Windows Media Player (and more) not working due to, I think, some kind of virus

[Crivello]

Hi,

I have run DDS and will post the log in this message. However, for some reason bitzipper is not working for me right now so I am not able to attach the 'Attach' file in zip form. I will be able to rectify this if it is very important.

Now for the backstory, if you will excuse me: About a week ago I had a lot of viruses and spyware on my computer. I got rid of lots of them using antivirus and anti-spyware programs and then sorted out my registry using a registry cleaner program.

Everything seemed to be working fine after this except that windows media player will no longer rip CDs at its usual speed. In fact it is very, very slow and almost impossible to use for ripping CDs. I have also noticed that avira antivirus also takes a very long time to download updates.

Another thing is that Spybot S&D keeps telling me that an important registry has been changed, usually when I turn the computer on and also at seemingly random times throughout the day. Other than this the computer works as usual.

All this leads me to believe that there is still some kind of unsavoury file or something running around in my computer. Thus I have come here for the possible help of some experts. Thank you.

here is the DDS log:

DDS (Ver_09-02-01.01) - NTFSx86
Run by Joe at 22:35:37.25 on 22/02/2009
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_11
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.502.153 [GMT 0:00]

AV: Avira AntiVir PersonalEdition *On-access scanning enabled* (Updated)
AV: avast! antivirus 4.8.1335 [VPS 090221-0] *On-access scanning disabled* (Updated)

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Premium\sched.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Premium\avguard.exe
C:\Program Files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Common Files\AOL\1216407286\ee\AOLSoftware.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\avgnt.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\avesvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Registry Mechanic\RegMech.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\AOL 9.0\aoltray.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\LG PC Suite\LG PC Sync\LGSyncManager.exe
C:\Program Files\Micronet SP907GK Wireless Network Utility\RtWLan.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Avira\AntiVir PersonalEdition Premium\avmailc.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\AVWEBGRD.EXE
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Documents and Settings\Joe\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.co.uk/
uSearch Page = hxxp://g.msn.co.uk/0SEENGB/SAOS01?FORM=TOOLBR
uSearch Bar = hxxp://g.msn.co.uk/0SEENGB/SAOS01?FORM=TOOLBR
uDefault_Page_URL = http://www.google.co.uk/ig/dell?hl=e...uk&ibd=4061121
uSearchMigratedDefaultURL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://g.msn.co.uk/0SEENGB/SAOS01?FORM=TOOLBR
uURLSearchHooks: BitZipperSearch Toolbar: {97bceb59-cfcd-4b16-a863-b3f72cf9f196} - c:\program files\bitzippersearch\tbBit0.dll
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Winamp Toolbar BHO: {25cee8ec-5730-41bc-8b58-22ddc8ab8c20} - c:\program files\winamp toolbar\winamptb.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot - search & destroy\SDHelper.dll
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\DLASHX_W.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - No File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: BitZipperSearch Toolbar: {97bceb59-cfcd-4b16-a863-b3f72cf9f196} - c:\program files\bitzippersearch\tbBit0.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\4.1.805.4472\swg.dll
BHO: Windows Live Toolbar Helper: {bdbd1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll
BHO: NoExplorer - No File
BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\bae\BAE.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Windows Live Toolbar: {bdad1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll
TB: Winamp Toolbar: {ebf2ba02-9094-4c5a-858b-bb198f3d8de2} - c:\program files\winamp toolbar\winamptb.dll
TB: {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - No File
TB: BitZipperSearch Toolbar: {97bceb59-cfcd-4b16-a863-b3f72cf9f196} - c:\program files\bitzippersearch\tbBit0.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
uRun: [DellSupport] "c:\program files\dell support\DSAgnt.exe" /startup
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
uRun: [RegistryMechanic] c:\program files\registry mechanic\RegMech.exe /H
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [SigmatelSysTrayApp] stsystra.exe
mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\Iaanotif.exe
mRun: [DMXLauncher] c:\program files\dell\media experience\DMXLauncher.exe
mRun: [AOLDialer] c:\program files\common files\aol\acs\AOLDial.exe
mRun: [DLA] c:\windows\system32\dla\DLACTRLW.EXE
mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [EPSON Stylus C62 Series] c:\windows\system32\spool\drivers\w32x86\3\E_S10IC2.EXE /P23 "EPSON Stylus C62 Series" /O6 "USB001" /M "Stylus C62"
mRun: [Corel Photo Downloader] c:\program files\corel\corel snapfire plus\Corel Photo Downloader.exe
mRun: [MSKDetectorExe] c:\program files\mcafee\spamkiller\MSKDetct.exe /uninstall
mRun: [IMJPMIG8.1] "c:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
mRun: [IMEKRMIG6.1] c:\windows\ime\imkr6_1\IMEKRMIG.EXE
mRun: [MSPY2002] c:\windows\system32\ime\pintlgnt\ImScInst.exe /SYNC
mRun: [PHIME2002ASync] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNC
mRun: [PHIME2002A] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMEName
mRun: [WinampAgent] "c:\program files\winamp\winampa.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [HostManager] c:\program files\common files\aol\1216407286\ee\AOLSoftware.exe
mRun: [avast!] "c:\program files\alwil software\avast4\ashDisp.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [CanonSolutionMenu] c:\program files\canon\solutionmenu\CNSLMAIN.exe /logon
mRun: [CanonMyPrinter] c:\program files\canon\myprinter\BJMyPrt.exe /logon
mRun: [SSBkgdUpdate] "c:\program files\common files\scansoft shared\ssbkgdupdate\SSBkgdupdate.exe" -Embedding -boot
mRun: [OpwareSE4] "c:\program files\scansoft\omnipagese4\OpwareSE4.exe"
mRun: [avgnt] "c:\program files\avira\antivir personaledition premium\avgnt.exe" /min
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
dRun: [Picasa Media Detector] c:\program files\picasa2\PicasaMediaDetector.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\aol90t~1.lnk - c:\program files\aol 9.0\aoltray.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\dslmon.lnk - c:\program files\sagem\sagem f@st 800-840\dslmon.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\lgsync~1.lnk - c:\program files\lg pc suite\lg pc sync\LGSyncManager.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\lgsync~2.lnk - c:\program files\lg pc suite\lg pc sync\LGSyncManager.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micronet sp907gk wireless network utility.lnk - c:\program files\micronet sp907gk wireless network utility\RtWLan.exe
IE: &Winamp Toolbar Search - c:\documents and settings\all users\application data\winamp toolbar\ietoolbar\resources\en-us\local\search.html
IE: &Windows Live Search - c:\program files\windows live toolbar\msntb.dll/search.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Open in new background tab - c:\program files\windows live toolbar\components\en-gb\msntabres.dll.mui/229?aa2581a214914817a2641556328c6cab
IE: Open in new foreground tab - c:\program files\windows live toolbar\components\en-gb\msntabres.dll.mui/230?aa2581a214914817a2641556328c6cab
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot - search & destroy\SDHelper.dll
LSP: avsda.dll
DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - hxxp://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\Skype4COM.dll
Notify: igfxcui - igfxdev.dll
AppInit_DLLs: c:\progra~1\google\google~1\goec62~1.dll c:\progra~1\google\google~1\GoogleDesktopNetwork3.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\joe\applic~1\mozilla\firefox\profiles\apcpt3ma.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1304867&SearchSource=3&q=
FF - prefs.js: browser.search.selectedEngine - Web Search
FF - prefs.js: browser.startup.homepage - hxxp://en-GB.start.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:en-GB:official
FF - prefs.js: keyword.URL - hxxp://uk.search.yahoo.com/search?ei=utf-8&fr=megaup&p=
FF - component: c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
FF - plugin: c:\program files\google\google updater\2.4.1368.5602\npCIDetect13.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npGoogleGadgetPluginFirefoxWin.dll
FF - plugin: c:\program files\picasa2\npPicasa2.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll

---- FIREFOX POLICIES ----
FF - user.js: general.useragent.extra.zencast - Creative ZENcast v1.02.10
============= SERVICES / DRIVERS ===============

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-8-26 114768]
R1 avgio;avgio;c:\program files\avira\antivir personaledition premium\avgio.sys [2009-1-26 11840]
R2 AntiVirMailService;Avira AntiVir Premium MailGuard;c:\program files\avira\antivir personaledition premium\avmailc.exe [2009-1-26 164097]
R2 AntiVirScheduler;Avira AntiVir Premium Scheduler;c:\program files\avira\antivir personaledition premium\sched.exe [2009-1-26 68865]
R2 AntiVirService;Avira AntiVir Premium Guard;c:\program files\avira\antivir personaledition premium\avguard.exe [2009-1-26 151297]
R2 antivirwebservice;Avira AntiVir Premium WebGuard;c:\program files\avira\antivir personaledition premium\avwebgrd.exe [2009-1-26 258305]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2008-8-26 20560]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast4\ashServ.exe [2008-8-26 138680]
R2 AVEService;Avira AntiVir Premium MailGuard helper service;c:\program files\avira\antivir personaledition premium\avesvc.exe [2009-1-26 41217]
R2 EAPPkt;Realtek EAPPkt Protocol;c:\windows\system32\drivers\EAPPkt.sys [2009-1-5 38144]
R2 hnmwrlspkt;HomeNet Manager Wireless Protocol;c:\windows\system32\drivers\hnm_wrls_pkt.sys [2006-1-12 13696]
R2 wsppkt;Wireless Security Protocol;c:\windows\system32\drivers\wsp_pkt.sys [2006-1-12 13568]
R3 avgntflt;avgntflt;c:\program files\avira\antivir personaledition premium\avgntflt.sys [2009-1-26 52032]
R3 RTL8187B;Realtek RTL8187B Wireless 802.11g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\drivers\rtl8187B.sys [2009-1-5 238976]
S3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast4\ashMaiSv.exe [2008-8-26 254040]
S3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast4\ashWebSv.exe [2008-8-26 352920]
S3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245;c:\program files\google\google desktop search\GoogleDesktop.exe [2006-11-21 29744]
S3 k600bus;Sony Ericsson 600i driver (WDM);c:\windows\system32\drivers\k600bus.sys [2005-5-11 52384]
S3 k600mdfl;Sony Ericsson 600i USB WMC Modem Filter;c:\windows\system32\drivers\k600mdfl.sys [2005-5-11 6096]
S3 k600mdm;Sony Ericsson 600i USB WMC Modem Drivers;c:\windows\system32\drivers\k600mdm.sys [2005-5-11 87456]
S3 k600mgmt;Sony Ericsson 600i USB WMC Device Management Drivers;c:\windows\system32\drivers\k600mgmt.sys [2005-5-11 79248]
S3 k600obex;Sony Ericsson 600i USB WMC OBEX Interface Drivers;c:\windows\system32\drivers\k600obex.sys [2005-5-11 77072]

============== File Associations ===============

regfile="regedit.exe" "%1"

=============== Created Last 30 ================

2009-02-22 22:05 900,015 a------- c:\windows\system32\TmpA3345000
2009-02-22 21:05 <DIR> --d----- c:\program files\ACW
2009-02-22 20:53 <DIR> --d----- c:\program files\CCleaner
2009-02-16 12:51 <DIR> --d----- c:\program files\Spybot - Search & Destroy
2009-02-16 12:51 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
2009-02-16 12:34 <DIR> --d----- c:\docume~1\joe\applic~1\Antispyware
2009-02-16 12:34 <DIR> --d----- c:\program files\Antispyware
2009-02-15 11:48 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Propellerhead Software
2009-02-15 11:48 233,472 a------- c:\windows\system32\REX Shared Library.dll
2009-02-15 11:48 <DIR> --d----- c:\docume~1\joe\applic~1\Propellerhead Software
2009-02-13 12:33 <DIR> -cd-h--- c:\docume~1\alluse~1\applic~1\{A7D85626-A409-49D8-A79F-BB044F909E62}
2009-02-13 12:14 225,280 a------- c:\windows\system32\rewire.dll
2009-02-13 12:14 <DIR> --d----- c:\program files\VstPlugins
2009-02-13 12:14 1,294,336 a------- c:\windows\system32\vorbis.acm
2009-02-13 12:13 <DIR> --d----- c:\program files\Outsim
2009-02-13 12:10 <DIR> --d----- c:\program files\Image-Line
2009-02-11 19:26 <DIR> --d----- c:\program files\DNA
2009-02-11 19:26 <DIR> --d----- c:\docume~1\joe\applic~1\DNA
2009-02-11 14:42 <DIR> --d----- c:\program files\Mixxx
2009-01-27 17:09 664 a------- c:\windows\system32\d3d9caps.dat
2009-01-26 20:09 <DIR> --d----- c:\program files\Avira
2009-01-26 20:09 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Avira
2009-01-25 12:50 <DIR> --d----- c:\docume~1\alluse~1\applic~1\CrucialSoft Ltd

==================== Find3M ====================

2009-02-22 14:52 58,580 ac------ c:\docume~1\joe\applic~1\wklnhst.dat
2009-02-11 21:32 5,694 ac-sh--- c:\windows\system32\KGyGaAvL.sys
2009-01-16 21:35 3,594,752 a------- c:\windows\system32\dllcache\mshtml.dll
2009-01-05 11:14 21,035 a------- c:\windows\system32\drivers\AegisP.sys
2009-01-04 11:45 410,984 a------- c:\windows\system32\deploytk.dll
2008-12-19 09:10 70,656 a------- c:\windows\system32\dllcache\ie4uinit.exe
2008-12-19 09:10 13,824 -------- c:\windows\system32\dllcache\ieudinit.exe
2008-12-19 05:25 634,024 a------- c:\windows\system32\dllcache\iexplore.exe
2008-12-19 05:23 161,792 a------- c:\windows\system32\dllcache\ieakui.dll
2008-12-11 10:57 333,952 -------- c:\windows\system32\dllcache\srv.sys
2008-09-03 15:33 478,720 a------- c:\documents and settings\joe\_online.exe

============= FINISH: 22:37:00.51 ===============

[chemist]

Hello and Welcome to TSF.

We need to see all 3 logs in order to help you. It's OK if you can't zip them, just attach them.

We want all our members to perform the steps outlined in the link I'll give you below, before posting for assistance. There's a sticky at the top of this forum, and a

Quote:

Having problems with spyware and pop-ups? First Steps

link at the top of each page.

------------------------------------------------------

Please follow our pre-posting process outlined here:

NEW INSTRUCTIONS - Read This Before Posting For Malware Removal Help

After running through all the steps, you shall have a proper set of logs. Please post them in a new thread, as this one shall be closed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

Please note that the Virus/Trojan/Spyware Help forum is extremely busy, and it may take a while to receive a reply.

------------------------------------------------------