Hi, I believe I have malware as a program called whitesmoke translator keeps reinstalling itself without my consent after uninstalling it myself. Also, my computer continually freezes at random times and I end up having to reboot it. Also, I get alot of redirects from google links and lots of pop ups. Here is the DDS log:

DDS (Ver_10-12-12.02) - NTFSx86
Run by homework at 12:13:41.23 on Sat 01/15/2011
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_23
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.1399 [GMT -5:00]

AV: McAfee VirusScan Enterprise *Disabled/Updated* {918A2B0B-2C60-4016-A4AB-E868DEABF7F0}

============== Running Processes ===============

C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\IObit\Game Booster\GameBox.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\McAfee\Common Framework\udaterui.exe
C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\MSN Toolbar\Platform\6.3.2348.0\mswinext.exe
svchost.exe
C:\WINDOWS\System32\svchost.exe -k Akamai
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
"C:\WINDOWS\System32\svchost.exe"
"C:\WINDOWS\System32\svchost.exe"
C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\McAfee\VirusScan Enterprise\engineserver.exe
C:\Program Files\McAfee\Common Framework\FrameworkService.exe
C:\Program Files\McAfee\VirusScan Enterprise\vstskmgr.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\mfevtps.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\McAfee\Common Framework\McTray.exe
C:\Program Files\Sandboxie\SbieSvc.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Mozilla Firefox\firefox.exe
svchost.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\McAfee\VirusScan Enterprise\mcshield.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Documents and Settings\homework\My Documents\Downloads\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://home.mywebsearch.com/index.jhtml?n=77C09F4F&ptnrS=YRxdm017YYus&ptb=5B367D15-DAE5-49C9-A4E0-10BACFE93E08
uSearch Page = hxxp://www.google.com/hws/sb/dell-usuk/en/side.html?channel=us
uDefault_Page_URL = hxxp://www.msn.com
uInternet Settings,ProxyOverride = <local>
uInternet Settings,ProxyServer = http=127.0.0.1:8075
mURLSearchHooks: AOL Toolbar Search Class: {f0e98552-8e47-4c6c-9b3a-11ab0549f94d} - c:\program files\aol toolbar\aoltb.dll
BHO: AOL Toolbar Loader: {3ef64538-8b54-4573-b48f-4d34b0238ab2} - c:\program files\aol toolbar\aoltb.dll
BHO: WhiteSmoke Toolbar: {52794457-af6c-4c50-9def-f2e24f4c8889} - c:\program files\whitesmoketoolbar\whitesmoketoolbarX.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: RoboForm: {724d43a9-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\mcafee\virusscan enterprise\scriptsn.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Search Toolbar: {9d425283-d487-4337-bab6-ab8354a81457} - c:\program files\search toolbar\SearchToolbar.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5805.1910\swg.dll
BHO: Club Bing Toolbar Helper: {b771fea3-2a05-4c21-b1e2-55551a97d520} - c:\program files\club bing toolbar helper\Bmbho.dll
BHO: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\msn toolbar\platform\6.3.2348.0\npwinext.dll
BHO: {d51e1224-d992-402f-b3fd-721dd460076e} - c:\documents and settings\all users\application data\nayazika\nayazika.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - No File
BHO: Yontoo Layers: {fd72061e-9fde-484d-a58a-0bab4151cad8} - c:\program files\yontoo layers client\YontooIEClient.dll
TB: Club Bing Toolbar: {719d74ab-1af9-43a1-8c62-d8750628d93e} - c:\program files\club bing toolbar\Toolbar.dll
TB: Club Bing Toolbar Helper: {b771fea3-2a05-4c21-b1e2-55551a97d520} - c:\program files\club bing toolbar helper\Bmbho.dll
TB: &RoboForm: {724d43a0-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
TB: AOL Toolbar: {ba00b7b1-0351-477a-b948-23e3ee5a73d4} - c:\program files\aol toolbar\aoltb.dll
TB: HyperCam Toolbar: {338b4dfe-2e2c-4338-9e41-e176d497299e} - c:\program files\hypercam toolbar\tbcore3.dll
TB: Search Toolbar: {9d425283-d487-4337-bab6-ab8354a81457} - c:\program files\search toolbar\SearchToolbar.dll
TB: @c:\program files\msn toolbar\platform\6.3.2348.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - c:\program files\msn toolbar\platform\6.3.2348.0\npwinext.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: WhiteSmoke Toolbar: {52794457-af6c-4c50-9def-f2e24f4c8889} - c:\program files\whitesmoketoolbar\whitesmoketoolbarX.dll
TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
TB: {3041D03E-FD4B-44E0-B742-2D9B88305F98} - No File
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
uRun: [BitTorrent DNA] "c:\documents and settings\homework\program files\dna\btdna.exe"
uRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
uRun: [Quick Hide Windows]
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
uRun: [RegistryMechanic] c:\program files\msn messenger\registry mechanic\RegMech.exe /H
uRun: [SandboxieControl] "c:\program files\sandboxie\SbieCtrl.exe"
uRun: [Yrimidogosixa] rundll32.exe "c:\documents and settings\homework\local settings\application data\eqiciwiquloya.dll",Startup
uRun: [Google Update] "c:\documents and settings\homework\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [RoboForm] "c:\program files\siber systems\ai roboform\RoboTaskBarIcon.exe"
uRun: [AdobeBridge]
uRun: [DW6] "c:\program files\the weather channel fw\desktop\DesktopWeather.exe"
uRun: [mnumsg.exe] c:\program files\myshoppinggenie\mnumsg.exe
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
mRun: [AdobeCS4ServiceManager] "c:\program files\common files\adobe\cs4servicemanager\CS4ServiceManager.exe" -launchedbylogin
mRun: [McAfeeUpdaterUI] "c:\program files\mcafee\common framework\udaterui.exe" /StartedFromRunKey
mRun: [ShStatEXE] "c:\program files\mcafee\virusscan enterprise\SHSTAT.EXE" /STANDALONE
mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"
mRun: [AdobeCS5ServiceManager] "c:\program files\common files\adobe\cs5servicemanager\CS5ServiceManager.exe" -launchedbylogin
mRun: [SwitchBoard] c:\program files\common files\adobe\switchboard\SwitchBoard.exe
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /installquiet
mRun: [LogMeIn Hamachi Ui] "c:\program files\logmein hamachi\hamachi-2-ui.exe" --auto-start
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [Bing Bar] "c:\program files\msn toolbar\platform\6.3.2348.0\mswinext.exe"
mRun: [Microsoft Default Manager] "c:\program files\microsoft\search enhancement pack\default manager\DefMgr.exe" -resume
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
StartupFolder: c:\docume~1\homework\startm~1\programs\startup\erunta~1.lnk - c:\program files\erunt\AUTOBACK.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\launch~1.lnk - c:\program files\whitesmoke translator\WSTrayDictMode.exe
IE: &Search - http://tbedits.ourbabymaker.com/one-toolbaredits/menusearch.jhtml?s=100000471&p=YRxdm017YYus&si=&a=C363516F-389C-41E3-8F74-46401E82A878&n=2010122901
IE: Customize Menu - file://c:\program files\siber systems\ai roboform\RoboFormComCustomizeIEMenu.html
IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office12\EXCEL.EXE/3000
IE: Fill Forms - file://c:\program files\siber systems\ai roboform\RoboFormComFillForms.html
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
IE: RoboForm Toolbar - file://c:\program files\siber systems\ai roboform\RoboFormComShowToolbar.html
IE: Save Forms - file://c:\program files\siber systems\ai roboform\RoboFormComSavePass.html
IE: Sothink SWF Catcher - c:\program files\common files\sourcetec\swf catcher\InternetExplorer.htm
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - c:\program files\siber systems\ai roboform\RoboFormComFillForms.html
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - c:\program files\siber systems\ai roboform\RoboFormComSavePass.html
IE: {724d43aa-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\RoboFormComShowToolbar.html
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\mi1933~1\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mi1933~1\office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
Trusted Zone: mit.edu\ca
Trusted Zone: mit.edu\ca2
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
LSA: Authentication Packages = msv1_0 c:\windows\system32\wvUoLbyX
LSA: Notification Packages = scecli c:\documents and settings\all users\application data\hogumana\hogumana.dll c:\documents and settings\all users\application data\rutobuki\rutobuki.dll c:\documents and settings\all users\application data\juwefisi\juwefisi.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\homework\applic~1\mozilla\firefox\profiles\5kuza9su.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://home.mywebsearch.com/index.jhtml?n=77C09F4F&ptnrS=YRxdm017YYus&ptb=5B367D15-DAE5-49C9-A4E0-10BACFE93E08
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?pc=Z007&form=ZGAADF&q=
FF - component: c:\program files\mozilla firefox\components\Scriptff.dll
FF - component: c:\program files\siber systems\ai roboform\firefox\components\rfproxy_31.dll
FF - plugin: c:\documents and settings\all users\application data\nexonus\ngm\npNxGameUS.dll
FF - plugin: c:\documents and settings\homework\application data\move networks\plugins\npqmp071500000347.dll
FF - plugin: c:\documents and settings\homework\application data\move networks\plugins\npqmp071503000010.dll
FF - plugin: c:\documents and settings\homework\local settings\application data\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.2.183.17\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npbittorrent.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdnu.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdnupdater2.dll
FF - plugin: c:\program files\msn messenger\k-lite codec pack\real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\msn messenger\k-lite codec pack\real\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\msn toolbar\platform\6.3.2348.0\npwinext.dll
FF - plugin: c:\program files\pando networks\media booster\npPandoWebPlugin.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\program files\worldwinner.com, inc\worldwinner games\npwwload.dll
FF - Ext: Autofill Forms: autofillForms@blueimp.net - %profile%\extensions\autofillForms@blueimp.net
FF - Ext: ReloadEvery: {888d99e7-e8b5-46a3-851e-1ec45da1e644} - %profile%\extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}
FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF - Ext: Fast Video Download (with SearchMenu): {c50ca3c4-5656-43c2-a061-13e717f73fc8} - %profile%\extensions\{c50ca3c4-5656-43c2-a061-13e717f73fc8}
FF - Ext: Greasemonkey: {e4a8a97b-f2ed-450b-b12d-ee082ba24781} - %profile%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: Tamper Data: {9c51bd27-6ed8-4000-a2bf-36cb95c0c947} - %profile%\extensions\{9c51bd27-6ed8-4000-a2bf-36cb95c0c947}
FF - Ext: Search Toolbar: searchtoolbar@zugo.com - %profile%\extensions\searchtoolbar@zugo.com
FF - Ext: Yontoo Layers: plugin@yontoo.com - %profile%\extensions\plugin@yontoo.com
FF - Ext: XULRunner: {7F1CB5C1-97F6-49B2-8D23-8EEBB442F588} - c:\documents and settings\homework\local settings\application data\{7F1CB5C1-97F6-49B2-8D23-8EEBB442F588}
FF - Ext: Move Media Player: moveplayer@movenetworks.com - c:\documents and settings\homework\application data\Move Networks
FF - Ext: XULRunner: {426F0CFA-B36D-465E-B0B9-937655A8665D} - c:\documents and settings\homework\local settings\application data\{426F0CFA-B36D-465E-B0B9-937655A8665D}
FF - Ext: AI Roboform Toolbar for Firefox: {22119944-ED35-4ab1-910B-E619EA06A115} - c:\program files\siber systems\ai roboform\Firefox
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(general.useragent.extra.brc, BRI/1

============= SERVICES / DRIVERS ===============

P2 McShield;McAfee McShield;c:\program files\mcafee\virusscan enterprise\mcshield.exe [2009-8-31 146448]
R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2009-2-20 343664]
R1 SASDIFSV;SASDIFSV;c:\docume~1\waimin~1\locals~1\temp\sas_selfextract\SASDIFSV.SYS [2010-6-23 9968]
R1 SASKUTIL;SASKUTIL;c:\docume~1\waimin~1\locals~1\temp\sas_selfextract\SASKUTIL.sys [2010-6-23 74480]
R2 Akamai;Akamai NetSession Interface;c:\windows\system32\svchost.exe -k Akamai [2005-8-16 14336]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-3-31 54760]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files\logmein hamachi\hamachi-2.exe [2010-12-6 1238408]
R2 McAfeeEngineService;McAfee Engine Service;c:\program files\mcafee\virusscan enterprise\engineserver.exe [2009-8-31 21256]
R2 McAfeeFramework;McAfee Framework Service;c:\program files\mcafee\common framework\FrameworkService.exe [2009-1-16 103744]
R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
R2 McTaskManager;McAfee Task Manager;c:\program files\mcafee\virusscan enterprise\vstskmgr.exe [2009-8-31 66896]
R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2010-6-21 70728]
R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2009-2-20 91672]
R3 SbieDrv;SbieDrv;c:\program files\sandboxie\SbieDrv.sys [2010-4-17 115944]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-2-16 135664]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-4-28 704872]
S3 McSysmon;McAfee SystemGuards;c:\progra~1\mcafee\viruss~1\mcsysmon.exe --> c:\progra~1\mcafee\viruss~1\mcsysmon.exe [?]
S3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2009-2-20 43288]
S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2010-6-21 65448]
S3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2009-2-20 34248]
S3 mfesmfk;McAfee Inc. mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2009-2-20 40552]
S3 SASENUM;SASENUM;\??\c:\docume~1\waimin~1\locals~1\temp\sas_selfextract\sasenum.sys --> c:\docume~1\waimin~1\locals~1\temp\sas_selfextract\SASENUM.SYS [?]
S3 SwitchBoard;Adobe SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096]
S3 TPyqEqCUs;TPyqEqCUs;\??\c:\documents and settings\all users\documents\my pictures\everything u need\mhs\xelqfbp --> c:\documents and settings\all users\documents\my pictures\everything u need\mhs\XELQFBP [?]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S3 XDva158;XDva158;\??\c:\windows\system32\xdva158.sys --> c:\windows\system32\XDva158.sys [?]
S3 XDva164;XDva164;\??\c:\windows\system32\xdva164.sys --> c:\windows\system32\XDva164.sys [?]
S3 XDva165;XDva165;\??\c:\windows\system32\xdva165.sys --> c:\windows\system32\XDva165.sys [?]
S3 XDva167;XDva167;\??\c:\windows\system32\xdva167.sys --> c:\windows\system32\XDva167.sys [?]
S3 XDva177;XDva177;\??\c:\windows\system32\xdva177.sys --> c:\windows\system32\XDva177.sys [?]
S3 XDva186;XDva186;\??\c:\windows\system32\xdva186.sys --> c:\windows\system32\XDva186.sys [?]
S3 XDva189;XDva189;\??\c:\windows\system32\xdva189.sys --> c:\windows\system32\XDva189.sys [?]
S3 XDva190;XDva190;\??\c:\windows\system32\xdva190.sys --> c:\windows\system32\XDva190.sys [?]
S3 XDva195;XDva195;\??\c:\windows\system32\xdva195.sys --> c:\windows\system32\XDva195.sys [?]
S3 XDva201;XDva201;\??\c:\windows\system32\xdva201.sys --> c:\windows\system32\XDva201.sys [?]
S3 XDva212;XDva212;\??\c:\windows\system32\xdva212.sys --> c:\windows\system32\XDva212.sys [?]
S3 XDva215;XDva215;\??\c:\windows\system32\xdva215.sys --> c:\windows\system32\XDva215.sys [?]
S3 XDva219;XDva219;\??\c:\windows\system32\xdva219.sys --> c:\windows\system32\XDva219.sys [?]
S3 XDva259;XDva259;\??\c:\windows\system32\xdva259.sys --> c:\windows\system32\XDva259.sys [?]
S3 XDva279;XDva279;\??\c:\windows\system32\xdva279.sys --> c:\windows\system32\XDva279.sys [?]
S3 XDva349;XDva349;\??\c:\windows\system32\xdva349.sys --> c:\windows\system32\XDva349.sys [?]

=============== Created Last 30 ================

2011-01-15 17:00:59 -------- d-----w- c:\docume~1\homework\applic~1\whitesmoketoolbar
2011-01-15 16:59:25 -------- d-----w- c:\program files\whitesmoketoolbar
2011-01-15 16:59:00 -------- d-----w- c:\program files\Whitesmoke Translator
2011-01-14 02:02:16 3066 ----a-w- c:\windows\axusofihutafuzac.dll
2011-01-13 19:36:28 0 ----a-w- c:\windows\Xgeqejalafoqipo.bin
2011-01-13 19:36:26 -------- d-----w- c:\docume~1\homework\locals~1\applic~1\{7F1CB5C1-97F6-49B2-8D23-8EEBB442F588}
2011-01-13 19:35:14 -------- d-----w- c:\program files\Yontoo Layers Client
2011-01-13 19:35:12 -------- d-----w- c:\docume~1\alluse~1\applic~1\Tarma Installer
2011-01-13 19:34:52 758272 ----a-w- c:\windows\system32\drivers\habhbn.sys
2011-01-13 19:34:51 -------- d-----w- c:\windows\system32\%APPDATA%
2011-01-06 02:59:02 -------- d-----w- c:\program files\K-Lite Codec Pack
2011-01-06 02:56:15 -------- d-----w- c:\program files\GSpot
2011-01-04 20:09:36 -------- d-----w- c:\program files\Video Thumbnails Maker
2010-12-31 03:54:58 -------- d-----w- c:\docume~1\alluse~1\applic~1\WorldWinner
2010-12-31 03:54:54 -------- d-----w- c:\program files\WorldWinner.com, Inc
2010-12-31 03:54:54 -------- d-----w- c:\docume~1\homework\applic~1\Worldwinner
2010-12-28 21:07:29 -------- d-----w- c:\program files\OurBabyMaker_27EI
2010-12-28 15:27:47 -------- d-----w- c:\program files\GuffinsEI
2010-12-28 15:00:32 -------- d-----w- c:\program files\MSN Toolbar
2010-12-28 14:36:03 -------- dc-h--w- c:\windows\ie8
2010-12-26 02:30:13 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-12-26 02:30:13 472808 ----a-w- c:\program files\mozilla firefox\plugins\npdeployJava1.dll
2010-12-20 22:51:35 -------- d-----w- c:\docume~1\homework\locals~1\applic~1\LogMeIn Hamachi
2010-12-20 22:51:19 -------- d-----w- c:\program files\LogMeIn Hamachi
2010-12-18 19:10:19 151552 ----a-w- c:\temp\clipstreamsa.dll
2010-12-16 18:14:29 -------- d-----w- c:\program files\WhiteSmoke

==================== Find3M ====================

2010-12-02 08:25:22 86016 ----a-w- c:\windows\system32\frapsvid.dll
2010-11-26 22:42:40 241104 ----a-w- c:\windows\system32\nvdrsdb0.bin
2010-11-26 22:42:40 1 ----a-w- c:\windows\system32\nvdrssel.bin
2010-11-26 22:42:38 241104 ----a-w- c:\windows\system32\nvdrsdb1.bin
2010-11-18 18:12:44 81920 ----a-w- c:\windows\system32\isign32.dll
2010-11-12 21:34:10 73728 ----a-w- c:\windows\system32\javacpl.cpl
2010-11-09 14:52:35 249856 ----a-w- c:\windows\system32\odbc32.dll
2010-11-06 00:26:58 916480 ----a-w- c:\windows\system32\wininet.dll
2010-11-06 00:26:58 43520 ------w- c:\windows\system32\licmgr10.dll
2010-11-06 00:26:58 1469440 ------w- c:\windows\system32\inetcpl.cpl
2010-11-03 12:25:54 385024 ------w- c:\windows\system32\html.iec
2010-10-28 13:13:22 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-10-26 13:25:00 1853312 ----a-w- c:\windows\system32\win32k.sys

=================== ROOTKIT ====================

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600 Disk: ST3160812AS rev.3.ADH -> Harddisk0\DR0 -> \Device\Ide\IdePort0 P0T0L0-3

device: opened successfully
user: MBR read successfully

Disk trace:
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x8A506555]<<
_asm { PUSH EBP; MOV EBP, ESP; PUSH ECX; MOV EAX, [EBP+0x8]; CMP EAX, [0x8a50c7b0]; MOV EAX, [0x8a50c82c]; PUSH EBX; PUSH ESI; MOV ESI, [EBP+0xc]; MOV EBX, [ESI+0x60]; PUSH EDI; JNZ 0x20; MOV [EBP+0x8], EAX; }
1 ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\Harddisk0\DR0[0x8A450AB8]
3 CLASSPNP[0xB80E8FD7] -> ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\00000081[0x8A551F18]
5 ACPI[0xB7F7F620] -> ntkrnlpa!IofCallDriver[0x804EF1A6] -> [0x8A56D940]
\Driver\atapi[0x8A522A00] -> IRP_MJ_CREATE -> 0x8A506555
kernel: MBR read successfully
_asm { MOV AX, 0x0; MOV SS, AX; MOV SP, 0x7c00; MOV DS, AX; CLD ; MOV CX, 0x80; MOV SI, SP; MOV DI, 0x600; MOV ES, AX; REP MOVSD ; JMP FAR 0x0:0x62d; }
detected disk devices:
\Device\Ide\IdeDeviceP0T0L0-3 -> \??\IDE#DiskST3160812AS_____________________________3.ADH___#5&1c6638a1&0&0.0.0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b} device not found
detected hooks:
\Driver\atapi DriverStartIo -> 0x8A50639B
IoDeviceObjectType -> ParseProcedure -> 0x89c3d1b0
\Device\Harddisk0\DR0 -> ParseProcedure -> 0x89c3d1b0
user & kernel MBR OK
Warning: possible TDL3 rootkit infection !

============= FINISH: 12:16:06.83 ===============

:snwelcome:


Please read Before You Post (http://forums.spybot.info/showthread.php?t=288)
While best efforts are made to assist in removing infections safely, unexpected stuff can happen. It is advisable that you back up your important data before starting any clean up procedure. Neither Safer Networking Forums nor the Analyst providing the advice may be held responsible for any loss.

Until we deem your system clean I am going to ask you not to install or uninstall any software or hardware except for the programs we may run.

You have a bit of a mess going on, your hard disk is infected with a rootkit



Download TDSSKiller (http://support.kaspersky.com/downloads/utils/tdsskiller.zip) and save it to your Desktop.
Extract the file and run it.
Once completed it will create a log in your C:\ drive called TDSSKiller_* (* denotes version & date)
Please post the content of the TDSSKiller log

Hey ken545 and thanks for the help! Unfortunately, my computer would not boot up at all, even stuck in safe mode. It would get stuck right before the windows xp loading screen. This made me to have to reformat the computer which is currently in progress. Would you like me to post a updated DDS Log when the computer is done reformatting?

Hi,

Sorry you had to go through all that trouble but with the severity of the threats going around sometimes its the best route to take.

If you look at the end of your DDS log under,
=================== ROOTKIT ====================


you had a very serious Rootkit infection


When your done go ahead and post a new DDS log and lets take a final look

Phew after scouring for missing drivers and installing numerous microsoft updates I finally am done. Here's the DDS log below. Also, as I currently dont have an antivirus, what commercial antivirus would you recommend as I don't mind laying down some cash to save me all this hassle. Also once again thank you for your time and help! I really appreciate it.

DDS (Ver_10-12-12.02) - NTFSx86
Run by Alex at 23:25:57.59 on Tue 01/18/2011
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.1626 [GMT -5:00]


============== Running Processes ===============

C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
svchost.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Alex\Desktop\dds.scr

============== Pseudo HJT Report ===============

uInternet Connection Wizard,ShellNext = hxxp://www.aida64.com/driver-updates?p=aida64xe&v=150&s=tbbut
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [ehTray] c:\windows\ehome\ehtray.exe
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /installquiet
mRun: [IDTSysTrayApp] sttray.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1295409853578
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

============= SERVICES / DRIVERS ===============

R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
R3 DrvAgent32;DrvAgent32;c:\windows\system32\drivers\DrvAgent32.sys [2011-1-18 23456]

=============== Created Last 30 ================

2011-01-19 04:17:42 -------- d-sh--w- c:\documents and settings\alex\IECompatCache
2011-01-19 04:17:26 -------- d-sh--w- c:\documents and settings\alex\PrivacIE
2011-01-19 04:17:00 -------- d-sh--w- c:\documents and settings\alex\IETldCache
2011-01-19 04:14:00 7680 -c----w- c:\windows\system32\dllcache\iecompat.dll
2011-01-19 04:13:30 -------- d-----w- c:\windows\ie8updates
2011-01-19 04:13:23 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2011-01-19 04:13:23 602112 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2011-01-19 04:13:23 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2011-01-19 04:13:23 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2011-01-19 04:13:23 1991680 -c----w- c:\windows\system32\dllcache\iertutil.dll
2011-01-19 04:13:23 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2011-01-19 04:13:23 11080704 -c----w- c:\windows\system32\dllcache\ieframe.dll
2011-01-19 04:13:01 -------- dc-h--w- c:\windows\ie8
2011-01-19 04:06:20 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys
2011-01-19 04:06:13 45568 -c----w- c:\windows\system32\dllcache\wab.exe
2011-01-19 04:06:01 974848 -c----w- c:\windows\system32\dllcache\mfc42.dll
2011-01-19 04:06:01 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll
2011-01-19 04:05:51 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll
2011-01-19 03:55:07 -------- d-----w- c:\windows\system32\scripting
2011-01-19 03:55:07 -------- d-----w- c:\windows\system32\en
2011-01-19 03:55:07 -------- d-----w- c:\windows\system32\bits
2011-01-19 03:55:07 -------- d-----w- c:\windows\l2schemas
2011-01-19 03:53:00 -------- d-----w- c:\windows\network diagnostic
2011-01-19 03:48:37 73216 ------w- c:\windows\system32\drivers\atintuxx.sys
2011-01-19 03:31:52 455680 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2011-01-19 03:31:47 357248 -c----w- c:\windows\system32\dllcache\srv.sys
2011-01-19 03:31:20 81920 -c----w- c:\windows\system32\dllcache\fontsub.dll
2011-01-19 03:31:20 119808 -c----w- c:\windows\system32\dllcache\t2embed.dll
2011-01-19 03:31:19 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2011-01-19 03:29:56 337408 -c----w- c:\windows\system32\dllcache\netapi32.dll
2011-01-19 03:29:43 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2011-01-19 03:29:43 272128 ------w- c:\windows\system32\drivers\bthport.sys
2011-01-19 03:29:41 203136 -c----w- c:\windows\system32\dllcache\rmcast.sys
2011-01-19 03:29:36 23040 ------w- c:\windows\kb913800.exe
2011-01-19 03:25:53 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe
2011-01-19 03:25:03 -------- d-----w- c:\windows\system32\PreInstall
2011-01-19 03:23:58 -------- d-sh--w- c:\documents and settings\alex\UserData
2011-01-19 03:21:40 208896 ------w- c:\windows\system32\nvuide.exe
2011-01-19 03:21:36 356352 ----a-w- c:\windows\system32\nvusmb.exe
2011-01-19 03:21:25 356352 ----a-w- c:\windows\system32\NVUNINST.EXE
2011-01-19 02:51:15 6272 ----a-w- c:\windows\system32\drivers\splitter.sys
2011-01-19 02:51:13 83072 ----a-w- c:\windows\system32\drivers\wdmaud.sys
2011-01-19 02:51:12 52864 ----a-w- c:\windows\system32\drivers\dmusic.sys
2011-01-19 02:50:50 56576 ----a-w- c:\windows\system32\drivers\swmidi.sys
2011-01-19 02:50:48 142592 ----a-w- c:\windows\system32\drivers\aec.sys
2011-01-19 02:50:47 172416 ----a-w- c:\windows\system32\drivers\kmixer.sys
2011-01-19 02:50:45 2944 ----a-w- c:\windows\system32\drivers\drmkaud.sys
2011-01-19 02:50:44 60800 ----a-w- c:\windows\system32\drivers\sysaudio.sys
2011-01-19 02:50:42 7552 ----a-w- c:\windows\system32\drivers\mskssrv.sys
2011-01-19 02:50:41 4992 ----a-w- c:\windows\system32\drivers\mspqm.sys
2011-01-19 02:50:40 5376 ----a-w- c:\windows\system32\drivers\mspclock.sys
2011-01-19 02:50:15 -------- d-----w- c:\program files\IDT
2011-01-19 02:50:14 60160 ----a-w- c:\windows\system32\drivers\drmk.sys
2011-01-19 02:50:14 4096 ----a-w- c:\windows\system32\ksuser.dll
2011-01-19 02:50:14 129536 ----a-w- c:\windows\system32\ksproxy.ax
2011-01-19 02:49:50 -------- d-----w- c:\windows\system32\ReinstallBackups
2011-01-19 02:44:47 -------- d-----w- c:\windows\system32\SoftwareDistribution
2011-01-19 02:41:22 45568 ----a-w- c:\windows\system32\drivers\bcm4sbxp.sys
2011-01-19 02:24:44 -------- d-----w- c:\docume~1\alluse~1\applic~1\NVIDIA Corporation
2011-01-19 02:03:47 -------- d-----w- c:\program files\FinalWire
2011-01-19 01:49:59 23456 ----a-w- c:\windows\system32\drivers\DrvAgent32.sys
2011-01-19 01:49:59 -------- d-----w- c:\docume~1\alex\locals~1\applic~1\eSupport.com
2011-01-19 01:13:55 819200 ----a-w- c:\program files\windows media player\wmsetsdk.exe
2011-01-19 01:13:55 47616 ----a-w- c:\program files\windows media player\msoobci.dll
2011-01-19 01:13:06 -------- d-----w- c:\windows\RegisteredPackages
2011-01-19 01:11:47 46592 ------w- c:\windows\system32\drivers\irbus.sys
2011-01-19 01:11:47 19200 ------w- c:\windows\system32\drivers\hidir.sys
2011-01-19 01:10:57 26144 ----a-w- c:\windows\system32\spupdsvc.exe
2011-01-19 01:09:14 -------- d-----w- c:\windows\system32\URTTemp
2011-01-19 01:08:55 -------- d-----w- c:\program files\RGB
2011-01-19 01:06:55 -------- d-----w- c:\program files\DIGStream
2011-01-19 01:06:53 -------- d-----w- c:\program files\ESPNMotion
2011-01-19 01:06:52 -------- d-----w- c:\docume~1\alex\locals~1\applic~1\ApplicationHistory
2011-01-19 01:06:51 -------- d-----w- c:\program files\GemMaster
2011-01-19 01:06:48 -------- d-----w- c:\program files\EnglishOtto
2011-01-19 01:00:56 -------- d-s---w- c:\windows\system32\Microsoft

==================== Find3M ====================

2011-01-19 02:23:55 252080 ----a-w- c:\windows\system32\nvdrsdb0.bin
2011-01-19 02:23:55 1 ----a-w- c:\windows\system32\nvdrssel.bin
2011-01-19 02:23:53 252080 ----a-w- c:\windows\system32\nvdrsdb1.bin
2011-01-08 03:27:00 941160 ----a-w- c:\windows\system32\nvdispco322090.dll
2011-01-08 03:27:00 837736 ----a-w- c:\windows\system32\nvgenco322040.dll
2011-01-08 03:27:00 6397824 ----a-w- c:\windows\system32\nv4_disp.dll
2011-01-08 03:27:00 61440 ----a-w- c:\windows\system32\OpenCL.dll
2011-01-08 03:27:00 4980736 ----a-w- c:\windows\system32\nvcuda.dll
2011-01-08 03:27:00 2916968 ----a-w- c:\windows\system32\nvcuvid.dll
2011-01-08 03:27:00 2292678 ----a-w- c:\windows\system32\nvdata.bin
2011-01-08 03:27:00 2251368 ----a-w- c:\windows\system32\nvcuvenc.dll
2011-01-08 03:27:00 1958400 ----a-w- c:\windows\system32\nvapi.dll
2011-01-08 03:27:00 14671872 ----a-w- c:\windows\system32\nvoglnt.dll
2011-01-08 03:27:00 13004800 ----a-w- c:\windows\system32\nvcompiler.dll
2011-01-08 00:56:54 81920 ----a-w- c:\windows\system32\nvwddi.dll
2011-01-08 00:56:50 580200 ----a-w- c:\windows\system32\easyUpdatusAPIU.dll
2011-01-08 00:56:48 277608 ----a-w- c:\windows\system32\nvmccs.dll
2011-01-08 00:56:48 156776 ----a-w- c:\windows\system32\nvsvc32.exe
2011-01-08 00:56:48 145000 ----a-w- c:\windows\system32\nvcolor.exe
2011-01-08 00:56:48 13880424 ----a-w- c:\windows\system32\nvcpl.dll
2011-01-08 00:56:48 111208 ----a-w- c:\windows\system32\nvmctray.dll
2010-11-18 18:12:44 81920 ----a-w- c:\windows\system32\isign32.dll
2010-11-09 14:52:35 249856 ----a-w- c:\windows\system32\odbc32.dll
2010-11-06 00:26:58 916480 ----a-w- c:\windows\system32\wininet.dll
2010-11-06 00:26:58 43520 ------w- c:\windows\system32\licmgr10.dll
2010-11-06 00:26:58 1469440 ------w- c:\windows\system32\inetcpl.cpl
2010-11-05 05:05:35 81920 ------w- c:\windows\system32\ieencode.dll
2010-11-03 12:25:54 385024 ------w- c:\windows\system32\html.iec
2010-10-28 13:13:22 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-10-26 13:25:00 1853312 ----a-w- c:\windows\system32\win32k.sys

============= FINISH: 23:26:46.79 ===============

Good Morning, log looks fine.

As far as Antivirus software, I personally like Norton Internet Security, been using it for many years. Its a bit pricey but will install on up to 3 computers, it contains the compete package, Antivirus, Anti Spyware, Anti Rootkit, a Firewall and a few other goodies
http://antivirus.norton.com/norton/ps/1up_fr_fr_ght1.html?om_sem_cid=hho_sem_sy:us:ggl:en:e|kw0000060218|6426193156


If you wanted to go the free route you could try one of these

Free Anti Virus Programs


AVG Free (http://free.grisoft.com/doc/avg-anti-virus-free/lng/us/tpl/v5)
Free Avast 4 Home Edition (http://www.avast.com/eng/avast_4_home.html)
Avira AntiVir® Personal Edition Classic (http://www.free-av.com/)



Free Firewalls


Zone Alarm (http://www.pcworld.com/downloads/file_description/0,fid,7228,00.asp)
Sygate Personal Firewall Free Edition (http://www.filehippo.com/download_sygate_personal_firewall/[/url])
Outpost Firewall Free (http://www.agnitum.com/products/outpostfree/index.php)








How did I get infected in the first place ?
Read these links and find out how to prevent getting infected again.
Tutorial for System Restore (http://www.bleepingcomputer.com/tutorials/tutorial56.html) <-- Do this first to prevent yourself from being reinfected.
WhattheTech (http://forums.whatthetech.com/So_how_did_I_get_infected_in_the_first_place_t57817.html)
Grinler BleepingComputer (http://www.bleepingcomputer.com/forums/topic2520.html)
GeeksTo Go (http://www.geekstogo.com/forum/index.php?autocom=custom&page=How_did_I)
Dslreports (http://www.dslreports.com/faq/10002)




Safe Surfn
Ken

Thanks for the help Ken! also thanks for the advice, I have decided to go with norton :D:

You know, Norton is a love hate relationship. I have had some people love it and some cant wait to uninstall it, myself, been in computing since win 3.1 and have never had a problem with Norton. McAfee to me has always been a problem so I stay away from that.

Take care,

Ken :)

Since this issue appears to be resolved ... this Topic has been closed. Glad I could help.