Swank

The above got me thinking so I disconnected my other hard drive that was in my PC from a previous Vista install thinking it might have shortcuts based on it's file structure. I ran another scan after that and it worked perfectly so that must be the culprit. I'm going to reconnect it and see if deleting all of the shortcut files helps. Thanks for you help on this one, at least I can run quick scans again, but I'll let you know if I have any other problems.

Here are DDS and Attach respectively: DDS.txt********************************************************************** DDS (Ver_10-03-17.01) - NTFSx86 Run by Swank at 21:33:01.51 on Thu 06/17/2010 Internet Explorer: 7.0.5730.13 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.1331 [GMT -6:00] AV: Symantec AntiVirus Corporate Edition *On-access scanning disabled* (Updated) {FB06448E-52B8-493A-90F3-E43226D3305C} ============== Running Processes =============== C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe svchost.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\PROGRA~1\SYMANT~1\VPTray.exe C:\Program Files\ASUS\Asus Probe\AsusProb.exe C:\Program Files\Microsoft IntelliType Pro\itype.exe C:\Program Files\Microsoft IntelliPoint\ipoint.exe C:\WINDOWS\vVX3000.exe C:\WINDOWS\system32\taskswitch.exe C:\WINDOWS\system32\fast.exe C:\WINDOWS\system32\ctfmon.exe C:\Users\Swank\Local Settings\Application Data\LClock\LClock.exe C:\Program Files\VisualTaskTips\VisualTaskTips.exe svchost.exe C:\Program Files\Symantec AntiVirus\DefWatch.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Program Files\Nero\Nero8\InCD\InCDsrv.exe C:\Program Files\Microsoft LifeCam\MSCamS32.exe svchost.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\Program Files\Symantec AntiVirus\Rtvscan.exe C:\WINDOWS\system32\Fast.exe C:\WINDOWS\system32\dllhost.exe C:\Users\Swank\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Users\Swank\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\Explorer.EXE F:\Torrents\dds.scr ============== Pseudo HJT Report =============== mWinlogon: UIHost=%SystemRoot%\System32\ultlogonui.exe BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll TB: QT TabBar: {d2bf470e-ed1c-487f-a333-2bd8835eb6ce} - mscoree.dll TB: QT Tab Standard Buttons: {d2bf470e-ed1c-487f-a666-2bd8835eb6ce} - mscoree.dll TB: QT Breadcrumbs Address Bar: {af83e43c-dd2b-4787-826b-31b17dee52ed} - mscoree.dll uRun: [Google Update] "c:\users\swank\local settings\application data\google\update\GoogleUpdate.exe" /c uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [spybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe uRun: [LClock] c:\users\swank\local settings\application data\lclock\LClock.exe uRun: [VisualTaskTips] c:\program files\visualtasktips\VisualTaskTips.exe mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe" mRun: [vptray] c:\progra~1\symant~1\VPTray.exe mRun: [ASUS Probe] c:\program files\asus\asus probe\AsusProb.exe mRun: [itype] "c:\program files\microsoft intellitype pro\itype.exe" mRun: [intelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe" mRun: [LifeCam] "c:\program files\microsoft lifecam\LifeExp.exe" mRun: [VX3000] c:\windows\vVX3000.exe mRun: [CoolSwitch] c:\windows\system32\taskswitch.exe mRun: [FastUser] c:\windows\system32\fast.exe StartupFolder: c:\users\swank\startm~1\programs\startup\wallma~1.lnk - c:\program files\wallmaster\wallmast.exe uPolicies-explorer: NoRecentDocsNetHood = 1 (0x1) mPolicies-explorer: NoRecentDocsNetHood = 1 (0x1) dPolicies-explorer: NoRecentDocsNetHood = 1 (0x1) IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office11\EXCEL.EXE/3000 IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mi1933~1\office11\REFIEBAR.DLL IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL Notify: AtiExtEvent - Ati2evxx.dll Notify: NavLogon - c:\windows\system32\NavLogon.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll Hosts: 127.0.0.1 www.spywareinfo.com ================= FIREFOX =================== FF - ProfilePath - c:\users\swank\applic~1\mozilla\firefox\profiles\altmiiaw.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.winxpu.info | http://www.winxpu.info/forums FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\ ---- FIREFOX POLICIES ---- c:\program files\firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true); ============= SERVICES / DRIVERS =============== R1 SASDIFSV;SASDIFSV;c:\users\swank\locals~1\temp\sas_selfextract\SASDIFSV.SYS [2010-6-15 9968] R1 SASKUTIL;SASKUTIL;c:\users\swank\locals~1\temp\sas_selfextract\SASKUTIL.sys [2010-6-15 74480] R1 SAVRT;SAVRT;c:\program files\symantec antivirus\savrt.sys [2005-12-19 337592] R1 SAVRTPEL;SAVRTPEL;c:\program files\symantec antivirus\Savrtpel.sys [2005-12-19 54968] R2 ccEvtMgr;Symantec Event Manager;c:\program files\common files\symantec shared\ccEvtMgr.exe [2006-3-24 192160] R2 ccSetMgr;Symantec Settings Manager;c:\program files\common files\symantec shared\ccSetMgr.exe [2006-3-24 169632] R2 Symantec AntiVirus;Symantec AntiVirus;c:\program files\symantec antivirus\Rtvscan.exe [2006-6-15 1805552] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2010-6-14 102448] R3 NAVENG;NAVENG;c:\progra~1\common~1\symant~1\virusd~1\20100614.003\naveng.sys [2010-6-14 85552] R3 NAVEX15;NAVEX15;c:\progra~1\common~1\symant~1\virusd~1\20100614.003\navex15.sys [2010-6-14 1347504] S0 3112Rx47;3112Rx47;c:\windows\system32\drivers\3112Rx47.sys [2009-12-18 110128] S3 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328] S3 pbfilter;pbfilter;c:\program files\peerblock\pbfilter.sys [2010-6-14 14424] S3 SASENUM;SASENUM;\??\c:\users\swank\locals~1\temp\sas_selfextract\sasenum.sys --> c:\users\swank\locals~1\temp\sas_selfextract\SASENUM.SYS [?] S3 SavRoam;SAVRoam;c:\program files\symantec antivirus\SavRoam.exe [2006-6-15 115952] S4 NeroRegInCDSrv;Nero Registry InCD Service;c:\program files\nero\nero8\incd\NBHRegInCDSrv.exe [2008-6-10 53032] =============== Created Last 30 ================ 2010-06-17 05:40:04 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-06-17 05:40:01 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-06-17 05:40:01 0 d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-06-17 04:42:23 7552 -c--a-w- c:\windows\system32\dllcache\sonypvu1.sys 2010-06-17 04:42:23 7552 ----a-w- c:\windows\system32\drivers\SONYPVU1.SYS 2010-06-17 02:43:44 3247 ----a-w- c:\windows\system32\wbem\Outlook_01cb0dc6e775aa48.mof 2010-06-16 03:59:21 0 d-----w- c:\program files\VisualTaskTips 2010-06-16 03:33:47 306688 ----a-w- c:\windows\IsUninst.exe 2010-06-16 03:31:12 0 d-----w- c:\program files\Sony 2010-06-16 03:30:30 0 d-----w- c:\program files\VSTplugins 2010-06-16 03:01:09 23040 -c--a-w- c:\windows\system32\dllcache\xrxwbtmp.dll 2010-06-16 03:01:09 18944 -c--a-w- c:\windows\system32\dllcache\xrxscnui.dll 2010-06-16 03:01:09 116224 -c--a-w- c:\windows\system32\dllcache\xrxwiadr.dll 2010-06-16 03:01:08 4608 -c--a-w- c:\windows\system32\dllcache\xrxflnch.exe 2010-06-16 03:01:08 27648 -c--a-w- c:\windows\system32\dllcache\xrxftplt.exe 2010-06-16 02:59:59 64605 -c--a-w- c:\windows\system32\dllcache\vvoice.sys 2010-06-16 02:58:59 30688 -c--a-w- c:\windows\system32\dllcache\sym_u3.sys 2010-06-16 02:57:56 18400 -c--a-w- c:\windows\system32\dllcache\sgsmld.sys 2010-06-16 02:56:59 49024 -c--a-w- c:\windows\system32\dllcache\ql1280.sys 2010-06-16 02:55:58 180360 -c--a-w- c:\windows\system32\dllcache\ntmtlfax.sys 2010-06-16 02:54:58 16128 -c--a-w- c:\windows\system32\dllcache\modemcsa.sys 2010-06-16 02:53:42 372824 -c--a-w- c:\windows\system32\dllcache\iconf32.dll 2010-06-16 02:52:59 8576 -c--a-w- c:\windows\system32\dllcache\hidgame.sys 2010-06-16 02:51:59 53248 -c--a-w- c:\windows\system32\dllcache\eqndiag.exe 2010-06-16 02:50:59 4096 -c--a-w- c:\windows\system32\dllcache\ctwdm32.dll 2010-06-16 02:49:58 13824 -c--a-w- c:\windows\system32\dllcache\bulltlp3.sys 2010-06-16 02:48:59 14848 -c--a-w- c:\windows\system32\dllcache\asc3550.sys 2010-06-16 02:22:35 0 d-----w- c:\windows\SxsCaPendDel 2010-06-16 02:16:21 0 d-----w- c:\users\swank\applic~1\SUPERAntiSpyware.com 2010-06-16 02:16:21 0 d-----w- c:\users\alluse~1\applic~1\SUPERAntiSpyware.com 2010-06-16 02:01:07 2350 ----a-w- c:\windows\system32\tmp.reg 2010-06-16 01:20:06 0 d-----w- c:\program files\WallMaster 2010-06-15 13:26:20 0 d-----w- c:\program files\Windows Installer Clean Up 2010-06-15 13:25:30 0 d-----w- c:\program files\MSECACHE 2010-06-15 13:16:36 0 d--h--w- c:\windows\system32\GroupPolicy 2010-06-15 13:10:32 0 d-----w- c:\program files\Sony Setup 2010-06-15 13:07:22 0 d-----w- c:\program files\Acoustica Mp3 To Wave Converter Plus 2010-06-15 05:32:35 0 d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2 2010-06-15 05:08:09 0 d-----w- c:\windows\Downloaded Installations 2010-06-15 04:15:37 2002 ---ha-w- c:\users\swank\Default.rdp 2010-06-15 04:02:35 3247 ----a-w- c:\windows\system32\wbem\Outlook_01cb0c3f9620f4aa.mof 2010-06-15 04:00:54 0 d-----w- c:\users\swank\applic~1\Mp3tag 2010-06-15 04:00:49 0 d-----w- c:\program files\Mp3tag 2010-06-15 03:56:53 0 d-----w- c:\program files\XviD 2010-06-15 03:56:43 0 d-----w- c:\program files\AviSynth 2.5 2010-06-15 03:56:17 0 d-----w- c:\program files\AutoGK 2010-06-15 03:55:34 0 d-----w- c:\program files\DVD Decrypter 2010-06-15 03:52:22 376 ----a-w- c:\windows\ODBC.INI 2010-06-15 03:52:19 28040 ----a-w- c:\windows\system32\mdimon.dll 2010-06-15 03:51:25 0 d-----w- c:\program files\Microsoft ActiveSync 2010-06-15 03:51:09 0 d-----w- c:\windows\SHELLNEW 2010-06-15 03:37:16 0 d-----w- c:\program files\CCleaner 2010-06-15 03:35:53 0 d-----w- c:\users\swank\LimeWire 2010-06-15 03:35:30 0 d-----w- c:\users\swank\applic~1\LimeWire 2010-06-15 03:35:16 0 d-----w- c:\program files\LimeWire 2010-06-15 03:35:04 28672 ----a-w- c:\windows\system32\AVEQT.dll 2010-06-15 03:35:04 129024 ----a-w- c:\windows\system32\AVERM.dll 2010-06-15 03:35:01 0 d-----w- c:\program files\Ultra Video Joiner 2010-06-15 03:28:02 0 d-----w- c:\program files\VideoLAN 2010-06-15 03:27:16 69 ----a-w- c:\windows\NeroDigital.ini 2010-06-15 03:17:08 0 d-----w- c:\users\alluse~1\applic~1\Spybot - Search & Destroy 2010-06-15 03:17:08 0 d-----w- c:\program files\Spybot - Search & Destroy 2010-06-15 03:15:43 0 d-----w- c:\users\swank\applic~1\Malwarebytes 2010-06-15 03:15:35 0 d-----w- c:\users\alluse~1\applic~1\Malwarebytes 2010-06-15 03:14:53 48 ---ha-w- c:\windows\system32\ezsidmv.dat 2010-06-15 03:14:16 0 d-----r- c:\program files\Skype 2010-06-15 03:12:53 60032 -c--a-w- c:\windows\system32\dllcache\usbaudio.sys 2010-06-15 03:12:06 0 d-----w- c:\program files\Microsoft LifeCam 2010-06-15 03:10:07 27744 ----a-w- c:\windows\system32\drivers\point32.sys 2010-06-15 03:10:02 0 d-----w- c:\program files\Microsoft IntelliPoint 2010-06-15 03:07:33 0 d-----w- c:\program files\Microsoft IntelliType Pro 2010-06-15 03:00:54 0 d-----w- c:\program files\ACW 2010-06-15 02:42:06 0 d-----w- c:\program files\uTorrent 2010-06-15 02:41:43 0 d-----w- c:\users\swank\applic~1\uTorrent 2010-06-15 02:39:47 0 d-----w- c:\program files\PeerBlock 2010-06-15 02:36:57 2190080 -c--a-w- c:\windows\system32\dllcache\ntoskrnl.exe 2010-06-15 02:36:56 2066944 -c--a-w- c:\windows\system32\dllcache\ntkrnlpa.exe 2010-06-15 02:34:53 6656 ----a-w- c:\windows\system32\drivers\AsProbe.sys 2010-06-15 02:34:53 245912 ----a-w- c:\windows\system\VCLX35.BPL 2010-06-15 02:34:52 996872 ----a-w- c:\windows\system\CP3240MT.DLL 2010-06-15 02:34:52 458752 ----a-w- c:\windows\system\COMCTL32.DLL 2010-06-15 02:34:52 29952 ----a-w- c:\windows\system\BORLNDMM.DLL 2010-06-15 02:34:52 187392 ----a-w- c:\windows\system\BCBSMP35.BPL 2010-06-15 02:34:52 1455736 ----a-w- c:\windows\system\VCL35.BPL 2010-06-15 02:34:41 6272 ----a-w- c:\windows\system32\drivers\ASLM75.SYS 2010-06-15 02:34:41 0 d-----w- c:\program files\ASUS 2010-06-15 02:34:37 299008 ----a-w- c:\windows\uninst.exe 2010-06-15 02:34:35 0 d-----w- c:\users\swank\WINDOWS 2010-06-15 02:33:16 0 d-----w- c:\program files\Realtek Sound Manager 2010-06-15 02:33:12 0 d-----w- c:\program files\AvRack 2010-06-15 02:33:11 164 ------w- c:\windows\avrack.ini 2010-06-15 02:33:09 765952 ----a-w- c:\windows\system\crlds3d.dll 2010-06-15 02:33:08 65536 -c--a-w- c:\windows\system32\dllcache\a3d.dll 2010-06-15 02:33:08 65536 ----a-w- c:\windows\system32\Audio3D.dll 2010-06-15 02:33:08 65536 ----a-w- c:\windows\system32\a3d.dll 2010-06-15 02:33:04 400384 ----a-w- c:\windows\system32\drivers\ALCXSENS.SYS 2010-06-15 02:33:03 611820 ----a-w- c:\windows\system32\drivers\ALCXWDM.SYS 2010-06-15 02:33:02 65024 ----a-w- c:\windows\SOUNDMAN.EXE 2010-06-15 02:33:02 155648 ----a-w- c:\windows\system32\RTLCPAPI.dll 2010-06-15 02:32:58 6584832 ----a-w- c:\windows\system32\RTLCPL.EXE 2010-06-15 02:32:53 141016 ----a-w- c:\windows\system32\ALSNDMGR.WAV 2010-06-15 02:32:43 14225408 ----a-w- c:\windows\system32\ALSNDMGR.CPL 2010-06-15 02:32:42 208896 ------w- c:\windows\alcupd.exe 2010-06-15 02:32:41 139264 ------w- c:\windows\alcrmv.exe 2010-06-15 02:32:40 744 ------w- c:\windows\system32\drivers\alcxinit.dat 2010-06-15 02:32:13 3223 ----a-w- c:\windows\Ascd_tmp.ini 2010-06-15 02:32:11 5824 ----a-w- c:\windows\system32\drivers\ASUSHWIO.SYS 2010-06-15 02:29:54 0 ----a-w- c:\windows\vpc32.INI 2010-06-15 02:24:04 87808 ----a-w- c:\windows\system32\S32EVNT1.DLL 2010-06-15 02:24:04 107696 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS 2010-06-15 02:24:02 0 d-----w- c:\program files\Symantec 2010-06-15 02:23:59 0 d-----w- c:\users\alluse~1\applic~1\Symantec 2010-06-15 02:23:59 0 d-----w- c:\program files\Symantec AntiVirus 2010-06-15 02:23:59 0 d-----w- c:\program files\common files\Symantec Shared 2010-06-15 02:21:51 26368 -c--a-w- c:\windows\system32\dllcache\usbstor.sys 2010-06-15 01:51:03 0 d-----w- c:\program files\AVG 2010-06-15 01:46:15 0 d---a-w- c:\program files\Nero 2010-06-15 01:46:15 0 d-----w- c:\users\alluse~1\applic~1\Nero 2010-06-15 01:44:52 0 d---a-w- c:\users\swank\applic~1\ViGlance 2010-06-15 01:44:52 0 d---a-w- c:\users\swank\applic~1\OtakuSoftware 2010-06-15 01:32:53 0 d-----w- c:\program files\TUGZip 2010-06-15 01:32:46 0 d---a-w- c:\program files\Firefox 2010-06-15 01:28:33 0 d-----w- c:\program files\ffdshow 2010-06-15 01:28:06 0 d---a-w- c:\program files\Windows Plus 2010-06-15 01:20:42 0 d-----w- c:\program files\Microsoft SQL Server Compact Edition 2010-06-15 01:18:56 0 d-----w- c:\program files\MSXML 4.0 2010-06-15 01:18:14 0 d-sh--w- c:\users\all users\DRM 2010-06-15 01:18:02 0 d--h--w- c:\program files\WindowsUpdate 2010-06-15 01:17:26 0 d-----w- c:\program files\common files\MSSoap 2010-06-15 01:16:11 0 d-----w- c:\program files\Windows Media Connect 2 2010-06-15 01:16:05 0 d-----w- c:\program files\MSN Gaming Zone 2010-06-15 01:15:30 0 d-----w- c:\program files\Windows NT 2010-06-14 19:10:38 0 d-----r- c:\users\all users\Public 2010-06-14 19:07:08 0 d-----w- c:\program files\common files\ODBC 2010-06-14 19:07:05 0 d-----w- c:\program files\common files\SpeechEngines ==================== Find3M ==================== 2010-06-15 03:07:55 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_NuidFltr_01005.Wdf 2010-06-15 03:07:54 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf 2010-06-15 03:07:46 60416 ----a-w- c:\windows\ALCFDRTM.EXE 2010-06-15 01:32:11 411368 ----a-w- c:\windows\system32\deploytk.dll 2010-06-15 01:16:17 21640 ----a-w- c:\windows\system32\emptyregdb.dat 2010-05-20 21:27:26 762736 ----a-w- c:\windows\vVX3000.exe 2010-05-20 21:27:26 677232 ----a-w- c:\windows\system32\LCCoin32.dll 2010-05-20 21:27:26 227696 ----a-w- c:\windows\vVX3000.dll 2010-05-20 21:27:26 1961328 ----a-w- c:\windows\system32\drivers\VX3000.sys 2010-05-20 21:27:26 175472 ----a-w- c:\windows\system32\cVX3000.dll 2010-05-20 21:27:26 101232 ----a-w- c:\windows\VX3000.dll 2010-05-04 17:20:03 841216 ----a-w- c:\windows\system32\wininet.dll 2010-05-04 17:20:00 78336 ----a-w- c:\windows\system32\ieencode.dll 2010-05-04 17:19:59 17408 ----a-w- c:\windows\system32\corpol.dll 2010-05-02 06:34:15 1860352 ----a-w- c:\windows\system32\win32k.sys 2010-04-20 05:30:08 285696 ----a-w- c:\windows\system32\atmfd.dll 2008-01-22 03:51:13 121 ---ha-w- c:\program files\desktop.ini ============= FINISH: 21:33:24.85 =============== Attach.txt**************************************************************** UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT DDS (Ver_10-03-17.01) Microsoft Windows XP Professional Boot Device: \Device\HarddiskVolume2 Install Date: 6/14/2010 7:42:55 PM System Uptime: 6/17/2010 8:58:25 PM (1 hours ago) Motherboard: ASUSTeK Computer Inc. | | P4P800-E Processor: Intel® Pentium® 4 CPU 3.00GHz | CPU 1 | 2998/200mhz ==== Disk Partitions ========================= A: is Removable C: is FIXED (NTFS) - 37 GiB total, 23.938 GiB free. D: is CDROM () E: is FIXED (NTFS) - 932 GiB total, 619.486 GiB free. F: is FIXED (NTFS) - 112 GiB total, 59.861 GiB free. ==== Disabled Device Manager Items ============= Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318} Description: BLUETOOTH USB +EDR ADAPTER v2.1 UHE Device ID: USB\VID_050D&PID_016A\00190E0458EF Manufacturer: Name: BLUETOOTH USB +EDR ADAPTER v2.1 UHE PNP Device ID: USB\VID_050D&PID_016A\00190E0458EF Service: ==== System Restore Points =================== No restore point in system. ==== Installed Programs ======================

I followed the above steps but unfortunately the 'All Users' loop persists, right around the 13000 Objects Scanned mark. I have run a Spybot S&D full scan as well as a Symantec corp edition full scan and all is clean. Additionally, the Malwarebytes full scan works well without incident (no loop or malicious items), so I feel I do have a clean system and adequate protection. I just miss the convenience of the quick scan and would like to add to the knowledge base if others encounter this issue. Given that I have 2 PCs here with the same OS that are showing the same symptom I thought it might be more widespread. If there is anything else you'd like me to try I'm game :-)

Oops, sorry, Windows XP SP3, not sure if you need more specifics, but if so I would need to know how to get them. This was a completely new install, in fact I bought a new SSD drive to treat myself, it's great! I did everything you mentioned and the furthest I can drill down is C:Users/All Users/Start Menu/Programs/Startup. There is a desktop.ini file in there and that's it. It contains this: [.ShellClassInfo] LocalizedResourceName=@%SystemRoot%\system32\shell32.dll,-21787 There are other desktop.ini files in almost all of the other branches along the way, each reading somewhat differently, though not much more than 5-7 lines of seemingly harmless code similar to what I pasted above. I tried deleting the desktop.ini file and running the scan again and have the same results.

I recently had to rebuild my PC due to some pernicious malware, but it was long overdue regardless. After my rebuild and installing all my programs I ran a quick test on Malwarebytes, but it proved to not be so quick after all, in fact it was stuck in what seemed to be in infinite loop. I gave up after about 1.5 hours and 80,000 files being scanned. You can see in the pic below that it seemed to be endlessly generating some kind of All Users\All Users\All Users path that went nowhere. Browsing from the start only took me to the 3rd level of that tree. Thinking my new install was a dud I updated the Malwarebytes on my other PC and encountered the same problem. Does anyone know what the problem might be? I've googled and searched here as best I could but to no avail, though I don't really know how to phrase this problem.