how do I remove windows diagnostic from my computer?

ComboFix 11-03-27.01 - Melissa Lewis 03/27/2011 19:38:38.2.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.446.134 [GMT -7:00]
Running from: c:\documents and settings\Melissa Lewis\Desktop\Combo-Fix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
* Created a new restore point
.
.
((((((((((((((((((((((((( Files Created from 2011-02-28 to 2011-03-28 )))))))))))))))))))))))))))))))
.
.
2011-03-24 14:37 . 2011-03-24 14:37 -------- d-----w- c:\documents and settings\All Users\Application Data\Panda Security
2011-03-24 14:37 . 2011-03-25 15:47 -------- d-----w- c:\program files\Panda USB Vaccine
2011-03-24 14:23 . 2010-10-11 14:59 45568 -c----w- c:\windows\system32\dllcache\wab.exe
2011-03-24 06:05 . 2011-03-24 06:05 -------- d-----w- C:\_OTL
2011-03-24 05:49 . 2010-11-02 15:17 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys
2011-03-24 05:49 . 2010-12-20 23:59 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2011-03-24 05:49 . 2010-12-20 23:59 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2011-03-24 05:49 . 2010-12-20 23:59 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2011-03-23 19:03 . 2011-03-23 19:03 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Tools
2011-03-23 18:41 . 2010-12-21 01:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-03-23 18:41 . 2011-03-23 18:41 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-03-23 18:41 . 2010-12-21 01:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-03-23 03:35 . 2011-03-23 15:44 514230 ----a-w- c:\windows\system32\PerfStringBackup.TMP
2011-03-23 00:39 . 2011-03-23 00:40 -------- d-----w- c:\documents and settings\Administrator
2011-03-21 14:11 . 2011-03-23 14:56 0 ----a-w- c:\windows\Kragiwogijan.bin
2011-03-21 14:10 . 2006-02-28 12:00 4224 ----a-w- c:\windows\system32\beep.sys
2011-03-04 06:46 . 2011-03-04 06:46 -------- d-sh--w- c:\documents and settings\Melissa Lewis\IECompatCache
2011-03-04 06:45 . 2011-03-04 06:45 -------- d-sh--w- c:\documents and settings\Melissa Lewis\PrivacIE
2011-03-04 06:44 . 2011-03-04 06:44 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2011-03-04 06:43 . 2011-03-04 06:43 -------- d-sh--w- c:\documents and settings\Melissa Lewis\IETldCache
2011-03-04 06:38 . 2011-03-04 06:41 -------- dc----w- c:\windows\ie8
2011-02-26 16:32 . 2010-12-03 19:35 25048 ----a-w- c:\program files\Mozilla Firefox\components\browserdirprovider.dll
2011-02-26 16:32 . 2010-12-03 19:35 140248 ----a-w- c:\program files\Mozilla Firefox\components\brwsrcmp.dll
2011-02-26 16:32 . 2010-12-03 19:35 719832 ----a-w- c:\program files\Mozilla Firefox\mozcpp19.dll
2011-02-26 16:32 . 2010-12-03 19:35 16856 ----a-w- c:\program files\Mozilla Firefox\plugin-container.exe
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-09 13:53 . 2006-02-28 12:00 270848 ----a-w- c:\windows\system32\sbe.dll
2011-02-09 13:53 . 2006-02-28 12:00 186880 ----a-w- c:\windows\system32\encdec.dll
2011-02-02 07:58 . 2006-06-22 12:18 2067456 ----a-w- c:\windows\system32\mstscax.dll
2011-01-27 11:57 . 2006-06-22 12:18 677888 ----a-w- c:\windows\system32\mstsc.exe
2011-01-21 14:44 . 2006-02-28 12:00 439296 ----a-w- c:\windows\system32\shimgvw.dll
2011-01-07 14:09 . 2006-02-28 12:00 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-12-31 13:10 . 2006-02-28 12:00 1854976 ----a-w- c:\windows\system32\win32k.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2005-08-25 737369]
"SMSERIAL"="sm56hlpr.exe" [2006-01-20 544768]
"ATICCC"="c:\program files\ATI Technologies\ATI.ACE\cli.exe" [2006-01-03 45056]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]
"Conime"="c:\windows\system32\conime.exe" [2008-04-14 27648]
"EKIJ5000StatusMonitor"="c:\windows\System32\spool\DRIVERS\W32X86\3\EKIJ5000MUI.exe" [2009-08-03 1626112]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2009-03-24 1983816]
"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2009-03-18 767312]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-06-28 2837864]
.
c:\documents and settings\Melissa Lewis\Start Menu\Programs\Startup\
PandaUSBVaccine.lnk - c:\program files\Panda USB Vaccine\USBVaccine.exe [2011-3-24 1287176]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Ralink Wireless Utility.lnk - c:\program files\RALINK\Common\RaUI.exe [2006-6-22 593920]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\PageBreeze\\pagebreeze.exe"=
"c:\\Program Files\\Kodak\\AiO\\Center\\AiOHomeCenter.exe"=
"c:\\Program Files\\Kodak\\AiO\\Center\\Kodak.Statistics.exe"=
"c:\\Program Files\\Kodak\\AiO\\Center\\NetworkPrinterDiscovery.exe"=
"c:\\Program Files\\Kodak\\AiO\\Firmware\\KodakAiOUpdater.exe"=
"c:\\Documents and Settings\\All Users\\Application Data\\Kodak\\Installer\\Setup.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"9322:TCP"= 9322:TCP:EKDiscovery
.
R0 O2MDRDR;O2MDRDR;c:\windows\system32\drivers\o2media.sys [1/5/2006 1:33 AM 34144]
R0 O2SDRDR;O2SDRDR;c:\windows\system32\drivers\o2sd.sys [1/5/2006 1:33 AM 28800]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [8/18/2009 11:29 AM 165456]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [8/18/2009 11:29 AM 17744]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [11/11/2009 3:20 PM 135664]
S2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;c:\program files\Kodak\AiO\Center\ekdiscovery.exe [8/5/2009 1:49 PM 284016]
S3 ECIoCtrl32_001.sys;ECIoCtrl32_001.sys;\??\d:\driver\ICP\ECIoCtrl32_001.sys --> d:\driver\ICP\ECIoCtrl32_001.sys [?]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
.
Contents of the 'Scheduled Tasks' folder
.
2011-03-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-11-11 22:20]
.
2011-03-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-11-11 22:20]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
DPF: Web-Based Email Tools - hxxp://email05.secureserver.net/Download.CAB
FF - ProfilePath - c:\documents and settings\Melissa Lewis\Application Data\Mozilla\Firefox\Profiles\bw8l68lu.default\
FF - prefs.js: browser.startup.homepage - hxxp://google.com/
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
.
- - - - ORPHANS REMOVED - - - -
.
HKCU-Run-Spyware Doctor - c:\documents and settings\Melissa Lewis\Desktop\sware.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-03-27 19:49
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(808)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(2984)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\mshtml.dll
c:\windows\system32\msls31.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2011-03-27 19:55:07
ComboFix-quarantined-files.txt 2011-03-28 02:54
ComboFix2.txt 2011-03-23 15:49
.
Pre-Run: 42,369,040,384 bytes free
Post-Run: 42,492,051,456 bytes free
.
- - End Of File - - EC2C3E809D01BBE2ABDF4064FF2CA998

Hello.

1. Close any open browsers.
   
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
   
3. Open notepad and copy/paste the text in the quotebox below into it:
   

   Code:

   
File::
c:\windows\Kragiwogijan.bin

   
   
4. Save this as CFScript.txt, in the same location as ComboFix.exe
   
   
   
   
5. Referring to the picture above, drag CFScript into ComboFix.exe
   
6. When finished, it shall produce a log for you at C:\ComboFix.txt
   
7. Please post the contents of the log in your next reply.
   

ComboFix 11-03-28.01 - Melissa Lewis 03/28/2011 16:46:35.4.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.446.119 [GMT -7:00]
Running from: c:\documents and settings\Melissa Lewis\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Melissa Lewis\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
FILE ::
"c:\windows\Kragiwogijan.bin"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\Kragiwogijan.bin
.
.
((((((((((((((((((((((((( Files Created from 2011-02-28 to 2011-03-28 )))))))))))))))))))))))))))))))
.
.
2011-03-24 14:37 . 2011-03-24 14:37 -------- d-----w- c:\documents and settings\All Users\Application Data\Panda Security
2011-03-24 14:37 . 2011-03-25 15:47 -------- d-----w- c:\program files\Panda USB Vaccine
2011-03-24 14:23 . 2010-10-11 14:59 45568 -c----w- c:\windows\system32\dllcache\wab.exe
2011-03-24 06:05 . 2011-03-24 06:05 -------- d-----w- C:\_OTL
2011-03-24 05:49 . 2010-11-02 15:17 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys
2011-03-24 05:49 . 2010-12-20 23:59 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2011-03-24 05:49 . 2010-12-20 23:59 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2011-03-24 05:49 . 2010-12-20 23:59 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2011-03-23 19:03 . 2011-03-23 19:03 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Tools
2011-03-23 18:41 . 2010-12-21 01:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-03-23 18:41 . 2011-03-23 18:41 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-03-23 18:41 . 2010-12-21 01:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-03-23 03:35 . 2011-03-23 15:44 514230 ----a-w- c:\windows\system32\PerfStringBackup.TMP
2011-03-23 00:39 . 2011-03-23 00:40 -------- d-----w- c:\documents and settings\Administrator
2011-03-21 14:10 . 2006-02-28 12:00 4224 ----a-w- c:\windows\system32\beep.sys
2011-03-04 06:46 . 2011-03-04 06:46 -------- d-sh--w- c:\documents and settings\Melissa Lewis\IECompatCache
2011-03-04 06:45 . 2011-03-04 06:45 -------- d-sh--w- c:\documents and settings\Melissa Lewis\PrivacIE
2011-03-04 06:44 . 2011-03-04 06:44 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2011-03-04 06:43 . 2011-03-04 06:43 -------- d-sh--w- c:\documents and settings\Melissa Lewis\IETldCache
2011-03-04 06:38 . 2011-03-04 06:41 -------- dc----w- c:\windows\ie8
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-09 13:53 . 2006-02-28 12:00 270848 ----a-w- c:\windows\system32\sbe.dll
2011-02-09 13:53 . 2006-02-28 12:00 186880 ----a-w- c:\windows\system32\encdec.dll
2011-02-02 07:58 . 2006-06-22 12:18 2067456 ----a-w- c:\windows\system32\mstscax.dll
2011-01-27 11:57 . 2006-06-22 12:18 677888 ----a-w- c:\windows\system32\mstsc.exe
2011-01-21 14:44 . 2006-02-28 12:00 439296 ----a-w- c:\windows\system32\shimgvw.dll
2011-01-07 14:09 . 2006-02-28 12:00 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-12-31 13:10 . 2006-02-28 12:00 1854976 ----a-w- c:\windows\system32\win32k.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2005-08-25 737369]
"SMSERIAL"="sm56hlpr.exe" [2006-01-20 544768]
"ATICCC"="c:\program files\ATI Technologies\ATI.ACE\cli.exe" [2006-01-03 45056]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]
"Conime"="c:\windows\system32\conime.exe" [2008-04-14 27648]
"EKIJ5000StatusMonitor"="c:\windows\System32\spool\DRIVERS\W32X86\3\EKIJ5000MUI.exe" [2009-08-03 1626112]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2009-03-24 1983816]
"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2009-03-18 767312]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-06-28 2837864]
.
c:\documents and settings\Melissa Lewis\Start Menu\Programs\Startup\
PandaUSBVaccine.lnk - c:\program files\Panda USB Vaccine\USBVaccine.exe [2011-3-24 1287176]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Ralink Wireless Utility.lnk - c:\program files\RALINK\Common\RaUI.exe [2006-6-22 593920]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\PageBreeze\\pagebreeze.exe"=
"c:\\Program Files\\Kodak\\AiO\\Center\\AiOHomeCenter.exe"=
"c:\\Program Files\\Kodak\\AiO\\Center\\Kodak.Statistics.exe"=
"c:\\Program Files\\Kodak\\AiO\\Center\\NetworkPrinterDiscovery.exe"=
"c:\\Program Files\\Kodak\\AiO\\Firmware\\KodakAiOUpdater.exe"=
"c:\\Documents and Settings\\All Users\\Application Data\\Kodak\\Installer\\Setup.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"9322:TCP"= 9322:TCP:EKDiscovery
.
R0 O2MDRDR;O2MDRDR;c:\windows\system32\drivers\o2media.sys [1/5/2006 1:33 AM 34144]
R0 O2SDRDR;O2SDRDR;c:\windows\system32\drivers\o2sd.sys [1/5/2006 1:33 AM 28800]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [8/18/2009 11:29 AM 165456]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [8/18/2009 11:29 AM 17744]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [11/11/2009 3:20 PM 135664]
S2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;c:\program files\Kodak\AiO\Center\ekdiscovery.exe [8/5/2009 1:49 PM 284016]
S3 ECIoCtrl32_001.sys;ECIoCtrl32_001.sys;\??\d:\driver\ICP\ECIoCtrl32_001.sys --> d:\driver\ICP\ECIoCtrl32_001.sys [?]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
.
Contents of the 'Scheduled Tasks' folder
.
2011-03-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-11-11 22:20]
.
2011-03-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-11-11 22:20]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
DPF: Web-Based Email Tools - hxxp://email05.secureserver.net/Download.CAB
FF - ProfilePath - c:\documents and settings\Melissa Lewis\Application Data\Mozilla\Firefox\Profiles\bw8l68lu.default\
FF - prefs.js: browser.startup.homepage - hxxp://google.com/
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-03-28 16:53
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(804)
c:\windows\system32\Ati2evxx.dll
.
Completion time: 2011-03-28 16:56:51
ComboFix-quarantined-files.txt 2011-03-28 23:56
ComboFix2.txt 2011-03-28 23:43
ComboFix3.txt 2011-03-28 02:55
ComboFix4.txt 2011-03-23 15:49
.
Pre-Run: 42,400,288,768 bytes free
Post-Run: 42,386,440,192 bytes free
.
- - End Of File - - 1DA865C237D52D396F8D485A12B6E9ED

Hello.

Run ESET Online Scan
Please do an online scan with ESET Online Scanner. Please use Internet Explorer as it uses ActiveX.

• Check (tick) this box: YES, I accept the Terms of Use.
  
• Click on the Start button next to it.
  
• When prompted to run ActiveX. click Yes.
  
• You will be asked to install an ActiveX. Click Install.
  
• Once installed, the scanner will be initialized.
  
• After the scanner is initialized, click Start.
  
• Check (tick) Remove found threats box.
  
• Check (tick) Scan unwanted applications.
  
• Click on Scan.
  
• It will start scanning. Please be patient.
  
• Once the scan is done, the log will be saved here: C:\Program Files\esetonlinescanner\log.txt.
  

Eset showed 3 threats detected but I don't know how to find the log so I can post it. Help?

Did you select it to remove what was found?

yes.

How is the machine running now?

Actually...it's running great! You are awesome!!!!!