Active WinXP Malware/Virus, Auto Rebooting

[Active] WinXP Malware/Virus, Auto Rebooting

Hey guys, just wanted to thank you in advance

Alright, I'll try to provide as much information as I can here about the issue.

At around 6:00PM EST or so on 1/22 (I have been up all night ), I loaded up Firefox, and googled "Naniwa ", to attempt to find an article on said place, and saw a result for wikipedia (The url was valid) and went there. I was immediately redirected to somewhere else, unfortunately, I did not note the url. As soon as the page began to load, my avast! antivirus started going nuts, asking me to abort connection, which I promptly did, and warning of me a trojan as well. My first reaction: unplug my ethernet cord immediately.

I did this, and a few seconds later, my computer shut down by itself, and began to reboot. I sat back and waited, and when it got to the "Windows Xp Green bars loading screen" (The one right before you log into your username).
It cut off midway, and restarted again, this time directing me to the safe mode F8 menu, telling me that windows had crashed, etc. I attempted to reboot normally about 4 times, with the PC auto rebooting each time. I then disabled autoreboot on system crash, and copied down the BSOD code:

STOP: 0x00000024 (0x001902FE, 0xF78C6390, 0xF78C607C, 0x8A96B805

Now, as I've heard, 0x024 error codes have to do with bad blocks, or errors in your NTFS, but I'm fairly sure there is still malware on my system, due to me seeing it being put there

I attempted to boot in safe mode, and it rebooted on me again. I then rebooted in safe mode yet again, yet pressed ESC to bypass loading the drivers, and Safe Mode loaded normally.

I then ran MalwareBytes the first time:

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop\NoChangingWallpaper (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSetActiveDesktop (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\activedesktop\NoChangingWallpaper (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSetActiveDesktop (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Documents and Settings\Matthew Gonzalez\Local Settings\Temp\pXao.dll (Malware.Packer) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\41.exe (Trojan.FakeAlert) -> Delete on reboot.

Restarted, same rebooting issue.

Went into Safe Mode with Networking, updated MalwareBytes and reran it:

Malwarebytes' Anti-Malware 1.44
Database version: 3510
Windows 5.1.2600 Service Pack 2 (Safe Mode)
Internet Explorer 7.0.5730.11

1/23/2010 1:41:50 AM
mbam-log-2010-01-23 (01-41-50).txt

Scan type: Full Scan (C:\|)
Objects scanned: 506191
Time elapsed: 2 hour(s), 16 minute(s), 41 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 7

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\smss32.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Documents and Settings\Matthew Gonzalez\Local Settings\Temp\KyWN.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Program Files\AliveMedia\Text to Speech\TextToSpeech.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\SDFix\dummy.sys (Malware.Trace) -> Quarantined and deleted successfully.
C:\SDFix\apps\dummy.sys (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\smss32.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\helper32.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\Winlogon32.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Rebooted, same issue.

I now posting from Safe Mode with Networking.
Ran HijackThis directly before posting:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:01:06 AM, on 1/23/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Safe mode with network support

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Opera\opera.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=6061109
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=6061109
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=6061109
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell.com
O2 - BHO: FCTBPos00Pos - {064F9A9F-3A73-41A1-8F33-D0660836FA8B} - C:\Program Files\Pirates - FB\Toolbar.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MI1933~1\Office12\GRA8E1~1.DLL
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.33.0\gears.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: ZoneAlarm Spy Blocker BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O3 - Toolbar: 12-Toolbar - {00000000-000b-5041-4354-0020e48020af} - C:\Program Files\12Ghosts\12toolbar.dll
O3 - Toolbar: Alive Text to Speech - {954F618B-0DEC-4D1A-9317-E0FC96F87865} - C:\PROGRA~1\ALIVEM~1\TEXTTO~1\IETOOL~1.DLL
O3 - Toolbar: ZoneAlarm Spy Blocker - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: Pirates - FB - {FCD92A5D-0984-4850-BE14-BDFA192150FF} - C:\Program Files\Pirates - FB\Toolbar.dll
O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe "
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe "
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe "
O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [LogonStudio] "C:\Program Files\WinCustomize\LogonStudio\logonstudio.exe" /RANDOM
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\winamp\winampa.exe "
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe "
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe "
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe "
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe "
O4 - HKLM\..\Run: [WUSB54Gv2] C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\InvokeSvc3.exe
O4 - HKLM\..\Run: [Turbine Download Manager Tray Icon] "C:\Program Files\Turbine\Turbine Download Manager\TurbineDownloadManagerIcon.exe "
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Metacafe.lnk = C:\Program Files\Metacafe\MetacafeAgent.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.33.0\gears.dll
O9 - Extra 'Tools' menuitem: &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.33.0\gears.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\Office12\REFIEBAR.DLL
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Matthew Gonzalez\Start Menu\Programs\IMVU\Run IMVU.lnk
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (CDownloadCtrl Object) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.9.113.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} (GameLauncher Control) - http://www.acclaim.com/cabs/acclaim_v5.cab
O16 - DPF: {87A638DE-396F-40FD-A2F8-01B56072F553} (Launcher Class) - http://download.gemfighter.com/launcher/gemx2.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MI1933~1\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate1c99fac5931bb9d) (gupdate1c99fac5931bb9d) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Hyperdesk Theme Enabler (HdThemeEnabler) - The Skins Factory, Inc. - C:\Program Files\The Skins Factory\Hyperdesk\Common\HDThemeEnabler.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Turbine Message Service - Live (LiveTurbineMessageService) - Turbine, Inc. - C:\Program Files\Turbine\Turbine Download Manager\TurbineMessageService.exe
O23 - Service: Turbine Network Service - Live (LiveTurbineNetworkService) - Turbine, Inc. - C:\Program Files\Turbine\Turbine Download Manager\TurbineNetworkService.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: nProtect Security Platform 2007 Service (NSPService) - Unknown owner - C:\WINDOWS\system32\INCAinternet\nProtect Security Platform 2007\nspsvc.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: WUSB54Gv2SVC - GEMTEKS - C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe

--
End of file - 14160 bytes


Ah, I also might add I attempted to system restore to more than one point, with the same result of being auto rebooted back to the F8 Menu, and then an error message coming up once back in Safe Mode telling me that it could not system restore back to that point. (Or any other).

Help would be much appreciated. Thanks.

 

Hi and welcome .

First up, you need to follow the instructions found here and post the logs.

Also, MBA-M definitions need updating, so do that, then run a full scan, remove what is found and save the log and reboot. Do MBA-M first please, then the DDS scan.

 

When attempting to update Malwarebytes, I now receive an
Error Code: 732 (12029, 0). I tried redownloading it and then updating again, same error.

Here is the DDS and Attach:


DDS (Ver_09-12-01.01) - NTFSx86 NETWORK
Run by Administrator at 15:39:13.40 on Sat 01/23/2010
Internet Explorer: 7.0.5730.11 BrowserJavaVersion: 1.6.0_14
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.3326.2726 [GMT -5:00]

AV: nProtect GameGuard Personal 2007 *On-access scanning disabled* (Updated) {7D36BE97-9969-4C9F-9DC1-282DB4E1FBEA}
AV: avast! antivirus 4.8.1229 [VPS 100122-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: ZoneAlarm Firewall *disabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Opera\opera.exe
C:\Documents and Settings\Administrator\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=6061109
uSearch Page = hxxp://www.google.com/hws/sb/dell-usuk/en/side.html?channel=us
uSearch Bar = hxxp://www.google.com/hws/sb/dell-usuk/en/side.html?channel=us
uDefault_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=6061109
mWinlogon: UIHost=%SystemRoot%\system32\logonui.exe
BHO: Freecause Toolbar BHO: {064f9a9f-3a73-41a1-8f33-d0660836fa8b} - c:\program files\pirates - fb\Toolbar.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common

files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: ContributeBHO Class: {074c1dc5-9320-4a9a-947d-c042949c6216} - c:\program files\adobe\/Adobe Contribute

CS3/contributeieplugin.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\mi1933~1\office12\GRA8E1~1.DLL
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft

shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google

toolbar\GoogleToolbar_32.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\acrobat 8.0

\acrobat\AcroIEFavClient.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program

files\google\googletoolbarnotifier\5.4.4525.1752\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Google Gears Helper: {e0fefe40-fbf9-42ae-ba58-794ca7e3fb53} - c:\program files\google\google gears\internet

explorer\0.5.33.0\gears.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6

\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: ZoneAlarm Spy Blocker BHO: {f0d4b231-da4b-4daf-81e4-dfee4931a4aa} - c:\program files\zonealarmsb\bar\1.bin\SPYBLOCK.DLL
TB: 12-Toolbar: {00000000-000b-5041-4354-0020e48020af} - c:\program files\12ghosts\12toolbar.dll
TB: Alive Text to Speech: {954f618b-0dec-4d1a-9317-e0fc96f87865} - c:\progra~1\alivem~1\textto~1\IETOOL~1.DLL
TB: ZoneAlarm Spy Blocker: {f0d4b239-da4b-4daf-81e4-dfee4931a4aa} - c:\program files\zonealarmsb\bar\1.bin\SPYBLOCK.DLL
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
TB: Contribute Toolbar: {517bdde4-e3a7-4570-b21e-2b52b6139fc7} - c:\program files\adobe\/Adobe Contribute

CS3/contributeieplugin.dll
TB: Veoh Browser Plug-in: {d0943516-5076-4020-a3b5-aefaf26ab263} - c:\program files\veoh

networks\veoh\plugins\reg\VeohToolbar.dll
TB: Pirates - FB: {fcd92a5d-0984-4850-be14-bdfa192150ff} - c:\program files\pirates - fb\Toolbar.dll
TB: Veoh Web Player Video Finder: {0fbb9689-d3d7-4f7a-a2e2-585b10099bfc} - c:\program files\veoh

networks\veohwebplayer\VeohIEToolbar.dll
TB: DAEMON Tools Toolbar: {32099aac-c132-4136-9e9a-4e364a424e17} - c:\program files\daemon tools toolbar\DTToolbar.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll
uRun: [DellSupport] "c:\program files\dell support\DSAgnt.exe" /startup
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [SigmatelSysTrayApp] stsystra.exe
mRun: [UnlockerAssistant] "c:\program files\unlocker\UnlockerAssistant.exe "
mRun: [IMJPMIG8.1] "c:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
mRun: [IMEKRMIG6.1] c:\windows\ime\imkr6_1\IMEKRMIG.EXE
mRun: [MSPY2002] c:\windows\system32\ime\pintlgnt\ImScInst.exe /SYNC
mRun: [PHIME2002ASync] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNC
mRun: [PHIME2002A] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMEName
mRun: [googletalk] c:\program files\google\google talk\googletalk.exe /autostart
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe "
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\isuspm.exe -startup
mRun: [Acrobat Assistant 8.0] "c:\program files\adobe\acrobat 8.0\acrobat\Acrotray.exe "
mRun: [<NO NAME>]
mRun: [Adobe_ID0EYTHM] c:\progra~1\common~1\adobe\adobev~1\server\bin\VERSIO~2.EXE
mRun: [avast!] c:\progra~1\alwils~1\avast4\ashDisp.exe
mRun: [LogonStudio] "c:\program files\wincustomize\logonstudio\logonstudio.exe" /RANDOM
mRun: [WinampAgent] "c:\program files\winamp\winampa.exe "
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe "
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [ATICustomerCare] "c:\program files\ati\aticustomercare\ATICustomerCare.exe "
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe "
mRun: [ZoneAlarm Client] "c:\program files\zone labs\zonealarm\zlclient.exe "
mRun: [WUSB54Gv2] c:\program files\linksys wireless-g usb wireless network monitor\InvokeSvc3.exe
mRun: [Turbine Download Manager Tray Icon] "c:\program files\turbine\turbine download manager\TurbineDownloadManagerIcon.exe "
mRun: [amd_dc_opt] c:\program files\amd\dual-core optimizer\amd_dc_opt.exe
mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\metacafe.lnk - c:\program files\metacafe\MetacafeAgent.exe
mPolicies-system: RunStartupScriptSync = 1 (0x1)
IE: &Google Search - c:\program files\google\GoogleToolbar1.dll/cmsearch.html
IE: &Translate English Word - c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
IE: Backward Links - c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
IE: Cached Snapshot of Page - c:\program files\google\GoogleToolbar1.dll/cmcache.html
IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office12\EXCEL.EXE/3000
IE: Similar Pages - c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
IE: Translate Page into English - c:\program files\google\GoogleToolbar1.dll/cmtrans.html
IE: {d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\documents and settings\matthew gonzalez\start menu\programs\imvu\Run IMVU.lnk
IE: {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - {0B4350D1-055F-47A3-B112-5F2F2B0D6F08} - c:\program files\google\google

gears\internet explorer\0.5.33.0\gears.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\mi1933~1\office12

\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mi1933~1\office12

\REFIEBAR.DLL
DPF: {00000055-9980-0010-8000-00AA00389B71} - hxxp://codecs.microsoft.com/codecs/i386/fhg.CAB
DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://download.microsoft.com/download/e/4/9/e494c802-dd90-4c6b-a074-

469358f075a6/OGAControl.cab
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} -

hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} - hxxp://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper.dll
DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - hxxp://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.9.113.cab
DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - hxxp://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} - hxxp://www.acclaim.com/cabs/acclaim_v5.cab
DPF: {87A638DE-396F-40FD-A2F8-01B56072F553} - hxxp://download.gemfighter.com/launcher/gemx2.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\progra~1\mi1933~1\office12\GR99D3~1.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: AtiExtEvent - Ati2evxx.dll
Notify: WBSrv - c:\program files\alienguise\wbsrv.dll
Notify: Zboard - Winlognotif.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\mi1933~1\office12\GRA8E1~1.DLL
SEH: {4F07DA45-8170-4859-9B5F-037EF2970034} - No File

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\admini~1\applic~1\mozilla\firefox\profiles\gjszg6e7.default\
FF - component: c:\program files\google\google gears\firefox\lib\ff35\gears.dll
FF - plugin: c:\documents and settings\all users\application data\nexonus\ngm\npNxGameUS.dll
FF - plugin: c:\progra~1\sonyon~1\npsoe.dll
FF - plugin: c:\program files\google\update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\ign\download manager\npfpdlm.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npgcplug.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npijjiautoinstallpluginff.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npijjiFFPlugin1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\NPMFireLauncher.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npmozax.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npPandoWebInst.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npracplug.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npunagi2.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npViewpoint.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npvirtools.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npyaxmpb.dll
FF - plugin: c:\program files\mozilla firefox\plugins\NPZoneSB.dll
FF - plugin: c:\program files\opera\program\plugins\npdivx32.dll
FF - plugin: c:\program files\opera\program\plugins\npsoestb.dll
FF - plugin: c:\program files\real\realarcade\plugins\mozilla\npracplug.dll
FF - plugin: c:\program files\veoh networks\veoh\plugins\noreg\NPVeohVersion.dll
FF - plugin: c:\program files\veoh networks\veohwebplayer\NPVeohTVPlugin.dll
FF - plugin: c:\program files\veoh networks\veohwebplayer\npWebPlayerVideoPluginATL.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-

0006-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-

0007-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-

0014-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref( "security.ssl3.rsa_seed_sha ", true);

============= SERVICES / DRIVERS ===============

R1 vsdatant;vsdatant;c:\windows\system32\vsdatant.sys [2009-8-29 353672]
R2 vsmon;TrueVector Internet Monitor;c:\windows\system32\zonelabs\vsmon.exe -service --> c:\windows\system32

\zonelabs\vsmon.exe -service [?]
R3 LMPC2;LMPC2;c:\windows\system32\drivers\lmpc2.sys [2006-12-27 4224]
S1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-9-7 78416]
S2 Akamai;Akamai NetSession Interface;c:\windows\system32\svchost.exe -k Akamai [2005-8-16 14336]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2008-9-7 20560]
S2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast4\ashServ.exe [2008-9-7 147640]
S2 gupdate1c99fac5931bb9d;Google Update Service (gupdate1c99fac5931bb9d);c:\program files\google\update\GoogleUpdate.exe

[2009-3-8 133104]
S2 HdThemeEnabler;Hyperdesk Theme Enabler;c:\program files\the skins factory\hyperdesk\common\HDThemeEnabler.exe [2008-7-23

106496]
S2 LiveTurbineMessageService;Turbine Message Service - Live;c:\program files\turbine\turbine download

manager\TurbineMessageService.exe [2009-9-28 271856]
S2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
S2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2007-11-15 34064]
S2 NSPService;nProtect Security Platform 2007 Service;c:\windows\system32\incainternet\nprotect security platform 2007

\nspsvc.exe --> c:\windows\system32\incainternet\nprotect security platform 2007\nspsvc.exe [?]
S2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2007-4-2

24652]
S3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast4\ashMaiSv.exe [2008-9-7 250040]
S3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast4\ashWebSv.exe [2008-9-7 348344]
S3 gUSBSTOi;gUSBSTOi;\??\c:\docume~1\matthe~1\locals~1\temp\gusbstoi.sys --> c:\docume~1\matthe~1\locals~1\temp\gUSBSTOi.sys

[?]
S3 LiveTurbineNetworkService;Turbine Network Service - Live;c:\program files\turbine\turbine download

manager\TurbineNetworkService.exe [2009-9-28 218608]
S3 MSSQL$SONY_MEDIAMGR2;SQL Server (SONY_MEDIAMGR2);c:\program files\microsoft sql server\mssql.1\mssql\binn\sqlservr.exe

[2007-2-10 29178224]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service

[?]
S3 NTProcDrv;Process creation detector for NT.;c:\windows\temp\drv2.tmp [2010-1-7 3584]
S3 scskusbf;USB SCSK Filter Driver Service;c:\windows\system32\drivers\scskusbf.sys [2007-3-25 19504]
S3 scskusbs;USB SCSK Driver Service;c:\windows\system32\drivers\scskusbs.sys [2007-3-25 83160]
S3 TKFsAc;TKFsAc;\??\c:\windows\system32\tkfsac2k.sys --> c:\windows\system32\TKFsAc2k.sys [?]
S3 TKFsAv;TKFsAv;\??\c:\windows\system32\tkfsav2k.sys --> c:\windows\system32\TKFsAv2k.sys [?]
S3 TKFsFt;TKFsFt;\??\c:\windows\system32\tkfsft2k.sys --> c:\windows\system32\TKFsFt2k.sys [?]
S3 TKRgAc;TKRgAc;\??\c:\windows\system32\tkrgac2k.sys --> c:\windows\system32\TKRgAc2k.sys [?]
S3 TKRgFt;TKRgFt;\??\c:\windows\system32\tkrgftxp.sys --> c:\windows\system32\TKRgFtXp.sys [?]
S3 XDva037;XDva037;\??\c:\windows\system32\xdva037.sys --> c:\windows\system32\XDva037.sys [?]
S3 XDva064;XDva064;\??\c:\windows\system32\xdva064.sys --> c:\windows\system32\XDva064.sys [?]
S3 XDva090;XDva090;\??\c:\windows\system32\xdva090.sys --> c:\windows\system32\XDva090.sys [?]
S3 XDva143;XDva143;\??\c:\windows\system32\xdva143.sys --> c:\windows\system32\XDva143.sys [?]
S3 XDva167;XDva167;\??\c:\windows\system32\xdva167.sys --> c:\windows\system32\XDva167.sys [?]
S3 XDva202;XDva202;\??\c:\windows\system32\xdva202.sys --> c:\windows\system32\XDva202.sys [?]
S3 XDva306;XDva306;\??\c:\windows\system32\xdva306.sys --> c:\windows\system32\XDva306.sys [?]

=============== Created Last 30 ================

2010-01-23 07:57:35 28552 ----a-w- c:\windows\system32\drivers\pavboot.sys
2010-01-23 07:57:15 0 d-----w- c:\program files\Panda Security
2010-01-23 03:32:17 0 ----a-w- c:\windows\system32\28145.exe
2010-01-23 03:12:17 0 ----a-w- c:\windows\system32\5705.exe
2010-01-23 02:52:17 0 ----a-w- c:\windows\system32\24464.exe
2010-01-23 02:32:17 0 ----a-w- c:\windows\system32\26962.exe
2010-01-23 02:12:17 0 ----a-w- c:\windows\system32\29358.exe
2010-01-23 01:52:17 0 ----a-w- c:\windows\system32\11478.exe
2010-01-23 01:32:17 0 ----a-w- c:\windows\system32\15724.exe
2010-01-23 01:12:17 0 ----a-w- c:\windows\system32\19169.exe
2010-01-23 00:52:17 0 ----a-w- c:\windows\system32\26500.exe
2010-01-23 00:32:17 0 ----a-w- c:\windows\system32\6334.exe
2010-01-22 23:25:14 0 ----a-w- c:\windows\system32\18467.exe
2010-01-22 23:07:50 0 d-----w- c:\docume~1\admini~1\applic~1\Malwarebytes
2010-01-22 23:01:14 0 ----a-w- c:\windows\system32\IS15.exe
2010-01-07 08:00:40 0 d-----w- c:\program files\Steam
2010-01-06 06:12:41 6435 ----a-w- c:\windows\system32\WORK.DAT
2010-01-02 02:36:56 0 d-----w- C:\gPotato.com
2009-12-31 08:58:15 0 d-----w- c:\windows\Replay Video Capture
2009-12-31 08:58:15 0 d-----w- c:\program files\Replay Video Capture
2009-12-29 08:52:18 0 d-----w- c:\program files\The Skins Factory
2009-12-28 23:43:04 0 d-----w- c:\program files\Extreme Picture Finder 3
2009-12-28 23:43:04 0 d-----w- c:\docume~1\alluse~1\applic~1\Extreme Picture Finder
2009-12-26 07:50:14 0 d-----w- c:\program files\common files\Akamai

==================== Find3M ====================

2010-01-22 23:06:44 4212 ---ha-w- c:\windows\system32\zllictbl.dat
2010-01-07 21:07:14 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-07 21:07:04 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-11-25 03:50:16 4463104 ----a-w- c:\windows\system32\drivers\ati2mtag.sys
2009-11-25 03:50:16 4463104 ----a-w- c:\windows\system32\dllcache\ati2mtag.sys
2009-11-25 03:27:54 446464 ----a-w- c:\windows\system32\ATIDEMGX.dll
2009-11-25 03:26:52 300032 ----a-w- c:\windows\system32\ati2dvag.dll
2009-11-25 03:11:24 208896 ----a-w- c:\windows\system32\atipdlxx.dll
2009-11-25 03:11:06 155648 ----a-w- c:\windows\system32\Oemdspif.dll
2009-11-25 03:10:54 26112 ----a-w- c:\windows\system32\Ati2mdxx.exe
2009-11-25 03:10:42 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2009-11-25 03:10:28 155648 ----a-w- c:\windows\system32\ati2evxx.dll
2009-11-25 03:09:04 602112 ----a-w- c:\windows\system32\ati2evxx.exe
2009-11-25 03:07:36 53248 ----a-w- c:\windows\system32\ATIDDC.DLL
2009-11-25 02:59:54 311296 ----a-w- c:\windows\system32\atiiiexx.dll
2009-11-25 02:59:04 3538496 ----a-w- c:\windows\system32\ati3duag.dll
2009-11-25 02:44:28 13533184 ----a-w- c:\windows\system32\atioglxx.dll
2009-11-25 02:43:18 2142848 ----a-w- c:\windows\system32\ativvaxx.dll
2009-11-25 02:42:54 887724 ----a-w- c:\windows\system32\ativva6x.dat
2009-11-25 02:26:08 65024 ----a-w- c:\windows\system32\atimpc32.dll
2009-11-25 02:26:08 65024 ----a-w- c:\windows\system32\amdpcom32.dll
2009-11-25 02:21:40 565248 ----a-w- c:\windows\system32\atikvmag.dll
2009-11-25 02:20:16 45056 ----a-w- c:\windows\system32\aticalrt.dll
2009-11-25 02:20:02 45056 ----a-w- c:\windows\system32\aticalcl.dll
2009-11-25 02:19:26 176128 ----a-w- c:\windows\system32\atiadlxx.dll
2009-11-25 02:18:58 17408 ----a-w- c:\windows\system32\atitvo32.dll
2009-11-25 02:18:26 3612672 ----a-w- c:\windows\system32\aticaldd.dll
2009-11-25 02:18:14 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2009-11-25 02:17:22 397312 ----a-w- c:\windows\system32\atiok3x2.dll
2009-11-25 02:12:38 638976 ----a-w- c:\windows\system32\ati2cqag.dll
2007-05-25 00:26:55 774144 ----a-w- c:\program files\RngInterstitial.dll
2007-10-06 18:46:18 168 --sh--r- c:\windows\system32\5A18741CEC.sys
2009-10-06 07:41:25 164352 --sh--w- c:\windows\system32\SC.dll

============= FINISH: 15:40:23.79 ===============

Attach:


UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-12-01.01)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 11/13/2006 3:36:14 PM
System Uptime: 1/23/2010 1:44:03 AM (14 hours ago)

Motherboard: Dell Inc | | 0CT103
Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 3800+ | Socket M2

| 2004/1000mhz
Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 3800+ | Socket M2

| 2004/1000mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 144 GiB total, 33.052 GiB free.
D: is CDROM ()

==== Disabled Device Manager Items =============

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Hamachi Network Interface
Device ID: ROOT\NET\0001
Manufacturer: Applied Networking Inc.
Name: Hamachi Network Interface
PNP Device ID: ROOT\NET\0001
Service: hamachi

==== System Restore Points ===================

RP846: 1/12/2010 11:31:06 AM - Removed The Saboteur
RP847: 1/15/2010 2:38:01 PM - Installed AvalonHeroes.
RP848: 1/16/2010 1:47:25 PM - Removed AvalonHeroes.
RP849: 1/17/2010 10:17:05 PM - Removed Pro Evolution Soccer 2010.
RP850: 1/18/2010 12:36:26 AM - Installed DirectX
RP851: 1/22/2010 3:50:32 AM - Configured Dynasty Warriors 6
RP852: 1/22/2010 11:09:31 PM - Restore Operation
RP853: 1/22/2010 11:16:45 PM - Restore Operation

==== Installed Programs ======================

µTorrent
10780
12G-Complete
A-PDF Image Extractor 1.0
AAC Decoder
AC3Filter (remove only)
Acrobat.com
Add or Remove Adobe Creative Suite 3 Master Collection
Adobe Acrobat 8 Professional
Adobe After Effects CS3
Adobe After Effects CS3 Presets
Adobe AIR
Adobe Anchor Service CS3
Adobe Asset Services CS3
Adobe Bridge 1.0
Adobe Bridge CS3
Adobe Bridge Start Meeting
Adobe BridgeTalk Plugin CS3
Adobe Camera Raw 4.0
Adobe CMaps
Adobe Color - Photoshop Specific
Adobe Color Common Settings
Adobe Color EU Extra Settings
Adobe Color JA Extra Settings
Adobe Color NA Recommended Settings
Adobe Common File Installer
Adobe Contribute CS3
Adobe Creative Suite 3 Master Collection
Adobe Default Language CS3
Adobe Device Central CS3
Adobe Dreamweaver CS3
Adobe Encore CS3
Adobe Encore CS3 Codecs
Adobe ExtendScript Toolkit 2
Adobe Extension Manager CS3
Adobe Fireworks CS3
Adobe Flash CS3
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Flash Video Encoder
Adobe Fonts All
Adobe Help Center 1.0
Adobe Help Viewer CS3
Adobe Illustrator CS3
Adobe InDesign CS3
Adobe InDesign CS3 Icon Handler
Adobe Linguistics CS3
Adobe MotionPicture Color Files
Adobe PDF Library Files
Adobe Photoshop CS2
Adobe Photoshop CS3
Adobe Premiere Pro CS3
Adobe Premiere Pro CS3 Functional Content
Adobe Premiere Pro CS3 Third Party Content
Adobe Reader 7.0.8
Adobe Setup
Adobe Shockwave Player
Adobe SING CS3
Adobe Soundbooth CS3
Adobe Soundbooth CS3 Codecs
Adobe Stock Photos 1.0
Adobe Stock Photos CS3
Adobe Type Support
Adobe Update Manager CS3
Adobe Version Cue CS3 Client
Adobe Version Cue CS3 Server
Adobe Video Profiles
Adobe WAS CS3
Adobe WinSoft Linguistics Plugin
Adobe XMP DVA Panels CS3
Adobe XMP Panels CS3
AHV content for Acrobat and Flash
AIM 6
AlienGUIse Theme Manager
Alive Text to Speech v5.2.1.0
All Sound Recorder XP 2.10
AOL Coach Version 1.0(Build:20040229.1 en)
AOL Connectivity Services
AOL Uninstaller (Choose which Products to Remove)
AOLIcon
Apple Mobile Device Support
Apple Software Update
ASIO4ALL
ATI AVIVO Codecs
ATI Catalyst Control Center
ATI Catalyst Install Manager
ATI Catalyst Registration
ATI Display Driver
ATI HYDRAVISION
ATI Parental Control & Encoder
ATI Problem Report Wizard
AutoUpdate
avast! Antivirus
AVS DVD Player version 2.2
Azureus Vuze
Batch Renamer 2.1.1 (uninstall)
Battlefield Heroes
Blaze Media Pro
Bonjour
BootSkin
Broadcom Management Programs
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Common
Catalyst Control Center HydraVision Full
ccc-core-preinstall
ccc-core-static
ccc-utility
CCC Help English
CDBurnerXP
Cheat Engine 5.3
Choice Guard
Cliprex DVD Player Professional
Cole2k Media - Codec Pack (Advanced) 6.0.9
Collab
Conexant D850 56K V.9x DFVc Modem
CoreAAC
Corel Snapfire Plus
Curse Client
DAEMON Tools Toolbar
Data Doctor Password Recovery - Evaluation
Deckadance
Dell CinePlayer
Dell Game Console
Dell Support 3.2
Dell System Restore
Deus lo Vult
Digital Content Portal
Digital Line Detect
Direct KiSS
DivX Author 1.5
DivX Codec
DivX Converter
DivX Player
DivX Plus DirectShow Filters
DivX Version Checker
DivX Web Player
Documentation & Support Launcher
Download Manager 2.3.9
Driver Robot 1.1.0.3
Dual-Core Optimizer
Dynasty Warriors 6
EarthLink Setup Files
ebgcInfra
ebgcRes
ebgcSDK
EducateU
ESPNMotion
Europa Universalis III
Extreme Picture Finder 3.10
Fallout Mod Manager 0.9.15
ffdshow (remove only)
FinalBurner Free v1.30.0.127
FL Studio 7
Fotosizer 1.22
Free Realms Installer
FrostWire 4.17.0
Full Tilt Poker
Fury
GameGain
Games, Music, & Photos Launcher
GameSpot Download Manager
GameSpy Comrade
GemMaster Mystic
Genuine Fractals 5.0
Get High Speed Internet!
Glitchys MES 2.7
Gmail Password Recovery (remove only)
GOM ENCODER
GOM Player
Google Gears
Google Talk (remove only)
Google Toolbar for Internet Explorer
Google Update Helper
Guitar Hero III
H.264 Decoder
Hamachi 1.0.1.3
Heir to the Throne
High Definition Audio Driver Package - KB835221
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 10 (KB903157)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB888795)
Hotfix for Windows XP (KB891593)
Hotfix for Windows XP (KB895961)
Hotfix for Windows XP (KB896256)
Hotfix for Windows XP (KB899337)
Hotfix for Windows XP (KB899510)
Hotfix for Windows XP (KB902841)
Hotfix for Windows XP (KB906569)
Hotfix for Windows XP (KB908673)
Hotfix for Windows XP (KB912024)
Hotfix for Windows XP (KB915865)
Hotfix for Windows XP (KB926239)
Hotfix for Windows XP (KB954550-v5)
HuxleyTheDystopia
Hyperdesk - DarkMatter Subspace
IGN Download Manager 2.3.2
ijji Auto Installer
IL Download Manager
ILLUSION ????3
Internet Service Offers Launcher
IrfanView (remove only)
ISO Recorder
iTunes
J2SE Runtime Environment 5.0 Update 6
Java(TM) 6 Update 14
Java(TM) 6 Update 6
Java(TM) 6 Update 7
Kaspersky Online Scanner
Katawa Shoujo Act 1
Keyboard King
King's Bounty. The Legend (Remove Only)
Korean Language Support
LastChaos
Learn2 Player (Uninstall Only)
LimeWire 4.18.8
Linksys Wireless-G USB Network Adapter
Lock My PC 3.6 for Windows 98/ME and Windows 2000/XP
LogonStudio
lolifox (0.3.6)
Malwarebytes' Anti-Malware
MCU
Metacafe
Microsoft .NET Framework 1.0 Hotfix (KB887998)
Microsoft .NET Framework 1.0 Hotfix (KB930494)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft AppLocale
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Games for Windows - LIVE
Microsoft Games for Windows - LIVE Redistributable
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Plus! Digital Media Edition Installer
Microsoft Plus! Photo Story 2 LE
Microsoft Software Update for Web Folders (English) 12
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Express Edition (SONY_MEDIAMGR2)
Microsoft SQL Server Native Client
Microsoft SQL Server Setup Support Files (English)
Microsoft SQL Server VSS Writer
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual J# .NET Redistributable Package 1.1
Microsoft Windows Application Compatibility Database
Microsoft Windows Media Video 9 VCM
Microsoft Works
Microsoft WSE 3.0 Runtime
mIRC
MKV Splitter
Modem Diagnostic Tool
Morpheus Toolbar
Mozilla Firefox (3.5.7)
MPlugin
MSVCRT
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 6.0 Parser (KB933579)
msxml4
NetWaiting
NexusRadar
nProtect Security Platform 2007
NVIDIA Drivers
NVIDIA PhysX
NWN2 - Asylum01
NWN2 - Dark Waters 1
ObjectDock
ObjectDock Plus
OneStepSearch 1.0 build 192
OpenAL
OpenLibraries
OpenOffice.org 2.3
Opera 10.10
Outspark Launcher
Panda ActiveScan 2.0
Pando Media Booster
PDF Settings
Pirates - FB
Pirates Of The Caribbean At Worlds End Screen Saver
PlayNC Launcher
PlayOnline Viewer & Tetra Master
PLAYXPERT In-Game Platform
PunkBuster Services
QuickTime
Rainlendar2 (remove only)
Rainmeter (remove only)
RAMBooster.Net
Real Alternative 1.52
RealArcade
RealPlayer
Replay Video Capture
Rhapsody Player Engine
RivaTuner v2.24
RTKXI
Rumble Fighter
SearchAssist
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899588)
Security Update for Windows XP (KB899589)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB908531)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB916281)
Security Update for Windows XP (KB917159)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB918899)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920214)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921503)
Security Update for Windows XP (KB921883)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB922760)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923694)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925454)
Security Update for Windows XP (KB925486)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB929123)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB932168)
Security Update for Windows XP (KB933729)
Security Update for Windows XP (KB935839)
Security Update for Windows XP (KB935840)
Security Update for Windows XP (KB936021)
Security Update for Windows XP (KB937894)
Security Update for Windows XP (KB938829)
Security Update for Windows XP (KB941202)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB941644)
Security Update for Windows XP (KB941693)
Security Update for Windows XP (KB943055)
Security Update for Windows XP (KB943460)
Security Update for Windows XP (KB943485)
Security Update for Windows XP (KB944653)
Security Update for Windows XP (KB945553)
Security Update for Windows XP (KB946026)
Security Update for Windows XP (KB948590)
Segoe UI
Skins
Skypeâ„¢ 3.8
Sonic Activation Module
Sonic Encoders
Sonic Update Manager
Sony Media Manager 2.3
Sony Vegas Pro 8.0
SQLXML 3.0 SP3
Star Trek Online
Steam
StyleXP (remove only)
Super Collapse! 3
SuperNZB v3.0.3
System Requirements Lab
TeamSpeak 2 RC2
TeamViewer 3
The KMPlayer (remove only)
The Laughing Man Screensaver
The Rosetta Stone
TTS
TuneUp Utilities 2008
Turbine Download Manager - Live
Unlocker 1.8.7
Update for Windows Media Player 10 (KB910393)
Update for Windows Media Player 10 (KB913800)
Update for Windows XP (KB894391)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB910437)
Update for Windows XP (KB911280)
Update for Windows XP (KB912945)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB927891)
Update for Windows XP (KB930916)
Update for Windows XP (KB931836)
Update for Windows XP (KB933360)
Update for Windows XP (KB938828)
Update Rollup 2 for Windows XP Media Center Edition 2005
URL Assistant
VC 9.0 Runtime
VC80CRTRedist - 8.0.50727.762
Ventrilo Client
Veoh Web Player
VeohTV BETA
VideoLAN VLC media player 0.8.6b
Viewpoint Manager (Remove Only)
Viewpoint Media Player
Virtools 3D Life Player
Visual C++ 8.0 Runtime Setup Package
VividSwitcher 1.0
WebFldrs XP
WildTangent Web Driver
Winamp
WindowBlinds
Windows Driver Package - Advanced Micro Devices (AmdK8) Processor

(05/27/2006 1.3.2.0)
Windows Imaging Component
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Live Upload Tool
Windows Media Format 11 runtime
Windows Media Player 10
Windows Media Player 10 Hotfix [See EmeraldQFE2 for more information]
Windows Media Player 11
Windows Media Player Firefox Plugin
Windows Vista Upgrade Advisor
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB889673
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB890927
Windows XP Hotfix - KB891781
Windows XP Media Center Edition 2005 KB908246
Windows XP Media Center Edition 2005 KB925766
WinRAR archiver
World of Warcraft FREE Trial
Xbox 360 Controller for Windows
Xfire (remove only)
XML Paper Specification Shared Components Pack 1.0
Yahoo! Install Manager
Yahoo! Music Jukebox
Yahoo! Widgets
Youtube Downloader HD v. 1.1
Zboard (TM) Software
Zeph's Khwarezm Shahdom v1.0
ZeroWing Screensaver
ZoneAlarm
ZoneAlarm Spy Blocker

==== Event Viewer Messages From Past Week ========

1/22/2010 6:23:02 PM, error: DCOM [10005] - DCOM got error "%1084"

attempting to start the service StiSvc with arguments " " in order to

run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
1/22/2010 6:08:38 PM, error: DCOM [10005] - DCOM got error "%1084"

attempting to start the service MDM with arguments " " in order to run

the server: {0C0A3666-30C9-11D0-8F20-00805F2CD064}
1/22/2010 6:05:38 PM, error: Service Control Manager [7026] - The

following boot-start or system-start driver(s) failed to load:

Aavmker4 AFD AmdK8 aswSP aswTdi Fips IPSec MRxSmb NetBIOS NetBT

nvatabus nvraid RasAcd Rdbss sptd StyleXPHelper Tcpip vsdatant WS2IFSL
1/22/2010 6:05:38 PM, error: Service Control Manager [7001] - The

TrueVector Internet Monitor service depends on the vsdatant service

which failed to start because of the following error: A device

attached to the system is not functioning.
1/22/2010 6:05:38 PM, error: Service Control Manager [7001] - The

TCP/IP NetBIOS Helper service depends on the AFD service which failed

to start because of the following error: A device attached to the

system is not functioning.
1/22/2010 6:05:38 PM, error: Service Control Manager [7001] - The

IPSEC Services service depends on the IPSEC driver service which failed

to start because of the following error: A device attached to the

system is not functioning.
1/22/2010 6:05:38 PM, error: Service Control Manager [7001] - The DNS

Client service depends on the TCP/IP Protocol Driver service which

failed to start because of the following error: A device attached to

the system is not functioning.
1/22/2010 6:05:38 PM, error: Service Control Manager [7001] - The DHCP

Client service depends on the NetBios over Tcpip service which failed

to start because of the following error: A device attached to the

system is not functioning.
1/22/2010 6:05:38 PM, error: Service Control Manager [7001] - The

Bonjour Service service depends on the TCP/IP Protocol Driver service

which failed to start because of the following error: A device

attached to the system is not functioning.
1/22/2010 6:05:38 PM, error: Service Control Manager [7001] - The

Apple Mobile Device service depends on the TCP/IP Protocol Driver

service which failed to start because of the following error: A device

attached to the system is not functioning.
1/22/2010 6:05:20 PM, error: DCOM [10005] - DCOM got error "%1084"

attempting to start the service netman with arguments " " in order to

run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
1/22/2010 6:04:56 PM, error: DCOM [10005] - DCOM got error "%1084"

attempting to start the service EventSystem with arguments " " in order

to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
1/22/2010 6:04:29 PM, error: sptd [4] - Driver detected an internal

error in its data structures for .
1/22/2010 6:04:29 PM, error: Ftdisk [49] - Configuring the Page file

for crash dump failed. Make sure there is a page file on the boot

partition and that is large enough to contain all physical memory.
1/22/2010 6:04:29 PM, error: Ftdisk [45] - The system could not

sucessfully load the crash dump driver.
1/22/2010 3:48:41 AM, error: Service Control Manager [7009] - Timeout

(30000 milliseconds) waiting for the Windows Installer service to

connect.
1/22/2010 3:48:41 AM, error: Service Control Manager [7000] - The

Windows Installer service failed to start due to the following error:

The service did not respond to the start or control request in a timely

fashion.
1/22/2010 3:48:40 AM, error: DCOM [10005] - DCOM got error "%1053"

attempting to start the service MSIServer with arguments " " in order to

run the server: {000C101C-0000-0000-C000-000000000046}
1/22/2010 10:57:02 PM, error: Service Control Manager [7026] - The

following boot-start or system-start driver(s) failed to load:

Aavmker4 AmdK8 aswSP Fips nvatabus nvraid sptd StyleXPHelper
1/21/2010 9:19:00 AM, error: ipnathlp [32003] - The Network Address

Translator (NAT) was unable to request an operation of the kernel-mode

translation module. This may indicate misconfiguration, insufficient

resources, or an internal error. The data is the error code.
1/21/2010 9:19:00 AM, error: Dhcp [1002] - The IP address lease

192.168.1.101 for the Network Card with network address 00137239D4AA

has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a

DHCPNACK message).
1/20/2010 4:06:59 PM, error: System Error [1003] - Error code

10000050, parameter1 e712713c, parameter2 00000000, parameter3

bf2b7439, parameter4 00000001.
1/19/2010 8:33:41 PM, error: System Error [1003] - Error code

10000050, parameter1 e7c1113c, parameter2 00000000, parameter3

bf2b7439, parameter4 00000001.
1/18/2010 12:13:37 PM, error: Service Control Manager [7026] - The

following boot-start or system-start driver(s) failed to load:

nvatabus nvraid
1/18/2010 12:13:34 PM, error: Service Control Manager [7000] - The

npkcrypt service failed to start due to the following error: The

system cannot find the file specified.
1/18/2010 11:24:31 AM, error: Service Control Manager [7009] - Timeout

(30000 milliseconds) waiting for the TrueVector Internet Monitor

service to connect.
1/18/2010 11:24:31 AM, error: Service Control Manager [7000] - The

TrueVector Internet Monitor service failed to start due to the

following error: The service did not respond to the start or control

request in a timely fashion.

==== End Of File ===========================

 

When you save the logs, can you please ensure that wordwrap is unchecked in the format Tab in notepad.

==

• Go to Start > Control Panel double-click on the Software icon > add/remove programs.
• Search in the list for all previous installed versions of Java. (J2SE Runtime Environment.... )
• Select it and click Remove.
• Then Download and install the newest version from here:
• http://www.java.com/en/download/manual.jsp

==

Error 732 means it is not connecting to the net. Make sure the pc has connectivity and that the firewall is not blocking the program.

====

Please download ComboFix by sUBs from HERE or HERE

• You must download it to and run it from your Desktop
• Physically disconnect from the internet.
• Now STOP all your monitoring programs (Antivirus/Antispyware, Guards and Shields) as they could easily interfere with ComboFix.
• Double click combofix.exe & follow the prompts.
• When finished, it will produce a log. Please save that log to post in your next reply along with a fresh HJT log
• Re-enable all the programs that were disabled during the running of ComboFix..

Note:
Do not mouse-click combofix's window while it is running. That may cause it to stall.

CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.

Run Combofix ONCE only!!