I'm trying to clean this thing off but I'm just lost and rapidly approaching the Format Disk stage.

Can someone PLEASE help me out? Ad-Aware doesn't see an issue, Defender doesn't see an issue, AVG doesn't see an issue, and anyone who has had a similar issue has completely diff HijackThis logs than I do.

Here are my HijackThis logs... Can anyone take a look?

~~~~~
Logfile of HijackThis v1.99.1
Scan saved at 4:51:37 PM, on 7/23/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
J:\Program Files\TweakNow PowerPack 2006\RAM2_XP.exe
J:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
J:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\StartupMonitor.exe
J:\PROGRA~1\AddWeb8\SmartPatrol.exe
C:\Program Files\Windows Defender\MSASCui.exe
J:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\WINDOWS\system32\RUNDLL32.EXE
J:\Program Files\Belkin\Nostromo\nost_LM.exe
J:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\Logitech\SetPoint\SetPoint.exe
J:\Program Files\ewido anti-spyware 4.0\guard.exe
J:\Program Files\palmOne\HOTSYNC.EXE
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\WINDOWS\system32\LxrJD31s.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
J:\Program Files\Xfire\Xfire.exe
J:\Program Files\Teamspeak2_RC2\TeamSpeak.exe
J:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\machine\Desktop\HijackThis\HijackThis.exe

O4 - HKLM\..\Run: [RAM Idle Professional] J:\Program Files\TweakNow PowerPack 2006\RAM2_XP.exe
O4 - HKLM\..\Run: [AVG7_CC] J:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] J:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [Run StartupMonitor] StartupMonitor.exe
O4 - HKLM\..\Run: [Transparent] J:\Program Files\TweakNow PowerPack 2006\Transparent.exe 200
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SmartPatrol] J:\PROGRA~1\AddWeb8\SmartPatrol.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - Startup: HotSync Manager.lnk = J:\Program Files\palmOne\HOTSYNC.EXE
O4 - Global Startup: Loadout Manager.lnk = J:\Program Files\Belkin\Nostromo\nost_LM.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1132135021263
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1141580962125
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{56412252-AB25-4B47-98E3-60361657BC0F}: NameServer = 192.168.1.1
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - J:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - J:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - J:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Lexar JD31 (LxrJD31s) - Unknown owner - C:\WINDOWS\SYSTEM32\LxrJD31s.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - J:\Program Files\SiSoftware\SiSoftware Sandra Professional 2005.SR3\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - J:\Program Files\SiSoftware\SiSoftware Sandra Professional 2005.SR3\RpcSandraSrv.exe
~~~~~

Apologies for the late reply, we are a bit backlogged here as you can probably see.

Are you still needing help? I'm now subscribed to this thread and if you reply back here, I'll get an automated notice of your response and get back to you very quickly now.

I'll be glad to help if you still need us.

Please post your latest Adaware Scan log for review:

Please make sure that you are using
Ad-aware SE Build 106r1
Note: If your version is 6.0 and not the SE, you need to uninstall and get the latest version from the above link.

[if not Uninstall your old Ad-aware first then install SE]
Then use the WebUpDate
to get the latest Definition file
SE1R116 24.07.2006
To do this Open Ad-aware
Click the WebUpDate
button at the top right hand side of the Ad-aware screen (The world globe).
Click "Connect"
Ad-aware will then download the latest Definition file for you.
To make sure it is updated , look at the main
Ad-aware screen, and look under "Initialization Status"
It should say the Latest Definition file.
then scan doing a "Full Scan"
and then post your logfile here by using the Add-Reply Feature .
As Logs are stored in :
C:\Documents and Settings\USERNAME\Application Data\Lavasoft\Ad-aware\Logs\.
An easy way to get there is to
click Start,
click Run
And type in and press ENTER: %appdata%
then click Lavasoft
then Ad-Aware
and then Logs.
scroll down to find the latest one that you have
(by date & time)
and open it right Click select all
copy and then paste the contents of it here.
(Make sure that all of your Logfile has been posted, sometimes it will require two post's to get it all)
............
And a fresh HijackThis log please

Thanks for the reply.

I lost my cool (and patience) and just formatted the whole damned drive.

Thank you anyhow, though.

I'm sorry we couldn't get to you sooner!

At least I can leave you with some prevention tips and advice:

I can't stress enough the importance of having your Windows critical Security Updates. Most malware today uses exploits on unpatched systems to creep onto your system without your even doing anything but visiting an infected webpage!!

Watch what you download, be careful where you surf, and don't trust attachments or even links in email and Instant messages. Even if they come from a buddy, that buddy could be the one infected and it is the virus sending that link from his account. You click on it thinking he is trusted, and *boom* you're infected.
Many "Phishing" attempts are made by cleverly crafted email to look like it is coming from an "official" source (like Microsoft, or your bank, or some other provider). Don't click on links in those. Go directly to the site instead and navigate the menus - don't trust email you think came from a "safe source" unless you are expecting it! There is more in the link I will provide below, but those are the choice avenues of infection these days.

A word about shared computers and networks.
Share Your PC
http://www.microsoft.com/windowsxp/using/s...hare/intro.mspx
Not all users need to have Admin Accounts. It is much safer to have most of your users on a shared system running as Limited User accounts. That way, if there is "an accident", it will only affect one user's account and not the entire system.


Next, I highly recommend you get some extra protection to prevent future infections. Here are some things you can do and some free programs to help .
How do I prevent Browser Hijacks and Spyware?
http://www.dslreports.com/faq/13620

I'm happy to see you have SP2 installed. That will address numerous security issues in your Operating System and IE
Make sure that you keep your Operating System and IE updated with the latest Critical Security Updates from Microsoft...they usually come out once a month, on the 2nd Tuesday of each month. This is the first step in malware prevention, as many nasties now take advantage of new exploits and if not patched, you are vulnerable!
Windows Update
http://update.microsoft.com/microsoftupdate/

And see this link for instructions on how to configure the enhanced security features in SP2:
http://www.microsoft.com/technet/security/...xp/iesecxp.mspx

I also highly recommend to get the free tool, Microsoft Baseline Security Analyzer (MBSA) from Microsoft to analyze your PC security for prevention purposes.

MBSA Version 2.0 will scan for common system misconfigurations on Windows 2000, Windows XP, and Windows Server 2003 systems. This program will identify the system security weaknesses in your browser and operating system and provides easy instructions to correct them. This includes any missing critical Windows security updates, system vulnerabilities and your IE Browser security settings. Get the download here:
Microsoft Baseline Security Analyzer
http://www.microsoft.com/technet/security/...s/mbsahome.mspx
Choose MBSAsetup-EN.msi = (English Version) or the language appropriate for you.

Also visit this Free Online Scanner from Microsoft for PC Health and Safety
http://safety.live.com/site/en-US/default.htm
and Microsoft Security At Home
http://www.microsoft.com/athome/security/default.mspx
for tips to Protect your Pc, Protect yourself and Protect your Family.

I'll go ahead and archive this topic in the "resolved" section. If you should have any further issues, please feel free to post a new topic