I am trying to remove a virus that stopped me from booting int safe mode. I have restored the registry settings and sucessfully booted into safe mode and ran Avast AV and then this. I also did a boot up scan. found two viruses and want to make sure that i am good to go. thanks for the help.

DDS (Ver_10-12-12.02) - NTFSx86
Run by Greg at 15:39:18.20 on Thu 02/24/2011
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_20
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1014.559 [GMT -5:00]

AV: avast! Internet Security *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Internet Security *Enabled*

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\Alwil Software\Avast5\afwServ.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\iQmetrix\IQ.Core.UpdateFoundation.WindowsService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Microsoft Forefront UAG\Endpoint Components\3.1.0\uagqecsvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Real\RealPlayer\update\realsched.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\PROGRA~1\MICROS~2\wcescomm.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\MICROS~2\rapimgr.exe
C:\WINDOWS\DOWNLO~1\DMService.exe
C:\Documents and Settings\Greg\Desktop\HijackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Documents and Settings\Greg\My Documents\Downloads\dds.scr

============== Pseudo HJT Report ===============

uStart Page = https://iscportal.sprint.com/
uInternet Connection Wizard,ShellNext = iexplore
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - No File
uRun: [H/PC Connection Agent] "c:\progra~1\micros~2\wcescomm.exe"
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [avast5] c:\progra~1\alwils~1\avast5\avastUI.exe /nogui
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\micros~2\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\micros~2\INetRepl.dll
Trusted Zone: nextel.com
Trusted Zone: sprint.com
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Notify: igfxcui - igfxsrvc.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\greg\applic~1\mozilla\firefox\profiles\1lxxn0o0.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2847437&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - RecellOne Customized Web Search
FF - prefs.js: browser.startup.homepage - www.google.com
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2847437&q=
FF - component: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordext.dll
FF - component: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordlegacyext.dll
FF - component: c:\documents and settings\greg\application data\mozilla\firefox\profiles\1lxxn0o0.default\extensions\{7197da7c-6c87-4d91-b25d-9271db55b5fe}\components\FFExternalAlert.dll
FF - component: c:\documents and settings\greg\application data\mozilla\firefox\profiles\1lxxn0o0.default\extensions\{7197da7c-6c87-4d91-b25d-9271db55b5fe}\components\RadioWMPCore.dll
FF - component: c:\documents and settings\greg\application data\mozilla\firefox\profiles\1lxxn0o0.default\extensions\engine@conduit.com\components\RadioWMPCoreGecko19.dll
FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Yahoo! Toolbar: {635abd67-4fe9-1b23-4f01-e679fa7484c1} - %profile%\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com
FF - Ext: RecellOne Toolbar: {7197da7c-6c87-4d91-b25d-9271db55b5fe} - %profile%\extensions\{7197da7c-6c87-4d91-b25d-9271db55b5fe}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\Ext

---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true);user_pref(yahoo.ytff.general.dontshowhpoffer, true
============= SERVICES / DRIVERS ===============

R0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\drivers\aswNdis.sys [2011-2-24 12112]
R0 aswNdis2;avast! Firewall Core Firewall Service;c:\windows\system32\drivers\aswNdis2.sys [2011-2-24 188168]
R1 aswFW;avast! TDI Firewall driver;c:\windows\system32\drivers\aswFW.sys [2011-2-24 99280]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-2-24 312912]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-2-24 165456]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-2-24 17744]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2011-2-24 40384]
R2 avast! Firewall;avast! Firewall;c:\program files\alwil software\avast5\afwServ.exe [2011-2-24 119200]
R2 IQ.Core.UpdateFoundation.WindowsService;iQmetrix Installation Manager Service;c:\program files\iqmetrix\IQ.Core.UpdateFoundation.WindowsService.exe [2009-10-30 6656]
R2 uagqecsvc;Microsoft Forefront UAG Quarantine Enforcement Client;c:\program files\microsoft forefront uag\endpoint components\3.1.0\uagqecsvc.exe [2011-2-3 149904]
R3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast5\AvastSvc.exe [2011-2-24 40384]
R3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast5\AvastSvc.exe [2011-2-24 40384]
R3 DMService;Microsoft Forefront UAG Endpoint Component Manager;c:\windows\downlo~1\DMService.exe [2011-2-3 468368]
R3 R5BaseSmc;USB Token Holder Service;c:\windows\system32\drivers\smccard.sys [2010-6-28 12800]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\drivers\ssadadb.sys [2011-1-31 30240]
S3 fdudmon;fdudmon;\??\c:\program files\futuredial\rms web_client\pnpmon.sys --> c:\program files\futuredial\rms web_client\pnpmon.sys [?]
S3 HTCAND32;HTC Device Driver;c:\windows\system32\drivers\androidusb.sys --> c:\windows\system32\drivers\ANDROIDUSB.sys [?]
S3 libusb0;LibUsb-Win32 - Kernel Driver 03/20/2007, 0.1.12.1;c:\windows\system32\drivers\libusb0.sys [2011-1-31 28672]
S3 logser;Palm Logging Serial Port;c:\windows\system32\drivers\logser.sys [2007-10-4 11008]
S3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\drivers\motccgp.sys --> c:\windows\system32\drivers\motccgp.sys [?]
S3 motccgpfl;MotCcgpFlService;c:\windows\system32\drivers\motccgpfl.sys --> c:\windows\system32\drivers\motccgpfl.sys [?]
S3 motport;Motorola USB Diagnostic Port;c:\windows\system32\drivers\motport.sys --> c:\windows\system32\drivers\motport.sys [?]
S3 palmmdm;Palm Modem;c:\windows\system32\drivers\palmmdm.sys [2007-9-20 9728]
S3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys --> c:\windows\system32\drivers\seehcri.sys [?]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\drivers\ssadbus.sys [2011-1-31 90240]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\drivers\ssadmdfl.sys [2011-1-31 14976]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\drivers\ssadmdm.sys [2011-1-31 121856]
S3 SUSTUCAM;Susteen USB Cable Modem Driver;c:\windows\system32\drivers\sustucam.sys [2011-1-31 47360]
S3 SUSTUCAP;Susteen USB Cable Port Driver;c:\windows\system32\drivers\sustucap.sys [2011-1-31 47360]
S3 SUSTUCAU;Susteen USB Cable USB Driver;c:\windows\system32\drivers\sustucau.sys [2011-1-31 28032]
S3 sy08bus;SANYO USB Composite Device SY08 driver (WDM);c:\windows\system32\drivers\sy08bus.sys --> c:\windows\system32\drivers\sy08bus.sys [?]
S3 sy08mdfl;SANYO USB Modem SY08 Filter;c:\windows\system32\drivers\sy08mdfl.sys --> c:\windows\system32\drivers\sy08mdfl.sys [?]
S3 sy08mdm;SANYO USB Modem SY08 Drivers;c:\windows\system32\drivers\sy08mdm.sys --> c:\windows\system32\drivers\sy08mdm.sys [?]
S3 sy08serd;SANYO USB Modem SY08 Diagnostic Serial Port (WDM);c:\windows\system32\drivers\sy08serd.sys --> c:\windows\system32\drivers\sy08serd.sys [?]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S4 NovacomD;Palm Novacom;c:\program files\palm, inc.\novacom\novacomd.exe --> c:\program files\palm, inc.\novacom\novacomd.exe [?]

=============== Created Last 30 ================

2011-02-24 17:21:00 312912 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-02-24 17:20:59 99280 ----a-w- c:\windows\system32\drivers\aswFW.sys
2011-02-24 17:20:41 188168 ----a-w- c:\windows\system32\drivers\aswNdis2.sys
2011-02-24 14:09:03 12112 ----a-w- c:\windows\system32\drivers\aswNdis.sys
2011-02-24 14:09:02 38848 ----a-w- c:\windows\avastSS.scr
2011-02-24 14:08:55 -------- d-----w- c:\docume~1\alluse~1\applic~1\Alwil Software
2011-02-24 14:05:21 -------- d-sh--r- C:\cwsandbox
2011-02-24 14:05:21 -------- d-----w- c:\program files\Wireshark
2011-02-18 15:34:06 -------- d-----w- c:\docume~1\greg\applic~1\PrimoPDF
2011-02-18 15:32:40 176235 ----a-w- c:\windows\system32\Primomonnt.dll
2011-02-18 15:32:38 -------- d-----w- c:\program files\Nitro PDF
2011-02-17 17:23:12 -------- d-----w- c:\program files\Nokia
2011-02-10 23:33:47 -------- d-----w- c:\docume~1\greg\applic~1\SeaApple
2011-02-10 23:33:45 210032 ----a-w- c:\windows\system32\DBCLIENT.DLL
2011-02-10 23:33:45 183808 ----a-w- c:\windows\system32\BDEADMIN.CPL
2011-02-10 23:33:45 -------- d-----w- c:\program files\common files\Borland Shared
2011-02-04 08:23:28 -------- d-----w- c:\docume~1\greg\applic~1\Research In Motion
2011-02-03 16:10:46 -------- d-----w- c:\documents and settings\greg\IAG Remote Access Agent
2011-02-03 15:48:55 -------- d-----w- c:\program files\Microsoft Forefront UAG
2011-02-03 15:02:06 110280 ----a-w- c:\windows\system32\drivers\sscdserd.sys
2011-02-03 15:02:05 14920 ----a-w- c:\windows\system32\drivers\sscdmdfl.sys
2011-02-03 15:02:05 132424 ----a-w- c:\windows\system32\drivers\sscdmdm.sys
2011-02-03 15:02:05 12616 ----a-w- c:\windows\system32\drivers\sscdcmnt.sys
2011-02-03 15:02:05 12616 ----a-w- c:\windows\system32\drivers\sscdcm.sys
2011-02-03 15:02:05 12488 ----a-w- c:\windows\system32\drivers\sscdwhnt.sys
2011-02-03 15:02:05 12488 ----a-w- c:\windows\system32\drivers\sscdwh.sys
2011-02-03 15:02:05 104648 ----a-w- c:\windows\system32\drivers\sscdbus.sys
2011-02-03 15:02:05 -------- d-----w- c:\program files\SAMSUNG
2011-02-03 15:01:36 -------- d-----w- c:\docume~1\alluse~1\applic~1\Samsung
2011-02-03 15:01:28 53248 ----a-r- c:\docume~1\greg\applic~1\microsoft\installer\{c0c1d2bc-72fe-4f77-a2f9-cd10d5aa8f93}\ARPPRODUCTICON.exe
2011-02-03 15:01:05 -------- d-----w- c:\program files\Samsung Electronics
2011-01-31 23:47:51 -------- d-----w- c:\docume~1\greg\applic~1\Susteen_WorkFolder
2011-01-31 23:45:09 47360 ----a-w- c:\windows\system32\drivers\sustucap.sys
2011-01-31 23:45:09 28032 ----a-w- c:\windows\system32\drivers\sustucau.sys
2011-01-31 23:45:08 47360 ----a-w- c:\windows\system32\drivers\sustucam.sys
2011-01-31 23:45:06 43520 ----a-w- c:\windows\system32\libusb0.dll
2011-01-31 23:45:06 28672 ----a-w- c:\windows\system32\drivers\libusb0.sys
2011-01-31 23:45:03 14976 ----a-w- c:\windows\system32\drivers\ssadmdfl.sys
2011-01-31 23:45:03 121856 ----a-w- c:\windows\system32\drivers\ssadmdm.sys
2011-01-31 23:45:03 12160 ----a-w- c:\windows\system32\drivers\ssadcmnt.sys
2011-01-31 23:45:02 90240 ----a-w- c:\windows\system32\drivers\ssadbus.sys
2011-01-31 23:45:02 30240 ----a-w- c:\windows\system32\drivers\ssadadb.sys
2011-01-31 23:45:02 12160 ----a-w- c:\windows\system32\drivers\ssadwhnt.sys
2011-01-31 23:45:01 1416608 ----a-w- c:\windows\system32\WdfCoInstaller01005.dll
2011-01-30 19:57:00 103864 ----a-w- c:\program files\mozilla firefox\plugins\nppdf32.dll
2011-01-30 19:57:00 103864 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll

==================== Find3M ====================

2011-01-21 14:44:37 439296 ----a-w- c:\windows\system32\shimgvw.dll
2011-01-14 23:10:23 256 ----a-w- c:\documents and settings\greg\pool.bin
2011-01-11 22:36:10 4608 ----a-w- c:\windows\system32\R5CoInst.dll
2011-01-07 14:09:02 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-12-31 13:10:33 1854976 ----a-w- c:\windows\system32\win32k.sys
2010-12-22 12:34:28 301568 ----a-w- c:\windows\system32\kerberos.dll
2010-12-20 23:08:45 832512 ----a-w- c:\windows\system32\wininet.dll
2010-12-20 23:08:45 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-12-20 23:08:45 1830912 ------w- c:\windows\system32\inetcpl.cpl
2010-12-20 23:08:45 17408 ----a-w- c:\windows\system32\corpol.dll
2010-12-20 17:26:00 730112 ----a-w- c:\windows\system32\lsasrv.dll
2010-12-20 12:55:25 389120 ----a-w- c:\windows\system32\html.iec
2010-12-09 15:15:09 718336 ----a-w- c:\windows\system32\ntdll.dll
2010-12-09 14:30:22 33280 ----a-w- c:\windows\system32\csrsrv.dll
2010-12-09 13:42:26 2148864 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-12-09 13:07:07 2027008 ----a-w- c:\windows\system32\ntkrnlpa.exe

============= FINISH: 15:40:04.87 ===============

:snwelcome:


Please read Before You Post (http://forums.spybot.info/showthread.php?t=288)
While best efforts are made to assist in removing infections safely, unexpected stuff can happen. It is advisable that you back up your important data before starting any clean up procedure. Neither Safer Networking Forums nor the Analyst providing the advice may be held responsible for any loss.

Until we deem your system clean I am going to ask you not to install or uninstall any software or hardware except for the programs we may run.


Not looking to bad, but lets make sure

Please download ATF Cleaner (http://www.atribune.org/ccount/click.php?id=1) by Atribune to your desktop.

Double-click ATF-Cleaner.exe to run the program.
Under Main choose: Select All
Click the Empty Selected button.Your system may start up slower after running ATF Cleaner, this is expected but will be back to normal after the first or second boot up
Please note: If you use online banking or are registered online with any other organizations, ensure you have memorized password and other personal information as removing cookies will temporarily disable the auto-login facility.




Please download Malwarebytes from Here (http://www.malwarebytes.org/mbam-download.php) or Here (http://www.majorgeeks.com/Malwarebytes_Anti-Malware_d5756.html)


Double-click mbam-setup.exe and follow the prompts to install the program.
At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select Perform quick scan, then click Scan.
http://i24.photobucket.com/albums/c30/ken545/MBAMCapture.jpg
When the scan is complete, click OK, then Show Results to view the results.
Be sure that everything is checked, and click Remove Selected .
When completed, a log will open in Notepad. Please save it to a convenient location and post the results.
Note: If you receive a notice that some of the items couldn't be removed, that they have been added to the delete on reboot list, please reboot.
Post the report please

Here is the Malwarebytes log. thanks for your help. Looks like i'm good to go.


Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 5873

Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13

2/25/2011 11:41:29 AM
mbam-log-2011-02-25 (11-41-29).txt

Scan type: Quick scan
Objects scanned: 148011
Time elapsed: 7 minute(s), 23 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Not really, we need to check further


OTL by OldTimer

Download OTL (http://oldtimer.geekstogo.com/OTL.exe) to your desktop.
Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
When the window appears, underneath Output at the top change it to Minimal Output.
Click the "Scan All Users" checkbox.
Check the boxes beside LOP Check and Purity Check.
Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.

When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt.
Note:These logs can be located in the OTL. folder on you C:\ drive if they fail to open automatically.
Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them both in.

Due to inactivity, this thread will now be closed.

If it has been three days or more since your last post, and the helper assisting you posted a response to that post to which you did not reply, your topic will not be reopened. At that point, if you still require help, please start a new topic and include a new DDS log with a link to your previous thread. Please do not add any logs that might have been requested in the closed topic, you would be starting fresh.