Please open Notepad
Click Start, then Run
Type notepad.exe in the Run Box.

2. Now copy/paste the entire content of the codebox below into the Notepad window:

Save the above as CFScript.txt. Replace the one already on your desktop.

4. Then drag the CFScript.txt into ComboFix.exe as depicted in the animation below. This will start ComboFix again.




ComboFix will reboot your computer.


Post the fresh log in your reply, along with a new HijackThis log.

hi....new combofix log...hope i am getting this all right for you...thanks
ComboFix 09-11-01.04 - Jenny Brown 02/11/2009 17:19.2.2 - FAT32x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1014.359 [GMT 10.5:30]
Running from: c:\documents and settings\Jenny Brown\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Jenny Brown\Desktop\CFScript.txt
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\TEMP\logishrd\LVPrcInj01.dll
.
--------------- FCopy ---------------
c:\windows\$NtServicePackUninstall$\sfcfiles.dll --> c:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((( Files Created from 2009-10-02 to 2009-11-02 )))))))))))))))))))))))))))))))
.
2009-11-02 06:49 . 2004-08-03 18:30 1580544 ----a-w- c:\windows\system32\sfcfiles.dll
2009-11-01 20:59 . 2009-11-01 20:59 -------- d-----w- c:\documents and settings\Jenny Brown\Application Data\Malwarebytes
2009-11-01 20:59 . 2009-09-10 04:24 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-11-01 20:59 . 2009-11-01 20:59 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-11-01 20:59 . 2009-11-01 20:59 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-11-01 20:59 . 2009-09-10 04:23 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-11-01 08:45 . 2009-11-01 08:45 -------- d-----w- c:\program files\Trend Micro
2009-11-01 08:34 . 2009-04-30 23:02 539160 ----a-r- c:\windows\system32\LVUI2RC.dll
2009-11-01 08:34 . 2009-04-30 23:02 539160 ----a-r- c:\windows\system32\LVUI2.dll
2009-11-01 08:33 . 2009-04-30 23:03 6754712 ----a-r- c:\windows\system32\drivers\lvuvc.sys
2009-11-01 08:33 . 2009-04-30 22:57 416280 ----a-r- c:\windows\system32\lvcodec2.dll
2009-11-01 08:33 . 2009-04-30 22:39 34068 ----a-r- c:\windows\system32\Repository.reg
2009-11-01 08:33 . 2009-04-30 23:01 265496 ----a-r- c:\windows\system32\drivers\lvrs.sys
2009-11-01 08:33 . 2009-04-30 23:00 114712 ----a-r- c:\windows\system32\drivers\lvpopflt.sys
2009-11-01 08:33 . 2009-04-30 22:57 199192 ----a-r- c:\windows\system32\lvci1201278.dll
2009-11-01 08:32 . 2009-04-30 23:03 23832 ----a-r- c:\windows\system32\drivers\lvuvcflt.sys
2009-11-01 08:31 . 2009-11-01 08:31 -------- d-----w- c:\program files\Common Files\LogiShrd
2009-11-01 08:23 . 2009-11-01 08:23 134 ----a-w- c:\documents and settings\Jenny Brown\Local Settings\Application Data\fusioncache.dat
2009-11-01 08:22 . 2009-11-01 08:23 61456 ----a-w- c:\documents and settings\Jenny Brown\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-11-01 05:26 . 2009-11-01 05:26 -------- d-----w- c:\documents and settings\Jenny Brown\Local Settings\Application Data\LogiShrd
2009-11-01 05:25 . 2009-11-01 05:25 -------- d-----w- c:\documents and settings\Jenny Brown\Application Data\Leadertech
2009-11-01 05:22 . 2009-11-01 05:22 -------- d-----w- c:\documents and settings\All Users\Application Data\LogiShrd
2009-11-01 05:21 . 2009-11-01 05:21 -------- d-----w- c:\program files\Logitech
2009-11-01 05:16 . 2008-04-13 18:45 60032 ----a-w- c:\windows\system32\drivers\USBAUDIO.sys
2009-10-06 07:10 . 2009-10-06 07:10 -------- d-----w- c:\documents and settings\Jenny Brown\Tracing
2009-10-06 07:09 . 2009-10-06 07:09 -------- d-----w- c:\program files\Microsoft
2009-10-06 07:08 . 2009-10-06 07:08 -------- d-----w- c:\program files\Windows Live SkyDrive
2009-10-06 07:08 . 2009-10-06 07:08 -------- d-----w- c:\program files\Windows Live
2009-10-06 07:05 . 2009-10-06 07:05 -------- d-----w- c:\program files\Common Files\Windows Live
2009-10-04 04:48 . 2009-10-04 04:48 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2009-10-04 04:48 . 2009-10-04 04:48 -------- d-----w- c:\documents and settings\Jenny Brown\Application Data\skypePM
2009-10-04 04:46 . 2009-10-04 04:46 -------- d-----w- c:\documents and settings\Jenny Brown\Application Data\Skype
2009-10-04 04:20 . 2009-10-04 04:20 -------- d-----w- c:\program files\Common Files\Skype
2009-10-04 04:20 . 2009-10-04 04:20 -------- d-----r- c:\program files\Skype
2009-10-04 04:19 . 2009-10-04 04:19 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype
2009-10-04 04:04 . 2008-04-13 18:39 5504 ----a-w- c:\windows\system32\drivers\MSTEE.sys
2009-10-04 04:04 . 2008-04-13 18:46 10880 ----a-w- c:\windows\system32\drivers\NdisIP.sys
2009-10-04 04:04 . 2004-08-03 18:30 15360 ----a-w- c:\windows\system32\drivers\StreamIP.sys
2009-10-04 04:04 . 2004-08-03 18:30 11136 ----a-w- c:\windows\system32\drivers\SLIP.sys
2009-10-04 04:04 . 2008-04-13 18:46 19200 ----a-w- c:\windows\system32\drivers\WSTCODEC.SYS
2009-10-04 04:04 . 2008-04-13 18:46 85248 ----a-w- c:\windows\system32\drivers\NABTSFEC.sys
2009-10-04 04:04 . 2008-04-13 18:46 17024 ----a-w- c:\windows\system32\drivers\CCDECODE.sys
2009-10-04 04:04 . 2008-04-14 00:12 53760 ----a-w- c:\windows\system32\vfwwdm32.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2009-11-02 06:54 . 2009-07-29 22:16 12 ----a-w- c:\windows\bthservsdp.dat
2009-11-01 08:34 . 2009-11-01 05:25 0 ----a-w- c:\windows\system32\drivers\lvuvc.hs
2009-11-01 08:32 . 2009-11-01 05:23 0 ----a-w- c:\windows\system32\drivers\logiflt.iad
2009-09-30 23:59 . 2009-10-02 21:53 195440 ------w- c:\windows\system32\MpSigStub.exe
2009-09-27 21:50 . 2009-09-27 21:50 -------- d-----w- c:\documents and settings\Jenny Brown\Application Data\HpUpdate
2009-09-13 00:11 . 2008-10-26 04:07 11952 ----a-w- c:\windows\system32\avgrsstx.dll
2009-09-13 00:11 . 2008-10-26 04:07 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2009-09-13 00:11 . 2008-10-26 04:07 335240 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-09-11 14:18 . 2004-08-03 19:30 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-04 21:03 . 2004-08-03 18:30 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-08-29 08:08 . 2004-08-03 18:30 916480 ------w- c:\windows\system32\wininet.dll
2009-08-26 08:00 . 2004-08-03 18:30 247326 ----a-w- c:\windows\system32\strmdll.dll
2009-08-06 08:54 . 2004-08-03 18:30 327896 ----a-w- c:\windows\system32\wucltui.dll
2009-08-06 08:54 . 2004-08-03 18:30 209632 ----a-w- c:\windows\system32\wuweb.dll
2009-08-06 08:54 . 2007-04-15 23:36 44768 ----a-w- c:\windows\system32\wups2.dll
2009-08-06 08:54 . 2004-08-03 18:30 35552 ----a-w- c:\windows\system32\wups.dll
2009-08-06 08:54 . 2004-08-03 18:30 53472 ------w- c:\windows\system32\wuauclt.exe
2009-08-06 08:54 . 2004-08-03 18:30 96480 ----a-w- c:\windows\system32\cdm.dll
2009-08-06 08:53 . 2004-08-03 18:30 575704 ----a-w- c:\windows\system32\wuapi.dll
2009-08-06 08:53 . 2007-12-12 23:13 274288 ----a-w- c:\windows\system32\mucltui.dll
2009-08-06 08:53 . 2007-07-30 08:48 215920 ----a-w- c:\windows\system32\muweb.dll
2009-08-06 08:53 . 2004-08-03 18:30 1929952 ----a-w- c:\windows\system32\wuaueng.dll
2009-08-05 08:01 . 2004-08-03 18:30 204800 ----a-w- c:\windows\system32\mswebdvd.dll
2009-08-04 15:13 . 2005-09-28 05:32 2145280 ------w- c:\windows\system32\ntoskrnl.exe
2009-08-04 14:20 . 2005-09-28 05:05 2023936 ------w- c:\windows\system32\ntkrnlpa.exe
2004-08-03 18:30 . 2004-08-03 18:30 94784 --sh--w- c:\windows\twain.dll
2006-02-16 12:03 . 2006-02-16 12:03 1216 --sh--w- c:\windows\Twunk_16.dll
2006-02-16 12:03 . 2006-02-16 12:03 1216 --sh--w- c:\windows\Twunk_32.dll
2008-04-14 00:12 . 2004-08-03 18:30 50688 --sh--w- c:\windows\twain_32.dll
2008-04-14 00:12 . 2004-08-03 18:30 84992 --sha-w- c:\windows\system32\olepro32.dll
2008-04-14 00:12 . 2004-08-03 18:30 11776 --sh--w- c:\windows\system32\regsvr32.exe
2008-04-14 00:12 . 2004-08-03 19:30 551936 --sh--w- c:\windows\system32\oleaut32.dll
2008-04-14 00:12 . 2004-08-03 18:30 413696 --sha-w- c:\windows\system32\msvcp60.dll
2008-04-14 00:12 . 2004-08-03 18:30 57344 --sh--w- c:\windows\system32\msvcirt.dll
2008-04-14 00:11 . 2004-08-03 18:30 1028096 --sha-w- c:\windows\system32\mfc42.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"AdobeUpdater"="c:\program files\Common Files\Adobe\Updater5\AdobeUpdater.exe" [2007-03-01 2321600]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe" [2009-03-27 39408]
"Logitech Vid"="c:\program files\Logitech\Logitech Vid\vid.exe" [2009-04-30 5472016]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"LaunchApp"="Alaunch" [X]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2005-07-20 729177]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.E XE" [2004-08-03 208952]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScI nst.exe" [2004-08-03 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT \TINTSETP.EXE" [2004-08-03 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TIN TSETP.EXE" [2004-08-03 455168]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 32768]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-11-28 98304]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-11-28 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-11-28 118784]
"eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2005-10-18 69632]
"ePower_DMC"="c:\acer\Empowering Technology\ePower\ePower_DMC.exe" [2006-01-17 344064]
"Acer ePower Management"="c:\acer\Empowering Technology\ePower\Acer ePower Management.exe" [2006-01-16 3080192]
"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2006-01-09 589824]
"eRecoveryService"="c:\acer\Empowering Technology\eRecovery\Monitor.exe" [2006-01-24 397312]
"ADMTray.exe"="c:\acer\Empowering Technology\admtray.exe" [2005-10-24 2462208]
"AzMixerSel"="c:\program files\Realtek\InstallShield\AzMixerSel.exe" [2005-12-20 53248]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2006-11-03 866584]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" [2007-03-09 63712]
"dvd43"="c:\program files\dvd43\dvd43_tray.exe" [2006-05-22 694272]
"CXMon"="c:\program files\Hewlett-Packard\PhotoSmart\Photo Imaging\Hpi_Monitor.exe" [2001-08-27 45056]
"Share-to-Web Namespace Daemon"="c:\program files\Hewlett-Packard\PhotoSmart\HP Share-to-Web\hpgs2wnd.exe" [2001-07-02 57344]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-10-21 2025752]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-12-25 413696]
"LogitechQuickCamRibbon"="c:\program files\Logitech\Logitech WebCam Software\LWS.exe" [2009-05-08 2780432]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]
"BluetoothAuthenticationAgent"="bthprops.cpl" - c:\windows\system32\bthprops.cpl [2008-04-14 110592]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2005-12-18 15797248]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1 \DW\dwtrig20.exe" [2007-02-25 437160]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2005-12-2 618557]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [1999-2-17 65588]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2006-2-19 288472]
HP Photosmart Premier Fast Start.lnk - c:\program files\HP\Digital Imaging\bin\hpqthb08.exe [2006-2-10 73728]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-09-13 00:11 11952 ----a-w- c:\windows\system32\avgrsstx.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\WinDefend]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"c:\\Program Files\\Messenger\\MSMSGS.EXE"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Logitech\\Logitech Vid\\Vid.exe"=
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [26/10/2008 2:37 PM 335240]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [26/10/2008 2:37 PM 297752]
R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [3/11/2006 6:19 PM 13592]
S2 gupdate1c9c603ec7f055e;Google Update Service (gupdate1c9c603ec7f055e);c:\program files\Google\Update\GoogleUpdate.exe [26/04/2009 9:44 AM 133104]
--- Other Services/Drivers In Memory ---
*NewlyCreated* - INT15.SYS
*Deregistered* - mbr
.
Contents of the 'Scheduled Tasks' folder
2009-11-02 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 07:50]
2009-06-12 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 02:04]
2009-11-02 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-23 23:10]
2009-11-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-04-25 23:14]
2009-11-02 c:\windows\Tasks\User_Feed_Synchronization-{5CCC53F5-C8B7-405F-A7E4-894494349A84}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 18:01]
2009-11-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-04-25 23:14]
.
.
------- Supplementary Scan -------
.
IE: &Sample Toolband Serach - c:\windows\system32\ToolBand.dll/MENUSEARCH.HTM
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
DPF: {3107C2A8-9F0B-4404-A58B-21BD85268FBC} - hxxp://www.pogo.com/cdl/launcher/PogoWebLauncherInstaller.CAB
DPF: {6D2EF4B4-CB62-4C0B-85F3-B79C236D702C} - hxxp://www.facebook.com/controls/contactx.dll
DPF: {775879E2-7309-4619-BB02-AADE41F4B690} - hxxp://gamecenter.oberon-media.com/gameshell/games/channel--110005373/lc--en/room--462eec9e-a9e5-4e06-9348-ec50507a57f7/online/dream_chronicles/en/dreamweb.1.0.0.9.cab
DPF: {8FA2192F-B95D-40E3-898F-8D7ABB8E00D0} - hxxp://arcade.ninemsn.com.au/online2/MSN_INTL_AUSTRALIA/mystery_solitaire/SpinTopGamesLauncher.cab
.
************************************************** ************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2009-11-02 17:31
Windows 5.1.2600 Service Pack 3 FAT NTAPI
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
************************************************** ************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_USERS\S-1-5-21-4246408867-2773501912-3843895074-1006\Software\Microsoft\SystemCertificates\Address Book*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'explorer.exe'(2248)
c:\windows\system32\WININET.dll
c:\windows\system32\MSNChatHook.dll
c:\windows\system32\sysenv.dll
c:\windows\system32\MSVCR71.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\IEFRAME.dll
c:\windows\system32\mshtml.dll
c:\windows\system32\msls31.dll
c:\acer\Empowering Technology\ePower\SysHook.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\btncopy.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a 1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Intel\Wireless\Bin\EvtEng.exe
c:\program files\Intel\Wireless\Bin\S24EvMon.exe
c:\program files\Google\Update\1.2.183.13\GoogleCrashHandler. exe
c:\acer\Empowering Technology\admServ.exe
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\progra~1\AVG\AVG8\avgrsx.exe
c:\windows\system32\HPZipm12.exe
c:\program files\Intel\Wireless\Bin\RegSrvc.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\igfxsrvc.exe
c:\windows\system32\rundll32.exe
c:\progra~1\HEWLET~1\PHOTOS~1\HPSHAR~1\hpgs2wnf.ex e
c:\windows\system32\igfxext.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\Common Files\Logishrd\LQCVFX\COCIManager.exe
c:\program files\HP\Digital Imaging\bin\hpqimzone.exe
c:\program files\HP\Digital Imaging\bin\hpqnrs08.exe
c:\docume~1\JENNYB~1\LOCALS~1\Temp\RtkBtMnt.exe
c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe
c:\windows\system32\HPZinw12.exe
.
************************************************** ************************
.
Completion time: 2009-11-02 17:31 - machine was rebooted
ComboFix-quarantined-files.txt 2009-11-02 07:00
ComboFix2.txt 2009-11-01 21:50
Pre-Run: 2,641,985,536 bytes free
Post-Run: 2,702,409,728 bytes free
- - End Of File - - AB431E1C5A65CAEAFAEADA55398F5B1B

You are doing great.

Now please go HERE to run Panda ActiveScan 2.0

• Click the big green Scan now button
• If it wants to install an ActiveX component allow it
• It will start downloading the files it requires for the scan (Note: It may take a couple of minutes)
• Once the scan is completed, please hit the notepad icon next to the text Export to:
• Save it to a convenient location such as your Desktop
• Post the contents of the ActiveScan.txt in your next reply

.

hi...after i scan with panda do i disinfected or just send report?...thanks

Copy and paste the report here.

hi...results of panda scan..thanks

;************************************************* ************************************************** ************************************************** ******************************
ANALYSIS: 2009-11-03 11:06:10
PROTECTIONS: 1
MALWARE: 33
SUSPECTS: 2
;************************************************* ************************************************** ************************************************** ******************************
PROTECTIONS
Description Version Active Updated
;================================================= ================================================== ================================================== ==============================
AVG Anti-Virus Free 8.5 No Yes
;================================================= ================================================== ================================================== ==============================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;================================================= ================================================== ================================================== ==============================
00003428 adware/memorywatcher Adware No 0 Yes No hkey_classes_root\vbrad.trayicon
00051983 adware/sbsoft Adware No 0 Yes No hkey_current_user\software\microsoft\windows\curre ntversion\ext\stats\{0e1230f8-ea50-42a9-983c-d22abc2eed3b}
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No c:\documents and settings\xxxxxxx\cookies\xxxxxx@doubleclick[1].txt
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No c:\documents and settings\xxxxxxx\cookies\xxxxxx@atdmt[1].txt
00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No c:\documents and settings\xxxxxxx\cookies\xxxxxx@tribalfusion[1].txt
00145807 Cookie/Linksynergy TrackingCookie No 0 Yes No c:\documents and settings\xxxxxxx\cookies\xxxxxx@linksynergy[2].txt
00148914 Cookie/Tucows TrackingCookie No 0 Yes No c:\documents and settings\xxxxx\cookies\xxxxx@tucows[1].txt
00167642 Cookie/Com.com TrackingCookie No 0 Yes No c:\documents and settings\xxxxx\cookies\xxxxxxx@com[1].txt
00167704 Cookie/Xiti TrackingCookie No 0 Yes No c:\documents and settings\xxxxx\cookies\xxxxxxx@xiti[1].txt
00167730 Cookie/Hitbox TrackingCookie No 0 Yes No c:\documents and settings\xxxxx\cookies\xxxxxx@ehg.hitbox[2].txt
00167747 Cookie/Azjmp TrackingCookie No 0 Yes No c:\documents and settings\xxxxx\cookies\xxxxxx@azjmp[2].txt
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No c:\documents and settings\xxxxxx\cookies\xxxxxx@statcounter[2].txt
00167760 Cookie/Hitslink TrackingCookie No 0 Yes No c:\documents and settings\xxxxxx\cookies\xxxxxxx@counter.hitslink[1].txt
00167784 Cookie/Com.com TrackingCookie No 0 Yes No c:\documents and settings\xxxxxx\cookies\xxxxxxx@ad.sensismediasmar t.com[1].txt
00167785 Cookie/Com.com TrackingCookie No 0 Yes No c:\documents and settings\xxxxxx\cookies\xxxxxx@gamearena.com[1].txt
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No c:\documents and settings\xxxxxx\cookies\xxxxxx@ad.yieldmanager[2].txt
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No c:\documents and settings\xxxxxx\cookies\xxxxxxx@apmebf[1].txt
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No c:\documents and settings\xxxxxx\cookies\xxxxxx@apmebf[2].txt
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No c:\documents and settings\xxxxxx\cookies\xxxxx@apmebf[3].txt
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No c:\documents and settings\xxxxxx\cookies\xxxxxx@serving-sys[1].txt
00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No c:\documents and settings\xxxxxx\cookies\xxxxxxx@bs.serving-sys[1].txt
00168097 Cookie/BurstBeacon TrackingCookie No 0 Yes No c:\documents and settings\xxxxxx\cookies\xxxxxxx@www.burstbeacon[2].txt
00168110 Cookie/Server.iad.Liveperson TrackingCookie No 0 Yes No c:\documents and settings\xxxxxxx\cookies\xxxxx@server.iad.livepers on[2].txt
00168110 Cookie/Server.iad.Liveperson TrackingCookie No 0 Yes No c:\documents and settings\xxxxxxx\cookies\xxxxxx@server.iad.liveper son[1].txt
00168110 Cookie/Server.iad.Liveperson TrackingCookie No 0 Yes No c:\documents and settings\xxxxx\cookies\xxxxxxx@server.iad.livepers on[3].txt
00168114 Cookie/onestat.com TrackingCookie No 0 Yes No c:\documents and settings\xxxxx\cookies\xxxxxxxx@stat.onestat[2].txt
00170304 Cookie/WebtrendsLive TrackingCookie No 0 Yes No c:\documents and settings\xxxxxx\cookies\xxxxxxx@statse.webtrendsli ve[1].txt
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No c:\documents and settings\xxxxxx\cookies\xxxxxx@ads.pointroll[3].txt
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No c:\documents and settings\xxxxx\cookies\xxxxxx@ads.pointroll[1].txt
00170554 Cookie/Overture TrackingCookie No 0 Yes No c:\documents and settings\xxxxxx\cookies\xxxxxxx@overture[1].txt
00194327 Cookie/Go TrackingCookie No 0 Yes No c:\documents and settings\xxxxxx\cookies\xxxxxx@go[1].txt
00194327 Cookie/Go TrackingCookie No 0 Yes No c:\documents and settings\xxxxx\cookies\xxxxxxxx@go[2].txt
00207338 Cookie/Target TrackingCookie No 0 Yes No c:\documents and settings\xxxxxx\cookies\xxxxxxx@target[2].txt
00293517 Cookie/AdDynamix TrackingCookie No 0 Yes No c:\documents and settings\xxxxxx\cookies\xxxxxx@ads.addynamix[1].txt
00325830 Cookie/Bridgetrack TrackingCookie No 0 Yes No c:\documents and settings\xxxxx\cookies\xxxxxxxx@citi.bridgetrack[2].txt
02885963 Rootkit/Booto.C Virus/Worm No 0 Yes No c:\system volume information\_restore{9d7fe093-30e8-4750-b1b9-291eb5be2043}\rp658\a0060296.sys
02885963 Rootkit/Booto.C Virus/Worm No 0 Yes No c:\system volume information\_restore{9d7fe093-30e8-4750-b1b9-291eb5be2043}\rp658\a0060092.sys
03898843 Generic Malware Virus/Trojan No 0 Yes No c:\program files\gamehouse games collection\collapse! crunch\collapse3.exe
03899095 Generic Malware Virus/Trojan No 0 Yes No c:\program files\gamehouse games collection\atlantis\atlantis.exe
03919028 Generic Malware Virus/Trojan No 0 Yes No c:\program files\gamehouse games collection\hamsterball\hamsterball.exe
;================================================= ================================================== ================================================== ==============================
SUSPECTS
Sent Location
;================================================= ================================================== ================================================== ==============================
No c:\program files\gamehouse games collection\invadazoid\invadazoid.exe
No c:\program files\gamehouse games collection\magic ball 2\magicball2.exe
;================================================= ================================================== ================================================== ==============================
VULNERABILITIES
Id Severity Description
;================================================= ================================================== ================================================== ==============================
;================================================= ================================================== ================================================== ==============================

Copy the text in code box below to notepad. Save it as fixreg.reg to your desktop.
Be sure the "Save as" type is set to "all files"
Once you have saved it double click it and allow it to merge with the registry.



Reboot your computer. Then let me know how your PC is running at this point in time.