tetonbob

Looks like you've been battling infections prior to this...as I see vundo files, VundoFix and VirtumondeBegone. How long ago was this battle?

---------------------------------------------------------------------------------------------

Go to Start->Run Then copy and paste the following into the run box, then press Enter.

sc stop MicroService32

Repeat the process for next command. Go to Start->Run Then copy and paste the following into the run box, then press Enter.

sc delete MicroService32


Restart your system.

Go to My Computer->Tools->Folder Options->View tab:
* Under the Hidden files and folders heading, select Show hidden files and folders.
* Uncheck the Hide protected operating system files (recommended) option.
* Also make sure there is no checkmark beside Hide file extensions for known file types
* Click Yes to confirm and then click OK.


Delete the following if they exist:

C:\Documents and Settings\WindowsXP\My Documents\Spyware Programs\backups\backup-20051231-082119-305.dll
C:\Documents and Settings\WindowsXP\Shared\Top of Charts - 2005 (scrappin).wm
C:\WINDOWS\system32\ddccd.dll.vir
C:\WINDOWS\system32\pmkjj.dll.vir
C:\WINDOWS\system32\pmnnk.dll
C:\WINDOWS\msvcrs.exe

If they resist deletion, boot to safe mode and deleted them from there. Let me know if you cannot find any, or delete them.

---------------------------------------------------------------------------------------------

1. Download combofix from one of these locations:
   • http://www.techsupportforum.com/sectools/combofix.exe
   • http://download.bleepingcomputer.com/sUBs/combofix.exe
2. Double click on combofix.exe & follow the prompts.
3. When finished, it shall produce a log for you. Post that log in your next reply

Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall

---------------------------------------------------------------------------------------------

Also post a new HJT log.

How is your system behaving now, please?