AloneInSilence

Wow this as awful news, but thank you so much for replying and letting me know! I'll talk to my friend who has helped me reformat before, and I won't make any transactions on this computer. I usually never do on this pc. I'll reformat as soon as possible. I will let you know as soon as I do. Thank you SO much!!!

The same day I posted my problem, I ran combofix twice, the first time it went a lot of the stages had a "access is denied" message after them. It also told me that I had the Rookit Zero Access virus. The second time I ran it none of those messages ran up and it finished perfectly. Then i was able to reinstall and update mbam. mbam ran perfectly and removed a backdoor trojan and a few other small viruses. All of the problems stopped. What should I do next then? Would you still like me to post the combofix log? I'll to check but I think I saved it.

Hey, I also have the same problem as the user in this thread: http://forums.malwarebytes.org/index.php?showtopic=88966 I apologize in advance if I should just reply to the other thread, but i wasn't sure if they were person specific, as I am new on this forum. I've been getting a lot of warnings from AVG lately about exe files with names like "ckmu.exe", all of these virus files have random 4 letter titles. I've done my best to put them in avg's vault, but it continues to screw with my programs and opening them. I've already tried the exe fix reg file 3 times and it'll work for a bit but then I'll get problems with opening programs again, saying this like "cannot find specified file" or "open this file with what program?", etc. Then I tired to use taskmanager and i got this message ""the maximum amount of secrets that may be stored in a single system has been exceeded ". I found the other thread and I followed the steps, but as I was in the process excluding mbam from AVG, avg crashed and the virus wouldn't let me open avg again. So I downloaded DDS and ran it regardless. I'll post the txt files results below. I also will attach a zip containg the 2nd log fro DDS, the attach.txt file. The next step that the admin on the other thread said to do is download and run combofix, however the combo fix page warned not to use it unless an admin told you specifically to. So this is my inquiry: Should I use combofix next? Also what else can I do to remove the viruses, and clean my computer? . DDS (Ver_2011-06-23.01) - NTFSx86 Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_23 Run by Team Jacob at 14:47:26 on 2011-07-25 Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.1022.257 [GMT -5:00] . AV: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} SP: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe "\\.\globalroot\Device\svchost.exe\svchost.exe" C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\Dwm.exe C:\Windows\system32\taskhost.exe C:\Windows\Explorer.EXE C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe C:\Program Files\Airlink101\Airlink101 WLAN Monitor\WlanMon.exe C:\Program Files\X3watch\x3watch.exe C:\Program Files\AVG\AVG10\avgtray.exe C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k termsvc C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Windows\system32\wuauclt.exe C:\Windows\system\svchost.exe -k NetworkService C:\Program Files\AVG\AVG10\avgui.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Windows\system32\DllHost.exe C:\Windows\system32\conhost.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = about:blank uInternet Settings,ProxyOverride = *.local uInternet Settings,ProxyServer = http=127.0.0.1:54283 uURLSearchHooks: UrlSearchHook Class: {00000000-6e41-4fd3-8538-502f5495e5fc} - c:\program files\ask.com\GenericAskToolbar.dll uURLSearchHooks: H - No File BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - c:\program files\divx\divx plus web player\npdivx32.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg10\avgssie.dll BHO: DivX HiQ: {593ddec6-7468-4cdd-90e1-42dadaa222e9} - c:\program files\divx\divx plus web player\npdivx32.dll BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~2\office14\GROOVEEX.DLL BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~2\office14\URLREDIR.DLL BHO: FrostWire Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll TB: FrostWire Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll uRun: [Google Update] "c:\users\team jacob\appdata\local\google\update\GoogleUpdate.exe" /c uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe mRun: [ATICCC] "c:\program files\ati technologies\ati.ace\cli.exe" runtime -Delay mRun: [bCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices mRun: [Airlink101 Airlink101 WLAN Monitor] c:\program files\airlink101\airlink101 wlan monitor\WLANmon.exe mRun: [ANIWZCS2Service] c:\program files\ani\aniwzcs2 service\WZCSLDR2.exe mRun: [x3watch] c:\program files\x3watch\x3watch.exe mRun: [AVG_TRAY] c:\program files\avg\avg10\avgtray.exe mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent uPolicies-explorer: HideSCAHealth = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableLUA = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: PromptOnSecureDesktop = 0 (0x0) IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - c:\progra~1\micros~2\office14\ONBttnIE.dll/105 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll LSP: mswsock.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab TCP: DhcpNameServer = 192.168.1.254 TCP: Interfaces\{49435551-4E62-4C32-A445-A8E3FD857265} : DhcpNameServer = 192.168.1.254 TCP: Interfaces\{4F8E06EC-CD3B-44C5-830F-08C93277C45B} : DhcpNameServer = 192.168.1.254 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg10\avgpp.dll Notify: AtiExtEvent - Ati2evxx.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~2\office14\GROOVEEX.DLL . ================= FIREFOX =================== . FF - ProfilePath - . ============= SERVICES / DRIVERS =============== . R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2011-2-22 22992] R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2011-3-16 32592] R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2011-1-7 248656] R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-3-1 34896] R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2011-4-5 297168] R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-13 48128] R2 TermServices;Remote Desktop Service;c:\windows\system32\svchost.exe -k termsvc [2009-7-13 20992] R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2011-4-14 134480] R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2011-2-10 24144] R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2011-2-10 21968] R3 netr28;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\drivers\netr28.sys [2009-6-19 604672] R4 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2011-7-25 41272] S2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg10\identity protection\agent\bin\AVGIDSAgent.exe [2011-4-18 7398752] S2 avgwd;AVG WatchDog;c:\program files\avg\avg10\avgwdsvc.exe [2011-2-8 269520] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\microsoft office\office14\GROOVE.EXE [2010-1-21 30963576] S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000] S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-8-14 1343400] S4 WMZuneComm;Zune Windows Mobile Connectivity Service;c:\program files\zune\WMZuneComm.exe [2010-11-11 268528] . =============== Created Last 30 ================ . 2011-07-25 19:29:07 -------- d-----w- c:\users\team jacob\appdata\roaming\Malwarebytes 2011-07-25 19:28:54 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-07-25 19:28:52 -------- d-----w- c:\programdata\Malwarebytes 2011-07-25 19:28:47 22712 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-07-25 19:28:47 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-07-25 18:46:48 7680 ----a-w- c:\windows\system\svchost.exe 2011-07-25 18:42:10 218624 ----a-w- c:\windows\system32\termlw32.dll 2011-07-25 04:58:59 -------- d-----w- c:\program files\MPAccess 2011-07-25 00:13:47 0 ----a-w- c:\users\team jacob\appdata\local\wohx.exe 2011-07-25 00:13:47 0 ----a-w- c:\users\team jacob\appdata\local\vtyp.exe 2011-07-25 00:13:47 0 ----a-w- c:\users\team jacob\appdata\local\mvio.exe 2011-07-25 00:13:47 0 ----a-w- c:\users\team jacob\appdata\local\bltn.exe 2011-07-25 00:13:47 0 ----a-w- c:\programdata\vjlv.exe 2011-07-25 00:13:47 0 ----a-w- c:\programdata\crxw.exe 2011-07-25 00:13:47 0 ----a-w- c:\programdata\ckmu.exe 2011-07-25 00:13:47 0 ----a-w- c:\programdata\bfmv.exe 2011-07-12 18:21:48 2332672 ----a-w- c:\windows\system32\win32k.sys 2011-07-06 18:37:31 2106216 ----a-w- c:\program files\mozilla firefox\D3DCompiler_43.dll 2011-07-06 18:37:31 1998168 ----a-w- c:\program files\mozilla firefox\d3dx9_43.dll 2011-07-05 05:50:02 -------- d-----w- C:\0e89c84be4faa7c84453f67ff29431 2011-07-04 17:35:16 1553920 ----a-w- c:\windows\system32\tquery.dll 2011-07-04 17:35:16 1401856 ----a-w- c:\windows\system32\mssrch.dll 2011-07-04 17:35:03 428032 ----a-w- c:\windows\system32\SearchIndexer.exe 2011-07-04 17:35:02 666624 ----a-w- c:\windows\system32\mssvp.dll 2011-07-04 17:35:02 337408 ----a-w- c:\windows\system32\mssph.dll 2011-07-04 17:34:50 86528 ----a-w- c:\windows\system32\SearchFilterHost.exe 2011-07-04 17:34:50 197120 ----a-w- c:\windows\system32\mssphtb.dll 2011-07-04 17:34:50 164352 ----a-w- c:\windows\system32\SearchProtocolHost.exe 2011-07-04 17:34:49 59392 ----a-w- c:\windows\system32\msscntrs.dll 2011-07-04 17:34:15 294912 ----a-w- c:\windows\system32\umpnpmgr.dll . ==================== Find3M ==================== . 2011-07-05 17:29:40 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-06-02 05:59:55 169984 ----a-w- c:\windows\system32\winsrv.dll 2011-06-02 05:58:05 290816 ----a-w- c:\windows\system32\KernelBase.dll 2011-06-02 05:55:31 271872 ----a-w- c:\windows\system32\conhost.exe 2011-06-02 03:45:49 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll 2011-06-02 03:45:49 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2011-06-02 03:45:49 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2011-06-02 03:45:49 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll 2011-05-28 03:00:02 1638912 ----a-w- c:\windows\system32\mshtml.tlb 2011-05-04 02:43:59 222720 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys 2011-05-04 02:43:48 96256 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys 2011-05-04 02:43:41 123392 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2011-05-03 04:50:29 740864 ----a-w- c:\windows\system32\inetcomm.dll 2011-04-29 02:57:34 311296 ----a-w- c:\windows\system32\drivers\srv.sys 2011-04-29 02:57:21 309760 ----a-w- c:\windows\system32\drivers\srv2.sys 2011-04-29 02:57:13 114176 ----a-w- c:\windows\system32\drivers\srvnet.sys 2011-04-28 22:36:29 45115 ----a-w- c:\windows\system32\ANICtl.dll 2011-04-27 02:33:46 78336 ----a-w- c:\windows\system32\drivers\dfsc.sys . ============= FINISH: 14:48:49.29 =============== Thank you in advance!