Please Help.... Virtumonde, Vundo & Many Other Malicious Trojans

[TheOnlyBigDog]

I ran SpyBot and SuperAntiSpyware Pro and it seemed to find many viruses and trojans. Many of the trojans are Vundo Varients and S&D found all the Virtumondes. Below I have posted the HijackThis logfile. Also... When I try to reboot, all that comes up is my wallpaper. No actual windows screen.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:04:16 PM, on 10/20/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\PROGRA~1\COMMON~1\Stardock\SDMCP.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Yahoo!\Common\YMailAdvisor.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Stardock\CursorFX\CursorFX.exe
C:\Program Files\Creative\MediaSource\GO\CTCMSGo.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: (no name) - {34ea1c70-42cc-42c5-aa29-ec58b95a343e} - (no file)
R3 - URLSearchHook: (no name) - {a33fa729-d155-4b23-842b-2c665ecabdb6} - (no file)
R3 - URLSearchHook: (no name) - {06663B56-0D73-4f9f-BCC5-4AA941470AFD} - C:\Program Files\PandoBar\SrchAstt\1.bin\P4SRCHAS.DLL
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: (no name) - {34ea1c70-42cc-42c5-aa29-ec58b95a343e} - (no file)
O3 - Toolbar: (no name) - {a33fa729-d155-4b23-842b-2c665ecabdb6} - (no file)
O3 - Toolbar: Pando Toolbar - {E3EA4FD9-CADE-4ae5-84F7-086EEE888BE4} - C:\Program Files\PandoBar\bar\1.bin\PANDOBAR.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [YMailAdvisor] "C:\Program Files\Yahoo!\Common\YMailAdvisor.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [CursorFX] "C:\Program Files\Stardock\CursorFX\CursorFX.exe"
O4 - HKCU\..\Run: [Creative MediaSource Go] C:\Program Files\Creative\MediaSource\GO\CTCMSGo.exe /SCB
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Startup: MySurvey Messenger.lnk = C:\Program Files\MySurvey Messenger\MySurveyMessenger.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Translate with &Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Translate.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIC273~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl.sun.com/webapps/downlo...BundleId=23100
O17 - HKLM\System\CCS\Services\Tcpip\..\{9F1D95B2-101E-4E4D-86A6-CF20C03018FF}: NameServer = 65.41.120.51,208.13.143.36
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - AppInit_DLLs: wbsys.dll rqzreg.dll dvytvt.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

--
End of file - 10735 bytes

[Shaba]

Hi TheOnlyBigDog

Rename HijackThis.exe to TheOnlyBigDog.exe and post back a fresh HijackThis log, please

[TheOnlyBigDog]

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:18:36 AM, on 10/22/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\PROGRA~1\COMMON~1\Stardock\SDMCP.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Yahoo!\Common\YMailAdvisor.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Stardock\CursorFX\CursorFX.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Nero\Nero 7\Nero ShowTime\ShowTime.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: (no name) - {34ea1c70-42cc-42c5-aa29-ec58b95a343e} - (no file)
R3 - URLSearchHook: (no name) - {a33fa729-d155-4b23-842b-2c665ecabdb6} - (no file)
R3 - URLSearchHook: (no name) - {06663B56-0D73-4f9f-BCC5-4AA941470AFD} - C:\Program Files\PandoBar\SrchAstt\1.bin\P4SRCHAS.DLL
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: (no name) - {06663B51-0D73-4f9f-BCC5-4AA941470AFD} - (no file)
O2 - BHO: (no name) - {4F958CA7-9035-41E1-B5BF-EF8F336C1A23} - C:\WINDOWS\system32\pmnlIxwW.dll (file missing)
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: (no name) - {34ea1c70-42cc-42c5-aa29-ec58b95a343e} - (no file)
O3 - Toolbar: (no name) - {a33fa729-d155-4b23-842b-2c665ecabdb6} - (no file)
O3 - Toolbar: Pando Toolbar - {E3EA4FD9-CADE-4ae5-84F7-086EEE888BE4} - C:\Program Files\PandoBar\bar\1.bin\PANDOBAR.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [YMailAdvisor] "C:\Program Files\Yahoo!\Common\YMailAdvisor.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [CursorFX] "C:\Program Files\Stardock\CursorFX\CursorFX.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Startup: MySurvey Messenger.lnk = C:\Program Files\MySurvey Messenger\MySurveyMessenger.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Translate with &Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Translate.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIC273~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl.sun.com/webapps/downlo...BundleId=23100
O17 - HKLM\System\CCS\Services\Tcpip\..\{9F1D95B2-101E-4E4D-86A6-CF20C03018FF}: NameServer = 65.41.120.51,208.13.143.36
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - AppInit_DLLs: wbsys.dll rqzreg.dll dvytvt.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

--
End of file - 10819 bytes

[Shaba]

To access the Uninstall Manager you would do the following:

1. Start HijackThis
2. Click on the Config button
3. Click on the Misc Tools button
4. Click on the Open Uninstall Manager button.

You will now be presented with a screen similar to the one below:



5. Click on the Save list... button and specify where you would like to save this file. When you press Save button a notepad will open with the contents of that file. Simply copy and paste the contents of that notepad here on your next reply.

[TheOnlyBigDog]

2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
Acrobat.com
Acrobat.com
Adobe Audition 3.0
Adobe Flash Player ActiveX
Adobe Flash Player Plugin
Adobe Reader 7.1.0
Alcatech BPM Studio Professional v4.9.1
Ancient Castle 3D Screensaver 1.1
Apple Software Update
ASPI Drivers
Babylon
Bejeweled 1.23
BookWorm Deluxe 1.0
Canon iP1600
ccCommon
CD+G AutoName
CompuHost
Cool Edit Pro 2.1
CrazyTalk v5.0 PRO
Creative MediaSource
Creative System Information
Cucusoft MPEG/AVI to DVD/VCD/SVCD/MPEG Converter Pro 4.53
Debs Karaoke Renamer
DecoderCdg 1.000
DesktopX
DualCoreCenter
DVD Decoder Pak for Windows XP
DVD Shrink 3.1.7
East-Tec Eraser 2008 Version 8.9
EncoderMcg 1.001
Eraser
eXtreme Movie Manager 6.1.9.0 - Full Install!
EZ-2-Serve 1.15
Form Fill (Windows Live Toolbar)
FotoMorph
Gaa Moa's Plugins for Cool Edit Pro
Galleon 3D Screensaver 1.3
Gateway151 File-2-Folder
Gateway151 Karaoke Zip Player
GoodMEM
Google Earth
Google Toolbar for Internet Explorer
Google Toolbar for Internet Explorer
Google Updater
HijackThis 2.0.2
Hotfix for Windows XP (KB952287)
iClone v2.5 Studio
Internet Worm Protection
Jasc Animation Shop 3
Java(TM) 6 Update 7
Karaoke Builder Studio 3.x
Karaoke Home Producer
Karaoke Sound Tools
Keyrite
KJ Pro
List Magic v1.0
LiveReg (Symantec Corporation)
LiveUpdate 3.0 (Symantec Corporation)
LockBox
Macromedia Dreamweaver 8
Macromedia Dreamweaver MX 2004
Macromedia Extension Manager
Macromedia Fireworks MX 2004
Macromedia Flash MX 2004
Macromedia FreeHand MXa
Macromedia HomeSite+
Magic DVD Copier Version 4.9 build 2
Magic DVD Ripper V5.3 build 7
Magic ISO Maker v5.4 (build 0239)
Map Button (Windows Live Toolbar)
Microsoft .NET Framework 2.0
Microsoft Access 2002 Runtime
Microsoft Expression Web
Microsoft Expression Web
Microsoft Expression Web MUI (English)
Microsoft Expression Web Service Pack 1 (SP1)
Microsoft Expression Web Service Pack 1 (SP1)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Project 2007 Service Pack 1 (SP1)
Microsoft Office Project 2007 Service Pack 1 (SP1)
Microsoft Office Project MUI (English) 2007
Microsoft Office Project Professional 2007
Microsoft Office Project Professional 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Visio 2007 Service Pack 1 (SP1)
Microsoft Office Visio 2007 Service Pack 1 (SP1)
Microsoft Office Visio MUI (English) 2007
Microsoft Office Visio Professional 2007
Microsoft Office Visio Professional 2007
Microsoft Office Word MUI (English) 2007
Microsoft Office XP Professional with FrontPage
Microsoft Publisher 2002
Microsoft Visual C++ 2005 Redistributable
Microstudio
mIRC
Mozilla Firefox (3.0.3)
MP3 WAV Converter 2.68
MSI Live
MSI Live Update 3
Musicmatch® Jukebox
myBabylon Toolbar
MySurvey Messenger
Nero 7 Demo
Norton AntiVirus 2005
Norton AntiVirus 2005 (Symantec Corporation)
Norton AntiVirus Help
Norton AntiVirus Parent MSI
Norton AntiVirus SYMLT MSI
Norton WMI Update
NVIDIA Drivers
NVIDIA ForceWare Network Access Manager
OneCare Advisor (Windows Live Toolbar)
PaltalkScene
Pando
Pando Toolbar
PlayCDG Pro 2.000
Popup Blocker (Windows Live Toolbar)
Power CD+G Burner
Power CD+G Player Pro
Power CD+G to Video Karaoke Converter
Power CDG Control
Power CDG To AVI Converter
Power CDG To MPG Converter
PowerKaraoke Plus
Quest3D Viewers 3.0e
QuickTime
Rocket Mania 1.0
Sax & Dottys Karaoke Zip Player
SecureDoc
Security Update for 2007 Microsoft Office System (KB951596)
Security Update for 2007 Microsoft Office System (KB951944)
Security Update for 2007 Microsoft Office System (KB951944)
Security Update for 2007 Microsoft Office System (KB951944)
Security Update for 2007 Microsoft Office System (KB951944)
Security Update for CAPICOM (KB931906)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 2.0 (KB928365)
Security Update for Microsoft Office Excel 2007 (KB951546)
Security Update for Microsoft Office OneNote 2007 (KB950130)
Security Update for Microsoft Office PowerPoint 2007 (KB951338)
Security Update for Microsoft Office Publisher 2007 (KB950114)
Security Update for Microsoft Office system 2007 (KB951808)
Security Update for Microsoft Office system 2007 (KB951808)
Security Update for Microsoft Office system 2007 (KB954326)
Security Update for Microsoft Office system 2007 (KB954326)
Security Update for Microsoft Office system 2007 (KB954326)
Security Update for Microsoft Office system 2007 (KB954326)
Security Update for Microsoft Office Visio 2007 (KB947590)
Security Update for Microsoft Office Word 2007 (KB950113)
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953838)
Security Update for Windows XP (KB953839)
Siglos Karaoke Player/Recorder
Smart Menus (Windows Live Toolbar)
Sound Blaster Audigy 2 ZS
SPBBC
Spybot - Search & Destroy
SUPERAntiSpyware Professional
Symantec
Symantec Script Blocking Installer
SymNet
The_Pirate_Bay Toolbar
TopStyle Lite (Version 3.0)
Update for Microsoft Office Outlook 2007 (KB952142)
Update for Office 2007 (KB946691)
Update for Office 2007 (KB946691)
Update for Office 2007 (KB946691)
Update for Office 2007 (KB946691)
Update for Outlook 2007 Junk Email Filter (kb956080)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Video Edit Magic 3.36
Winamp
Winamp Toolbar for Firefox
Winamp Toolbar for Internet Explorer
WindowBlinds
Windows Internet Explorer 7
Windows Live Favorites for Windows Live Toolbar
Windows Live Messenger
Windows Live Outlook Toolbar (Windows Live Toolbar)
Windows Live Sign-in Assistant
Windows Live Toolbar
Windows Live Toolbar
Windows Live Toolbar Extension (Windows Live Toolbar)
Windows Live Toolbar Feed Detector (Windows Live Toolbar)
Windows Media Format Runtime
Windows XP Service Pack 3
WinRAR archiver
WinZip
WMIinfo
Yahoo! Install Manager
Yahoo! Internet Mail
Yahoo! Mail Advisor
Yahoo! Messenger
Yahoo! Toolbar

[Shaba]

IMPORTANT I notice there are signs of one or more P2P (Peer to Peer) File Sharing Programs on your computer.

Pando
Pando Toolbar

I'd like you to read the this thread.

Please go to Control Panel > Add/Remove Programs and uninstall the programs listed above (in red).

Please run a new uninstall list scan when finished and post the log back here.

[TheOnlyBigDog]

2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
Acrobat.com
Acrobat.com
Adobe Audition 3.0
Adobe Flash Player ActiveX
Adobe Flash Player Plugin
Adobe Reader 7.1.0
Alcatech BPM Studio Professional v4.9.1
Ancient Castle 3D Screensaver 1.1
Apple Software Update
ASPI Drivers
Babylon
Bejeweled 1.23
BookWorm Deluxe 1.0
Canon iP1600
ccCommon
CD+G AutoName
CompuHost
Cool Edit Pro 2.1
CrazyTalk v5.0 PRO
Creative MediaSource
Creative System Information
Cucusoft MPEG/AVI to DVD/VCD/SVCD/MPEG Converter Pro 4.53
Debs Karaoke Renamer
DecoderCdg 1.000
DesktopX
DualCoreCenter
DVD Decoder Pak for Windows XP
DVD Shrink 3.1.7
East-Tec Eraser 2008 Version 8.9
EncoderMcg 1.001
Eraser
eXtreme Movie Manager 6.1.9.0 - Full Install!
EZ-2-Serve 1.15
Form Fill (Windows Live Toolbar)
FotoMorph
Gaa Moa's Plugins for Cool Edit Pro
Galleon 3D Screensaver 1.3
Gateway151 File-2-Folder
Gateway151 Karaoke Zip Player
GoodMEM
Google Earth
Google Toolbar for Internet Explorer
Google Toolbar for Internet Explorer
Google Updater
HijackThis 2.0.2
Hotfix for Windows XP (KB952287)
iClone v2.5 Studio
Internet Worm Protection
Jasc Animation Shop 3
Java(TM) 6 Update 7
Karaoke Builder Studio 3.x
Karaoke Home Producer
Karaoke Sound Tools
Keyrite
KJ Pro
List Magic v1.0
LiveReg (Symantec Corporation)
LiveUpdate 3.0 (Symantec Corporation)
LockBox
Macromedia Dreamweaver 8
Macromedia Dreamweaver MX 2004
Macromedia Extension Manager
Macromedia Fireworks MX 2004
Macromedia Flash MX 2004
Macromedia FreeHand MXa
Macromedia HomeSite+
Magic DVD Copier Version 4.9 build 2
Magic DVD Ripper V5.3 build 7
Magic ISO Maker v5.4 (build 0239)
Map Button (Windows Live Toolbar)
Microsoft .NET Framework 2.0
Microsoft Access 2002 Runtime
Microsoft Expression Web
Microsoft Expression Web
Microsoft Expression Web MUI (English)
Microsoft Expression Web Service Pack 1 (SP1)
Microsoft Expression Web Service Pack 1 (SP1)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Project 2007 Service Pack 1 (SP1)
Microsoft Office Project 2007 Service Pack 1 (SP1)
Microsoft Office Project MUI (English) 2007
Microsoft Office Project Professional 2007
Microsoft Office Project Professional 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Visio 2007 Service Pack 1 (SP1)
Microsoft Office Visio 2007 Service Pack 1 (SP1)
Microsoft Office Visio MUI (English) 2007
Microsoft Office Visio Professional 2007
Microsoft Office Visio Professional 2007
Microsoft Office Word MUI (English) 2007
Microsoft Office XP Professional with FrontPage
Microsoft Publisher 2002
Microsoft Visual C++ 2005 Redistributable
Microstudio
mIRC
Mozilla Firefox (3.0.3)
MP3 WAV Converter 2.68
MSI Live
MSI Live Update 3
Musicmatch® Jukebox
myBabylon Toolbar
MySurvey Messenger
Nero 7 Demo
Norton AntiVirus 2005
Norton AntiVirus 2005 (Symantec Corporation)
Norton AntiVirus Help
Norton AntiVirus Parent MSI
Norton AntiVirus SYMLT MSI
Norton WMI Update
NVIDIA Drivers
NVIDIA ForceWare Network Access Manager
OneCare Advisor (Windows Live Toolbar)
PaltalkScene
PlayCDG Pro 2.000
Popup Blocker (Windows Live Toolbar)
Power CD+G Burner
Power CD+G Player Pro
Power CD+G to Video Karaoke Converter
Power CDG Control
Power CDG To AVI Converter
Power CDG To MPG Converter
PowerKaraoke Plus
Quest3D Viewers 3.0e
QuickTime
Rocket Mania 1.0
Sax & Dottys Karaoke Zip Player
SecureDoc
Security Update for 2007 Microsoft Office System (KB951596)
Security Update for 2007 Microsoft Office System (KB951944)
Security Update for 2007 Microsoft Office System (KB951944)
Security Update for 2007 Microsoft Office System (KB951944)
Security Update for 2007 Microsoft Office System (KB951944)
Security Update for CAPICOM (KB931906)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 2.0 (KB928365)
Security Update for Microsoft Office Excel 2007 (KB951546)
Security Update for Microsoft Office OneNote 2007 (KB950130)
Security Update for Microsoft Office PowerPoint 2007 (KB951338)
Security Update for Microsoft Office Publisher 2007 (KB950114)
Security Update for Microsoft Office system 2007 (KB951808)
Security Update for Microsoft Office system 2007 (KB951808)
Security Update for Microsoft Office system 2007 (KB954326)
Security Update for Microsoft Office system 2007 (KB954326)
Security Update for Microsoft Office system 2007 (KB954326)
Security Update for Microsoft Office system 2007 (KB954326)
Security Update for Microsoft Office Visio 2007 (KB947590)
Security Update for Microsoft Office Word 2007 (KB950113)
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953838)
Security Update for Windows XP (KB953839)
Siglos Karaoke Player/Recorder
Smart Menus (Windows Live Toolbar)
Sound Blaster Audigy 2 ZS
SPBBC
Spybot - Search & Destroy
SUPERAntiSpyware Professional
Symantec
Symantec Script Blocking Installer
SymNet
The_Pirate_Bay Toolbar
TopStyle Lite (Version 3.0)
Update for Microsoft Office Outlook 2007 (KB952142)
Update for Office 2007 (KB946691)
Update for Office 2007 (KB946691)
Update for Office 2007 (KB946691)
Update for Office 2007 (KB946691)
Update for Outlook 2007 Junk Email Filter (kb956080)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Video Edit Magic 3.36
Winamp
Winamp Toolbar for Firefox
Winamp Toolbar for Internet Explorer
WindowBlinds
Windows Internet Explorer 7
Windows Live Favorites for Windows Live Toolbar
Windows Live Messenger
Windows Live Outlook Toolbar (Windows Live Toolbar)
Windows Live Sign-in Assistant
Windows Live Toolbar
Windows Live Toolbar
Windows Live Toolbar Extension (Windows Live Toolbar)
Windows Live Toolbar Feed Detector (Windows Live Toolbar)
Windows Media Format Runtime
Windows XP Service Pack 3
WinRAR archiver
WinZip
WMIinfo
Yahoo! Install Manager
Yahoo! Internet Mail
Yahoo! Mail Advisor
Yahoo! Messenger
Yahoo! Toolbar

[TheOnlyBigDog]

Hey Shaba... it's 3:20am here and I really need to get some shut eye. I will be back on here no later than 10am. TC and have a progressive day.

[Shaba]

We will continue with ComboFix. Please visit this webpage for download links, and instructions for running the tool:

http://www.bleepingcomputer.com/comb...o-use-combofix

Please ensure you read this guide carefully and install the Recovery Console first.

The Windows Recovery Console will allow you to boot up into a special recovery (repair) mode. This allows us to more easily help you should your computer have a problem after an attempted removal of malware. It is a simple procedure that will only take a few moments of your time.

Once installed, you should see a blue screen prompt that says:

The Recovery Console was successfully installed.

Please continue as follows:

1. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix, link
   Remember to re-enable them afterwards.
   
   
2. Click Yes to allow ComboFix to continue scanning for malware.

When the tool is finished, it will produce a report for you.

Please include the following reports for further review, and so we may continue cleansing the system:

C:\ComboFix.txt
New HijackThis log.

A word of warning: Please do not run ComboFix on your own. This tool is not a toy and not for everyday use.

[TheOnlyBigDog]

ComboFix 08-10-21.05 - TheOnlyBigDog 2008-10-22 9:46:39.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1576 [GMT -7:00]
Running from: C:\Documents and Settings\TheOnlyBigDog\Desktop\ComboFix.exe
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\TheOnlyBigDog\Application Data\inst.exe
C:\WINDOWS\21794.exe
C:\WINDOWS\system32\cmqlcfgc.exe
C:\WINDOWS\system32\dpvpbxep.ini
C:\WINDOWS\system32\swsguhab.exe
C:\WINDOWS\system32\TCKmTvut.ini
C:\WINDOWS\system32\TCKmTvut.ini2
C:\WINDOWS\system32\tmmuveub.ini
C:\WINDOWS\system32\vfcrcgmf.ini
C:\WINDOWS\system32\WwxIlnmp.ini
C:\WINDOWS\system32\WwxIlnmp.ini2
M:\autorun.inf

.
((((((((((((((((((((((((( Files Created from 2008-09-22 to 2008-10-22 )))))))))))))))))))))))))))))))
.

2008-10-20 15:04 . 2008-10-20 15:04 <DIR> d-------- C:\Program Files\Trend Micro
2008-10-20 11:18 . 2008-10-20 11:18 153 --a------ C:\WINDOWS\wininit.ini
2008-10-19 12:35 . 2008-10-19 12:36 <DIR> d-------- C:\Program Files\Galleon 3D Screensaver
2008-10-19 12:26 . 2008-10-19 12:26 <DIR> d-------- C:\Program Files\Ancient Castle 3D Screensaver
2008-10-18 22:25 . 2008-10-19 18:22 0 --a------ C:\FileOut.Cns
2008-10-18 22:25 . 2008-10-19 18:22 0 --a------ C:\FileIn.Cns
2008-10-17 22:58 . 2008-10-17 22:58 <DIR> d-------- C:\Program Files\Microsoft ActiveSync
2008-10-17 22:57 . 2008-10-17 22:57 <DIR> d-------- C:\Program Files\Common Files\L&H
2008-10-14 14:56 . 2008-10-14 15:09 <DIR> d-------- C:\Documents and Settings\TheOnlyBigDog\Contacts
2008-10-14 14:46 . 2008-10-14 14:46 <DIR> d-------- C:\Program Files\Windows Live Favorites
2008-10-14 14:46 . 2008-10-14 14:46 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Windows Live Toolbar
2008-10-14 14:45 . 2008-10-14 14:46 <DIR> d-------- C:\Program Files\Windows Live Toolbar
2008-10-14 14:44 . 2008-10-14 14:44 <DIR> d----c--- C:\WINDOWS\system32\DRVSTORE
2008-10-14 14:44 . 2008-10-14 14:44 <DIR> d-------- C:\Program Files\MSN Messenger
2008-10-14 12:12 . 2008-10-14 12:15 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Yahoo!
2008-10-14 12:03 . 2008-10-14 12:03 <DIR> d-------- C:\Documents and Settings\TheOnlyBigDog\Application Data\Yahoo!
2008-10-14 12:03 . 2008-10-14 12:04 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2008-10-14 12:02 . 2008-10-14 12:12 <DIR> d-------- C:\Program Files\Yahoo!
2008-10-13 00:43 . 2008-10-13 00:43 <DIR> d-------- C:\Documents and Settings\TheOnlyBigDog\Application Data\EAST Technologies
2008-10-13 00:42 . 2008-10-13 00:42 <DIR> d-------- C:\Program Files\East-Tec Eraser 2008
2008-10-10 19:00 . 2005-06-15 03:00 102,400 --a------ C:\WINDOWS\system32\tsccvid.dll
2008-10-10 18:59 . 2008-10-10 19:02 <DIR> d-------- C:\Program Files\eXtreme Movie Manager
2008-10-10 18:59 . 2000-05-21 23:00 1,009,336 --a------ C:\WINDOWS\system32\Mschrt20.ocx
2008-10-10 18:56 . 2008-10-10 18:56 <DIR> d-------- C:\Program Files\Cucusoft
2008-10-10 18:52 . 2008-10-10 18:52 <DIR> d-------- C:\Program Files\Deskshare
2008-10-10 18:52 . 2008-10-10 18:52 352,256 --a------ C:\WINDOWS\eSellerateEngine.dll
2008-10-09 17:07 . 2008-06-23 09:57 6,066,176 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll
2008-10-09 17:07 . 2007-04-17 02:32 2,455,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dat
2008-10-09 17:07 . 2007-03-07 22:10 991,232 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll.mui
2008-10-09 17:07 . 2008-06-23 09:57 459,264 -----c--- C:\WINDOWS\system32\dllcache\msfeeds.dll
2008-10-09 17:07 . 2008-06-23 09:57 383,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dll
2008-10-09 17:07 . 2008-06-23 09:57 267,776 -----c--- C:\WINDOWS\system32\dllcache\iertutil.dll
2008-10-09 17:07 . 2008-06-23 09:57 63,488 -----c--- C:\WINDOWS\system32\dllcache\icardie.dll
2008-10-09 17:07 . 2008-06-23 09:57 52,224 -----c--- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2008-10-09 17:07 . 2008-06-23 02:20 13,824 -----c--- C:\WINDOWS\system32\dllcache\ieudinit.exe
2008-10-05 02:32 . 2008-10-17 20:02 <DIR> d-------- C:\Documents and Settings\TheOnlyBigDog\Application Data\settingsbytewindow
2008-10-05 02:32 . 2008-10-05 10:20 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Drv Audio Dog About
2008-10-04 00:15 . 2008-10-04 00:15 <DIR> d-------- C:\Documents and Settings\TheOnlyBigDog\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2008-10-03 12:49 . 2008-10-05 10:22 <DIR> d-------- C:\Program Files\NOS
2008-10-03 12:49 . 2008-10-05 10:22 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\NOS
2008-10-03 12:33 . 2008-10-07 12:09 <DIR> d-------- C:\Program Files\LimeWire
2008-10-03 12:33 . 2008-10-07 12:09 <DIR> d-------- C:\Documents and Settings\TheOnlyBigDog\Application Data\LimeWire
2008-09-29 09:31 . 2008-09-29 09:31 <DIR> d--h----- C:\WINDOWS\PIF
2008-09-28 19:08 . 2008-09-28 19:08 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
2008-09-28 01:23 . 2008-04-13 11:45 32,128 --a------ C:\WINDOWS\system32\drivers\usbccgp.sys
2008-09-28 01:23 . 2008-04-13 11:45 32,128 --a--c--- C:\WINDOWS\system32\dllcache\usbccgp.sys
2008-09-27 09:00 . 2008-09-27 09:00 3,568,756 --a------ C:\WINDOWS\system32\xa107106953.exe
2008-09-27 09:00 . 2008-09-27 09:00 3,568,756 --a------ C:\WINDOWS\system32\xa107106593.exe
2008-09-27 09:00 . 2008-09-27 09:00 172,032 --a------ C:\WINDOWS\system32\xwr12179.dll
2008-09-27 09:00 . 2008-09-27 09:00 172,032 --a------ C:\WINDOWS\system32\wr12179.dll
2008-09-27 08:48 . 2008-09-27 08:48 <DIR> d-------- C:\Program Files\Act-3D
2008-09-27 08:48 . 2008-09-27 08:48 2,825,407 --a------ C:\WINDOWS\system32\xa106367609.exe
2008-09-27 08:48 . 2008-09-27 08:48 2,825,407 --a------ C:\WINDOWS\system32\xa106367328.exe
2008-09-27 08:48 . 2008-09-27 08:48 172,032 --a------ C:\WINDOWS\system32\xwr84718.dll
2008-09-27 08:48 . 2008-09-27 08:48 172,032 --a------ C:\WINDOWS\system32\wr84718.dll
2008-09-27 08:44 . 2008-09-27 09:01 <DIR> d-------- C:\Program Files\thriXXX
2008-09-27 08:44 . 2008-09-27 08:44 28,962,712 --a------ C:\WINDOWS\system32\xa106137906.exe
2008-09-27 08:44 . 2008-09-27 08:44 28,962,712 --a------ C:\WINDOWS\system32\xa106137328.exe
2008-09-27 08:44 . 2008-09-27 08:44 28,962,712 --a------ C:\WINDOWS\system32\xa106131421.exe
2008-09-27 08:44 . 2008-09-27 08:44 28,962,712 --a------ C:\WINDOWS\system32\xa106124546.exe
2008-09-27 08:44 . 2008-09-27 08:44 172,032 --a------ C:\WINDOWS\system32\xwr47437.dll
2008-09-27 08:44 . 2008-09-27 08:44 172,032 --a------ C:\WINDOWS\system32\wr47437.dll
2008-09-26 19:10 . 2008-09-26 19:10 <DIR> d-------- C:\Documents and Settings\TheOnlyBigDog\Application Data\Jasc
2008-09-26 19:08 . 2008-09-26 19:08 <DIR> d-------- C:\Program Files\Jasc Software Inc
2008-09-26 19:03 . 2008-09-26 19:03 80 -r-hs---- C:\WINDOWS\ICSET20.BIN
2008-09-26 18:21 . 2008-09-26 18:21 <DIR> d-------- C:\Program Files\MagicISO
2008-09-26 17:07 . 2008-09-26 19:02 <DIR> d-------- C:\Program Files\Reallusion
2008-09-26 17:07 . 2008-09-26 17:07 80 -r-hs---- C:\WINDOWS\CT5PRET.BIN
2008-09-26 17:05 . 2008-09-26 17:05 <DIR> d-------- C:\Documents and Settings\TheOnlyBigDog\Application Data\InstallShield
2008-09-26 17:03 . 2008-09-26 17:04 <DIR> d-------- C:\Program Files\Digital Photo Software
2008-09-26 17:03 . 2008-10-17 10:44 <DIR> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-09-26 10:36 . 2008-09-21 18:52 7,336,328 --a------ C:\WINDOWS\40175.exe
2008-09-26 04:57 . 2008-09-26 04:57 <DIR> d-------- C:\Documents and Settings\TheOnlyBigDog\Application Data\Reallusion
2008-09-26 03:05 . 2008-09-26 03:05 <DIR> d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-09-26 01:22 . 2008-09-26 01:22 <DIR> d-------- C:\Program Files\ALCATech
2008-09-26 00:27 . 2008-09-26 00:27 <DIR> d-------- C:\Program Files\QuickTime
2008-09-26 00:27 . 2008-09-26 00:27 <DIR> d-------- C:\Program Files\Common Files\Apple
2008-09-26 00:27 . 2008-09-26 00:27 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-09-26 00:26 . 2008-09-26 00:26 <DIR> d-------- C:\Program Files\Apple Software Update
2008-09-26 00:26 . 2008-09-26 00:26 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Apple
2008-09-25 14:54 . 2008-09-25 14:54 <DIR> d-------- C:\Documents and Settings\TheOnlyBigDog\LocalLow
2008-09-25 14:54 . 2008-09-25 14:54 <DIR> d-------- C:\Documents and Settings\TheOnlyBigDog\Application Data\TVU Networks
2008-09-25 14:54 . 2008-09-25 14:54 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\TVU Networks
2008-09-25 14:43 . 2008-09-25 14:43 0 --a------ C:\WINDOWS\nsreg.dat
2008-09-25 13:34 . 2008-07-18 22:07 270,880 --a------ C:\WINDOWS\system32\mucltui.dll
2008-09-25 13:34 . 2008-07-18 22:07 210,976 --a------ C:\WINDOWS\system32\muweb.dll
2008-09-25 13:34 . 2008-07-18 22:07 29,728 --a------ C:\WINDOWS\system32\mucltui.dll.mui
2008-09-25 10:36 . 2008-10-09 13:24 47 --a------ C:\WINDOWS\popcinfo.dat
2008-09-25 10:32 . 2008-09-25 10:47 <DIR> d-------- C:\Program Files\PopCap Games
2008-09-25 10:32 . 2000-12-08 21:59 122,880 --a------ C:\WINDOWS\UnGins.exe
2008-09-25 10:23 . 2008-09-25 10:24 <DIR> d-------- C:\Program Files\Microsoft Expression
2008-09-25 10:17 . 2006-10-26 19:56 32,592 --a------ C:\WINDOWS\system32\msonpmon.dll
2008-09-25 10:16 . 2008-09-25 10:16 <DIR> d-------- C:\Program Files\MSBuild
2008-09-25 10:16 . 2008-09-25 10:16 <DIR> d-------- C:\Program Files\Microsoft Works
2008-09-25 10:15 . 2008-09-25 10:15 <DIR> d-------- C:\Program Files\Microsoft.NET
2008-09-25 10:14 . 2008-10-17 23:02 <DIR> d-------- C:\WINDOWS\SHELLNEW
2008-09-25 10:14 . 2008-09-25 10:14 <DIR> d-------- C:\Program Files\Microsoft Visual Studio 8
2008-09-25 10:14 . 2008-10-18 14:38 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-09-25 10:13 . 2008-09-25 10:13 <DIR> dr-h----- C:\MSOCache
2008-09-25 01:33 . 2008-09-25 01:33 <DIR> d-------- C:\Program Files\Musicmatch
2008-09-25 01:33 . 2008-09-25 01:33 <DIR> d-------- C:\Documents and Settings\TheOnlyBigDog\Application Data\Musicmatch
2008-09-25 01:33 . 2006-01-19 12:05 108,544 --a------ C:\WINDOWS\system32\pxcpyi64.exe
2008-09-25 01:33 . 2006-01-19 12:05 104,960 --a------ C:\WINDOWS\system32\pxinsi64.exe
2008-09-24 10:25 . 2008-09-24 10:25 0 --a------ C:\WINDOWS\WB.ini
2008-09-24 09:18 . 2008-09-24 09:23 <DIR> d-------- C:\Documents and Settings\TheOnlyBigDog\Application Data\Stardock
2008-09-24 09:18 . 2008-09-24 09:18 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Stardock
2008-09-24 09:14 . 2008-04-26 16:14 42,672 --a------ C:\WINDOWS\system32\wbsys.dll
2008-09-24 09:13 . 2008-09-24 09:32 <DIR> d-------- C:\Program Files\Stardock
2008-09-24 09:13 . 2008-09-24 17:24 <DIR> d-------- C:\Program Files\Common Files\Stardock
2008-09-23 16:09 . 2008-09-23 16:18 <DIR> d-------- C:\Program Files\CompuHost
2008-09-23 14:59 . 2008-09-23 14:59 <DIR> d-------- C:\Program Files\MagicDVDCopier
2008-09-23 14:59 . 2008-09-23 14:59 <DIR> d-------- C:\Documents and Settings\TheOnlyBigDog\Application Data\Vso
2008-09-23 14:59 . 2008-09-23 14:59 47,360 --a------ C:\WINDOWS\system32\drivers\pcouffin.sys
2008-09-23 14:59 . 2008-09-23 14:59 47,360 --a------ C:\Documents and Settings\TheOnlyBigDog\Application Data\pcouffin.sys
2008-09-23 14:53 . 2008-09-23 14:53 <DIR> d-------- C:\Program Files\MagicDVDRipper

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-10-21 14:07 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
2008-10-20 18:11 --------- d-----w C:\Program Files\BitTorrent
2008-10-20 06:54 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-10-20 00:20 --------- d-----w C:\Program Files\Common Files\Macromedia
2008-10-20 00:19 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-10-20 00:19 --------- d-----w C:\Program Files\Macromedia
2008-10-18 22:41 --------- d-----w C:\Program Files\Gateway151 Karaoke Zip Player
2008-10-18 21:17 --------- d-----w C:\Program Files\MP3 WAV Converter
2008-10-18 20:01 --------- d-----w C:\Program Files\Winamp
2008-10-18 07:49 --------- d-----w C:\Documents and Settings\TheOnlyBigDog\Application Data\U3
2008-10-14 06:05 --------- d-----w C:\Documents and Settings\TheOnlyBigDog\Application Data\Ahead
2008-10-10 00:15 --------- d-----w C:\Program Files\Norton AntiVirus
2008-10-05 17:20 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-10-03 19:18 --------- d-----w C:\Documents and Settings\All Users\Application Data\Babylon
2008-10-03 08:20 --------- d-----w C:\Documents and Settings\TheOnlyBigDog\Application Data\Babylon
2008-09-30 06:08 --------- d-----w C:\Program Files\Kjpro
2008-09-25 00:25 --------- d-----w C:\Program Files\Eraser
2008-09-20 01:47 --------- d-----w C:\Program Files\Debs Karaoke Renamer
2008-09-20 01:47 --------- d-----w C:\Documents and Settings\TheOnlyBigDog\Application Data\Debs Karaoke Renamer
2008-09-20 01:40 --------- d-----w C:\Program Files\Gateway151 File-2-Folder
2008-09-20 01:29 --------- d-----w C:\Program Files\Java
2008-09-20 01:28 --------- d-----w C:\Program Files\Common Files\Java
2008-09-18 05:03 --------- d-----w C:\Program Files\Common Files\Adobe Systems Shared
2008-09-18 05:03 --------- d-----w C:\Program Files\Common Files\Adobe
2008-09-17 09:28 --------- d-----w C:\Program Files\Doblon
2008-09-16 22:56 --------- d-----w C:\Program Files\Karaoke Zip Scanner
2008-09-15 18:32 --------- d-----w C:\Program Files\Access 97 Runtime
2008-09-14 19:08 --------- d-----w C:\Program Files\Damar Systems
2008-09-14 00:49 --------- d-----w C:\Documents and Settings\TheOnlyBigDog\Application Data\AdobeUM
2008-09-14 00:11 --------- d--h--w C:\Documents and Settings\All Users\Application Data\CanonBJ
2008-09-13 23:29 --------- d-----w C:\Program Files\Mp3+G Toolz
2008-09-13 18:17 --------- d-----w C:\Program Files\Sax & Dottys Karaoke Zip Player
2008-09-13 09:57 --------- d-----w C:\Documents and Settings\All Users\Application Data\FLEXnet
2008-09-13 03:06 --------- d-----w C:\Documents and Settings\TheOnlyBigDog\Application Data\Paltalk
2008-09-13 03:05 --------- d-----w C:\Program Files\Paltalk Messenger
2008-09-12 21:01 --------- d-----w C:\Documents and Settings\All Users\Application Data\Macrovision
2008-09-12 20:46 --------- d-----w C:\Program Files\Common Files\Macromedia Shared
2008-09-12 20:45 --------- d-----w C:\Program Files\Common Files\Vbox
2008-09-12 20:45 --------- d-----w C:\Program Files\Bradbury
2008-09-12 19:51 --------- d-----w C:\Program Files\MySurvey Messenger
2008-09-11 23:44 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-09-11 23:16 --------- d-----w C:\Program Files\SUPERAntiSpyware
2008-09-11 23:16 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-09-11 23:16 --------- d-----w C:\Documents and Settings\TheOnlyBigDog\Application Data\SUPERAntiSpyware.com
2008-09-11 23:16 --------- d-----w C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-09-11 05:48 --------- d-----w C:\Program Files\KJ Pro
2008-09-11 05:46 --------- d-----w C:\Program Files\Microsoft Access Runtime
2008-09-11 05:46 --------- d-----w C:\Program Files\Common Files\Damar Systems
2008-09-11 05:37 --------- d-----w C:\Program Files\Common Files\Doblon
2008-09-11 04:32 --------- d-----w C:\Program Files\Common Files\Ahead
2008-09-11 04:31 --------- d-----w C:\Program Files\Nero
2008-09-11 04:28 --------- d-----w C:\Program Files\Ahead
2008-09-10 23:06 --------- d-----w C:\Program Files\The_Pirate_Bay
2008-09-10 09:58 --------- d-----w C:\Program Files\myBabylon
2008-09-10 09:58 --------- d-----w C:\Program Files\Conduit
2008-09-10 09:58 --------- d-----w C:\Program Files\Babylon
2008-09-10 09:44 --------- d-----w C:\Program Files\Google
2008-09-10 09:41 --------- d-----w C:\Documents and Settings\TheOnlyBigDog\Application Data\NeroVision
2008-09-10 09:37 --------- d-----w C:\Program Files\DVD Shrink
2008-09-10 09:37 --------- d-----w C:\Documents and Settings\All Users\Application Data\DVD Shrink
2008-09-10 09:33 --------- d-----w C:\Program Files\CDRWIN3
2008-09-10 09:09 --------- d-----w C:\Program Files\RoxBox
2008-09-10 09:06 --------- d-----w C:\Program Files\Common Files\cdrdao
2008-09-10 08:45 --------- d-----w C:\Program Files\CAVS
2008-09-10 08:41 --------- d-----w C:\Program Files\Common Files\Borland Shared
2008-09-10 08:41 --------- d-----w C:\Program Files\CD+G AutoName
2008-09-10 08:40 --------- d-----w C:\Program Files\WinCDG Pro 2
2008-09-10 08:37 720,896 ----a-w C:\WINDOWS\iun6002.exe
2008-09-10 08:33 --------- d-----w C:\Program Files\Micro Technology Unlimited
2008-09-10 08:25 --------- d-----w C:\Program Files\Gaa Moa's Plugins for Cool Edit Pro
2008-09-10 08:25 --------- d-----w C:\Program Files\coolpro2
2008-09-10 08:23 --------- d-----w C:\Documents and Settings\TheOnlyBigDog\Application Data\Syntrillium
2008-09-09 21:36 --------- d-----w C:\Program Files\MP3+G Toolz .NET
2008-09-09 09:37 --------- d-----w C:\Program Files\Winamp Toolbar
2008-09-09 09:37 --------- d-----w C:\Documents and Settings\All Users\Application Data\Winamp Toolbar
2008-09-09 09:27 --------- d-----w C:\Documents and Settings\LocalService\Application Data\Symantec
2008-09-09 08:53 --------- d-----w C:\Program Files\SymNetDrv
2008-09-09 08:53 --------- d-----w C:\Program Files\Symantec
2008-09-09 08:44 4,608 ----a-w C:\WINDOWS\system32\drivers\symlcbrd.sys
2008-09-09 08:40 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
2008-09-09 08:31 --------- d-----w C:\Documents and Settings\TheOnlyBigDog\Application Data\Symantec
2008-09-09 08:20 --------- d-----w C:\Program Files\NVIDIA Corporation
2008-09-09 08:20 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-09-09 08:02 --------- d-----w C:\Documents and Settings\All Users\Application Data\nView_Profiles
2008-09-08 23:00 --------- d-----w C:\Program Files\MSI
2008-09-08 22:48 --------- d-----w C:\Documents and Settings\TheOnlyBigDog\Application Data\Creative
2008-09-08 22:40 --------- d-----w C:\Program Files\Creative
2008-09-08 21:46 --------- d-----w C:\Program Files\microsoft frontpage
.

Code:

<pre>
----a-w         6,596,329 2002-02-17 21:02:02  C:\Need to Edit\Programs To Check\PROGRAMS 2\Apps-Programs-Utilities\cd+g_autoname_v1_0_full_\CD+G AutoName v1_0 Full .exe
----a-w         6,596,329 2002-02-17 20:02:02  C:\unzipped\cd+g_autoname_v1_0_full_\CD+G AutoName v1_0 Full .exe
----a-w        23,510,720 2007-12-12 00:59:50  C:\unzipped\Microsoft .NET Framework Version 2.0\Microsoft .NET Framework Version 2.0 Redistributable Package (x86)\Microsoft .NET Framework Version 2.0 .exe
----a-w         7,608,700 2003-03-08 08:09:06  C:\unzipped\traktor_studio_mixer_best_dj_software_ever_\TRAKTOR STUDIO MIXER BEST DJ SOFTWARE EVER .exe
</pre>

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-09-03 1576176]
"CursorFX"="C:\Program Files\Stardock\CursorFX\CursorFX.exe" [2008-07-07 416768]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-13 15360]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-09-10 39408]
"Messenger (Yahoo!)"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" [2008-09-19 4347120]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.Exe" [2007-01-19 5674352]
"Eraser RiskMonitor"="" [N/A]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-06-28 8466432]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2008-01-17 58728]
"YMailAdvisor"="C:\Program Files\Yahoo!\Common\YMailAdvisor.exe" [2008-06-05 125208]
"nwiz"="nwiz.exe" [2007-06-28 C:\WINDOWS\system32\nwiz.exe]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "C:\Program Files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-07-23 16:28 352256 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\MCPClient]
2005-01-31 15:13 49152 C:\PROGRA~1\COMMON~1\Stardock\MCPStub.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv]
2008-09-17 08:05 210168 C:\Program Files\Stardock\Object Desktop\WindowBlinds\WbSrv.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=wbsys.dll rqzreg.dll dvytvt.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.HFYU"= huffyuv.dll
"VIDC.ZLIB"= avizlib.dll
"VIDC.CSCD"= camcodec.dll
"vidc.ffds"= C:\PROGRA~1\ffdshow\ffdshow.ax

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^DualCoreCenter.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\DualCoreCenter.lnk
backup=C:\WINDOWS\pss\DualCoreCenter.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^PalTalk.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\PalTalk.lnk
backup=C:\WINDOWS\pss\PalTalk.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^SecureDoc.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\SecureDoc.lnk
backup=C:\WINDOWS\pss\SecureDoc.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^WinZip Quick Pick.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
backup=C:\WINDOWS\pss\WinZip Quick Pick.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^TheOnlyBigDog^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]
path=C:\Documents and Settings\TheOnlyBigDog\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
backup=C:\WINDOWS\pss\OneNote 2007 Screen Clipper and Launcher.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\40175]
--a------ 2008-09-21 18:52 7336328 C:\WINDOWS\40175.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
--a------ 2005-10-28 16:25 94208 C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Creative MediaSource Go]
--a------ 2003-05-29 09:50 131072 C:\Program Files\Creative\MediaSource\Go\CTCMSGo.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Eraser]
--a------ 2003-07-25 11:15 536576 C:\Program Files\Eraser\eraser.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
--a------ 2007-08-24 07:00 33648 C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LiveMonitor]
--a------ 2006-09-05 16:45 497152 C:\Program Files\MSI\Live Update 3\LMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MimBoot]
--a------ 2006-01-19 11:06 11776 C:\PROGRA~1\MUSICM~1\MUSICM~1\mimboot.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
--a------ 2008-04-13 17:12 1695232 C:\Program Files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2001-07-09 10:50 155648 C:\WINDOWS\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pando]
C:\Program Files\Pando Networks\Pando\pando.exe [N/A]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Plus Cake]
C:\DOCUME~1\THEONL~1\APPLIC~1\SETTIN~1\Dvd Media Active.exe [N/A]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-09-06 15:09 413696 C:\Program Files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteCenter]
--a------ 2003-06-12 09:47 135168 C:\Program Files\Creative\MediaSource\RemoteControl\RcMan.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
-rahs---- 2008-09-16 12:16 1833296 C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2008-06-10 04:27 144784 C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
--a------ 2008-09-10 01:50 39408 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files\Winamp\winampa.exe [N/A]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
--a------ 2007-06-28 09:43 1626112 C:\WINDOWS\system32\nwiz.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableNotifications"= 1 (0x1)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\NVIDIA Corporation\\NetworkAccessManager\\Apache Group\\Apache2\\bin\\Apache.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\RealmEX\\mIRC.ExCurSioN.exe"=
"C:\\Need to Edit\\Pando Networks\\Pando\\pando.exe"=
"C:\\EZ-2-Serve\\mirc.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"57890:TCP"= 57890:TCP:Pando P2P TCP Listening Port
"57890:UDP"= 57890:UDP:Pando P2P UDP Listening Port
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

R2 SVKP;SVKP;C:\WINDOWS\system32\SVKP.sys [2008-09-17 2368]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4e3cde5a-9302-11dd-a383-001d604b2cb3}]
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL resycled\boot.com c:
\Shell\Open\command - K:\resycled\boot.com c:
.
Contents of the 'Scheduled Tasks' folder

2008-10-18 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]

2008-10-22 C:\WINDOWS\Tasks\BF450B8182A2B679.job
- c:\docume~1\theonl~1\applic~1\settin~1\Bend Third Locks.exe []

2008-10-22 C:\WINDOWS\Tasks\Check Updates for Windows Live Toolbar.job
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE [2006-09-27 17:39]

2008-10-18 C:\WINDOWS\Tasks\Norton AntiVirus - Scan my computer - TheOnlyBigDog.job
- C:\PROGRA~1\NORTON~1\Navw32.exe [2005-10-19 12:54]
.
- - - - ORPHANS REMOVED - - - -

URLSearchHooks-{34ea1c70-42cc-42c5-aa29-ec58b95a343e} - (no file)
URLSearchHooks-{a33fa729-d155-4b23-842b-2c665ecabdb6} - (no file)
BHO-{4F958CA7-9035-41E1-B5BF-EF8F336C1A23} - C:\WINDOWS\system32\pmnlIxwW.dll
Toolbar-{34ea1c70-42cc-42c5-aa29-ec58b95a343e} - (no file)
Toolbar-{a33fa729-d155-4b23-842b-2c665ecabdb6} - (no file)
WebBrowser-{34EA1C70-42CC-42C5-AA29-EC58B95A343E} - (no file)
WebBrowser-{A33FA729-D155-4B23-842B-2C665ECABDB6} - (no file)


.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Documents and Settings\TheOnlyBigDog\Application Data\Mozilla\Firefox\Profiles\4u0oqdty.default\
FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-amo&p=
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://my.yahoo.com/
FF -: plugin - C:\Program Files\Adobe\Acrobat 7.0\Reader\browser\nppdf32.dll
FF -: plugin - C:\Program Files\Google\Google Updater\2.4.1368.5602\npCIDetect13.dll
FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npbittorrent.dll
FF -: plugin - C:\Program Files\Yahoo!\Shared\npYState.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-22 09:51:21
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

PROCESS: C:\WINDOWS\system32\winlogon.exe
-> C:\WINDOWS\system32\ginamsi.dll
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Common Files\Symantec Shared\CCSETMGR.EXE
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCEVTMGR.EXE
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\WINDOWS\system32\CTSVCCDA.EXE
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\Norton AntiVirus\NAVAPSVC.EXE
C:\Program Files\Norton AntiVirus\IWP\NPFMNTOR.EXE
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\PROGRA~1\COMMON~1\Stardock\SDMCP.exe
.
**************************************************************************
.
Completion time: 2008-10-22 10:00:12 - machine was rebooted
ComboFix-quarantined-files.txt 2008-10-22 17:00:09

Pre-Run: 265,997,393,920 bytes free
Post-Run: 265,922,007,040 bytes free

425 --- E O F --- 2008-10-10 08:02:49