Hi, I follow instruction and here are results : (by the way, do I need to plug in the "problem tumbdrive " ?
1) result wihtout insert "thumbdrive" :
1a) DDS file
DDS (Ver_09-12-01.01) - NTFSx86
Run by Tay1 Family at 20:05:02.08 on Wed 03/03/2010
Internet Explorer: 8.0.6001.18882
Microsoft® Windows Vista™ Home Basic 6.0.6001.1.1252.65.1033.18.2036.1098 [GMT 8:00]
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
============== Running Processes ===============
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Dell\DellDock\DockLogin.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe
c:\Program Files\Common Files\Dell\Advanced Networking Service\hnm_svc.exe
C:\PROGRA~1\COMMON~1\McAfee\McProxy\McProxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Dell\DellDock\DellDock.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files\WordWeb\wweb32.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Dell Remote Access\ezi_ra.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\internet explorer\iexplore.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\Common Files\mcafee\mna\mcnasvc.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Tay1 Family\Desktop\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe
============== Pseudo HJT Report ===============
uStart Page = hxxp://www.google.com/
uDefault_Page_URL = hxxp://www1.ap.dell.com/content/default.aspx?c=sg&l=en&s=gen
mDefault_Page_URL = hxxp://www1.ap.dell.com/content/default.aspx?c=sg&l=en&s=gen
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\mcafee\virusscan\scriptsn.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [Dell DataSafe Online] "c:\program files\dell datasafe online\DataSafeOnline.exe" /m
mRun: [PDVDDXSrv] "c:\program files\cyberlink\powerdvd dx\PDVDDXSrv.exe"
mRun: [mcagent_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
mRun: [dellsupportcenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P dellsupportcenter
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [WordWeb] "c:\program files\wordweb\wweb32.exe" -startup
StartupFolder: c:\users\tay1fa~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\delldo~1.lnk - c:\program files\dell\delldock\DellDock.exe
StartupFolder: c:\users\tay1fa~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\dellre~1.lnk - c:\windows\installer\{f66a31d9-7831-4fba-ba02-c411c0047cc5}\NewShortcut4_F66A31D978314FBABA02C411C0047CC5.exe
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
Notify: GoToAssist - c:\program files\citrix\gotoassist\514\G2AWinLogon.dll
Notify: igfxcui - igfxdev.dll
============= SERVICES / DRIVERS ===============
R1 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2009-8-12 214664]
R2 AERTFilters;Andrea RT Filters Service;c:\program files\realtek\audio\hda\AERTSrv.exe [2009-8-13 81920]
R2 DockLoginService;Dock Login Service;c:\program files\dell\delldock\DockLogin.exe [2008-12-18 155648]
R2 McProxy;McAfee Proxy Service;c:\progra~1\common~1\mcafee\mcproxy\McProxy.exe [2009-8-12 359952]
R2 McShield;McAfee Real-time Scanner;c:\progra~1\mcafee\viruss~1\mcshield.exe [2009-8-12 144704]
R3 McSysmon;McAfee SystemGuards;c:\progra~1\mcafee\viruss~1\mcsysmon.exe [2009-8-12 606736]
R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2009-8-12 79816]
R3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2009-8-12 35272]
R3 mfesmfk;McAfee Inc. mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2009-8-12 40552]
S3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2009-8-12 34248]
=============== Created Last 30 ================
2010-03-02 14:50:29 0 d-----w- c:\users\tay1fa~1\appdata\roaming\Malwarebytes
2010-03-02 14:50:25 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-03-02 14:50:24 0 d-----w- c:\programdata\Malwarebytes
2010-03-02 14:50:23 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-03-02 14:50:23 0 d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-02-24 12:31:02 2048 ----a-w- c:\windows\system32\tzres.dll
2010-02-24 12:30:37 523776 ----a-w- c:\windows\system32\RMActivate_isv.exe
2010-02-24 12:30:37 511488 ----a-w- c:\windows\system32\RMActivate.exe
2010-02-24 12:30:36 472576 ----a-w- c:\windows\system32\secproc_isv.dll
2010-02-24 12:30:36 472064 ----a-w- c:\windows\system32\secproc.dll
2010-02-24 12:30:36 347136 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2010-02-24 12:30:36 346624 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2010-02-24 12:30:36 329216 ----a-w- c:\windows\system32\msdrm.dll
2010-02-24 12:30:36 151040 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2010-02-24 12:30:36 151040 ----a-w- c:\windows\system32\secproc_ssp.dll
2010-02-23 11:37:04 0 d-----w- c:\users\tay1 family\Tracing
2010-02-22 15:22:17 1191616 ------w- c:\windows\system32\wweb32.dll
2010-02-22 15:22:16 0 d-----w- c:\program files\WordWeb
2010-02-22 15:11:05 65 ----a-w- c:\windows\WININIT.INI
2010-02-21 14:18:29 378368 ----a-w- c:\windows\system32\winhttp.dll
2010-02-20 11:12:52 411136 ----a-w- c:\windows\system32\drivers\http.sys
2010-02-20 11:12:52 31232 ----a-w- c:\windows\system32\httpapi.dll
2010-02-20 11:12:52 24064 ----a-w- c:\windows\system32\nshhttp.dll
2010-02-19 08:01:35 0 d-----w- c:\program files\MP3_ripper_encoder
2010-02-19 08:01:35 0 d-----w- c:\program files\HansDocs
2010-02-19 08:01:35 0 d-----w- c:\program files\ADSL modem solution
2010-02-19 08:01:34 4796520 ----a-w- c:\program files\e-dictionary_wordweb2_1.zip
2010-02-19 07:26:12 3600472 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-02-19 07:26:12 3548760 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-02-19 07:25:52 499712 ----a-w- c:\windows\system32\kerberos.dll
2010-02-19 07:25:52 270848 ----a-w- c:\windows\system32\schannel.dll
2010-02-18 15:03:10 0 d-----r- c:\users\tay1fa~1\appdata\roaming\Brother
2010-02-18 08:57:05 0 d-----w- c:\programdata\FileCure
2010-02-18 01:44:29 0 d-----w- c:\users\tay1fa~1\appdata\roaming\Dell
2010-02-17 12:30:05 0 d-----w- c:\program files\Microsoft
2010-02-17 12:29:31 0 d-----w- c:\program files\Windows Live SkyDrive
2010-02-17 12:29:08 57667 ----a-w- c:\windows\system32\ieuinit.inf
2010-02-17 12:25:26 0 d-----w- c:\program files\common files\Windows Live
2010-02-16 10:56:56 27 ----a-w- c:\windows\BRPP2KA.INI
2010-02-16 10:56:55 425 ----a-w- c:\windows\BRWMARK.INI
2010-02-16 10:53:09 98304 ----a-w- c:\windows\system32\drivers\srvnet.sys
2010-02-16 10:53:09 301568 ----a-w- c:\windows\system32\drivers\srv.sys
2010-02-16 10:53:03 897624 ----a-w- c:\windows\system32\drivers\tcpip.sys
2010-02-16 10:52:55 1314816 ----a-w- c:\windows\system32\quartz.dll
2010-02-16 10:52:54 91136 ----a-w- c:\windows\system32\avifil32.dll
2010-02-16 10:52:54 82944 ----a-w- c:\windows\system32\mciavi32.dll
2010-02-16 10:52:54 65024 ----a-w- c:\windows\system32\avicap32.dll
2010-02-16 10:52:54 50176 ----a-w- c:\windows\system32\iyuv_32.dll
2010-02-16 10:52:54 31744 ----a-w- c:\windows\system32\msvidc32.dll
2010-02-16 10:52:54 22528 ----a-w- c:\windows\system32\msyuv.dll
2010-02-16 10:52:54 13312 ----a-w- c:\windows\system32\msrle32.dll
2010-02-16 10:52:54 123904 ----a-w- c:\windows\system32\msvfw32.dll
2010-02-16 10:52:54 11776 ----a-w- c:\windows\system32\tsbyuv.dll
2010-02-16 10:52:49 212992 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2010-02-16 10:52:49 105472 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
==================== Find3M ====================
2010-02-17 10:38:00 51200 ----a-w- c:\windows\inf\infpub.dat
2010-02-17 10:37:59 143360 ----a-w- c:\windows\inf\infstrng.dat
2010-02-17 10:37:58 86016 ----a-w- c:\windows\inf\infstor.dat
2010-01-02 06:38:20 916480 ----a-w- c:\windows\system32\wininet.dll
2010-01-02 06:32:33 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-01-02 06:32:33 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-01-02 04:57:00 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-08-13 00:44:41 665600 ----a-w- c:\windows\inf\drvindex.dat
2008-01-21 02:57:01 174 --sha-w- c:\program files\desktop.ini
2006-11-02 12:39:34 30674 ----a-w- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 12:39:34 30674 ----a-w- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 12:39:34 287440 ----a-w- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 12:39:34 287440 ----a-w- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfc.dat
2009-09-06 15:20:02 16384 --sha-w- c:\windows\temp\cookies\index.dat
2009-09-06 15:20:02 16384 --sha-w- c:\windows\temp\history\history.ie5\index.dat
2009-09-06 15:20:02 32768 --sha-w- c:\windows\temp\temporary internet files\content.ie5\index.dat
2009-08-13 00:44:41 8192 --sha-w- c:\windows\users\default\NTUSER.DAT
============= FINISH: 20:05:52.86 ===============
1b) Attach .txt file
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
DDS (Ver_09-12-01.01)
Microsoft® Windows Vista™ Home Basic
Boot Device: \Device\HarddiskVolume3
Install Date: 13/8/2009 12:55:28 AM
System Uptime: 3/3/2010 7:55:02 PM (1 hours ago)
Motherboard: Dell Inc. | | 0N826N
Processor: Pentium(R) Dual-Core CPU E5200 @ 2.50GHz | Socket 775 | 2500/200mhz
==== Disk Partitions =========================
C: is FIXED (NTFS) - 218 GiB total, 171.216 GiB free.
D: is FIXED (NTFS) - 15 GiB total, 10.648 GiB free.
E: is CDROM ()
G: is Removable
==== Disabled Device Manager Items =============
==== System Restore Points ===================
==== Installed Programs ======================
Acrobat.com
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Reader 9.3
BroadBand on Mobile
Compatibility Pack for the 2007 Office system
Dell DataSafe Online
Dell Dock
Dell Edoc Viewer
Dell Getting Started Guide
Dell Remote Access
Dell Support Center (Support Software)
GoToAssist 8.0.0.514
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Java(TM) 6 Update 13
Malwarebytes' Anti-Malware
McAfee SecurityCenter
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Excel MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Works
MSVCRT
PowerDVD
Realtek High Definition Audio Driver
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB973704)
Security Update for Microsoft Office Excel 2007 (KB973593)
Security Update for Microsoft Office PowerPoint 2007 (KB957789)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB969613)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office InfoPath 2007 (KB976416)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 (KB974561)
Update for Microsoft Office Word 2007 Help (KB963665)
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Live Upload Tool
WordWeb
==== End Of File =========================
2) Result with "roblem" thumb drive inserted :
2a) DDS file
DDS (Ver_09-12-01.01) - NTFSx86
Run by Tay1 Family at 20:12:22.18 on Wed 03/03/2010
Internet Explorer: 8.0.6001.18882
Microsoft® Windows Vista™ Home Basic 6.0.6001.1.1252.65.1033.18.2036.1008 [GMT 8:00]
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
============== Running Processes ===============
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Dell\DellDock\DockLogin.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe
c:\Program Files\Common Files\Dell\Advanced Networking Service\hnm_svc.exe
C:\PROGRA~1\COMMON~1\McAfee\McProxy\McProxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
C:\Windows\system32\WUDFHost.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Dell\DellDock\DellDock.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files\WordWeb\wweb32.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Dell Remote Access\ezi_ra.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\internet explorer\iexplore.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\Common Files\mcafee\mna\mcnasvc.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\notepad.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\System32\mobsync.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Tay1 Family\Desktop\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe
============== Pseudo HJT Report ===============
uStart Page = hxxp://www.google.com/
uDefault_Page_URL = hxxp://www1.ap.dell.com/content/default.aspx?c=sg&l=en&s=gen
mDefault_Page_URL = hxxp://www1.ap.dell.com/content/default.aspx?c=sg&l=en&s=gen
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\mcafee\virusscan\scriptsn.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [Dell DataSafe Online] "c:\program files\dell datasafe online\DataSafeOnline.exe" /m
mRun: [PDVDDXSrv] "c:\program files\cyberlink\powerdvd dx\PDVDDXSrv.exe"
mRun: [mcagent_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
mRun: [dellsupportcenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P dellsupportcenter
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [WordWeb] "c:\program files\wordweb\wweb32.exe" -startup
StartupFolder: c:\users\tay1fa~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\delldo~1.lnk - c:\program files\dell\delldock\DellDock.exe
StartupFolder: c:\users\tay1fa~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\dellre~1.lnk - c:\windows\installer\{f66a31d9-7831-4fba-ba02-c411c0047cc5}\NewShortcut4_F66A31D978314FBABA02C411C0047CC5.exe
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
Notify: GoToAssist - c:\program files\citrix\gotoassist\514\G2AWinLogon.dll
Notify: igfxcui - igfxdev.dll
============= SERVICES / DRIVERS ===============
R1 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2009-8-12 214664]
R2 AERTFilters;Andrea RT Filters Service;c:\program files\realtek\audio\hda\AERTSrv.exe [2009-8-13 81920]
R2 DockLoginService;Dock Login Service;c:\program files\dell\delldock\DockLogin.exe [2008-12-18 155648]
R2 McProxy;McAfee Proxy Service;c:\progra~1\common~1\mcafee\mcproxy\McProxy.exe [2009-8-12 359952]
R2 McShield;McAfee Real-time Scanner;c:\progra~1\mcafee\viruss~1\mcshield.exe [2009-8-12 144704]
R3 McSysmon;McAfee SystemGuards;c:\progra~1\mcafee\viruss~1\mcsysmon.exe [2009-8-12 606736]
R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2009-8-12 79816]
R3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2009-8-12 35272]
R3 mfesmfk;McAfee Inc. mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2009-8-12 40552]
S3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2009-8-12 34248]
=============== Created Last 30 ================
2010-03-02 14:50:29 0 d-----w- c:\users\tay1fa~1\appdata\roaming\Malwarebytes
2010-03-02 14:50:25 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-03-02 14:50:24 0 d-----w- c:\programdata\Malwarebytes
2010-03-02 14:50:23 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-03-02 14:50:23 0 d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-02-24 12:31:02 2048 ----a-w- c:\windows\system32\tzres.dll
2010-02-24 12:30:37 523776 ----a-w- c:\windows\system32\RMActivate_isv.exe
2010-02-24 12:30:37 511488 ----a-w- c:\windows\system32\RMActivate.exe
2010-02-24 12:30:36 472576 ----a-w- c:\windows\system32\secproc_isv.dll
2010-02-24 12:30:36 472064 ----a-w- c:\windows\system32\secproc.dll
2010-02-24 12:30:36 347136 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2010-02-24 12:30:36 346624 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2010-02-24 12:30:36 329216 ----a-w- c:\windows\system32\msdrm.dll
2010-02-24 12:30:36 151040 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2010-02-24 12:30:36 151040 ----a-w- c:\windows\system32\secproc_ssp.dll
2010-02-23 11:37:04 0 d-----w- c:\users\tay1 family\Tracing
2010-02-22 15:22:17 1191616 ------w- c:\windows\system32\wweb32.dll
2010-02-22 15:22:16 0 d-----w- c:\program files\WordWeb
2010-02-22 15:11:05 65 ----a-w- c:\windows\WININIT.INI
2010-02-21 14:18:29 378368 ----a-w- c:\windows\system32\winhttp.dll
2010-02-20 11:12:52 411136 ----a-w- c:\windows\system32\drivers\http.sys
2010-02-20 11:12:52 31232 ----a-w- c:\windows\system32\httpapi.dll
2010-02-20 11:12:52 24064 ----a-w- c:\windows\system32\nshhttp.dll
2010-02-19 08:01:35 0 d-----w- c:\program files\MP3_ripper_encoder
2010-02-19 08:01:35 0 d-----w- c:\program files\HansDocs
2010-02-19 08:01:35 0 d-----w- c:\program files\ADSL modem solution
2010-02-19 08:01:34 4796520 ----a-w- c:\program files\e-dictionary_wordweb2_1.zip
2010-02-19 07:26:12 3600472 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-02-19 07:26:12 3548760 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-02-19 07:25:52 499712 ----a-w- c:\windows\system32\kerberos.dll
2010-02-19 07:25:52 270848 ----a-w- c:\windows\system32\schannel.dll
2010-02-18 15:03:10 0 d-----r- c:\users\tay1fa~1\appdata\roaming\Brother
2010-02-18 08:57:05 0 d-----w- c:\programdata\FileCure
2010-02-18 01:44:29 0 d-----w- c:\users\tay1fa~1\appdata\roaming\Dell
2010-02-17 12:30:05 0 d-----w- c:\program files\Microsoft
2010-02-17 12:29:31 0 d-----w- c:\program files\Windows Live SkyDrive
2010-02-17 12:29:08 57667 ----a-w- c:\windows\system32\ieuinit.inf
2010-02-17 12:25:26 0 d-----w- c:\program files\common files\Windows Live
2010-02-16 10:56:56 27 ----a-w- c:\windows\BRPP2KA.INI
2010-02-16 10:56:55 425 ----a-w- c:\windows\BRWMARK.INI
2010-02-16 10:53:09 98304 ----a-w- c:\windows\system32\drivers\srvnet.sys
2010-02-16 10:53:09 301568 ----a-w- c:\windows\system32\drivers\srv.sys
2010-02-16 10:53:03 897624 ----a-w- c:\windows\system32\drivers\tcpip.sys
2010-02-16 10:52:55 1314816 ----a-w- c:\windows\system32\quartz.dll
2010-02-16 10:52:54 91136 ----a-w- c:\windows\system32\avifil32.dll
2010-02-16 10:52:54 82944 ----a-w- c:\windows\system32\mciavi32.dll
2010-02-16 10:52:54 65024 ----a-w- c:\windows\system32\avicap32.dll
2010-02-16 10:52:54 50176 ----a-w- c:\windows\system32\iyuv_32.dll
2010-02-16 10:52:54 31744 ----a-w- c:\windows\system32\msvidc32.dll
2010-02-16 10:52:54 22528 ----a-w- c:\windows\system32\msyuv.dll
2010-02-16 10:52:54 13312 ----a-w- c:\windows\system32\msrle32.dll
2010-02-16 10:52:54 123904 ----a-w- c:\windows\system32\msvfw32.dll
2010-02-16 10:52:54 11776 ----a-w- c:\windows\system32\tsbyuv.dll
2010-02-16 10:52:49 212992 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2010-02-16 10:52:49 105472 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
==================== Find3M ====================
2010-02-17 10:38:00 51200 ----a-w- c:\windows\inf\infpub.dat
2010-02-17 10:37:59 143360 ----a-w- c:\windows\inf\infstrng.dat
2010-02-17 10:37:58 86016 ----a-w- c:\windows\inf\infstor.dat
2010-01-02 06:38:20 916480 ----a-w- c:\windows\system32\wininet.dll
2010-01-02 06:32:33 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-01-02 06:32:33 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-01-02 04:57:00 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-08-13 00:44:41 665600 ----a-w- c:\windows\inf\drvindex.dat
2008-01-21 02:57:01 174 --sha-w- c:\program files\desktop.ini
2006-11-02 12:39:34 30674 ----a-w- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 12:39:34 30674 ----a-w- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 12:39:34 287440 ----a-w- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 12:39:34 287440 ----a-w- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfc.dat
2009-09-06 15:20:02 16384 --sha-w- c:\windows\temp\cookies\index.dat
2009-09-06 15:20:02 16384 --sha-w- c:\windows\temp\history\history.ie5\index.dat
2009-09-06 15:20:02 32768 --sha-w- c:\windows\temp\temporary internet files\content.ie5\index.dat
2009-08-13 00:44:41 8192 --sha-w- c:\windows\users\default\NTUSER.DAT
============= FINISH: 20:12:46.03 ===============
2b) Attach.txt file :
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
DDS (Ver_09-12-01.01)
Microsoft® Windows Vista™ Home Basic
Boot Device: \Device\HarddiskVolume3
Install Date: 13/8/2009 12:55:28 AM
System Uptime: 3/3/2010 7:55:02 PM (1 hours ago)
Motherboard: Dell Inc. | | 0N826N
Processor: Pentium(R) Dual-Core CPU E5200 @ 2.50GHz | Socket 775 | 2500/200mhz
==== Disk Partitions =========================
C: is FIXED (NTFS) - 218 GiB total, 171.215 GiB free.
D: is FIXED (NTFS) - 15 GiB total, 10.648 GiB free.
E: is CDROM ()
F: is Removable
G: is Removable
==== Disabled Device Manager Items =============
==== System Restore Points ===================
RP20: 26/8/2009 1:34:12 AM - Windows Update
RP21: 3/9/2009 8:27:49 PM - Windows Update
RP22: 19/9/2009 11:16:52 PM - Windows Update
RP23: 12/10/2009 1:02:43 AM - Windows Update
RP24: 25/10/2009 11:38:06 PM - Windows Update
RP26: 25/10/2009 11:41:54 PM - Installed Microsoft Office Home and Student 2007
RP27: 15/11/2009 12:18:45 AM - Windows Update
RP28: 15/11/2009 1:07:10 AM - Windows Update
RP29: 22/11/2009 4:45:42 PM - Windows Update
RP30: 30/11/2009 12:17:26 AM - Windows Update
RP31: 9/12/2009 7:45:29 PM - Windows Update
RP32: 20/12/2009 11:49:45 PM - Windows Update
RP33: 25/1/2010 1:21:36 AM - Windows Update
RP34: 8/2/2010 12:59:51 AM - Windows Update
RP35: 16/2/2010 6:56:17 PM - Device Driver Package Install: Brother Printers
RP36: 17/2/2010 8:16:40 AM - Windows Update
RP37: 17/2/2010 6:37:39 PM - Device Driver Package Install: Brother Imaging devices
RP38: 17/2/2010 8:26:31 PM - Windows Update
RP39: 17/2/2010 8:28:34 PM - Windows Update
RP40: 18/2/2010 10:55:00 PM - Windows Update
RP41: 20/2/2010 7:07:51 PM - Windows Update
RP42: 21/2/2010 10:08:50 PM - Windows Update
RP43: 22/2/2010 6:52:43 PM - Windows Update
RP44: 25/2/2010 6:07:34 PM - Windows Update
==== Installed Programs ======================
Acrobat.com
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Reader 9.3
BroadBand on Mobile
Compatibility Pack for the 2007 Office system
Dell DataSafe Online
Dell Dock
Dell Edoc Viewer
Dell Getting Started Guide
Dell Remote Access
Dell Support Center (Support Software)
GoToAssist 8.0.0.514
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Java(TM) 6 Update 13
Malwarebytes' Anti-Malware
McAfee SecurityCenter
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Excel MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Works
MSVCRT
PowerDVD
Realtek High Definition Audio Driver
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB973704)
Security Update for Microsoft Office Excel 2007 (KB973593)
Security Update for Microsoft Office PowerPoint 2007 (KB957789)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB969613)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office InfoPath 2007 (KB976416)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 (KB974561)
Update for Microsoft Office Word 2007 Help (KB963665)
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Live Upload Tool
WordWeb
==== Event Viewer Messages From Past Week ========
24/2/2010 8:28:09 PM, Error: netbt [4321] - The name "ACER-PC :0" could not be registered on the interface with IP address 192.168.1.70. The computer with the IP address 192.168.1.102 did not allow the name to be claimed by this computer.
24/2/2010 11:19:46 PM, Error: netbt [4321] - The name "SGP1651C :0" could not be registered on the interface with IP address 192.168.1.70. The computer with the IP address 192.168.1.107 did not allow the name to be claimed by this computer.
==== End Of File ===========================
THANK YOU for your help !