Inactive [InActive] Win32/Heur Virus

Hi I have this virus
my keyboard has been affected too
my log
DDS (Ver_09-03-16.01) - NTFSx86
Run by Kate at 23:15:56.64 on 06/04/2009
Internet Explorer: 6.0.2900.5512

============== Pseudo HJT Report ===============

uStart Page = hxxp://search.bearshare.com/uk/
uSearch Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com/ie
uSearch Bar = hxxp://www.google.com/ie
mSearch Bar = hxxp://uk.red.clientapps.yahoo.com/customize/btyahoo/defaults/sb/*http://uk.docs.yahoo.com/info/bt_side.html
uInternet Settings,ProxyOverride = 127.0.0.1
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn2\yt.dll
BHO: EpsonToolBandKicker Class: {e99421fb-68dd-40f0-b4ac-b7027cae2f1a} - c:\program files\epson\epson web-to-page\EPSON Web-To-Page.dll
TB: EPSON Web-To-Page: {ee5d279f-081b-4404-994d-c6b60aaeba6d} - c:\program files\epson\epson web-to-page\EPSON Web-To-Page.dll
TB: &RoboForm: {724d43a0-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn2\yt.dll
TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar1.dll
TB: Ask Toolbar: {fe063db9-4ec0-403e-8dd8-394c54984b2c} - c:\program files\asktbar\bar\1.bin\ASKTBAR.DLL
TB: AVG Security Toolbar: {a057a204-bacc-4d26-9990-79a187e2698e} - c:\progra~1\avg\avg8\AVGTOO~1.DLL
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [EPSON Stylus C46 Series] c:\windows\system32\spool\drivers\w32x86\3\E_S4I0T1.EXE /P23 "EPSON Stylus C46 Series" /M "Stylus C46" /EF "HKCU "
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\ahead\lib\NMBgMonitor.exe "
uRun: [Nero PhotoShow Media Manager] c:\progra~1\nero\neroph~1\data\xtras\mssysmgr.exe
uRun: [EPSON Stylus DX7400 Series] c:\windows\system32\spool\drivers\w32x86\3\e_faticde.exe /fu "c:\windows\temp\E_S8A.tmp" /EF "HKCU "
uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe
uRun: [BTAgile] c:\program files\bt broadband talk softphone\BTAgile.exe
mRun: [MMTray] c:\program files\musicmatch\musicmatch jukebox\mm_tray.exe
mRun: [SiS Tray] c:\windows\system32\sistray.EXE
mRun: [Sony Ericsson PC Suite] "c:\program files\sony ericsson\mobile2\application launcher\Application Launcher.exe" /startoptions
mRun: [Logitech Utility] Logi_MwX.Exe
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [Adobe Photo Downloader] "c:\program files\adobe\photoshop elements 5.0\apdproxy.exe "
mRun: [btbb_wcm_McciTrayApp] c:\program files\btbb_wcm\McciTrayApp.exe
mRun: [btbb_McciTrayApp] c:\program files\bt broadband desktop help\bin\BTHelpNotifier.exe
mRun: [YBrowser] c:\progra~1\yahoo!\browser\ybrwicon.exe
mRun: [AnyDVD] c:\program files\slysoft\anydvd\AnyDVD.exe
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Customize Menu - file://c:\program files\siber systems\ai roboform\RoboFormComCustomizeIEMenu.html
IE: Fill Forms - file://c:\program files\siber systems\ai roboform\RoboFormComFillForms.html
IE: RoboForm Toolbar - file://c:\program files\siber systems\ai roboform\RoboFormComShowToolbar.html
IE: Save Forms - file://c:\program files\siber systems\ai roboform\RoboFormComSavePass.html
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - c:\program files\siber systems\ai roboform\RoboFormComFillForms.html
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - c:\program files\siber systems\ai roboform\RoboFormComSavePass.html
IE: {724d43aa-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\RoboFormComShowToolbar.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC} - c:\program files\java\jre1.5.0_06\bin\ssv.dll
IE: {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - c:\progra~1\yahoo!\common\yiesrvc.dll
DPF: DirectAnimation Java Classes - file://c:\windows\java\classes\dajava.cab
DPF: Microsoft XML Parser for Java
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://www.apple.com/qtactivex/qtplugin.cab
DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} - hxxp://housecall60.trendmicro.com/housecall/xscan60.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204
DPF: {231B1C6E-F934-42A2-92B6-C2FEFEC24276} - c:\program files\yahoo!\common\yucconfig.dll
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper.dll
DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} - hxxp://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-3-48.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1177095687547
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} - hxxp://download.yahoo.com/dl/installs/ymail/ymmapi.dll
DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - hxxp://download.yahoo.com/dl/installs/yab_af.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Notify: avgrsstarter - avgrsstx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - c:\progra~1\wifd1f~1\MpShHook.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\kate\applic~1\mozilla\firefox\profiles\6ur5ka54.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://www.google.co.uk/
FF - component: c:\documents and settings\kate\application data\mozilla\firefox\profiles\6ur5ka54.default\extensions\{22119944-ed35-4ab1-910b-e619ea06a115}\components\rfproxy_27.dll
FF - component: c:\program files\avg\avg8\firefox\components\avgssff.dll
FF - component: c:\program files\avg\avg8\toolbarff\components\vmAVGConnector.dll
FF - component: c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\java\jre1.5.0_06\bin\NPJava11.dll
FF - plugin: c:\program files\java\jre1.5.0_06\bin\NPJava12.dll
FF - plugin: c:\program files\java\jre1.5.0_06\bin\NPJava13.dll
FF - plugin: c:\program files\java\jre1.5.0_06\bin\NPJava14.dll
FF - plugin: c:\program files\java\jre1.5.0_06\bin\NPJava32.dll
FF - plugin: c:\program files\java\jre1.5.0_06\bin\NPJPI150_06.dll
FF - plugin: c:\program files\java\jre1.5.0_06\bin\NPOJI610.dll
FF - plugin: c:\program files\mozilla firefox\plugins\NPEyeCheck.dll

============= SERVICES / DRIVERS ===============


=============== Created Last 30 ================

2009-04-06 22:12 <DIR> a-dshr-- C:\cmdcons
2009-04-06 22:09 181,248 a------- c:\windows\SWREG.exe
2009-04-06 22:09 117,760 a------- c:\windows\sed.exe
2009-04-06 22:09 73,728 a------- C:\pv.exe
2009-04-06 14:02 36,864 a------- c:\windows\system32\dpcxool64.sys
2009-04-06 14:02 21,704 a------- c:\windows\system32\vv.exe
2009-04-05 18:11 <DIR> --d----- c:\program files\DVDFab 5
2009-04-01 17:56 <DIR> --d----- c:\windows\system32\KB905474
2009-03-23 18:02 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Citrix
2009-03-23 18:01 61,480 a------- c:\documents and settings\kate\GoToAssistDownloadHelper.exe

==================== Find3M ====================

2009-04-03 23:06 2,728 a------- c:\windows\system32\d3d9caps.dat
2009-03-20 20:19 2,720 a------- c:\windows\system32\d3d8caps.dat
2009-02-28 20:10 325,128 a------- c:\windows\system32\drivers\avgldx86.sys
2009-02-28 20:10 10,520 a------- c:\windows\system32\avgrsstx.dll
2009-02-28 20:09 107,272 a------- c:\windows\system32\drivers\avgtdix.sys
2009-02-28 19:11 32,776 a---h--- c:\windows\system32\mlfcache.dat
2009-02-09 12:13 1,846,784 a------- c:\windows\system32\win32k.sys
2007-05-23 21:25 47,360 a------- c:\docume~1\kate\applic~1\pcouffin.sys
2004-09-10 13:40 94,208 a------- c:\program files\DECCHECK.exe
2004-09-10 13:40 5,970 a------- c:\program files\eula.txt

============= FINISH: 23:18:22.22 ===============

the other attach log says dont post. dont know how to zip it

combi log
ComboFix 09-04-04.01 - Kate 2009-04-06 22:16:22.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.495.66 [GMT 1:00]
Running from: c:\documents and settings\Kate\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated)
* Created a new restore point
.
ADS - WINDOWS: deleted 24 bytes in 1 streams.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Kate\Application Data\inst.exe
c:\program files\Accoona
c:\program files\Accoona\quiesce.exe
c:\program files\TinyProxy
c:\program files\tinyproxy\tinyproxy.exe
c:\windows\fmark2.dat
c:\windows\patch.exe
c:\windows\system32\afisicx.exe
c:\windows\system32\comsa32.sys
c:\windows\system32\drivers\svchost.exe
c:\windows\system32\ds43g4nfjkn93.dll
c:\windows\system32\tpszxyd.sys
c:\windows\system32\w.exe
c:\windows\Sysvxd.exe

Infected copy of c:\windows\system32\userinit.exe was found and disinfected
Restored copy from - c:\windows\$NtServicePackUninstall$\userinit.exe

Infected copy of c:\windows\system32\spoolsv.exe was found and disinfected
Restored copy from - c:\windows\$NtUninstallKB896423$\spoolsv.exe

Infected copy of c:\windows\explorer.exe was found and disinfected
Restored copy from - c:\windows\$NtUninstallKB938828$\explorer.exe

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_SECURITY_ACCOUNTS_MANAGER_(SAMSS)_
-------\Legacy_SOUND_SERVICE
-------\Service_Security Accounts Manager (SamSs)


((((((((((((((((((((((((( Files Created from 2009-03-06 to 2009-04-06 )))))))))))))))))))))))))))))))
.

2009-04-06 14:02 . 2009-04-04 07:03 36,864 --a------ c:\windows\system32\dpcxool64.sys
2009-04-06 14:02 . 2009-04-05 22:51 21,704 --a------ c:\windows\system32\vv.exe
2009-04-05 18:11 . 2009-04-05 19:48 <DIR> d-------- c:\program files\DVDFab 5
2009-04-01 17:56 . 2009-04-01 17:56 <DIR> d-------- c:\windows\system32\KB905474
2009-04-01 17:56 . 2009-03-10 22:26 1,403,264 --a------ c:\windows\system32\KB905474\wganotifypackageinner.exe
2009-04-01 17:56 . 2009-03-10 22:18 453,512 --a------ c:\windows\system32\KB905474\wgasetup.exe
2009-04-01 17:56 . 2009-02-09 18:51 12,490 --a------ c:\windows\system32\KB905474\wga_eula.txt
2009-03-23 18:02 . 2009-03-23 18:02 <DIR> d-------- c:\documents and settings\All Users\Application Data\Citrix
2009-03-23 18:01 . 2009-03-23 18:01 61,480 --a------ c:\documents and settings\Kate\GoToAssistDownloadHelper.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-05 17:16 --------- d-----w c:\documents and settings\Kate\Application Data\Vso
2009-04-05 11:03 --------- d-----w c:\program files\DVDFab Platinum 4
2009-04-04 16:58 --------- d-----w c:\documents and settings\Kate\Application Data\Nero
2009-03-21 10:32 --------- d-----w c:\program files\SlySoft
2009-02-28 19:32 --------- d-----w c:\documents and settings\All Users\Application Data\SlySoft
2009-02-28 19:10 325,128 ----a-w c:\windows\system32\drivers\avgldx86.sys
2009-02-28 19:10 --------- d-----w c:\documents and settings\All Users\Application Data\avg8
2009-02-28 19:09 107,272 ----a-w c:\windows\system32\drivers\avgtdix.sys
2009-02-28 18:05 --------- d-----w c:\program files\Google
2007-05-23 20:25 47,360 ----a-w c:\documents and settings\Kate\Application Data\pcouffin.sys
2004-09-10 12:40 94,208 ----a-w c:\program files\DECCHECK.exe
2004-09-10 12:40 5,970 ----a-w c:\program files\eula.txt
2006-07-15 22:11 136,704 ----a-w c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.

------- Sigcheck -------

2004-08-04 08:56 34304 3d9579b77e3915deec06daea424f63d1 c:\windows\$NtServicePackUninstall$\ctfmon.exe
2008-04-14 01:12 34304 e18e1d32c113b98004ac24ffa72d7b3d c:\windows\ServicePackFiles\i386\ctfmon.exe
2008-04-14 01:12 34304 51f9f23e0c6667b7aa502c76af9ddb37 c:\windows\system32\ctfmon.exe

2005-06-11 00:53 76800 d134b3ee0da24e3824b6a8e629e06493 c:\windows\$hf_mig$\KB896423\SP2GDR\spoolsv.exe
2005-06-11 01:17 76800 71179f5b2065172afb22ab5d897b7fd9 c:\windows\$hf_mig$\KB896423\SP2QFE\spoolsv.exe
2005-06-11 00:53 76800 170de91b8e0876e55138a71df2733efd c:\windows\$NtServicePackUninstall$\spoolsv.exe
2004-08-04 08:56 76800 720849c27bf55db61ae1fe5817858e67 c:\windows\$NtUninstallKB896423$\spoolsv.exe
2002-08-29 13:00 70144 c07422001aead96e3c959e336f92a4d1 c:\windows\$NtUninstallKB896423_0$\spoolsv.exe
2008-04-14 01:12 76800 bf8829bdf04376380f3925b634ea3b5a c:\windows\ServicePackFiles\i386\spoolsv.exe
2004-08-04 08:56 76800 d76a5ead32f61ca385f85c10da784a9c c:\windows\system32\spoolsv.exe

2004-08-04 08:56 43520 8c18de9dc81e2c23c471c304e3a771af c:\windows\$NtServicePackUninstall$\userinit.exe
2008-04-14 01:12 45056 4ecd3c08c6bf7e622962965ad71a5b46 c:\windows\ServicePackFiles\i386\userinit.exe
2004-08-04 08:56 43520 9c3fec567697c7e30c367fba701301c6 c:\windows\system32\userinit.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EPSON Stylus C46 Series "= "c:\windows\System32\spool\DRIVERS\W32X86\3\E_S4I0T1.EXE" [2004-01-13 118784]
"MSMSGS "= "c:\program files\Messenger\msmsgs.exe" [2008-04-14 1714176]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} "= "c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 152872]
"Nero PhotoShow Media Manager "= "c:\progra~1\Nero\NEROPH~1\data\Xtras\mssysmgr.exe" [2006-05-10 270336]
"EPSON Stylus DX7400 Series "= "c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATICDE.EXE" [2007-04-12 201216]
"swg "= "c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-16 68856]
"BTAgile "= "c:\program files\BT Broadband Talk Softphone\BTAgile.exe" [2007-06-18 87328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MMTray "= "c:\program files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe" [2002-05-20 110592]
"SiS Tray "= "c:\windows\System32\sistray.EXE" [2001-08-13 286720]
"Sony Ericsson PC Suite "= "c:\program files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2005-10-26 180224]
"TkBellExe "= "c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-01-27 185896]
"AVG8_TRAY "= "c:\progra~1\AVG\AVG8\avgtray.exe" [2009-02-28 1601304]
"QuickTime Task "= "c:\program files\QuickTime\QTTask.exe" [2008-11-04 434176]
"Adobe Photo Downloader "= "c:\program files\Adobe\Photoshop Elements 5.0\apdproxy.exe" [2006-09-14 81920]
"btbb_wcm_McciTrayApp "= "c:\program files\btbb_wcm\McciTrayApp.exe" [2006-12-07 957440]
"btbb_McciTrayApp "= "c:\program files\BT Broadband Desktop Help\bin\BTHelpNotifier.exe" [2007-05-23 955904]
"YBrowser "= "c:\progra~1\Yahoo!\browser\ybrwicon.exe" [2006-07-21 148480]
"AnyDVD "= "c:\program files\SlySoft\AnyDVD\AnyDVD.exe" [2009-03-21 474112]
"Logitech Utility "= "Logi_MwX.Exe" [2003-03-04 c:\windows\LOGI_MWX.EXE]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE "= "c:\windows\System32\CTFMON.EXE" [2008-04-14 34304]
"DWQueuedReporting "= "c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-03-13 39264]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-02-28 20:10 10520 c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.JPEG "= jpegCode.dll
"VIDC.MJPG "= jpegCode.dll
"msacm.dvacm "= c:\progra~1\COMMON~1\ULEADS~1\Vio\Dvacm.acm

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^BT Yahoo! Help.lnk]
backup=c:\windows\pss\BT Yahoo! Help.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^NetHelp.lnk]
backup=c:\windows\pss\NetHelp.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Kate^Start Menu^Programs^Startup^TimeLeft.lnk]
path=c:\documents and settings\Kate\Start Menu\Programs\Startup\TimeLeft.lnk
backup=c:\windows\pss\TimeLeft.lnkStartup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BearShare
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccRegVfy
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ECwyh$vùõš/‚²Ã†ßfÃC:
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ECwyh$vùõš/‚²Ã†ßfÃC:\Program Files
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ECwyh$vùõš/‚²Ã†ßfÃc:\program files\ISTsvc
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ECwyhFf
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IST Service

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
c:\windows\system32\dumprep 0 -k [X]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PhotoShow Deluxe Media Manager
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ReJf5vH
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sexy_Blondes
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SurfAccuracy
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\switp
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uniblue SpeedUpMyPC

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
--a------ 2005-06-06 23:46 57344 c:\program files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AnyDVD]
--a------ 2009-03-21 11:41 474112 c:\program files\SlySoft\AnyDVD\AnyDVD.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\C-Media Mixer]
--a------ 2001-07-12 19:45 675840 c:\program files\PCI Audio Applications\Mixer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
--a------ 2008-04-14 01:12 34304 c:\windows\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus C46 Series]
--a------ 2004-01-13 19:00 118784 c:\windows\system32\spool\drivers\w32x86\3\E_S4I0T1.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus C46 Series (Copy 1)]
--a------ 2004-01-13 19:00 118784 c:\windows\system32\spool\drivers\w32x86\3\E_S4I0T1.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
--a------ 2006-07-15 23:11 188928 c:\program files\Google\Google Desktop Search\GoogleDesktop.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2008-11-20 14:20 290088 c:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mmtask]
--a------ 2003-10-10 13:25 53248 c:\program files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
--a------ 2008-04-14 01:12 1714176 c:\program files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2007-03-01 16:57 153136 c:\program files\Common Files\Ahead\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-11-04 11:30 434176 c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoboForm]
--a------ 2006-12-23 01:22 160832 c:\program files\Siber Systems\AI RoboForm\robotaskbaricon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SiS KHooker]
--a------ 2001-09-02 04:17 294912 c:\windows\system32\khooker.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpeedTouch USB Diagnostics]
--a------ 2004-01-26 11:38 885760 c:\program files\Thomson\SpeedTouch USB\dragdiag.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
--a------ 2007-04-27 22:12 1415824 c:\program files\Spybot - Search & Destroy\TeaTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2005-11-10 13:03 36975 c:\program files\Java\jre1.5.0_06\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
--a------ 2007-06-16 20:59 68856 c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Symantec NetDriver Monitor]
--a------ 2005-06-02 20:42 100056 c:\progra~1\SYMNET~1\SNDMon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
--a------ 2008-01-27 21:36 185896 c:\program files\Common Files\Real\Update_OB\realsched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Utility]
--------- 2003-03-04 10:50 38912 c:\windows\LOGI_MWX.EXE

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\PROGRA~1\\Yahoo!\\MESSEN~1\\YPAGER.EXE "=
"c:\\PROGRA~1\\Yahoo!\\MESSEN~1\\yserver.exe "=
"%windir%\\system32\\sessmgr.exe "=
"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\SAGENT4.EXE "=
"c:\\Program Files\\Common Files\\Adobe\\ESD\\AdobeDownloadManager.exe "=
"c:\\Documents and Settings\\Kate\\Desktop\\Unused Desktop Shortcuts\\utorrent.exe "=
"c:\\Program Files\\Common Files\\Ahead\\Nero Web\\SetupX.exe "=
"c:\\Program Files\\Common Files\\Ahead\\Nero Web\\SetupXu.exe "=
"c:\\Program Files\\Common Files\\Nero\\Nero Web\\SetupX.exe "=
"c:\\Program Files\\Nero\\Nero 7\\Nero Home\\NeroHome.exe "=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe "=
"c:\\Program Files\\BearShare Applications\\BearShare\\BearShare.exe "=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe "=
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe "=
"%windir%\\Network Diagnostic\\xpnetdiag.exe "=
"c:\\Program Files\\iTunes\\iTunes.exe "=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe "=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"11765:TCP "= 11765:TCP:BitComet 11765 TCP
"11765:UDP "= 11765:UDP:BitComet 11765 UDP

R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-06-19 325128]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2008-06-19 107272]
R2 avg8emc;AVG8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2009-02-28 903960]
R2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2009-02-28 298264]
R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
R3 HCWBT8xx;Hauppauge WinTV 848/9 WDM Video Driver;c:\windows\system32\drivers\HCWBT8XX.sys [2005-06-15 443460]
R3 SiS630;SiS630;c:\windows\system32\drivers\sis630p.sys [2006-01-01 109184]
S3 cirrus;cirrus;c:\windows\system32\drivers\cirrus.sys [2005-06-02 45696]
S3 USBAV191;Instant VideoXpress;c:\windows\system32\drivers\USBAV191.SYS [2007-03-11 120128]
.
Contents of the 'Scheduled Tasks' folder

2009-03-27 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2007\SystemOptimizer.exe []

2009-03-19 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 13:34]

2009-04-06 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 20:20]

2009-04-06 c:\windows\Tasks\WGASetup.job
- c:\windows\system32\KB905474\wgasetup.exe [2009-03-10 22:18]
.
- - - - ORPHANS REMOVED - - - -

BHO-{D5BF49A0-94F3-42BD-F434-3604812C8955} - c:\windows\system32\ds43g4nfjkn93.dll
HKU-Default-Run-MICROSOFT UNPACCKER SYSTEM - unpak32.exe
HKU-Default-Run-Microsoft Crs Fix Serv - wincrs.exe
HKU-Default-Run-SP2 Firewall/Internet Updater - crssrs.exe
SharedTaskScheduler-{D5BF49A0-94F3-42BD-F434-3604812C8955} - c:\windows\system32\ds43g4nfjkn93.dll
SafeBoot-Sound Service
MSConfigStartUp-NBJ - c:\program files\Ahead\Nero BackItUp\NBJ.exe
MSConfigStartUp-istsvc - (no file)
MSConfigStartUp-Microsoft Crs Fix Serv - wincrs.exe
MSConfigStartUp-MICROSOFT UNPACCKER SYSTEM - unpak32.exe
MSConfigStartUp-New - (no file)
MSConfigStartUp-Internet Updater - crssrs.exe


.
------- Supplementary Scan -------
.
uStart Page = hxxp://search.bearshare.com/uk/
uSearch Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com/ie
uSearch Bar = hxxp://www.google.com/ie
mDefault_Search_URL = hxxp://www.google.com/ie
mSearch Bar = hxxp://uk.red.clientapps.yahoo.com/customize/btyahoo/defaults/sb/*http://uk.docs.yahoo.com/info/bt_side.html
uInternet Settings,ProxyOverride = 127.0.0.1
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/ie
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Customize Menu - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
IE: Fill Forms - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
IE: RoboForm Toolbar - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
IE: Save Forms - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java
FF - ProfilePath - c:\documents and settings\Kate\Application Data\Mozilla\Firefox\Profiles\6ur5ka54.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://www.google.co.uk/
FF - component: c:\documents and settings\Kate\Application Data\Mozilla\Firefox\Profiles\6ur5ka54.default\extensions\{22119944-ED35-4ab1-910B-E619EA06A115}\components\rfproxy_27.dll
FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll
FF - component: c:\program files\AVG\AVG8\ToolbarFF\components\vmAVGConnector.dll
FF - component: c:\program files\Mozilla Firefox\components\GoogleDesktopMozilla.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJava11.dll
FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJava12.dll
FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJava13.dll
FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJava14.dll
FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJava32.dll
FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJPI150_06.dll
FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPOJI610.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPEyeCheck.dll
.

**************************************************************************

catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-06 22:23:21
Windows 5.1.2600 Service Pack 3 NTFS

detected NTDLL code modification:
ZwOpenFile

scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
MMTray = c:\program files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe?w???g`???V??g`???SOFTWARE\MusicMatch\MusicMatch Jukebox\4.0\TrayApp??????? ?w?????????????\?wp ?w???????w???g???????????g?RY??QY????????gb???2???????????8???? @??%X??%X???????????????????Y?????n?Q?????

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
c:\program files\AVG\AVG8\avgrsx.exe
c:\progra~1\AVG\AVG8\avgnsx.exe
c:\program files\AVG\AVG8\avgcsrvx.exe
c:\windows\system32\wscntfy.exe
c:\program files\Logitech\MouseWare\system\EM_EXEC.EXE
c:\progra~1\Yahoo!\browser\ycommon.exe
c:\program files\Common Files\Teleca Shared\CapabilityManager.exe
c:\program files\Common Files\Ahead\Lib\NMIndexingService.exe
c:\program files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
c:\program files\Common Files\Teleca Shared\Generic.exe
c:\program files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
.
**************************************************************************
.
Completion time: 2009-04-06 22:33:38 - machine was rebooted
ComboFix-quarantined-files.txt 2009-04-06 21:33:17

Pre-Run: 62,152,257,536 bytes free
Post-Run: 70,583,246,848 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT= "Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS= "Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn

319 --- E O F --- 2009-04-02 15:41:28

kaspersky scan log

says i hav e lots of virus but i cant copy and psate

 

i still have this virus can anyone help

 

Hi and welcome

I have suspicions of what is on the computer, scanning the below may verify.

Print this topic or save to notepad, it will make it easier for you to follow the instructions and complete all of the necessary steps as we will need to close all windows that are open later in the fix.



Go to My Computer->Tools->Folder Options->View tab:

• Under the Hidden files and folders heading:
• Select - Show hidden files and folders.
• Uncheck- Hide protected operating system files (recommended) option.
• Also, make sure there is no checkmark beside Hide file extensions for known file types.
• Click OK. (Remember to Hide files and folders once done)

Please go to: VirusTotal

• 
  
  
  
  
  
• Click the Browse button and search for the following file: c:\windows\system32\spoolsv.exe
• Click Open
• Then click Send File
• Please be patient while the file is scanned.
• Once the scan results appear, please provide them in your next reply.

If it says already scanned -- click "reanalyze now "

Also please have the next files scanned.
c:\windows\ServicePackFiles\i386\spoolsv.exe
c:\windows\ServicePackFiles\i386\userinit.exe
c:\windows\system32\userinit.exe





Next: Please disable all onboard security programs (all running with back ground protection) as it may hinder the scanner from working.
This includes Antivirus, Firewall, and any Spyware scanners that run in the background.

Click on this link Here to see a list of programs that should be disabled.
The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.

Please open Notepad *Do Not Use Wordpad!* or use any other text editor than Notepad or the script will fail. (Start -> Run -> type notepad in the Open field -> OK) and copy and paste the text present inside the CODE box below:
Save this as "CFScript.txt " including quotes and change the "Save as type" to "All Files" and place it on your desktop.

Code:

File:: 
c:\windows\system32\dpcxool64.sys
c:\windows\system32\vv.exe
Registry::
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ECwyh$vùõš/‚²Ã†ßfÃC:]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ECwyh$vùõš/‚²Ã†ßfÃC:\Program Files]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ECwyh$vùõš/‚²Ã†ßfÃc:\program files\ISTsvc]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ECwyhFf]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IST Service]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ReJf5vH]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sexy_Blondes]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SurfAccuracy]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\switp]

Referring to the screenshot above, drag CFScript.txt into ComboFix.exe. ComboFix will now run a scan on your system. It may reboot your system when it finishes. This is normal.
When finished, it shall produce a log for you, C:\ComboFix.txt. Post that log in your next reply.
CAUTION: Do not mouse-click ComboFix's window while it is running. That may cause it to stall.

Note: the above code was created specifically for this user. If you are not this user, do NOT follow these directions as they could damage the workings of your system.


CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.




Your version of Java is outdated.

Please download JavaRa to your desktop and unzip it to its own folder

Run JavaRa.exe, pick the language of your choice and click Select. Then click Remove Older Versions.
Accept any prompts.
Open JavaRa.exe again and select Search For Updates.
Select Update Using Sun Java's Website then click Search and click on the Open Webpage button. Download and install the latest Java Runtime Environment (JRE) version for your computer.




Please download ATF Cleaner by Atribune From Here and save it to your Desktop.
Follow the instructions for the browser you use.
Read the instructions about the cookies. Delete what you do not need.

Double click ATF-Cleaner.exe to run the program.
Check the boxes to the left of:
Windows Temp
Current User Temp
All Users Temp
Temporary Internet Files
Java Cache
The rest are optional - if you want to remove the lot, check "Select All ".
Finally click Empty Selected. When you get the "Done Cleaning " message, click OK.
If you use the Firefox or Opera browsers, you can use this program
as a quick way to tidy those up as well.
When you have finished, click on the Exit button in the Main menu.
========================



NEXT**
I'd like for you to run this next online scan to check for remnants or anything that might be hidden.
The below scan can take up to an hour or longer, please be patient.

*Note
It is recommended to disable onboard antivirus program and antispyware programs while performing scans so no conflicts and to speed up scan time.
Please don't go surfing while your resident protection is disabled!
Once scan is finished remember to re-enable resident antivirus protection along with whatever antispyware app you use.


Using Internet Explorer, visit http://www.kaspersky.com/service?chapter=161739400

Other available links
Kaspersky Online Scanner or from here
http://www.kaspersky.com/virusscanner

Note: If you are using Windows Vista, open your browser by right-clicking on its icon and select 'Run as administrator' to perform this scan.

Click on the Accept button and install any components it needs.

• The program will install and then begin downloading the latest definition
  files.
• After the files have been downloaded on the left side of the page in the Scan section select My Computer.
• This will start the program and scan your system.
• The scan will take a while, so be patient and let it run. (At times it may appear to stall)
  * Once the update is complete, click on My Computer under the green Scan bar to the left to start the scan.
  * Once the scan is complete, it will display if your system has been infected. It does not provide an option to clean/disinfect. We only require a report from it.
  * Do NOT be alarmed by what you see in the report. Many of the finds have likely been quarantined.
  
• Once the scan is complete, click on View scan report To obtain the report:

Click on: Save Report As
Next, in the Save as prompt, Save in area, select: Desktop
In the File name area, use KScan, or something similar In Save as type, click the drop arrow and select:
Text file [*.txt]
Then, click: Save
Please post the Kaspersky Online Scanner Report in
your reply.

Animated tutorial
http://i275.photobucket.com/albums/jj285/Bleeping/KAS/KAS9.gif

(Note.. for Internet Explorer 7 users:
If at any time you have trouble with the "Accept" button of the license, click on the "Zoom" tool located at the bottom right of the IE window and set the zoom to 75 %. Once the license has been accepted, reset to 100%.)
Or use Firefox with IE-Tab plugin
https://addons.mozilla.org/en-US/firefox/addon/1419


In your next reply post:
Files requested scanned
ComboFix.txt
Kaspersky log
New HJT log taken after the above scans have run


You may need several replies to post the requested logs, otherwise they might get cut off.

 

Hi and thanks for your reply. My computer has now had a complete crash and refused to even load. However I've managed to get it to load Windows XP but the internet has vanished along with half of the programmes. I ran a registry check and scan in safe mode and that seemed to clear lots of Trojan Horses and fix errors in the registry. But there are still serious problems with it. I have printed off your reply and will have a go at following instructions later, when hopefully I'm back on the internet (I'm at work at the moment)! Many thanks Kate

 

Sounds like bad went to worse.

Post back later when you can and let me know how it goes.

See if the below helps with internet.

lets check some settings on your system.
In the windows control panel. If you are using Windows XP's Category View, select the Network and Internet Connections category, otherwise double click on Network Connections. Then right click on your default connection, usually local area connection for Cable and DSL, and left click on properties. Click the Networking tab. Double-click on the Internet Protocol (TCP/IP) item and select the radio dial that says "Obtain DNS servers automatically "
Press OK twice to get out of the properties screen and reboot if it asks.


That option might not be available on some systems.
Next go Start, Run and type cmd and hit OK
now type:
ipconfig /flushdns
(note that a space between ipconfig and / is needed)
then hit Enter, type exit and hit Enter again.