I have a virus and maybe more - Please help!

November 9, 2010 at 10:52:16
Specs: Windows XP
I quite obviously have a virus on my pc.....cant download antivirus software,internet explorer keeps crashing,other downloads wont install etc

Not an expert on these matters but after alot of research i have run malwarebytes and also combofix as advised elsewhere and have come up with 2 logs.

Can anyone advixe on the next course of action.....Please!!!!!

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 5050

Windows 5.1.2600 Service Pack 3 (Safe Mode)
Internet Explorer 8.0.6001.18702

09/11/2010 18:18:13
mbam-log-2010-11-09 (18-18-13).txt

Scan type: Full scan (C:\|D:\|)
Objects scanned: 161547
Time elapsed: 15 minute(s), 37 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 1
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 5

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
C:\WINDOWS\system32\winjty32.dll (Trojan.Nebuler) -> Delete on reboot.

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSSMGR (Trojan.Downloader) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\WINDOWS\system32\winjty32.dll (Trojan.Nebuler) -> Delete on reboot.
C:\Documents and Settings\Administrator\My Documents\Vuze Downloads\Nero 7.10.1.0\Keygen.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\winbjd32.dll (Trojan.Nebuler) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\winsad32.dll (Trojan.Nebuler) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\winueb32.dll (Trojan.Nebuler) -> Quarantined and deleted successfully.

ComboFix 10-11-09.01 - Administrator 09/11/2010 18:24:35.2.2 - x86 NETWORK
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.503.311 [GMT 0:00]
Running from: c:\documents and settings\Administrator\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *On-access scanning enabled* (Updated) {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\drivers\swjhikct.sys

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_wkocph


((((((((((((((((((((((((( Files Created from 2010-10-09 to 2010-11-09 )))))))))))))))))))))))))))))))
.

2010-11-09 17:29 . 2010-11-09 18:20 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2010-11-09 17:28 . 2006-06-19 13:01 69632 ----a-w- c:\windows\system32\ztvcabinet.dll
2010-11-09 17:28 . 2006-05-25 15:52 162304 ----a-w- c:\windows\system32\ztvunrar36.dll
2010-11-09 17:28 . 2005-08-26 01:50 77312 ----a-w- c:\windows\system32\ztvunace26.dll
2010-11-09 17:28 . 2003-02-02 20:06 153088 ----a-w- c:\windows\system32\UNRAR3.dll
2010-11-09 17:28 . 2002-03-06 01:00 75264 ----a-w- c:\windows\system32\unacev2.dll
2010-11-09 17:28 . 2010-11-09 17:28 -------- d-----w- c:\program files\Trojan Remover
2010-11-09 17:28 . 2010-11-09 17:28 -------- d-----w- c:\documents and settings\All Users\Application Data\Simply Super Software
2010-11-09 17:28 . 2010-11-09 17:28 -------- d-----w- c:\documents and settings\Administrator\Application Data\Simply Super Software
2010-11-09 17:28 . 2010-11-09 18:20 16968 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys
2010-11-09 17:01 . 2010-11-09 17:01 -------- d-----w- C:\rei
2010-11-09 17:01 . 2010-11-09 17:01 -------- d-----w- c:\program files\Reimage
2010-11-09 16:32 . 2010-11-09 16:34 -------- d-----w- c:\program files\Vuze
2010-11-09 16:32 . 2010-11-09 16:33 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Vuze_Remote
2010-11-09 16:32 . 2010-11-09 16:32 -------- d-----w- c:\program files\Conduit
2010-11-09 16:32 . 2010-11-09 16:32 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Conduit
2010-11-09 16:32 . 2010-11-09 16:32 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\temp
2010-11-09 09:33 . 2010-11-09 09:54 217088 ----a-w- c:\documents and settings\Administrator\sysclean.exe
2010-11-09 09:02 . 2010-11-09 09:02 -------- d-----w- c:\windows\Sun
2010-11-09 08:59 . 2010-11-09 08:59 161296 ----a-w- c:\windows\system32\drivers\tmcomm.sys
2010-11-09 08:59 . 2010-11-09 08:59 -------- d-----w- c:\documents and settings\Administrator\log
2010-11-08 19:41 . 2010-11-08 19:41 -------- d-----w- c:\windows\system32\wbem\Repository
2010-11-07 15:55 . 2010-11-07 17:08 -------- d-----w- C:\RECYCLER(4)
2010-11-07 15:29 . 2010-11-07 17:11 -------- d-----w- C:\RECYCLER(3)
2010-11-07 13:09 . 2010-11-07 13:09 -------- d-----w- c:\documents and settings\All Users\Application Data\Hitman Pro
2010-11-07 12:29 . 2010-11-07 17:11 -------- d-----w- c:\program files\Spybot - Search & Destroy(2)
2010-11-07 12:25 . 2010-11-07 12:25 -------- d-----w- c:\documents and settings\Administrator\Application Data\Registry Mechanic
2010-11-07 11:07 . 2010-11-07 17:14 -------- d-----w- C:\RECYCLER(2)
2010-11-07 00:22 . 2010-11-07 00:22 -------- d-----w- C:\rsit
2010-11-05 11:36 . 2010-10-07 16:21 6146896 ------w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{5082C54D-6F30-4100-8139-BED920547C85}\mpengine.dll
2010-11-05 10:44 . 2010-10-07 16:21 6146896 ------w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{C138C549-14FF-4B6B-A8CD-C3F421C65653}\mpengine.dll
2010-11-05 10:33 . 2010-10-07 16:21 6146896 ------w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{AB28E131-64EE-4E3A-B93E-A971B7EAAB6F}\mpengine.dll
2010-11-05 10:31 . 2010-11-07 17:44 -------- d-----w- c:\documents and settings\Administrator\Application Data\Malwarebytes
2010-11-05 10:31 . 2010-04-29 15:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-11-05 10:31 . 2010-04-29 15:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-11-05 09:54 . 2010-11-05 10:13 -------- d-----w- C:\1123
2010-11-05 09:39 . 2010-11-07 17:14 -------- d-----w- c:\program files\WindowsClear
2010-11-05 09:01 . 2010-11-05 09:01 -------- d-----w- c:\documents and settings\Administrator\Application Data\ParetoLogic
2010-11-05 09:01 . 2010-11-05 09:01 -------- d-----w- c:\documents and settings\Administrator\Application Data\DriverCure
2010-11-05 08:35 . 2010-11-07 17:14 -------- d-----w- c:\documents and settings\Administrator\Application Data\ScanSpyware
2010-11-04 22:23 . 2010-11-04 22:23 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\VS Revo Group
2010-11-04 21:57 . 2010-11-07 17:44 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2010-11-04 21:38 . 2010-11-04 21:38 -------- d-----w- c:\documents and settings\Administrator\Application Data\IObit
2010-11-04 21:19 . 2010-11-08 06:02 -------- d-----w- c:\documents and settings\All Users\Application Data\MFAData
2010-11-04 20:58 . 2010-11-04 20:58 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-11-03 10:27 . 2010-11-07 17:15 -------- d-----w- c:\documents and settings\Administrator\Application Data\vlc
2010-11-03 09:23 . 2010-11-03 09:23 -------- d-----w- c:\program files\VideoLAN
2010-11-02 10:31 . 2010-11-07 17:15 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Google
2010-10-30 15:46 . 2010-11-07 17:15 -------- d-----w- c:\program files\WinWatermark 2
2010-10-30 15:32 . 2010-11-07 17:15 -------- d-----w- c:\program files\WatermarkSoftware
2010-10-29 01:34 . 2010-11-07 17:15 -------- d-----w- c:\documents and settings\Administrator\Application Data\Mozilla(2)
2010-10-29 01:34 . 2010-11-07 17:15 -------- d-----w- c:\program files\Mozilla Firefox(2)
2010-10-24 17:16 . 2010-10-24 17:16 -------- d-----w- c:\documents and settings\All Users\Application Data\Emicsoft Studio
2010-10-23 12:28 . 2010-10-23 12:28 -------- d-----w- c:\documents and settings\All Users\Application Data\Ahead
2010-10-23 12:10 . 2010-10-23 12:10 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\PCHealth
2010-10-22 21:15 . 2010-11-07 17:16 -------- d-----w- c:\program files\Microsoft DirectX SDK (June 2010)
2010-10-22 19:02 . 2010-10-22 19:02 -------- d-----w- c:\documents and settings\Administrator\Application Data\Simple Star
2010-10-22 19:02 . 2010-10-22 19:02 -------- d-----w- c:\documents and settings\All Users\Application Data\PhotoShow Shared Assets
2010-10-22 19:02 . 2010-10-22 19:02 -------- d-----w- c:\program files\SmartSound Software
2010-10-22 19:02 . 2010-10-22 19:02 -------- d-----w- c:\documents and settings\All Users\Application Data\SmartSound Software Inc
2010-10-22 14:00 . 2010-11-07 17:16 -------- d-----w- c:\documents and settings\Administrator\Application Data\GetRightToGo
2010-10-22 09:51 . 2010-11-07 17:20 -------- d-----w- c:\program files\RegistryFix8
2010-10-22 09:47 . 2010-10-22 09:47 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Mozilla
2010-10-21 08:31 . 2010-10-21 08:31 -------- d-----w- c:\program files\Emicsoft Studio
2010-10-19 20:14 . 2010-11-09 17:05 -------- d-----w- c:\documents and settings\Administrator\Application Data\Azureus
2010-10-15 17:36 . 2010-10-22 19:07 -------- d-----w- c:\documents and settings\Administrator\Application Data\Roxio
2010-10-15 17:34 . 2010-10-15 17:34 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Sonic_Solutions
2010-10-15 17:28 . 2010-10-15 17:28 -------- d-----w- c:\program files\CinemaNow
2010-10-15 17:25 . 2010-11-07 17:21 -------- d-----w- c:\documents and settings\All Users\Application Data\Sonic
2010-10-15 17:23 . 2010-11-07 17:21 -------- d-----w- c:\documents and settings\All Users\Application Data\Roxio
2010-10-15 17:19 . 2010-10-22 15:58 -------- d-----w- c:\documents and settings\Administrator\Application Data\Roxio Log Files
2010-10-15 14:41 . 2010-10-22 21:15 -------- d-----w- c:\windows\Logs
2010-10-14 18:40 . 2010-09-29 12:17 6084944 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{F513A0F6-E818-4D74-B612-024B4B3E0742}\mpengine.dll
2010-10-13 17:27 . 2010-09-29 12:17 6084944 ------w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{9BA1D026-1760-444C-9F8E-378A0C03EDB7}\mpengine.dll
2010-10-13 12:38 . 2008-04-14 12:42 26624 ----a-w- c:\documents and settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll
2010-10-13 05:47 . 2010-09-18 06:53 974848 ------w- c:\windows\system32\dllcache\mfc42.dll
2010-10-13 05:47 . 2010-09-18 06:53 954368 ------w- c:\windows\system32\dllcache\mfc40.dll
2010-10-13 05:47 . 2010-09-18 06:53 953856 ------w- c:\windows\system32\dllcache\mfc40u.dll
2010-10-13 05:46 . 2010-08-23 16:12 617472 ------w- c:\windows\system32\dllcache\comctl32.dll
2010-10-12 19:56 . 2010-10-12 19:56 -------- d-----w- c:\documents and settings\Administrator\Application Data\Windows Search
2010-10-12 19:49 . 2010-10-12 19:49 -------- d-----w- c:\documents and settings\All Users\Application Data\LightScribe
2010-10-12 19:45 . 2010-11-09 18:30 -------- d-----w- c:\documents and settings\Administrator\Tracing
2010-10-12 19:44 . 2010-11-07 17:19 -------- dc----w- c:\windows\system32\DRVSTORE
2010-10-12 19:44 . 2010-04-28 06:44 54760 ----a-w- c:\windows\system32\drivers\fssfltr_tdi.sys
2010-10-12 19:44 . 2010-10-12 19:44 -------- d-----w- c:\program files\Microsoft Sync Framework
2010-10-12 19:43 . 2006-11-29 12:06 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll
2010-10-12 19:43 . 2010-10-12 19:43 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2010-10-12 19:41 . 2010-10-12 19:41 -------- d-----w- c:\program files\Microsoft
2010-10-12 19:40 . 2010-10-12 19:40 -------- d-----w- c:\program files\Windows Live SkyDrive
2010-10-12 19:40 . 2010-10-12 19:44 -------- d-----w- c:\program files\Windows Live
2010-10-12 19:36 . 2010-10-12 19:36 -------- d-----w- c:\program files\Common Files\Windows Live
2010-10-12 19:25 . 2008-04-13 23:15 26368 ----a-w- c:\windows\system32\dllcache\usbstor.sys
2010-10-12 18:41 . 2010-10-24 21:26 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Ahead
2010-10-12 18:35 . 2010-10-12 18:35 -------- d-----w- c:\program files\Common Files\LightScribe
2010-10-12 18:33 . 2010-10-23 13:24 -------- d-----w- c:\documents and settings\Administrator\Application Data\Ahead
2010-10-12 18:28 . 2010-11-08 19:38 -------- d-----w- c:\program files\Common Files\Ahead
2010-10-12 18:26 . 2010-10-12 18:26 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2010-10-12 17:17 . 2010-10-12 17:17 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\PCHealth
2010-10-12 07:26 . 2009-11-12 13:48 7168 ----a-w- c:\windows\system32\drivers\StarOpen.sys
2010-10-12 07:26 . 2010-10-30 15:56 -------- d-----w- c:\program files\CDBurnerXP
2010-10-11 16:06 . 2010-10-14 11:41 -------- d-----w- c:\program files\Microsoft Silverlight
2010-10-11 15:56 . 2010-10-11 15:56 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Identities
2010-10-11 15:56 . 2010-10-11 15:56 -------- d-----w- c:\documents and settings\Administrator\Application Data\Windows Desktop Search
2010-10-11 15:56 . 2010-10-11 15:56 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2010-10-11 15:56 . 2010-11-07 17:44 -------- d--h--w- c:\windows\system32\GroupPolicy
2010-10-11 15:56 . 2010-10-14 11:41 -------- d-----w- c:\program files\Windows Desktop Search
2010-10-11 15:55 . 2008-03-07 17:02 98304 ------w- c:\windows\system32\dllcache\nlhtml.dll
2010-10-11 15:55 . 2008-03-07 17:02 29696 ------w- c:\windows\system32\dllcache\mimefilt.dll
2010-10-11 15:55 . 2008-03-07 17:02 192000 ------w- c:\windows\system32\dllcache\offfilt.dll
2010-10-11 15:54 . 2010-10-30 15:56 -------- d-----w- c:\program files\Windows Media Connect 2
2010-10-11 15:53 . 2010-11-08 08:00 -------- d-----w- c:\windows\system32\drivers\UMDF
2010-10-11 15:53 . 2010-10-15 04:23 -------- d-----w- c:\windows\system32\LogFiles
2010-10-11 15:51 . 2010-10-11 15:52 -------- d-----w- c:\windows\system32\URTTemp
2010-10-11 15:35 . 2009-08-06 18:23 274288 ----a-w- c:\windows\system32\mucltui.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-06 17:11 . 2010-09-29 19:08 90112 ----a-w- c:\windows\DUMP4006.tmp
2010-10-19 20:51 . 2010-09-29 12:09 222080 ------w- c:\windows\system32\MpSigStub.exe
2010-09-29 19:14 . 2010-09-29 19:14 61555 ----a-w- c:\windows\system32\jpicpl32.cpl
2010-09-29 12:17 . 2010-10-01 07:59 6084944 ------w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2010-09-18 11:23 . 2007-04-03 15:44 974848 ----a-w- c:\windows\system32\mfc42u.dll
2010-09-18 06:53 . 2008-04-14 12:41 974848 ----a-w- c:\windows\system32\mfc42.dll
2010-09-18 06:53 . 2008-04-14 12:41 953856 ----a-w- c:\windows\system32\mfc40u.dll
2010-09-18 06:53 . 2001-08-18 05:36 954368 ----a-w- c:\windows\system32\mfc40.dll
2010-09-10 05:58 . 2008-04-14 12:42 916480 ----a-w- c:\windows\system32\wininet.dll
2010-09-10 05:58 . 2008-04-14 12:42 1469440 ------w- c:\windows\system32\inetcpl.cpl
2010-09-10 05:58 . 2008-04-14 12:41 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-09-01 11:51 . 2008-04-14 12:39 285824 ----a-w- c:\windows\system32\atmfd.dll
2010-08-31 13:42 . 2008-04-14 08:00 1852800 ----a-w- c:\windows\system32\win32k.sys
2010-08-27 08:02 . 2008-04-14 12:42 119808 ----a-w- c:\windows\system32\t2embed.dll
2010-08-27 05:57 . 2008-04-14 12:42 99840 ----a-w- c:\windows\system32\srvsvc.dll
2010-08-26 13:39 . 2008-04-14 07:45 357248 ----a-w- c:\windows\system32\drivers\srv.sys
2010-08-26 12:52 . 2010-09-29 12:59 5120 ----a-w- c:\windows\system32\xpsp4res.dll
2010-08-23 16:12 . 2008-04-14 12:41 617472 ----a-w- c:\windows\system32\comctl32.dll
2010-08-17 13:17 . 2008-04-14 12:42 58880 ----a-w- c:\windows\system32\spoolsv.exe
2010-08-16 08:45 . 2008-04-14 12:42 590848 ----a-w- c:\windows\system32\rpcrt4.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{ba14329e-9550-4989-b3f2-9732e92d17cc}"= "c:\program files\Vuze_Remote\tbVuze.dll" [2010-10-18 3908192]

[HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-10-18 12:26 3908192 ----a-w- c:\program files\ConduitEngine\ConduitEngine.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
2010-10-18 12:26 3908192 ----a-w- c:\program files\Vuze_Remote\tbVuze.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{ba14329e-9550-4989-b3f2-9732e92d17cc}"= "c:\program files\Vuze_Remote\tbVuze.dll" [2010-10-18 3908192]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\ConduitEngine.dll" [2010-10-18 3908192]

[HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]

[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{BA14329E-9550-4989-B3F2-9732E92D17CC}"= "c:\program files\Vuze_Remote\tbVuze.dll" [2010-10-18 3908192]

[HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-12-23 143360]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2004-07-01 155648]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2004-07-01 118784]
"Smapp"="c:\program files\Analog Devices\SoundMAX\SMTray.exe" [2003-07-30 143360]
"SetRefresh"="c:\program files\Compaq\SetRefresh\SetRefresh.exe" [2003-11-20 525824]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"TrojanScanner"="c:\program files\Trojan Remover\Trjscan.exe" [2010-08-02 1167808]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Common Files\\Ahead\\Nero Web\\SetupX.exe"=
"c:\\WINDOWS\\system32\\winver.exe"=
"c:\\Program Files\\Vuze\\Azureus.exe"=

S0 viqeqpm;viqeqpm;c:\windows\system32\drivers\gtrfdm.sys --> c:\windows\system32\drivers\gtrfdm.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18/03/2010 12:16 130384]
S3 FBIKB_NT;FBIKB_NT;\??\c:\windows\system32\Drivers\FBIKB_NT.Sys --> c:\windows\system32\Drivers\FBIKB_NT.Sys [?]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18/03/2010 12:16 753504]
.
Contents of the 'Scheduled Tasks' folder

2010-11-05 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Microsoft Security Essentials\MpCmdRun.exe [2010-03-25 20:40]

2010-11-09 c:\windows\Tasks\User_Feed_Synchronization-{B277635D-83D0-46F4-AB58-C25A49DCF09D}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 03:31]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.co.uk/
.
- - - - ORPHANS REMOVED - - - -

Notify-winjty32 - winjty32.dll

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-11-09 18:30
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-1897937633-429701280-3773518560-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"6256FFB019F8FDFBD36745B06F4540E9AEAF222A25"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,2d,ab,b8,81,b5,f9,c5,4a,8c,95,0a,\
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,2d,ab,b8,81,b5,f9,c5,4a,8c,95,0a,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,2d,ab,b8,81,b5,f9,c5,4a,8c,95,0a,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(1716)
c:\windows\system32\WININET.dll
c:\program files\Windows Desktop Search\deskbar.dll
c:\program files\Windows Desktop Search\en-us\dbres.dll.mui
c:\program files\Windows Desktop Search\dbres.dll
c:\program files\Windows Desktop Search\wordwheel.dll
c:\program files\Windows Desktop Search\en-us\msnlExtRes.dll.mui
c:\program files\Windows Desktop Search\msnlExtRes.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\CDBurnerXP\NMSAccessU.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Analog Devices\SoundMAX\SMAgent.exe
c:\windows\system32\SearchIndexer.exe
c:\windows\system32\SearchProtocolHost.exe
c:\windows\system32\SearchFilterHost.exe
.
**************************************************************************
.
Completion time: 2010-11-09 18:32:49 - machine was rebooted
ComboFix-quarantined-files.txt 2010-11-09 18:32
ComboFix2.txt 2010-11-09 13:26
ComboFix3.txt 2010-11-08 16:02

Pre-Run: 45,794,500,608 bytes free
Post-Run: 46,230,773,760 bytes free

- - End Of File - - 5EA6D3E8CEF1DFDFC1A2AEAA3EBE5617


See More: I have a virus and maybe more - Please help!

Report •

#1
November 9, 2010 at 11:25:10
well those are long logs, so ids your PC running any better? people usually only post logs when requested.

Try these 2 cleaners:
1- Trojan Remover
2- Hitman Pro
and run them till they are clean

Some HELP in posting on Computing.net plus free progs and instructions Cheers


Report •
Related Solutions


Ask Question