Active I have a infostealer.gamepass need help/info

[Active] I have a infostealer.gamepass need help/info

I know there is alot on the site about this virus but i have been told that they all do different things to computers and was hoping i can get some help,

i have Symantec AntiVirus and it says my computer has mulitiple Infostealer.gamepass viruses but it wont let me clean them, delete them, or quarantine then. When i try it says something like the file may have been deleted or the file is compressed..

Im not to smart with computers so all i do is open files and look around i ive noticed that i have alot of desktop configuration files in random files liek my music or my pictures. I dont know if this is normal or not, or if this is caused by the virus.

So i was just wondering if you guys could give me more info on exactly what this virus does, and i how i can get rid of it?

thanks

 

Hi thanks for the response here are the logs,

DDS (Ver_09-02-01.01) - FAT32x86
Run by Johnny Westray at 12:25:15.50 on Sat 02/14/2009
Internet Explorer: 7.0.5730.11 BrowserJavaVersion: 1.6.0_11
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1022.227 [GMT -8:00]

AV: Symantec AntiVirus Corporate Edition *On-access scanning enabled* (Updated)
FW: Norton Internet Worm Protection *disabled*

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
C:\WINDOWS\system32\svchost -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Spyware Doctor\svcntaux.exe
C:\Program Files\Spyware Doctor\swdsvc.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Spyware Doctor\SDTrayApp.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
C:\Program Files\D-Link\AirPlus XtremeG DWL-G520\AirPlusCFG.exe
C:\WINDOWS\CTHELPER.EXE
C:\WINDOWS\system32\CTXFIHLP.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\WINDOWS\SYSTEM32\CTXFISPI.EXE
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\Program Files\MySpace\IM\MySpaceIM.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\MySpace\IM\MySpaceIM.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Documents and Settings\Johnny Westray\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.yahoo.com
uSearch Page = hxxp://red.clientapps.yahoo.com/customize/ptec/defaults/sp/*http://www.yahoo.com
uSearch Bar = hxxp://red.clientapps.yahoo.com/customize/ptec/defaults/sb/*http://www.yahoo.com/search/ie.html
uWindow Title = Microsoft Internet Explorer presented by Comcast
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
mWindow Title = Microsoft Internet Explorer presented by Comcast
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
uInternet Connection Wizard,ShellNext = iexplore
uSearchURL,(Default) = hxxp://red.clientapps.yahoo.com/customize/ptec/defaults/su/*http://www.yahoo.com
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn4\yt.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\progra~1\yahoo!\companion\installs\cpn4\yt.dll
BHO: NoExplorer - No File
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy\SDHelper.dll
BHO: Yahoo! IE Services Button: {5bab4b5b-68bc-4b02-94d6-2fc0de4a7897} - c:\program files\yahoo!\common\yiesrvc.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Zango: {90b8b761-df2b-48ac-bbe0-bcc03a819b3b} - c:\program files\zango\bin\10.3.75.0\HostIE.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\progra~1\yahoo!\companion\installs\cpn4\YTSingleInstance.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn4\yt.dll
TB: Zango: {90b8b761-df2b-48ac-bbe0-bcc03a819b3b} - c:\program files\zango\bin\10.3.75.0\HostIE.dll
EB: Zango Information Window: {2aa2fbf8-9c76-4e97-a226-25c5f4ab6358} - c:\program files\zango\bin\10.3.75.0\HostIE.dll
EB: &Yahoo! Messenger: {4528bbe0-4e08-11d5-ad55-00010333d0ad} - c:\progra~1\yahoo!\common\yhexbmesus.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [Creative Detector] "c:\program files\creative\mediasource\detector\CTDetect.exe" /R
uRun: [MySpaceIM] c:\program files\myspace\im\MySpaceIM.exe
uRun: [Messenger (Yahoo!)] "c:\program files\yahoo!\messenger\YahooMessenger.exe" -quiet
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
mRun: [SoundMan] SOUNDMAN.EXE
mRun: [WxEx] c:\program files\wxex\WxEx.exe
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe "
mRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe "
mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe
mRun: [LogitechVideoRepair] c:\program files\logitech\video\ISStart.exe
mRun: [LogitechVideoTray] c:\program files\logitech\video\LogiTray.exe
mRun: [Blitzz BWI715] c:\program files\blitzz\bwi715\WLANmon.exe
mRun: [ANIWZCS2Service] c:\program files\ani\aniwzcs2 service\WZCSLDR2.exe
mRun: [D-Link AirPlus XtremeG DWL-G520] c:\program files\d-link\airplus xtremeg dwl-g520\AirPlusCFG.exe
mRun: [SDTray] "c:\program files\spyware doctor\SDTrayApp.exe "
mRun: [CTHelper] CTHELPER.EXE
mRun: [CTxfiHlp] CTXFIHLP.EXE
mRun: [UpdReg] c:\windows\UpdReg.EXE
mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe "
mRun: [vptray] c:\progra~1\symant~1\VPTray.exe
mRun: [Ad-Watch] c:\program files\lavasoft\ad-aware\AAWTray.exe
dRun: [MySpaceIM] c:\program files\myspace\im\MySpaceIM.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - c:\program files\yahoo!\common\yiesrvc.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\yinsthelper.dll
DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} - hxxp://office.microsoft.com/officeupdate/content/opuc3.cab
DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - hxxp://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - hxxp://download.mcafee.com/molbin/shared/mcgdmgr/1,0,0,26/mcgdmgr.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Notify: AtiExtEvent - Ati2evxx.dll
Notify: NavLogon - c:\windows\system32\NavLogon.dll
Notify: WRNotifier - WRLogonNTF.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: {6dcb0be8-933c-91d2-c901-9a81e135d25a} - c:\windows\system32\lpad32.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\johnny~1\applic~1\mozilla\firefox\profiles\00y9djjq.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - plugin: c:\program files\mozilla firefox\plugins\npclntax_ZangoSA.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npunagi2.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npViewpoint.dll
FF - plugin: c:\program files\viewpoint\viewpoint media player\npViewpoint.dll

============= SERVICES / DRIVERS ===============

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-2-14 64160]
R1 IKSysFlt;System Filter Driver;c:\windows\system32\drivers\iksysflt.sys [2008-1-3 56832]
R1 IKSysSec;System Security Driver;c:\windows\system32\drivers\iksyssec.sys [2008-1-3 74240]
R1 SAVRT;SAVRT;c:\program files\symantec antivirus\savrt.sys [2006-9-6 337592]
R1 SAVRTPEL;SAVRTPEL;c:\program files\symantec antivirus\Savrtpel.sys [2006-9-6 54968]
R2 ccEvtMgr;Symantec Event Manager;c:\program files\common files\symantec shared\ccEvtMgr.exe [2006-11-21 192104]
R2 ccSetMgr;Symantec Settings Manager;c:\program files\common files\symantec shared\ccSetMgr.exe [2006-11-21 169576]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2009-1-18 950096]
R2 sdAuxService;PC Tools Auxiliary Service;c:\program files\spyware doctor\svcntaux.exe [2008-1-3 311112]
R2 sdCoreService;PC Tools Security Service;c:\program files\spyware doctor\swdsvc.exe [2008-1-3 1418056]
R2 Symantec AntiVirus;Symantec AntiVirus;c:\program files\symantec antivirus\Rtvscan.exe [2007-3-14 1816768]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2008-11-20 24652]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2008-11-12 99376]
R3 NAVENG;NAVENG;c:\progra~1\common~1\symant~1\virusd~1\20090213.003\naveng.sys [2009-2-13 89104]
R3 NAVEX15;NAVEX15;c:\progra~1\common~1\symant~1\virusd~1\20090213.003\navex15.sys [2009-2-13 876112]
S0 IKFileSec;File Security Driver;c:\windows\system32\drivers\ikfilesec.sys [2008-1-3 41288]
S2 root;root; "c:\program files\mysql\mysql server 5.0\bin\mysqld-nt" --defaults-file= "c:\program files\mysql\mysql server 5.0\my.ini" root --> c:\program files\mysql\mysql server 5.0\bin\mysqld-nt [?]
S3 A3AB;D-Link AirPro 802.11a/b Wireless Adapter Service(A3AB);c:\windows\system32\drivers\A3AB.sys [2005-3-22 450400]
S3 SavRoam;SAVRoam;c:\program files\symantec antivirus\SavRoam.exe [2007-3-14 116416]
S3 vsdatant;vsdatant;c:\windows\system32\vsdatant.sys [2005-12-1 392824]

============== File Associations ===============

regfile= "regedit.exe" "%1 "

=============== Created Last 30 ================

2009-02-14 02:15 <DIR> --d----- c:\program files\Spybot - Search & Destroy
2009-02-14 02:15 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
2009-02-14 02:12 64,160 a------- c:\windows\system32\drivers\Lbd.sys
2009-02-14 02:11 <DIR> --d-h--- c:\docume~1\alluse~1\applic~1\{83C91755-2546-441D-AC40-9A6B4B860800}
2009-02-14 02:11 <DIR> --d----- c:\program files\Lavasoft
2009-02-13 00:13 <DIR> --d----- c:\program files\Audacity
2009-02-13 00:04 <DIR> --d----- c:\windows\Freecorder Toolbar
2009-02-12 02:24 <DIR> --d----- c:\program files\World of Warcraft
2009-02-12 02:10 <DIR> --d----- c:\windows\Logs
2009-02-12 00:08 2,833 a------- c:\windows\system32\spupdsvc.inf
2009-02-11 23:51 <DIR> --d----- c:\windows\system32\scripting
2009-02-11 23:51 <DIR> --d----- c:\windows\l2schemas
2009-02-11 23:51 <DIR> --d----- c:\windows\system32\en
2009-02-11 23:51 <DIR> --d----- c:\windows\system32\bits
2009-02-11 23:49 <DIR> --d----- c:\windows\ServicePackFiles
2009-02-11 23:45 410,984 a------- c:\windows\system32\deploytk.dll
2009-02-11 23:45 <DIR> --d----- c:\windows\EHome

==================== Find3M ====================

2008-11-16 02:18 30 a------- c:\documents and settings\johnny westray\jagex_runescape_preferences.dat
2004-08-11 17:30 39,424 a------- c:\windows\inf\AMDK8.SYS
1989-12-31 17:01 40,960 ---shr-- c:\windows\system32\lpad32.dll

============= FINISH: 12:27:01.59 ===============


heres the other one:



UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-02-01.01)

Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume1
Install Date: 11/30/2005 4:01:09 PM
System Uptime: 2/14/2009 12:07:50 PM (0 hours ago)

Motherboard: | | K8M800-8237
Processor: AMD Athlon(tm) 64 Processor 3700+ | Socket 754 | 2399/200mhz

==== Disk Partitions =========================

A: is Removable
C: is FIXED (FAT32) - 223 GiB total, 174.791 GiB free.
D: is CDROM ()
E: is CDROM ()
F: is Removable
G: is Removable
H: is Removable
I: is Removable

==== Disabled Device Manager Items =============

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Cisco Systems VPN Adapter
Device ID: ROOT\NET\0000
Manufacturer: Cisco Systems
Name: Cisco Systems VPN Adapter
PNP Device ID: ROOT\NET\0000
Service: CVirtA

==== System Restore Points ===================

RP841: 11/17/2008 7:54:53 AM - System Checkpoint
RP842: 11/18/2008 8:06:52 AM - System Checkpoint
RP843: 11/19/2008 8:54:52 AM - System Checkpoint
RP844: 11/20/2008 11:27:43 AM - System Checkpoint
RP845: 11/21/2008 8:33:18 PM - System Checkpoint
RP846: 11/23/2008 2:34:52 AM - System Checkpoint
RP847: 11/24/2008 4:50:33 AM - System Checkpoint
RP848: 11/25/2008 5:57:22 AM - System Checkpoint
RP849: 11/26/2008 7:20:51 AM - System Checkpoint
RP850: 11/27/2008 9:29:00 PM - System Checkpoint
RP851: 11/28/2008 9:34:22 PM - System Checkpoint
RP852: 11/30/2008 3:26:52 PM - System Checkpoint
RP853: 12/1/2008 4:27:47 PM - System Checkpoint
RP854: 12/2/2008 5:01:19 PM - System Checkpoint
RP855: 12/3/2008 5:18:23 PM - System Checkpoint
RP856: 12/4/2008 5:51:50 PM - Installed Multimedia Card Reader
RP857: 12/5/2008 9:01:10 PM - System Checkpoint
RP858: 12/7/2008 4:14:01 AM - System Checkpoint
RP859: 12/8/2008 4:24:02 AM - System Checkpoint
RP860: 12/8/2008 2:18:00 PM - Installed Antares Auto-Tune Evo VST.
RP861: 12/8/2008 3:37:30 PM - Installed Text-To-Speech-Runtime
RP862: 12/8/2008 4:36:58 PM - Removed Antares Auto-Tune Evo VST.
RP863: 12/8/2008 4:38:31 PM - Installed Antares Auto-Tune Evo VST.
RP864: 12/9/2008 5:45:30 PM - System Checkpoint
RP865: 12/10/2008 6:44:15 PM - System Checkpoint
RP866: 12/12/2008 3:27:11 AM - System Checkpoint
RP867: 12/13/2008 4:13:49 AM - System Checkpoint
RP868: 12/14/2008 4:49:43 AM - System Checkpoint
RP869: 12/15/2008 5:01:21 AM - System Checkpoint
RP870: 12/16/2008 5:44:11 AM - System Checkpoint
RP871: 12/17/2008 5:45:16 AM - System Checkpoint
RP872: 12/18/2008 6:44:11 AM - System Checkpoint
RP873: 12/19/2008 6:55:34 AM - System Checkpoint
RP874: 12/20/2008 7:44:12 AM - System Checkpoint
RP875: 12/21/2008 7:45:17 AM - System Checkpoint
RP876: 12/22/2008 8:50:53 AM - System Checkpoint
RP877: 12/23/2008 8:58:47 AM - System Checkpoint
RP878: 12/24/2008 9:44:12 AM - System Checkpoint
RP879: 12/25/2008 9:44:12 AM - System Checkpoint
RP880: 12/26/2008 9:46:15 AM - System Checkpoint
RP881: 12/27/2008 10:10:45 AM - System Checkpoint
RP882: 1/28/2008 12:26:27 AM - System Checkpoint
RP883: 12/28/2008 2:47:45 PM - System Checkpoint
RP884: 12/29/2008 3:46:14 PM - System Checkpoint
RP885: 12/31/2008 4:30:08 PM - System Checkpoint
RP886: 1/1/2009 4:44:01 PM - System Checkpoint
RP887: 1/3/2009 7:37:08 AM - System Checkpoint
RP888: 1/4/2009 4:54:02 AM - Installed Windows XP WIC.
RP889: 1/4/2009 4:56:16 AM - Installed %1 %2.
RP890: 1/4/2009 4:56:19 AM - Printer Driver Microsoft XPS Document Writer Installed
RP891: 1/6/2009 4:38:07 AM - System Checkpoint
RP892: 1/7/2009 6:16:35 PM - System Checkpoint
RP893: 2/11/2009 10:52:08 PM - Removed Antares Auto-Tune Evo VST.
RP894: 2/11/2009 11:38:25 PM - Software Distribution Service 3.0
RP895: 2/12/2009 2:11:28 AM - Installed DirectX
RP896: 2/13/2009 2:23:52 AM - System Checkpoint
RP897: 2/14/2009 3:59:00 AM - System Checkpoint

==== Installed Programs ======================

Ad-Aware
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player Plugin
Adobe Media Player
Adobe Reader 7.0.9
AirPlus G
AirPlus XtremeG DWL-G520
ANIO Service
ANIWZCS2 Service
AstroMart
ATI Display Driver
Audacity 1.2.6
BWI715
Comcast High-Speed Internet Install Wizard
Creative MediaSource
Creative System Information
DivX Web Player
Golden Palace Casino
HighMAT Extension to Microsoft Windows XP CD Writing Wizard
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Format SDK (KB902344)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB952287)
InterActual Player
J2SE Runtime Environment 5.0 Update 6
J2SE Runtime Environment 5.0 Update 9
Java(TM) 6 Update 11
Java(TM) 6 Update 3
Lexmark Z600 Series
LiveUpdate 3.1 (Symantec Corporation)
LS_HSI
MediaShow 3.0
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0 Service Pack 1
Microsoft .NET Framework 3.0 Service Pack 1
Microsoft .NET Framework 3.5
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Professional Edition 2003
Microsoft Silverlight
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Windows Journal Viewer
Mozilla Firefox (3.0.6)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 6.0 Parser (KB933579)
Multimedia Card Reader
MySpaceIM
Nero Suite
PC Wizard 2006.1.68
Pocket Controller-Professional
PoiZone
PowerArchiver 2006 v9.64
PowerDVD
PowerProducer
PowerStarter
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB958644)
ServiceProvider
Sound Blaster X-Fi
Spybot - Search & Destroy
Spyware Doctor 5.1
StarCraft
Symantec AntiVirus
Text-To-Speech-Runtime
Toxic Biohazard
Tweak UI
Update for Windows XP (KB951072-v2)
Ventrilo Client
Ventrilo Server
VIA Rhine-Family Fast Ethernet Adapter
Viewpoint Media Player
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
VPN Client
WebFldrs XP
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage v1.3.0254.0
Windows Imaging Component
Windows Internet Explorer 7
Windows Media Format 11 runtime
Windows Media Player 10 Hotfix - KB894476
Windows Media Player 11
Windows Vista Upgrade Advisor
Windows XP Service Pack 3
WinRAR archiver
WinZip 11.1
World of Warcraft
Xbox 360 Controller for Windows
XML Paper Specification Shared Components Pack 1.0
Yahoo! Browser Services
Yahoo! Internet Mail
Yahoo! Messenger
Yahoo! Toolbar
Yahoo! Widget Engine

==== Event Viewer Messages From Past Week ========

2/11/2009 10:53:52 PM, error: Service Control Manager [7023] - The Application Management service terminated with the following error: The specified module could not be found.
2/11/2009 10:12:16 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: IKFileSec
2/11/2009 10:11:53 PM, error: Service Control Manager [7000] - The root service failed to start due to the following error: The system cannot find the path specified.
2/11/2009 11:29:11 PM, error: System Error [1003] - Error code 10000050, parameter1 a9263000, parameter2 00000001, parameter3 bf15e1dd, parameter4 00000000.
2/11/2009 11:29:21 PM, error: System Error [1003] - Error code 0000007a, parameter1 c07b9870, parameter2 c000009d, parameter3 f730e2a0, parameter4 0d31f860.
2/12/2009 1:31:32 AM, error: PlugPlayManager [12] - The device 'Multimedia Card Reader' (USB\Vid_058f&Pid_6362\058F312D81B) disappeared from the system without first being prepared for removal.
2/12/2009 1:31:32 AM, error: PlugPlayManager [12] - The device 'Generic USB SD Reader USB Device' (USBSTOR\Disk&Ven_Generic&Prod_USB_SD_Reader&Rev_1.00\058F312D81B&0) disappeared from the system without first being prepared for removal.
2/12/2009 1:31:32 AM, error: PlugPlayManager [12] - The device 'Generic USB CF Reader USB Device' (USBSTOR\Disk&Ven_Generic&Prod_USB_CF_Reader&Rev_1.01\058F312D81B&1) disappeared from the system without first being prepared for removal.
2/12/2009 1:31:32 AM, error: PlugPlayManager [12] - The device 'Generic USB SM Reader USB Device' (USBSTOR\Disk&Ven_Generic&Prod_USB_SM_Reader&Rev_1.02\058F312D81B&2) disappeared from the system without first being prepared for removal.
2/12/2009 1:31:32 AM, error: PlugPlayManager [12] - The device 'Generic USB MS Reader USB Device' (USBSTOR\Disk&Ven_Generic&Prod_USB_MS_Reader&Rev_1.03\058F312D81B&3) disappeared from the system without first being prepared for removal.
2/12/2009 1:31:32 AM, error: PlugPlayManager [12] - The device 'Generic volume' (STORAGE\RemovableMedia\7&33317da3&0&RM) disappeared from the system without first being prepared for removal.
2/12/2009 1:31:32 AM, error: PlugPlayManager [12] - The device 'Generic volume' (STORAGE\RemovableMedia\7&2c889678&0&RM) disappeared from the system without first being prepared for removal.
2/12/2009 1:31:32 AM, error: PlugPlayManager [12] - The device 'Generic volume' (STORAGE\RemovableMedia\7&2c40c824&0&RM) disappeared from the system without first being prepared for removal.
2/12/2009 1:31:32 AM, error: PlugPlayManager [12] - The device 'Generic volume' (STORAGE\RemovableMedia\7&26ebca8a&0&RM) disappeared from the system without first being prepared for removal.
2/14/2009 12:24:21 PM, error: Service Control Manager [7016] - The BrSplService service has reported an invalid current state 0.

==== End Of File ===========================

thanks

 

Hi jdub82048
Welcome.

Please do this.

Download ComboFix from Here to your Desktop.

It's best to disable realtime protection applications as they sometimes interfere with the tool.
Check this link for any applicable programs you may have.

• Close all open programs and windows
• Double click combofix.exe and follow the prompts.
• Vista users right click Combofix.exe and select Run As Administrator.
• When finished, it shall produce a log for you. Post the Combofix log

Note: Do not mouseclick combofix's window while its running. That may cause it to stall

**NOTE - Allow ComboFix to update if prompted.

Thanks
Geri