Core.cache.dsk Can't remove!!!Hijack log included

[soulbind4]

Hello, I dont know how I managed to get Core.cache.dsk, and i've tried about everything I could to remove it, Hopefully someone here can help me.
Heres my log from Hijack

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:12:35 PM, on 2/11/2008
Platform: Windows XP SP3, v.3300 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.3300)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\CTHELPER.EXE
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe
C:\Program Files\Uniblue\SpyEraser\SpyEraser.exe
C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Endever\Desktop\hijackthis\HijackThis.exe

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [Uniblue SpeedUpMyPC] C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe -s
O4 - HKCU\..\Run: [Uniblue SpyEraser] "C:\Program Files\Uniblue\SpyEraser\SpyEraser.exe" -m
O4 - HKCU\..\Run: [Uniblue RegistryBooster2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1202776933781
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 4071 bytes


----------------------------------------------------------
heres my log from combofix

ComboFix 08-02-12.1 - Endever 2008-02-11 20:44:12.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.635 [GMT -5:00]
Running from: C:\Documents and Settings\Endever\Desktop\ComboFix.exe
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\images.zip
C:\WINDOWS\system32\drivers\core.cache.dsk . . . . failed to delete

.
((((((((((((((((((((((((( Files Created from 2008-01-12 to 2008-02-12 )))))))))))))))))))))))))))))))
.

2008-02-11 19:59 . 2008-02-11 19:59 1,066,176 --a------ C:\WINDOWS\system32\MSCOMCTL.OCX
2008-02-11 19:50 . 2008-02-11 19:50 167,545 --a------ C:\WINDOWS\system32\drivers\core.cache.dsk
2008-02-11 19:30 . 2008-02-11 19:30 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-02-11 19:10 . 2008-02-11 19:13 770 --a------ C:\WINDOWS\system32\tmp.reg
2008-02-11 19:09 . 2007-09-05 23:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2008-02-11 19:09 . 2006-04-27 16:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2008-02-11 19:09 . 2008-02-08 23:55 85,504 --a------ C:\WINDOWS\system32\VACFix.exe
2008-02-11 19:09 . 2008-02-08 10:37 82,432 --a------ C:\WINDOWS\system32\IEDFix.exe
2008-02-11 19:09 . 2003-06-05 20:13 53,248 --a------ C:\WINDOWS\system32\Process.exe
2008-02-11 19:09 . 2004-07-31 17:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2008-02-11 19:09 . 2007-10-03 23:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2008-02-11 18:41 . 2008-02-11 18:41 <DIR> d-------- C:\Program Files\Enigma Software Group
2008-02-11 18:19 . 2008-02-11 19:21 56 --a------ C:\WINDOWS\WININIT.INI
2008-02-11 02:18 . 2008-02-11 02:18 <DIR> d-------- C:\Program Files\Lavasoft
2008-02-11 02:18 . 2008-02-11 02:20 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-02-10 23:57 . 2008-02-11 15:10 1,433 --a------ C:\rollback.ini
2008-02-10 23:50 . 2008-02-11 20:48 1,541,152 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
2008-02-10 23:50 . 2008-02-11 20:46 25,868 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx
2008-02-10 23:46 . 2008-02-10 23:46 <DIR> d-------- C:\Program Files\Zone Labs
2008-02-10 23:45 . 2008-02-11 20:41 <DIR> d-------- C:\WINDOWS\Internet Logs
2008-02-10 23:20 . 2008-02-10 23:20 <DIR> d-------- C:\WINDOWS\system32\LogFiles
2008-02-10 23:18 . 2008-02-10 23:18 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Uniblue
2008-02-10 23:12 . 2008-02-10 23:20 <DIR> d-------- C:\Program Files\Uniblue
2008-02-10 23:09 . 2008-02-10 23:09 <DIR> d-------- C:\WINDOWS\WinRAR
2008-02-10 22:42 . 2008-02-10 22:42 <DIR> d-------- C:\Documents and Settings\LocalService\Application Data\AVG7
2008-02-10 22:41 . 2008-02-10 22:41 <DIR> d-------- C:\Program Files\Common Files\InstallShield
2008-02-10 22:41 . 2008-02-10 23:20 <DIR> d-------- C:\Documents and Settings\Endever\Application Data\Uniblue
2008-02-10 22:39 . 2008-02-10 22:39 <DIR> d--h----- C:\WINDOWS\PIF
2008-02-10 21:45 . 2008-02-11 15:39 <DIR> d-------- C:\Documents and Settings\Endever\Application Data\AVG7
2008-02-10 21:45 . 2008-02-10 22:42 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-02-10 21:45 . 2008-02-10 23:09 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\avg7
2008-02-10 21:45 . 2008-02-10 21:45 499,712 --a------ C:\WINDOWS\system32\msvcp71.dll
2008-02-10 21:44 . 2008-02-10 21:44 41,168,824 --a------ C:\WINDOWS\system32\avg75avwt_516a1225.exe
2008-02-10 21:44 . 2008-02-10 21:44 86,144 --a------ C:\WINDOWS\system32\drivers\drmkk.sys
2008-02-10 16:13 . 2008-02-10 22:32 <DIR> d-------- C:\Program Files\Creative
2008-02-10 16:13 . 2006-08-11 15:14 86,446 --a------ C:\WINDOWS\system32\instwdm.ini
2008-02-10 16:13 . 2006-08-11 14:56 3,072 --a------ C:\WINDOWS\CTXFIRES.DLL
2008-02-10 16:13 . 2006-08-11 14:32 191 --a------ C:\WINDOWS\system32\ctzapxx.ini
2008-02-10 16:11 . 2008-02-10 22:41 <DIR> d--h----- C:\Program Files\InstallShield Installation Information
2008-02-10 15:12 . 2008-02-10 22:41 <DIR> d-------- C:\Program Files\OGPlanet
2008-02-09 21:33 . 2008-02-10 22:40 <DIR> d-------- C:\Program Files\Teamspeak2_RC2
2008-02-09 21:33 . 2008-02-10 22:41 <DIR> d-------- C:\Documents and Settings\Endever\Application Data\teamspeak2
2008-02-09 21:33 . 2008-02-09 21:33 34,064 --a------ C:\WINDOWS\system32\lhacm.acm
2008-02-09 21:26 . 2005-02-12 00:46 371,712 --a------ C:\WINDOWS\system32\drivers\BCMWL5.SYS
2008-02-09 20:50 . 2001-08-17 15:11 26,568 --a------ C:\WINDOWS\system32\drivers\BCM4E5.SYS
2008-02-09 20:50 . 2001-08-17 15:11 26,568 --a--c--- C:\WINDOWS\system32\dllcache\bcm4e5.sys
2008-02-09 20:15 . 2008-02-09 20:15 1,158 --a------ C:\WINDOWS\mozver.dat
2008-02-09 20:14 . 2008-02-09 20:14 249,856 --a------ C:\WINDOWS\system32\config\systemprofile\NTUSER(2).DAT
2008-02-09 19:38 . 2008-02-09 19:38 <DIR> d-------- C:\Program Files\PowerISO
2008-02-09 19:38 . 2008-02-09 19:39 <DIR> d-------- C:\Documents and Settings\Endever\Application Data\U3
2008-02-09 19:37 . 2008-01-26 02:35 26,368 --a--c--- C:\WINDOWS\system32\dllcache\usbstor.sys
2008-02-09 19:01 . 2008-02-09 19:01 <DIR> d---s---- C:\WINDOWS\system32\Microsoft
2008-01-26 10:08 . 2008-01-26 10:08 1,788 --a------ C:\WINDOWS\system32\Dcache.bin
2008-01-26 10:01 . 2008-01-26 10:01 329,728 --a------ C:\WINDOWS\system32\netsetup.exe
2008-01-26 10:01 . 2008-01-26 10:01 329,728 --a--c--- C:\WINDOWS\system32\dllcache\netsetup.exe
2008-01-26 10:00 . 2008-01-26 10:00 1,201,698 --a--c--- C:\WINDOWS\system32\dllcache\sysmain.sdb
2008-01-26 10:00 . 2008-01-26 10:00 785,972 --a--c--- C:\WINDOWS\system32\dllcache\apph_sp.sdb
2008-01-26 10:00 . 2008-01-26 10:00 218,134 --a--c--- C:\WINDOWS\system32\dllcache\apphelp.sdb
2008-01-26 10:00 . 2008-01-26 10:00 198,736 --a--c--- C:\WINDOWS\system32\dllcache\msimain.sdb
2008-01-26 10:00 . 2008-01-26 10:00 80,544 --a--c--- C:\WINDOWS\system32\dllcache\apps.chm
2008-01-26 10:00 . 2008-01-26 10:00 9,424 --a--c--- C:\WINDOWS\system32\dllcache\drvmain.sdb
2008-01-26 09:56 . 2008-01-26 09:56 844,314 --a------ C:\WINDOWS\system32\msdxm.ocx
2008-01-26 09:55 . 2008-01-26 09:55 566,784 --a------ C:\WINDOWS\system32\gpedit.dll
2008-01-26 03:20 . 2008-01-26 03:20 1,843,968 --a------ C:\WINDOWS\system32\win32k.sys
2008-01-26 03:20 . 2008-01-26 03:20 1,843,968 --a--c--- C:\WINDOWS\system32\dllcache\win32k.sys
2008-01-26 03:19 . 2008-01-26 03:19 175,744 --a------ C:\WINDOWS\system32\drivers\rdbss.sys
2008-01-26 03:19 . 2008-01-26 03:19 175,744 --a--c--- C:\WINDOWS\system32\dllcache\rdbss.sys
2008-01-26 03:18 . 2008-01-26 03:18 2,188,928 --a------ C:\WINDOWS\system32\ntoskrnl.exe
2008-01-26 03:11 . 2008-01-26 03:11 182,656 --a------ C:\WINDOWS\system32\drivers\ndis.sys
2008-01-26 03:11 . 2008-01-26 03:11 182,656 --a--c--- C:\WINDOWS\system32\dllcache\ndis.sys
2008-01-26 03:11 . 2008-01-26 03:11 162,816 --a------ C:\WINDOWS\system32\drivers\netbt.sys
2008-01-26 03:11 . 2008-01-26 03:11 162,816 --a--c--- C:\WINDOWS\system32\dllcache\netbt.sys
2008-01-26 03:11 . 2008-01-26 03:11 91,520 --a------ C:\WINDOWS\system32\drivers\ndiswan.sys
2008-01-26 03:11 . 2008-01-26 03:11 91,520 --a--c--- C:\WINDOWS\system32\dllcache\ndiswan.sys
2008-01-26 03:10 . 2008-01-26 03:10 361,344 --a------ C:\WINDOWS\system32\drivers\tcpip.sys
2008-01-26 03:10 . 2008-01-26 03:10 361,344 --a--c--- C:\WINDOWS\system32\dllcache\tcpip.sys
2008-01-26 03:10 . 2008-01-26 03:10 75,264 --a------ C:\WINDOWS\system32\drivers\ipsec.sys
2008-01-26 03:10 . 2008-01-26 03:10 75,264 --a--c--- C:\WINDOWS\system32\dllcache\ipsec.sys
2008-01-26 03:10 . 2008-01-26 03:10 51,328 --a------ C:\WINDOWS\system32\drivers\rasl2tp.sys
2008-01-26 03:10 . 2008-01-26 03:10 51,328 --a--c--- C:\WINDOWS\system32\dllcache\rasl2tp.sys
2008-01-26 03:10 . 2008-01-26 03:10 48,384 --a------ C:\WINDOWS\system32\drivers\raspptp.sys
2008-01-26 03:10 . 2008-01-26 03:10 48,384 --a--c--- C:\WINDOWS\system32\dllcache\raspptp.sys
2008-01-26 03:09 . 2008-01-26 03:09 138,112 --a------ C:\WINDOWS\system32\drivers\afd.sys
2008-01-26 03:09 . 2008-01-26 03:09 138,112 --a--c--- C:\WINDOWS\system32\dllcache\afd.sys
2008-01-26 03:08 . 2008-01-26 03:08 52,480 --a------ C:\WINDOWS\system32\drivers\i8042prt.sys
2008-01-26 03:07 . 2008-01-26 03:07 456,576 --a------ C:\WINDOWS\system32\drivers\mrxsmb.sys
2008-01-26 03:07 . 2008-01-26 03:07 105,344 --a------ C:\WINDOWS\system32\drivers\mup.sys
2008-01-26 03:07 . 2008-01-26 03:07 105,344 --a--c--- C:\WINDOWS\system32\dllcache\mup.sys
2008-01-26 03:06 . 2008-01-26 03:06 574,976 --a------ C:\WINDOWS\system32\drivers\ntfs.sys
2008-01-26 03:06 . 2008-01-26 03:06 574,976 --a--c--- C:\WINDOWS\system32\dllcache\ntfs.sys
2008-01-26 03:06 . 2008-01-26 03:06 64,512 --a------ C:\WINDOWS\system32\drivers\serial.sys
2008-01-26 03:06 . 2008-01-26 03:06 49,536 --a------ C:\WINDOWS\system32\drivers\classpnp.sys
2008-01-26 03:06 . 2008-01-26 03:06 49,536 --a--c--- C:\WINDOWS\system32\dllcache\classpnp.sys
2008-01-26 03:05 . 2008-01-26 03:05 334,848 --a------ C:\WINDOWS\system32\drivers\srv.sys
2008-01-26 03:05 . 2008-01-26 03:05 334,848 --a--c--- C:\WINDOWS\system32\dllcache\srv.sys
2008-01-26 03:05 . 2008-01-26 03:05 143,744 --a------ C:\WINDOWS\system32\drivers\fastfat.sys
2008-01-26 03:05 . 2008-01-26 03:05 143,744 --a--c--- C:\WINDOWS\system32\dllcache\fastfat.sys
2008-01-26 03:05 . 2008-01-26 03:05 63,744 --a------ C:\WINDOWS\system32\drivers\cdfs.sys
2008-01-26 03:05 . 2008-01-26 03:05 63,744 --a--c--- C:\WINDOWS\system32\dllcache\cdfs.sys
2008-01-26 02:48 . 2008-01-26 02:48 225,664 --a------ C:\WINDOWS\system32\drivers\tcpip6.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-12 00:30 --------- d-----w C:\Documents and Settings\Endever\Application Data\uTorrent
2008-02-12 00:26 16,896 ----a-w C:\WINDOWS\Internet Logs\xDB3.tmp
2008-02-12 00:26 1,399,808 ----a-w C:\WINDOWS\Internet Logs\xDB4.tmp
2008-02-12 00:25 2,396,672 ----a-w C:\WINDOWS\Internet Logs\xDB1.tmp
2008-02-12 00:25 1,399,808 ----a-w C:\WINDOWS\Internet Logs\xDB2.tmp
2008-02-11 03:41 --------- d-----w C:\Documents and Settings\Endever\Application Data\Creative
2008-02-10 20:37 409,600 ----a-w C:\WINDOWS\system32\wrap_oal.dll
2008-02-10 20:37 114,688 ----a-w C:\WINDOWS\system32\OpenAL32.dll
2008-02-10 20:02 --------- d-----w C:\Program Files\Viewpoint
2008-02-09 23:57 --------- d-----w C:\Program Files\microsoft frontpage
2008-02-09 23:41 --------- d-----w C:\Program Files\Java
2008-02-09 23:40 --------- d-----w C:\Program Files\Common Files\Java
2008-02-09 23:39 --------- d-----w C:\Program Files\uTorrent
2008-02-09 23:33 --------- d-----w C:\Program Files\AIM
2008-02-09 23:33 --------- d-----w C:\Documents and Settings\Endever\Application Data\Aim
2008-02-09 23:32 --------- d-----w C:\Program Files\AOD
2008-02-09 23:32 --------- d-----w C:\Documents and Settings\All Users\Application Data\Viewpoint
2008-01-26 14:58 92,424 ----a-w C:\WINDOWS\system32\rdpdd.dll
2008-01-26 14:58 9,216 ----a-w C:\WINDOWS\system32\scrnsave.scr
2008-01-26 14:58 87,176 ----a-w C:\WINDOWS\system32\rdpwsx.dll
2008-01-26 14:58 704,512 ----a-w C:\WINDOWS\system32\ss3dfo.scr
2008-01-26 14:58 695,808 ----a-w C:\WINDOWS\system32\drmv2clt.dll
2008-01-26 14:58 679,936 ----a-w C:\WINDOWS\system32\sstext3d.scr
2008-01-26 14:58 610,304 ----a-w C:\WINDOWS\system32\sspipes.scr
2008-01-26 14:58 507,904 ----a-w C:\WINDOWS\system32\winlogon.exe
2008-01-26 14:58 5,632 ----a-w C:\WINDOWS\system32\winver.exe
2008-01-26 14:58 47,104 ----a-w C:\WINDOWS\system32\ssmypics.scr
2008-01-26 14:58 40,840 ----a-w C:\WINDOWS\system32\drivers\termdd.sys
2008-01-26 14:58 393,216 ----a-w C:\WINDOWS\system32\ssflwbox.scr
2008-01-26 14:58 356,352 ----a-w C:\WINDOWS\system32\msscp.dll
2008-01-26 14:58 32,256 ----a-w C:\WINDOWS\system32\wpabaln.exe
2008-01-26 14:58 30,720 ----a-w C:\WINDOWS\system32\xcopy.exe
2008-01-26 14:58 299,520 ----a-w C:\WINDOWS\system32\drmclien.dll
2008-01-26 14:58 29,696 ----a-w C:\WINDOWS\system32\format.com
2008-01-26 14:58 283,648 ----a-w C:\WINDOWS\winhlp32.exe
2008-01-26 14:58 259,072 ----a-w C:\WINDOWS\system32\msnetobj.dll
2008-01-26 14:58 220,672 ----a-w C:\WINDOWS\system32\logon.scr
2008-01-26 14:58 21,896 ----a-w C:\WINDOWS\system32\drivers\tdtcp.sys
2008-01-26 14:58 20,992 ----a-w C:\WINDOWS\system32\ssmarque.scr
2008-01-26 14:58 19,968 ----a-w C:\WINDOWS\system32\ssbezier.scr
2008-01-26 14:58 18,944 ----a-w C:\WINDOWS\system32\ssmyst.scr
2008-01-26 14:58 165,888 ----a-w C:\WINDOWS\system32\wuauclt1.exe
2008-01-26 14:58 16,896 ----a-w C:\WINDOWS\system32\more.com
2008-01-26 14:58 155,648 ----a-w C:\WINDOWS\system32\wscript.exe
2008-01-26 14:58 14,336 ----a-w C:\WINDOWS\system32\ssstars.scr
2008-01-26 14:58 139,656 ----a-w C:\WINDOWS\system32\drivers\rdpwd.sys
2008-01-26 14:58 13,824 ----a-w C:\WINDOWS\system32\wscntfy.exe
2008-01-26 14:58 12,800 ----a-w C:\WINDOWS\system32\tree.com
2008-01-26 14:58 12,168 ----a-w C:\WINDOWS\system32\tsddd.dll
2008-01-26 14:58 12,040 ----a-w C:\WINDOWS\system32\drivers\tdpipe.sys
2008-01-26 14:58 11,264 ----a-w C:\WINDOWS\system32\wpnpinst.exe
2008-01-26 14:57 997,376 ----a-w C:\WINDOWS\system32\msgina.dll
2008-01-26 14:57 990,208 ----a-w C:\WINDOWS\system32\syssetup.dll
2008-01-26 14:57 99,328 ----a-w C:\WINDOWS\system32\winscard.dll
2008-01-26 14:57 985,088 ----a-w C:\WINDOWS\system32\setupapi.dll
2008-01-26 14:57 98,304 ----a-w C:\WINDOWS\system32\slbiop.dll
2008-01-26 14:57 98,304 ----a-w C:\WINDOWS\system32\nlhtml.dll
2008-01-26 14:57 98,304 ----a-w C:\WINDOWS\system32\ahui.exe
2008-01-26 14:57 98,304 ----a-w C:\WINDOWS\system32\actxprxy.dll
2008-01-26 14:57 97,792 ----a-w C:\WINDOWS\system32\comrepl.dll
2008-01-26 14:57 97,280 ----a-w C:\WINDOWS\system32\loadperf.dll
2008-01-26 14:57 96,768 ----a-w C:\WINDOWS\system32\srvsvc.dll
2008-01-26 14:57 96,768 ----a-w C:\WINDOWS\system32\psbase.dll
2008-01-26 14:57 956,928 ----a-w C:\WINDOWS\system32\msdtctm.dll
2008-01-26 14:57 95,744 ----a-w C:\WINDOWS\system32\scardsvr.exe
2008-01-26 14:57 95,744 ----a-w C:\WINDOWS\system32\mqsec.dll
2008-01-26 14:57 94,208 ----a-w C:\WINDOWS\system32\eappgnui.dll
2008-01-26 14:57 93,696 ----a-w C:\WINDOWS\system32\tscfgwmi.dll
2008-01-26 14:57 927,504 ----a-w C:\WINDOWS\system32\mfc40u.dll
2008-01-26 14:57 92,672 ----a-w C:\WINDOWS\system32\wlnotify.dll
2008-01-26 14:57 92,672 ----a-w C:\WINDOWS\system32\rsvpsp.dll
2008-01-26 14:57 92,672 ----a-w C:\WINDOWS\system32\dskquota.dll
2008-01-26 14:57 91,648 ----a-w C:\WINDOWS\system32\xactsrv.dll
2008-01-26 14:57 91,648 ----a-w C:\WINDOWS\system32\mtxoci.dll
2008-01-26 14:57 91,136 ----a-w C:\WINDOWS\system32\ntprint.dll
2008-01-26 14:57 90,624 ----a-w C:\WINDOWS\system32\mydocs.dll
2008-01-26 14:57 90,112 ----a-w C:\WINDOWS\system32\wshext.dll
2008-01-26 14:57 90,112 ----a-w C:\WINDOWS\system32\trkwks.dll
2008-01-26 14:57 9,216 ----a-w C:\WINDOWS\system32\proxycfg.exe
2008-01-26 14:57 9,216 ----a-w C:\WINDOWS\system32\dot3dlg.dll
2008-01-26 14:57 897,024 ----a-w C:\WINDOWS\system32\wmspdmoe.dll
2008-01-26 14:57 89,600 ----a-w C:\WINDOWS\system32\smlogsvc.exe
2008-01-26 14:57 89,088 ----a-w C:\WINDOWS\system32\mqlogmgr.dll
2008-01-26 14:57 88,576 ----a-w C:\WINDOWS\system32\rasauto.dll
2008-01-26 14:57 875,008 ----a-w C:\WINDOWS\system32\netplwiz.dll
2008-01-26 14:57 87,552 ----a-w C:\WINDOWS\system32\fldrclnr.dll
2008-01-26 14:57 87,040 ----a-w C:\WINDOWS\system32\mprapi.dll
2008-01-26 14:57 87,040 ----a-w C:\WINDOWS\system32\drmstor.dll
2008-01-26 14:57 87,040 ----a-w C:\WINDOWS\system32\diantz.exe
2008-01-26 14:57 86,016 ----a-w C:\WINDOWS\system32\netsh.exe
2008-01-26 14:57 86,016 ----a-w C:\WINDOWS\system32\msapsspc.dll
2008-01-26 14:57 858,624 ----a-w C:\WINDOWS\system32\tapi3.dll
2008-01-26 14:57 85,504 ----a-w C:\WINDOWS\system32\catsrvps.dll
2008-01-26 14:57 84,992 ----a-w C:\WINDOWS\system32\olepro32.dll
2008-01-26 14:57 84,992 ----a-w C:\WINDOWS\system32\avifil32.dll
2008-01-26 14:57 84,480 ----a-w C:\WINDOWS\system32\mciavi32.dll
2008-01-26 14:57 84,480 ----a-w C:\WINDOWS\system32\cabview.dll
2008-01-26 14:57 83,456 ----a-w C:\WINDOWS\system32\dpvsetup.exe
2008-01-26 14:57 824,320 ----a-w C:\WINDOWS\system32\d3dim700.dll
2008-01-26 14:57 82,944 ----a-w C:\WINDOWS\system32\eventtriggers.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AIM"="C:\Program Files\AIM\aim.exe" [2006-08-01 18:35 67112]
"Uniblue SpeedUpMyPC"="C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe" [2007-10-22 10:13 9438488]
"Uniblue SpyEraser"="C:\Program Files\Uniblue\SpyEraser\SpyEraser.exe" [2008-02-10 23:28 1424648]
"Uniblue RegistryBooster2"="C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe" [2007-05-16 10:18 1856544]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 04:11 132496]
"CTHelper"="CTHELPER.EXE" [2006-08-11 14:56 17920 C:\WINDOWS\CTHELPER.EXE]
"CTxfiHlp"="CTXFIHLP.EXE" [2006-08-11 14:56 18944 C:\WINDOWS\system32\CTXFIHLP.EXE]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2008-02-10 21:45 579072]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-11-14 16:05 919016]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2008-02-10 21:45 219136]

R1 drmkk;drmkk;C:\WINDOWS\system32\drivers\drmkk.sys [2008-02-10 21:44]
S3 BCM44X2;BCM 10/100 Ethernet Network Adapter Driver;C:\WINDOWS\system32\DRIVERS\BCM4E5.SYS [2001-08-17 15:11]
S3 FA312;NETGEAR FA330/FA312/FA311 Fast Ethernet Adapter Driver;C:\WINDOWS\system32\DRIVERS\FA312nd5.sys [2001-08-17 07:12]
S3 XDva037;XDva037;C:\WINDOWS\system32\XDva037.sys []

.
Contents of the 'Scheduled Tasks' folder
"2008-02-11 04:12:30 C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC Nag.job"
- C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe
"2008-02-11 02:06:16 C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC.job"
- C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe
"2008-02-11 04:51:20 C:\WINDOWS\Tasks\Uniblue SpyEraser Nag.job"
- C:\Program Files\Uniblue\SpyEraser\SpyEraser.exe
"2008-02-11 04:27:44 C:\WINDOWS\Tasks\Uniblue SpyEraser.job"
- C:\Program Files\Uniblue\SpyEraser\SpyEraser.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-11 20:48:54
Windows 5.1.2600 Service Pack 3, v.3300 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
.
**************************************************************************
.
Completion time: 2008-02-11 20:49:56 - machine was rebooted
ComboFix-quarantined-files.txt 2008-02-12 01:49:51
.
2008-02-10 01:15:17 --- E O F ---



Please help!!!!

 

[ceewi1]

• Open Notepad (Start -> Run -> type notepad in the Open field -> OK) and copy and paste the text present inside the code box below:
  
  

  File::
  C:\WINDOWS\system32\drivers\drmkk.sys
  C:\WINDOWS\system32\drivers\core.cache.dsk
  
  Driver::
  XDva037
  drmkk

• Save this as CFScript.txt and change the Save as type to All Files and place it on your desktop.
  
  
  
  
  
  
  
  
• Referring to the screenshot above, drag CFScript.txt into ComboFix.exe.
• ComboFix will now run a scan on your system. It may reboot your system when it finishes. This is normal.
• When finished, it shall produce a log for you. Copy and paste the contents of the log in your next reply, along with a new HijackThis log.

CAUTION:
Do NOT mouse-click ComboFix's window while it is running. That may cause it to stall.
Also, please do NOT adjust your time format while ComboFix is running.

 

[soulbind4]

thanks but already fixed it! I ran a Search for *.sys files, noticed that that one was 1 minute off from last 5, just didnt seem right.. searched down the list found the same file just a letter K short, i knew somethin was up. Rebooted in safemode deleted it.. Turned PC back on searched core.cache.dsk and deleted it successfully.

 

[ceewi1]

OK, Glad your problem is fixed!