vmmdiag32.exe

Hello,
I'm running Windows XP on a computer that I will readily admit is on its way out. It was, however, working relatively normally until mid-September. I had minimal diskspace and opted to use the "clean up my computer" offered by the computer to free up space. Since then I have had tons of pop ups on my computer and it has been working very slowly. Since the beginning of October it has slowly began to stop working, my AIM no longer runs properly, my Internet explorer doesn't start up, things freeze, the XVID component for watching videos is gone, and the task manager has allegedly been disabled by the administrator, even though I am the admin and never did any such thing.

Lately, whenever I log in a message comes up saying "Windows cannot find 'vmmdiag32.exe'. Make sure you typed the name correctly and then try again...etc" I have checked a previous post about this topic, but I was unable to turn on my computer in safe mode. The computer has a problem when starting up whereas it beeps continually, telling me that the mouse is engaged (in this case a touchpad thing, since I'm using a laptop), until the normal opening sequence begins, although sometimes the sequence doesn't start. When I press F8 and select safe mode, it gives me a long list of drivers and then reverts back to restarting the computer.

I have run a hijackthis log of the computer and this is it:
Logfile of HijackThis v1.99.1
Scan saved at 11:33:50 PM, on 11/2/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\wdfmgr.exe
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\rundll32.exe
C:\windows\system32\stonedrv.exe
C:\windows\system32\upnp.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\WINDOWS\System32\cmd.exe
C:\Program Files\mozilla.org\Mozilla\mozilla.exe
c:\program files\common files\aol\1149127980\ee\aolsoftware.exe
C:\WINDOWS\System32\SNDVOL32.EXE
C:\Documents and Settings\Owner.MABROUK\Desktop\HJT\HijackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE

F2 - REG:system.ini: Shell=Explorer.exe vmmdiag32.exe
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {43811829-9231-1E14-4C4E-082761B6F555} - C:\WINDOWS\System32\sfgtbik.dll
O2 - BHO: (no name) - {64DCB7AC-9565-F48A-4FA3-0AD04AADD66B} - C:\WINDOWS\System32\qnfdiij.dll
O2 - BHO: (no name) - {73364D99-1240-4dff-B11A-67E448373048} - C:\WINDOWS\System32\ipv6moni.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 3.1\aoltb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: OIN Search - {B9F6E8EB-A4E3-478E-88A4-D3995B5C45C8} - C:\Program Files\OIN Search\OINSearch.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 3.1\aoltb.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1149127980\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe "
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe "
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [IPHSend] C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe
O4 - HKLM\..\Run: [System] C:\WINDOWS\System32\kernels8.exe
O4 - HKLM\..\Run: [sfgtbik.dll] C:\WINDOWS\System32\rundll32.exe C:\WINDOWS\System32\sfgtbik.dll,fabpeyb
O4 - HKLM\..\Run: [stonedrv] c:\windows\system32\stonedrv.exe
O4 - HKLM\..\Run: [np] c:\windows\system32\upnp.exe
O4 - HKLM\..\Run: [3abde82e.exe] C:\WINDOWS\System32\3abde82e.exe
O4 - HKLM\..\Run: [ms] C:\DOCUME~1\OWNER~1.MAB\LOCALS~1\Temp\32391\gm.exe
O4 - HKLM\..\RunServices: [stonedrv] c:\windows\system32\stonedrv.exe
O4 - HKLM\..\RunServices: [SystemTools] C:\WINDOWS\System32\kernels8.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\Common Files\AOL\Launch\AOLLaunch.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [stonedrv] c:\windows\system32\stonedrv.exe
O4 - HKCU\..\Run: [WinMedia] C:\DOCUME~1\OWNER~1.MAB\LOCALS~1\Temp\F83584.exe
O4 - HKCU\..\Run: [3abde82e.exe] C:\Documents and Settings\Owner.MABROUK\Local Settings\Application Data\3abde82e.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Camio Viewer 2000.lnk = C:\Program Files\Sierra Imaging\Image Expert 2000\IXApplet.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 3.1\resources\en-US\local\search.html
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 3.1\aoltb.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O12 - Plugin for .mp3: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin4.dll
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/17a55486b926f3790c00/netzip/RdxIE601.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/FacebookPhotoUploader.cab
O20 - AppInit_DLLs:
O20 - Winlogon Notify: emul65 - C:\WINDOWS\SYSTEM32\emul65.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: winsys2freg - C:\Documents and Settings\All Users.WINDOWS\Documents\Settings\winsys2f.dll
O21 - SSODL: DCOM Server 2236 - {2C1CD3D7-86AC-4068-93BC-A02304BB2236} - C:\WINDOWS\System32\kogfal.dll
O21 - SSODL: eiPimcq - {5C8C973A-F626-3D90-2A7E-819477DC4E6F} - C:\WINDOWS\System32\jjdx.dll
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe


Sorry this is so terribly long, and that there are so many problems. If you could help me in any way I'd appreciate it, even though I know with my litany of complaints it is probably a longshot!

thanks in advance

 

Hello and welcome to WindowsBBS Forums.

Well, what a mess you have going on here.

There are several major infections working here. One being an key logger\backdoor type. If you do any banking or online purchasing I would alert your banking and or credit card institutions. Even tho you say the machine has been acting oddly for some time and if it was truly compromised, you'd likely know about all the credit card charges and bank transactions, there is always an outside chance they just got your info.

I just had a test system infected with a couple of these infections, and it too, tho not infrequently as your machine, would loop-boot, never loading windows at all. Major system files were corrupted and I had to reformat.

Before we even begin to address any fixing, I need to know if you will be able to update the system to all service packs and security patches once we are done.

For us to begin cleaning up and you not be able to update is futile and a giant waste of my time as well as yours. I would suggest you save any data you can, and reformat the system to be 100% sure there is nothing hiding. that is the safest thing to do.

If on the other hand, you have no choice but to attempt clean up, we can proceed, but we cannot in any way, shape, manner or form say the machine is clean ad secure.

Let us know what you decide to do.