ok, i've followed all the steps given me.
security check report is attached.
from the instructions i believe i was to copy-and-paste the dds logs...here they are.
thanks for your help!
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-06-23.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 6/16/2007 1:19:25 PM
System Uptime: 8/24/2011 3:47:27 PM (7 hours ago)
.
Motherboard: ASUSTek Computer INC. | | NODUSM3
Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 4200+ | Socket AM2 | 2200/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 227 GiB total, 176.381 GiB free.
D: is FIXED (NTFS) - 6 GiB total, 0.883 GiB free.
E: is CDROM ()
H: is Removable
I: is Removable
J: is Removable
K: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP1220: 8/14/2011 6:14:09 PM - Windows Update
RP1221: 8/14/2011 6:24:52 PM - Windows Update
RP1222: 8/15/2011 3:51:16 PM - Windows Update
RP1223: 8/16/2011 2:52:24 PM - Windows Update
RP1224: 8/16/2011 3:11:17 PM - Windows Update
RP1225: 8/17/2011 3:01:31 PM - Windows Update
RP1226: 8/18/2011 3:20:30 PM - Windows Update
RP1227: 8/18/2011 3:27:51 PM - Windows Update
RP1228: 8/19/2011 4:46:01 PM - Windows Update
RP1229: 8/19/2011 4:56:41 PM - Windows Update
RP1230: 8/20/2011 3:00:14 AM - Windows Update
RP1231: 8/20/2011 4:49:11 PM - Windows Update
RP1232: 8/21/2011 1:44:05 AM - Windows Update
RP1233: 8/21/2011 3:00:16 AM - Windows Update
RP1234: 8/21/2011 4:49:20 PM - Windows Update
RP1235: 8/22/2011 6:53:19 AM - Windows Update
RP1236: 8/22/2011 7:52:19 PM - Windows Update
RP1237: 8/22/2011 8:11:43 PM - Windows Update
RP1238: 8/22/2011 8:16:39 PM - Windows Update
RP1239: 8/22/2011 10:32:10 PM - Windows Update
RP1240: 8/22/2011 10:37:07 PM - Windows Update
RP1241: 8/22/2011 10:54:48 PM - Windows Update
RP1242: 8/22/2011 11:00:44 PM - Windows Update
RP1243: 8/23/2011 1:33:49 AM - Installed Java(TM) 6 Update 26
RP1244: 8/23/2011 2:13:20 AM - Installed HiJackThis
RP1245: 8/23/2011 2:21:34 AM - Installed HiJackThis
RP1246: 8/23/2011 2:31:27 AM - Windows Update
RP1247: 8/23/2011 6:15:32 PM - Scheduled Checkpoint
RP1248: 8/24/2011 9:19:05 PM - Scheduled Checkpoint
.
==== Installed Programs ======================
.
Adobe Flash Player 10 ActiveX
Adobe Reader 7.0.8
AnswerWorks 4.0 Runtime - English
att.net Toolbar
AutoUpdate
CCleaner
Compatibility Pack for the 2007 Office system
DivX
Enhanced Multimedia Keyboard Solution
Google Earth
Google Toolbar for Internet Explorer
Google Update Helper
Google Updater
H&R Block Deluxe + Efile + State 2009
H&R Block Deluxe + Efile + State 2010
H&R Block Kentucky 2009
H&R Block Kentucky 2010
Hardware Diagnostic Tools
HiJackThis
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Customer Experience Enhancements
HP Customer Feedback
HP Easy Setup - Core
HP Easy Setup - Frontend
HP Picasso Media Center Add-In
HP Update
Java Auto Updater
Java(TM) 6 Update 26
LightScribe 1.4.124.1
LiveUpdate 3.2 (Symantec Corporation)
Malwarebytes' Anti-Malware version 1.51.1.1800
Microsoft .NET Framework 3.5 SP1
Microsoft Antimalware
Microsoft Office Small Business Edition 2003
Microsoft Office Word Viewer 2003
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft Works
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
muvee autoProducer 5.0
My HP Games
NVIDIA Drivers
OcxSetup
OGA Notifier 2.0.0048.0
PolderbitS Sound Recorder and Editor
Python 2.4.3
Realtek High Definition Audio Driver
Roxio Creator Audio
Roxio Creator Basic v9
Roxio Creator Copy
Roxio Creator Data
Roxio Creator EasyArchive
Roxio Creator Tools
Roxio Express Labeler 3
Security Update for CAPICOM (KB931906)
Soft Data Fax Modem with SmartCP
SUPERAntiSpyware
TaxCut Basic + Efile 2008
TaxCut Kentucky 2008
TurboTax Basic 2007
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
WinRAR archiver
Yahoo! Detect
Yahoo! Software Update
.
==== Event Viewer Messages From Past Week ========
.
8/24/2011 4:01:37 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.111.463.0 Update Source: Microsoft Update Server Update Stage: Search Source Path:
http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.7604.0 Error code: 0x80072efe Error description: The connection with the server was terminated abnormally
8/24/2011 3:48:26 PM, Error: EventLog [6008] - The previous system shutdown at 3:36:06 PM on 8/24/2011 was unexpected.
8/23/2011 2:57:42 PM, Error: Service Control Manager [7000] - The Windows Media Player Network Sharing Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
8/23/2011 2:57:40 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Media Player Network Sharing Service service to connect.
8/23/2011 2:53:00 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: ckgqshre
8/23/2011 2:53:00 PM, Error: Service Control Manager [7000] - The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
8/22/2011 8:23:53 PM, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume HP.
8/21/2011 10:48:28 AM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 209.33.21.227 for the Network Card with network address 002127D75B5B has been denied by the DHCP server 192.168.100.1 (The DHCP Server sent a DHCPNACK message).
8/17/2011 4:42:36 PM, Error: Schannel [36874] - An SSL connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed.
8/17/2011 3:13:06 PM, Error: Microsoft-Windows-LanguagePackSetup [1001] - Application initialization failed. Last error: 0x80070032
8/17/2011 3:09:50 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070663: Security Update for Microsoft Office 2003 (KB982311).
8/17/2011 3:09:49 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070490: Update for Windows Vista (KB973917).
8/17/2011 2:57:43 PM, Error: ACPI [6] - IRQARB: ACPI BIOS does not contain an IRQ for the device in PCI slot 4, function 0. Please contact your system vendor for technical assistance.
8/17/2011 2:57:43 PM, Error: ACPI [6] - IRQARB: ACPI BIOS does not contain an IRQ for the device in PCI slot 2, function 0. Please contact your system vendor for technical assistance.
.
==== End Of File ===========================
.
DDS (Ver_2011-06-23.01) - NTFSx86
Internet Explorer: 7.0.6000.16916
Run by del107 at 22:01:05 on 2011-08-24
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\nvvsvc.exe
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\rundll32.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
c:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Windows\Explorer.EXE
C:\hp\support\hpsysdrv.exe
C:\hp\KBD\kbd.exe
C:\WINDOWS\RtHDVCpl.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\del107\Desktop\dds.scr
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\svchost.exe -k netsvcs
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
uWindow Title = Windows Internet Explorer provided by Yahoo!
uDefault_Page_URL = hxxp://att.net
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=71&bd=Pavilion&pf=desktop
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=71&bd=Pavilion&pf=desktop
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5612.1312\swg.dll
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn\YTSingleInstance.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar.dll
TB: att.net Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [HPAdvisor] c:\program files\hewlett-packard\hp advisor\HPAdvisor.exe view=DOCKVIEW,SYSTRAY
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [hpsysdrv] c:\hp\support\hpsysdrv.exe
mRun: [KBD] c:\hp\kbd\KBD.EXE
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [<NO NAME>]
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office11\EXCEL.EXE/3000
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office11\REFIEBAR.DLL
Trusted Zone: turbotax.com
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
TCP: DhcpNameServer = 209.55.5.10 209.55.5.11
TCP: Interfaces\{567D9322-267E-44C8-85A0-AD77D16BB6F8} : DhcpNameServer = 209.55.5.10 209.55.5.11
TCP: Interfaces\{BC64D18A-5F16-4724-997A-E64E40333055} : DhcpNameServer = 192.168.1.254 192.168.1.254
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
mASetup: {A509B1FF-37FF-4bFF-8CFF-4F3A747040FF} - c:\windows\system32\rundll32.exe c:\windows\system32\advpack.dll,launchinfsectionex c:\program files\internet explorer\clrtour.inf,DefaultInstall.ResetTour,,12
.
============= SERVICES / DRIVERS ===============
.
R? ckgqshre;ckgqshre
R? gupdate1c9f15354c042d8;Google Update Service (gupdate1c9f15354c042d8)
R? gupdatem;Google Update Service (gupdatem)
R? MpKsl4feff612;MpKsl4feff612
R? MpKsl60dcaba3;MpKsl60dcaba3
R? MpKsl652a4a97;MpKsl652a4a97
R? MpKsl83f62c97;MpKsl83f62c97
R? MpKsl8459eddb;MpKsl8459eddb
R? MpKsl9484ccc1;MpKsl9484ccc1
R? MpKslc405c3d3;MpKslc405c3d3
R? MpKsleb20a6ea;MpKsleb20a6ea
S? !SASCORE;SAS Core Service
S? MpFilter;Microsoft Malware Protection Driver
S? MpKsl4bbbdb86;MpKsl4bbbdb86
S? MpKsl548b5a4e;MpKsl548b5a4e
S? MpNWMon;Microsoft Malware Protection Network Driver
S? SASDIFSV;SASDIFSV
S? SASKUTIL;SASKUTIL
.
=============== Created Last 30 ================
.
2011-08-24 20:48:38 28752 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{81c4a5fb-8dce-4326-8136-efc7a93094dc}\MpKsl548b5a4e.sys
2011-08-24 20:20:25 28752 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{81c4a5fb-8dce-4326-8136-efc7a93094dc}\MpKsl4bbbdb86.sys
2011-08-23 07:22:02 388096 ----a-r- c:\users\del107\appdata\roaming\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2011-08-23 07:21:59 -------- d-----w- c:\program files\Trend Micro
2011-08-23 06:41:45 -------- d-----w- c:\program files\CCleaner
2011-08-23 06:35:40 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-08-23 04:03:24 7152464 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{81c4a5fb-8dce-4326-8136-efc7a93094dc}\mpengine.dll
2011-08-23 01:26:29 -------- d-----w- c:\users\del107\appdata\roaming\SUPERAntiSpyware.com
2011-08-23 01:25:52 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2011-08-23 01:25:52 -------- d-----w- c:\program files\SUPERAntiSpyware
2011-08-23 00:50:31 -------- d-----w- c:\programdata\Cisco Systems
2011-08-09 20:03:41 6881616 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\updates\mpengine.dll
.
==================== Find3M ====================
.
2011-07-07 00:52:42 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-07-07 00:52:42 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-06-17 01:48:13 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
.
============= FINISH: 22:01:43.14 ===============
[regaining space - attachment deleted by admin]