SpyBot freezes when it gets to the Zlob section in its scan... Prior to this it finds SmitFraud... It cannot remove this... Windows Live finds VirTool:WinNT/Mader.e Quarantine Failed...Malwarebytes Anti- Malware scan finds---Malware.Trace....It says the Problems are in C:\Windows\System32\drivers\core.cache.dsk.... It says I must reboot to remove the items but it does not fix it when I do.....Someone please help me!! I am a videographer and I have a ton of Avid Media files on here... I need to finish these projects I am working on and computer is running very funny... I do not know what to do... My work is dependent on this computer running well...Below you can find my DSS scanner results ...
-Deckards System Scanner-
-Main.txt-

Deckard's System Scanner v20071014.68
Run by Jacob on 2008-06-08 23:22:38
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
50: 2008-06-09 04:22:42 UTC - RP151 - Deckard's System Scanner Restore Point
49: 2008-06-09 03:52:48 UTC - RP150 - Microsoft OneCare Protection Checkpoint
48: 2008-06-09 00:03:20 UTC - RP149 - Microsoft OneCare Protection Checkpoint
47: 2008-06-07 20:27:43 UTC - RP148 - System Checkpoint
46: 2008-06-06 20:20:47 UTC - RP147 - Microsoft OneCare Protection Checkpoint


-- First Restore Point --
1: 2008-06-05 12:31:55 UTC - RP102 - System Checkpoint


Backed up registry hives.
Performed disk cleanup.



-- HijackThis (run as Jacob.exe) -----------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:23:26, on 6/8/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Windows OneCare Live\Antivirus\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\AvidSDMService.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Digidesign\Drivers\MMERefresh.exe
C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe
C:\Program Files\iolo\common\lib\ioloServiceManager.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\iolo\System Mechanic Professional 7\SMSystemAnalyzer.exe
C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iolo\System Mechanic Professional 7\AntiVirus\ioloAV.exe
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe
C:\Program Files\iolo\System Mechanic Professional 7\Personal Firewall\ioloFW.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Windows OneCare Live\Firewall\msfwsvc.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft Windows OneCare Live\winss.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Documents and Settings\Jacob\Local Settings\Application Data\Google\Update\1.1.25.0\GoogleUpdate.exe
C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
C:\Documents and Settings\Jacob\Local Settings\Application Data\YouTube\Uploader\youtubeuploader.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\iolo\System Mechanic Professional 7\AntiVirus\iAVEmailScanner.exe
C:\Documents and Settings\Jacob\Desktop\dss.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\DOCUME~1\Jacob\Desktop\Jacob.exe

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [SMSystemAnalyzer] "C:\Program Files\iolo\System Mechanic Professional 7\SMSystemAnalyzer.exe"
O4 - HKLM\..\Run: [DigidesignMMERefresh] C:\Program Files\Digidesign\Drivers\MMERefresh.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [iolo AntiVirus] "C:\Program Files\iolo\System Mechanic Professional 7\AntiVirus\ioloAV.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper
O4 - HKLM\..\Run: [OneCareUI] "C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe"
O4 - HKLM\..\Run: [iolo Personal Firewall] "C:\Program Files\iolo\System Mechanic Professional 7\Personal Firewall\ioloFW.exe"
O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
O4 - HKCU\..\Run: [PowerBar] "C:\Program Files\CyberLink DVD Solution\Multimedia Launcher\PowerBar.exe" /AtBootTime
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Jacob\Local Settings\Application Data\Google\Update\1.1.25.0\GoogleUpdate.exe" /lang en
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
O4 - Startup: OpenOffice.org 2.4.lnk.disabled
O4 - Startup: YouTube Uploader.lnk = C:\Documents and Settings\Jacob\Local Settings\Application Data\YouTube\Uploader\youtubeuploader.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\iavlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\iavlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\iolo\common\firewall\ifw_xfilter.dll
O10 - Unknown file in Winsock LSP: c:\program files\iolo\common\firewall\ifw_xfilter.dll
O10 - Unknown file in Winsock LSP: c:\program files\iolo\common\firewall\ifw_xfilter.dll
O10 - Unknown file in Winsock LSP: c:\program files\iolo\common\firewall\ifw_xfilter.dll
O10 - Unknown file in Winsock LSP: c:\program files\iolo\common\firewall\ifw_xfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\iavlsp.dll
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1212698481234
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Avid SDM Service (AvidSDMService) - Avid Technology, Inc. - C:\WINDOWS\system32\AvidSDMService.exe
O23 - Service: Avid Startup (AvidStartup) - Unknown owner - C:\WINDOWS\system32\AvidStartup.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Digidesign MME Refresh Service (DigiRefresh) - Digidesign, A Division of Avid Technology, Inc. - C:\Program Files\Digidesign\Drivers\MMERefresh.exe
O23 - Service: DvpApi (dvpapi) - Authentium, Inc. - C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iolo FileInfoList Service (ioloFileInfoList) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe
O23 - Service: iolo System Service (ioloSystemService) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 9079 bytes

-- HijackThis Fixed Entries (C:\DOCUME~1\Jacob\Desktop\backups\) ---------------

backup-20080608-193022-967 O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
backup-20080608-201225-172 O2 - BHO: (no name) - {6B709BCC-4470-4993-9455-8AAA12EA2680} - (no file)
backup-20080608-201225-254 O2 - BHO: (no name) - {60E7F9A8-55F9-499B-A38F-E3D3D3A292C2} - C:\WINDOWS\system32\yayaXnli.dll (file missing)
backup-20080608-201225-630 O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
backup-20080608-201225-815 O2 - BHO: (no name) - {E72FBFE2-A1B9-4661-858D-E3A3183537BE} - (no file)
backup-20080608-201225-918 O20 - Winlogon Notify: hgGwXppp - hgGwXppp.dll (file missing)
backup-20080608-201225-951 O2 - BHO: (no name) - {d2e6fbc6-9590-782a-d140-afedf7a54ab7} - (no file)

-- File Associations -----------------------------------------------------------

.js - JSFile - shell\open\command - NOTEPAD.EXE %1
.reg - regfile - shell\open\command - regedit.exe "%1" %*
.scr - scrfile - shell\open\command - "%1" %*
.vbs - VBSFile - shell\open\command - NOTEPAD.EXE %1


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R0 TPkd - c:\windows\system32\drivers\tpkd.sys <Not Verified; PACE Anti-Piracy, Inc.; InterLok®>
R0 XPacket (iolo Personal Firewall Driver) - c:\windows\system32\xpacket.sys <Not Verified; iolo technologies, LLC; iolo Firewall>
R1 FileDisk - c:\windows\system32\drivers\filedisk.sys <Not Verified; iolo technologies, LLC (based on original work by Bo Brantén); filedisk (based on original work by Bo Brantén)>
R1 redbookk - c:\windows\system32\drivers\redbookk.sys
R2 SentEmul - c:\windows\system32\drivers\sentemul.sys
R3 NVR0Dev - c:\windows\nvoclock.sys <Not Verified; NVidia Corp.; NVidia System Utility Driver>

S1 InCDPass - c:\windows\system32\drivers\incdpass.sys (file missing)
S1 InCDRm (InCD Reader) - c:\windows\system32\drivers\incdrm.sys (file missing)
S3 PciCon - i:\pcicon.sys (file missing)
S4 InCDFs (InCD File System) - c:\windows\system32\drivers\incdfs.sys (file missing)


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>
R2 AvidSDMService (Avid SDM Service) - system32\avidsdmservice.exe <Not Verified; Avid Technology, Inc.; Avid Technology, Inc. AvidSDMService>
R2 DigiRefresh (Digidesign MME Refresh Service) - c:\program files\digidesign\drivers\mmerefresh.exe -s <Not Verified; Digidesign, A Division of Avid Technology, Inc.; Digidesign MME Binder>
R2 nTuneService (nTune Service) - c:\program files\nvidia corporation\ntune\ntuneservice.exe /startservice <Not Verified; NVIDIA; NVIDIA nTune>

S2 AvidStartup (Avid Startup) - system32\avidstartup.exe <Not Verified; ; AvidStartup>


-- Device Manager: Disabled ----------------------------------------------------

Class GUID:
Description: System Interrupt Controller
Device ID: PCI\VEN_1106&DEV_5327&SUBSYS_00000000&REV_00\3&267A616A&0&05
Manufacturer:
Name: System Interrupt Controller
PNP Device ID: PCI\VEN_1106&DEV_5327&SUBSYS_00000000&REV_00\3&267A616A&0&05
Service:


-- Scheduled Tasks -------------------------------------------------------------

2008-06-04 11:44:01 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job


-- Files created between 2008-05-08 and 2008-06-08 -----------------------------

2008-06-08 21:29:06 2984 --a------ C:\WINDOWS\system32\tmp.reg
2008-06-08 21:27:09 25600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2008-06-08 21:27:09 289144 --a------ C:\WINDOWS\system32\VCCLSID.exe <Not Verified; S!Ri; >
2008-06-08 21:27:09 86528 --a------ C:\WINDOWS\system32\VACFix.exe <Not Verified; S!Ri.URZ; VACFix>
2008-06-08 21:27:09 288417 --a------ C:\WINDOWS\system32\SrchSTS.exe <Not Verified; S!Ri; SrchSTS>
2008-06-08 21:27:09 82944 --a------ C:\WINDOWS\system32\IEDFix.exe <Not Verified; S!Ri.URZ; IEDFix>
2008-06-08 21:27:09 51200 --a------ C:\WINDOWS\system32\dumphive.exe
2008-06-08 21:27:09 82944 --a------ C:\WINDOWS\system32\404Fix.exe <Not Verified; S!Ri.URZ; IEDFix>
2008-06-05 09:09:08 0 d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-06-05 08:21:27 70928 --a------ C:\WINDOWS\system32\drivers\MpFilter.sys <Not Verified; Microsoft Corporation; Microsoft Malware Protection>
2008-06-05 08:21:11 0 d-------- C:\WINDOWS\system32\bits
2008-06-05 07:40:46 105472 --a------ C:\WINDOWS\system32\wndcsumr.dll
2008-06-05 07:37:45 98304 --a------ C:\WINDOWS\system32\fqifptlf.dll
2008-06-05 07:13:50 0 d-------- C:\WINDOWS\system32\SuperAdBlocker.com
2008-06-05 00:15:47 0 d-------- C:\Program Files\SUPERAntiSpyware
2008-06-05 00:15:47 0 d-------- C:\Documents and Settings\Jacob\Application Data\SUPERAntiSpyware.com
2008-06-04 23:04:33 0 d-------- C:\Documents and Settings\Jacob\Application Data\Malwarebytes
2008-06-04 23:04:30 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-06-04 17:05:14 294 --ahs---- C:\WINDOWS\system32\gblmfsvx.ini2
2008-06-04 15:37:32 5287936 --a------ C:\Documents and Settings\Jacob\ntuser.dat
2008-06-04 15:36:49 732273 --ahs---- C:\WINDOWS\system32\ilnXayay.ini2
2008-06-04 15:31:54 88961 --a------ C:\WINDOWS\system32\mysidesearch_sidebar_uninstall.exe
2008-06-04 15:31:52 200768 --a------ C:\WINDOWS\system32\ncntpkdm.exe
2008-06-04 15:31:49 86144 --a------ C:\WINDOWS\system32\drivers\redbookk.sys
2008-06-04 15:31:47 0 d-------- C:\WINDOWS\system32\Vco1
2008-06-04 15:31:47 0 d-------- C:\WINDOWS\system32\sTMP
2008-06-04 15:31:47 0 d-------- C:\WINDOWS\system32\fIE
2008-06-04 15:31:47 0 d-------- C:\WINDOWS\system32\Dev3
2008-06-04 15:31:47 0 d-------- C:\WINDOWS\system32\a053
2008-06-04 15:31:47 0 d-------- C:\WINDOWS\system32\6026c
2008-06-04 15:31:46 0 d-------- C:\WINDOWS\system32\vntiho18
2008-06-04 15:31:46 0 d-------- C:\Temp
2008-06-03 00:36:36 78360 --a------ C:\Program Files\uy.exe
2008-06-03 00:36:25 147456 --a------ C:\WINDOWS\system32\vbzip10.dll <Not Verified; Info-ZIP; Info-ZIP's WiZ>
2008-06-02 21:46:05 0 d-------- C:\Program Files\DivX
2008-05-29 12:51:08 27648 --ahs---- C:\WINDOWS\system32\Smab0.dll
2008-05-29 12:51:03 0 d-------- C:\Program Files\eRightSoft
2008-05-27 19:42:02 70656 --a------ C:\WINDOWS\system32\yv12vfw.dll <Not Verified; www.helixcommunity.org; Helix YV12 YUV Codec>
2008-05-27 19:42:02 408576 --a------ C:\WINDOWS\system32\Smab.dll
2008-05-27 19:42:02 70656 --a------ C:\WINDOWS\system32\i420vfw.dll <Not Verified; www.helixcommunity.org; Helix I420 YUV Codec>
2008-05-27 19:42:02 719872 --a------ C:\WINDOWS\system32\devil.dll <Not Verified; Abysmal Software; Developer's Image Library (DevIL)>
2008-05-27 19:42:02 27648 --a------ C:\WINDOWS\system32\AVSredirect.dll
2008-05-27 19:42:02 318976 --a------ C:\WINDOWS\system32\avisynth.dll <Not Verified; The Public; Avisynth 2.5>
2008-05-27 19:42:02 66560 --a------ C:\WINDOWS\MOTA113.exe
2008-05-27 19:42:02 217073 --a------ C:\WINDOWS\meta4.exe
2008-05-27 19:42:01 0 d-------- C:\Program Files\AviSynth 2.5
2008-05-27 19:41:24 31232 -rahs---- C:\WINDOWS\system32\msfDX.dll <Not Verified; Hans Mayerl; msfDX.dll>
2008-05-27 19:41:24 163328 -rahs---- C:\WINDOWS\system32\flvDX.dll <Not Verified; Gabest; FLV Splitter>
2008-05-26 00:49:16 2030 --a------ C:\WINDOWS\mozver.dat
2008-05-26 00:44:15 0 --a------ C:\WINDOWS\nsreg.dat
2008-05-26 00:44:12 0 d-------- C:\Documents and Settings\Jacob\Application Data\Mozilla
2008-05-25 13:01:27 0 d-------- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2008-05-25 12:54:45 0 d-------- C:\Program Files\Windows Media Connect 2
2008-05-25 12:53:41 0 d-------- C:\WINDOWS\system32\drivers\UMDF
2008-05-19 00:08:21 0 d-------- C:\Documents and Settings\Jacob\Application Data\LimeWire
2008-05-19 00:08:03 0 d-------- C:\Program Files\LimeWire
2008-05-11 13:57:03 0 d-------- C:\Program Files\LG Drivers
2008-05-10 21:52:03 0 d-------- C:\OMFI MediaFiles


-- Find3M Report ---------------------------------------------------------------

2008-06-08 20:59:30 0 d-------- C:\Program Files\Microsoft Windows OneCare Live
2008-06-07 12:51:24 0 d-------- C:\Program Files\Digidesign
2008-06-06 14:43:24 0 d-------- C:\Documents and Settings\Jacob\Application Data\OpenOffice.org2
2008-06-05 00:15:35 0 d-------- C:\Program Files\Common Files
2008-06-04 18:40:26 78360 -rahs---- C:\WINDOWS\system32\p2pnetworking.exe
2008-06-04 09:26:33 0 --a------ C:\Program Files\Track_03.exe
2008-06-04 09:26:31 0 --a------ C:\Program Files\Video.exe
2008-06-04 09:26:29 25214 --a------ C:\Program Files\A.ico
2008-06-04 09:26:28 25214 --a------ C:\Program Files\B.ico
2008-05-27 17:01:05 0 d-------- C:\Documents and Settings\Jacob\Application Data\Creative
2008-05-19 01:09:01 0 d-------- C:\Documents and Settings\Jacob\Application Data\iolo
2008-05-11 13:59:25 0 d-------- C:\Program Files\BitPim
2008-05-11 13:56:12 0 d-------- C:\Program Files\123 Video Converter
2008-05-11 13:55:44 0 d-------- C:\Program Files\123 DVD Converter
2008-05-06 10:59:45 0 d-------- C:\Program Files\LightScribeTemplateLabeler
2008-05-05 19:02:48 0 d-------- C:\Program Files\Common Files\Ahead
2008-05-04 17:59:15 0 d-------- C:\Program Files\Enigma Software Group
2008-05-04 15:42:26 0 d-------- C:\Program Files\iolo
2008-05-03 15:17:57 0 d-------- C:\Documents and Settings\Jacob\Application Data\Ahead
2008-05-03 00:47:19 0 d-------- C:\Program Files\Nero
2008-05-03 00:43:24 0 d-------- C:\Program Files\Ahead
2008-05-02 23:24:33 0 d-------- C:\Documents and Settings\Jacob\Application Data\Yahoo!
2008-05-02 22:51:52 0 d-------- C:\Documents and Settings\Jacob\Application Data\iWin
2008-05-02 22:51:44 0 d-------- C:\Program Files\Yahoo!
2008-05-02 22:51:26 0 d-------- C:\Program Files\Yahoo! Games
2008-05-02 11:17:52 0 d-------- C:\Program Files\MSECache
2008-04-28 15:45:24 0 d-------- C:\Program Files\IrfanView
2008-04-24 16:28:22 0 d-------- C:\Program Files\Common Files\LightScribe
2008-04-22 15:46:24 0 d-------- C:\Program Files\Batch Audio Converter
2008-04-22 12:33:07 0 d-------- C:\Documents and Settings\Jacob\Application Data\Adobe
2008-04-22 12:31:04 0 d-------- C:\Program Files\Common Files\Adobe
2008-04-22 11:03:30 0 d-------- C:\Program Files\OpenOffice.org 2.4
2008-04-22 11:03:16 0 d-------- C:\Program Files\Java
2008-04-22 09:49:39 0 d-------- C:\Documents and Settings\Jacob\Application Data\Sun
2008-04-22 09:48:53 0 d-------- C:\Program Files\Common Files\Java
2008-04-21 18:45:57 0 d-------- C:\Program Files\iTunes
2008-04-21 18:45:51 0 d-------- C:\Program Files\iPod
2008-04-21 18:45:10 0 d-------- C:\Program Files\QuickTime
2008-04-21 18:42:18 0 d-------- C:\Program Files\Apple Software Update
2008-04-19 17:31:44 0 d-------- C:\Program Files\Messenger
2008-04-18 13:14:28 0 d-------- C:\Program Files\Photo Recovery
2008-04-18 13:12:09 73216 --a------ C:\WINDOWS\ST6UNST.EXE <Not Verified; Microsoft Corporation; Microsoft® Visual Basic for Windows>
2008-04-17 17:29:55 0 d-------- C:\Documents and Settings\Jacob\Application Data\Google
2008-04-17 17:29:31 0 d-------- C:\Program Files\Google
2008-04-17 04:30:02 0 d-------- C:\Program Files\Verizon
2008-04-13 00:37:13 0 d-------- C:\Documents and Settings\Jacob\Application Data\PACE Anti-Piracy
2008-04-13 00:36:49 56 --ahs---- C:\redir.sys
2008-04-12 08:29:35 0 d-------- C:\Program Files\EA GAMES
2008-04-02 12:46:48 8 --a------ C:\WINDOWS\system32\nvModes.dat
2008-03-26 00:12:53 0 -rahs---- C:\MSDOS.SYS
2008-03-26 00:12:53 0 -rahs---- C:\IO.SYS
2008-03-26 00:12:53 0 --a------ C:\CONFIG.SYS
2008-03-26 00:12:53 0 --a------ C:\AUTOEXEC.BAT
2008-03-26 00:10:35 21640 --a------ C:\WINDOWS\system32\emptyregdb.dat
2008-03-25 16:58:25 62 --ahs---- C:\Documents and Settings\Jacob\Application Data\desktop.ini
2008-03-25 13:29:53 74703 --a------ C:\WINDOWS\system32\mfc45.dll
2008-03-24 08:53:22 22528 --a------ C:\WINDOWS\system32\smrgdf.exe
2008-03-24 08:53:20 34304 --a------ C:\WINDOWS\system32\iolobtdfg.exe


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTSysVol"="C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe" [10/31/2005 11:51]
"SMSystemAnalyzer"="C:\Program Files\iolo\System Mechanic Professional 7\SMSystemAnalyzer.exe" [05/06/2008 16:48]
"DigidesignMMERefresh"="C:\Program Files\Digidesign\Drivers\MMERefresh.exe" [02/15/2006 01:31]
"RemoteControl"="C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe" [11/02/2004 21:24]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [07/09/2001 11:50]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [03/30/2008 10:36]
"NWEReboot"="" []
"iolo AntiVirus"="C:\Program Files\iolo\System Mechanic Professional 7\AntiVirus\ioloAV.exe" [03/05/2008 12:48]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [11/06/2007 04:30]
"P17Helper"="P17.dll" [05/03/2005 06:38 C:\WINDOWS\system32\P17.dll]
"OneCareUI"="C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe" [05/28/2008 12:35]
"iolo Personal Firewall"="C:\Program Files\iolo\System Mechanic Professional 7\Personal Firewall\ioloFW.exe" [03/05/2008 13:06]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NVIDIA nTune"="C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" [09/04/2007 20:25]
"PowerBar"="C:\Program Files\CyberLink DVD Solution\Multimedia Launcher\PowerBar.exe" [04/21/2004 11:26]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [05/08/2008 09:04]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [02/28/2006 07:00]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [01/28/2008 11:43]
"LightScribe Control Panel"="C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe" [03/17/2008 17:59]
"Google Update"="C:\Documents and Settings\Jacob\Local Settings\Application Data\Google\Update\1.1.25.0\GoogleUpdate.exe" [05/29/2008 17:18]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe" [09/08/2005 11:06]

C:\Documents and Settings\Jacob\Start Menu\Programs\Startup\
OpenOffice.org 2.4.lnk.disabled [4/22/2008 11:05:09 AM]
YouTube Uploader.lnk - C:\Documents and Settings\Jacob\Local Settings\Application Data\YouTube\Uploader\youtubeuploader.exe [11/9/2007 1:33:08 PM]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{E8FA0CE0-BDAA-4E34-87F5-3B6D8217A0DA}"= C:\WINDOWS\system32\hgGwXppp.dll [ ]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"= msv1_0 C:\WINDOWS\system32\yayaXnli

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\OneCareMP]
@="Service"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"BM970b0122"=Rundll32.exe "C:\WINDOWS\system32\yqrnowif.dll",s


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7d08e046-faca-11dc-b75c-0016ecf0edf0}]
AutoRun\command- K:\ONSPCLCK.exe


[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"C:\Program Files\Common Files\LightScribe\LSRunOnce.exe"



-- Hosts -----------------------------------------------------------------------

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com

8298 more entries in hosts file.


-- End of Deckard's System Scanner: finished at 2008-06-08 23:25:10 ------------

-Deckards System Scanner-
-Extra.txt-

Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: English

CPU 0: Intel® Core™2 CPU 6600 @ 2.40GHz
CPU 1: Intel® Core™2 CPU 6600 @ 2.40GHz
Percentage of Memory in Use: 29%
Physical Memory (total/avail): 2047.29 MiB / 1437.78 MiB
Pagefile Memory (total/avail): 3939.98 MiB / 3429.85 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1912.58 MiB

A: is Removable (No Media)
C: is Fixed (NTFS) - 232.88 GiB total, 64.5 GiB free.
D: is Fixed (NTFS) - 232.88 GiB total, 62.08 GiB free.
E: is Removable (No Media)
F: is Removable (No Media)
G: is Removable (No Media)
H: is Removable (No Media)
I: is CDROM (No Media)
J: is CDROM (No Media)
M: is Fixed (NTFS) - 232.88 GiB total, 35.09 GiB free.

\\.\PHYSICALDRIVE0 - SAMSUNG SP2504C - 232.88 GiB - 1 partition
\PARTITION0 (bootable) - Installable File System - 232.88 GiB - C:

\\.\PHYSICALDRIVE1 - SAMSUNG SP2504C - 232.88 GiB - 1 partition
\PARTITION0 (bootable) - Installable File System - 232.88 GiB - D:

\\.\PHYSICALDRIVE2 - GENERIC USB Storage-CFC USB Device

\\.\PHYSICALDRIVE5 - GENERIC USB Storage-MSC USB Device

\\.\PHYSICALDRIVE3 - GENERIC USB Storage-SDC USB Device

\\.\PHYSICALDRIVE4 - GENERIC USB Storage-SMC USB Device

\\.\PHYSICALDRIVE6 - Seagate FreeAgentDesktop USB Device - 232.88 GiB - 1 partition
\PARTITION0 - Installable File System - 232.88 GiB - M:



-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.
Windows Internal Firewall is disabled.

FirstRunDisabled is set.

FW: Windows Live OneCare Firewall v1.0.0 (Microsoft Corporation)
FW: iolo Personal Firewall® v1.5 (iolo technologies, LLC)
AV: iolo AntiVirus® v1.5 (iolo technologies, LLC)
AV: Windows Live OneCare v1.0.0 (Microsoft Corporation)

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\iolo\\System Mechanic Professional 7\\Personal Firewall\\ioloFW.exe"="C:\\Program Files\\iolo\\System Mechanic Professional 7\\Personal Firewall\\ioloFW.exe:*:Enabled:iolo Firewall®"
"C:\\Program Files\\iolo\\System Mechanic Professional 7\\AntiVirus\\ioloAV.exe"="C:\\Program Files\\iolo\\System Mechanic Professional 7\\AntiVirus\\ioloAV.exe:*:Enabled:iolo AntiVirus®"
"C:\\Program Files\\iolo\\System Mechanic Professional 7\\AntiVirus\\iAVEmailScanner.exe"="C:\\Program Files\\iolo\\System Mechanic Professional 7\\AntiVirus\\iAVEmailScanner.exe:*:Enabled:iolo AntiVirus® Email Protection"
"C:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"="C:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe:*:Enabled:Call of Duty® 4 - Modern Warfare™"
"C:\\Program Files\\Sierra Entertainment\\World in Conflict\\wic.exe"="C:\\Program Files\\Sierra Entertainment\\World in Conflict\\wic.exe:*:Enabled:World in Conflict"
"C:\\Program Files\\Sierra Entertainment\\World in Conflict\\wic_online.exe"="C:\\Program Files\\Sierra Entertainment\\World in Conflict\\wic_online.exe:*:Enabled:World in Conflict - Online Only"
"C:\\Program Files\\Sierra Entertainment\\World in Conflict\\wic_ds.exe"="C:\\Program Files\\Sierra Entertainment\\World in Conflict\\wic_ds.exe:*:Enabled:World in Conflict - Dedicated Server"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"C:\\Documents and Settings\\All Users\\Favorites\\ACSPMonitor\\ASMonitor.exe"="C:\\Documents and Settings\\All Users\\Favorites\\ACSPMonitor\\ASMonitor.exe:*:Enabled:System"


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Jacob\Application Data
CLASSPATH=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=OUTLAWEDIT1
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Jacob
LOGONSERVER=\\OUTLAWEDIT1
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\Common Files\Avid;C:\Program Files\QuickTime\QTSystem\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 15 Stepping 6, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0f06
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\QuickTime\QTSystem\QTJava.zip
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\Jacob\LOCALS~1\Temp
TMP=C:\DOCUME~1\Jacob\LOCALS~1\Temp
USERDOMAIN=OUTLAWEDIT1
USERNAME=Jacob
USERPROFILE=C:\Documents and Settings\Jacob
windir=C:\WINDOWS


-- User Profiles ---------------------------------------------------------------

Jacob (admin)


-- Add/Remove Programs ---------------------------------------------------------

--> "C:\Program Files\Creative Installation Information\CREATIVE_MEDIASOURCE_U\Setup.exe" /remove /l0x0009
--> "C:\Program Files\Creative Installation Information\CTCMSGO\Setup.exe" /remove /l0x0009
--> "C:\Program Files\Creative Installation Information\E-CENTER_NET_CONTENT_U\Setup.exe" /remove /l0x0009
--> "C:\Program Files\Creative Installation Information\E-CENTER_PLUGIN_CDBURNER_U\Setup.exe" /remove /l0x0009
--> "C:\Program Files\Creative Installation Information\E-CENTER_PLUGIN_MINIDISC_U\Setup.exe" /remove /l0x0009
--> "C:\Program Files\Creative Installation Information\E-CENTER_PLUGIN_ONLINESTORE_U\Setup.exe" /remove /l0x0009
--> "C:\Program Files\Creative Installation Information\MEDIASOURCE_PLAYER_SKINPACK_U\Setup.exe" /remove /l0x0009
--> "C:\Program Files\Creative\SBAudigy\Program\Setup.exe" /S /U /W
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2670895A-4E6C-4450-B868-7B7DB80A3357}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2670895A-4E6C-4450-B868-7B7DB80A3357}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{32B4B536-4443-42F0-9676-98373BE9114F}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{32B4B536-4443-42F0-9676-98373BE9114F}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{34EBD418-B8E6-4E86-89C4-33B72CF5663F}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{34EBD418-B8E6-4E86-89C4-33B72CF5663F}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{52338F65-A1C3-4CDC-B733-50051682B297}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{52338F65-A1C3-4CDC-B733-50051682B297}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{73919E2B-725C-4FAA-8473-45E063A3575F}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{73919E2B-725C-4FAA-8473-45E063A3575F}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{84F573D3-0F71-4768-978A-D35310E3FBA6}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{84F573D3-0F71-4768-978A-D35310E3FBA6}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\SETUP.EXE" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9194237B-7B58-40B4-A739-184AD59531A2}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9194237B-7B58-40B4-A739-184AD59531A2}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A82F10CB-18B5-4EAC-AEF2-FA49CD565626}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BD6928A2-9F8F-4AA7-9A3A-FD4A271712EE}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BD6928A2-9F8F-4AA7-9A3A-FD4A271712EE}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C64409FA-42A7-49C6-837A-D2E5D813BD57}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C64409FA-42A7-49C6-837A-D2E5D813BD57}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DE4A4C48-2232-4CCB-AD61-490ACD29BA85}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DE4A4C48-2232-4CCB-AD61-490ACD29BA85}\setup.exe" -l0x9 /remove
Adobe After Effects 5.5 --> MsiExec.exe /I{31851B85-C98E-44DE-8750-9843BCD63963}
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 8.1.2 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
Apple Mobile Device Support --> MsiExec.exe /I{44734179-8A79-4DEE-BB08-73037F065543}
Apple Software Update --> MsiExec.exe /I{02DFF6B1-1654-411C-8D7B-FD6052EF016F}
Authentium AntiVirus SDK - 2 --> MsiExec.exe /I{C67DF120-4DD3-11D4-A3CA-005004AD2A5B}
Avid Codecs LE --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F70F47EF-EA3A-42DF-A1BC-2C436F2EFCD4}\SETUP.exe" -l0x9 -removeonly
Avid Codecs PE --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FABC839A-8445-4830-9CE1-860584F32648}\setup.exe" -l0x9 -removeonly
Avid DIO Runtime --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7ECBC5C3-B540-4A8F-BFB1-E86EE98D4D20}\SETUP.exe" -l0x9 -removeonly
Avid FilmScribe --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A637B96A-6C65-4750-8E7A-F065DAAEC1F0}\SETUP.exe" -l0x9 -removeonly
Avid Media Composer --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E15DB50A-1DF9-4AF6-8DB0-1D6D5FFC17E1}\SETUP.exe" -l0x9 -removeonly
Avid MediaLog --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{270CF75C-CE46-4672-9DEC-AA53DEDF5306}\SETUP.exe" -l0x9 -removeonly
Avid StartUp Project --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7176BEF3-B5B7-4815-8A7C-0CDF66F3E4F4}\SETUP.exe" -l0x9 -removeonly
Batch Audio Converter 1.5 --> "C:\Program Files\Batch Audio Converter\unins000.exe"
BitPim 1.0.6.20080304 --> "C:\Program Files\BitPim\unins000.exe"
Call of Duty® 4 - Modern Warfare™ --> C:\Program Files\InstallShield Installation Information\{E48469CC-635E-4FD5-A122-1497C286D217}\setup.exe -runfromtemp -l0x0409
Creative MediaSource 5 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}\SETUP.EXE" -l0x9 /remove
Creative Software AutoUpdate --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\SETUP.EXE" -l0x9 /remove
Creative System Information --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x9 /remove
Digidesign Audio Drivers 7.1 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9F1D8E17-2AE6-4608-901D-42146D7D9C68}\setup.exe" -l0x9 -removeonly
Digidesign Command8 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A1EF5D3A-F93D-466A-95B6-78B94E3D63AB}\Setup.exe" -l0x9 FromUninstall
Digidesign D-Fi --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C473BD10-5A8E-4A22-8C82-9CD0DAF5C68D}\Setup.exe" -l0x9 FromUninstall
Digidesign DINR --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{759ECE0E-E481-46CD-9C0E-B2B20685445F}\Setup.exe" -l0x9 FromUninstall
Digidesign Maxim --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0576F2D8-0A4B-41FB-A11E-DB0E7135EC97}\Setup.exe" -l0x9 FromUninstall
DivX Web Player --> C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
DVD Solution --> "C:\Program Files\Uninstall_CDS.exe"
Focusrite d2/d3 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CA745D7E-D10F-45B1-AF70-3E976439A8A1}\Setup.exe" -l0x9 FromUninstall
Google Toolbar for Internet Explorer --> MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
GTOneCare --> MsiExec.exe /X{CA40DD4F-D30E-4622-8783-1ED1E81340C2}
HijackThis 2.0.2 --> "C:\Documents and Settings\Jacob\Desktop\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
InterLok Driver Kit --> MsiExec.exe /X{1A24F9E8-009D-40FC-ABED-2AAFFAB0F4F0}
iolo technologies' System Mechanic Professional 7 --> "C:\Program Files\iolo\System Mechanic Professional 7\unins000.exe"
iTunes --> MsiExec.exe /I{585776BC-4BD6-4BD2-A19A-1D6CB44A403B}
Java™ 6 Update 4 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160040}
Java™ 6 Update 5 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
JZ-1 --> C:\WINDOWS\st6unst.exe -n "C:\Program Files\JZ-1\ST6UNST.LOG"
LG USB Drivers --> C:\PROGRA~1\LGDRIV~1\LGUSBD~1\UNWISE.EXE C:\PROGRA~1\LGDRIV~1\LGUSBD~1\INSTALL.LOG
LightScribe System Software 1.12.37.1 --> MsiExec.exe /X{004C5DA2-2051-4D25-94BA-51CF810C91EB}
LightScribe Template Designs - Art Pack 1 --> MsiExec.exe /X{2CDB2DCD-1153-4ED4-9D0A-606231CEFE9A}
LightScribe Template Designs - Sports Pack 1 --> MsiExec.exe /X{725F0ABA-808A-4256-885C-1E60245521D0}
LightScribe Template Designs - Tattoo Pack 1 --> MsiExec.exe /X{E35A1183-F6D8-4DCA-A111-296AFFA00A5C}
LightScribe Template Designs - Urban Pack 1 --> MsiExec.exe /X{85548764-32DC-43ED-BAA5-5386FDB2500A}
LightScribeTemplateLabeler --> MsiExec.exe /X{305D4B08-5807-4475-B1C8-D54685534864}
Malwarebytes' Anti-Malware --> "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Protection Service --> MsiExec.exe /I{85CFDC2D-710E-49D5-B799-F3743CA506BA}
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Windows Live OneCare Resources v2.0.2500.32 --> MsiExec.exe /I{5660022E-F3F2-4126-8CC5-9726C47150EB}
Microsoft Windows OneCare Live AntiSpyware and AntiVirus --> MsiExec.exe /I{E6A31482-989E-4E3C-B0C0-1ED4DBD5BC83}
Microsoft Windows OneCare Live v2.0.2500.30 Idcrl Install --> MsiExec.exe /I{3851147E-5A91-4469-BA4D-13FFFCC8A920}
Microsoft Windows OneCare Live v2.0.2500.32 --> MsiExec.exe /I{D07A8E7E-D324-4945-BA8C-E532AD008FF3}
Mozilla Firefox (2.0.0.14) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Multimedia Launcher --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\setup.exe" -uninstall
Nero 7 Ultra Edition --> MsiExec.exe /I{4781569D-5404-1F26-4B2B-6DF444441031}
NVIDIA Drivers --> C:\WINDOWS\system32\nvudisp.exe UninstallGUI
NVIDIA nTune --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF} /l1033
Oblivion --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{35CB6715-41F8-4F99-8881-6FC75BF054B0}\setup.exe" -l0x9 -removeonly
OpenOffice.org 2.4 --> MsiExec.exe /I{F87A8E11-02A4-4875-A3A5-5961081B0E4E}
PCDJ Red VRM --> C:\PROGRA~1\VISIOS~1\PCDJRE~1\UNWISE.EXE C:\PROGRA~1\VISIOS~1\PCDJRE~1\INSTALL.LOG
Photo Recovery --> C:\WINDOWS\st6unst.exe -n "C:\Program Files\Photo Recovery\ST6UNST.LOG"
PowerDVD --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall
PowerProducer --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\setup.exe" -uninstall
PX Engine --> MsiExec.exe /I{6513E869-647F-40FD-A55D-CFC92579B9BA}
QuickTime --> MsiExec.exe /I{1838C5A2-AB32-4145-85C1-BB9B8DFA24CD}
Sentinel Protection Installer 7.2.2 --> MsiExec.exe /I{6DC0632A-A838-4B34-AC19-0FA18E1C533C}
Sound Blaster Audigy --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1B1DDAD2-C704-49F8-8FC2-18DAAD9A87C5}\SETUP.EXE" -l0x9 /remove
SUPER © Version 2008.bld.30 (Mar 22, 2008) --> C:\PROGRA~1\ERIGHT~1\SUPER\Setup.exe /remove /q0
The Sims 2 --> C:\Program Files\EA GAMES\The Sims 2\EAUninstall.exe
Tron 2.0 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\Buena Vista Interactive\Tron 2.0\Setup.EXE" -l0x9
Windows Live OneCare --> "C:\Program Files\Microsoft Windows OneCare Live\OCSetup.exe" /u
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
World in Conflict --> C:\Program Files\InstallShield Installation Information\{F11ADC64-C89E-47F4-A0B3-3665FF859397}\setup.exe -runfromtemp -l0x0009 -removeonly
Xvid 1.1.3 final uninstall --> "C:\Program Files\Xvid\unins000.exe"
YouTube Uploader --> MsiExec.exe /X{171818BA-E0AD-313D-B45A-1BC9D77ADA86}


-- Application Event Log -------------------------------------------------------

Event Record #/Type3457 / Warning
Event Submitted/Written: 06/08/2008 11:01:28 PM
Event ID/Source: 1524 / Userenv
Event Description:
Windows cannot unload your classes registry file - it is still in use by other applications or services. The file will be unloaded when it is no longer in use.

Event Record #/Type3443 / Error
Event Submitted/Written: 06/08/2008 06:47:23 PM
Event ID/Source: 1002 / Application Hang
Event Description:
Hanging application wmplayer.exe, version 11.0.5721.5145, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Event Record #/Type3430 / Warning
Event Submitted/Written: 06/07/2008 05:51:21 PM
Event ID/Source: 1524 / Userenv
Event Description:
Windows cannot unload your classes registry file - it is still in use by other applications or services. The file will be unloaded when it is no longer in use.

Event Record #/Type3418 / Warning
Event Submitted/Written: 06/07/2008 00:54:59 PM
Event ID/Source: 1524 / Userenv
Event Description:
Windows cannot unload your classes registry file - it is still in use by other applications or services. The file will be unloaded when it is no longer in use.

Event Record #/Type3405 / Warning
Event Submitted/Written: 06/06/2008 11:54:49 PM
Event ID/Source: 1524 / Userenv
Event Description:
Windows cannot unload your classes registry file - it is still in use by other applications or services. The file will be unloaded when it is no longer in use.



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type9929 / Warning
Event Submitted/Written: 06/08/2008 10:14:59 PM
Event ID/Source: 51 / Disk
Event Description:
An error was detected on device \Device\Harddisk6\D during a paging operation.

Event Record #/Type9917 / Error
Event Submitted/Written: 06/08/2008 09:26:24 PM
Event ID/Source: 7034 / Service Control Manager
Event Description:
The Avid Startup service terminated unexpectedly. It has done this 1 time(s).

Event Record #/Type9901 / Warning
Event Submitted/Written: 06/08/2008 07:41:27 PM
Event ID/Source: 51 / Disk
Event Description:
An error was detected on device \Device\Harddisk6\D during a paging operation.

Event Record #/Type9897 / Warning
Event Submitted/Written: 06/08/2008 07:20:27 PM
Event ID/Source: 51 / Disk
Event Description:
An error was detected on device \Device\Harddisk6\D during a paging operation.

Event Record #/Type9895 / Error
Event Submitted/Written: 06/08/2008 07:03:22 PM
Event ID/Source: 1008 / OneCareMP
Event Description:
%NT AUTHORITY29 has encountered an error when taking action on spyware or other potentially unwanted software.

For more information please see the following:
%NT AUTHORITY295

Scan ID: {CFF40910-8DC4-4449-8A49-B81B5DAD44F3}

Scan Type: %NT AUTHORITY02

User: NT AUTHORITY\SYSTEM

Name: %NT AUTHORITY291

ID: %NT AUTHORITY292

Severity: 1.5.1944.05

Category: 1.5.1944.06

Path: %NT AUTHORITY296

Action: 1.5.1944.00

Error Code: 1.5.1944.01

Error description: 1.5.1944.02



-- End of Deckard's System Scanner: finished at 2008-06-08 23:25:10 ------------

Hi and welcome to Bleeping Computer! My name is Sam and I will be helping you.



Please download the OTMoveIt2 by OldTimer.

• Save it to your desktop.
• Please double-click OTMoveIt2.exe to run it.
• Copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
  
  
  CODE
  C:\WINDOWS\system32\wndcsumr.dll
  C:\WINDOWS\system32\fqifptlf.dll
  C:\WINDOWS\system32\gblmfsvx.ini2
  C:\WINDOWS\system32\ilnXayay.ini2
  C:\WINDOWS\system32\mysidesearch_sidebar_uninstall.exe
  C:\WINDOWS\system32\ncntpkdm.exe
  C:\WINDOWS\system32\drivers\redbookk.sys
  C:\WINDOWS\system32\Vco1
  C:\WINDOWS\system32\sTMP
  C:\WINDOWS\system32\fIE
  C:\WINDOWS\system32\Dev3
  C:\WINDOWS\system32\a053
  C:\WINDOWS\system32\6026c
  C:\WINDOWS\system32\vntiho18
  C:\Program Files\uy.exe
  
  
• Return to OTMoveIt2, right click in the "Paste List of Files/Folders to Move" window (under the light Yellow bar) and choose Paste.
• Click the red Moveit! button.
• A log of files and folders moved will be created in the c:\_OTMoveIt\MovedFiles folder in the form of Date and Time (mmddyyyy_hhmmss.log). Please open this log in Notepad and post its contents in your next reply.
• Close OTMoveIt2

If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.





Please download ComboFix and save it to your desktop.
Prior to running Combofix.exe you should disable your antivirus program and disconnect from the internet.

Double click combofix.exe and follow the prompts.
When it's done running it will produce a log for you. Please post that log in your next reply.

Important Note - Do not mouseclick combofix's window whilst it's running. That may cause it to stall.

Sam...Thank you so much for the response and for such a rapid one... I followed the steps as you have instructed...Here is the log generated from OT moveit after I did what was instructed...

--Otmoveit2 Log file--

DllUnregisterServer procedure not found in C:\WINDOWS\system32\wndcsumr.dll
C:\WINDOWS\system32\wndcsumr.dll NOT unregistered.
C:\WINDOWS\system32\wndcsumr.dll moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\fqifptlf.dll
C:\WINDOWS\system32\fqifptlf.dll NOT unregistered.
C:\WINDOWS\system32\fqifptlf.dll moved successfully.
C:\WINDOWS\system32\gblmfsvx.ini2 moved successfully.
C:\WINDOWS\system32\ilnXayay.ini2 moved successfully.
C:\WINDOWS\system32\mysidesearch_sidebar_uninstall.exe moved successfully.
C:\WINDOWS\system32\ncntpkdm.exe moved successfully.
File move failed. C:\WINDOWS\system32\drivers\redbookk.sys scheduled to be moved on reboot.
C:\WINDOWS\system32\Vco1 moved successfully.
C:\WINDOWS\system32\sTMP moved successfully.
C:\WINDOWS\system32\fIE moved successfully.
C:\WINDOWS\system32\Dev3 moved successfully.
C:\WINDOWS\system32\a053 moved successfully.
C:\WINDOWS\system32\6026c moved successfully.
C:\WINDOWS\system32\vntiho18 moved successfully.
C:\Program Files\uy.exe moved successfully.

OTMoveIt2 by OldTimer - Version 1.0.4.2 log created on 06092008_102951

Files moved on Reboot...
File move failed. C:\WINDOWS\system32\drivers\redbookk.sys scheduled to be moved on reboot.


Here's the log file from combofix

ComboFix 08-06-08.8 - Jacob 2008-06-09 10:40:05.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1497 [GMT -5:00]
Running from: C:\Documents and Settings\Jacob\Desktop\ComboFix.exe
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
The following files were disabled during the run:
C:\Program Files\iolo\common\lib\ioloHL.dll


((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Temp\1cb
C:\Temp\1cb\syscheck.log
C:\temp\tn3
C:\Temp\vtmp2
C:\Temp\vtmp2\ktnv33.log
C:\WINDOWS\BM970b0122.xml
C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\drivers\redbookk.sys
C:\WINDOWS\system32\fltpfiqf.ini
C:\WINDOWS\system32\ilnXayay.ini
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\media
C:\WINDOWS\system32\media\AvidRender.wav
C:\WINDOWS\system32\MSINET.oca

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_REDBOOKK
-------\Service_redbookk


((((((((((((((((((((((((( Files Created from 2008-05-09 to 2008-06-09 )))))))))))))))))))))))))))))))
.

2008-06-09 10:29 . 2008-06-09 10:29 <DIR> d-------- C:\_OTMoveIt
2008-06-09 00:05 . 2008-06-09 00:12 <DIR> d-------- C:\WINDOWS\system32\CatRoot_bak
2008-06-08 23:22 . 2008-06-08 23:22 <DIR> d-------- C:\Deckard
2008-06-08 21:29 . 2008-06-08 21:54 2,984 --a------ C:\WINDOWS\system32\tmp.reg
2008-06-08 21:27 . 2007-09-06 00:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2008-06-08 21:27 . 2006-04-27 17:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2008-06-08 21:27 . 2008-05-29 09:35 86,528 --a------ C:\WINDOWS\system32\VACFix.exe
2008-06-08 21:27 . 2008-05-18 21:40 82,944 --a------ C:\WINDOWS\system32\IEDFix.exe
2008-06-08 21:27 . 2008-05-18 21:40 82,944 --a------ C:\WINDOWS\system32\404Fix.exe
2008-06-08 21:27 . 2004-07-31 18:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2008-06-08 21:27 . 2007-10-04 00:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2008-06-08 18:46 . 2008-06-09 10:47 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-06-08 18:46 . 2008-06-08 18:46 1,409 --a------ C:\WINDOWS\QTFont.for
2008-06-05 09:09 . 2008-06-05 09:09 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-06-05 09:09 . 2008-05-30 01:06 34,296 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys
2008-06-05 09:09 . 2008-05-30 01:06 15,864 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-06-05 08:51 . 2008-06-08 21:53 479 --a------ C:\WINDOWS\wininit.ini
2008-06-05 08:22 . 2007-11-27 22:56 116,416 --a------ C:\WINDOWS\system32\drivers\msfwhlpr.sys
2008-06-05 08:22 . 2007-11-27 22:56 91,328 --a------ C:\WINDOWS\system32\drivers\msfwdrv.sys
2008-06-05 08:21 . 2008-06-05 08:21 <DIR> d-------- C:\WINDOWS\system32\bits
2008-06-05 08:21 . 2007-07-06 15:09 70,928 --a------ C:\WINDOWS\system32\drivers\MpFilter.sys
2008-06-05 08:20 . 2007-03-29 07:56 7,168 -----c--- C:\WINDOWS\system32\dllcache\bitsprx4.dll
2008-06-05 08:20 . 2007-03-29 07:56 7,168 --a------ C:\WINDOWS\system32\bitsprx4.dll
2008-06-05 07:13 . 2008-06-05 07:13 <DIR> d-------- C:\WINDOWS\system32\SuperAdBlocker.com
2008-06-05 00:15 . 2008-06-05 07:28 <DIR> d-------- C:\Program Files\SUPERAntiSpyware
2008-06-05 00:15 . 2008-06-05 00:15 <DIR> d-------- C:\Documents and Settings\Jacob\Application Data\SUPERAntiSpyware.com
2008-06-04 23:04 . 2008-06-05 09:09 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-06-04 23:04 . 2008-06-04 23:04 <DIR> d-------- C:\Documents and Settings\Jacob\Application Data\Malwarebytes
2008-06-04 17:05 . 2008-06-04 17:05 74 --ahs---- C:\WINDOWS\system32\gblmfsvx.tmp
2008-06-04 15:31 . 2008-06-09 10:40 <DIR> d-------- C:\Temp
2008-06-04 15:31 . 2008-06-04 15:31 167,976 --------- C:\WINDOWS\system32\drivers\core.cache.dsk
2008-06-03 00:36 . 2008-06-03 00:36 147,456 --a------ C:\WINDOWS\system32\vbzip10.dll
2008-06-02 21:46 . 2008-06-02 21:46 <DIR> d-------- C:\Program Files\DivX
2008-05-29 12:51 . 2008-05-29 12:51 <DIR> d-------- C:\Program Files\eRightSoft
2008-05-29 12:51 . 2007-12-17 07:43 27,648 --ahs---- C:\WINDOWS\system32\Smab0.dll
2008-05-27 20:14 . 2008-05-27 20:22 385,405,134 --a------ C:\F&J Clip.MOV
2008-05-27 19:42 . 2008-05-27 19:42 <DIR> d-------- C:\Program Files\AviSynth 2.5
2008-05-27 19:42 . 2004-02-22 10:11 719,872 --a------ C:\WINDOWS\system32\devil.dll
2008-05-27 19:42 . 2006-10-07 17:43 502,784 --a------ C:\WINDOWS\x2.64.exe
2008-05-27 19:42 . 2008-02-07 16:15 408,576 --a------ C:\WINDOWS\system32\Smab.dll
2008-05-27 19:42 . 2007-05-17 17:30 318,976 --a------ C:\WINDOWS\system32\avisynth.dll
2008-05-27 19:42 . 2005-02-28 13:16 240,128 --a------ C:\WINDOWS\system32\x.264.exe
2008-05-27 19:42 . 2006-04-12 09:47 217,073 --a------ C:\WINDOWS\meta4.exe
2008-05-27 19:42 . 2004-01-25 00:00 70,656 --a------ C:\WINDOWS\system32\yv12vfw.dll
2008-05-27 19:42 . 2004-01-25 00:00 70,656 --a------ C:\WINDOWS\system32\i420vfw.dll
2008-05-27 19:42 . 2006-04-05 08:09 66,560 --a------ C:\WINDOWS\MOTA113.exe
2008-05-27 19:42 . 2005-07-14 12:31 27,648 --a------ C:\WINDOWS\system32\AVSredirect.dll
2008-05-26 00:49 . 2008-06-05 07:14 2,030 --a------ C:\WINDOWS\mozver.dat
2008-05-26 00:44 . 2008-05-26 00:44 0 --a------ C:\WINDOWS\nsreg.dat
2008-05-25 12:54 . 2008-05-25 12:54 <DIR> d-------- C:\Program Files\Windows Media Connect 2
2008-05-25 12:54 . 2006-02-28 07:00 221,184 --a------ C:\WINDOWS\system32\wmpns.dll
2008-05-25 12:53 . 2008-05-25 12:54 <DIR> d-------- C:\WINDOWS\system32\drivers\UMDF
2008-05-19 00:08 . 2008-06-05 08:07 <DIR> d-------- C:\Program Files\LimeWire
2008-05-19 00:08 . 2008-06-04 23:19 <DIR> d-------- C:\Documents and Settings\Jacob\Application Data\LimeWire
2008-05-12 20:51 . 2008-05-12 20:51 1,044,480 --a------ C:\WINDOWS\system32\libdivx.dll
2008-05-12 20:51 . 2008-05-12 20:51 200,704 --a------ C:\WINDOWS\system32\ssldivx.dll
2008-05-11 13:57 . 2008-05-11 13:57 <DIR> d-------- C:\Program Files\LG Drivers
2008-05-11 13:57 . 2005-06-24 18:36 39,036 --a------ C:\WINDOWS\system32\drivers\lgusbmodem.sys
2008-05-11 13:57 . 2005-05-26 11:01 38,144 --a------ C:\WINDOWS\system32\drivers\lgusbdiag.sys
2008-05-11 13:57 . 2005-05-26 11:01 21,344 --a------ C:\WINDOWS\system32\drivers\lgusbbus.sys
2008-05-10 21:52 . 2008-06-06 21:29 <DIR> d-------- C:\OMFI MediaFiles

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-09 15:20 --------- d-----w C:\Program Files\Microsoft Windows OneCare Live
2008-06-09 05:52 --------- d-----w C:\Program Files\Google
2008-06-07 17:51 --------- d-----w C:\Program Files\Digidesign
2008-06-06 19:43 --------- d-----w C:\Documents and Settings\Jacob\Application Data\OpenOffice.org2
2008-06-04 14:26 25,214 ----a-w C:\Program Files\B.ico
2008-06-04 14:26 25,214 ----a-w C:\Program Files\A.ico
2008-06-04 14:26 0 ----a-w C:\Program Files\Video.exe
2008-06-04 14:26 0 ----a-w C:\Program Files\Track_03.exe
2008-05-27 22:01 --------- d-----w C:\Documents and Settings\Jacob\Application Data\Creative
2008-05-23 23:54 22,328 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys
2008-05-19 06:09 --------- d-----w C:\Documents and Settings\Jacob\Application Data\iolo
2008-05-11 18:59 --------- d-----w C:\Program Files\BitPim
2008-05-11 18:56 --------- d-----w C:\Program Files\123 Video Converter
2008-05-11 18:55 --------- d-----w C:\Program Files\123 DVD Converter
2008-05-06 15:59 --------- d-----w C:\Program Files\LightScribeTemplateLabeler
2008-05-06 00:02 --------- d-----w C:\Program Files\Common Files\Ahead
2008-05-05 14:40 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-05-05 14:22 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-05-04 22:59 --------- d-----w C:\Program Files\Enigma Software Group
2008-05-04 20:42 --------- d-----w C:\Program Files\iolo
2008-05-03 20:17 --------- d-----w C:\Documents and Settings\Jacob\Application Data\Ahead
2008-05-03 05:47 --------- d-----w C:\Program Files\Nero
2008-05-03 05:43 --------- d-----w C:\Program Files\Ahead
2008-05-03 04:24 --------- d-----w C:\Documents and Settings\Jacob\Application Data\Yahoo!
2008-05-03 04:24 --------- d-----w C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2008-05-03 03:51 --------- d-----w C:\Program Files\Yahoo! Games
2008-05-03 03:51 --------- d-----w C:\Program Files\Yahoo!
2008-05-03 03:51 --------- d-----w C:\Documents and Settings\Jacob\Application Data\iWin
2008-05-03 03:51 --------- d-----w C:\Documents and Settings\All Users\Application Data\Trymedia
2008-05-02 16:17 --------- d-----w C:\Program Files\MSECache
2008-04-28 20:45 --------- d-----w C:\Program Files\IrfanView
2008-04-26 02:40 22,328 ----a-w C:\Documents and Settings\Jacob\Application Data\PnkBstrK.sys
2008-04-24 21:28 --------- d-----w C:\Program Files\Common Files\LightScribe
2008-04-24 21:28 --------- d-----w C:\Documents and Settings\All Users\Application Data\LightScribe
2008-04-22 20:46 --------- d-----w C:\Program Files\Batch Audio Converter
2008-04-22 17:31 --------- d-----w C:\Program Files\Common Files\Adobe
2008-04-22 16:03 --------- d-----w C:\Program Files\OpenOffice.org 2.4
2008-04-22 16:03 --------- d-----w C:\Program Files\Java
2008-04-22 14:48 --------- d-----w C:\Program Files\Common Files\Java
2008-04-21 23:45 --------- d-----w C:\Program Files\QuickTime
2008-04-21 23:45 --------- d-----w C:\Program Files\iTunes
2008-04-21 23:45 --------- d-----w C:\Program Files\iPod
2008-04-21 23:45 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-04-21 23:42 --------- d-----w C:\Program Files\Apple Software Update
2008-04-18 18:14 --------- d-----w C:\Program Files\Photo Recovery
2008-04-18 18:12 73,216 ----a-w C:\WINDOWS\ST6UNST.EXE
2008-04-18 18:12 249,856 ------w C:\WINDOWS\Setup1.exe
2008-04-17 09:30 --------- d-----w C:\Program Files\Verizon
2008-04-13 05:37 --------- d-----w C:\Documents and Settings\Jacob\Application Data\PACE Anti-Piracy
2008-04-13 05:37 --------- d-----w C:\Documents and Settings\All Users\Application Data\PACE Anti-Piracy
2008-04-13 05:36 56 --sha-w C:\redir.sys
2008-04-12 13:29 --------- d-----w C:\Program Files\EA GAMES
2007-06-09 13:53 0 ----a-w C:\Program Files\Setup.exe
2004-10-01 21:00 40,960 ----a-w C:\Program Files\Uninstall_CDS.exe
2006-05-03 09:06 163,328 --sha-r C:\WINDOWS\system32\flvDX.dll
2007-02-21 10:47 31,232 --sha-r C:\WINDOWS\system32\msfDX.dll
2007-12-17 12:43 27,648 --sha-w C:\WINDOWS\system32\Smab0.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NVIDIA nTune"="C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" [2007-09-04 20:25 81920]
"PowerBar"="C:\Program Files\CyberLink DVD Solution\Multimedia Launcher\PowerBar.exe" [2004-04-21 11:26 86016]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-05-08 09:04 68856]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2006-02-28 07:00 15360]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]
"LightScribe Control Panel"="C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-03-17 17:59 2289664]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe" [2005-09-08 11:06 94208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTSysVol"="C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe" [2005-10-31 11:51 57344]
"SMSystemAnalyzer"="C:\Program Files\iolo\System Mechanic Professional 7\SMSystemAnalyzer.exe" [2008-05-06 16:48 764776]
"DigidesignMMERefresh"="C:\Program Files\Digidesign\Drivers\MMERefresh.exe" [2006-02-15 01:31 61440]
"RemoteControl"="C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe" [2004-11-02 21:24 32768]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50 155648]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 10:36 267048]
"NWEReboot"="" []
"iolo AntiVirus"="C:\Program Files\iolo\System Mechanic Professional 7\AntiVirus\ioloAV.exe" [2008-03-05 12:48 1095520]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-11-06 04:30 8523776]
"OneCareUI"="C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe" [2008-05-28 12:35 67112]
"P17Helper"="P17.dll" [2005-05-03 06:38 64512 C:\WINDOWS\system32\P17.dll]
"iolo Personal Firewall"="C:\Program Files\iolo\System Mechanic Professional 7\Personal Firewall\ioloFW.exe" [2008-03-05 13:06 1305440]

C:\Documents and Settings\Jacob\Start Menu\Programs\Startup\
OpenOffice.org 2.4.lnk.disabled [2008-04-22 11:05:09 886]
YouTube Uploader.lnk - C:\Documents and Settings\Jacob\Local Settings\Application Data\YouTube\Uploader\youtubeuploader.exe [2007-11-09 13:33:08 71152]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.I420"= i420vfw.dll
"MIDI1"= diomidi.dll
"wave1"= Digi32.dll
"vidc.AVRn"= AvidAVICodec.dll
"vidc.yv12"= yv12vfw.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\OneCareMP]
@="Service"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"BM970b0122"=Rundll32.exe "C:\WINDOWS\system32\yqrnowif.dll",s

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\iolo\\System Mechanic Professional 7\\Personal Firewall\\ioloFW.exe"=
"C:\\Program Files\\iolo\\System Mechanic Professional 7\\AntiVirus\\ioloAV.exe"=
"C:\\Program Files\\iolo\\System Mechanic Professional 7\\AntiVirus\\iAVEmailScanner.exe"=
"C:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"C:\\Program Files\\Sierra Entertainment\\World in Conflict\\wic.exe"=
"C:\\Program Files\\Sierra Entertainment\\World in Conflict\\wic_online.exe"=
"C:\\Program Files\\Sierra Entertainment\\World in Conflict\\wic_ds.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=

R0 XPacket;iolo Personal Firewall Driver;C:\WINDOWS\system32\xpacket.sys [2007-10-02 13:41]
R2 ioloFileInfoList;iolo FileInfoList Service;C:\Program Files\iolo\common\lib\ioloServiceManager.exe [2008-05-02 12:31]
R2 ioloSystemService;iolo System Service;C:\Program Files\iolo\common\lib\ioloServiceManager.exe [2008-05-02 12:31]
R2 SentEmul;SentEmul;C:\WINDOWS\system32\DRIVERS\sentemul.sys [2006-05-14 01:49]
S3 PciCon;PciCon;I:\PciCon.sys []

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7d08e046-faca-11dc-b75c-0016ecf0edf0}]
\Shell\AutoRun\command - K:\ONSPCLCK.exe


[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"C:\Program Files\Common Files\LightScribe\LSRunOnce.exe"
.
Contents of the 'Scheduled Tasks' folder
"2008-06-04 16:44:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-09 10:46:53
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

PROCESS: C:\WINDOWS\system32\winlogon.exe
-> C:\WINDOWS\system32\ntdll.dll
-> C:\Program Files\iolo\common\lib\ioloHL.dll

PROCESS: C:\WINDOWS\system32\lsass.exe
-> C:\WINDOWS\system32\ntdll.dll
-> C:\Program Files\iolo\common\lib\ioloHL.dll
-> C:\WINDOWS\system32\iavlsp.dll

PROCESS: C:\WINDOWS\system32\csrss.exe
-> C:\WINDOWS\system32\ntdll.dll
-> C:\Program Files\iolo\common\lib\ioloHL.dll
.
Completion time: 2008-06-09 10:49:16 - machine was rebooted
ComboFix-quarantined-files.txt 2008-06-09 15:49:08

Pre-Run: 68,661,379,072 bytes free
Post-Run: 68,603,961,344 bytes free

249 --- E O F --- 2008-06-05 14:48:58


Also Windows Live no longer starts... Neither does my Iola firewall....Anyway...Thanks so much for your help...

I wanted to add that after I ran these two programs I have several that will not start up.... Malwarebytes has an error, Windows Live has an error at closes, Iola firewall has an error and closes... DO not know if it is related to these issues or not.... I am a novice when it comes to things like this on the computer... I greatly appreciate your help though... I did run Spybot and it still turned up Smitfraud core services...Anyway..THANKS AGAIN!!

Let's finish removing the malware that you have present, then we'll come back and troubleshoot those program errors for you.
There are a couple files in your log that I'm suspicious of.

• Please go to Jotti's malware scan
  
• Copy and paste the following file path into the "File to upload & scan" box on the top of the page:
  
  
  
  
  C:\Program Files\Video.exe
  
  
  
• Click on the submit button
• Please post the results in your next reply.

Also submit this file.


C:\Program Files\Track_03.exe

The file you uploaded is 0 bytes. It is very likely a firewall or a piece of malware is prohibiting you from uploading this file

I don't know...Both these files where 0 bytes.... I deleted both of them I have never seen them before....

What to do now?

Copy and paste ALL the following text in the Quote box below into Notepad.
Click on File(in the menu at the top)>Save as../Save as Type: 'All Files' /File name: CFScript to your desktop.


Prior to running Combofix.exe you should disable your antivirus program and disconnect from the internet.

Now drag then drop the CFScript file onto ComboFix.exe as seen in the image below.



This will start ComboFix again.
After reboot, (in case it asks to reboot), post the contents of Combofix.txt in your next reply.

Thank you SO much...You are really a life saver... I think it's all gone.... Spybot turned up nothing and neither did Malwarebytes... They were both finding it before...So here's the log from combo-fix... I am gonna run the Kaspersky online scanner to double check...PLus my other programs are starting up again now....

ComboFix 08-06-08.8 - Jacob 2008-06-10 10:37:32.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1261 [GMT -5:00]
Running from: C:\Documents and Settings\Jacob\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\Jacob\Desktop\CFScript.txt
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

FILE ::
C:\Program Files\A.ico
C:\Program Files\B.ico
C:\WINDOWS\system32\drivers\core.cache.dsk
C:\WINDOWS\system32\gblmfsvx.tmp
.
The following files were disabled during the run:
C:\Program Files\iolo\common\lib\ioloHL.dll


((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Program Files\A.ico
C:\Program Files\B.ico
C:\WINDOWS\system32\gblmfsvx.tmp
C:\WINDOWS\system32\p2pnetworking.exe

.
((((((((((((((((((((((((( Files Created from 2008-05-10 to 2008-06-10 )))))))))))))))))))))))))))))))
.

2008-06-09 19:04 . 2007-07-30 19:19 207,736 --a------ C:\WINDOWS\system32\muweb.dll
2008-06-09 10:29 . 2008-06-09 10:29 <DIR> d-------- C:\_OTMoveIt
2008-06-09 00:05 . 2008-06-09 00:12 <DIR> d-------- C:\WINDOWS\system32\CatRoot_bak
2008-06-08 23:22 . 2008-06-08 23:22 <DIR> d-------- C:\Deckard
2008-06-08 21:29 . 2008-06-08 21:54 2,984 --a------ C:\WINDOWS\system32\tmp.reg
2008-06-08 21:27 . 2007-09-06 00:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2008-06-08 21:27 . 2006-04-27 17:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2008-06-08 21:27 . 2008-05-29 09:35 86,528 --a------ C:\WINDOWS\system32\VACFix.exe
2008-06-08 21:27 . 2008-05-18 21:40 82,944 --a------ C:\WINDOWS\system32\IEDFix.exe
2008-06-08 21:27 . 2008-05-18 21:40 82,944 --a------ C:\WINDOWS\system32\404Fix.exe
2008-06-08 21:27 . 2004-07-31 18:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2008-06-08 21:27 . 2007-10-04 00:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2008-06-08 18:46 . 2008-06-09 12:09 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-06-08 18:46 . 2008-06-08 18:46 1,409 --a------ C:\WINDOWS\QTFont.for
2008-06-05 09:09 . 2008-06-05 09:09 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-06-05 09:09 . 2008-05-30 01:06 34,296 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys
2008-06-05 09:09 . 2008-05-30 01:06 15,864 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-06-05 08:51 . 2008-06-10 09:58 541 --a------ C:\WINDOWS\wininit.ini
2008-06-05 08:22 . 2007-11-27 22:56 116,416 --a------ C:\WINDOWS\system32\drivers\msfwhlpr.sys
2008-06-05 08:22 . 2007-11-27 22:56 91,328 --a------ C:\WINDOWS\system32\drivers\msfwdrv.sys
2008-06-05 08:21 . 2008-06-05 08:21 <DIR> d-------- C:\WINDOWS\system32\bits
2008-06-05 08:21 . 2007-07-06 15:09 70,928 --a------ C:\WINDOWS\system32\drivers\MpFilter.sys
2008-06-05 08:20 . 2007-03-29 07:56 7,168 -----c--- C:\WINDOWS\system32\dllcache\bitsprx4.dll
2008-06-05 08:20 . 2007-03-29 07:56 7,168 --a------ C:\WINDOWS\system32\bitsprx4.dll
2008-06-05 07:13 . 2008-06-05 07:13 <DIR> d-------- C:\WINDOWS\system32\SuperAdBlocker.com
2008-06-05 00:15 . 2008-06-05 07:28 <DIR> d-------- C:\Program Files\SUPERAntiSpyware
2008-06-05 00:15 . 2008-06-05 00:15 <DIR> d-------- C:\Documents and Settings\Jacob\Application Data\SUPERAntiSpyware.com
2008-06-04 23:04 . 2008-06-05 09:09 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-06-04 23:04 . 2008-06-04 23:04 <DIR> d-------- C:\Documents and Settings\Jacob\Application Data\Malwarebytes
2008-06-04 15:31 . 2008-06-09 12:38 <DIR> d-------- C:\Temp
2008-06-03 00:36 . 2008-06-03 00:36 147,456 --a------ C:\WINDOWS\system32\vbzip10.dll
2008-06-02 21:46 . 2008-06-02 21:46 <DIR> d-------- C:\Program Files\DivX
2008-05-29 12:51 . 2008-05-29 12:51 <DIR> d-------- C:\Program Files\eRightSoft
2008-05-29 12:51 . 2007-12-17 07:43 27,648 --ahs---- C:\WINDOWS\system32\Smab0.dll
2008-05-27 20:14 . 2008-05-27 20:22 385,405,134 --a------ C:\F&J Clip.MOV
2008-05-27 19:42 . 2008-05-27 19:42 <DIR> d-------- C:\Program Files\AviSynth 2.5
2008-05-27 19:42 . 2004-02-22 10:11 719,872 --a------ C:\WINDOWS\system32\devil.dll
2008-05-27 19:42 . 2006-10-07 17:43 502,784 --a------ C:\WINDOWS\x2.64.exe
2008-05-27 19:42 . 2008-02-07 16:15 408,576 --a------ C:\WINDOWS\system32\Smab.dll
2008-05-27 19:42 . 2007-05-17 17:30 318,976 --a------ C:\WINDOWS\system32\avisynth.dll
2008-05-27 19:42 . 2005-02-28 13:16 240,128 --a------ C:\WINDOWS\system32\x.264.exe
2008-05-27 19:42 . 2006-04-12 09:47 217,073 --a------ C:\WINDOWS\meta4.exe
2008-05-27 19:42 . 2004-01-25 00:00 70,656 --a------ C:\WINDOWS\system32\yv12vfw.dll
2008-05-27 19:42 . 2004-01-25 00:00 70,656 --a------ C:\WINDOWS\system32\i420vfw.dll
2008-05-27 19:42 . 2006-04-05 08:09 66,560 --a------ C:\WINDOWS\MOTA113.exe
2008-05-27 19:42 . 2005-07-14 12:31 27,648 --a------ C:\WINDOWS\system32\AVSredirect.dll
2008-05-26 00:49 . 2008-06-05 07:14 2,030 --a------ C:\WINDOWS\mozver.dat
2008-05-26 00:44 . 2008-05-26 00:44 0 --a------ C:\WINDOWS\nsreg.dat
2008-05-25 12:54 . 2008-05-25 12:54 <DIR> d-------- C:\Program Files\Windows Media Connect 2
2008-05-25 12:54 . 2006-02-28 07:00 221,184 --a------ C:\WINDOWS\system32\wmpns.dll
2008-05-25 12:53 . 2008-05-25 12:54 <DIR> d-------- C:\WINDOWS\system32\drivers\UMDF
2008-05-19 00:08 . 2008-06-05 08:07 <DIR> d-------- C:\Program Files\LimeWire
2008-05-19 00:08 . 2008-06-04 23:19 <DIR> d-------- C:\Documents and Settings\Jacob\Application Data\LimeWire
2008-05-12 20:51 . 2008-05-12 20:51 1,044,480 --a------ C:\WINDOWS\system32\libdivx.dll
2008-05-12 20:51 . 2008-05-12 20:51 200,704 --a------ C:\WINDOWS\system32\ssldivx.dll
2008-05-11 13:57 . 2008-05-11 13:57 <DIR> d-------- C:\Program Files\LG Drivers
2008-05-11 13:57 . 2005-06-24 18:36 39,036 --a------ C:\WINDOWS\system32\drivers\lgusbmodem.sys
2008-05-11 13:57 . 2005-05-26 11:01 38,144 --a------ C:\WINDOWS\system32\drivers\lgusbdiag.sys
2008-05-11 13:57 . 2005-05-26 11:01 21,344 --a------ C:\WINDOWS\system32\drivers\lgusbbus.sys
2008-05-10 21:52 . 2008-06-06 21:29 <DIR> d-------- C:\OMFI MediaFiles

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-10 15:23 --------- d-----w C:\Documents and Settings\Jacob\Application Data\OpenOffice.org2
2008-06-10 05:19 --------- d-----w C:\Program Files\Java
2008-06-09 22:59 --------- d-----w C:\Program Files\Microsoft Windows OneCare Live
2008-06-09 18:48 66,872 ----a-w C:\WINDOWS\system32\PnkBstrA.exe
2008-06-09 18:48 22,328 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys
2008-06-09 18:48 107,832 ----a-w C:\WINDOWS\system32\PnkBstrB.exe
2008-06-09 18:47 22,328 ----a-w C:\Documents and Settings\Jacob\Application Data\PnkBstrK.sys
2008-06-09 05:52 --------- d-----w C:\Program Files\Google
2008-06-07 17:51 --------- d-----w C:\Program Files\Digidesign
2008-05-27 22:01 --------- d-----w C:\Documents and Settings\Jacob\Application Data\Creative
2008-05-19 06:09 --------- d-----w C:\Documents and Settings\Jacob\Application Data\iolo
2008-05-11 18:59 --------- d-----w C:\Program Files\BitPim
2008-05-11 18:56 --------- d-----w C:\Program Files\123 Video Converter
2008-05-11 18:55 --------- d-----w C:\Program Files\123 DVD Converter
2008-05-06 21:49 428,904 ----a-w C:\WINDOWS\system32\Incinerator.dll
2008-05-06 15:59 --------- d-----w C:\Program Files\LightScribeTemplateLabeler
2008-05-06 00:02 --------- d-----w C:\Program Files\Common Files\Ahead
2008-05-05 14:40 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-05-05 14:22 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-05-04 22:59 --------- d-----w C:\Program Files\Enigma Software Group
2008-05-04 20:42 --------- d-----w C:\Program Files\iolo
2008-05-03 20:17 --------- d-----w C:\Documents and Settings\Jacob\Application Data\Ahead
2008-05-03 05:47 --------- d-----w C:\Program Files\Nero
2008-05-03 05:43 --------- d-----w C:\Program Files\Ahead
2008-05-03 04:24 --------- d-----w C:\Documents and Settings\Jacob\Application Data\Yahoo!
2008-05-03 04:24 --------- d-----w C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2008-05-03 03:51 --------- d-----w C:\Program Files\Yahoo! Games
2008-05-03 03:51 --------- d-----w C:\Program Files\Yahoo!
2008-05-03 03:51 --------- d-----w C:\Documents and Settings\Jacob\Application Data\iWin
2008-05-03 03:51 --------- d-----w C:\Documents and Settings\All Users\Application Data\Trymedia
2008-05-02 16:17 --------- d-----w C:\Program Files\MSECache
2008-04-28 20:45 --------- d-----w C:\Program Files\IrfanView
2008-04-24 21:28 --------- d-----w C:\Program Files\Common Files\LightScribe
2008-04-24 21:28 --------- d-----w C:\Documents and Settings\All Users\Application Data\LightScribe
2008-04-22 20:46 --------- d-----w C:\Program Files\Batch Audio Converter
2008-04-22 17:31 --------- d-----w C:\Program Files\Common Files\Adobe
2008-04-22 16:03 --------- d-----w C:\Program Files\OpenOffice.org 2.4
2008-04-22 14:48 --------- d-----w C:\Program Files\Common Files\Java
2008-04-21 23:45 --------- d-----w C:\Program Files\QuickTime
2008-04-21 23:45 --------- d-----w C:\Program Files\iTunes
2008-04-21 23:45 --------- d-----w C:\Program Files\iPod
2008-04-21 23:45 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-04-21 23:42 --------- d-----w C:\Program Files\Apple Software Update
2008-04-18 18:14 --------- d-----w C:\Program Files\Photo Recovery
2008-04-18 18:12 73,216 ----a-w C:\WINDOWS\ST6UNST.EXE
2008-04-18 18:12 249,856 ------w C:\WINDOWS\Setup1.exe
2008-04-17 09:30 --------- d-----w C:\Program Files\Verizon
2008-04-13 05:37 --------- d-----w C:\Documents and Settings\Jacob\Application Data\PACE Anti-Piracy
2008-04-13 05:37 --------- d-----w C:\Documents and Settings\All Users\Application Data\PACE Anti-Piracy
2008-04-13 05:36 56 --sha-w C:\redir.sys
2008-04-12 13:29 --------- d-----w C:\Program Files\EA GAMES
2008-03-27 14:43 107,888 ----a-w C:\WINDOWS\system32\CmdLineExt.dll
2008-03-27 08:12 151,583 ----a-w C:\WINDOWS\system32\msjint40.dll
2008-03-25 18:29 74,703 ----a-w C:\WINDOWS\system32\mfc45.dll
2008-03-24 13:53 34,304 ----a-w C:\WINDOWS\system32\iolobtdfg.exe
2008-03-24 13:53 22,528 ----a-w C:\WINDOWS\system32\smrgdf.exe
2008-03-19 09:47 1,845,248 ----a-w C:\WINDOWS\system32\win32k.sys
2004-10-01 21:00 40,960 ----a-w C:\Program Files\Uninstall_CDS.exe
2006-05-03 09:06 163,328 --sha-r C:\WINDOWS\system32\flvDX.dll
2007-02-21 10:47 31,232 --sha-r C:\WINDOWS\system32\msfDX.dll
2007-12-17 12:43 27,648 --sha-w C:\WINDOWS\system32\Smab0.dll
.

((((((((((((((((((((((((((((( snapshot@2008-06-09_10.48.55.32 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-06-09 15:46:02 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-06-09 17:09:48 2,048 --s-a-w C:\WINDOWS\bootstat.dat
- 2008-02-22 06:23:35 135,168 ----a-w C:\WINDOWS\system32\java.exe
+ 2008-03-25 06:28:39 135,168 ----a-w C:\WINDOWS\system32\java.exe
- 2008-02-22 06:23:39 135,168 ----a-w C:\WINDOWS\system32\javaw.exe
+ 2008-03-25 06:28:43 135,168 ----a-w C:\WINDOWS\system32\javaw.exe
- 2008-02-22 07:33:32 139,264 ----a-w C:\WINDOWS\system32\javaws.exe
+ 2008-03-25 07:37:01 139,264 ----a-w C:\WINDOWS\system32\javaws.exe
+ 2008-06-09 17:11:23 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_60c.dat
+ 2008-06-09 17:10:20 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_74c.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NVIDIA nTune"="C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" [2007-09-04 20:25 81920]
"PowerBar"="C:\Program Files\CyberLink DVD Solution\Multimedia Launcher\PowerBar.exe" [2004-04-21 11:26 86016]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-05-08 09:04 68856]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2006-02-28 07:00 15360]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]
"LightScribe Control Panel"="C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-03-17 17:59 2289664]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe" [2005-09-08 11:06 94208]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"SpybotDeletingB8650"="command /c del C:\WINDOWS\system32\drivers\core.cache.dsk" [ ]
"SpybotDeletingD8296"="cmd /c del C:\WINDOWS\system32\drivers\core.cache.dsk" [ ]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTSysVol"="C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe" [2005-10-31 11:51 57344]
"SMSystemAnalyzer"="C:\Program Files\iolo\System Mechanic Professional 7\SMSystemAnalyzer.exe" [2008-05-06 16:48 764776]
"DigidesignMMERefresh"="C:\Program Files\Digidesign\Drivers\MMERefresh.exe" [2006-02-15 01:31 61440]
"RemoteControl"="C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe" [2004-11-02 21:24 32768]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50 155648]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 10:36 267048]
"NWEReboot"="" []
"iolo AntiVirus"="C:\Program Files\iolo\System Mechanic Professional 7\AntiVirus\ioloAV.exe" [2008-03-05 12:48 1095520]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-11-06 04:30 8523776]
"OneCareUI"="C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe" [2008-05-28 12:35 67112]
"P17Helper"="P17.dll" [2005-05-03 06:38 64512 C:\WINDOWS\system32\P17.dll]
"iolo Personal Firewall"="C:\Program Files\iolo\System Mechanic Professional 7\Personal Firewall\ioloFW.exe" [2008-03-05 13:06 1305440]

C:\Documents and Settings\Jacob\Start Menu\Programs\Startup\
OpenOffice.org 2.4.lnk.disabled [2008-04-22 11:05:09 886]
YouTube Uploader.lnk - C:\Documents and Settings\Jacob\Local Settings\Application Data\YouTube\Uploader\youtubeuploader.exe [2007-11-09 13:33:08 71152]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.I420"= i420vfw.dll
"MIDI1"= diomidi.dll
"wave1"= Digi32.dll
"vidc.AVRn"= AvidAVICodec.dll
"vidc.yv12"= yv12vfw.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\OneCareMP]
@="Service"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\iolo\\System Mechanic Professional 7\\Personal Firewall\\ioloFW.exe"=
"C:\\Program Files\\iolo\\System Mechanic Professional 7\\AntiVirus\\ioloAV.exe"=
"C:\\Program Files\\iolo\\System Mechanic Professional 7\\AntiVirus\\iAVEmailScanner.exe"=
"C:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"C:\\Program Files\\Sierra Entertainment\\World in Conflict\\wic.exe"=
"C:\\Program Files\\Sierra Entertainment\\World in Conflict\\wic_online.exe"=
"C:\\Program Files\\Sierra Entertainment\\World in Conflict\\wic_ds.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\WINDOWS\\system32\\PnkBstrA.exe"=
"C:\\WINDOWS\\system32\\PnkBstrB.exe"=

R0 XPacket;iolo Personal Firewall Driver;C:\WINDOWS\system32\xpacket.sys [2007-10-02 13:41]
R2 ioloFileInfoList;iolo FileInfoList Service;C:\Program Files\iolo\common\lib\ioloServiceManager.exe [2008-05-02 12:31]
R2 ioloSystemService;iolo System Service;C:\Program Files\iolo\common\lib\ioloServiceManager.exe [2008-05-02 12:31]
R2 SentEmul;SentEmul;C:\WINDOWS\system32\DRIVERS\sentemul.sys [2006-05-14 01:49]
S3 PciCon;PciCon;I:\PciCon.sys []

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7d08e046-faca-11dc-b75c-0016ecf0edf0}]
\Shell\AutoRun\command - K:\ONSPCLCK.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f46a4fdd-fab4-11dc-9574-806d6172696f}]
\Shell\AutoRun\command - I:\setup\rsrc\Autorun.exe
\Shell\dinstall\command - I:\Directx\dxsetup.exe

*Newly Created Service* - CATCHME
*Newly Created Service* - PNKBSTRA
*Newly Created Service* - PNKBSTRK

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"C:\Program Files\Common Files\LightScribe\LSRunOnce.exe"
.
Contents of the 'Scheduled Tasks' folder
"2008-06-04 16:44:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-10 10:38:19
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

PROCESS: C:\WINDOWS\system32\winlogon.exe
-> C:\Program Files\iolo\common\lib\ioloHL.dll

PROCESS: C:\WINDOWS\system32\lsass.exe
-> C:\Program Files\iolo\common\lib\ioloHL.dll
-> C:\WINDOWS\system32\iavlsp.dll

PROCESS: C:\WINDOWS\system32\csrss.exe
-> C:\Program Files\iolo\common\lib\ioloHL.dll
.
Completion time: 2008-06-10 10:38:46
ComboFix-quarantined-files.txt 2008-06-10 15:38:42
ComboFix2.txt 2008-06-09 15:49:18

Pre-Run: 69,563,760,640 bytes free
Post-Run: 69,618,933,760 bytes free

264 --- E O F --- 2008-06-05 14:48:58


Any advise on how I can get my machine to run a little smoother you could give me from these logs would be greatly appreciated...Also what anti-virus should I run...This iola stuff sucks...this is the second time it let me get infected.... Any pointers,advice etc... would be awesome...THANKS AGAIN... I greatly appreciate all the help....

Iolo makes some good utility programs, but I wouldn't rely on them too much for security. If I was to buy a security suite today I would probably spend my money on Zone Alarm.

http://www.zonealarm.com/store/content/cat...=US&lang=en

Of course there are other free options as well, but they aren't grouped all together in one suite.


As far as optimized your performance, look to get rid of anything that you don't need. I particularly would recommend that you uninstall Limewire.


==================


Your log looks pretty good to me.
Just a few last things and you should be good to go!


First, your log shows that you don't have the recovery console installed.
Check this link for more info on the recovery console and how to get it installed.

How to install and use the Windows XP Recovery Console



===================



Next, let's remove Combofix now that we're done with it and clean up a few other things.

• Click START then RUN
• Now type Combofix /u in the runbox and click OK
  
  
  • 
  
  
• When shown the disclaimer, Select "2"

==================



Now that you are clean, please follow these simple steps in order to keep your computer clean and secure:

1. Disable and Enable System Restore. - If you are using Windows ME or XP then you should disable and reenable system restore to make sure there are no infected files found in a restore point left over from what we have just cleaned.
   
   You can find instructions on how to enable and reenable system restore here:
   
   Windows XP System Restore Guide
   
   Renable system restore with instructions from tutorial above
   
   
2. Make your Internet Explorer more secure - This can be done by following these simple instructions:
   1. From within Internet Explorer click on the Tools menu and then click on Options.
   2. Click once on the Security tab
   3. Click once on the Internet icon so it becomes highlighted.
   4. Click once on the Custom Level button.
      
      1. Change the Download signed ActiveX controls to Prompt
         
      2. Change the Download unsigned ActiveX controls to Disable
         
      3. Change the Initialize and script ActiveX controls not marked as safe to Disable
         
      4. Change the Installation of desktop items to Prompt
         
      5. Change the Launching programs and files in an IFRAME to Prompt
         
      6. Change the Navigate sub-frames across different domains to Prompt
         
      7. When all these settings have been made, click on the OK button.
         
      8. If it prompts you as to whether or not you want to save the settings, press the Yes button.
   5. Next press the Apply button and then the OK to exit the Internet Properties page.
   
   
3. Use an AntiVirus Software - It is very important that your computer has an anti-virus software running on your machine. This alone can save you a lot of trouble with malware in the future.
   
   See this link for a listing of some online & their stand-alone antivirus programs:
   
   Virus, Spyware, and Malware Protection and Removal Resources
   
   
4. Update your AntiVirus Software - It is imperitive that you update your Antivirus software at least once a week (Even more if you wish). If you do not update your antivirus software then it will not be able to catch any of the new variants that may come out.
   
   
5. Use a Firewall - I can not stress how important it is that you use a Firewall on your computer. Without a firewall your computer is succeptible to being hacked and taken over. I am very serious about this and see it happen almost every day with my clients. Simply using a Firewall in its default configuration can lower your risk greatly.
   
   For a tutorial on Firewalls and a listing of some available ones see the link below:
   
   Understanding and Using Firewalls
   
   
6. Visit Microsoft's Windows Update Site Frequently - It is important that you visit http://www.windowsupdate.com regularly. This will ensure your computer has always the latest security updates available installed on your computer. If there are new updates to install, install them immediately, reboot your computer, and revisit the site until there are no more critical updates.
   
   
7. Install Spybot - Search and Destroy - Install and download Spybot - Search and Destroy with its TeaTimer option. This will provide realtime spyware & hijacker protection on your computer alongside your virus protection. You should also scan your computer with program on a regular basis just as you would an antivirus software.
   
   A tutorial on installing & using this product can be found here:
   
   Using Spybot - Search & Destroy to remove Spyware , Malware, and Hijackers
   
   
8. Install Ad-Aware - Install and download Ad-Aware. ou should also scan your computer with program on a regular basis just as you would an antivirus software in conjunction with Spybot.
   
   A tutorial on installing & using this product can be found here:
   
   Using Ad-aware to remove Spyware, Malware, & Hijackers from Your Computer
   
   
9. Install SpywareBlaster - SpywareBlaster will added a large list of programs and sites into your Internet Explorer settings that will protect you from running and downloading known malicious programs.
   
   A tutorial on installing & using this product can be found here:
   
   Using SpywareBlaster to protect your computer from Spyware and Malware
   
   
10. Update all these programs regularly - Make sure you update all the programs I have listed regularly. Without regular updates you WILL NOT be protected when new malicious programs are released.

Follow this list and your potential for being infected again will reduce dramatically.

Thanks again man...You really helped me out...

Happy to help!

Now that your problem appears to be resolved, this thread will be closed. If you need this topic reopened, please contact a member of the HJT Team and we will reopen it for you. Include the address of this thread in your request.