Media Playing Lags! Related to Trojan.Vundo.H and Trojan.Downloader?

Ok so earlier I was looking for a song for my friend to download. I found a page that had a download link and it seemed legit. I then linked it to her through Windows Messenger and she downloaded and ended up getting a virus. I didn't even click the download link but I ended up getting lots of popups and immediately closed my browser and did a quick scan with Malwarebyte's Anti-Malware. The scan found Trojan.Vundo.H in various places and Trojan.Downloader. They were both either deleted or quarantined and I restarted my computer.

After that, I did a full scan with Malwarebyte's to make sure and nothing was found. Then when I tried playing music or videos on either iTunes, WMP, or online, the audio and video would lag, like it would be choppy for a few seconds at a time. Could this be related to the viruses? I'd really appreciate some help.

EDIT: I also want to add that after I restarted my computer, each time, after the Windows logo showed up with the load bar I would get a black screen for about 30 seconds then the cursor would show up and a few seconds later it would continue like normal. This has happened before after I had a technician remove the previous Trojan.Zlob virus.

Here's a log of Malwarebyte's when the viruses were found:
Malwarebytes' Anti-Malware 1.31
Database version: 1456
Windows 5.1.2600 Service Pack 2

12/16/2008 9:01:31 PM
mbam-log-2008-12-16 (21-01-30).txt

Scan type: Quick Scan
Objects scanned: 55737
Time elapsed: 7 minute(s), 27 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 5
Registry Keys Infected: 14
Registry Values Infected: 1
Registry Data Items Infected: 2
Folders Infected: 0
Files Infected: 7

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
C:\WINDOWS\system32\ssqQgHyW.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\qvknjwuw.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\pkafnv.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\pmnnKBUK.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\hgGxWppp.dll (Trojan.Vundo) -> Delete on reboot.

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d8e34e31-3b39-462d-bc9b-0a71dbba0f52} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d8e34e31-3b39-462d-bc9b-0a71dbba0f52} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{df1c09da-a493-46cd-8ad4-e0f1452f1e25} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{df1c09da-a493-46cd-8ad4-e0f1452f1e25} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{df1c09da-a493-46cd-8ad4-e0f1452f1e25} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{d8e34e31-3b39-462d-bc9b-0a71dbba0f52} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\pmnnkbuk (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\xpre (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\instkey (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\ssqqghyw -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\ssqqghyw -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
C:\WINDOWS\system32\pkafnv.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\ssqQgHyW.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\WyHgQqss.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\WyHgQqss.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qvknjwuw.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\pmnnKBUK.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\hgGxWppp.dll (Trojan.Vundo) -> Delete on reboot.

Last edited by daftcow on 17th December 2008, 7:43 am; edited 3 times in total

and here's a HJT log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:53:40 AM, on 12/17/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Updates from HP\137903\Program\BackWeb-137903.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q304&bd=pavilion&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q304&bd=pavilion&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q304&bd=pavilion&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q304&bd=pavilion&pf=desktop
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q304&bd=pavilion&pf=desktop
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:9022
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {C07498CE-3CC7-4B4D-9A43-A19B139091FF} - C:\WINDOWS\system32\ssqQgHyW.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll
O4 - HKLM\..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Updates from HP.lnk = C:\Program Files\Updates from HP\137903\Program\BackWeb-137903.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) - http://www.vietscape.com/wfplayer/tdserver.cab
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20061205/qtinstall.info.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/binFrameWork/v10/StagingUI.cab34120.cab
O16 - DPF: {0B96BF84-DA5C-46F4-A7FC-5319CFF74163} (MnetLauncher Control) - http://player.mnet.com/package/cjmuset.cab
O16 - DPF: {111F9B31-41F1-46C1-88D1-5377C9D883C4} (MAMAXDownload Control) - http://www.csafer.net/activex/MAMAXDownload.cab
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnotes.com/download/mnviewer.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} -
O16 - DPF: {1DE9BB01-B121-401D-8877-BCD5ED5B7EE5} (Tpwin Control) - http://www.crezio.com/test/leeyunho/AlwaysOn/AlwaysOn.CAB
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) - http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/v45/yacscom.cab
O16 - DPF: {2B36F775-8CF5-4489-B454-2D1B80984CF2} (FXPluginCtl Object) - http://www.powerflasher.de/plugin/powerres.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {36D04559-44B7-45E0-BA81-E1508FAB359F} - http://otee.dk/download_webplayer/UnityWebPlayer.cab
O16 - DPF: {3A7FE611-1994-4EF1-A09F-99456752289D} - http://zone.msn.com/bingame/trbo/default/ActiveLauncher.cab
O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (ZoneBuddy Class) - http://zone.msn.com/BinFrameWork/v10/ZBuddy.cab32846.cab
O16 - DPF: {3DA5D23B-EFE1-4181-ADB7-7D457567AACA} (TGOnlineCtrl Class) - http://zone.msn.com/bingame/pacz/default/pandaonline.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) - http://zone.msn.com/binframework/v10/ZPAChat.cab32846.cab
O16 - DPF: {5D9446DB-E849-4B95-9872-D0C21343ABF0} (MAWizard Class) - http://www.csafer.net/ActiveX/MASetupWizard.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1139108907187
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://download.shockwave.com/pub/otoy/OTOYAX.cab
O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} (Yahoo! Audio UI1) - http://chat.yahoo.com/cab/yacsui.cab
O16 - DPF: {7D731A83-6C80-4EA4-9646-5E06A0513274} (Sandlot Loader Control) - http://www.shockwave.com/content/ballistik/sis/slgwebinstall.cab
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {938527D1-CDB7-4147-998A-B20FCA5CC976} (Cdmcco Class) - http://cafeimg.hanmail.net/cab9_1/dmcc2.cab?Version=1,0,0,10
O16 - DPF: {9AA73F41-EC64-489E-9A73-9CD52E528BC4} (ZoneAxRcMgr Class) - http://messenger.zone.msn.com/binary/ZAxRcMgr.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
O16 - DPF: {BD6F8792-B90E-4431-B0AB-08CF414E9D35} (DamoimBGMPlayerX Control) - http://bgm.iple.com/Cab/SMMusicPlayerX.cab
O16 - DPF: {CAC181B0-4D70-402D-B571-C596A47D0CE0} (CBankshotZoneCtrl Class) - http://zone.msn.com/bingame/zpagames/zpa_pool.cab36107.cab
O16 - DPF: {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} (SproutLauncherCtrl Class) - http://www.shockwave.com/content/feedingfrenzy/sis/SproutLauncher.cab
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (StadiumProxy Class) - http://zone.msn.com/binframework/v10/StProxy.cab35645.cab
O16 - DPF: {E1AC9563-A1E3-45B8-A5CE-5C19E34EC6AC} (ComTop Class) - http://www.arirangtv.com/AlwaysTop.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab
O16 - DPF: {FAE74270-E5EE-49C3-B816-EA8B4D55F38F} (H2hPool Control) - http://www.worldwinner.com/games/v51/h2hpool/h2hpool.cab
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Super Ad Blocker Service (SABSVC) - Unknown owner - C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\SABSVC.EXE (file missing)
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe

--
End of file - 12111 bytes

I ran ComboFix and here is the log:
Part 1

ComboFix 08-12-16.03 - Owner 2008-12-17 13:37:54.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.1527.1089 [GMT -6:00]
Running from: c:\documents and settings\Owner\Desktop\ComboFix.exe
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Application Data\nsv
c:\documents and settings\All Users\Application Data\nsv\keys.dat
c:\documents and settings\All Users\Application Data\nsv\wmv0104.dbd
c:\documents and settings\All Users\Application Data\nsv\wmv0106.ddx
c:\documents and settings\All Users\Application Data\nsv\wmv0204.ddx
c:\documents and settings\All Users\Application Data\nsv\wmv0315.ddx
c:\documents and settings\All Users\Application Data\nsv\wmv0412.ddx
c:\documents and settings\All Users\Application Data\nsv\wmv0504.ddx
c:\documents and settings\All Users\Application Data\nsv\wmv0904.ddx
c:\documents and settings\All Users\Application Data\nsv\wmv1125.ddx
c:\documents and settings\All Users\Application Data\nsv\wmv1204.ddx
c:\documents and settings\All Users\Application Data\nsv\wmv1215.dbd
c:\documents and settings\All Users\Application Data\nsv\wmv1909.ddx
c:\documents and settings\All Users\Application Data\nsv\wmv1920.dbd
c:\documents and settings\All Users\Application Data\nsv\wmv2007.dbd
c:\documents and settings\All Users\Application Data\picsvr
c:\documents and settings\All Users\Application Data\picsvr\picsvr.inf
c:\documents and settings\Owner\Application Data\Adobe\crc.dat
c:\documents and settings\Owner\Application Data\Google\T-Scan
c:\documents and settings\Owner\Application Data\Google\T-Scan\n.gif
c:\documents and settings\Owner\Application Data\Google\T-Scan\t.gif
c:\documents and settings\Owner\Application Data\Google\T-Scan\y.gif
C:\lswmv.ini
c:\program files\Common Files\uninstall information
c:\windows\cdmxtras
c:\windows\emdat.tm
c:\windows\emdat.tmp
c:\windows\system32\_000008_.tmp.dll
c:\windows\system32\Cache
c:\windows\system32\Cache\mstub-pal_nmw_a353_r15950.exe
c:\windows\system32\Cache\mswinstall.exe
c:\windows\system32\Cache\setup.exe
c:\windows\system32\Cache\uninstall.exe
c:\windows\system32\nsvsvc
c:\windows\system32\nsvsvc\License.txt
c:\windows\system32\picsvr
c:\windows\system32\test.exe
D:\Autorun.inf

.
((((((((((((((((((((((((( Files Created from 2008-11-17 to 2008-12-17 )))))))))))))))))))))))))))))))
.

2008-12-07 17:30 . 2008-12-07 17:30 410,984 --a------ c:\windows\system32\deploytk.dll
2008-12-07 17:30 . 2008-12-07 17:30 73,728 --a------ c:\windows\system32\javacpl.cpl
2008-12-07 16:55 . 2008-12-07 17:26 d-------- c:\windows\system32\CatRoot_bak
2008-12-07 16:21 . 2008-12-07 16:21 d-------- C:\rsit
2008-12-07 16:06 . 2008-12-07 16:06 d-------- C:\_OTMoveIt
2008-12-07 14:01 . 2008-12-07 14:01 2,608 --a------ c:\windows\system32\settings.aaw
2008-12-07 14:00 . 2008-12-07 14:00 1,024 --a------ c:\windows\system32\history.aaw
2008-12-07 13:45 . 2008-12-07 13:45 d-------- c:\program files\CCleaner
2008-12-07 13:16 . 2008-12-16 19:58 d-------- c:\program files\Malwarebytes' Anti-Malware
2008-12-07 13:16 . 2008-12-07 13:16 d-------- c:\documents and settings\Owner\Application Data\Malwarebytes
2008-12-07 13:16 . 2008-12-07 13:16 d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2008-12-07 13:16 . 2008-12-03 19:52 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2008-12-07 13:16 . 2008-12-03 19:52 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2008-12-07 13:14 . 2008-12-07 13:46 d-------- c:\documents and settings\Owner\Application Data\U3
2008-12-07 02:15 . 2008-12-07 02:37 d-------- c:\windows\system32\Adobe
2008-12-03 14:48 . 2008-12-03 14:48 118 --a------ c:\windows\system32\MRT.INI
2008-11-27 00:30 . 2008-11-27 00:31 d-------- c:\program files\iTunes
2008-11-27 00:30 . 2008-11-27 00:31 d-------- c:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-11-27 00:23 . 2008-11-27 00:24 d-------- c:\program files\QuickTime

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-17 19:41 --------- d-----w c:\program files\Common Files\Symantec Shared
2008-12-17 08:38 --------- d-----w c:\documents and settings\Owner\Application Data\uTorrent
2008-12-17 06:49 --------- d-----w c:\documents and settings\All Users\Application Data\Symantec
2008-12-07 23:34 --------- d-----w c:\program files\Java
2008-12-07 19:53 --------- d-----w c:\documents and settings\Owner\Application Data\ImgBurn
2008-12-07 09:04 --------- d-----w c:\documents and settings\Owner\Application Data\Common Files
2008-12-07 09:04 --------- d-----w c:\documents and settings\Owner\Application Data\Apple Computer
2008-12-07 09:04 --------- d-----w c:\documents and settings\Owner\Application Data\Ahead
2008-12-07 09:04 --------- d-----w c:\documents and settings\Owner\Application Data\AdobeUM
2008-12-07 09:04 --------- d-----w c:\documents and settings\Owner\Application Data\acccore
2008-12-04 06:54 --------- d-----w c:\program files\Morpheus
2008-11-28 06:46 --------- d-----w c:\program files\Common Files\Apple
2008-11-27 06:30 --------- d-----w c:\program files\iPod
2008-10-24 11:10 453,632 ----a-w c:\windows\system32\drivers\mrxsmb.sys
2008-10-23 13:01 283,648 ----a-w c:\windows\system32\gdi32.dll
2008-10-16 20:13 202,776 ----a-w c:\windows\system32\wuweb.dll
2008-10-16 20:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll
2008-10-16 20:12 561,688 ----a-w c:\windows\system32\wuapi.dll
2008-10-16 20:12 323,608 ----a-w c:\windows\system32\wucltui.dll
2008-10-16 20:09 92,696 ----a-w c:\windows\system32\cdm.dll
2008-10-16 20:09 51,224 ----a-w c:\windows\system32\wuauclt.exe
2008-10-16 20:09 43,544 ----a-w c:\windows\system32\wups2.dll
2008-10-16 20:08 34,328 ----a-w c:\windows\system32\wups.dll
2008-10-16 20:06 268,648 ----a-w c:\windows\system32\mucltui.dll
2008-10-16 20:06 208,744 ----a-w c:\windows\system32\muweb.dll
2008-10-16 10:20 667,648 ----a-w c:\windows\system32\wininet.dll
2008-10-03 10:15 247,326 ----a-w c:\windows\system32\strmdll.dll
2008-09-30 22:43 1,286,152 ----a-w c:\windows\system32\msxml4.dll
2005-02-27 06:44 44 ----a-w c:\documents and settings\Owner\Application Data\tvmcwrd.dll
2002-10-04 21:09 204,800 ----a-w c:\windows\inf\FXPlugin.dll
2005-08-21 01:46 104 --sh--r c:\windows\system32\65242E7829.sys
2005-07-14 19:31 27,648 --sha-w c:\windows\system32\AVSredirect.dll
2005-06-26 22:32 616,448 --sha-r c:\windows\system32\cygwin1.dll
2005-06-22 05:37 45,568 --sha-r c:\windows\system32\cygz.dll
2005-08-21 01:46 3,766 --sha-w c:\windows\system32\KGyGaAvL.sys
.

Part 2:

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2008-10-17 51048]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-11-04 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-11-20 290088]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-12-07 136600]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Updates from HP.lnk - c:\program files\Updates from HP\137903\Program\BackWeb-137903.exe [2004-05-12 16384]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.ac3filter"= ac3filter.acm

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, zwebauth.dll

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2008-11-20 13:20 290088 c:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateManager]
--a------ 2003-08-19 01:01 110592 c:\program files\Common Files\Sonic\Update Manager\sgtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Veoh]
--a------ 2008-08-28 09:18 3660848 c:\program files\Veoh Networks\Veoh\VeohClient.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Updates from HP\\137903\\Program\\BackWeb-137903.exe"=
"c:\\Program Files\\utorrent\\utorrent.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\cjmvsvr.exe"=
"c:\\Program Files\\Steam\\steamapps\\shabba911@hotmail.com\\counter-strike\\hl.exe"=
"c:\\WINDOWS\\system32\\fscagent.exe"=
"c:\\WINDOWS\\system32\\clubbox.exe"=
"c:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\WINDOWS\\system32\\grdmgr.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"8866:TCP"= 8866:TCP:gnutella
"16191:TCP"= 16191:TCP:bittorrent
"34693:TCP"= 34693:TCP:bittorrent

R2 LiveUpdate Notice;LiveUpdate Notice;"c:\program files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon [2007-08-24 149352]
R3 COH_Mon;COH_Mon;\??\c:\windows\system32\Drivers\COH_Mon.sys [2007-05-29 23888]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;\??\c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2008-12-07 99376]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G]
\Shell\AutoRun\command - G:\LaunchU3.exe -a

*Newly Created Service* - COMHOST
*Newly Created Service* - PROCEXP90
.
Contents of the 'Scheduled Tasks' folder

2008-12-02 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

2008-12-16 c:\windows\Tasks\Norton Internet Security - Run Full System Scan - Owner.job
- c:\program files\Norton Internet Security\Norton AntiVirus\Navw32.exe [2007-08-26 19:19]
.
- - - - ORPHANS REMOVED - - - -

BHO-{C07498CE-3CC7-4B4D-9A43-A19B139091FF} - c:\windows\system32\ssqQgHyW.dll
MSConfigStartUp-TkBellExe - c:\program files\Common Files\Real\Update_OB\realsched.exe


.
------- Supplementary Scan -------
.
uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q304&bd=pavilion&pf=desktop
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q304&bd=pavilion&pf=desktop
uInternet Settings,ProxyServer = http=127.0.0.1:9022
uInternet Settings,ProxyOverride = 127.0.0.1;localhost
IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\OFFICE11\EXCEL.EXE/3000

c:\windows\system32\atl.dll - c:\windows\system32\MnetLauncher.ocx
c:\windows\system32\cjmuset.dll
O16 -: {0B96BF84-DA5C-46F4-A7FC-5319CFF74163}
hxxp://player.mnet.com/package/cjmuset.cab
c:\windows\Downloaded Program Files\cjmuset.inf

c:\windows\system32\MAMACExtract.dll - c:\windows\system32\MAMAXDownload.ocx
O16 -: {111F9B31-41F1-46C1-88D1-5377C9D883C4}
hxxp://www.csafer.net/activex/MAMAXDownload.cab
c:\windows\Downloaded Program Files\MAMAXDownload.inf

c:\windows\Downloaded Program Files\tpwin.ocx - O16 -: {1DE9BB01-B121-401D-8877-BCD5ED5B7EE5}
hxxp://www.crezio.com/test/leeyunho/AlwaysOn/AlwaysOn.CAB

c:\windows\System32\Macromed\Flash\Flash8.ocx - c:\windows\System32\FXPlugin.dll
O16 -: {2B36F775-8CF5-4489-B454-2D1B80984CF2}
hxxp://www.powerflasher.de/plugin/powerres.cab
c:\windows\Downloaded Program Files\FXPlugin.inf

c:\windows\system32\MAMACExtract.dll - c:\windows\system32\MASetupWizard.dll
O16 -: {5D9446DB-E849-4B95-9872-D0C21343ABF0}
hxxp://www.csafer.net/ActiveX/MASetupWizard.cab
c:\windows\Downloaded Program Files\MASetupWizard.inf

c:\windows\Downloaded Program Files\slghex.dll - c:\windows\Downloaded Program Files\slgwebinstall.dll
O16 -: {7D731A83-6C80-4EA4-9646-5E06A0513274}
hxxp://www.shockwave.com/content/ballistik/sis/slgwebinstall.cab
c:\windows\Downloaded Program Files\slgwebinstall.inf

c:\windows\system32\dmvm.dll - c:\windows\Downloaded Program Files\dmcc2.dll
O16 -: {938527D1-CDB7-4147-998A-B20FCA5CC976}
hxxp://cafeimg.hanmail.net/cab9_1/dmcc2.cab?Version=1,0,0,10
c:\windows\Downloaded Program Files\dmcc2.inf

c:\windows\system32\mfc42.dll - c:\windows\system32\msvcrt.dll
c:\windows\system32\olepro32.dll
c:\windows\system32\vorbis_vx.dll
c:\windows\system32\ogg_vx.dll
c:\windows\system32\VxovSrc4dmi.ax
c:\windows\system32\SMMusicPlayerX.ocx
O16 -: {BD6F8792-B90E-4431-B0AB-08CF414E9D35}
hxxp://bgm.iple.com/Cab/SMMusicPlayerX.cab
c:\windows\Downloaded Program Files\SMMusicPlayerX.inf

c:\windows\system32\atl.dll - c:\windows\system32\mfc42.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\olepro32.dll
c:\windows\Downloaded Program Files\AlwaysTop.dll
O16 -: {E1AC9563-A1E3-45B8-A5CE-5C19E34EC6AC}
hxxp://www.arirangtv.com/AlwaysTop.cab
c:\windows\Downloaded Program Files\AlwaysTop.inf
FF - ProfilePath - c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\jb8aji6n.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.msn.com/
FF - plugin: c:\program files\Veoh Networks\Veoh\Plugins\noreg\NPVeohVersion.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-17 13:41:19
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-12-17 13:43:30
ComboFix-quarantined-files.txt 2008-12-17 19:42:43

Pre-Run: 84,017,307,648 bytes free
Post-Run: 83,998,027,776 bytes free

248 --- E O F --- 2008-12-11 01:42:37

Looks good now, what problems remain?

My media is still playing poorly.
Still choppy.

See if it's any better using the VLC player.
Download here

Well it's not just on iTunes or WMP but it's also happening when I play videos on youtube or songs/videos on other websites like imeem, myspace, etc.

And I just discovered that when I canceled the setup for the VLC player and when it asked me if I was sure I wanted to cancel with the alert sound, even the alert sound was laggy and choppy.

Edit: I opened random windows in order to close them by task manager just to get the alert sound and seems like it only happens sometimes, not each time.

I'm really worried now.

Hmmm.
I wouldn't worry, nothing serious.

Try this.
Press Start > Run
type in:
sfc /scannow <-- note the space after the c and before /
Press enter.

Any impovement?

So I did the above and restarted my computer just to make sure, but I still have the same problem.

Okay, I'll talk to a friend and see what he comes up with.

I just wanted to add that I just did a quick scan with Avast and it found and deleted "Win32:Trojano-1097 [Trj]" in "C:\System Volume Information\_restore{DD9CB1FB-3F7A-40CF-B44C-DD1502404737}\RP14\A0000769.exe\{sys}\sysmonnt.exe"

Restarted computer, but still having the same audio/video problem.

Due to lack of feedback, this topic is closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter.

Everyone else, please open a new topic for your questions.