents and settings\all users\application data\skype\toolbars\skype c2c service\c2c_service.exe [2013-1-31 3289208]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-7-13 160944]
S2 VideoAcceleratorService;VideoAcceleratorService;c:\progra~1\speedb~1\videoacceleratorservice.exe -start -scm --> c:\progra~1\speedb~1\VideoAcceleratorService.exe -start -scm [?]
S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [2011-5-23 30944]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2011-12-23 139856]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\avgidsfilterx.sys [2011-12-23 24144]
S3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2011-12-23 17232]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2012-4-23 11520]
.
=============== Created Last 30 ================
.
2013-02-08 05:49:59 93696 ----a-w- c:\documents and settings\wheelied\7108252.dll
2013-01-31 16:42:40 5999736 ----a-w- c:\program files\mozilla firefox\extensions\{82af8dca-6de9-405d-bd5e-43525bdad38a}\components\SkypeFfComponent.dll
2013-01-18 08:10:01 -------- d--h--w- C:\$AVG
2013-01-18 07:23:39 -------- d-----w- c:\documents and settings\wheelied\application data\AVG2012
2013-01-18 07:19:40 -------- d-----w- c:\windows\system32\drivers\AVG
2013-01-18 07:19:40 -------- d-----w- c:\documents and settings\all users\application data\AVG2012
2013-01-18 06:50:38 -------- d-----w- c:\documents and settings\wheelied\local settings\application data\Avg2013
2013-01-18 04:23:06 -------- d-----w- c:\windows\pss
2013-01-17 19:10:27 -------- d-----w- c:\documents and settings\wheelied\application data\TuneUp Software
.
==================== Find3M ====================
.
.
============= FINISH: 12:58:21.42 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 7/12/2011 8:38:44 AM
System Uptime: 2/9/2013 12:43:13 PM (0 hours ago)
.
Motherboard: ASUSTeK Computer INC. | | A7V8X-X
Processor: AMD Athlon(TM) XP 3000+ | SOCKET A | 1739/166mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 19 GiB total, 1.44 GiB free.
E: is FIXED (NTFS) - 1863 GiB total, 1196.164 GiB free.
F: is CDROM ()
G: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP276: 1/17/2013 10:20:18 PM - Removed Microsoft IntelliPoint 8.1
RP277: 1/18/2013 12:28:58 AM - Installed WinZip 17.0
RP278: 1/18/2013 12:48:23 AM - Removed AVG 2013
RP279: 1/18/2013 12:51:03 AM - Removed AVG 2013
RP280: 1/18/2013 1:18:06 AM - Installed AVG 2012
RP281: 1/18/2013 1:19:08 AM - Installed AVG 2012
RP282: 1/18/2013 1:49:06 AM - Removed AVG 2012
RP283: 1/18/2013 2:17:36 AM - Removed AVG 2012
RP284: 1/19/2013 2:26:06 AM - System Checkpoint
RP285: 1/20/2013 3:24:47 AM - System Checkpoint
RP286: 1/21/2013 3:55:22 AM - System Checkpoint
RP287: 1/22/2013 1:49:15 AM - Removed WinZip 17.0
RP288: 1/23/2013 1:55:41 AM - System Checkpoint
RP289: 1/24/2013 2:40:52 AM - System Checkpoint
RP290: 1/25/2013 2:59:56 AM - System Checkpoint
RP291: 1/26/2013 3:27:27 AM - System Checkpoint
RP292: 1/27/2013 4:27:39 AM - System Checkpoint
RP293: 1/28/2013 5:27:23 AM - System Checkpoint
RP294: 1/29/2013 6:27:25 AM - System Checkpoint
RP295: 1/30/2013 7:27:23 AM - System Checkpoint
RP296: 1/31/2013 8:27:22 AM - System Checkpoint
RP297: 2/1/2013 9:34:46 AM - System Checkpoint
RP298: 2/2/2013 10:27:00 AM - System Checkpoint
RP299: 2/3/2013 11:27:00 AM - System Checkpoint
RP300: 2/4/2013 12:28:05 PM - System Checkpoint
RP301: 2/5/2013 2:03:16 PM - System Checkpoint
RP302: 2/6/2013 2:27:07 PM - System Checkpoint
RP303: 2/7/2013 2:30:57 PM - System Checkpoint
RP304: 2/8/2013 3:29:22 PM - System Checkpoint
.
==== Installed Programs ======================
.
Adobe AIR
Adobe Flash Player 11 Plugin
Adobe Reader XI
Apple Application Support
Apple Software Update
ATI - Software Uninstall Utility
ATI Control Panel
ATI Display Driver
ATI DVD Decoder 2.2.0.0
ATI HydraVision
ATI Multimedia Center 8.1.0.0
AVG 2012
DAO
DivX Setup
DVDDec
Google Update Helper
Java Auto Updater
Java(TM) 6 Update 26
Media Player Codec Pack 4.0.1
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
MMC81
Mozilla Firefox 18.0.2 (x86 en-US)
Mozilla Maintenance Service
MSXML 6.0 Parser (KB933579)
QuickTime
SES Driver
Skype Click to Call
Skype 5.10
SoundMAX
VC80CRTRedist - 8.0.50727.6195
WebFldrs XP
Winamp
Winamp Detector Plug-in
Windows Installer 3.1 (KB893803)
Windows Media Encoder 9 Series
Windows Media Format Runtime
Windows XP Service Pack 2
.
==== Event Viewer Messages From Past Week ========
.
2/9/2013 12:45:14 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AmdK7 Avgldx86 Avgmfx86 Fips
2/9/2013 12:22:37 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD AmdK7 Avgldx86 Avgmfx86 Avgtdix Fips IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss Tcpip WS2IFSL
2/9/2013 12:22:37 PM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD Networking Support Environment service which failed to start because of the following error: A device attached to the system is not functioning.
2/9/2013 12:22:37 PM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
2/9/2013 12:22:37 PM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
2/9/2013 12:22:37 PM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
2/9/2013 12:21:58 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
2/9/2013 12:21:49 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
2/9/2013 12:19:02 PM, error: Service Control Manager [7000] - The Google Update Service (gupdate) service failed to start due to the following error: The system cannot find the file specified.
.
==== End Of File ===========================
GMER log is too large to paste in here so I am attaching it.
they were created 2/9/1013 12:13PM
I am not seeing them in the logs, the file name "2jfuweif.exe". There is 2 of them and 1 .TMP file
Symptoms: desktop locked up with full screen page telling me I have to pay to remove their crap off my PC, usual crap. No other issues that I can tell.
DDS (Ver_2012-11-20.01) - NTFS_x86 NETWORK
Internet Explorer: 6.0.2900.2180 BrowserJavaVersion: 1.6.0_26
Run by WheelieD at 12:57:50 on 2013-02-09
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1024.638 [GMT -6:00]
.
AV: AVG Internet Security Business Edition 2012 *Enabled/Outdated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: AVG Internet Security Business Edition 2012 *Enabled*
FW: AVG Firewall *Disabled*
.
============== Running Processes ================
.
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\WheelieD\Application Data\skype.dat
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
.
============== Pseudo HJT Report ===============
.
uWinlogon: Shell = explorer.exe,c:\documents and settings\wheelied\application data\skype.dat
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - c:\program files\divx\divx plus web player\ie\divxhtml5\DivXHTML5.dll
BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - c:\program files\avg\avg2012\avgssie.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
EB: {32683183-48a0-441b-a342-7c2a440a9478} - <orphaned>
mRun: [Smapp] c:\program files\analog devices\soundmax\SMTray.exe
mRun: [ATIPTA] "c:\program files\ati technologies\ati control panel\atiptaxx.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe"
uPolicies-Explorer: NoDriveTypeAutoRun = dword:323
uPolicies-Explorer: NoDriveAutoRun = dword:67108863
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
LSP: c:\program files\speedbit video accelerator\SBLSP.dll
DPF: {31435657-9980-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{251672E1-E781-4284-A357-9FD40756140E} : DHCPNameServer = 75.75.75.75 75.75.76.76
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\wheelied\application data\mozilla\firefox\profiles\nkfu5fx4.default\
FF - prefs.js: browser.startup.homepage - AOL.com - Netscape
FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npwachk.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_4_402_265.dll
FF - ExtSQL: 2013-01-18 01:22; {1E73965B-8B48-48be-9C8D-68B920ABC1C4}; c:\program files\avg\avg2012\Firefox4
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-4-19 24896]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2011-7-11 31952]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2011-7-11 301920]
R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [2011-5-23 30944]
S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2011-7-11 237408]
S1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-8-8 41040]
S2 avgfws;AVG Firewall;c:\program files\avg\avg2012\avgfws.exe [2012-6-13 2321560]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2012\avgidsagent.exe [2012-8-13 5167736]
S2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2012-2-14 193288]
S2 Skype C2C Service;Skype C2C Service;c:\documents and settings\all users\application data\skype\toolbars\skype c2c service\c2c_service.exe [2013-1-31 3289208]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-7-13 160944]
S2 VideoAcceleratorService;VideoAcceleratorService;c:\progra~1\speedb~1\videoacceleratorservice.exe -start -scm --> c:\progra~1\speedb~1\VideoAcceleratorService.exe -start -scm [?]
S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [2011-5-23 30944]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2011-12-23 139856]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\avgidsfilterx.sys [2011-12-23 24144]
S3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2011-12-23 17232]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2012-4-23 11520]
.
=============== Created Last 30 ================
.
2013-02-08 05:49:59 93696 ----a-w- c:\documents and settings\wheelied\7108252.dll
2013-01-31 16:42:40 5999736 ----a-w- c:\program files\mozilla firefox\extensions\{82af8dca-6de9-405d-bd5e-43525bdad38a}\components\SkypeFfComponent.dll
2013-01-18 08:10:01 -------- d--h--w- C:\$AVG
2013-01-18 07:23:39 -------- d-----w- c:\documents and settings\wheelied\application data\AVG2012
2013-01-18 07:19:40 -------- d-----w- c:\windows\system32\drivers\AVG
2013-01-18 07:19:40 -------- d-----w- c:\documents and settings\all users\application data\AVG2012
2013-01-18 06:50:38 -------- d-----w- c:\documents and settings\wheelied\local settings\application data\Avg2013
2013-01-18 04:23:06 -------- d-----w- c:\windows\pss
2013-01-17 19:10:27 -------- d-----w- c:\documents and settings\wheelied\application data\TuneUp Software
.
==================== Find3M ====================
.
.
============= FINISH: 12:58:21.42 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 7/12/2011 8:38:44 AM
System Uptime: 2/9/2013 12:43:13 PM (0 hours ago)
.
Motherboard: ASUSTeK Computer INC. | | A7V8X-X
Processor: AMD Athlon(TM) XP 3000+ | SOCKET A | 1739/166mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 19 GiB total, 1.44 GiB free.
E: is FIXED (NTFS) - 1863 GiB total, 1196.164 GiB free.
F: is CDROM ()
G: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP276: 1/17/2013 10:20:18 PM - Removed Microsoft IntelliPoint 8.1
RP277: 1/18/2013 12:28:58 AM - Installed WinZip 17.0
RP278: 1/18/2013 12:48:23 AM - Removed AVG 2013
RP279: 1/18/2013 12:51:03 AM - Removed AVG 2013
RP280: 1/18/2013 1:18:06 AM - Installed AVG 2012
RP281: 1/18/2013 1:19:08 AM - Installed AVG 2012
RP282: 1/18/2013 1:49:06 AM - Removed AVG 2012
RP283: 1/18/2013 2:17:36 AM - Removed AVG 2012
RP284: 1/19/2013 2:26:06 AM - System Checkpoint
RP285: 1/20/2013 3:24:47 AM - System Checkpoint
RP286: 1/21/2013 3:55:22 AM - System Checkpoint
RP287: 1/22/2013 1:49:15 AM - Removed WinZip 17.0
RP288: 1/23/2013 1:55:41 AM - System Checkpoint
RP289: 1/24/2013 2:40:52 AM - System Checkpoint
RP290: 1/25/2013 2:59:56 AM - System Checkpoint
RP291: 1/26/2013 3:27:27 AM - System Checkpoint
RP292: 1/27/2013 4:27:39 AM - System Checkpoint
RP293: 1/28/2013 5:27:23 AM - System Checkpoint
RP294: 1/29/2013 6:27:25 AM - System Checkpoint
RP295: 1/30/2013 7:27:23 AM - System Checkpoint
RP296: 1/31/2013 8:27:22 AM - System Checkpoint
RP297: 2/1/2013 9:34:46 AM - System Checkpoint
RP298: 2/2/2013 10:27:00 AM - System Checkpoint
RP299: 2/3/2013 11:27:00 AM - System Checkpoint
RP300: 2/4/2013 12:28:05 PM - System Checkpoint
RP301: 2/5/2013 2:03:16 PM - System Checkpoint
RP302: 2/6/2013 2:27:07 PM - System Checkpoint
RP303: 2/7/2013 2:30:57 PM - System Checkpoint
RP304: 2/8/2013 3:29:22 PM - System Checkpoint
.
==== Installed Programs ======================
.
Adobe AIR
Adobe Flash Player 11 Plugin
Adobe Reader XI
Apple Application Support
Apple Software Update
ATI - Software Uninstall Utility
ATI Control Panel
ATI Display Driver
ATI DVD Decoder 2.2.0.0
ATI HydraVision
ATI Multimedia Center 8.1.0.0
AVG 2012
DAO
DivX Setup
DVDDec
Google Update Helper
Java Auto Updater
Java(TM) 6 Update 26
Media Player Codec Pack 4.0.1
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
MMC81
Mozilla Firefox 18.0.2 (x86 en-US)
Mozilla Maintenance Service
MSXML 6.0 Parser (KB933579)
QuickTime
SES Driver
Skype Click to Call
Skype 5.10
SoundMAX
VC80CRTRedist - 8.0.50727.6195
WebFldrs XP
Winamp
Winamp Detector Plug-in
Windows Installer 3.1 (KB893803)
Windows Media Encoder 9 Series
Windows Media Format Runtime
Windows XP Service Pack 2
.
==== Event Viewer Messages From Past Week ========
.
2/9/2013 12:45:14 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AmdK7 Avgldx86 Avgmfx86 Fips
2/9/2013 12:22:37 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD AmdK7 Avgldx86 Avgmfx86 Avgtdix Fips IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss Tcpip WS2IFSL
2/9/2013 12:22:37 PM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD Networking Support Environment service which failed to start because of the following error: A device attached to the system is not functioning.
2/9/2013 12:22:37 PM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
2/9/2013 12:22:37 PM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
2/9/2013 12:22:37 PM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
2/9/2013 12:21:58 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
2/9/2013 12:21:49 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
2/9/2013 12:19:02 PM, error: Service Control Manager [7000] - The Google Update Service (gupdate) service failed to start due to the following error: The system cannot find the file specified.
.
==== End Of File ===========================
GMER log is too large to paste in here so I am attaching it.