last night nothing would work. I couldn't get the LAN setting to where you advised it kept resetting. I shut down and this morning I restarted avg picked up the antivirus program and I got rid of it through there. Why it didn't do it before?? I ran commy.exe and am including the log here. Let me know what you think...am I healed?
ComboFix 09-12-07.09 - Owner 12/08/2009 10:35.1.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.503.203 [GMT -6:00]
Running from: c:\documents and settings\Owner\Desktop\commy.exe.exe
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\program files\Shared
c:\program files\Shared\lib.sig
c:\recycler\S-1-5-21-763046184-1108015167-220856613-1003
D:\Autorun.inf
Infected copy of c:\windows\system32\DRIVERS\atapi.sys was found and disinfected
Restored copy from - Kitty ate it :p
.
((((((((((((((((((((((((( Files Created from 2009-11-08 to 2009-12-08 )))))))))))))))))))))))))))))))
.
2009-12-08 04:56 . 2009-12-08 04:56 -------- d-----w- c:\program files\Trend Micro
2009-12-08 02:55 . 2009-12-08 08:43 3585369 ----a-w- c:\documents and settings\commy.exe.exe
2009-12-08 02:39 . 2008-04-14 01:11 21504 -c--a-w- c:\windows\system32\dllcache\hidserv.dll
2009-12-08 02:39 . 2008-04-14 01:11 21504 ----a-w- c:\windows\system32\hidserv.dll
2009-12-08 02:38 . 2008-04-13 19:45 32128 -c--a-w- c:\windows\system32\dllcache\usbccgp.sys
2009-12-08 02:38 . 2008-04-13 19:45 32128 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2009-12-04 22:47 . 2009-12-08 15:48 -------- d-----w- c:\documents and settings\Owner\Local Settings\Application Data\fxgupx
2009-12-04 19:55 . 2009-12-04 19:55 79488 ----a-w- c:\documents and settings\Owner\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-08 16:09 . 2009-09-25 00:08 -------- d-----w- c:\documents and settings\All Users\Application Data\avg8
2009-12-04 22:13 . 2009-04-26 22:23 -------- d-----w- c:\documents and settings\Owner\Application Data\MSN6
2009-12-02 22:41 . 2009-05-31 01:10 6588 ----a-w- c:\documents and settings\Owner\Application Data\wklnhst.dat
2009-12-01 03:13 . 2009-04-27 21:29 -------- d-----w- c:\documents and settings\Owner\Application Data\AdobeUM
2009-09-25 00:08 . 2009-09-25 00:08 11952 ----a-w- c:\windows\system32\avgrsstx.dll
2009-09-25 00:08 . 2009-09-25 00:08 108552 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2009-09-25 00:08 . 2009-09-25 00:08 335240 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-09-25 00:08 . 2009-09-25 00:08 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2009-09-24 22:52 . 2009-04-26 21:04 38112 ----a-w- c:\documents and settings\Owner\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-09-24 22:32 . 2004-08-26 18:03 76487 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-09-24 22:30 . 2009-09-24 22:30 73728 ----a-w- c:\windows\ALCFDRTM.EXE
2009-09-11 14:18 . 2004-08-26 16:12 136192 ----a-w- c:\windows\system32\msv1_0.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-07-26 3883856]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [2004-08-24 77824]
"AlcWzrd"="ALCWZRD.EXE" [2004-08-24 2552320]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2002-09-13 212992]
"SunKistEM"="c:\program files\eMachines Bay Reader\shwiconem.exe" [2004-03-11 135168]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2004-07-01 155648]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2004-07-01 118784]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2003-11-01 32768]
"QuickCare2.2"="c:\program files\Qwest\QuickCare\bin\sprtcmd.exe" [2007-05-04 198184]
"Microsoft Default Manager"="c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-02-03 233304]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-02-08 77824]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-11-26 2029336]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-09-25 00:08 11952 ----a-w- c:\windows\system32\avgrsstx.dll
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [9/24/2009 6:08 PM 335240]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [9/24/2009 6:08 PM 108552]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [9/24/2009 6:08 PM 908056]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [9/24/2009 6:08 PM 297752]
R2 sprtlisten;SupportSoft Listener Service;c:\program files\Common Files\supportsoft\bin\sprtlisten.exe [1/8/2008 11:02 AM 1213728]
.
------- Supplementary Scan -------
.
uLocal Page = \blank.htm
mStart Page =
hxxp://qwest.live.comuInternet Settings,ProxyServer = http=127.0.0.1:5555
uInternet Settings,ProxyOverride =
.
- - - - ORPHANS REMOVED - - - -
WebBrowser-{604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - (no file)