Active enter two words or shut down

[Active] enter two words or shut down

hi
no matter what i'm doing on the comp every few minutes a blue screen appears which tells me "enter both words below separated by a space" and it gives me 3 minutes to do this or the comp will shut down, this screen stops me doing anything until iv put in the two random words, does anyone know how to get rid of this please?

i have also started getting lots of pop ups to since this has started even when i'm not on the net.

just say if you want the attach as well.

thanks
Stu

DDS (Ver_09-12-01.01) - NTFSx86
Run by Mrs Longfield at 17:04:12.85 on 05/02/2010
Internet Explorer: 8.0.6001.18882 BrowserJavaVersion: 1.6.0_07
Microsoft® Windows Vistaâ„¢ Home Basic 6.0.6001.1.1252.44.1033.18.1022.297 [GMT 0:00]

SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\sYSteM32\SvchOst.eXE -k fioo32
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\PSIService.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\webserver\webserver.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\explorer.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\Taskmgr.exe
C:\Windows\explorer.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Windows\pp14.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\rundll32.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Mrs Longfield\Downloads\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uSearch Page = hxxp://www.google.com
uStart Page = hxxp://www.google.co.uk/
uSearch Bar = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = *.local
mWinlogon: Shell=explorer.exe rundll32.exe qtru.lfo gynfhtv
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_07\bin\ssv.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.0.926.3450\swg.dll
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_219B3E1547538286.dll
TB: &Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [<NO NAME>]
uRun: [StartCCC] c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe
uRun: [swg] c:\program files\google\googletoolbarnotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
uRun: [MsnMsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [Steam] "c:\program files\steam\Steam.exe" -silent
uRun: [BitTorrent DNA] "c:\program files\dna\btdna.exe "
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [NWEReboot]
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe "
mRun: [SunJavaUpdateSched] "c:\program files\java\jre1.6.0_07\bin\jusched.exe "
mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
mRun: [sysldtray] c:\windows\ld16.exe
mRun: [Captcha7] rundll "c:\program files\captcha.dll ",captcha
mRun: [pp] c:\windows\pp14.exe
StartupFolder: c:\users\mrslon~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\ccc.lnk - c:\program files\ati technologies\ati.ace\core-static\CCC.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\kodake~1.lnk - c:\program files\kodak\kodak easyshare software\bin\EasyShare.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\kodaks~1.lnk - c:\program files\kodak\kodak software updater\7288971\program\Kodak Software Updater.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} - c:\progra~1\java\jre16~1.0_0\bin\ssv.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
mASetup: ccc-core-static - msiexec /fums {F8487D71-8722-24E3-AC1E-8BA8B34E8832} /qb
Hosts: 85.13.206.114 uuu20091124.info
Hosts: 85.13.206.114 u07012010u.com

================= FIREFOX ===================

FF - ProfilePath - c:\users\mrslon~1\appdata\roaming\mozilla\firefox\profiles\oxmmldwx.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.ask.com/?o=101764&l=dis
FF - prefs.js: keyword.URL - hxxp://toolbar.ask.com/toolbarv/askRedirect?o=101761&gct=&gc=1&q=
FF - plugin: c:\program files\mozilla firefox\plugins\npbittorrent.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npmidas.dll
FF - plugin: c:\programdata\zylom\zylomgamesplayer\npzylomgamesplayer.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}

============= SERVICES / DRIVERS ===============

R?2 fioo32;fioo32;c:\windows\system32\SvchOst.eXE -k fioo32 [2008-6-20 21504]
R1 fio32;fio32;c:\windows\system32\drivers\fio32.sys [2010-1-30 59264]
R2 webserver;webserver;c:\program files\webserver\webserver.exe [2010-1-30 14336]
R3 RTL85n86;Realtek 8180/8185 Extensible 802.11 Wireless Device Driver;c:\windows\system32\drivers\RTL85n86.sys [2006-11-2 311808]
S3 BDA_Capture_225;USB Digital-TV receiver. Driver 3.0.1.14;c:\windows\system32\drivers\BDA_Capture_225.sys [2007-3-17 17280]
S3 BDA_Loader_225;USB Digital-TV Receiver. Firmware Loader 6.8.30.0;c:\windows\system32\drivers\BDA_Loader_225.sys [2007-3-17 18816]

=============== Created Last 30 ================

2010-02-05 14:27:28 75264 ----a-w- c:\windows\rdr_1265380046.exe
2010-02-05 14:27:25 2 ----a-w- c:\windows\01011201014610799.xxe
2010-02-04 22:57:23 75264 ----a-w- c:\windows\rdr_1265324243.exe
2010-02-04 21:48:48 75264 ----a-w- c:\windows\rdr_1265320126.exe
2010-02-04 17:16:36 22528 ----a-w- c:\windows\system32\qtru.lfo
2010-02-03 21:59:25 75264 ----a-w- c:\windows\rdr_1265234361.exe
2010-02-03 21:35:36 75264 ----a-w- c:\windows\rdr_1265232930.exe
2010-02-03 21:35:22 2 ----a-w- c:\windows\0101120101465448.xxe
2010-02-03 21:35:15 0 ----a-w- c:\windows\rdr_1265232910.exe
2010-02-03 21:34:17 32 ----a-w- c:\windows\mrw32.dll
2010-02-01 07:59:26 75264 ----a-w- c:\windows\rdr_1265011164.exe
2010-01-31 21:54:47 75264 ----a-w- c:\windows\rdr_1264974885.exe
2010-01-31 20:47:34 75264 ----a-w- c:\windows\rdr_1264970854.exe
2010-01-31 17:04:52 75264 ----a-w- c:\windows\rdr_1264957489.exe
2010-01-31 15:26:48 75264 ----a-w- c:\windows\rdr_1264951608.exe
2010-01-31 14:26:35 75264 ----a-w- c:\windows\rdr_1264947994.exe
2010-01-30 20:01:27 44032 ---h--w- c:\windows\pp14.exe
2010-01-30 20:01:27 1 ----a-w- c:\windows\fdgg34353edfgdfdf
2010-01-30 20:01:16 0 d-----w- c:\program files\webserver
2010-01-30 20:01:15 59264 ----a-w- c:\windows\system32\drivers\fio32.sys
2010-01-30 20:01:15 50688 ----a-w- c:\windows\system32\fio32.dll
2010-01-30 20:01:02 19456 --sh--r- c:\program files\captcha.dll
2010-01-30 20:01:01 2 ----a-w- c:\windows\010112010146114101.xxe
2010-01-30 20:01:00 2 ----a-w- c:\windows\0101120101465348.xxe
2010-01-30 20:01:00 1 ----a-w- c:\windows\conf21113.dat
2010-01-30 20:00:58 2 ----a-w- c:\windows\01011201014650115.xxe
2010-01-30 19:59:47 2 ----a-w- c:\windows\010112010146101105.rx
2010-01-30 19:59:32 49152 ----a-w- c:\windows\ld16.exe
2010-01-13 09:17:58 72704 ----a-w- c:\windows\system32\fontsub.dll
2010-01-13 09:17:58 156672 ----a-w- c:\windows\system32\t2embed.dll

==================== Find3M ====================

2010-01-14 11:12:06 181120 ------w- c:\windows\system32\MpSigStub.exe
2010-01-11 11:17:12 39 ----a-w- c:\users\mrs longfield\jagex_runescape_preferences.dat
2010-01-11 11:15:46 69 ----a-w- c:\users\mrs longfield\jagex_runescape_preferences2.dat
2010-01-02 06:38:20 916480 ----a-w- c:\windows\system32\wininet.dll
2010-01-02 06:32:33 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-01-02 06:32:33 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-01-02 04:57:00 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-11-30 18:02:40 171144 ----a-w- c:\windows\system32\xliveinstall.dll
2009-11-30 18:02:38 72840 ----a-w- c:\windows\system32\xliveinstallhost.exe
2009-02-12 19:46:58 174 --sha-w- c:\program files\desktop.ini
2009-02-12 19:44:07 86016 ----a-w- c:\windows\inf\infstrng.dat
2009-02-12 19:44:07 86016 ----a-w- c:\windows\inf\infstor.dat
2009-02-12 19:44:07 51200 ----a-w- c:\windows\inf\infpub.dat
2009-02-12 19:35:53 665600 ----a-w- c:\windows\inf\drvindex.dat
2006-11-02 12:39:34 30674 ----a-w- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 12:39:34 30674 ----a-w- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 12:39:34 287440 ----a-w- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 12:39:34 287440 ----a-w- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfc.dat
2008-11-12 13:54:12 168 --sh--r- c:\windows\system32\EF2B3ED76F.sys
2008-11-12 13:54:32 2828 --sha-w- c:\windows\system32\KGyGaAvL.sys

============= FINISH: 17:07:06.70 ===============

 

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-12-01.01)

Microsoft® Windows Vistaâ„¢ Home Basic
Boot Device: \Device\HarddiskVolume1
Install Date: 16/03/2007 21:02:28
System Uptime: 02/05/2010 16:28:45 (-2063 hours ago)

Motherboard: ASUSTeK Computer INC. | | P5VD2-X
Processor: Intel(R) Pentium(R) D CPU 2.80GHz | Socket 775 | 2799/200mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 149 GiB total, 56.924 GiB free.
D: is CDROM (UDF)
E: is Removable
F: is Removable
G: is Removable
H: is Removable

==== Disabled Device Manager Items =============

==== System Restore Points ===================


==== Installed Programs ======================

360 Games Collection
500 Solitaire Games
900 Puzzle Games
Adobe Anchor Service CS3
Adobe Asset Services CS3
Adobe Bridge CS3
Adobe Bridge Start Meeting
Adobe Camera Raw 4.0
Adobe CMaps
Adobe Color - Photoshop Specific
Adobe Color Common Settings
Adobe Color EU Extra Settings
Adobe Color JA Extra Settings
Adobe Color NA Recommended Settings
Adobe Default Language CS3
Adobe Device Central CS3
Adobe ExtendScript Toolkit 2
Adobe Flash Player ActiveX
Adobe Fonts All
Adobe Help Viewer CS3
Adobe Linguistics CS3
Adobe PDF Library Files
Adobe Photoshop CS3
Adobe Setup
Adobe Stock Photos CS3
Adobe Type Support
Adobe Update Manager CS3
Adobe Version Cue CS3 Client
Adobe WinSoft Linguistics Plugin
Adobe XMP Panels CS3
Apple Mobile Device Support
Apple Software Update
Arcade and Action Championship
ArcSoft TotalMedia 3
ATI Catalyst Install Manager
Bejeweled 2 Deluxe 1.1
Bonjour
Branding
Brick Blaster 3D
CardRd81
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Vista
ccc-core-static
ccc-utility
CCC Help English
CCScore
CR2
Dawn of War - Dark Crusade
DNA
DVD Flick
ESSBrwr
ESSCDBK
ESScore
ESSCT
ESSEMAIL
ESSgui
ESShelp
ESSini
ESSPCD
ESSPDock
ESSSONIC
ESSTOOLS
ESSTUTOR
ESSvpaht
ESSvpot
Football Manager 2010
Free YouTube to iPod Converter version 3.1
Google Toolbar for Internet Explorer
HLPIndex
HLPPDOCK
HLPSFO
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
iTunes
J2SE Runtime Environment 5.0 Update 3
Java(TM) 6 Update 7
Jewel Quest II (remove only)
Junk Mail filter update
king.com (remove only)
Kodak EasyShare software
KSU
LimeWire 4.12.11
Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB953297)
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Games for Windows - LIVE
Microsoft Games for Windows - LIVE Redistributable
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Mozilla Firefox (3.0.17)
MP3 Player Utilities V1.28
MSVCRT
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML4 Parser
Notifier
OfotoXMI
OpenOffice.org Installer 1.0
OTtBP
OTtBPSDK
PDF Settings
Pop Drop and Stack Championship
Puzzle and Board XP Championship
QuickTime
Ra's Empire (remove only)
Rome - Total War - Gold Edition
SAMSUNG CDMA Modem Driver Set
SAMSUNG Mobile USB Modem 1.0 Software
SAMSUNG Mobile USB Modem Software
Samsung PC Studio 3 USB Driver Installer
SFR
SHASTA
SKIN0001
Skins
SKINXSDK
Snood for Windows version 3.52-W
Star Wars Republic Commando
Steam
The Battle for Middle-earth (tm)
Uninstall 1.0.0.0
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
VPRINTOL
Warhammer 40,000: Dawn Of War - Gold Edition
Warhammer 40,000: Dawn of War II
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Live Upload Tool
WinRAR archiver
WIRELESS
XLPlot

==== End Of File ===========================

 

Download Malwarebytes' Anti-Malware (http://www.majorgeeks.com/Malwarebytes_Anti-Malware_d5756.html) to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure to checkmark the Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Download the update from here if you have problems.
* Once the program has loaded, select Perform full scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

Make sure that you restart the computer.

====

Download HijackThis Executable from here. Save it to your desktop.
Start HJT & press the "Do a system scan and save a log file" button. When the scan is finished a window will pop up giving you the option of where to save it. Save it to desktop where it is easy to access. Open the log file and then go to the format Tab and make sure that wordwrap is unchecked. Copy the entire contents of the file & paste it into the body of your post. DO NOT FIX ANYTHING YET. Most of what is there is necessary for the running of your system.