Windows XP Trouble In Dell Laptop

[AKP]

I have a Dell Latitude series laptop
(Core Duo ,1GB RAM,Windows XP)
I installed Crystal XP(theme modifier) long back..recently it got affected by adwares & viruses

Now I cannot activate automatic updates,I cannot activate it even in Control Panel.
Besides that due to some non-microsoft kernel I'm not able to install SP3..

Lastly I have a problem with the Network connection...
When I disconnect the wire connecting the LAN & Laptop without disconnecting the connection in Windows the system hangs.Even the mouse stops to move.I can connect to Internet also..Only when the connection breaks due to loose connection or something it hangs.

 

[saqib_khan]

Well, it seems that viruses & spywares r still there in ur PC. (my opinion)

And have u uninstalled Crystal XP or it's still there?

 

[AKP]

Crystal XP has been installed long back...& i've removed all adwares&viruses
Check by comodo & Esset Smart Security dont show up anything...

the network problem existed before all the viruses

 

[sude]

Well well well... dear AKP..
can u post a hijackthis log in this thread.. it wud b helpful for us to scrutinize the prob.
get it from www.filehippo.com/download_hijackthis

waiting for the log.

SUDE

 

[AKP]

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:43:35 PM, on 8/1/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Config\csrss.exe
C:\Program Files\BlueTooth\HidSwitchService\HidSw.exe
C:\Program Files\COMODO\Firewall\cmdagent.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\Rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\tlntsvr.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\Safari\Safari.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = *go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = *go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = *go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = *go.microsoft.com/fwlink/?LinkId=69157
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Config\csrss.exe
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: (no name) - {728AAF16-F1AF-4C45-8B1E-45C0F8519A28} - C:\WINDOWS\system32\nnnlifGw.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: (no name) - {81B96F48-534B-4707-8240-464310F4EEE7} - C:\Documents and Settings\vandana\Local Settings\Temporary Internet Files\Content.IE5\THYIXXO3\3077ahntdksr[1].dll
O2 - BHO: {99eb0b13-2b6d-720b-9c54-2b201b9f9219} - {9129f9b1-02b2-45c9-b027-d6b231b0be99} - C:\WINDOWS\system32\vclgfp.dll
O2 - BHO: (no name) - {C47C3C3B-C794-480D-BCB2-CA2A617C3362} - C:\WINDOWS\system32\cgmdrdxa.dll
O2 - BHO: (no name) - {ECC8EFD6-31AD-4371-AF1F-05417737EAF2} - C:\WINDOWS\system32\nnnoMGYQ.dll
O4 - HKLM\..\Run: [688ccec1] rundll32.exe "C:\WINDOWS\system32\ontrltyf.dll",b
O4 - HKLM\..\Run: [BM6bbffd5d] Rundll32.exe "C:\WINDOWS\system32\hxclqmro.dll",s
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: Webaroo: Capture Page - {670fc370-fcfe-11da-92e3-0800200c9a66} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{20D1F524-54A0-48B7-9866-71890F24E9A2}: NameServer = 218.248.255.146 218.248.255.139
O17 - HKLM\System\CCS\Services\Tcpip\..\{870FD4BF-3BF1-443B-91DC-BFA3A7A82871}: NameServer = 61.1.96.69,61.1.96.71
O17 - HKLM\System\CCS\Services\Tcpip\..\{9745BB48-E00F-4B5C-8A44-084E4C28F4CF}: NameServer = 61.1.96.69,61.1.96.79
O17 - HKLM\System\CS4\Services\Tcpip\..\{20D1F524-54A0-48B7-9866-71890F24E9A2}: NameServer = 218.248.255.146 218.248.255.139
O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll
O20 - Winlogon Notify: nnnlifGw - C:\WINDOWS\SYSTEM32\nnnlifGw.dll
O23 - Service: Bluetooth Hid Switch Service - Cambridge Silicon Radio - C:\Program Files\BlueTooth\HidSwitchService\HidSw.exe
O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\Firewall\cmdagent.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

--
End of file - 5512 bytes

I have another problem that i orgot to mention...
Whenever i use the laptop & do something the window used to connect Internet come up automatically.....It comes once after some 3-5 mins I start the laptop & also later after sometime.....I have been having this problem from sometime.. I suspect some undetected malware in my computer.

Please recommend me a good antivirus to perorm a full sys scan..
I was earlier using Kaspersky...

 

[AKP]

Help!!!

 

[speedrider_100]

Please Restart the Computer in Safe Mode with Networking and run an Online Virus Scan with www.ewido.net

Automatic Updates Itself Turns off and on, It's Very Common issue with Viruses. Go to Start-run-services.msc Check the Status of Automatic Updates if it's disabled, Instead of Setting it to Automatic , Select Manual there, Also keep an eye on AU Service once you restart the Computer.