Help, please!

**villecityman**

evilfantasy, Heres the log from combofix

ComboFix 10-01-26.02 - Owner 01/27/2010 0:07.1.1 - x86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.894.567 [GMT -5:00]
Running from: c:\documents and settings\Owner.YOUR-43D28F92A6\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
AV: McAfee VirusScan *On-access scanning disabled* (Outdated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Personal Firewall Plus *enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\Cheat Engine\dbk32.sys
c:\program files\INSTALL.LOG
c:\recycler\S-1-5-21-415216073-2516413160-1011471543-500
c:\windows\Fonts\MyriadPro-Regular.otf
c:\windows\kb913800.exe

.
((((((((((((((((((((((((( Files Created from 2009-12-27 to 2010-01-27 )))))))))))))))))))))))))))))))
.

2010-01-22 04:31 . 2010-01-22 04:31 664 ----a-w- c:\windows\system32\d3d9caps.dat
2010-01-20 22:58 . 2010-01-20 22:58 -------- d-----w- c:\documents and settings\Owner.YOUR-43D28F92A6\Application Data\Malwarebytes
2010-01-20 22:58 . 2010-01-07 21:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-20 22:58 . 2010-01-20 22:58 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-01-20 22:58 . 2010-01-07 21:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-20 22:57 . 2010-01-20 22:58 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-01-19 05:34 . 2010-01-20 07:17 -------- d-----w- c:\program files\Simulanics MySpace Mobsters Bot 5.2
2010-01-19 02:45 . 2010-01-19 02:45 -------- d-----w- c:\documents and settings\Owner.YOUR-43D28F92A6\Application Data\AdobeUM
2010-01-18 05:44 . 2010-01-18 05:44 388096 ----a-r- c:\documents and settings\Owner.YOUR-43D28F92A6\Application Data\Microsoft\Installer\{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}\HiJackThis.exe
2010-01-18 05:44 . 2010-01-18 05:44 -------- d-----w- c:\program files\TrendMicro
2010-01-16 18:13 . 2009-01-26 04:36 679936 ----a-w- c:\windows\system32\D3DX81ab.dll
2010-01-16 18:13 . 2009-01-26 04:36 1970176 ----a-w- c:\windows\system32\d3dx9.dll
2010-01-16 18:13 . 2010-01-27 05:14 -------- d-----w- c:\program files\Cheat Engine
2010-01-15 04:57 . 2010-01-15 04:57 -------- d-----w- c:\documents and settings\Owner.YOUR-43D28F92A6\Local Settings\Application Data\ESET
2010-01-15 04:07 . 2010-01-15 04:07 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\ESET
2010-01-15 00:30 . 2010-01-15 00:34 -------- d-----w- c:\program files\ESET
2010-01-15 00:30 . 2010-01-15 00:30 -------- d-----w- c:\documents and settings\All Users\Application Data\ESET
2010-01-14 01:48 . 2010-01-14 01:48 -------- d-----w- c:\documents and settings\Owner.YOUR-43D28F92A6\Application Data\AnvSoft
2010-01-14 01:47 . 2010-01-14 01:47 -------- d-----w- c:\program files\AnvSoft
2010-01-14 01:29 . 2010-01-14 01:29 -------- d-----w- c:\documents and settings\Owner.YOUR-43D28F92A6\Application Data\Xilisoft Corporation
2010-01-14 01:28 . 2010-01-14 01:28 -------- d-----w- c:\program files\Xilisoft
2010-01-13 12:46 . 2010-01-19 22:34 -------- d-----w- c:\documents and settings\Owner.YOUR-43D28F92A6\Application Data\AOL
2010-01-13 05:12 . 2010-01-15 05:23 -------- d-sh--r- c:\documents and settings\Owner.YOUR-43D28F92A6\Application Data\SPY_NET_RAT
2010-01-12 19:50 . 2009-11-21 16:36 470528 -c----w- c:\windows\system32\dllcache\aclayers.dll
2010-01-12 19:31 . 2010-01-12 19:31 -------- d-----w- c:\program files\MagicISO
2010-01-12 18:28 . 2010-01-12 18:28 -------- d-----w- C:\dir
2010-01-10 19:37 . 2010-01-10 19:37 -------- d-----w- c:\documents and settings\Owner.YOUR-43D28F92A6\Local Settings\Application Data\Ahead
2010-01-08 01:18 . 2010-01-08 01:18 -------- d-----w- c:\documents and settings\Owner.YOUR-43D28F92A6\Local Settings\Application Data\3DVIA
2010-01-08 01:18 . 2007-07-19 23:14 3727720 ----a-w- c:\windows\system32\d3dx9_35.dll
2010-01-08 01:18 . 2006-09-28 21:05 2414360 ----a-w- c:\windows\system32\d3dx9_31.dll
2010-01-08 01:18 . 2010-01-08 01:18 -------- d-----w- c:\windows\Logs
2010-01-08 01:18 . 2010-01-08 01:18 -------- d-----w- c:\program files\Virtools
2010-01-07 23:57 . 2010-01-08 00:22 -------- d-----w- c:\windows\system32\Adobe
2009-12-29 20:14 . 2009-12-29 20:14 -------- d-----w- c:\program files\DIFX
2009-12-29 20:14 . 2009-12-29 20:14 -------- dc----w- c:\windows\system32\DRVSTORE
2009-12-29 20:14 . 2009-11-10 14:27 18560 ----a-w- c:\windows\system32\drivers\FlyUsb.sys
2009-12-29 20:13 . 2009-12-29 20:13 -------- d-----w- c:\windows\D9DE9E0371CA423BB10157F13A751003.TMP
2009-12-29 20:12 . 2009-12-29 20:13 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-12-29 20:11 . 2009-12-29 20:11 6969680 ----a-w- c:\documents and settings\All Users\Application Data\Leapfrog\LeapFrog Connect\Updates\TagJuniorPlugin.exe
2009-12-29 20:11 . 2009-12-29 20:11 28696928 ----a-w- c:\documents and settings\All Users\Application Data\Leapfrog\LeapFrog Connect\Updates\UPCInstaller.exe
2009-12-29 20:11 . 2009-12-29 20:11 -------- d-----w- c:\documents and settings\All Users\Application Data\Leapfrog
2009-12-29 20:11 . 2009-12-29 20:13 -------- d-----w- c:\program files\LeapFrog
2009-12-29 02:31 . 2004-08-10 19:00 25600 ----a-w- c:\documents and settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll
2009-12-28 06:00 . 2009-12-28 06:00 -------- d-----w- c:\documents and settings\Owner.YOUR-43D28F92A6\Local Settings\Application Data\Identities

**villecityman**

heres the second part of that log......

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-27 05:10 . 2009-12-19 06:18 -------- d-----w- c:\documents and settings\Owner.YOUR-43D28F92A6\Application Data\uTorrent
2010-01-27 03:06 . 2009-12-18 12:45 -------- d-----w- c:\program files\Flock
2010-01-19 22:34 . 2009-09-22 06:20 -------- d-----w- c:\program files\Common Files\AOL
2010-01-19 22:33 . 2009-09-22 06:20 -------- d-----w- c:\documents and settings\All Users\Application Data\AOL
2010-01-15 20:56 . 2009-12-19 14:18 35096 ---ha-w- c:\windows\system32\mlfcache.dat
2010-01-15 01:39 . 2005-01-10 01:26 46464 ----a-w- c:\documents and settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-01-14 23:56 . 2009-09-23 13:34 -------- d-----w- c:\program files\Common Files\Ahead
2010-01-14 23:00 . 2009-09-22 06:20 -------- d-----w- c:\program files\America Online 9.0
2010-01-02 19:59 . 2009-12-26 04:17 -------- d-----w- c:\program files\FriendBlasterPro
2009-12-22 08:05 . 2009-12-22 08:05 -------- d-----w- c:\program files\MSBuild
2009-12-22 08:05 . 2009-12-22 08:05 -------- d-----w- c:\program files\Reference Assemblies
2009-12-22 08:01 . 2009-12-22 08:01 -------- d-----w- c:\program files\MSXML 6.0
2009-12-22 05:42 . 2006-11-04 03:18 662016 ----a-w- c:\windows\system32\wininet.dll
2009-12-22 05:42 . 2006-11-04 03:16 81920 ----a-w- c:\windows\system32\ieencode.dll
2009-12-20 14:35 . 2009-12-20 14:35 -------- d-----w- c:\program files\MSXML 4.0
2009-12-19 12:04 . 2009-09-24 03:21 -------- d-----w- c:\documents and settings\Owner.YOUR-43D28F92A6\Application Data\Motive
2009-12-19 06:19 . 2009-12-19 06:19 -------- d-----w- c:\program files\Ask.com
2009-12-19 06:18 . 2009-12-19 06:18 -------- d-----w- c:\program files\uTorrent
2009-12-18 19:23 . 2009-09-22 06:26 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee.com Personal Firewall
2009-12-18 14:23 . 2009-12-18 14:21 -------- d-----w- c:\documents and settings\Owner.YOUR-43D28F92A6\Application Data\Yahoo!
2009-12-18 14:21 . 2009-12-18 14:21 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo! Companion
2009-12-18 14:21 . 2009-12-18 14:21 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo!
2009-12-18 14:21 . 2009-12-18 14:17 -------- d-----w- c:\program files\Yahoo!
2009-12-18 12:46 . 2009-12-18 12:46 -------- d-----w- c:\documents and settings\Owner.YOUR-43D28F92A6\Application Data\Flock
2009-12-17 05:47 . 2009-12-17 05:47 -------- d-----w- c:\documents and settings\Owner.YOUR-43D28F92A6\Application Data\Apple Computer
2009-12-17 05:46 . 2009-12-17 05:46 -------- d-----w- c:\program files\Safari
2009-12-17 05:46 . 2009-12-17 05:46 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer
2009-12-17 05:46 . 2009-12-17 05:46 -------- d-----w- c:\program files\Apple Software Update
2009-12-17 05:46 . 2009-12-17 05:46 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple
2009-12-17 05:37 . 2009-09-22 08:02 -------- d-----w- c:\program files\Evrsoft First Page 2006
2009-12-17 04:52 . 2009-12-17 04:52 -------- d-----w- c:\program files\BellSouthWCC
2009-12-17 04:52 . 2009-09-24 03:20 -------- d-----w- c:\program files\Common Files\Motive
2009-12-16 14:46 . 2009-12-16 14:45 -------- d-----w- c:\documents and settings\LocalService\Application Data\McAfee.com Personal Firewall
2009-12-16 14:45 . 2009-12-16 14:45 -------- d-----w- c:\documents and settings\Owner.YOUR-43D28F92A6\Application Data\McAfee.com Personal Firewall
2009-12-16 14:45 . 2009-09-24 03:20 -------- d-----w- c:\program files\ATT-HSI
2009-12-16 14:45 . 2009-12-16 14:45 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-12-16 14:44 . 2009-12-16 14:44 -------- d-----w- c:\documents and settings\Owner.YOUR-43D28F92A6\Application Data\DAEMON Tools
2009-12-16 14:44 . 2009-12-16 14:44 -------- d-----w- c:\documents and settings\All Users\Application Data\FLEXnet
2009-12-16 14:30 . 2009-09-22 08:07 -------- d-----w- c:\program files\Adobe Media Player
2009-12-16 14:30 . 2009-09-22 08:29 -------- d-----w- c:\program files\Westward III Gold Rush
2009-11-21 16:36 . 2006-11-04 03:15 470528 ----a-w- c:\windows\AppPatch\aclayers.dll
2009-11-10 19:39 . 2009-12-18 14:21 607472 ----a-w- c:\documents and settings\All Users\Application Data\Yahoo!\YUpdater\yupdater.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2009-09-02 19:56 1175944 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2009-09-02 1175944]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2009-09-02 1175944]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-10-13 1694208]
"Messenger (Yahoo!)"="c:\progra~1\Yahoo!\Messenger\YahooMessenger.exe" [2009-11-10 5244216]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2009-12-19 289584]
"AOL Fast Start"="c:\program files\America Online 9.0\AOL.EXE" [2005-06-23 50776]

**villecityman**

Heres the last part. Sorry, it needed three posts to get it all on here.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-06 64512]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2009-09-22 169984]
"readericon"="c:\program files\Digital Media Reader\readericon45G.exe" [2005-12-10 139264]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2005-09-18 7204864]
"nwiz"="nwiz.exe" [2005-09-18 1519616]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2005-09-18 86016]
"CHotkey"="zHotkey.exe" [2004-12-09 550912]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2005-01-08 61952]
"HostManager"="c:\program files\Common Files\AOL\1253600439\EE\AOLHostManager.exe" [2004-11-03 125528]
"Reminder"="c:\windows\Creator\Remind_XP.exe" [2005-02-26 966656]
"Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2002-09-14 212992]
"VSOCheckTask"="c:\progra~1\McAfee.com\VSO\mcmnhdlr.exe" [2005-07-09 151552]
"OASClnt"="c:\program files\McAfee.com\VSO\oasclnt.exe" [2005-08-12 53248]
"MCAgentExe"="c:\progra~1\mcafee.com\agent\mcagent.exe" [2005-07-02 303104]
"MCUpdateExe"="c:\progra~1\mcafee.com\agent\mcupdate.exe" [2005-08-26 212992]
"MSKAGENTEXE"="c:\progra~1\McAfee\SPAMKI~1\MskAgent.exe" [2005-09-26 110592]
"MSKDetectorExe"="c:\progra~1\McAfee\SPAMKI~1\MSKDetct.exe" [2005-08-12 1121792]
"RTHDCPL"="RTHDCPL.EXE" [2005-09-14 14820864]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"VirusScan Online"="c:\progra~1\mcafee.com\vso\mcvsshld.exe" [2005-08-10 163840]
"MPFExe"="c:\progra~1\McAfee.com\PERSON~1\MpfTray.exe" [2005-09-28 999424]
"MerlinReportAgent"="c:\program files\ATT-HSI\McciBrowser.exe" [2008-09-23 1040384]
"BellSouthWCC_McciTrayApp"="c:\program files\BellSouthWCC\McciTrayApp.exe" [2006-03-10 543232]
"Monitor"="c:\program files\LeapFrog\LeapFrog Connect\Monitor.exe" [2009-11-10 443728]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-02-06 2021400]
"AOLDialer"="c:\program files\Common Files\AOL\ACS\AOLDial.exe" [2004-10-20 34904]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Power2GoExpress"="NA" [X]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
BigFix.lnk - c:\program files\BigFix\bigfix.exe [2009-9-22 2168360]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"=
"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"=
"c:\\Program Files\\America Online 9.0\\waol.exe"=
"c:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltsmon.exe"=
"c:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltpspd.exe"=
"c:\\Program Files\\Common Files\\AOL\\1253600439\\EE\\AOLServiceHost.exe"=
"c:\\Program Files\\Common Files\\AOL\\System Information\\sinf.exe"=
"c:\\Program Files\\Common Files\\AolCoach\\en_en\\player\\AOLNySEV.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"c:\\Program Files\\ATT-HSI\\McciBrowser.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5353:TCP"= 5353:TCP:Adobe CSI CS4

R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2/6/2009 2:23 PM 106208]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [2/6/2009 2:24 PM 93336]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2/6/2009 2:23 PM 727720]
S3 FlyUsb;FLY Fusion;c:\windows\system32\drivers\FlyUsb.sys [12/29/2009 3:14 PM 18560]
S3 GoogleDesktopManager-110309-193829;Google Desktop Manager 5.9.911.3589;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [9/22/2009 1:07 AM 169984]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [1/20/2010 5:58 PM 38224]
.
Contents of the 'Scheduled Tasks' folder

2010-01-26 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 17:34]

2010-01-27 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\program files\Ask.com\UpdateTask.exe [2009-09-02 19:56]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.gateway.com/g/startpage.html?Ch=Retail&Br=GTW&Loc=ENG_US&Sys=DTP&M=GT4022
mStart Page = hxxp://www.gateway.com/g/startpage.html?Ch=Retail&Br=GTW&Loc=ENG_US&Sys=DTP&M=GT4022
uInternet Settings,ProxyServer = http=127.0.0.1:8081
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Owner.YOUR-43D28F92A6\Application Data\Mozilla\Firefox\Profiles\dvank986.default\
FF - plugin: c:\program files\Java\jre1.5.0_02\bin\NPJava11.dll
FF - plugin: c:\program files\Java\jre1.5.0_02\bin\NPJava12.dll
FF - plugin: c:\program files\Java\jre1.5.0_02\bin\NPJava13.dll
FF - plugin: c:\program files\Java\jre1.5.0_02\bin\NPJava14.dll
FF - plugin: c:\program files\Java\jre1.5.0_02\bin\NPJava32.dll
FF - plugin: c:\program files\Java\jre1.5.0_02\bin\NPJPI150_02.dll
FF - plugin: c:\program files\Java\jre1.5.0_02\bin\NPOJI610.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
FF - plugin: c:\program files\Virtools\3D Life Player\npvirtools.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true.
- - - - ORPHANS REMOVED - - - -

HKCU-Run-AdobeBridge - (no file)
HKCU-Run-BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe
HKCU-Run-SPY_NET_RAT - c:\documents and settings\Owner.YOUR-43D28F92A6\Application Data\SPY_NET_RAT\SPY_NET_RAT.exe

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-27 00:14
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2010-01-27 00:16:16
ComboFix-quarantined-files.txt 2010-01-27 05:16

Pre-Run: 5,528,125,440 bytes free
Post-Run: 8,954,068,992 bytes free

- - End Of File - - 4F98E1350CEE106ED7C98C29BC52F12E

**evilfantasy**

AV: ESET NOD32 Antivirus 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
AV: McAfee VirusScan *On-access scanning disabled* (Outdated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Personal Firewall Plus *enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}

You should only ever have one antivirus and one firewall installed. Running two will actually make your computer more vulnerable.

Please pick one and uninstall the other.

Download Disable/Remove Windows Messenger to the desktop to remove Windows Messenger.

Do not confuse Windows Messenger with MSN Messenger or Windows Live Messenger because they are not the same. Windows Messenger is a frequent cause of popups.

Unzip the file on the desktop. Open the MessengerDisable.exe and choose the bottom box - Uninstall Windows Messenger and click Apply.

Exit out of MessengerDisable then delete the two files that were put on the desktop.

----------

Please go to Start > Run and copy/paste the following blue text, then press Enter:

C:\QooBox\Add-Remove Programs.txt

A text file should open. Please post the contents of that file in your next reply.

**villecityman**

µTorrent
3DVIA player 5.0
Adobe AIR
Adobe Anchor Service CS4
Adobe Bridge CS4
Adobe CMaps CS4
Adobe Color - Photoshop Specific CS4
Adobe Color EU Extra Settings CS4
Adobe Color JA Extra Settings CS4
Adobe Color NA Recommended Settings CS4
Adobe Color Video Profiles CS CS4
Adobe CSI CS4
Adobe Default Language CS4
Adobe Device Central CS4
Adobe Drive CS4
Adobe ExtendScript Toolkit CS4
Adobe Extension Manager CS4
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Fonts All
Adobe Linguistics CS4
Adobe Media Player
Adobe Output Module
Adobe PDF Library Files CS4
Adobe Photoshop CS4
Adobe Photoshop CS4 Support
Adobe Reader 7.0
Adobe Search for Help
Adobe Service Manager Extension
Adobe Setup
Adobe Shockwave Player 11.5
Adobe Type Support CS4
Adobe Update Manager CS4
Adobe WinSoft Linguistics Plugin
Adobe XMP Panels CS4
AdobeColorCommonSetCMYK
AdobeColorCommonSetRGB
Agere Systems PCI-SV92PP Soft Modem
America Online (Choose which version to remove)
Any Video Converter Professional 3.0.1
AOL Coach Version 2.0(Build:20041026.5 en)
AOL Connectivity Services
Apple Software Update
Ask Toolbar
AT&T Wireless Connection Tool
Athlon 64 Processor Driver
ATT High Speed Internet Service Report Agent
BigFix
Browser Address Error Redirector
Cheat Engine 5.5
Connect
Digital Media Reader
DVD Solution
ESET NOD32 Antivirus
Evrsoft First Page 2006
Flock (2.5)
FriendBlasterPro
Google Desktop
gtw_logo
High Definition Audio Driver Package - KB888111
HiJackThis
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Player 10 (KB903157)
Hotfix for Windows Media Player 10 (KB910393)
Hotfix for Windows XP (KB888795)
Hotfix for Windows XP (KB891593)
Hotfix for Windows XP (KB893357)
Hotfix for Windows XP (KB895953)
Hotfix for Windows XP (KB895961)
Hotfix for Windows XP (KB896256)
Hotfix for Windows XP (KB899337)
Hotfix for Windows XP (KB899510)
Hotfix for Windows XP (KB902841)
Hotfix for Windows XP (KB906569)
Hotfix for Windows XP (KB910728)
Hotfix for Windows XP (KB912024)
Hotfix for Windows XP (KB935448)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB976098-v2)
J2SE Runtime Environment 5.0 Update 2
kuler
LeapFrog Connect
LeapFrog Tag Junior Plugin
Magic ISO Maker v5.5 (build 0261)
Malwarebytes' Anti-Malware
McAfee Uninstall Wizard
Microsoft .NET Framework 1.0 Hotfix (KB953295)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB953297)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Digital Image Library 9 - Blocker
Microsoft Digital Image Starter Edition 2006
Microsoft Digital Image Starter Edition 2006 Editor
Microsoft Digital Image Starter Edition 2006 Library
Microsoft Visual C++ 2005 Redistributable
Mozilla Firefox (3.5.7)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6 Service Pack 2 (KB973686)
Multimedia Keyboard Driver
Napster
Napster Burn Engine
NodEnabler 3.2.4
NVIDIA Drivers
PDF Settings CS4
Photoshop Camera Raw
Power2Go 4.0
PowerDVD
Pure Networks Port Magic
QuickTime
RealPlayer Basic
Realtek High Definition Audio Driver
Recovery Software Suite Gateway
Safari
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896688)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899588)
Security Update for Windows XP (KB899589)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB903235)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB905915)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB929123)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB938127)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB943055)
Security Update for Windows XP (KB943460)
Security Update for Windows XP (KB944338-v2)
Security Update for Windows XP (KB944653)
Security Update for Windows XP (KB945553)
Security Update for Windows XP (KB946026)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950749)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958470)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371-v2)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971032)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB976325)
Simulanics MySpace Mobsters Bot 5.2
Sonic Encoders
Suite Shared Configuration CS4
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Media Player 10 (KB913800)
Update for Windows Media Player 10 (KB926251)
Update for Windows XP (KB894391)
Update for Windows XP (KB896727)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB908531)
Update for Windows XP (KB910437)
Update for Windows XP (KB911280)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB925720)
Update for Windows XP (KB927891)
Update for Windows XP (KB930916)
Update for Windows XP (KB938828)
Update for Windows XP (KB953356)
Update for Windows XP (KB955759)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update for Windows XP (KB978207)

**villecityman**

Update Rollup 2 for Windows XP Media Center Edition 2005
Use the entry named LeapFrog Connect to uninstall (LeapFrog Tag Junior Plugin)
Viewpoint Media Player
WebFldrs XP
Westward III Gold Rush
Windows Driver Package - LeapFrog (FlyUsb) USB (11/05/2008 1.1.1.0)
Windows Genuine Advantage Validation Tool
Windows Imaging Component
Windows Installer 3.1 (KB893803)
Windows Media Format Runtime
Windows XP Hotfix - KB834707
Windows XP Hotfix - KB867282
Windows XP Hotfix - KB873333
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888239
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890047
Windows XP Hotfix - KB890175
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB890923
Windows XP Hotfix - KB891781
Windows XP Hotfix - KB893066
Windows XP Hotfix - KB893086
Windows XP Media Center Edition 2005 KB912067
Windows XP Media Center Edition 2005 KB973768
WinRAR archiver
Xilisoft MP4 Converter
Yahoo! Messenger
Yahoo! Software Update
Yahoo! Toolbar

**evilfantasy**

Go to Add or Remove Programs and uninstall:

Ask Toolbar
J2SE Runtime Environment 5.0 Update 2
Viewpoint Media Player

----------

Your Java is out of date.

Older versions have vulnerabilities that malicious sites can use to infect your system.

First install the new Sun Java Runtime Environment

Note: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update.

Be sure to close all browser windows before beginning the install.

Remove the old version(s)

Download JavaRa
* Unzip the file and open the JavaRa.exe
* Click Remove Older Versions
* JavaRa will search for and remove any outdated version of Java and remove any that are found.
* Click Additional Tasks
* Place a check next to Remove Useless JRE Files and click Go
* Exit JavaRa
* Delete the JavaRa files from the desktop

Additional Note: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications. To disable the JQS service if you don't want to use it, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click OK and restart your computer.

----------

How is the computer running now?

.

**villecityman**

its running a lil faster now. however, all my files keep going back to read only. I can see the file is there and that its not empty, but if i load my media player or try to put files on my zip, it says that the folder is empty, no video files found. I assumed it was because all my folders keep going to read only.

**evilfantasy**

* Click START then RUN - Vista users press the Windows Key and the R keys for the Run box.
* Now type Combofix /Uninstall in the runbox
* Make sure there's a space between Combofix and /Uninstall
* Then hit Enter

* The above procedure will:
* Delete the following:
* ComboFix and its associated files and folders.
* Reset the clock settings.
* Hide file extensions, if required.
* Hide System/Hidden files, if required.
* Set a new, clean Restore Point.

----------

Clean out your temporary internet files and temp files.

Download [url=http://oldtimer.geekstogo.com/TFC.exe]TFC by OldTimer to your desktop.

Double-click TFC.exe to run it.

Note: If you are running on Vista, right-click on the file and choose Run As Administrator

TFC will close all programs when run, so make sure you have saved all your work before you begin.

* Click the Start button to begin the cleaning process.
* Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two.
* Please let TFC run uninterrupted until it is finished.

Once TFC is finished it should restart your computer. If it does not, please manually restart the computer yourself to ensure a complete cleaning.

----------

ESET Online Scan

Scan your computer with the ESET FREE Online Virus Scan

* Click the ESET Online Scanner button.

* For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
* Click on the esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop
* Double click on the esetsmartinstaller_enu.exe icon on your desktop.
* Place a check mark next to YES, I accept the Terms of Use.

* Click the Start button.
* Accept any security warnings from your browser.
* Leave the check mark next to Remove found threats and place a check next to Scan archives.
* Click the Start button.
* ESET will then download updates, install, and begin scanning your computer. Please be patient as this can take some time.
* When the scan completes, click List of found threats.
* Next click Export to text file and save the file to your desktop using a name such as ESETScan. Include the contents of this report in your next reply.
* Click the <<Back button then click Finish.

In your next reply please include the ESET Online Scan Log

Thread: Help, please!

LinkBack

Thread Tools

the second part

Part #3