After using them, my system stops at the WinXP splash screen. I have been using F8 to go into Safe mode but the viruses come right back. So, to use internet I have been using the UBCD to get into WinXP and the viruses return and they change often.
I tried to install Kaspersky and was forced to dump AVG and Spybot just to get an error code of 1500: another installation is in process.
I am stuck, frustrated and plea for help...my wife is a copy editor/writer and cannot work (3 day now) and the dog house is real wet in Florida right now.
Here I go...
DDS (Ver_09-05-14.01) - NTFSx86
Run by Wile E. Coyote at 23:18:45.59 on Fri 05/22/2009
Internet Explorer: 6.0.2900.2180 BrowserJavaVersion: 1.6.0_02
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.3071.2416 [GMT -4:00]
============== Running Processes ===============
C:\WINDOWS\system32\svchost -k DcomLaunch
C:\WINDOWS\system32\svchost -k rpcss
C:\Program Files\Nero\Nero 9\InCD\InCDSrv.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\PROGRA~1\CACHEM~1\CachemanXP.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Nero\Nero 9\InCD\NBHRegInCDSrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Norton Ghost\Agent\VProSvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\UTSCSI.EXE
C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\TEMP\j0w5m0l.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\TEMP\j0w5m0l.exe
svchost.exe C:\WINDOWS\TEMP\VRT54.tmp
C:\WINDOWS\System32\reader_s.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Norton Ghost\Shared\Drivers\SymSnapService.exe
C:\WINDOWS\system32\msdtc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\xp-AntiSpy\xp-AntiSpy.exe
C:\WINDOWS\System32\alg.exe
C:\Documents and Settings\Wile E. Coyote\Desktop\dds.scr
C:\WINDOWS\system32\wbem\wmiprvse.exe
============== Pseudo HJT Report ===============
uStart Page = about:blank
uInternet Settings,ProxyOverride = *.local
mWinlogon: Userinit=c:\windows\system32\userinit.exe,c:\windows\system32\ntos.exe,
BHO: c:\windows\system32\sdjee3inf.dll: {c6c7b2a1-00f3-42bd-f434-00aaba2c8953} - c:\windows\system32\sdjee3inf.dll
BHO: EpsonToolBandKicker Class: {e99421fb-68dd-40f0-b4ac-b7027cae2f1a} - c:\program files\epson\epson web-to-page\EPSON Web-To-Page.dll
TB: EPSON Web-To-Page: {ee5d279f-081b-4404-994d-c6b60aaeba6d} - c:\program files\epson\epson web-to-page\EPSON Web-To-Page.dll
TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File
mRun: [WD Drive Manager] c:\program files\western digital\wd drive manager\WDBtnMgrUI.exe
mRun: [MSConfig] c:\windows\pchealth\helpctr\binaries\MSConfig.exe /auto
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
mRun: [reader_s] c:\windows\system32\reader_s.exe
mRunOnce: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
uPolicies-explorer: NoSMBalloonTip = 0 (0x0)
uPolicies-explorer: NoDesktopCleanupWizard = 1 (0x1)
uPolicies-explorer: NoRecentDocsNetHood = 1 (0x1)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
LSP: c:\windows\system32\iavlsp.dll
Trusted Zone: turbotax.com
DPF: vzTCPConfig - hxxp://www2.verizon.net/help/fios_settings_POTT20009/include/vzTCPConfig.CAB
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
AppInit_DLLs: wbsys.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
STS: c:\windows\system32\sdjee3inf.dll: {c6c7b2a1-00f3-42bd-f434-00aaba2c8953} - c:\windows\system32\sdjee3inf.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
================= FIREFOX ===================
FF - ProfilePath - c:\docume~1\wilee~1.coy\applic~1\mozilla\firefox\profiles\pnxsv8qk.default\
============= SERVICES / DRIVERS ===============
R0 si3112r;Silicon Image SiI 3112 SATARaid Controller;c:\windows\system32\drivers\SI3112r.sys [2007-7-4 110128]
R0 SiWinAcc;SiWinAcc;c:\windows\system32\drivers\SiWinAcc.sys [2007-7-4 17328]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2008-5-28 8944]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2008-5-28 55024]
R2 CachemanXPService;CachemanXP;c:\progra~1\cachem~1\CachemanXP.exe [2008-2-29 378368]
R2 LBeepKE;LBeepKE;c:\windows\system32\drivers\LBeepKE.sys [2009-2-4 10384]
R2 NeroRegInCDSrv;Nero Registry InCD Service;c:\program files\nero\nero 9\incd\NBHRegInCDSrv.exe [2008-11-7 108568]
R2 Symantec SymSnap VSS Provider;Symantec SymSnap VSS Provider;c:\windows\system32\dllhost.exe [2004-8-4 25600]
R2 WDBtnMgrSvc.exe;WD Drive Manager Service;c:\program files\western digital\wd drive manager\WDBtnMgrSvc.exe [2008-7-24 122880]
R3 SymSnapService;SymSnapService;c:\program files\norton ghost\shared\drivers\SymSnapService.exe [2007-12-20 1558000]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2009-4-30 11520]
S0 mdjga;mdjga;c:\windows\system32\drivers\obraxmka.sys --> c:\windows\system32\drivers\obraxmka.sys [?]
S0 mpefxsi;mpefxsi;c:\windows\system32\drivers\ghpg.sys --> c:\windows\system32\drivers\ghpg.sys [?]
S0 nvcchflt;NVIDIA Disk Cache Filter Driver;c:\windows\system32\drivers\nvcchflt.sys [2008-2-29 16640]
S0 oongycf;oongycf;c:\windows\system32\drivers\yaqymux.sys --> c:\windows\system32\drivers\yaqymux.sys [?]
S0 pewmlkx;pewmlkx;c:\windows\system32\drivers\mvgbjo.sys --> c:\windows\system32\drivers\mvgbjo.sys [?]
S0 zrhsh;zrhsh;c:\windows\system32\drivers\jrzfcsf.sys --> c:\windows\system32\drivers\jrzfcsf.sys [?]
S2 ioloFileInfoList;iolo FileInfoList Service; [x]
S2 ioloSystemService;iolo System Service; [x]
S3 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;c:\program files\adobe\photoshop elements 7.0\PhotoshopElementsFileAgent.exe [2008-9-16 169312]
S3 NC100;Network Everywhere Fast Ethernet Adapter(NC100 v2);c:\windows\system32\drivers\NC100A.sys [2001-2-23 35013]
S3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2008-5-28 7408]
UnknownUnknown restore;restore; [x]
============== File Associations ===============
JSEFile=NOTEPAD.EXE %1
VBEFile=NOTEPAD.EXE %1
VBSFile=NOTEPAD.EXE %1
=============== Created Last 30 ================
2009-05-22 23:03 61,440 a------- c:\windows\system32\drivers\clkcnjjv.sys
2009-05-22 22:53 0 a------- C:\5D.tmp
2009-05-22 22:53 0 a------- C:\5C.tmp
2009-05-22 22:53 0 a------- C:\5B.tmp
2009-05-22 22:53 60,929 a------- c:\windows\system32\reader_s.ex_
2009-05-22 22:53 0 a------- C:\56.tmp
2009-05-22 22:53 0 a------- C:\53.tmp
2009-05-22 22:53 0 a------- C:\52.tmp
2009-05-22 22:53 0 a------- C:\51.tmp
2009-05-22 22:53 0 a------- C:\50.tmp
2009-05-22 22:52 0 a------- C:\4F.tmp
2009-05-22 22:52 0 a------- C:\4E.tmp
2009-05-22 22:52 0 a------- C:\4D.tmp
2009-05-22 22:52 0 a------- C:\4C.tmp
2009-05-22 22:52 0 a------- C:\4B.tmp
2009-05-22 22:52 0 a------- C:\4A.tmp
2009-05-22 22:52 0 a------- C:\49.tmp
2009-05-22 22:52 51,712 a------- C:\2F.tmp
2009-05-22 22:52 15,000 a------- c:\windows\system32\sdjee3inf.dl_
2009-05-22 21:58 169,984 ac------ c:\windows\system32\dllcache\msconfig.exe
2009-05-22 21:53 0 a------- C:\48.tmp
2009-05-22 21:53 0 a------- C:\47.tmp
2009-05-22 21:53 0 a------- C:\46.tmp
2009-05-22 21:53 0 a------- C:\45.tmp
2009-05-22 19:25 0 a------- c:\windows\system32\3C.tmp
2009-05-22 19:25 120 a------- c:\windows\system32\39.tmp
2009-05-22 19:25 0 a------- C:\37.tmp
2009-05-22 19:25 0 a------- C:\36.tmp
2009-05-22 19:25 0 a------- C:\35.tmp
2009-05-22 19:25 0 a------- C:\34.tmp
2009-05-22 19:25 0 a------- C:\33.tmp
2009-05-22 19:25 0 a------- C:\32.tmp
2009-05-22 19:25 0 a------- C:\30.tmp
2009-05-22 19:25 0 a------- C:\2E.tmp
2009-05-22 19:25 0 a------- C:\2D.tmp
2009-05-22 19:25 0 a------- C:\2C.tmp
2009-05-22 19:24 0 a------- C:\2B.tmp
2009-05-22 19:24 0 a------- C:\2A.tmp
2009-05-22 19:24 0 a------- C:\29.tmp
2009-05-22 19:24 0 a------- C:\28.tmp
2009-05-22 19:24 0 a------- C:\27.tmp
2009-05-22 19:24 51,712 a------- C:\25.tmp
2009-05-21 06:24 664 a------- c:\windows\system32\d3d9caps.dat
2009-05-20 22:52 0 a------- C:\16.tmp
2009-05-20 22:52 0 a------- C:\15.tmp
2009-05-20 22:52 0 a------- C:\14.tmp
2009-05-20 22:52 0 a------- C:\13.tmp
2009-05-20 22:52 0 a------- C:\12.tmp
2009-05-20 22:52 0 a------- C:\11.tmp
2009-05-20 22:52 0 a------- C:\10.tmp
2009-05-20 22:52 0 a------- C:\F.tmp
2009-05-20 22:52 0 a------- C:\E.tmp
2009-05-20 22:52 0 a------- C:\D.tmp
2009-05-20 22:52 0 a------- C:\C.tmp
2009-05-20 22:52 0 a------- C:\B.tmp
2009-05-20 22:51 0 a------- C:\A.tmp
2009-05-20 22:51 0 a------- C:\9.tmp
2009-05-20 22:51 0 a------- C:\8.tmp
2009-05-20 22:51 0 a------- C:\7.tmp
2009-05-20 22:51 51,712 a------- C:\6.tmp
2009-05-20 22:18 2,126 a------- c:\windows\system32\wpa.dbl
2009-05-20 06:38 <DIR> --d----- c:\program files\Trend Micro
2009-05-19 19:59 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Kaspersky Lab Setup Files
2009-05-19 01:47 0 a------- c:\windows\EEventManager.INI
2009-05-18 20:17 <DIR> --d----- C:\SP3
2009-05-17 22:03 <DIR> -cd-h--- c:\docume~1\alluse~1\applic~1\{92E7A367-8E12-4830-AA70-29C32E331A81}
2009-05-17 16:07 71 a------- c:\windows\PrintCD.INI
2009-05-16 22:06 12,189 a------- c:\windows\system32\EPPICResdb0000
2009-05-16 22:06 121 a------- c:\windows\system32\EPPICResdb
2009-05-16 21:58 <DIR> --d----- c:\program files\ABBYY FineReader 6.0 Sprint
2009-05-16 21:57 <DIR> --d----- c:\docume~1\alluse~1\applic~1\ArcSoft
2009-05-16 21:55 86,528 a------- c:\windows\system32\E_FLBEMA.DLL
2009-05-16 21:55 78,848 a------- c:\windows\system32\E_FD4BEMA.DLL
2009-05-16 21:53 <DIR> --d----- c:\docume~1\alluse~1\applic~1\EPSON
2009-05-16 21:53 <DIR> --d----- c:\program files\Epson Software
2009-05-16 21:52 71,680 a------- c:\windows\system32\escwiad.dll
2009-05-16 21:52 9,216 a------- c:\windows\system32\escdev.dll
2009-05-16 21:52 44 a------- c:\windows\EPART800.ini
2009-05-05 21:56 <DIR> --d----- c:\docume~1\wilee~1.coy\applic~1\ErrorSmart
2009-05-02 07:48 4,767 a------- c:\windows\Irremote.ini
2009-05-01 22:14 19,096 a------- c:\windows\system32\drivers\InCDRec.sys
2009-05-01 22:14 129,944 a------- c:\windows\system32\drivers\InCDFs.sys
2009-05-01 22:14 41,880 a------- c:\windows\system32\drivers\InCDRm.sys
2009-05-01 22:14 48,152 a------- c:\windows\system32\drivers\InCDPass.sys
2009-05-01 22:14 <DIR> --d----- c:\program files\Nero
2009-04-30 19:27 <DIR> a-d----- C:\MyBook
2009-04-30 19:16 <DIR> --d----- c:\program files\Western Digital Corporation
2009-04-30 19:16 11,520 a------- c:\windows\system32\drivers\wdcsam.sys
2009-04-30 19:16 <DIR> --d----- c:\program files\Western Digital
2009-04-30 19:16 20,992 a------- c:\windows\jestertb.dll
2009-04-30 19:15 43,904 ac------ c:\windows\system32\dllcache\sbp2port.sys
2009-04-30 19:15 43,904 a------- c:\windows\system32\drivers\sbp2port.sys
==================== Find3M ====================
2009-05-22 23:03 986 a------- c:\program files\lpunou.txt
2009-05-19 01:44 182,912 a------- c:\windows\system32\drivers\ndis.sys
2009-04-06 15:32 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-04-06 15:32 15,504 a------- c:\windows\system32\drivers\mbam.sys
2009-01-13 09:35 1,693,928 a------- c:\docume~1\wilee~1.coy\applic~1\GDIPFONTCACHEV1.DAT
2008-12-07 20:57 87,608 a------- c:\docume~1\wilee~1.coy\applic~1\inst.exe
============= FINISH: 23:19:06.70 ===============