cannot download any antivirus program

i think i have a virus..please help! everytime i try to download an antivirus program it will automatically pop up the screen telling me an unexpected error has occurred and will shut down my browser..what can i do?? i just want to get it fixed and get a decent antivirus program onto my computer

thx for your time in advance!

here is logs from dds:

DDS (Ver_09-03-16.01) - NTFSx86
Run by laptop1 at 17:35:09.61 on Tue 04/07/2009
Internet Explorer: 6.0.2900.5512
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.511.231 [GMT -5:00]

AV: AVG *On-access scanning enabled* (Outdated)

============== Running Processes ===============

C:\Program Files\AVG\AVG8\avgrsx.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\CBTWlanSrv.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
c:\program files\linksys\wpc54gv3\wpc54gv3.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Napster\napster.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\WINDOWS\system32\drwtsn32.exe
C:\Documents and Settings\laptop1\Desktop\dds.scr

============== Pseudo HJT Report ===============

uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.yahoo.com/search/ie.html
mSearchAssistant = hxxp://www.crawler.com/search/ie.aspx?tb_id=60076
mCustomizeSearch = hxxp://dnl.crawler.com/support/sa_customize.aspx?TbId=60076
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll
uURLSearchHooks: SearchSettings Class: {e312764e-7706-43f1-8dab-fcdd2b1e416d} - c:\program files\search settings\kb127\SearchSettings.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: Yahoo! IE Services Button: {5bab4b5b-68bc-4b02-94d6-2fc0de4a7897} - c:\program files\yahoo!\common\yiesrvc.dll
BHO: AVG Security Toolbar: {a057a204-bacc-4d26-9990-79a187e2698e} - c:\progra~1\avg\avg8\AVGTOO~1.DLL
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.0.926.3450\swg.dll
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_219B3E1547538286.dll
BHO: SearchSettings Class: {e312764e-7706-43f1-8dab-fcdd2b1e416d} - c:\program files\search settings\kb127\SearchSettings.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll
TB: AVG Security Toolbar: {a057a204-bacc-4d26-9990-79a187e2698e} - c:\progra~1\avg\avg8\AVGTOO~1.DLL
TB: &Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar.dll
TB: {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - No File
TB: {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No File
uRun: [Yahoo! Pager] "c:\program files\yahoo!\messenger\YahooMessenger.exe" -quiet
mRun: [UIUCU] c:\docume~1\laptop1\locals~1\temp\UIUCU.EXE -CLEAN_UP
mRun: [SearchSettings] c:\program files\search settings\SearchSettings.exe
mRun: [Windows Defender] "c:\program files\windows defender\MSASCui.exe" -hide
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
mRun: [NapsterShell] c:\program files\napster\napster.exe /systray
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe "
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - c:\program files\yahoo!\common\yiesrvc.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper.dll
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Notify: AtiExtEvent - Ati2evxx.dll
AppInit_DLLs: avgrsstx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - c:\progra~1\wifd1f~1\MpShHook.dll

============= SERVICES / DRIVERS ===============

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-12-22 97928]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2008-12-22 26824]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2008-12-22 231704]
R2 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2008-12-22 76040]
R2 CBTWlanSrv;CBT Wlan Service;c:\windows\CBTWlanSrv.exe [2008-8-16 106496]
R2 WinDefend;Windows Defender;c:\program files\windows defender\MsMpEng.exe [2006-11-3 13592]
R3 CBPSp50;CBPSp50 NDIS Protocol Driver;c:\windows\system32\drivers\CBPSp50.sys [2008-8-16 27072]
R3 WPC54Gv3;Linksys Wireless Notebook Adapter WPC54Gv3 Driver;c:\windows\system32\drivers\WPC54Gv3.SYS [2008-8-16 610816]
S2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\avg\avg8\avgemc.exe --> c:\progra~1\avg\avg8\avgemc.exe [?]
S3 CBPMp50;CBPMp50 NDIS Protocol Driver;c:\windows\system32\drivers\cbpmp50.sys --> c:\windows\system32\drivers\CBPMp50.sys [?]
S3 S3chipid;S3chipid;\??\c:\docume~1\laptop1\locals~1\temp\{2b43252c-a1e3-4c47-927c-9f2c276d3515}\s3chipid.sys --> c:\docume~1\laptop1\locals~1\temp\{2b43252c-a1e3-4c47-927c-9f2c276d3515}\S3chipid.sys [?]

=============== Created Last 30 ================

2009-04-06 21:37 <DIR> --d----- C:\Lop SD
2009-03-22 13:58 215,040 a------- c:\windows\system32\CNMLM90.DLL
2009-03-22 13:56 15,104 ac------ c:\windows\system32\dllcache\usbscan.sys
2009-03-22 13:56 15,104 a------- c:\windows\system32\drivers\usbscan.sys
2009-03-22 13:44 25,856 ac------ c:\windows\system32\dllcache\usbprint.sys
2009-03-22 13:44 25,856 a------- c:\windows\system32\drivers\usbprint.sys
2009-03-22 13:37 32,128 a------- c:\windows\system32\drivers\usbccgp.sys
2009-03-13 20:17 33,664 a------- c:\windows\system32\drivers\BCMWLNPF.SYS
2009-03-13 20:17 86,016 a------- c:\windows\system32\preflib.dll
2009-03-13 20:17 184,320 a------- c:\windows\system32\bcmwlu00.exe
2009-03-13 20:17 44,032 a------- c:\windows\system32\wltrynt.dll
2009-03-13 20:17 1,142,784 a------- c:\windows\system32\BCMWLTRY.EXE
2009-03-13 20:17 69,632 a------- c:\windows\system32\bcmwlpkt.dll
2009-03-13 20:17 20,480 a------- c:\windows\system32\WLTRYSVC.EXE
2009-03-13 20:17 2,129,920 a------- c:\windows\system32\WLBCGCBPRO731.DLL
2009-03-13 20:17 757,760 a------- c:\windows\system32\bcm1xsup.dll
2009-03-13 20:17 <DIR> --d----- c:\program files\Linksys

==================== Find3M ====================

2009-03-01 17:59 13,398,032 a------- C:\NapsterSetup-US-4.6.2.2.exe
2009-02-09 06:13 1,846,784 a------- c:\windows\system32\win32k.sys

============= FINISH: 17:37:10.83 ===============





from attach:

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-03-16.01)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 1/4/1980 12:30:45 AM
System Uptime: 4/7/2009 12:38:13 PM (5 hours ago)

Motherboard: Hewlett-Packard | | 0890
Processor: Intel(R) Pentium(R) M processor 1.60GHz | U10 | 1594/100mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 37 GiB total, 29.171 GiB free.
D: is CDROM ()

==== Disabled Device Manager Items =============

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: Base System Device
Device ID: PCI\VEN_1217&DEV_7110&SUBSYS_0890103C&REV_00\4&16793A72&0&32F0
Manufacturer:
Name: Base System Device
PNP Device ID: PCI\VEN_1217&DEV_7110&SUBSYS_0890103C&REV_00\4&16793A72&0&32F0
Service:

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: PCI Modem
Device ID: PCI\VEN_8086&DEV_24C6&SUBSYS_0890103C&REV_03\3&61AAA01&0&FE
Manufacturer:
Name: PCI Modem
PNP Device ID: PCI\VEN_8086&DEV_24C6&SUBSYS_0890103C&REV_03\3&61AAA01&0&FE
Service:

==== System Restore Points ===================

RP137: 1/8/2009 4:20:52 AM - System Checkpoint
RP138: 1/9/2009 2:28:37 AM - Software Distribution Service 3.0
RP139: 1/10/2009 5:49:13 PM - System Checkpoint
RP140: 1/11/2009 6:40:23 PM - System Checkpoint
RP141: 1/13/2009 7:21:55 PM - System Checkpoint
RP142: 1/14/2009 9:39:03 PM - Software Distribution Service 3.0
RP143: 1/16/2009 6:22:42 PM - System Checkpoint
RP144: 1/17/2009 11:48:40 AM - Software Distribution Service 3.0
RP145: 1/17/2009 5:08:14 PM - Software Distribution Service 3.0
RP146: 1/17/2009 5:27:24 PM - Installed ParetoLogic DriverCure.
RP147: 1/19/2009 2:39:07 PM - System Checkpoint
RP148: 1/20/2009 5:54:50 PM - Software Distribution Service 3.0
RP149: 1/21/2009 7:24:36 PM - System Checkpoint
RP150: 1/22/2009 7:30:21 PM - Software Distribution Service 3.0
RP151: 1/24/2009 12:21:56 PM - System Checkpoint
RP152: 1/25/2009 12:46:35 PM - System Checkpoint
RP153: 1/26/2009 11:39:12 PM - System Checkpoint
RP154: 1/27/2009 1:54:49 AM - Software Distribution Service 3.0
RP155: 1/28/2009 3:24:54 AM - System Checkpoint
RP156: 1/29/2009 4:11:54 AM - System Checkpoint
RP157: 1/30/2009 1:54:41 AM - Software Distribution Service 3.0
RP158: 1/31/2009 2:35:58 AM - System Checkpoint
RP159: 2/1/2009 3:46:37 AM - System Checkpoint
RP160: 2/1/2009 5:46:57 PM - Avg8 Update
RP161: 2/1/2009 5:51:24 PM - Avg8 Update
RP162: 2/2/2009 6:04:17 PM - System Checkpoint
RP163: 2/3/2009 2:28:00 AM - Software Distribution Service 3.0
RP164: 2/4/2009 3:11:27 AM - System Checkpoint
RP165: 2/5/2009 4:01:26 AM - System Checkpoint
RP166: 2/6/2009 10:30:16 AM - Restore Operation
RP167: 2/10/2009 8:54:43 PM - Restore Operation
RP168: 2/10/2009 9:12:08 PM - Software Distribution Service 3.0
RP169: 2/10/2009 10:30:19 PM - Removed Napster
RP170: 2/11/2009 7:31:31 PM - Removed Digital Locker Assistant
RP171: 2/11/2009 7:35:05 PM - Removed Creative Removable Disk Manager
RP172: 2/11/2009 8:20:20 PM - Configured AVG Free 8.0
RP173: 2/12/2009 6:29:17 PM - Software Distribution Service 3.0
RP174: 2/13/2009 6:57:53 PM - System Checkpoint
RP175: 2/14/2009 8:00:13 PM - System Checkpoint
RP176: 2/15/2009 9:18:25 PM - System Checkpoint
RP177: 2/16/2009 9:42:38 PM - System Checkpoint
RP178: 2/17/2009 1:38:00 AM - Software Distribution Service 3.0
RP179: 2/18/2009 10:04:54 PM - System Checkpoint
RP180: 2/19/2009 10:25:13 PM - System Checkpoint
RP181: 2/20/2009 1:48:22 AM - Software Distribution Service 3.0
RP182: 2/21/2009 2:04:28 AM - System Checkpoint
RP183: 2/22/2009 10:16:08 AM - System Checkpoint
RP184: 2/26/2009 3:28:57 PM - System Checkpoint
RP185: 2/27/2009 9:06:04 PM - System Checkpoint
RP186: 2/28/2009 1:47:57 AM - Software Distribution Service 3.0
RP187: 2/28/2009 12:14:05 PM - Software Distribution Service 3.0
RP188: 3/1/2009 12:20:27 PM - System Checkpoint
RP189: 3/1/2009 5:05:47 PM - Installed Napster
RP190: 3/2/2009 1:49:16 PM - Software Distribution Service 3.0
RP191: 3/3/2009 7:50:36 PM - System Checkpoint
RP192: 3/4/2009 10:41:09 PM - System Checkpoint
RP193: 3/5/2009 8:37:13 PM - Software Distribution Service 3.0
RP194: 3/8/2009 8:08:13 PM - System Checkpoint
RP195: 3/9/2009 8:11:46 PM - System Checkpoint
RP196: 3/10/2009 8:17:49 PM - System Checkpoint
RP197: 3/11/2009 12:59:57 AM - Software Distribution Service 3.0
RP198: 3/11/2009 9:38:46 PM - Software Distribution Service 3.0
RP199: 3/13/2009 4:42:18 PM - System Checkpoint
RP200: 3/13/2009 6:41:19 PM - Installed WPC54Gv3 - WPC54Gv3
RP201: 3/13/2009 6:47:08 PM - Installed WPC54Gv3 - WPC54Gv3
RP202: 3/13/2009 6:57:40 PM - Installed WPC54Gv3 - WPC54Gv3
RP203: 3/13/2009 7:16:59 PM - Installed WPC54Gv3 - WPC54Gv3
RP204: 3/15/2009 12:54:14 PM - System Checkpoint
RP205: 3/16/2009 12:56:57 PM - System Checkpoint
RP206: 3/17/2009 2:03:50 AM - Software Distribution Service 3.0
RP207: 3/18/2009 10:14:17 AM - System Checkpoint
RP208: 3/19/2009 8:48:27 AM - Software Distribution Service 3.0
RP209: 3/20/2009 5:54:36 PM - System Checkpoint
RP210: 3/20/2009 11:18:35 PM - Software Distribution Service 3.0
RP211: 3/22/2009 10:37:46 AM - System Checkpoint
RP212: 3/23/2009 6:15:23 PM - System Checkpoint
RP213: 3/25/2009 2:05:35 PM - System Checkpoint
RP214: 3/26/2009 2:45:34 PM - System Checkpoint
RP215: 3/28/2009 12:29:38 PM - System Checkpoint
RP216: 3/29/2009 12:41:40 PM - System Checkpoint
RP217: 3/29/2009 3:37:15 PM - Software Distribution Service 3.0
RP218: 3/30/2009 8:03:11 PM - System Checkpoint
RP219: 4/1/2009 4:48:23 PM - Software Distribution Service 3.0
RP220: 4/2/2009 5:35:18 PM - Software Distribution Service 3.0
RP221: 4/4/2009 5:32:36 PM - System Checkpoint
RP222: 4/5/2009 5:55:56 PM - System Checkpoint
RP223: 4/6/2009 7:49:43 PM - System Checkpoint
RP224: 4/6/2009 8:25:41 PM - Software Distribution Service 3.0

==== Installed Programs ======================

Acrobat.com
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Reader 9.1
ATI - Software Uninstall Utility
ATI Control Panel
ATI Display Driver
AVG Free 8.0
Broadcom NetXtreme Ethernet Controller
CCleaner (remove only)
Critical Update for Windows Media Player 11 (KB959772)
Google Toolbar for Internet Explorer
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB952287)
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Office Professional Edition 2003
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C Runtime
Microsoft Visual C++ 2005 Redistributable
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
Napster
Napster Burn Engine
Picasa 3
Search Settings 1.2
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953838)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956390)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958215)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960714)
Security Update for Windows XP (KB960715)
SoundMAX
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
WebFldrs XP
Windows Defender
Windows Genuine Advantage Notifications (KB905474)
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3
WPC54Gv3 - WPC54Gv3
Yahoo! Browser Services
Yahoo! Install Manager
Yahoo! Internet Mail
Yahoo! Messenger
Yahoo! Toolbar

==== Event Viewer Messages From Past Week ========

4/1/2009 4:43:41 PM, error: Service Control Manager [7000] - The AVG Free8 E-mail Scanner service failed to start due to the following error: The system cannot find the file specified.

==== End Of File ===========================



thx for your help in advance

 

Welcome to Windows BBS, dseawright!!

Please make sure you temporarily disable security/protection applications as they may interfere with running programs needed to eradicate infections. Check the list in How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs for any programs run.

Next, download ComboFix
Save to the Desktop

• Now, close all open windows
• Double-click combofix.exe to run the program
• Follow the prompts.
• If the option is offered, it is in your best interest to allow the download and install of the Recovery Console when prompted.
• When told that the RC is installed correctly, press YES to continue scanning for malware.
• ComboFix will run. Please don't click on the window while the program is running, it may cause your system to stall.
• CF may reboot the computer and resume running when it restarts.
• When finished, a log, ComboFix.txt, is produced.

Please provide the contents of the ComboFix report in your reply.

 

awww thx so much for peeking at my log--and helping me!!!!! i will do as soon as i get home! very much appreciated--thinking about it though..i think the only thing i have on there as far as security protection is avg 8..which i have tried to actually delete entirely from my computer awhile back and it wont let me?? it gives me this error:
Installer initialization failed due to the following error:
Error: Initialization of the setup data file failed.
Opening of the setup data file "C" failed.
Error 0xe001042c

 

ok..so when i downloaded combofix it said i still have avg running..i have no idea where to find this icon..it is nowhere in my tray, desktop, etc. i go to c drive and under programs find the avg folder with all the items in it but nothing works in there..it gives me error msgs..so when i try to delete in remove programs it acts like it is going to and then gives me that error msg in my post above..any ideas???

 

Try deleting the following:
C:\Program Files\AVG

Next, download and install AVG again.

Now, uninstall AVG from Add or Remove Programs.

 

it gives me this msg when trying to delete from c/program files/avg

cannot delete avgcfgx.dll: Access is denied
make sure the disk is not full or write-protected and that the file is not currently in use

 

im not sure what happened but i downloaded combofix, it started doing its thing and then after a few minutes it just went to a completely blue screen that said:

IO SYSTEM VERIFICATION ERROR IN catchme.sys (WDM DRIVER ERROR 20e)
[catchme.sys+2ef8 at F87C1EF8]
Beginning dump of physical memory
physical memory dump complete.
Contact your system administrator or technical support group for further assistance.

i feel like pulling my hair out.

 

Aaflac I have no idea what is going on with my lovely computer...uhhhhh...it wont let me download anything from the internet..it will act like it and then that little wonderful box comes up stating its unresponsive...every single time i try..ive tried several times to do the combofix and it just wont work for me. any other ideas??

 

Let’s get a diagnostic that does not require any downloads and see what is there…

Please go to Start > Run, type in msconfig
In msconfig go to the Boot.ini tab
Check: /Bootlog
Press: Apply and then: OK
Restart the computer

Now, search for and delete C:\Windows\ntbtlog.txt
Restart the computer once again
Begin tapping the F8 key on startup to enable the Advanced Start Menu
Select: Enable Boot Logging from the list

Once you are logged on, navigate to and open C:\Windows\ntbtlog.txt

Please post the contents of C:\Windows\ntbtlog.txt in your reply.

 

ok here is the log

Loaded driver \SystemRoot\system32\drivers\kmixer.sys
Service Pack 3 4 10 2009 06:26:15.500
Loaded driver \WINDOWS\system32\ntoskrnl.exe
Loaded driver \WINDOWS\system32\hal.dll
Loaded driver \WINDOWS\system32\KDCOM.DLL
Loaded driver \WINDOWS\system32\BOOTVID.dll
Loaded driver ACPI.sys
Loaded driver \WINDOWS\system32\DRIVERS\WMILIB.SYS
Loaded driver pci.sys
Loaded driver isapnp.sys
Loaded driver compbatt.sys
Loaded driver \WINDOWS\system32\DRIVERS\BATTC.SYS
Loaded driver pciide.sys
Loaded driver \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
Loaded driver intelide.sys
Loaded driver pcmcia.sys
Loaded driver MountMgr.sys
Loaded driver ftdisk.sys
Loaded driver dmload.sys
Loaded driver dmio.sys
Loaded driver ACPIEC.sys
Loaded driver \WINDOWS\system32\DRIVERS\OPRGHDLR.SYS
Loaded driver PartMgr.sys
Loaded driver VolSnap.sys
Loaded driver atapi.sys
Loaded driver disk.sys
Loaded driver \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
Loaded driver fltmgr.sys
Loaded driver sr.sys
Loaded driver PxHelp20.sys
Loaded driver KSecDD.sys
Loaded driver WudfPf.sys
Loaded driver Ntfs.sys
Loaded driver NDIS.sys
Loaded driver Mup.sys
Loaded driver agp440.sys
Loaded driver \SystemRoot\system32\DRIVERS\intelppm.sys
Loaded driver \SystemRoot\system32\DRIVERS\ati2mtag.sys
Loaded driver \SystemRoot\system32\DRIVERS\usbuhci.sys
Loaded driver \SystemRoot\system32\DRIVERS\usbehci.sys
Loaded driver \SystemRoot\system32\DRIVERS\WPC54Gv3.SYS
Loaded driver \SystemRoot\system32\DRIVERS\b57xp32.sys
Loaded driver \SystemRoot\system32\DRIVERS\serial.sys
Loaded driver \SystemRoot\system32\DRIVERS\serenum.sys
Loaded driver \SystemRoot\system32\DRIVERS\fdc.sys
Loaded driver \SystemRoot\system32\DRIVERS\smcirda.sys
Loaded driver \SystemRoot\system32\DRIVERS\irenum.sys
Loaded driver \SystemRoot\system32\DRIVERS\parport.sys
Loaded driver \SystemRoot\system32\DRIVERS\i8042prt.sys
Loaded driver \SystemRoot\system32\DRIVERS\kbdclass.sys
Loaded driver \SystemRoot\system32\DRIVERS\SynTP.sys
Loaded driver \SystemRoot\system32\DRIVERS\mouclass.sys
Loaded driver \SystemRoot\system32\DRIVERS\imapi.sys
Loaded driver \SystemRoot\system32\DRIVERS\cdrom.sys
Loaded driver \SystemRoot\system32\DRIVERS\redbook.sys
Loaded driver \SystemRoot\system32\drivers\smwdm.sys
Loaded driver \SystemRoot\system32\drivers\aeaudio.sys
Loaded driver \SystemRoot\system32\DRIVERS\CmBatt.sys
Loaded driver \SystemRoot\system32\DRIVERS\wmiacpi.sys
Loaded driver \SystemRoot\system32\DRIVERS\audstub.sys
Loaded driver \SystemRoot\system32\DRIVERS\rasirda.sys
Loaded driver \SystemRoot\system32\DRIVERS\rasl2tp.sys
Loaded driver \SystemRoot\system32\DRIVERS\ndistapi.sys
Loaded driver \SystemRoot\system32\DRIVERS\ndiswan.sys
Loaded driver \SystemRoot\system32\DRIVERS\raspppoe.sys
Loaded driver \SystemRoot\system32\DRIVERS\raspptp.sys
Loaded driver \SystemRoot\system32\DRIVERS\msgpc.sys
Loaded driver \SystemRoot\system32\DRIVERS\psched.sys
Loaded driver \SystemRoot\system32\DRIVERS\ptilink.sys
Loaded driver \SystemRoot\system32\DRIVERS\raspti.sys
Loaded driver \SystemRoot\System32\Drivers\RootMdm.sys
Loaded driver \SystemRoot\System32\Drivers\Modem.SYS
Loaded driver \SystemRoot\system32\DRIVERS\rdpdr.sys
Loaded driver \SystemRoot\system32\DRIVERS\termdd.sys
Loaded driver \SystemRoot\system32\DRIVERS\swenum.sys
Loaded driver \SystemRoot\system32\DRIVERS\update.sys
Loaded driver \SystemRoot\system32\DRIVERS\mssmbios.sys
Loaded driver \SystemRoot\System32\Drivers\NDProxy.SYS
Did not load driver \SystemRoot\System32\Drivers\NDProxy.SYS
Did not load driver \SystemRoot\System32\Drivers\NDProxy.SYS
Loaded driver \SystemRoot\system32\DRIVERS\usbhub.sys
Did not load driver \SystemRoot\System32\Drivers\lbrtfdc.SYS
Did not load driver \SystemRoot\System32\Drivers\Flpydisk.SYS
Did not load driver \SystemRoot\System32\Drivers\Sfloppy.SYS
Did not load driver \SystemRoot\System32\Drivers\i2omgmt.SYS
Did not load driver \SystemRoot\System32\Drivers\Changer.SYS
Did not load driver \SystemRoot\System32\Drivers\Cdaudio.SYS
Loaded driver \SystemRoot\System32\Drivers\Fs_Rec.SYS
Loaded driver \SystemRoot\System32\Drivers\Null.SYS
Loaded driver \SystemRoot\System32\Drivers\Beep.SYS
Loaded driver \SystemRoot\System32\drivers\vga.sys
Loaded driver \SystemRoot\System32\Drivers\mnmdd.SYS
Loaded driver \SystemRoot\System32\DRIVERS\RDPCDD.sys
Loaded driver \SystemRoot\System32\Drivers\Msfs.SYS
Loaded driver \SystemRoot\System32\Drivers\Npfs.SYS
Loaded driver \SystemRoot\system32\DRIVERS\rasacd.sys
Loaded driver \SystemRoot\system32\DRIVERS\ipsec.sys
Loaded driver \SystemRoot\system32\DRIVERS\tcpip.sys
Loaded driver \SystemRoot\system32\DRIVERS\netbt.sys
Loaded driver \SystemRoot\System32\drivers\ws2ifsl.sys
Loaded driver \SystemRoot\System32\drivers\afd.sys
Loaded driver \SystemRoot\system32\DRIVERS\netbios.sys
Did not load driver \SystemRoot\System32\Drivers\PCIDump.SYS
Loaded driver \SystemRoot\system32\DRIVERS\rdbss.sys
Loaded driver \SystemRoot\system32\DRIVERS\mrxsmb.sys
Loaded driver \SystemRoot\system32\DRIVERS\ipnat.sys
Loaded driver \SystemRoot\system32\DRIVERS\wanarp.sys
Loaded driver \SystemRoot\system32\DRIVERS\usbccgp.sys
Loaded driver \SystemRoot\system32\DRIVERS\usbscan.sys
Loaded driver \SystemRoot\system32\DRIVERS\usbprint.sys
Loaded driver \SystemRoot\System32\Drivers\Fips.SYS
Loaded driver \SystemRoot\System32\Drivers\avgmfx86.sys
Loaded driver \SystemRoot\System32\Drivers\avgldx86.sys
Loaded driver \SystemRoot\System32\Drivers\Cdfs.SYS
Loaded driver \SystemRoot\system32\DRIVERS\irda.sys
Loaded driver \SystemRoot\system32\DRIVERS\ndisuio.sys
Did not load driver \SystemRoot\system32\DRIVERS\rdbss.sys
Did not load driver \SystemRoot\system32\DRIVERS\mrxsmb.sys
Loaded driver \SystemRoot\system32\DRIVERS\mrxdav.sys
Loaded driver \SystemRoot\System32\Drivers\ParVdm.SYS
Loaded driver \SystemRoot\System32\Drivers\avgtdix.sys
Loaded driver \SystemRoot\system32\DRIVERS\srv.sys
Did not load driver \SystemRoot\system32\DRIVERS\ipnat.sys
Loaded driver \SystemRoot\system32\drivers\wdmaud.sys
Loaded driver \SystemRoot\system32\drivers\sysaudio.sys
Loaded driver \SystemRoot\system32\drivers\splitter.sys
Loaded driver \SystemRoot\system32\drivers\aec.sys
Loaded driver \SystemRoot\system32\drivers\swmidi.sys
Loaded driver \SystemRoot\system32\drivers\DMusic.sys
Loaded driver \SystemRoot\system32\drivers\kmixer.sys
Loaded driver \SystemRoot\system32\drivers\drmkaud.sys
Loaded driver \SystemRoot\System32\Drivers\HTTP.sys
Loaded driver \SystemRoot\system32\drivers\kmixer.sys
Loaded driver \SystemRoot\System32\Drivers\CBPSp50.sys


thx

 

Also need to check a Registry key...

Please highlight and Copy the text inside the code box below:

Code:

reg query  "HKLM\software\microsoft\windows nt\currentversion\drivers32" /s >look2.txt
start notepad look2.txt
exit
cls

Click Start > Run, and, in the Open area, type: cmd
Press: Enter to open a command window.
Right-click by the blinking cursor in the command window and select: Paste
The command window will close and a log opens on your Desktop.

Please post the contents of the look2.txt in your reply.

 

! REG.EXE VERSION 3.0

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32
midimapper REG_SZ midimap.dll
msacm.imaadpcm REG_SZ imaadp32.acm
msacm.msadpcm REG_SZ msadp32.acm
msacm.msg711 REG_SZ msg711.acm
msacm.msgsm610 REG_SZ msgsm32.acm
msacm.trspch REG_SZ tssoft32.acm
vidc.cvid REG_SZ iccvid.dll
vidc.I420 REG_SZ msh263.drv
vidc.iv31 REG_SZ ir32_32.dll
vidc.iv32 REG_SZ ir32_32.dll
vidc.iv41 REG_SZ ir41_32.ax
vidc.iyuv REG_SZ iyuv_32.dll
vidc.mrle REG_SZ msrle32.dll
vidc.msvc REG_SZ msvidc32.dll
vidc.uyvy REG_SZ msyuv.dll
vidc.yuy2 REG_SZ msyuv.dll
vidc.yvu9 REG_SZ tsbyuv.dll
vidc.yvyu REG_SZ msyuv.dll
wavemapper REG_SZ msacm32.drv
msacm.msg723 REG_SZ msg723.acm
vidc.M263 REG_SZ msh263.drv
vidc.M261 REG_SZ msh261.drv
msacm.msaudio1 REG_SZ msaud32.acm
msacm.sl_anet REG_SZ sl_anet.acm
msacm.iac2 REG_SZ C:\WINDOWS\system32\iac25_32.ax
vidc.iv50 REG_SZ ir50_32.dll
msacm.l3acm REG_SZ C:\WINDOWS\system32\l3codeca.acm
wave REG_SZ wdmaud.drv
midi REG_SZ wdmaud.drv
mixer REG_SZ wdmaud.drv

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32\Terminal Server

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32\Terminal Server\RDP
wave REG_SZ rdpsnd.dll
mixer REG_SZ rdpsnd.dll
MaxBandwidth REG_DWORD 0x56b9
wavemapper REG_SZ msacm32.drv
EnableMP3Codec REG_DWORD 0x1
midimapper REG_SZ midimap.dll

 

Let’s give the following a whirl…

Remove ComboFix, and the C:\Qoobox folder (part of ComboFix).
Also, empty the Recycle Bin.

Then, download the latest version of ComboFix. However, rename Combofix.exe as you download it, and not after it is on the computer.

To rename Combofix.exe as you download it (using Internet Explorer), select to Save the download
In the Save as prompt:
Save in: Desktop
File name: dCat.exe

• Close all open windows
• Double-click dCat.exe to run the program
• Follow the prompts.
• If the option is offered, it is in your best interest to allow the download and install of the Recovery Console when prompted.
• When told that the RC is installed correctly, press YES to continue scanning for malware.
• ComboFix will run. Please don't click on the window while the program is running, it may cause your system to stall.
• The program may reboot the computer and resume running when it restarts.
• When finished, a log, ComboFix.txt, is produced.

Please provide the contents of the ComboFix report in your reply.

 

ok, once saved and it began downloading it made it to 99% then the error box came up saying internet explorer has encountered and problem and had to close giving me the option to send error report or not (which i did) and then another box came up saying DrWatson Postmortem Debugger has encountered a problem and had to close..so then i send report again and then it closes out all my windows..dCat.exe saved to the desktop..this is what has happened all the other times i have tried to download it..should i go ahead and see if it will let me run it this time?

 

wow..i finally got it to go thru!!!


ComboFix 09-04-04.01 - laptop1 2009-04-10 7:43:49.3 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.511.216 [GMT -5:00]
Running from: c:\documents and settings\laptop1\Desktop\dCat.exe
AV: AVG *On-access scanning disabled* (Outdated)
.

((((((((((((((((((((((((( Files Created from 2009-03-10 to 2009-04-10 )))))))))))))))))))))))))))))))
.

2009-04-10 07:39 . 2006-03-03 00:42 73,728 --a------ C:\pv.exe
2009-04-09 07:47 . 2007-03-08 00:10 991,232 --a------ c:\windows\system32\ieframe.dll.mui
2009-04-09 07:45 . 2008-12-20 18:15 6,066,688 -----c--- c:\windows\system32\dllcache\ieframe.dll
2009-04-09 07:45 . 2007-04-17 04:32 2,455,488 -----c--- c:\windows\system32\dllcache\ieapfltr.dat
2009-04-09 07:45 . 2007-03-08 00:10 991,232 -----c--- c:\windows\system32\dllcache\ieframe.dll.mui
2009-04-09 07:45 . 2008-12-20 18:15 459,264 -----c--- c:\windows\system32\dllcache\msfeeds.dll
2009-04-09 07:45 . 2008-12-20 18:15 383,488 -----c--- c:\windows\system32\dllcache\ieapfltr.dll
2009-04-09 07:45 . 2008-12-20 18:15 267,776 -----c--- c:\windows\system32\dllcache\iertutil.dll
2009-04-09 07:45 . 2008-12-20 18:15 63,488 -----c--- c:\windows\system32\dllcache\icardie.dll
2009-04-09 07:45 . 2008-12-20 18:15 52,224 -----c--- c:\windows\system32\dllcache\msfeedsbs.dll
2009-04-09 07:45 . 2008-12-19 04:10 13,824 -----c--- c:\windows\system32\dllcache\ieudinit.exe
2009-04-09 07:35 . 2009-04-09 07:35 <DIR> d-------- c:\program files\Synaptics
2009-04-06 21:37 . 2009-04-06 22:14 <DIR> d-------- C:\Lop SD
2009-03-22 13:58 . 2007-04-30 20:00 215,040 --a------ c:\windows\system32\CNMLM90.DLL
2009-03-22 13:56 . 2008-04-13 13:45 15,104 --a------ c:\windows\system32\drivers\usbscan.sys
2009-03-22 13:56 . 2008-04-13 13:45 15,104 --a--c--- c:\windows\system32\dllcache\usbscan.sys
2009-03-22 13:44 . 2008-04-13 13:47 25,856 --a------ c:\windows\system32\drivers\usbprint.sys
2009-03-22 13:44 . 2008-04-13 13:47 25,856 --a--c--- c:\windows\system32\dllcache\usbprint.sys
2009-03-22 13:37 . 2008-04-13 13:45 32,128 --a------ c:\windows\system32\drivers\usbccgp.sys
2009-03-13 20:17 . 2009-03-13 20:17 <DIR> d-------- c:\program files\Linksys
2009-03-13 20:17 . 2006-11-30 16:54 2,129,920 --a------ c:\windows\system32\WLBCGCBPRO731.DLL
2009-03-13 20:17 . 2007-06-26 14:11 1,142,784 --a------ c:\windows\system32\BCMWLTRY.EXE
2009-03-13 20:17 . 2006-11-30 16:53 757,760 --a------ c:\windows\system32\bcm1xsup.dll
2009-03-13 20:17 . 2007-06-26 14:11 184,320 --a------ c:\windows\system32\bcmwlu00.exe
2009-03-13 20:17 . 2006-11-30 16:53 86,016 --a------ c:\windows\system32\preflib.dll
2009-03-13 20:17 . 2006-11-30 16:53 69,632 --a------ c:\windows\system32\bcmwlpkt.dll
2009-03-13 20:17 . 2006-11-30 16:54 44,032 --a------ c:\windows\system32\wltrynt.dll
2009-03-13 20:17 . 2006-11-30 16:53 33,664 --a------ c:\windows\system32\drivers\BCMWLNPF.SYS
2009-03-13 20:17 . 2007-06-26 14:11 20,480 --a------ c:\windows\system32\WLTRYSVC.EXE

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-07 02:28 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-03-15 19:13 --------- d-----w c:\program files\Common Files\Adobe
2009-03-14 01:16 --------- d--h--w c:\program files\InstallShield Installation Information
2009-03-01 23:07 --------- d-----w c:\program files\Napster
2009-03-01 23:06 --------- d-----w c:\program files\Common Files\Napster Shared
2009-03-01 23:05 --------- d-----w c:\documents and settings\All Users\Application Data\Napster
2009-03-01 22:59 13,398,032 ----a-w C:\NapsterSetup-US-4.6.2.2.exe
2009-02-24 03:09 --------- d-----w c:\program files\Google
2009-02-12 02:18 --------- d-----w c:\documents and settings\All Users\Application Data\avg8
2009-02-12 01:35 --------- d-----w c:\program files\Common Files\InstallShield
2009-02-11 03:26 --------- d-----w c:\program files\CCleaner
2009-02-11 03:04 --------- d-----w c:\documents and settings\laptop1\Application Data\aAvgApi
2009-02-09 11:13 1,846,784 ----a-w c:\windows\system32\win32k.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Yahoo! Pager "= "c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2007-08-30 4670704]
"ctfmon.exe "= "c:\windows\system32\ctfmon.exe" [2008-04-13 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SearchSettings "= "c:\program files\Search Settings\SearchSettings.exe" [2008-06-12 991584]
"AVG8_TRAY "= "c:\progra~1\AVG\AVG8\avgtray.exe" [2008-12-22 1261336]
"NapsterShell "= "c:\program files\Napster\napster.exe" [2009-02-03 323216]
"Adobe Reader Speed Launcher "= "c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"SynTPLpr "= "c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2005-02-02 102492]
"SynTPEnh "= "c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2005-02-02 692316]
"MSConfig "= "c:\windows\PCHealth\HelpCtr\Binaries\MSConfig.exe" [2008-04-13 169984]
"AGRSMMSG "= "AGRSMMSG.exe" [2005-03-04 c:\windows\AGRSMMSG.exe]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs "=avgrsstx.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall "= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe "=
"%windir%\\Network Diagnostic\\xpnetdiag.exe "=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe "=
"c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe "=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe "=

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-12-22 97928]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2008-12-22 231704]
R2 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2008-12-22 76040]
R2 CBTWlanSrv;CBT Wlan Service;c:\windows\CBTWlanSrv.exe [2008-08-16 106496]
R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
R3 CBPSp50;CBPSp50 NDIS Protocol Driver;c:\windows\system32\drivers\CBPSp50.sys [2008-08-16 27072]
R3 WPC54Gv3;Linksys Wireless Notebook Adapter WPC54Gv3 Driver;c:\windows\system32\drivers\WPC54Gv3.SYS [2008-08-16 610816]
S2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe --> c:\progra~1\AVG\AVG8\avgemc.exe [?]
S3 CBPMp50;CBPMp50 NDIS Protocol Driver;c:\windows\system32\Drivers\CBPMp50.sys --> c:\windows\system32\Drivers\CBPMp50.sys [?]
S3 S3chipid;S3chipid;\??\c:\docume~1\laptop1\LOCALS~1\Temp\{2B43252C-A1E3-4C47-927C-9F2C276D3515}\S3chipid.sys --> c:\docume~1\laptop1\LOCALS~1\Temp\{2B43252C-A1E3-4C47-927C-9F2C276D3515}\S3chipid.sys [?]
.
Contents of the 'Scheduled Tasks' folder

2009-04-10 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 20:20]
.
.
------- Supplementary Scan -------
.
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
.

**************************************************************************

catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-10 07:53:48
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(864)
c:\windows\system32\Ati2evxx.dll
c:\windows\System32\BCMLogon.dll
.
Completion time: 2009-04-10 7:59:15
ComboFix-quarantined-files.txt 2009-04-10 12:59:04

Pre-Run: 31,512,432,640 bytes free
Post-Run: 31,584,645,120 bytes free

122 --- E O F --- 2009-04-02 22:36:09

 

Can you find the following, and post them:
C:\ComboFix.txt
C:\ComboFix2.txt

 

ComboFix 09-04-04.01 - laptop1 2009-04-10 7:43:49.3 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.511.216 [GMT -5:00]
Running from: c:\documents and settings\laptop1\Desktop\dCat.exe
AV: AVG *On-access scanning disabled* (Outdated)
.

((((((((((((((((((((((((( Files Created from 2009-03-10 to 2009-04-10 )))))))))))))))))))))))))))))))
.

2009-04-10 07:39 . 2006-03-03 00:42 73,728 --a------ C:\pv.exe
2009-04-09 07:47 . 2007-03-08 00:10 991,232 --a------ c:\windows\system32\ieframe.dll.mui
2009-04-09 07:45 . 2008-12-20 18:15 6,066,688 -----c--- c:\windows\system32\dllcache\ieframe.dll
2009-04-09 07:45 . 2007-04-17 04:32 2,455,488 -----c--- c:\windows\system32\dllcache\ieapfltr.dat
2009-04-09 07:45 . 2007-03-08 00:10 991,232 -----c--- c:\windows\system32\dllcache\ieframe.dll.mui
2009-04-09 07:45 . 2008-12-20 18:15 459,264 -----c--- c:\windows\system32\dllcache\msfeeds.dll
2009-04-09 07:45 . 2008-12-20 18:15 383,488 -----c--- c:\windows\system32\dllcache\ieapfltr.dll
2009-04-09 07:45 . 2008-12-20 18:15 267,776 -----c--- c:\windows\system32\dllcache\iertutil.dll
2009-04-09 07:45 . 2008-12-20 18:15 63,488 -----c--- c:\windows\system32\dllcache\icardie.dll
2009-04-09 07:45 . 2008-12-20 18:15 52,224 -----c--- c:\windows\system32\dllcache\msfeedsbs.dll
2009-04-09 07:45 . 2008-12-19 04:10 13,824 -----c--- c:\windows\system32\dllcache\ieudinit.exe
2009-04-09 07:35 . 2009-04-09 07:35 <DIR> d-------- c:\program files\Synaptics
2009-04-06 21:37 . 2009-04-06 22:14 <DIR> d-------- C:\Lop SD
2009-03-22 13:58 . 2007-04-30 20:00 215,040 --a------ c:\windows\system32\CNMLM90.DLL
2009-03-22 13:56 . 2008-04-13 13:45 15,104 --a------ c:\windows\system32\drivers\usbscan.sys
2009-03-22 13:56 . 2008-04-13 13:45 15,104 --a--c--- c:\windows\system32\dllcache\usbscan.sys
2009-03-22 13:44 . 2008-04-13 13:47 25,856 --a------ c:\windows\system32\drivers\usbprint.sys
2009-03-22 13:44 . 2008-04-13 13:47 25,856 --a--c--- c:\windows\system32\dllcache\usbprint.sys
2009-03-22 13:37 . 2008-04-13 13:45 32,128 --a------ c:\windows\system32\drivers\usbccgp.sys
2009-03-13 20:17 . 2009-03-13 20:17 <DIR> d-------- c:\program files\Linksys
2009-03-13 20:17 . 2006-11-30 16:54 2,129,920 --a------ c:\windows\system32\WLBCGCBPRO731.DLL
2009-03-13 20:17 . 2007-06-26 14:11 1,142,784 --a------ c:\windows\system32\BCMWLTRY.EXE
2009-03-13 20:17 . 2006-11-30 16:53 757,760 --a------ c:\windows\system32\bcm1xsup.dll
2009-03-13 20:17 . 2007-06-26 14:11 184,320 --a------ c:\windows\system32\bcmwlu00.exe
2009-03-13 20:17 . 2006-11-30 16:53 86,016 --a------ c:\windows\system32\preflib.dll
2009-03-13 20:17 . 2006-11-30 16:53 69,632 --a------ c:\windows\system32\bcmwlpkt.dll
2009-03-13 20:17 . 2006-11-30 16:54 44,032 --a------ c:\windows\system32\wltrynt.dll
2009-03-13 20:17 . 2006-11-30 16:53 33,664 --a------ c:\windows\system32\drivers\BCMWLNPF.SYS
2009-03-13 20:17 . 2007-06-26 14:11 20,480 --a------ c:\windows\system32\WLTRYSVC.EXE

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-07 02:28 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-03-15 19:13 --------- d-----w c:\program files\Common Files\Adobe
2009-03-14 01:16 --------- d--h--w c:\program files\InstallShield Installation Information
2009-03-01 23:07 --------- d-----w c:\program files\Napster
2009-03-01 23:06 --------- d-----w c:\program files\Common Files\Napster Shared
2009-03-01 23:05 --------- d-----w c:\documents and settings\All Users\Application Data\Napster
2009-03-01 22:59 13,398,032 ----a-w C:\NapsterSetup-US-4.6.2.2.exe
2009-02-24 03:09 --------- d-----w c:\program files\Google
2009-02-12 02:18 --------- d-----w c:\documents and settings\All Users\Application Data\avg8
2009-02-12 01:35 --------- d-----w c:\program files\Common Files\InstallShield
2009-02-11 03:26 --------- d-----w c:\program files\CCleaner
2009-02-11 03:04 --------- d-----w c:\documents and settings\laptop1\Application Data\aAvgApi
2009-02-09 11:13 1,846,784 ----a-w c:\windows\system32\win32k.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Yahoo! Pager "= "c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2007-08-30 4670704]
"ctfmon.exe "= "c:\windows\system32\ctfmon.exe" [2008-04-13 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SearchSettings "= "c:\program files\Search Settings\SearchSettings.exe" [2008-06-12 991584]
"AVG8_TRAY "= "c:\progra~1\AVG\AVG8\avgtray.exe" [2008-12-22 1261336]
"NapsterShell "= "c:\program files\Napster\napster.exe" [2009-02-03 323216]
"Adobe Reader Speed Launcher "= "c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"SynTPLpr "= "c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2005-02-02 102492]
"SynTPEnh "= "c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2005-02-02 692316]
"MSConfig "= "c:\windows\PCHealth\HelpCtr\Binaries\MSConfig.exe" [2008-04-13 169984]
"AGRSMMSG "= "AGRSMMSG.exe" [2005-03-04 c:\windows\AGRSMMSG.exe]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs "=avgrsstx.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall "= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe "=
"%windir%\\Network Diagnostic\\xpnetdiag.exe "=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe "=
"c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe "=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe "=

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-12-22 97928]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2008-12-22 231704]
R2 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2008-12-22 76040]
R2 CBTWlanSrv;CBT Wlan Service;c:\windows\CBTWlanSrv.exe [2008-08-16 106496]
R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
R3 CBPSp50;CBPSp50 NDIS Protocol Driver;c:\windows\system32\drivers\CBPSp50.sys [2008-08-16 27072]
R3 WPC54Gv3;Linksys Wireless Notebook Adapter WPC54Gv3 Driver;c:\windows\system32\drivers\WPC54Gv3.SYS [2008-08-16 610816]
S2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe --> c:\progra~1\AVG\AVG8\avgemc.exe [?]
S3 CBPMp50;CBPMp50 NDIS Protocol Driver;c:\windows\system32\Drivers\CBPMp50.sys --> c:\windows\system32\Drivers\CBPMp50.sys [?]
S3 S3chipid;S3chipid;\??\c:\docume~1\laptop1\LOCALS~1\Temp\{2B43252C-A1E3-4C47-927C-9F2C276D3515}\S3chipid.sys --> c:\docume~1\laptop1\LOCALS~1\Temp\{2B43252C-A1E3-4C47-927C-9F2C276D3515}\S3chipid.sys [?]
.
Contents of the 'Scheduled Tasks' folder

2009-04-10 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 20:20]
.
.
------- Supplementary Scan -------
.
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
.

**************************************************************************

catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-10 07:53:48
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(864)
c:\windows\system32\Ati2evxx.dll
c:\windows\System32\BCMLogon.dll
.
Completion time: 2009-04-10 7:59:15
ComboFix-quarantined-files.txt 2009-04-10 12:59:04

Pre-Run: 31,512,432,640 bytes free
Post-Run: 31,584,645,120 bytes free

122 --- E O F --- 2009-04-02 22:36:09

 

i found just combofix..i cant find combofix2

 

Do you find a ComboFix log which is not this one:
09-04-04.01 - laptop1 2009-04-10 7:43:49.3

 

this is the only thing i find other than the log i posted??

2009-04-10 07:40:27 A------- 54 C:\Qoobox\Quarantine\catchme.log
2009-04-10 07:50:57 A------- 6,468 C:\Qoobox\Quarantine\Registry_backups\tcpip.reg