Malwarebytes scan ve-e-r-r-ry slow - am I still infected?

[Lynn32]

I'll be honest. I'm obsessed. I can't stop scanning, cleaning, and worrying about what may or may not be on my computer. I'm posting this as suggested by Noknojon in the General forum after he and several other posters were unable to figure out why my scans are so slow.

In a not so short nutshell: I was infected by the Internet Security 2010 Trojan on 1/24/10 while downloading videos (for work) off an ftp site. I clicked on the "X" to get rid of the pop-up. D'oh. I immediately scanned with Norton 360 and Spy-Bot. Both said I had 3 problems, but that I'd have to reboot to fix them. When I went to reboot, my BIOS were screwed up - I got a beeping signal from my computer - was able to get to the Windows login, logged in, saw my wallpaper, but no icons or Explorer running, then was immediately logged off. Couldn't access F8 to go into Safe Mode. Used F2 to try to reboot from a Paragon recovery start-up disk I'd made, but it wouldn't work. I have done the following:

• Found a Microsoft site that helped me get into Safe Mode;
  
  
• used my OEM-Windows XP recovery disk to perform recovery tasks and then did a Repair;
  
  
• restored to last known good configuration, which was pre-SP3;
  
  
• found a troubleshooting tool on IE to fix my Internet connection;
  
  
• downloaded Malwarebytes which found not 3, but 10 problems, and fixed them;
  
  
• performed all the Windows Updates including SP3;
  
  
• uninstalled Spy-Bot and purchased Malwarebytes;
  
  
• updated Norton 360;
  
  
• downloaded and scanned (several times) with Super AntiSpyware;
  
  
• Windows Defender (once - should I delete this?);
  
  
• CCleaner;
  
  
• Glary Utilities;
  
  
• ran Tweak UI when none of my drives were found;
  
  
• several CHKDSKs and CHKKDSK /r (no bad sectors);
  
  
• Disk cleanup and Disk defragmenter;
  
  
• Revo Uninstaller (which doesn't always work - I've since manually deleted a lot of old files, folders and (gasp) registry items associated with games/programs I've uninstalled previously, like, years previously);
  
  
• all the things suggested on this forum:
  http://forums.malwarebytes.org/index.php?s...p;#entry200361;
  
  
• and some other things I can't remember, suggested by other websites.
  
  

Although the Attach.txt lists all the programs on my computer, I have to say that all the games listed are supposedly shortcuts, as I download them to my external MyBook. Not that that means anything, but I try to keep my computer somewhat clean of games, the videos I use for work and iTunes. But honestly, sometimes I'm not sure if I'm successful in that or not.

As you can see, I may have read one too many sites and downloaded a few too many programs in my effort to rid my computer of viruses and have it work efficiently. Is something conflicting with Malwarebytes or is there some malware still on my computer? Sorry for the lengthy post. I thought some back story might help. Might not. Here's my logs and zip attachments:

Most recent Malwarebytes Quick Scan log:

Malwarebytes' Anti-Malware 1.44

Database version: 3753

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

2/17/2010 3:07:51 PM

mbam-log-2010-02-17 (15-07-51).txt

Scan type: Quick Scan

Objects scanned: 159648

Time elapsed: 43 minute(s), 8 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

DeFogger log:

DDS (Ver_09-12-01.01) - NTFSx86

Run by Cheryl at 5:03:36.95 on Thu 02/18/2010

Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_18

Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.3326.2696 [GMT -6:00]

AV: Norton 360 *On-access scanning enabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}

FW: Norton 360 *enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

svchost.exe

svchost.exe

C:\WINDOWS\system32\spoolsv.exe

svchost.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Program Files\Norton 360\Engine\3.8.0.41\ccSvcHst.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Norton 360\Engine\3.8.0.41\ccSvcHst.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Documents and Settings\Cheryl\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.yahoo.com/

uSearch Page = hxxp://www.google.com

uSearch Bar = hxxp://www.google.com/ie

uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8

uInternet Settings,ProxyOverride = *.local

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn2\yt.dll

mWinlogon: System=csmcu.exe

BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn2\yt.dll

BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll

BHO: Yahoo! IE Services Button: {5bab4b5b-68bc-4b02-94d6-2fc0de4a7897} - c:\progra~1\yahoo!\common\yiesrvc.dll

BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton 360\engine\3.8.0.41\coIEPlg.dll

BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton 360\engine\3.8.0.41\IPSBHO.DLL

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

BHO: SidebarAutoLaunch Class: {f2aa9440-6328-4933-b7c9-a6ccdf9cbf6d} - c:\program files\yahoo!\browser\YSidebarIEBHO.dll

TB: {BA52B914-B692-46c4-B683-905236F6F655} - No File

TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn2\yt.dll

TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton 360\engine\3.8.0.41\coIEPlg.dll

TB: {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No File

TB: {7754C418-F62E-44AA-B169-E719E718BCFD} - No File

TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File

EB: IESideBar: {dfeff09f-785e-4191-8e5d-a7650a1c4f9a} - shdocvw.dll

EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll

c:\documents and settings\cheryl\local settings\temp\3.tmp\temp00

c:\documents and settings\cheryl\local settings\temp\3.tmp\temp00

c:\documents and settings\cheryl\local settings\temp\3.tmp\temp00

c:\documents and settings\cheryl\local settings\temp\3.tmp\temp00

c:\documents and settings\cheryl\local settings\temp\3.tmp\temp00

c:\documents and settings\cheryl\local settings\temp\3.tmp\temp00

c:\documents and settings\cheryl\local settings\temp\3.tmp\temp00

c:\documents and settings\cheryl\local settings\temp\3.tmp\temp00

c:\documents and settings\cheryl\local settings\temp\3.tmp\temp00

c:\documents and settings\cheryl\local settings\temp\3.tmp\temp00

c:\documents and settings\cheryl\local settings\temp\3.tmp\temp00

c:\documents and settings\cheryl\local settings\temp\3.tmp\temp00

IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000

IE: Lookup on Merriam Webster - file://c:\program files\iespell\Merriam Webster.HTM

IE: Lookup on Wikipedia - file://c:\program files\iespell\wikipedia.HTM

IE: {1F958B09-3312-7f0e-9723-4C1324C57B20}

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll

IE: {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - c:\progra~1\yahoo!\common\yiesrvc.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL

IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll

IE: {DFEFF09F-785E-4191-8E5D-A7650A1C4F9A} - {DFEFF09F-785E-4191-8E5D-A7650A1C4F9A} - shdocvw.dll

Trusted Zone: att.net

Trusted Zone: sbcglobal.net

Trusted Zone: yahoo.com

Trusted Zone: yahoo.com\clientapps

DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab

DPF: Yahoo! Poker - hxxp://download2.games.yahoo.com/games/clients/y/pt3_x.cab

DPF: {01111C00-3E00-11D2-8470-0060089874ED} - hxxp://help.rr.com/Foundrysdccommon/download/tgctlar.cab

DPF: {01113300-3E00-11D2-8470-0060089874ED} - hxxp://supportcenter.rr.com/sdccommon/download/tgctlcm.cab

DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} - hxxp://support.dell.com/systemprofiler/SysPro.CAB

DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://download.microsoft.com/download/e/4/9/e494c802-dd90-4c6b-a074-469358f075a6/OGAControl.cab

DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} - hxxps://support.microsoft.com/OAS/ActiveX/MSDcode.cab

DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} - hxxp://www.musicnotes.com/download/mnviewer.cab

DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204

DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab

DPF: {2AF5BD25-90C5-4EEC-88C5-B44DC2905D8B} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.0.8.cab

DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} - hxxp://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab

DPF: {2ED9BC2B-4DF1-472E-9B5E-55477D2C97F5} - hxxps://support.microsoft.com/OAS/ActiveX/odc.cab

DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper.dll

DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} - hxxp://office.microsoft.com/officeupdate/content/opuc2.cab

DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} - hxxp://www.symantec.com/techsupp/asa/ss/sa/sa_cabs/tgctlsr.cab

DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} - hxxps://support.dell.com/systemprofiler/SysProExe.CAB

DPF: {56393399-041A-4650-94C7-13DFCB1F4665} - hxxp://www.my-etrust.com/Extern/RoadRunner/PestScan/pestscan.cab

DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase4009.cab

DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} - hxxp://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab

DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} - hxxps://webdl.symantec.com/activex/symdlmgr.cab

DPF: {6F6FDB9E-5072-498C-BCB0-2B7F00C49EE7} - hxxp://support.dell.com/systemprofiler/DellSystemLite.CAB

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab

DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} - hxxp://a19.g.akamai.net/7/19/7125/1452/ftp.coupons.com/r3302/cpbrkpie.cab

DPF: {9FC5238F-12C4-454F-B1B5-74599A21DE47} - hxxp://community.webshots.com/html/WSPhotoUploader.CAB

DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} - hxxp://www.winkflash.com/photo/loaders/ImageUploader3.cab

DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - hxxp://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab34246.cab

DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://rapidtext.webex.com/client/T25L/webex/ieatgpc.cab

DPF: {ED28050F-D713-43BA-A376-DCC5C35407D5} - hxxps://music.msn.com/client/msnmusax3209.cab

Handler: symres - {AA1061FE-6C41-421f-9344-69640C9732AB} - c:\program files\norton 360\engine\3.8.0.41\CoIEPlg.dll

Name-Space Handler: ftp\* - {419A0123-4312-1122-A0C0-434FDA6DA542} - c:\program files\coreftp\pftpns.dll

Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

SEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - c:\progra~1\wifd1f~1\MpShHook.dll

SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL

LSA: Notification Packages = scecli scecli

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\cheryl\applic~1\mozilla\firefox\profiles\id1pqfg8.default\

FF - prefs.js: browser.search.selectedEngine - Ask.com

FF - prefs.js: browser.startup.homepage - www.yahoo.com

FF - prefs.js: keyword.URL -

FF - component: c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\coffplgn\components\coFFPlgn.dll

FF - component: c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\ipsffplgn\components\IPSFFPl.dll

FF - plugin: c:\documents and settings\all users\application data\realarcade\npraclient.dll

FF - plugin: c:\documents and settings\cheryl\application data\mozilla\firefox\profiles\id1pqfg8.default\extensions\genipublisher@geni.com\platform\winnt_x86-msvc\plugins\npgenipublisher.dll

FF - plugin: c:\documents and settings\cheryl\application data\mozilla\firefox\profiles\id1pqfg8.default\extensions\moveplayer@movenetworks.com\platform\winnt_x86-msvc\plugins\npmnqmp07076007.dll

FF - plugin: c:\program files\mozilla firefox\extensions\npmozax@real.com\plugins\npmozax.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npCouponPrinter.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npmusicn.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npraclient.dll

FF - plugin: c:\program files\mozilla firefox\plugins\NPTURNMED.dll

FF - plugin: c:\program files\real\realarcade\plugins\mozilla\npracplug.dll

FF - plugin: h:\ipod\mozilla plugins\npitunes.dll

FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\

FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}

FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}

FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}

FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}

============= SERVICES / DRIVERS ===============

R0 hotcore3;Hotcore helper;c:\windows\system32\drivers\hotcore3.sys [2009-4-8 40496]

R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\n360\0308000.029\SymEFA.sys [2010-2-15 310320]

R1 BHDrvx86;Symantec Heuristics Driver;c:\windows\system32\drivers\n360\0308000.029\BHDrvx86.sys [2010-2-15 259632]

R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\n360\0308000.029\cchpx86.sys [2010-2-15 482432]

R1 IDSxpx86;IDSxpx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\ipsdefs\20100210.001\IDSXpx86.sys [2010-2-15 329592]

R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2010-1-5 9968]

R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-1-5 74480]

R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2010-2-2 236368]

R2 N360;Norton 360;c:\program files\norton 360\engine\3.8.0.41\ccSvcHst.exe [2010-2-15 117640]

R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2010-2-15 102448]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-2-2 19160]

R3 NAVENG;NAVENG;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\virusdefs\20100215.054\NAVENG.SYS [2010-2-15 84912]

R3 NAVEX15;NAVEX15;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\virusdefs\20100215.054\NAVEX15.SYS [2010-2-15 1324720]

R3 WsAudioDevice_383;WsAudioDevice_383;c:\windows\system32\drivers\WsAudioDevice_383.sys [2009-9-19 16640]

R3 wsvad_driver;WS Audio Device;c:\windows\system32\drivers\VirtualAudio.sys [2008-11-20 16896]

S2 Parclass;Parclass;c:\windows\system32\drivers\parclass.sys [2005-8-16 19920]

S2 WinDefend;Windows Defender;c:\program files\windows defender\MsMpEng.exe [2006-11-3 13592]

S3 DSSUSBF;DSSUSBF Device;c:\windows\system32\drivers\DSSUSBF.sys [2005-8-16 25381]

S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2009-8-18 50704]

S3 PCTV;PCTV 4XXe USB 2.0 Driver;c:\windows\system32\drivers\pctv4XXe.sys [2008-7-17 327680]

S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [2010-2-3 27064]

S3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2010-1-5 7408]

=============== Created Last 30 ================

2010-02-18 10:55:45 0 ----a-w- c:\documents and settings\cheryl\defogger_reenable

2010-02-16 13:56:48 0 d-----w- c:\program files\SystemRequirementsLab

2010-02-16 03:29:27 0 d-----w- c:\program files\common files\PC Tools

2010-02-16 00:20:07 0 d-----r- c:\program files\Norton Support

2010-02-16 00:07:46 36400 ----a-r- c:\windows\system32\drivers\SymIM.sys

2010-02-16 00:07:39 806 ----a-w- c:\windows\system32\drivers\SYMEVENT.INF

2010-02-16 00:07:39 7456 ----a-w- c:\windows\system32\drivers\SYMEVENT.CAT

2010-02-16 00:07:39 60808 ----a-w- c:\windows\system32\S32EVNT1.DLL

2010-02-16 00:07:39 124976 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS

2010-02-16 00:07:39 0 d-----w- c:\program files\Symantec

2010-02-16 00:06:31 0 d-----w- c:\windows\system32\drivers\N360

2010-02-16 00:06:21 0 d-----w- c:\program files\Norton 360

2010-02-15 23:50:00 0 d-----w- c:\docume~1\alluse~1\applic~1\PCSettings

2010-02-15 23:48:54 0 d-----w- c:\docume~1\alluse~1\applic~1\Norton

2010-02-15 23:48:49 0 d-----w- c:\program files\NortonInstaller

2010-02-15 23:48:49 0 d-----w- c:\docume~1\alluse~1\applic~1\NortonInstaller

2010-02-12 20:14:31 0 d-----w- c:\docume~1\alluse~1\applic~1\SUPERAntiSpyware.com

2010-02-12 20:14:22 0 d-----w- c:\program files\SUPERAntiSpyware

2010-02-12 20:14:22 0 d-----w- c:\docume~1\cheryl\applic~1\SUPERAntiSpyware.com

2010-02-12 20:13:46 0 d-----w- c:\program files\common files\Wise Installation Wizard

2010-02-11 21:35:07 258352 ----a-w- c:\windows\system32\unicows.dll

2010-02-11 21:35:06 1706800 ----a-w- c:\windows\system32\gdiplus.dll

2010-02-11 20:32:06 0 d-----w- c:\docume~1\cheryl\applic~1\HD Audio Recorder

2010-02-10 13:27:38 181120 ------w- c:\windows\system32\MpSigStub.exe

2010-02-09 16:45:56 0 d-----w- c:\program files\Zoner

2010-02-08 22:31:30 116224 -c--a-w- c:\windows\system32\dllcache\xrxwiadr.dll

2010-02-08 22:31:26 23040 -c--a-w- c:\windows\system32\dllcache\xrxwbtmp.dll

2010-02-08 22:31:26 18944 -c--a-w- c:\windows\system32\dllcache\xrxscnui.dll

2010-02-08 22:31:22 27648 -c--a-w- c:\windows\system32\dllcache\xrxftplt.exe

2010-02-08 22:31:18 4608 -c--a-w- c:\windows\system32\dllcache\xrxflnch.exe

2010-02-08 22:31:11 99865 -c--a-w- c:\windows\system32\dllcache\xlog.exe

2010-02-08 22:31:07 16970 -c--a-w- c:\windows\system32\dllcache\xem336n5.sys

2010-02-08 22:31:06 19455 -c--a-w- c:\windows\system32\dllcache\wvchntxx.sys

2010-02-08 22:31:01 12063 -c--a-w- c:\windows\system32\dllcache\wsiintxx.sys

2010-02-08 22:31:00 8192 -c--a-w- c:\windows\system32\dllcache\wshirda.dll

2010-02-08 22:29:56 16925 -c--a-w- c:\windows\system32\dllcache\w940nd.sys

2010-02-08 22:29:52 19016 -c--a-w- c:\windows\system32\dllcache\w926nd.sys

2010-02-08 22:29:48 19528 -c--a-w- c:\windows\system32\dllcache\w840nd.sys

2010-02-08 22:29:43 64605 -c--a-w- c:\windows\system32\dllcache\vvoice.sys

2010-02-08 22:29:38 397502 -c--a-w- c:\windows\system32\dllcache\vpctcom.sys

2010-02-08 22:29:34 604253 -c--a-w- c:\windows\system32\dllcache\vmodem.sys

2010-02-08 22:29:30 249402 -c--a-w- c:\windows\system32\dllcache\vinwm.sys

2010-02-08 22:29:26 24576 -c--a-w- c:\windows\system32\dllcache\viairda.sys

2010-02-08 22:29:19 687999 -c--a-w- c:\windows\system32\dllcache\usrwdxjs.sys

2010-02-08 22:29:15 765884 -c--a-w- c:\windows\system32\dllcache\usrti.sys

2010-02-08 22:29:10 113762 -c--a-w- c:\windows\system32\dllcache\usrpda.sys

2010-02-08 22:29:07 7556 -c--a-w- c:\windows\system32\dllcache\usroslba.sys

2010-02-08 22:29:02 224802 -c--a-w- c:\windows\system32\dllcache\usr1807a.sys

2010-02-08 22:27:55 166784 -c--a-w- c:\windows\system32\dllcache\tridxpm.sys

2010-02-08 22:26:58 81408 -c--a-w- c:\windows\system32\dllcache\tgiul50.dll

2010-02-08 22:25:56 53248 -c--a-w- c:\windows\system32\dllcache\stlncoin.dll

2010-02-08 22:24:55 58368 -c--a-w- c:\windows\system32\dllcache\smiminib.sys

2010-02-08 22:23:59 238592 -c--a-w- c:\windows\system32\dllcache\sisgrv.dll

2010-02-08 22:22:57 17280 -c--a-w- c:\windows\system32\dllcache\scr111.sys

2010-02-08 22:21:59 82432 -c--a-w- c:\windows\system32\dllcache\rwia450.dll

2010-02-08 22:20:56 3328 -c--a-w- c:\windows\system32\dllcache\qv2kux.sys

2010-02-08 22:19:58 75776 -c--a-w- c:\windows\system32\dllcache\philcam1.sys

2010-02-08 22:18:59 31872 -c--a-w- c:\windows\system32\dllcache\ovce.sys

2010-02-08 22:17:59 87040 -c--a-w- c:\windows\system32\dllcache\nm6wdm.sys

2010-02-08 22:16:59 19968 -c--a-w- c:\windows\system32\dllcache\mxnic.sys

2010-02-08 22:16:56 19968 -c--a-w- c:\windows\system32\dllcache\mxicfg.dll

2010-02-08 22:16:53 21888 -c--a-w- c:\windows\system32\dllcache\mxcard.sys

2010-02-08 22:16:49 103296 -c--a-w- c:\windows\system32\dllcache\mtxvideo.sys

2010-02-08 22:16:40 49024 -c--a-w- c:\windows\system32\dllcache\mstape.sys

2010-02-08 22:16:35 12416 -c--a-w- c:\windows\system32\dllcache\msriffwv.sys

2010-02-08 22:16:27 2944 -c--a-w- c:\windows\system32\dllcache\msmpu401.sys

2010-02-08 22:16:25 22016 -c--a-w- c:\windows\system32\dllcache\msircomm.sys

2010-02-08 22:16:16 35200 -c--a-w- c:\windows\system32\dllcache\msgame.sys

2010-02-08 22:16:13 6016 -c--a-w- c:\windows\system32\dllcache\msfsio.sys

2010-02-08 22:16:12 51200 -c--a-w- c:\windows\system32\dllcache\msdv.sys

2010-02-08 22:14:59 4992 -c--a-w- c:\windows\system32\dllcache\loop.sys

2010-02-08 22:13:57 5632 -c--a-w- c:\windows\system32\dllcache\kbd103.dll

2010-02-08 22:12:58 100992 -c--a-w- c:\windows\system32\dllcache\icam5usb.sys

2010-02-08 22:11:58 44863 -c--a-w- c:\windows\system32\dllcache\hsf_soar.sys

2010-02-08 22:10:58 119296 -c--a-w- c:\windows\system32\dllcache\hpdigwia.dll

2010-02-08 22:09:54 22090 -c--a-w- c:\windows\system32\dllcache\fem556n5.sys

2010-02-08 22:08:58 6400 -c--a-w- c:\windows\system32\dllcache\enum1394.sys

2010-02-08 22:07:58 6216 -c--a-w- c:\windows\system32\dllcache\divaci.dll

2010-02-08 22:06:59 72832 -c--a-w- c:\windows\system32\dllcache\cwbwdm.sys

2010-02-08 22:05:59 121856 -c--a-w- c:\windows\system32\dllcache\camext30.dll

2010-02-08 22:04:59 144384 -c--a-w- c:\windows\system32\dllcache\avmenum.dll

2010-02-08 22:01:05 46112 -c--a-w- c:\windows\system32\dllcache\adptsf50.sys

2010-02-08 22:01:04 747392 -c--a-w- c:\windows\system32\dllcache\adm8830.sys

2010-02-08 22:01:04 10880 -c--a-w- c:\windows\system32\dllcache\admjoy.sys

2010-02-08 22:01:03 584448 -c--a-w- c:\windows\system32\dllcache\adm8810.sys

2010-02-08 22:01:03 553984 -c--a-w- c:\windows\system32\dllcache\adm8820.sys

2010-02-08 22:01:02 7424 -c--a-w- c:\windows\system32\dllcache\adicvls.sys

2010-02-08 22:01:02 20160 -c--a-w- c:\windows\system32\dllcache\adm8511.sys

2010-02-08 22:01:00 61440 -c--a-w- c:\windows\system32\dllcache\acerscad.dll

2010-02-08 18:39:58 0 d-----w- c:\program files\CCleaner

2010-02-08 15:48:31 1338 -c--a-w- C:\dvdauthor.xml

2010-02-07 23:54:43 0 d-----w- c:\program files\trend micro

2010-02-07 22:03:31 991232 ----a-w- c:\windows\system32\virtear.dll

2010-02-07 22:03:31 65536 ----a-w- c:\windows\system32\Audio3d.dll

2010-02-07 22:03:31 0 d-----w- c:\windows\VirtualEar

2010-02-07 22:03:31 0 d-----w- c:\program files\Analog Devices

2010-02-07 22:03:30 49152 ----a-w- c:\windows\system32\DSndUp.exe

2010-02-07 22:03:30 45056 ----a-w- c:\windows\system32\CleanUp.exe

2010-02-07 21:59:08 5 ----a-w- c:\windows\system32\drivers\DELL_DIM_4700.MRK

2010-02-07 21:59:08 5 ----a-w- c:\windows\system32\drivers\1028_DELL_DIM_4700.MRK

2010-02-07 21:56:37 765952 ----a-w- c:\windows\system\crlds3d.dll

2010-02-07 21:56:37 732928 ----a-w- c:\windows\system32\drivers\senfilt.sys

2010-02-07 21:56:37 311296 ----a-w- c:\windows\system32\Edcrypt.dll

2010-02-07 21:56:37 23040 ----a-w- c:\windows\system32\PostProc.dll

2010-02-04 04:05:56 6144 -c--a-w- c:\windows\system32\dllcache\snmpmib.dll

2010-02-04 04:04:59 19456 -c--a-w- c:\windows\system32\dllcache\agt0412.dll

2010-02-04 04:03:55 39936 -c--a-w- c:\windows\system32\dllcache\snmpthrd.dll

2010-02-04 04:03:55 331264 -c--a-w- c:\windows\system32\dllcache\aqueue.dll

2010-02-04 04:03:55 101888 -c--a-w- c:\windows\system32\dllcache\evntagnt.dll

2010-02-04 04:03:34 294912 -c----w- c:\windows\system32\dllcache\dlimport.exe

2010-02-04 01:42:36 989696 -c--a-w- c:\windows\system32\dllcache\kernel32.dll

2010-02-04 01:01:48 2897920 ------w- c:\windows\system32\_006488_.tmp.dll

2010-02-04 00:03:38 0 dc----w- C:\tmp

2010-02-03 23:37:28 69120 -c----w- c:\windows\system32\dllcache\iecompat.dll

2010-02-03 23:36:52 594432 -c----w- c:\windows\system32\dllcache\msfeeds.dll

2010-02-03 23:36:52 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll

2010-02-03 23:36:52 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll

2010-02-03 23:36:51 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll

2010-02-03 23:36:51 1985536 -c----w- c:\windows\system32\dllcache\iertutil.dll

2010-02-03 23:36:51 11070464 -c----w- c:\windows\system32\dllcache\ieframe.dll

2010-02-03 22:47:13 266360 ----a-w- c:\windows\system32\TweakUI.exe

2010-02-03 22:47:13 160217 ----a-w- c:\windows\system32\PowerToysLicense.rtf

2010-02-03 20:18:17 166612480 -c--a-w- C:\HDM2009Special_ea.msi

2010-02-03 14:33:01 2145280 -c--a-w- c:\windows\system32\dllcache\ntkrnlmp.exe

2010-02-03 14:32:59 2023936 -c--a-w- c:\windows\system32\dllcache\ntkrpamp.exe

2010-02-03 14:32:13 2560 ------w- c:\windows\system32\xpsp4res.dll

2010-02-03 13:49:18 27064 ----a-w- c:\windows\system32\drivers\revoflt.sys

2010-02-02 08:54:06 0 d-----w- c:\docume~1\cheryl\applic~1\Malwarebytes

2010-02-02 08:54:00 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2010-02-02 08:53:59 0 d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes

2010-02-02 08:53:58 19160 ----a-w- c:\windows\system32\drivers\mbam.sys

2010-02-02 08:53:58 0 d-----w- c:\program files\Malwarebytes' Anti-Malware

2010-02-01 17:04:58 9728 -c--a-w- c:\windows\system32\dllcache\query.exe

2010-02-01 17:03:59 43520 -c--a-w- c:\windows\system32\dllcache\EXCH_fcachdll.dll

2010-02-01 17:01:32 488 ---ha-r- c:\windows\system32\logonui.exe.manifest

2010-02-01 17:01:25 749 ---ha-r- c:\windows\WindowsShell.Manifest

2010-02-01 17:01:25 749 ---ha-r- c:\windows\system32\wuaucpl.cpl.manifest

2010-02-01 17:01:25 749 ---ha-r- c:\windows\system32\sapi.cpl.manifest

2010-02-01 17:01:25 749 ---ha-r- c:\windows\system32\ncpa.cpl.manifest

2010-02-01 17:00:40 16384 -c--a-w- c:\windows\system32\dllcache\isignup.exe

2010-02-01 17:00:03 32768 -c--a-w- c:\windows\system32\dllcache\icwdl.dll

2010-02-01 15:15:11 24661 -c--a-w- c:\windows\system32\dllcache\spxcoins.dll

2010-02-01 15:15:11 24661 ----a-w- c:\windows\system32\spxcoins.dll

2010-02-01 15:15:11 13312 -c--a-w- c:\windows\system32\dllcache\irclass.dll

2010-02-01 15:15:11 13312 ----a-w- c:\windows\system32\irclass.dll

2010-02-01 15:14:38 8574 -c--a-w- c:\windows\system32\dllcache\IASNT4.CAT

2010-02-01 15:14:38 797189 -c--a-w- c:\windows\system32\dllcache\NT5IIS.CAT

2010-02-01 15:14:38 7710 -c--a-w- c:\windows\system32\dllcache\OEMBIOS.CAT

2010-02-01 15:14:38 7334 -c--a-w- c:\windows\system32\dllcache\wmerrenu.cat

2010-02-01 15:14:38 399645 -c--a-w- c:\windows\system32\dllcache\MAPIMIG.CAT

2010-02-01 15:14:38 37484 -c--a-w- c:\windows\system32\dllcache\MW770.CAT

2010-02-01 15:14:38 13472 -c--a-w- c:\windows\system32\dllcache\HPCRDP.CAT

2010-02-01 15:14:38 1042903 -c--a-w- c:\windows\system32\dllcache\SP2.CAT

2010-02-01 15:14:34 13753 ----a-r- c:\windows\SET117.tmp

2010-02-01 15:14:30 1086058 ----a-r- c:\windows\SET10B.tmp

2010-02-01 15:14:27 1042903 ----a-r- c:\windows\SET108.tmp

2010-01-31 23:49:45 0 d-----w- c:\windows\dell

2010-01-31 08:27:24 0 d-----w- c:\windows\tmp

2010-01-24 08:07:27 0 ----a-w- c:\windows\system32\18467.exe

2010-01-24 07:42:26 1 -c--a-w- C:\s

==================== Find3M ====================

2010-02-16 00:07:23 26600 ----a-r- c:\windows\system32\drivers\GEARAspiWDM.sys

2010-02-16 00:07:13 107368 ----a-r- c:\windows\system32\GEARAspi.dll

2010-02-04 23:48:14 2828 --sha-w- c:\windows\system32\KGyGaAvL.sys

2010-02-01 16:57:45 23460 -c--a-w- c:\windows\system32\emptyregdb.dat

2009-12-31 16:50:03 353792 ----a-w- c:\windows\system32\drivers\srv.sys

2009-12-22 05:35:05 81920 ------w- c:\windows\system32\ieencode.dll

2009-12-21 19:14:05 916480 ----a-w- c:\windows\system32\wininet.dll

2009-12-17 23:14:00 411368 ----a-w- c:\windows\system32\deploytk.dll

2009-12-16 18:43:27 343040 ----a-w- c:\windows\system32\mspaint.exe

2009-12-14 07:08:23 33280 ----a-w- c:\windows\system32\csrsrv.dll

2009-12-08 19:27:51 2189184 ----a-w- c:\windows\system32\ntoskrnl.exe

2009-12-08 18:43:50 2066048 ----a-w- c:\windows\system32\ntkrnlpa.exe

2009-12-05 05:18:43 101568 ---ha-w- c:\windows\system32\mlfcache.dat

2009-11-27 17:11:44 17920 ----a-w- c:\windows\system32\msyuv.dll

2009-11-27 17:11:44 1291776 ----a-w- c:\windows\system32\quartz.dll

2009-11-27 16:07:35 8704 ----a-w- c:\windows\system32\tsbyuv.dll

2009-11-27 16:07:35 28672 ----a-w- c:\windows\system32\msvidc32.dll

2009-11-27 16:07:34 84992 ----a-w- c:\windows\system32\avifil32.dll

2009-11-27 16:07:34 48128 ----a-w- c:\windows\system32\iyuv_32.dll

2009-11-27 16:07:34 11264 ----a-w- c:\windows\system32\msrle32.dll

2008-02-01 06:15:29 30924 ----a-w- c:\windows\inf\USBkey.sys

2005-07-23 02:17:01 774144 -c--a-w- c:\program files\RngInterstitial.dll

2004-03-30 23:57:30 8042 ----a-w- c:\program files\Readme.txt

2004-03-17 23:13:46 1028368 -c--a-w- c:\program files\vbrun60sp6.exe

2004-03-10 01:33:28 31098 ----a-w- c:\program files\CSI.dir

2004-03-09 22:36:20 766 ----a-r- c:\program files\uninst.ico

2004-03-09 22:36:12 1320 ----a-w- c:\program files\Lingo.ini

2004-03-09 22:36:06 24206 ----a-r- c:\program files\CSI.ico

2002-07-27 00:02:06 153088 ----a-w- c:\program files\UNWISE.EXE

2006-07-10 20:09:02 88 --sha-r- c:\windows\system32\7AFCA70694.sys

2008-09-10 21:11:31 8 --sha-r- c:\windows\system32\F52E0BC2DA.sys

2008-08-30 00:16:39 32768 --sha-w- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008082920080830\index.dat

============= FINISH: 5:05:05.60 ===============

Attach.zip

ark.zip

[MAM]

Post removed by moderator...please read This Forum Pinned Topic before complying with any instruction suggested for you. Thanks!

[Lynn32]

I got tired of waiting on this, so I emailed support, which since I paid for Malwarebytes I should have done in the first place, but got a response that fixed the problem. Moderator, should I post that fix or will you just close this topic as completed? If indeed there's someone out there in Moderator-land that will read this. Thanks.

[screen317]

Since this issue is resolved I will close the thread to prevent others from posting here. If you need assistance please start your own topic and someone will be happy to assist you.