Should I also do what magna86 said. Will wait until I hear from you ESSEXBOY.
Thanks
Wait for Essexboy.
He has been resolving malware problems on this forum for as long as I have been checking it, and he has an excellent success rate.
I am not gainsaying that you know what you are doing, it is just that from my experience that rarely works and in a high proportion of cases renders the system unable to boot. A non booting system is more stressfull to the OP than the continual virus alerts. As you may notice I am a member of ASAP and UNITE ;D
@maddog67 can you confirm that you copied the files to the dllcache as the logs show no evidence of them there
If you have then I would now like you to copy them to the c drive and we will work from a live cd (which will be handy to keep once done)
Please print these instruction out so that you know what you are doing
OTLPEStd.exe
MD5=107440596207871822220183734CF7C4
98,217,771bytes / 93.6MB
[*]Download OTLPEStd.exe to your desktop
[*]Download the attached scan.txt file to a USB drive
[*]Ensure that you have a blank CD in the drive
[*]Double click OTLPEStd.exe and this will then open imgburn to burn the file to CD
[*]Reboot your system using the boot CD you just created.
Note : If you do not know how to set your computer to boot from CD follow the steps here
[*]As the CD needs to detect your hardware and load the operating system, I would recommend a nice cup of tea whilst it loads 
[*]Your system should now display a Reatogo desktop.
Note : as you are running from CD it is not exactly speedy
[*]Double-click on the OTLPE icon.
[*]Select the Windows folder of the infected drive if it asks for a location
[*]When asked “Do you wish to load the remote registry”, select Yes
[*]When asked “Do you wish to load remote user profile(s) for scanning”, select Yes
[*]Ensure the box “Automatically Load All Remaining Users” is checked and press OK
[*]OTL should now start.
[*]Double click the Custom scans and fixes box
[*]In the dialogue locate the scan.txt you have on the USB
[*]Press Run Scan to start the scan.
[*]When finished, the file will be saved in drive C:\OTL.txt
[*]Copy this file to your USB drive if you do not have internet connection on this system.
[*]Right click the file and select send to : select the USB drive.
[*]Confirm that it has copied to the USB drive by selecting it
[*]You can backup any files that you wish from this OS
[*]Please post the contents of the C:\OTL.txt file in your reply.
I have done as you have instructed. Which part was the copy of the dllcache
Does this blow away my OS with a fresh install of the OS. Should I back up any information I have?
Will wait for a response from Essexboy from my previous questions before I do the next part.
Nope this is a live cd, basically windows xp on a disc
Gday, Did everything that was instructed. Made the CD, loaded ok.
When i got to the stage to Start OTLPE.exe
inserted the script for custom scan, started the scan.
When it got the stage of “Scanning all users startmenu” is start hanged. Had to restart system in my windows XP.
Corrupt files still come up.
Please Help Essexboy.
Thanks
Andrew
Ok could you run it and deselect all users this time
Once i have run it, as advised from that list. Do I have to restart from HDD again?
You can if you wish but we will need to do the transfer from the CD
ok will run it again now. Chat soon
ok, deselected all.
inserted the scan.txt, Run Scan, got to the same spot “Scanning Users StartMenu” and just hanged.
???
OK bear with me I am in touch with OT to see if he knows what the problem is
Hi OT has uploaded a new version of his programme to resolve this issue. For information one of the start menu registry entries is empty and that is why it is stalling
If you download a fresh copy now from the same link it will work ;D
I won’t be dealing with you again. I don’t know if it is because of the scripts that I have been running that i have got from you. But my PC has been attacked, and credit card details have been taken. The source was in the UK. Have you heard of this happening before. But I know that I will be making alot of noise about this incident.
Well essexboy is a long time avast forum member and certified malware removal specialist and the tools that he uses are legitimate. he has helped many, many members with infected systems and not a single incident that you are implying with the tools used.
Your system was infected and despite a number of tools being used it still hadn’t got rid of what was the underlying infection. So I rather doubt it is anything to do with the help you have received or the security tools you asked to run.
None of the tools I use are infected or can transmit data from your system unless you specifically allow it, and it will only be suspected files, not data. I did not command the programmes to upload any files. You had a nasty piece of malware which kept inviting friends to join it.
The two tools you used have been in operation now for at least 3 years, the authors come from the USA and Malaysia. As a rule of thumb if you ever suspect a malware infection then do not use the computer for online transactions.
I have helped in excess of a thousand people since I started and this is the first time this accusation has been leveled. But then you are going through a stressful time, so it is understandable
Did you still want me to try to fix it with the tools your have provided, otherwise I was just going to blow it all away and reformat.
If you have doubts about the BB go with this method. 100% safe
maddog67
please do the following
Download the zip file from this link and extract it to C http://www.speedyshare.com/files/26377546/XP-sp3.zip
C:\explorer.exe
C:\winlogon.exe
Restart your computer and press button the F8
When menu appears you should choose Microsoft Windows XP.
Then menu will appear where you should choose Microsoft Windows Recovery Console.
Start the Recovery Console and you will be asked which installation you want to log. Type in 1 and confirm with Enter.
Similarly, you can be asked for password - type in it or just press Enter if you do not have password.
On display will appear the following:
C:\Windows>_
Next Type (all command / line confirm with Enter):
cd …
copy explorer.exe c:\windows\explorer.exe
will appear query: type in y
copy winlogon.exe c:\windows\system32\winlogon.exe
will appear query: Type the y
type in:
exit to restart the PC.
All of this will look like in the picture below (in the yellow boxes is what you knocking):
http://img209.imageshack.us/img209/118/20110119135814.jpg
Thereafter Run Combofix
Then post the resultant log .
All of these bills right on paper to know what to knocking.