when i try to install malewarebytes i get this message "Unable to execute file: C:\Program Files\Malwarebytes' Anti-Malware/mbam.exe"
I read a post from this forum that asked for the Attach.txt, DDS.txt, and GMER.tex files and past them here. (i hope making a new post is ok. i didn't want to get my problem and his confused)
other information that could be useful:
A. i use AVG virus program
B. There IS a virus or some sort of trojan on my computer. However, both avg and Spybot search and destroy are not dectecting them. i only know that its there becasue it creates randome pop-ups to sights that have no pop-ups and when using a search engin like google, it redirects me to whatever sight it wants too D: So here is the other 3 things that i thought may be usefuly to you. Thank you for nay help you can give.
FROM the Attach txt i get this:
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
DDS (Ver_09-10-26.01)
Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume1
Install Date: 8/11/2009 11:05:59 PM
System Uptime: 11/6/2009 7:16:31 PM (-1 hours ago)
Motherboard: Gigabyte Technology Co., Ltd. | | GA-MA770-S3
Processor: AMD Athlon™ 64 Processor 3800+ | Socket M2 | 2411/200mhz
==== Disk Partitions =========================
A: is Removable
C: is FIXED (NTFS) - 149 GiB total, 127.156 GiB free.
D: is CDROM (UDF)
==== Disabled Device Manager Items =============
Class GUID: {D45B1C18-C8FA-11D1-9F77-0000F805F530}
Description: NT Apm/Legacy Interface Node
Device ID: ROOT\NTAPM\0000
Manufacturer: Microsoft
Name: NT Apm/Legacy Interface Node
PNP Device ID: ROOT\NTAPM\0000
Service: NtApm
==== System Restore Points ===================
No restore point in system.
==== Installed Programs ======================
32 Bit HP CIO Components Installer
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 7.0
Apple Application Support
Apple Mobile Device Support
Apple Software Update
AVG Free 9.0
Belkin N Wireless USB Adapter Software
BufferChm
Copy
CustomerResearchQFolder
Destination Component
DeviceDiscovery
DeviceManagementQFolder
DJ_AIO_03_F2200_ProductContext
DJ_AIO_03_F2200_Software
DJ_AIO_03_F2200_Software_Min
eSupportQFolder
F2200
F2200_Help
GIMP 2.6.7
GPBaseService
High Definition Audio Driver Package - KB888111
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB926239)
Hotfix for Windows XP (KB935448)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB970653-v3)
HP Customer Participation Program 10.0
HP Deskjet F2200 All-In-One Driver Software 10.0 Rel .3
HP Imaging Device Functions 10.0
HP Photosmart Essential 2.5
HP Smart Web Printing
HP Solution Center 10.0
HP Update
HPProductAssistant
HPSSupply
IMVU Avatar Chat Software
iTunes
Malwarebytes' Anti-Malware
MarketResearch
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Mozilla Firefox (3.5.5)
MSN
MSXML 4.0 SP2 (KB954430)
Nero Suite
Norton Security Scan
NVIDIA Drivers
Orban/Coding Technologies AAC/aacPlus Player Plugin™ 1.0
PSSWCORE
Puzzle Pirates
QuickTime
RealPlayer
REALTEK GbE & FE Ethernet PCI-E NIC Driver
Realtek High Definition Audio Driver
Scan
SecondLifeReleaseCandidate (remove only)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB944338-v2)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958470)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371-v2)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972260)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974455)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Shop for HP Supplies
SmartWebPrintingOC
SolutionCenter
Spybot - Search & Destroy
Status
TeamSpeak 2 RC2
Toolbox
TrayApp
UnloadSupport
Update for Windows XP (KB898461)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB973815)
VideoToolkit01
WebFldrs XP
WebReg
Windows Driver Package - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)
Windows Installer 3.1 (KB893803)
Windows Media Format 11 runtime
Windows Media Player 11
World of Warcraft
Yahoo! Messenger
Yahoo! Software Update
Yahoo! Toolbar
==== Event Viewer Messages From Past Week ========
11/4/2009 12:35:52 AM, error: PlugPlayManager [12] - The device 'Microsoft Kernel Acoustic Echo Canceller' (Root\LEGACY_AEC\0000) disappeared from the system without first being prepared for removal.
11/3/2009 10:24:49 PM, error: Service Control Manager [7023] - The Application Management service terminated with the following error: The specified module could not be found.
11/3/2009 10:23:52 PM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
11/2/2009 7:08:39 PM, error: Service Control Manager [7022] - The HP CUE DeviceDiscovery Service service hung on starting.
==== End Of File ===========================
FROM the DDS.txt i get this:
DDS (Ver_09-10-26.01) - NTFSx86
Run by robyn at 18:46:19.30 on Fri 11/06/2009
Internet Explorer: 6.0.2900.2180
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.1022.432 [GMT -6:00]
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
============== Running Processes ===============
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\WINDOWS\system32\svchost.exe -k hpdevmgmt
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\AVG\AVG9\avgemc.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\Program Files\Belkin\F5D8053\v5\Belkinwcui.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Documents and Settings\robyn\My Documents\Downloads\mbam-setup(4).exe
C:\DOCUME~1\robyn\LOCALS~1\Temp\is-GNBJ9.tmp\mbam-setup(4).tmp
C:\Documents and Settings\robyn\My Documents\Downloads\dds.scr
============== Pseudo HJT Report ===============
uStart Page = hxxp://www.yahoo.com
uSearch Page = hxxp://red.clientapps.yahoo.com/customize/ptec/defaults/sp/*http://www.yahoo.com
uSearch Bar = hxxp://red.clientapps.yahoo.com/customize/ptec/defaults/sb/*http://www.yahoo.com/search/ie.html
mDefault_Page_URL = hxxp://www.yahoo.com
mStart Page = hxxp://www.yahoo.com
uSearchURL,(Default) = hxxp://red.clientapps.yahoo.com/customize/ptec/defaults/su/*http://www.yahoo.com
uURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg9\toolbar\IEToolbar.dll
uURLSearchHooks: H - No File
uURLSearchHooks: H - No File
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn1\yt.dll
mWinlogon: Shell=Explorer.exe logon.exe
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn1\yt.dll
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg9\avgssie.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg9\toolbar\IEToolbar.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn1\YTSingleInstance.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program files\avg\avg9\toolbar\IEToolbar.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn1\yt.dll
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
uRun: [Messenger (Yahoo!)] "c:\program files\yahoo!\messenger\YahooMessenger.exe" -quiet
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [Alcmtr] ALCMTR.EXE
mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [hpqSRMon] c:\program files\hp\digital imaging\bin\hpqSRMon.exe
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [AVG9_TRAY] c:\progra~1\avg\avg9\avgtray.exe
mRun: [wimeramuv] Rundll32.exe "c:\windows\system32\sewoladu.dll",a
mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\belkin~2.lnk - c:\program files\belkin\f5d8053\v5\Belkinwcui.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
IE: &Search - ?p=ZLfox000
IE: {d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\documents and settings\robyn\start menu\programs\imvu\Run IMVU.lnk
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg9\avgpp.dll
Notify: avgrsstarter - avgrsstx.dll
AppInit_DLLs: hawupopa.dll c:\windows\system32\sewoladu.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SSODL: lowofiseg - {05e00f4d-d52d-47ab-8f03-f7299250cc3a} - c:\windows\system32\sewoladu.dll
STS: jugezatag: {05e00f4d-d52d-47ab-8f03-f7299250cc3a} - c:\windows\system32\sewoladu.dll
LSA: Notification Packages = scecli jipanidi.dll
================= FIREFOX ===================
FF - ProfilePath - c:\docume~1\robyn\applic~1\mozilla\firefox\profiles\vvsq0w55.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.fastbrowsersearch.com/results/results.aspx?s=DEF&v=19&q=
FF - prefs.js: browser.search.selectedEngine - Fast Browser Search
FF - prefs.js: browser.startup.homepage - www.yahoo.com
FF - prefs.js: keyword.URL - hxxp://us.yhs.search.yahoo.com/avg/search?fr=yhs-avgb&type=yahoo_avg_hs2-tb-web_us&p=
FF - component: c:\program files\avg\avg9\firefox\components\avgssff.dll
FF - component: c:\program files\avg\avg9\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll
FF - component: c:\program files\avg\avg9\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll
FF - component: c:\program files\avg\avg9\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll
FF - component: c:\program files\avg\avg9\toolbar\firefox\avg@igeared\components\xpavgtbapi.dll
FF - component: c:\program files\real\realplayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll
---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - truec:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
============= SERVICES / DRIVERS ===============
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-8-12 333192]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-8-12 360584]
R2 avg9emc;AVG Free E-mail Scanner;c:\program files\avg\avg9\avgemc.exe [2009-11-3 906520]
R2 avg9wd;AVG Free WatchDog;c:\program files\avg\avg9\avgwdsvc.exe [2009-11-3 285392]
R2 EAPPkt;Realtek EAPPkt Protocol;c:\windows\system32\drivers\EAPPkt.sys [2009-8-12 38144]
R2 YahooAUService;Yahoo! Updater;c:\program files\yahoo!\softwareupdate\YahooAUService.exe [2008-11-9 602392]
R3 RTL8192u;Realtek RTL8192U Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8192u.sys [2009-8-12 450432]
S3 NtApm;NT Apm/Legacy Interface Driver;c:\windows\system32\drivers\NtApm.sys [2009-8-11 9344]
=============== Created Last 30 ================
2009-11-07 00:42:06 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-11-07 00:42:05 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-11-04 05:35:51 0 d--h--w- C:\$AVG
2009-11-04 05:35:20 0 d-----w- c:\docume~1\alluse~1\applic~1\avg9
2009-11-04 05:35:07 0 d-----w- c:\windows\SxsCaPendDel
2009-11-04 05:17:25 0 d-----w- c:\docume~1\robyn\applic~1\Malwarebytes
2009-11-04 05:09:14 0 d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-11-04 05:09:14 0 d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
2009-11-04 03:33:42 0 d--h--w- c:\windows\PIF
2009-11-04 03:07:54 0 d-----w- c:\program files\common files\Symantec Shared
2009-11-04 03:03:45 0 d-----w- c:\windows\system32\drivers\NSS
2009-11-04 03:03:44 0 d-----w- c:\program files\Norton Security Scan
2009-11-04 03:03:44 0 d-----w- c:\docume~1\alluse~1\applic~1\Symantec
2009-11-04 03:03:44 0 d-----w- c:\docume~1\alluse~1\applic~1\Norton
2009-11-04 03:03:38 0 d-----w- c:\program files\NortonInstaller
2009-11-04 03:03:38 0 d-----w- c:\docume~1\alluse~1\applic~1\NortonInstaller
2009-11-04 02:32:28 31232 ----a-w- c:\windows\system32\logon.exe
2009-10-31 01:48:50 0 d-----w- c:\program files\common files\xing shared
2009-10-31 01:29:18 0 d-----w- c:\program files\Orban
2009-10-31 01:28:17 123 ----a-w- c:\documents and settings\robyn\default.pls
2009-10-30 23:04:14 6375 ----a-w- c:\documents and settings\robyn\.recently-used.xbel
2009-10-28 06:36:56 4533 ----a-w- c:\windows\wininit.ini
2009-10-26 00:48:26 0 d-----w- c:\documents and settings\robyn\.thumbnails
2009-10-26 00:43:57 0 d-----w- c:\documents and settings\robyn\.gimp-2.6
2009-10-26 00:43:08 0 d-----w- c:\program files\GIMP-2.0
2009-10-24 05:08:48 0 d-----w- c:\program files\PlaySushi
2009-10-24 05:03:00 0 d-----w- c:\program files\Fast Browser Search
2009-10-20 07:09:24 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2009-10-20 07:09:24 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2009-10-20 07:08:29 0 d-----w- c:\program files\iPod
2009-10-20 07:08:22 0 d-----w- c:\program files\iTunes
2009-10-20 07:08:22 0 d-----w- c:\docume~1\alluse~1\applic~1\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2009-10-19 23:49:45 34064 ----a-w- c:\windows\system32\lhacm.acm
2009-10-19 23:49:35 0 d-----w- c:\program files\Teamspeak2_RC2
==================== Find3M ====================
2009-11-04 05:35:46 360584 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2009-11-04 05:35:46 333192 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-11-04 05:35:36 12464 ----a-w- c:\windows\system32\avgrsstx.dll
2009-10-31 01:48:26 499712 ----a-w- c:\windows\system32\msvcp71.dll
2009-10-31 01:48:26 348160 ----a-w- c:\windows\system32\msvcr71.dll
2009-09-25 05:56:36 662016 ----a-w- c:\windows\system32\wininet.dll
2009-09-25 05:56:32 81920 ----a-w- c:\windows\system32\ieencode.dll
2009-09-11 14:33:52 133632 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-04 20:45:26 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-08-26 08:16:37 247326 ----a-w- c:\windows\system32\strmdll.dll
2009-08-19 02:57:42 157366 ----a-w- c:\windows\hpoins27.dat
2009-08-12 19:34:00 16512 ----a-w- c:\windows\gdrv.sys
2009-08-12 04:56:37 315392 ----a-w- c:\windows\HideWin.exe
2009-08-12 04:01:34 21640 ----a-w- c:\windows\system32\emptyregdb.dat
2009-08-04 14:37:49 51200 --sha-w- c:\windows\system32\bodonope.dll
2009-08-06 14:38:49 38912 --sha-w- c:\windows\system32\fodelaki.dll
2009-08-04 14:38:23 51200 --sha-w- c:\windows\system32\hawupopa.dll
2009-08-05 14:38:29 60928 --sha-w- c:\windows\system32\hepozili.dll
2009-08-04 14:38:23 51200 --sha-w- c:\windows\system32\jipanidi.dll
2009-08-06 14:38:49 90112 --sha-w- c:\windows\system32\sewoladu.dll
2009-08-06 02:38:36 38400 --sha-w- c:\windows\system32\vopepimi.dll
2009-08-04 14:38:23 51200 --sha-w- c:\windows\system32\wowinule.dll
2009-08-05 02:38:17 38400 --sha-w- c:\windows\system32\yuteloki.dll
2009-08-05 14:38:29 37888 --sha-w- c:\windows\system32\zatejawe.dll
============= FINISH: 18:46:54.49 ===============
and lastly FROM GMER I get this:
GMER 1.0.15.15163 - http://www.gmer.net
Rootkit quick scan 2009-11-06 18:57:07
Windows 5.1.2600 Service Pack 2
Running: lyjzsb0k.exe; Driver: C:\DOCUME~1\robyn\LOCALS~1\Temp\uwxorpow.sys
---- Devices - GMER 1.0.15 ----
AttachedDevice \FileSystem\Fastfat \Fat fltMgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
---- EOF - GMER 1.0.15 ----