help... infected?

--------------------------------------------------------------------------------

Help... I got that nasty virus that is called system security or something similar, I have had it before which i thought I had completely removed. I got it from an email that i thought was legit from amazon but that was a mistake. I was late for work so I just shut down my computer and thought i would deal with it later, but someone else booted up my computer not knowing and they said my computer went through system recovery automatically. When I got to it my computer seemed to be rebooted back to when i first bought it, and has bigger icons and just looks distorted. At first i thought i had lost all my pictures but when searched for they still exsist under the normal directory.. but my computer seems to be using the directory...
C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401
Some programs cant be found unless is search for them under the normal desktop directory. Not sure if I'm explaining it correctly.

I am unfamilar with this, I have no idea how to fix it or to get it back or if this is still apart of the infection. My spybot program was not working so I reinstaled it and still no luck. Since then I uninstalled it and installed malwarebytes which has been working and removed quite a few infections. My computer also lost all of its restoration points before the date i recieved the virus. The computer is still extremely slow, not to sure what else to do? Any help or suggestions would be greatly appreciated!!

Here is that hijack log...

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:12:06 AM, on 3/9/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16981)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\sm56hlpr.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton Security Suite\Engine\3.8.0.41\ccSvcHst.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
C:\Program Files\Norton Security Suite\Engine\3.8.0.41\ccSvcHst.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\dllhost.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
c:\windows\system\hpsysdrv.exe
C:\Program Files\Java\jre1.5.0\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\jessiesav\HijackThis.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
C:\WINDOWS\system32\MsiExec.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q405&bd=pavilion&pf=desktop&parm1=seconduser
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q405&bd=pavilion&pf=desktop&parm1=seconduser
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q405&bd=pavilion&pf=desktop&parm1=seconduser
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q405&bd=pavilion&pf=desktop&parm1=seconduser
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q405&bd=pavilion&pf=desktop&parm1=seconduser
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q405&bd=pavilion&pf=desktop&parm1=seconduser
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q405&bd=pavilion&pf=desktop&parm1=seconduser
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Security Suite\Engine\3.8.0.41\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Security Suite\Engine\3.8.0.41\IPSBHO.DLL
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security Suite\Engine\3.8.0.41\coIEPlg.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Secunia PSI.lnk = C:\Program Files\Secunia\PSI\psi.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Updates from HP.lnk = C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://*.mcafee.com
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1268006733703
O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton Security Suite\Engine\3.8.0.41\coIEPlg.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Norton Security Suite (N360) - Symantec Corporation - C:\Program Files\Norton Security Suite\Engine\3.8.0.41\ccSvcHst.exe

--
End of file - 7473 bytes

Hi,


installed malwarebytes which has been working and removed quite a few infections.
Do you have results of those scans handy?

Download DDS and save it to your desktop from here (http://www.techsupportforum.com/sectools/sUBs/dds) or here (http://download.bleepingcomputer.com/sUBs/dds.scr) or here (http://www.forospyware.com/sUBs/dds).
Disable any script blocker, and then double click dds.scr to run the tool.
When done, DDS will open two (2) logs:
DDS.txt
Attach.txt

Save both reports to your desktop. Post them back to your topic.



Download GMER (http://www.gmer.net) here by clicking download exe -button and then saving it your desktop:
Double-click .exe that you downloaded
Click rootkit-tab and then scan.
Don't check
Show All
box while scanning in progress!
When scanning is ready, click Copy.
This copies log to clipboard
Post log (if the log is long, archive it into a zip file and attach instead of posting) in your reply.

Here is the logs from the dds program but i couldn't get the other program to work it downloads but my computer always locks up during the scan and wont complete or even let my clt alt delete to shut down..



DDS (Ver_09-12-01.01) - NTFSx86
Run by HP_Administrator at 15:58:55.51 on Sun 03/14/2010
Internet Explorer: 7.0.5730.13
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.446.68 [GMT -7:00]

AV: Norton Security Suite *On-access scanning enabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Security Suite *enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\sm56hlpr.exe
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\issch.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
svchost.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton Security Suite\Engine\3.8.0.41\ccSvcHst.exe
C:\Program Files\Norton Security Suite\Engine\3.8.0.41\ccSvcHst.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
c:\windows\system\hpsysdrv.exe
C:\Program Files\Java\jre1.5.0\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\HP_Administrator.YOUR-B27FB1C401\Desktop\dds.pif

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.comcast.net/
uSearch Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q405&bd=pavilion&pf=desktop&parm1=seconduser
uSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q405&bd=pavilion&pf=desktop&parm1=seconduser
uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q405&bd=pavilion&pf=desktop&parm1=seconduser
uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q405&bd=pavilion&pf=desktop&parm1=seconduser
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q405&bd=pavilion&pf=desktop&parm1=seconduser
uInternet Connection Wizard,ShellNext = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q405&bd=pavilion&pf=desktop&parm1=seconduser
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
mSearchAssistant = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q405&bd=pavilion&pf=desktop&parm1=seconduser
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton security suite\engine\3.8.0.41\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton security suite\engine\3.8.0.41\IPSBHO.DLL
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton security suite\engine\3.8.0.41\coIEPlg.dll
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [ehTray] c:\windows\ehome\ehtray.exe
mRun: [HPHUPD08] c:\program files\hp\digital imaging\{33d6cc28-9f75-4d1b-a11d-98895b3a3729}\hphupd08.exe
mRun: [PCDrProfiler]
mRun: [HPBootOp] "c:\program files\hewlett-packard\hp boot optimizer\HPBootOp.exe" /run
mRun: [SMSERIAL] sm56hlpr.exe
mRun: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPwuSchd2.exe
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup
mRun: [ISUSScheduler] "c:\progra~1\common~1\instal~1\update~1\issch.exe" -start
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
StartupFolder: c:\docume~1\hp_adm~1.you\startm~1\programs\startup\secuni~1.lnk - c:\program files\secunia\psi\psi.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\update~1.lnk - c:\program files\updates from hp\9972322\program\Updates from HP.exe
IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office11\EXCEL.EXE/3000
IE: {E2D4D26B-0180-43a4-B05F-462D6D54C789} - c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\iebutton\support.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBC} - c:\program files\java\jre1.5.0\bin\npjpi150.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mi1933~1\office11\REFIEBAR.DLL
Trusted Zone: internet
Trusted Zone: mcafee.com
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1268006733703
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: symres - {AA1061FE-6C41-421f-9344-69640C9732AB} - c:\program files\norton security suite\engine\3.8.0.41\CoIEPlg.dll
Notify: AtiExtEvent - Ati2evxx.dll

============= SERVICES / DRIVERS ===============

R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\n360\0308000.029\SymEFA.sys [2010-3-6 310320]
R1 BHDrvx86;Symantec Heuristics Driver;c:\windows\system32\drivers\n360\0308000.029\BHDrvx86.sys [2010-3-6 259632]
R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\n360\0308000.029\cchpx86.sys [2010-3-6 482432]
R1 IDSxpx86;IDSxpx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\ipsdefs\20100312.001\IDSXpx86.sys [2010-3-14 329592]
R2 N360;Norton Security Suite;c:\program files\norton security suite\engine\3.8.0.41\ccSvcHst.exe [2010-3-6 117640]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2010-3-6 102448]
R3 NAVENG;NAVENG;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\virusdefs\20100314.003\NAVENG.SYS [2010-3-14 84912]
R3 NAVEX15;NAVEX15;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\virusdefs\20100314.003\NAVEX15.SYS [2010-3-14 1324720]
S3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [2009-6-17 12648]

=============== Created Last 30 ================

2010-03-11 23:08:19 0 d-----w- c:\windows\system32\scripting
2010-03-11 23:06:57 0 d-----w- c:\windows\system32\en
2010-03-11 23:06:43 0 d-----w- c:\windows\system32\bits
2010-03-11 19:43:26 442368 ----a-r- c:\windows\system32\vp6vfw.dll
2010-03-11 19:33:03 0 d-----w- c:\windows\wt
2010-03-10 05:44:54 54156 ---ha-w- c:\windows\QTFont.qfn
2010-03-10 05:44:54 1409 ----a-w- c:\windows\QTFont.for
2010-03-08 03:39:06 16736 ----a-w- c:\windows\system32\mucltui.dll.mui
2010-03-08 03:39:05 274288 ----a-w- c:\windows\system32\mucltui.dll
2010-03-07 09:30:25 276992 ------w- c:\windows\system32\wmphoto.dll
2010-03-07 09:30:18 69120 ------w- c:\windows\system32\wlanapi.dll
2010-03-07 09:30:11 346112 ------w- c:\windows\system32\windowscodecsext.dll
2010-03-07 09:30:10 712704 ------w- c:\windows\system32\windowscodecs.dll
2010-03-07 09:30:00 25471 ------w- c:\windows\system32\drivers\watv10nt.sys
2010-03-07 09:30:00 22271 ------w- c:\windows\system32\drivers\watv06nt.sys
2010-03-07 09:28:58 1897408 ------w- c:\windows\system32\drivers\nv4_mini.sys
2010-03-07 09:27:32 10752 ------w- c:\windows\system32\smtpapi.dll
2010-03-07 09:27:31 974 ------w- c:\windows\system32\pid.inf
2010-03-07 09:27:31 9728 ------w- c:\windows\system32\rwnh.dll
2010-03-07 09:27:23 46592 ------w- c:\windows\system32\drivers\irbus.sys
2010-03-07 09:27:22 9728 ------w- c:\windows\system32\comsdupd.exe
2010-03-07 09:27:22 36352 ------w- c:\windows\system32\drivers\intelppm.sys
2010-03-07 09:27:14 1041536 ------w- c:\windows\system32\drivers\hsfdpsp2.sys
2010-03-07 09:27:13 685056 ------w- c:\windows\system32\drivers\hsfcxts2.sys
2010-03-07 09:27:13 32285 ------w- c:\windows\system32\hsfcisp2.dll
2010-03-07 09:27:13 220032 ------w- c:\windows\system32\drivers\hsfbs2s2.sys
2010-03-07 09:27:13 19200 ------w- c:\windows\system32\drivers\hidir.sys
2010-03-07 09:27:12 25600 ------w- c:\windows\system32\drivers\hidbth.sys
2010-03-07 09:27:09 46464 ------w- c:\windows\system32\drivers\gagp30kx.sys
2010-03-07 09:25:59 18944 ------w- c:\windows\system32\drivers\bthusb.sys
2010-03-07 02:30:39 459264 ------w- c:\windows\system32\dllcache\msfeeds.dll
2010-03-07 02:30:39 268288 ------w- c:\windows\system32\dllcache\iertutil.dll
2010-03-07 02:30:36 63488 ------w- c:\windows\system32\dllcache\icardie.dll
2010-03-07 02:30:36 52224 ------w- c:\windows\system32\dllcache\msfeedsbs.dll
2010-03-07 02:30:36 13824 ------w- c:\windows\system32\dllcache\ieudinit.exe
2010-03-07 02:30:35 380928 ------w- c:\windows\system32\dllcache\ieapfltr.dll
2010-03-07 02:30:32 991232 ------w- c:\windows\system32\dllcache\ieframe.dll.mui
2010-03-07 02:30:32 2452872 ------w- c:\windows\system32\dllcache\ieapfltr.dat
2010-03-07 02:30:26 6067200 ------w- c:\windows\system32\dllcache\ieframe.dll
2010-03-07 00:05:26 0 d-----w- c:\docume~1\hp_adm~1.you\applic~1\Malwarebytes
2010-03-07 00:05:19 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-03-07 00:05:16 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-03-07 00:05:16 0 d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-03-06 21:35:42 138496 ------w- c:\windows\system32\dllcache\afd.sys
2010-03-06 21:35:39 353792 ------w- c:\windows\system32\dllcache\srv.sys
2010-03-06 21:34:55 471552 ------w- c:\windows\system32\dllcache\aclayers.dll
2010-03-06 21:32:50 455424 ------w- c:\windows\system32\dllcache\mrxsmb.sys
2010-03-06 21:30:50 1315328 ------w- c:\windows\system32\dllcache\msoe.dll
2010-03-06 21:30:22 691712 ------w- c:\windows\system32\dllcache\inetcomm.dll
2010-03-06 21:28:32 337408 ------w- c:\windows\system32\dllcache\netapi32.dll
2010-03-06 21:26:17 81920 ------w- c:\windows\system32\dllcache\fontsub.dll
2010-03-06 21:26:17 119808 ------w- c:\windows\system32\dllcache\t2embed.dll
2010-03-06 21:25:07 203136 ------w- c:\windows\system32\dllcache\rmcast.sys
2010-03-06 21:23:09 361600 ------w- c:\windows\system32\dllcache\tcpip.sys
2010-03-06 21:23:09 245248 ------w- c:\windows\system32\dllcache\mswsock.dll
2010-03-06 21:23:09 225856 ------w- c:\windows\system32\dllcache\tcpip6.sys
2010-03-06 21:23:09 147968 ------w- c:\windows\system32\dllcache\dnsapi.dll
2010-03-06 21:11:25 2560 ------w- c:\windows\system32\xpsp4res.dll
2010-03-06 21:11:24 215552 ------w- c:\windows\system32\dllcache\wordpad.exe
2010-03-06 21:05:49 272128 ------w- c:\windows\system32\drivers\bthport.sys
2010-03-06 21:05:49 272128 ------w- c:\windows\system32\dllcache\bthport.sys
2010-03-06 20:59:05 0 d-----w- c:\program files\Norton Support
2010-03-06 08:13:14 0 d-----w- c:\windows\system32\PreInstall
2010-03-06 07:58:59 0 d-----w- c:\docume~1\hp_adm~1.you\applic~1\MSNInstaller
2010-03-06 07:53:00 0 d-----w- c:\program files\savagebot
2010-03-06 07:49:47 0 d-----w- c:\windows\system32\SoftwareDistribution
2010-03-06 07:31:03 36400 ----a-r- c:\windows\system32\drivers\SymIM.sys
2010-03-06 07:30:58 806 ----a-w- c:\windows\system32\drivers\SYMEVENT.INF
2010-03-06 07:30:58 7456 ----a-w- c:\windows\system32\drivers\SYMEVENT.CAT
2010-03-06 07:30:58 60808 ----a-w- c:\windows\system32\S32EVNT1.DLL
2010-03-06 07:30:58 124976 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2010-03-06 07:30:58 0 d-----w- c:\program files\common files\Symantec Shared
2010-03-06 07:30:10 0 d-----w- c:\windows\system32\drivers\N360
2010-03-06 07:30:08 0 d-----w- c:\program files\Norton Security Suite
2010-03-06 07:30:07 0 d-----w- c:\docume~1\alluse~1\applic~1\Norton
2010-03-06 07:29:56 0 d-----w- c:\program files\NortonInstaller
2010-03-06 07:29:56 0 d-----w- c:\docume~1\alluse~1\applic~1\NortonInstaller
2010-03-06 03:30:29 0 d-----w- c:\windows\system32\wbem\Repository
2010-03-06 03:30:00 0 d-----w- c:\windows\system32\appmgmt
2010-03-06 03:17:26 1310720 ----a-w- c:\documents and settings\hp_administrator.your-b27fb1c401\ntuser.bak
2010-03-06 02:58:31 0 d-----w- c:\windows\system32\NtmsData
2010-03-06 02:38:22 37376 ----a-w- c:\windows\system32\hpz3l3xu.dll
2010-03-06 02:10:47 0 d-sh--w- c:\documents and settings\hp_administrator.your-b27fb1c401\UserData
2010-03-06 02:04:43 0 d-----w- c:\docume~1\hp_adm~1.you\applic~1\HPQ
2010-03-06 01:59:25 0 d-sh--r- C:\cmdcons
2010-03-06 01:59:07 0 d-----w- c:\windows\setupupd
2010-03-06 01:56:54 1866 --sha-r- c:\windows\system32\drivers\103C_HP_CPC_ED895AA-ABA a1210n_YC_0Pavi_QCNH542_E54NAsyMPC2_48_IAmberine M_SASUSTek Computer INC._V1.03_B3.08_T050913_WXP2_L409_M447_J200_7AMD_8Athlon 64_92.19_#051215_N_Z10573052_G10025954.MRK
2010-03-06 01:55:22 0 d-----w- c:\docume~1\hp_adm~1.you\applic~1\Symantec
2010-03-06 01:55:22 0 d-----w- c:\docume~1\hp_adm~1.you\applic~1\Intuit
2010-03-06 01:49:46 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
2010-03-06 01:49:39 32128 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2010-03-06 01:27:14 0 d-sh--r- c:\windows\system32\dllcache
2010-03-05 19:46:21 38 ----a-w- C:\{36dbe8f8-7f29-423d-a102-824980194b39}
2010-02-24 18:35:40 0 d-----w- c:\program files\CCleaner
2010-02-19 05:09:36 0 d-----w- c:\windows\49FA793C785E47E993DFBD442B0B45D1.TMP
2010-02-15 05:42:40 0 d-----w- c:\program files\Spybot - Search & Destroy
2010-02-15 05:42:40 0 d-----w- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy

==================== Find3M ====================

2010-03-06 07:30:42 26600 ----a-r- c:\windows\system32\drivers\GEARAspiWDM.sys
2010-03-06 07:30:33 107368 ----a-r- c:\windows\system32\GEARAspi.dll
2010-03-06 02:49:37 80518 ----a-w- c:\windows\HPHins08.dat
2010-01-05 22:30:28 3599360 ------w- c:\windows\system32\dllcache\mshtml.dll
2009-12-31 15:33:06 70656 ------w- c:\windows\system32\dllcache\ie4uinit.exe
2009-12-18 13:05:43 634648 ------w- c:\windows\system32\dllcache\iexplore.exe
2009-12-18 13:04:09 161792 ------w- c:\windows\system32\dllcache\ieakui.dll
2009-12-16 18:43:27 343040 ----a-w- c:\windows\system32\mspaint.exe
2009-12-16 18:43:27 343040 ------w- c:\windows\system32\dllcache\mspaint.exe
2009-10-12 01:45:20 16342 ----a-w- c:\program files\common files\safywa.dll
2009-10-12 01:45:20 15782 ----a-w- c:\program files\common files\icihacokad.reg
2009-10-12 01:45:20 15008 ----a-w- c:\program files\common files\zypike.dl
2009-10-12 01:45:20 13960 ----a-w- c:\program files\common files\qoziniza._sy
2009-10-12 01:45:20 12583 ----a-w- c:\program files\common files\moroba.vbs
2009-10-12 01:45:19 12387 ----a-w- c:\program files\common files\lamiwos.sys
2008-09-13 18:42:15 251 -c--a-w- c:\program files\wt3d.ini
2007-01-17 21:51:17 32768 -csha-w- c:\windows\system32\config\systemprofile\local settings\application data\microsoft\feeds cache\index.dat
2007-01-17 21:55:22 32768 -csha-w- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012007011720070118\index.dat

============= FINISH: 16:00:27.78 ===============


UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-12-01.01)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 3/5/2010 6:53:36 PM
System Uptime: 3/14/2010 3:34:26 PM (1 hours ago)

Motherboard: ASUSTek Computer INC. | | Amberine M
Processor: AMD Athlon(tm) 64 Processor 3500+ | Socket 939 | 1772/200mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 178 GiB total, 95.356 GiB free.
D: is FIXED (FAT32) - 8 GiB total, 0.88 GiB free.
E: is CDROM (CDFS)
F: is Removable
G: is Removable
H: is Removable
I: is Removable
J: is Removable

==== Disabled Device Manager Items =============

Class GUID:
Description: Photosmart 2570 series
Device ID: USB\VID_03F0&PID_4E11&MI_00\6&38177463&1&0000
Manufacturer:
Name: Photosmart 2570 series
PNP Device ID: USB\VID_03F0&PID_4E11&MI_00\6&38177463&1&0000
Service:

==== System Restore Points ===================

RP1: 3/5/2010 7:01:13 PM - 3/4/2010
RP2: 3/5/2010 7:45:28 PM - Unsigned driver install
RP3: 3/5/2010 8:17:31 PM - Restore Operation
RP4: 3/5/2010 8:26:32 PM - Unsigned driver install
RP5: 3/5/2010 8:29:32 PM - Restore Operation
RP6: 3/5/2010 11:42:33 PM - Removed Norton Security Center
RP7: 3/6/2010 1:06:52 AM - Software Distribution Service 3.0
RP8: 3/6/2010 10:23:36 AM - Removed Adobe Reader 7.0
RP9: 3/6/2010 10:24:09 AM - Installed Adobe Reader 9.3.
RP10: 3/6/2010 3:59:38 PM - Configured easy Internet sign-up
RP11: 3/6/2010 4:08:08 PM - Restore Operation
RP12: 3/6/2010 4:17:17 PM - Software Distribution Service 3.0
RP13: 3/6/2010 4:47:01 PM - Restore Operation
RP14: 3/6/2010 5:02:45 PM - Configured Quicken 2005
RP15: 3/6/2010 7:31:58 PM - Software Distribution Service 3.0
RP16: 3/6/2010 7:39:27 PM - Installed Windows XP KB915865.
RP17: 3/6/2010 7:40:50 PM - Installed Windows NLSDownlevelMapping.
RP18: 3/6/2010 7:42:07 PM - Installed Windows IDNMitigationAPIs.
RP19: 3/6/2010 7:44:36 PM - Installed Windows Internet Explorer 7.
RP20: 3/6/2010 7:46:46 PM - Software Distribution Service 3.0
RP21: 3/7/2010 1:28:09 AM - Software Distribution Service 3.0
RP22: 3/7/2010 8:54:56 PM - Installed Java(TM) 6 Update 17
RP23: 3/8/2010 12:01:25 AM - Software Distribution Service 3.0
RP24: 3/8/2010 12:37:20 PM - Software Distribution Service 3.0
RP25: 3/9/2010 12:08:23 AM - Software Distribution Service 3.0
RP26: 3/10/2010 12:01:11 AM - Software Distribution Service 3.0
RP27: 3/11/2010 12:52:04 PM - Software Distribution Service 3.0
RP28: 3/11/2010 9:40:54 PM - Software Distribution Service 3.0
RP29: 3/12/2010 12:34:49 PM - Software Distribution Service 3.0
RP30: 3/13/2010 8:53:11 PM - System Checkpoint

==== Installed Programs ======================

Adobe Flash Player 10 ActiveX
Adobe Reader 9.3
AiO_Scan
AiOSoftware
ATI Control Panel
ATI Display Driver
Barnyard Invasion from HP Media Center (remove only)
Bejeweled 2 Deluxe from HP Media Center (remove only)
Big Kahuna Reef from HP Media Center (remove only)
Blackhawk Striker 2 from HP Media Center (remove only)
Blasterball 2 from HP Media Center (remove only)
Blasterball 2 Holidays from HP Media Center (remove only)
Boggle Supreme from HP Media Center (remove only)
Bookworm Deluxe from HP Media Center (remove only)
Bounce Symphony from HP Media Center (remove only)
BufferChm
CameraDrivers
CP_AtenaShokunin1Config
CP_CalendarTemplates1
CP_Package_Basic1
CP_Package_Variety1
CP_Package_Variety2
CP_Package_Variety3
CP_Panorama1Config
Crystal Maze from HP Media Center (remove only)
CueTour
Destinations
DeviceManagementQFolder
Digby's Donuts from HP Media Center (remove only)
DocProc
DocumentViewer
DocumentViewerQFolder
FATE Demo from HP Media Center (remove only)
Fax
Flip Words from HP Media Center (remove only)
GemMaster Mystic
High Definition Audio Driver Package - KB888111
HijackThis 2.0.2
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB979306)
HP Boot Optimizer
HP Deskjet Printer Preload
HP DigitalMedia Archive
HP Document Viewer 5.3
HP Game Console and games
HP Image Zone 5.3
HP Image Zone for Media Center PC
HP Imaging Device Functions 5.3
HP Multimedia Keyboard Software
HP Photosmart 330,380,420,470,7800,8000,8200 Series
HP Photosmart Cameras 5.0
HP PSC & OfficeJet 5.3.B
HP Software Update
HP Solution Center & Imaging Support Tools 5.3
HP Tunes
HPProductAssistant
HpSdpAppCoreApp
Insaniquarium Deluxe from HP Media Center (remove only)
InstantShareDevices
IntelliMover Data Transfer Demo
InterVideo WinDVD Player
iTunes
J2SE Runtime Environment 5.0
Jewel Quest from HP Media Center (remove only)
LightScribe 1.4.42.1
Mah Jong Quest from HP Media Center (remove only)
Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB953297)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Money 2005
Microsoft National Language Support Downlevel APIs
Microsoft Office Standard Edition 2003
Microsoft Plus! Dancer LE
Microsoft Plus! Digital Media Edition Installer
Microsoft Plus! Photo Story 2 LE
Microsoft Works
Motorola SM56 Speakerphone Modem
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
muvee autoProducer 4.0
muvee autoProducer unPlugged 1.1 - HPD
NewCopy
Norton Security Suite
Office 2003 Tour
Otto
PanoStandAlone
PC-Doctor 5 for Windows
PhotoGallery
Polar Bowler from HP Media Center (remove only)
Polar Golfer from HP Media Center (remove only)
PS2
PS7800
PSPrinters08
PSTAPlugin
Puzzle Express from HP Media Center (remove only)
Python 2.2 pywin32 extensions (build 203)
Python 2.2.3
QFolder
QuickTime
RandMap
Readme
RealPlayer
Ricochet Lost Worlds from HP Media Center (remove only)
Scan
ScannerCopy
SCRABBLE Blast from HP Media Center (remove only)
SCRABBLE from HP Media Center (remove only)
SCRABBLE Rack Attack from HP Media Center (remove only)
Secunia PSI
Security Update for CAPICOM (KB931906)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB976325)
Security Update for Windows Internet Explorer 7 (KB978207)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165-v2)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978706)
Shrek 2 Ogre Bowler from HP Media Center (remove only)
SkinsHP1
Slingo Deluxe from HP Media Center (remove only)
Slyder from HP Media Center (remove only)
SolutionCenter
Sonic Encoders
Sonic Express Labeler
Sonic MyDVD Plus
Sonic RecordNow Audio
Sonic RecordNow Copy
Sonic RecordNow Data
Sonic Update Manager
Sonic_PrimoSDK
Status
Super Granny from HP Media Center (remove only)
Swarm from HP Media Center (remove only)
The Sims 2
The Sims 2 University
Tradewinds from HP Media Center (remove only)
TrayApp
Unload
Update for Windows XP (KB951978)
Update for Windows XP (KB953356)
Update for Windows XP (KB955759)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update Rollup 1 for Windows XP Media Center Edition 2005 with HDTV Support (KB873369)
Updates from HP (remove only)
WebFldrs XP
WebReg
WildTangent Web Driver
Windows Internet Explorer 7
Windows Media Format Runtime
Windows Media Player 10 Hotfix [See KB889858 for more information]
Windows XP Media Center Edition 2005 KB888316
Windows XP Media Center Edition 2005 KB890629
Windows XP Media Center Edition 2005 KB895678
Windows XP Media Center Edition 2005 KB973768
Windows XP Service Pack 3

==== Event Viewer Messages From Past Week ========

3/14/2010 7:31:19 AM, error: Schedule [7901] - The At8.job command failed to start due to the following error: General access denied error
3/14/2010 6:12:05 AM, error: Schedule [7901] - The At7.job command failed to start due to the following error: General access denied error
3/14/2010 5:18:56 AM, error: Schedule [7901] - The At6.job command failed to start due to the following error: General access denied error
3/14/2010 4:14:25 AM, error: Schedule [7901] - The At5.job command failed to start due to the following error: General access denied error
3/14/2010 4:00:00 PM, error: Schedule [7901] - The At17.job command failed to start due to the following error: General access denied error
3/14/2010 3:02:17 AM, error: Schedule [7901] - The At4.job command failed to start due to the following error: General access denied error
3/14/2010 10:08:19 AM, error: Schedule [7901] - The At9.job command failed to start due to the following error: General access denied error
3/13/2010 9:00:00 PM, error: Schedule [7901] - The At22.job command failed to start due to the following error: General access denied error
3/13/2010 8:04:01 PM, error: Schedule [7901] - The At21.job command failed to start due to the following error: General access denied error
3/13/2010 7:00:00 PM, error: Schedule [7901] - The At20.job command failed to start due to the following error: General access denied error
3/13/2010 2:00:00 AM, error: Schedule [7901] - The At3.job command failed to start due to the following error: General access denied error
3/13/2010 12:02:00 AM, error: Schedule [7901] - The At1.job command failed to start due to the following error: General access denied error
3/13/2010 1:00:00 AM, error: Schedule [7901] - The At2.job command failed to start due to the following error: General access denied error
3/12/2010 10:00:00 PM, error: Schedule [7901] - The At23.job command failed to start due to the following error: General access denied error

==== End Of File ===========================

Hi,

Please visit this webpage for download links, and instructions for running ComboFix tool:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Please ensure you read this guide carefully first.


Please continue as follows:


Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix, link (http://www.bleepingcomputer.com/forums/topic114351.html)
Remember to re-enable them afterwards.


Click Yes to allow ComboFix to continue scanning for malware.


When the tool is finished, it will produce a report for you.

Please include the following reports for further review, and so we may continue cleansing the system:

C:\ComboFix.txt
New dds log.

A word of warning: Neither I nor sUBs are responsible for any damage you may have caused your machine by running ComboFix. This tool is not a toy and not for everyday use.

Due to inactivity, this thread will now be closed.

Note:If it has been four days or more since your last post, and the helper assisting you posted a response to that post to which you did not reply, your topic will not be reopened. At that point, if you still require help, please start a new topic and include a fresh HijackThis log and a link to your previous thread. Please do not add any logs that might have been requested in the closed topic, you would be starting fresh.

If it has been less than four days since your last response and you need the thread re-opened, please send me or MOD a private message (pm). A valid, working link to the closed topic is required.