Inactive [InActive] Virus is eating me alive

Allrighty, here's the problem. All of a sudden, my video games got way slower lagging and such, some windows closed automatically(Chat windows), computer freezes for like 10-15 seconds every 30-60 min or so, Anywho, i decided there was some sort of virus and I was going to system restore.

Thats when i noticed the problem, system restore has been disabled by group policy, i ctrl+alt+deleted, and there was like 7 svchost.exe processes running, i heard about changing something in regedit.exe or w.e that was, and when i type it in the in run prompt, it opens and closes straight after.

I tried to boot into safe mode, it loads some sys files and gets stuck on one, it says Press Esc to cancel loading SPTD.sys, But restarts the computer wether i press Esc or not. So far I haven't had any popups, but when i try to install some random antivirus programs, it says the webpage is wrong or not working etc etc like i wasnt connected to the internet, I have a Hijackthis log i just did and i'll post that next


---hijackthis log---

<SNIP>

 

hm, i just looked and cant fiond anything, i just posted the hijack this because i assuemd it would help >.< sorry hehe. Anyone have any idea how i'd go about fixing this?

 

There we go ok I'm posting the DDS.txt first, then Attach.txt

DDS (Ver_09-03-16.01) - NTFSx86
Run by pcom24 at 14:17:27.43 on 2009-05-06
Internet Explorer: 7.0.5730.11
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2047.1584 [GMT -7:00]

AV: Norton AntiVirus *On-access scanning enabled* (Updated)

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\Ati2evxx.exe
svchost.exe
svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Norton AntiVirus\Engine\16.0.0.125\ccSvcHst.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\VentSrv\ventrilo_svc.exe
C:\Program Files\VentSrv\ventrilo_srv.exe
C:\Program Files\Norton AntiVirus\Engine\16.0.0.125\ccSvcHst.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\pcom24\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.search.com/
uInternet Connection Wizard,ShellNext = iexplore
mWinlogon: Userinit=c:\windows\system32\userinit.exe,userinit.exe,
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
TB: Veoh Web Player Video Finder: {0fbb9689-d3d7-4f7a-a2e2-585b10099bfc} - c:\program files\veoh networks\veohwebplayer\VeohIEToolbar.dll
TB: Veoh Video Compass: {52836eb0-631a-47b1-94a6-61f9d9112dae} - c:\program files\veoh networks\veoh video compass\SearchRecsPlugin.dll
TB: {C4069E3A-68F1-403E-B40E-20066696354B} - No File
TB: {EFEED92A-A33D-4873-BA8F-32BAA631E54D} - No File
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [BitTorrent DNA] "c:\program files\dna\btdna.exe "
uRun: [igndlm.exe] c:\program files\download manager\DLM.exe /windowsstart /startifwork
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [SoundMan] SOUNDMAN.EXE
mRun: [ATIPTA] "c:\program files\ati technologies\ati control panel\atiptaxx.exe "
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe "
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe "
mRun: [ctfmon.exe] ctfmon.exe
StartupFolder: c:\docume~1\pcom24\startm~1\programs\startup\gamesp~1.lnk - c:\program files\gamespot\GameSpotDownloadManager_Win32.exe
uPolicies-explorer: NoStartMenuSubFolders = 0 (0x0)
uPolicies-explorer: NoCommonGroups = 0 (0x0)
uPolicies-explorer: NoPrinters = 0 (0x0)
uPolicies-explorer: NoRecentDocsNetHood = 0 (0x0)
uPolicies-explorer: NoChangeAnimation = 0 (0x0)
uPolicies-system: NoSecCpl = 0 (0x0)
dPolicies-explorer: NoAddPrinter = 1 (0x1)
dPolicies-explorer: NoDeletePrinter = 1 (0x1)
dPolicies-explorer: NoStartMenuSubFolders = 1 (0x1)
dPolicies-explorer: NoCommonGroups = 0 (0x0)
dPolicies-explorer: NoSetFolders = 1 (0x1)
dPolicies-explorer: NoSetTaskbar = 1 (0x1)
dPolicies-explorer: NoFavoritesMenu = 1 (0x1)
dPolicies-explorer: NoLogOff = 1 (0x1)
dPolicies-explorer: StartMenuLogoff = 1 (0x1)
dPolicies-explorer: NoChangeStartMenu = 1 (0x1)
dPolicies-explorer: NoSMMyPictures = 1 (0x1)
dPolicies-explorer: NoStartMenuMyMusic = 1 (0x1)
dPolicies-explorer: NoSMHelp = 1 (0x1)
dPolicies-explorer: NoSMMyDocs = 1 (0x1)
dPolicies-explorer: NoStartMenuNetworkPlaces = 1 (0x1)
dPolicies-explorer: NoNetworkConnections = 1 (0x1)
dPolicies-explorer: NoViewOnDrive = 4 (0x4)
dPolicies-explorer: noactivedesktopchanges = 1 (0x1)
dPolicies-explorer: nosetactivedesktop = 1 (0x1)
dPolicies-system: NoSecCPL = 1 (0x1)
dPolicies-system: NoConfigPage = 1 (0x1)
dPolicies-system: NoFileSysPage = 1 (0x1)
dPolicies-system: NoDevMgrPage = 1 (0x1)
dPolicies-system: NoVirtMemPage = 1 (0x1)
IE: {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/5/B/E/5BE645ED-2F2D-4E4D-9C54-AFB56EFCB312/LegitCheckControl.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - hxxp://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.8.110.cab
DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.1.cab
DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://download.bitdefender.com/resources/scan8/oscan8.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {B3E32D88-8E7F-468F-B0E2-3A300FD4A82C} - hxxp://myitlab.pearsoned.com/Pegasus/Modules/SIMIntegration/Resources/ax/stub.cab
DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Notify: AtiExtEvent - Ati2evxx.dll
LSA: Notification Packages =

============= SERVICES / DRIVERS ===============

R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\nav\1000000.07d\SymEFA.sys [2009-5-5 309296]
R1 BHDrvx86;Symantec Heuristics Driver;c:\windows\system32\drivers\nav\1000000.07d\BHDrvx86.sys [2009-5-5 254512]
R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\nav\1000000.07d\ccHPx86.sys [2009-5-5 362544]
R1 IDSxpx86;IDSxpx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\ipsdefs\20090501.001\IDSxpx86.sys [2009-5-6 276344]
R2 aawservice;Ad-Aware 2007 Service;c:\program files\lavasoft\ad-aware 2007\aawservice.exe [2008-3-19 607576]
R2 Norton AntiVirus;Norton AntiVirus;c:\program files\norton antivirus\engine\16.0.0.125\ccSvcHst.exe [2009-5-5 115560]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2009-5-5 101936]
R3 NAVENG;NAVENG;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\virusdefs\20090506.002\NAVENG.SYS [2009-5-6 89104]
R3 NAVEX15;NAVEX15;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\virusdefs\20090506.002\NAVEX15.SYS [2009-5-6 876144]
S0 gdxwdm;GDXWDM;c:\windows\system32\drivers\gdxwdm.sys --> c:\windows\system32\drivers\GDXWDM.sys [?]
S3 ckwiiahw;ckwiiahw;\??\c:\windows\system32\drivers\ckwiiahw.sys --> c:\windows\system32\drivers\ckwiiahw.sys [?]
S3 ms6823;IEEE802.11b Wireless USB Adapter;c:\windows\system32\drivers\ms6823.sys [2004-6-10 55168]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 SetupNTGLM7X;SetupNTGLM7X;\??\d:\ntglm7x.sys --> d:\NTGLM7X.sys [?]
S3 XDva098;XDva098;\??\c:\windows\system32\xdva098.sys --> c:\windows\system32\XDva098.sys [?]
S3 ykkvuuce;ykkvuuce;\??\c:\windows\system32\drivers\ykkvuuce.sys --> c:\windows\system32\drivers\ykkvuuce.sys [?]

=============== Created Last 30 ================

2009-05-06 11:57 15,504 a------- c:\windows\system32\drivers\mbam.sys
2009-05-06 11:57 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-05-06 11:57 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
2009-05-06 10:52 <DIR> --d----- c:\windows\system32\NtmsData
2009-05-06 10:27 <DIR> --d----- c:\program files\Trend Micro
2009-05-05 23:32 <DIR> --d----- c:\docume~1\pcom24\applic~1\Chessmaster Challenge
2009-05-05 23:30 <DIR> --d----- c:\program files\AOL Games
2009-05-05 22:10 35,888 a----r-- c:\windows\system32\drivers\SymIM.sys
2009-05-05 22:10 124,464 a------- c:\windows\system32\drivers\SYMEVENT.SYS
2009-05-05 22:10 60,808 a------- c:\windows\system32\S32EVNT1.DLL
2009-05-05 22:10 10,635 a------- c:\windows\system32\drivers\SYMEVENT.CAT
2009-05-05 22:10 806 a------- c:\windows\system32\drivers\SYMEVENT.INF
2009-05-05 22:10 <DIR> --d----- c:\program files\Symantec
2009-05-05 22:10 <DIR> --d----- c:\windows\system32\drivers\NAV
2009-05-05 22:10 <DIR> --d----- c:\program files\Norton AntiVirus
2009-05-05 22:10 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Norton
2009-05-05 22:08 <DIR> --d----- c:\program files\NortonInstaller
2009-05-05 22:08 <DIR> --d----- c:\docume~1\alluse~1\applic~1\NortonInstaller
2009-05-05 22:05 <DIR> --d----- c:\program files\Spybot - Search & Destroy
2009-05-05 22:05 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
2009-05-05 19:54 13,824 a---h--- c:\documents and settings\pcom24\lftb.exe
2009-05-05 19:15 <DIR> --d----- c:\docume~1\pcom24\applic~1\AVG8
2009-05-05 18:59 13,824 a---h--- c:\documents and settings\pcom24\gcfa.exe
2009-05-05 18:50 13,824 a---h--- c:\documents and settings\pcom24\sva.exe
2009-05-05 10:09 13,824 a---h--- c:\documents and settings\pcom24\kqiuqe.exe
2009-05-05 10:08 13,824 a---h--- c:\documents and settings\pcom24\aajs.exe
2009-05-05 10:08 46,592 a------- c:\windows\system32\drivers\ndisio.sys
2009-04-26 22:16 <DIR> --d----- c:\program files\City of Heroes
2009-04-24 18:47 189,472 a------- c:\windows\system32\PnkBstrB.xtr
2009-04-22 13:37 <DIR> --d----- c:\docume~1\alluse~1\applic~1\myitlab
2009-04-21 12:13 <DIR> --d----- c:\program files\VentSrv

==================== Find3M ====================

2009-04-24 18:47 189,472 a------- c:\windows\system32\PnkBstrB.exe
2009-04-24 18:25 138,168 a------- c:\windows\system32\drivers\PnkBstrK.sys
2009-04-24 18:25 75,064 a------- c:\windows\system32\PnkBstrA.exe
2009-03-17 18:43 4,096 a------- c:\windows\d3dx.dat
2009-03-04 09:09 76,487 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat
2009-02-10 18:08 410,984 ac------ c:\windows\system32\deploytk.dll
2009-02-06 19:52 49,504 a------- c:\windows\system32\sirenacm.dll
2008-11-25 16:57 30 ac------ c:\documents and settings\pcom24\jagex_runescape_preferences.dat

============= FINISH: 14:18:06.73 ===============


Here's Attach.txt

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-03-16.01)

Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume1
Install Date: 2005-03-29 15:56:52
System Uptime: 2009-05-06 13:58:32 (1 hours ago)

Motherboard: MSI | | MS-7008
Processor: Intel(R) Pentium(R) 4 CPU 2.66GHz | Socket-1 | 2678/133mhz

==== Disk Partitions =========================

A: is Removable
C: is FIXED (NTFS) - 75 GiB total, 35.588 GiB free.
D: is CDROM (CDFS)

==== Disabled Device Manager Items =============

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: RAID Controller
Device ID: PCI\VEN_1106&DEV_3149&SUBSYS_00801462&REV_80\3&61AAA01&0&78
Manufacturer:
Name: RAID Controller
PNP Device ID: PCI\VEN_1106&DEV_3149&SUBSYS_00801462&REV_80\3&61AAA01&0&78
Service:

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description:
Device ID: ROOT\MS_PASSTHRUMP\0001
Manufacturer: Microsoft
Name: Motorola SURFboard SB5100 USB Cable Modem -
PNP Device ID: ROOT\MS_PASSTHRUMP\0001
Service: Passthru

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description:
Device ID: ROOT\MS_PASSTHRUMP\0002
Manufacturer: Microsoft
Name: Motorola SURFboard SB5101 USB Cable Modem -
PNP Device ID: ROOT\MS_PASSTHRUMP\0002
Service: Passthru

==== System Restore Points ===================

RP910: 2009-03-06 01:00:56 - Removed GTA2
RP911: 2009-03-06 13:06:22 - Installed War Rock
RP912: 2009-03-08 09:11:34 - System Checkpoint
RP913: 2009-03-09 10:12:07 - System Checkpoint
RP914: 2009-03-10 10:31:37 - System Checkpoint
RP915: 2009-03-11 00:00:36 - Installed Warhammer Online - Age of Reckoning
RP916: 2009-03-11 00:00:47 - Installed Warhammer Online - Age of Reckoning
RP917: 2009-03-11 00:03:41 - Installed Warhammer Online - Age of Reckoning
RP918: 2009-03-11 03:08:08 - Installed Warhammer Online - Age of Reckoning
RP919: 2009-03-12 06:52:27 - System Checkpoint
RP920: 2009-03-15 21:02:26 - System Checkpoint
RP921: 2009-03-16 21:21:25 - System Checkpoint
RP922: 2009-03-17 20:51:15 -
RP923: 2009-03-17 20:51:32 - Shockwave Player
RP924: 2009-03-18 21:00:32 - System Checkpoint
RP925: 2009-03-21 11:48:30 - System Checkpoint
RP926: 2009-03-22 17:41:05 - System Checkpoint
RP927: 2009-03-23 22:02:14 - System Checkpoint
RP928: 2009-03-24 03:20:57 - Installed TwelveSky 2
RP929: 2009-03-24 03:54:00 - Removed TwelveSky 2
RP930: 2009-03-26 00:58:38 - System Checkpoint
RP931: 2009-03-26 17:14:19 - Installed ACEonline
RP932: 2009-03-30 11:33:10 - System Checkpoint
RP933: 2009-04-02 07:35:47 - System Checkpoint
RP934: 2009-04-04 11:51:00 - System Checkpoint
RP935: 2009-04-06 08:15:25 - System Checkpoint
RP936: 2009-04-09 10:37:37 - System Checkpoint
RP937: 2009-04-12 21:42:38 - System Checkpoint
RP938: 2009-04-15 10:30:33 - System Checkpoint
RP939: 2009-04-17 12:16:20 - Installed Microsoft Office Professional 2007 Subscription
RP940: 2009-04-17 12:24:33 - Installed Microsoft Office Professional 2007 Subscription
RP941: 2009-04-17 12:28:56 - Installed Microsoft Office Professional 2007 Subscription
RP942: 2009-04-17 12:40:46 - Installed Microsoft Office Professional 2007 Subscription
RP943: 2009-04-17 12:52:12 - Installed Microsoft Office Professional 2007 Subscription
RP944: 2009-04-19 12:18:57 - Installed Windows XP KB942288-v3.
RP945: 2009-04-21 10:20:55 - System Checkpoint
RP946: 2009-04-21 11:44:17 - Installed Ventrilo Server
RP947: 2009-04-22 16:21:39 - Installed Microsoft Office Word Viewer 2003
RP948: 2009-04-23 11:00:18 - Software Distribution Service 3.0
RP949: 2009-04-24 11:00:17 - Software Distribution Service 3.0
RP950: 2009-04-25 18:09:05 - System Checkpoint
RP951: 2009-04-26 18:00:06 - Configured Rise Of Legends
RP952: 2009-04-29 13:07:15 - System Checkpoint
RP953: 2009-04-30 14:21:17 - System Checkpoint
RP954: 2009-05-02 20:51:46 - System Checkpoint
RP955: 2009-05-03 15:53:36 - Removed ACEonline

==== Installed Programs ======================

Acrobat.com
Ad-Aware 2007
Adobe AIR
Adobe Flash Player ActiveX
Adobe Reader 9
Adobe Shockwave Player 11
Apple Software Update
ATI - Software Uninstall Utility
ATI Catalyst Control Center
ATI Control Panel
ATI Display Driver
Audacity 1.2.6
AusLogics Disk Defrag
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Common
ccc-core-preinstall
ccc-core-static
ccc-utility
CCC Help English
Chessmaster Challenge (remove only)
Choice Guard
Creative System Information
Cross Fire En
DNA
Download Manager 2.3.8
Game Cam v1.4
HijackThis 2.0.2
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB942288-v3)
Hotfix for Windows XP (KB952287)
Java(TM) 6 Update 12
Junk Mail filter update
Lexmark 510 Series
LimeWire 4.18.8
Malwarebytes' Anti-Malware
Microsoft .NET Framework 2.0 Service Pack 1
Microsoft Application Error Reporting
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Word Viewer 2003
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
MSVCRT
MSXML 4.0 SP2 Parser and SDK
Norton AntiVirus
Project64 1.6
QuickTime
Realtek AC'97 Audio
Rise Of Legends
Security Update for CAPICOM (KB931906)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows Media Player 9 (KB911565)
Security Update for Windows Media Player 9 (KB917734)
Security Update for Windows Media Player 9 (KB936782)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB960715)
Segoe UI
Skins
Switch Sound File Converter
TestDrive Client
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Ventrilo Client
Ventrilo Server
Veoh Video Compass
Veoh Web Player Beta
VIA Rhine-Family Fast Ethernet Adapter
Warhammer Online - Age of Reckoning
WavePad Sound Editor
WebFldrs XP
Windows Genuine Advantage Notifications (KB905474)
Windows Imaging Component
Windows Internet Explorer 7
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Live Upload Tool
Windows Live Writer
Windows XP Service Pack 3
WinRAR archiver

==== Event Viewer Messages From Past Week ========

2009-05-05 17:01:30, error: Service Control Manager [7022] - The WebClient service hung on starting.
2009-05-05 17:01:30, error: Service Control Manager [7016] - The WebClient service has reported an invalid current state 3221225539.
2009-05-03 19:14:13, information: Windows File Protection [64002] - File replacement was attempted on the protected system file c:\program files\msn gaming zone\windows\zclientm.exe. This file was restored to the original version to maintain system stability. The file version of the system file is 1.2.626.1.
2009-05-03 19:13:54, information: Windows File Protection [64002] - File replacement was attempted on the protected system file c:\program files\msn gaming zone\windows\chkrres.dll. This file was restored to the original version to maintain system stability. The file version of the system file is 1.2.626.1.
2009-05-03 19:13:53, information: Windows File Protection [64002] - File replacement was attempted on the protected system file c:\program files\msn gaming zone\windows\hrtzzm.exe. This file was restored to the original version to maintain system stability. The file version of the system file is 1.2.626.1.
2009-05-03 19:13:53, information: Windows File Protection [64002] - File replacement was attempted on the protected system file c:\program files\msn gaming zone\windows\bckg.dll. This file was restored to the original version to maintain system stability. The file version of the system file is 1.2.626.1.
2009-05-03 19:13:45, information: Windows File Protection [64002] - File replacement was attempted on the protected system file c:\program files\msn gaming zone\windows\zoneclim.dll. This file was restored to the original version to maintain system stability. The file version of the system file is 1.2.626.1.
2009-05-03 19:13:45, information: Windows File Protection [64002] - File replacement was attempted on the protected system file c:\program files\msn gaming zone\windows\shvl.dll. This file was restored to the original version to maintain system stability. The file version of the system file is 1.2.626.1.
2009-05-03 19:13:45, information: Windows File Protection [64002] - File replacement was attempted on the protected system file c:\program files\msn gaming zone\windows\cmnclim.dll. This file was restored to the original version to maintain system stability. The file version of the system file is 1.2.629.1.
2009-05-03 19:13:44, information: Windows File Protection [64002] - File replacement was attempted on the protected system file c:\program files\msn gaming zone\windows\bckgzm.exe. This file was restored to the original version to maintain system stability. The file version of the system file is 1.2.626.1.
2009-05-03 19:13:29, information: Windows File Protection [64002] - File replacement was attempted on the protected system file c:\program files\msn gaming zone\windows\zeeverm.dll. This file was restored to the original version to maintain system stability. The file version of the system file is 1.2.629.1.
2009-05-03 19:13:29, information: Windows File Protection [64002] - File replacement was attempted on the protected system file c:\program files\msn gaming zone\windows\shvlzm.exe. This file was restored to the original version to maintain system stability. The file version of the system file is 1.2.626.1.
2009-05-03 19:13:29, information: Windows File Protection [64002] - File replacement was attempted on the protected system file c:\program files\msn gaming zone\windows\rvseres.dll. This file was restored to the original version to maintain system stability. The file version of the system file is 1.2.626.1.
2009-05-03 19:13:29, information: Windows File Protection [64002] - File replacement was attempted on the protected system file c:\program files\msn gaming zone\windows\hrtz.dll. This file was restored to the original version to maintain system stability. The file version of the system file is 1.2.626.1.
2009-05-03 19:13:29, information: Windows File Protection [64002] - File replacement was attempted on the protected system file c:\program files\msn gaming zone\windows\chkrzm.exe. This file was restored to the original version to maintain system stability. The file version of the system file is 1.2.626.1.
2009-05-03 19:13:29, information: Windows File Protection [64002] - File replacement was attempted on the protected system file c:\program files\msn gaming zone\windows\chkr.dll. This file was restored to the original version to maintain system stability. The file version of the system file is 1.2.626.1.
2009-05-03 19:13:29, information: Windows File Protection [64002] - File replacement was attempted on the protected system file c:\program files\msn gaming zone\windows\bckgres.dll. This file was restored to the original version to maintain system stability. The file version of the system file is 1.2.626.1.
2009-05-03 19:13:23, information: Windows File Protection [64002] - File replacement was attempted on the protected system file c:\program files\msn gaming zone\windows\zonelibm.dll. This file was restored to the original version to maintain system stability. The file version of the system file is 1.2.626.1.
2009-05-03 19:13:23, information: Windows File Protection [64002] - File replacement was attempted on the protected system file c:\program files\msn gaming zone\windows\znetm.dll. This file was restored to the original version to maintain system stability. The file version of the system file is 1.2.626.1.
2009-05-03 19:13:23, information: Windows File Protection [64002] - File replacement was attempted on the protected system file c:\program files\msn gaming zone\windows\zcorem.dll. This file was restored to the original version to maintain system stability. The file version of the system file is 1.2.626.1.
2009-05-03 19:13:23, information: Windows File Protection [64002] - File replacement was attempted on the protected system file c:\program files\msn gaming zone\windows\uniansi.dll. This file was restored to the original version to maintain system stability. The file version of the system file is 1.2.626.1.
2009-05-03 19:13:23, information: Windows File Protection [64002] - File replacement was attempted on the protected system file c:\program files\msn gaming zone\windows\shvlres.dll. This file was restored to the original version to maintain system stability. The file version of the system file is 1.2.626.1.
2009-05-03 19:13:23, information: Windows File Protection [64002] - File replacement was attempted on the protected system file c:\program files\msn gaming zone\windows\hrtzres.dll. This file was restored to the original version to maintain system stability. The file version of the system file is 1.2.626.1.
2009-05-03 19:13:23, information: Windows File Protection [64002] - File replacement was attempted on the protected system file c:\program files\msn gaming zone\windows\cmnresm.dll. This file was restored to the original version to maintain system stability. The file version of the system file is 1.2.626.1.
2009-05-03 19:13:22, information: Windows File Protection [64002] - File replacement was attempted on the protected system file c:\program files\msn gaming zone\windows\rvsezm.exe. This file was restored to the original version to maintain system stability. The file version of the system file is 1.2.626.1.
2009-05-03 19:13:22, information: Windows File Protection [64002] - File replacement was attempted on the protected system file c:\program files\msn gaming zone\windows\rvse.dll. This file was restored to the original version to maintain system stability. The file version of the system file is 1.2.626.1.
2009-04-29 09:21:14, error: Dhcp [1002] - The IP address lease 192.168.1.2 for the Network Card with network address 000C76986EAD has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).

==== End Of File ===========================

 

Now what?

 

Allrighty I guess I'll just wait it out. Thanks in advance!

 

Snore!

Hmph....A week? I saw a notice, i'm assuming thats why its been taking a little longer, can you confirm that that is the problem? Hehe i just wasn't sure if i was forgotten or if the waiting list thing is the issue.

p.s. my computer is still acting up...same issues, cant system restore and such. But anywho if it IS the waiting list thing, just let me know and I'll be patient. trying my hardest here hehe, and i dont know any other forums that have been as helpful as you guys in the past.

And on another note, I forgot to mention this (which I just noticed in the logs) that there was some odd card games or whatever that i couldn't delete when i was trying to clear space on my computer, they deleted, and all of a sudden poof the appeared in my folders again... it was this thing plus a few others :

File replacement was attempted on the protected system file c:\program files\msn gaming zone\windows\rvse.dll.

Thanks again
-Rob

 

Hi and welcome, sorry for the delay


Download Combofix from any of the links below. You must rename it before saving it. Save it to your desktop.

Link 1
Link 2
Link 3





--------------------------------------------------------------------
Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools

(Click on this link to see a list of programs that should be disabled.)
http://www.bleepingcomputer.com/forums/topic114351.html

Please leave the flash drive plugged in while completing the following.

Double click on Combo-Fix.exe & follow the prompts.

Please allow ComboFix to install, if needed, Windows Recovery Console. It is a simple procedure that will only take a few moments of your time.

No Validation is Required.

The Windows Recovery Console will allow you to boot up into a special recovery (repair) mode. This allows us to more easily help you should your computer have a problem after an attempted removal of malware. It is a simple procedure that will only take a few moments of your time.



** Please Note:
At times ComboFix may appear to stall, please be patient.

• When finished, it will produce a report for you.
• Please post the C:\ComboFix.txt along with a HijackThis log so we can continue cleaning the system.

Please only run the tool once, ty.

Extra note: After you have installed the Recovery Console - if you reboot your computer, right after reboot, you'll see the option for the Recovery Console now as well.
Don't select to run the Recovery Console as we don't need it.
By default, your main OS is selected there. The screen stays for 2 seconds and then it proceeds to load Windows.

You may need several replies to post the requested logs, otherwise they might get cut off.