nimble1

My bad for attaching the files. I am pasting them below EST SCAN LOG: ESETSmartInstaller@High as CAB hook log: OnlineScanner.ocx - registred OK # version=7 # iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339) # OnlineScanner.ocx=1.0.0.6211 # api_version=3.0.2 # EOSSerial=75f746a12fc957439d07b9e293828504 # end=finished # remove_checked=true # archives_checked=false # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2009-12-05 10:25:40 # local_time=2009-12-05 05:25:40 (-0500, Eastern Standard Time) # country="United States" # lang=1033 # osver=5.1.2600 NT Service Pack 3 # compatibility_mode=769 16775125 100 98 0 195406919 0 0 # compatibility_mode=8192 67108863 100 0 0 0 0 0 # scanned=42812 # found=1 # cleaned=1 # scan_time=978 C:\Documents and Settings\Owner\My Documents\Downloads\unlocker1.8.8.exe Win32/Adware.ADON application (deleted - quarantined) 00000000000000000000000000000000 C OTL.Txt: OTL logfile created on: 12/5/2009 5:49:43 PM - Run 1 OTL by OldTimer - Version 3.1.11.7 Folder = C:\Documents and Settings\Owner\Desktop Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 1.50 Gb Total Physical Memory | 1.03 Gb Available Physical Memory | 68.84% Memory free 3.35 Gb Paging File | 2.99 Gb Available in Paging File | 89.35% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 150.30 Gb Total Space | 83.51 Gb Free Space | 55.56% Space Free | Partition Type: NTFS Drive D: | 3.07 Gb Total Space | 0.85 Gb Free Space | 27.59% Space Free | Partition Type: FAT32 Drive E: | 397.09 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: YOUR-00F24BFC24 Current User Name: Owner Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard ========== Processes (SafeList) ========== PRC - [2009/12/05 17:48:48 | 00,536,576 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe PRC - [2009/11/24 18:51:40 | 00,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe PRC - [2009/11/24 18:51:35 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe PRC - [2009/11/24 18:43:56 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe PRC - [2009/10/15 22:03:33 | 00,172,032 | ---- | M] (New Boundary Technologies, Inc.) -- C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS PRC - [2009/09/27 17:19:46 | 00,172,100 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe PRC - [2009/03/08 13:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe PRC - [2008/04/13 19:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2007/04/16 14:28:22 | 00,577,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe PRC - [2004/11/15 17:04:32 | 00,135,168 | ---- | M] (Alcor Micro, Corp.) -- C:\Program Files\Digital Media Reader\shwiconEM.exe PRC - [2004/11/02 22:24:46 | 00,032,768 | ---- | M] (Cyberlink Corp.) -- C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe Extras.txt: OTL Extras logfile created on: 12/5/2009 5:49:43 PM - Run 1 OTL by OldTimer - Version 3.1.11.7 Folder = C:\Documents and Settings\Owner\Desktop Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 1.50 Gb Total Physical Memory | 1.03 Gb Available Physical Memory | 68.84% Memory free 3.35 Gb Paging File | 2.99 Gb Available in Paging File | 89.35% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 150.30 Gb Total Space | 83.51 Gb Free Space | 55.56% Space Free | Partition Type: NTFS Drive D: | 3.07 Gb Total Space | 0.85 Gb Free Space | 27.59% Space Free | Partition Type: FAT32 Drive E: | 397.09 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: YOUR-00F24BFC24 Current User Name: Owner Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) ========== Modules (SafeList) ========== MOD - [2009/12/05 17:48:48 | 00,536,576 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe MOD - [2009/08/30 07:56:17 | 00,052,224 | -HS- | M] () -- C:\WINDOWS\system32\pubegadi.dll ========== Win32 Services (SafeList) ========== Checkup.txt: Results of screen317's Security Check version 0.99.1 Windows XP Service Pack 3 `````````````````````````````` Antivirus/Firewall Check: Windows Firewall Disabled! avast! Antivirus ESET Online Scanner v3 avast! updated! `````````````````````````````` Anti-malware/Other Utilities Check: Adobe Flash Player 10 Adobe Reader 7.0 Out of date Adobe Reader installed! `````````````````````````````` Process Check: objlist.exe by Laurent Alwil Software Avast4 aswUpdSv.exe Alwil Software Avast4 ashServ.exe Alwil Software Avast4 ashDisp.exe Alwil Software Avast4 ashMaiSv.exe Alwil Software Avast4 ashWebSv.exe `````````````````````````````` DNS Vulnerability Check: Unknown. This method cannot test your vulnerability to DNS cache poisoning. `````````End of Log```````````

Attached are the reports from the OldTimer OTL.Txt Extras.Txt

Hello There i was adviced by Maurice Naggar that i should follow the steps outline in another thread (http://www.malwarebytes.org/forums/index.php?showtopic=31965), and post the results that i generate. I will post them as they come in individual post so as to avoid any post limits. Thank you very much inadvace for help. This is the result from the ESET scan (attached) ESET_log.txt

hello all, I am new at this so please forgive any missteps. I am having the exact same problem. i have been fighting with trying to even get Mbam on my pc. now that i have it i too have discovered this reoccurring virus. Is there any way I might be able to follow your guidance in this matter Maurice. I am more than happy to follow to the letter? if there is a better place or way that i might seek the end of this virus please advice in that matter also i am will and ready to learn. thank you for your help.