Solved: No disk in the drive

pcaf95 · 09:33 AM

I follow Cookiegal post on the no disk in the drive but I cant respond because is close, so I live my scan report. I have the same symptoms as the guy she was helping and I live my report scan. Please respond and thanks.

Here is my HiJackThis log and then the scan report.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:31:01 AM, on 8/14/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18943)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Lexmark 3500-4500 Series\lxdimon.exe
C:\Program Files (x86)\Lexmark 3500-4500 Series\lxdiamon.exe
C:\Windows\vVX1000.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\BigFix\bigfix.exe
C:\Program Files (x86)\LimeWire\LimeWire.exe
C:\Windows\CNYHKey.exe
C:\Program Files (x86)\IOI\Smart Copy\ButtonMonitor.exe
C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe
C:\Program Files (x86)\AVG\AVG9\avgtray.exe
C:\Windows\ModLedKey.exe
C:\Program Files (x86)\Yahoo!\Messenger\ymsgr_tray.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10i_ActiveX.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/...ch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {14f0d511-36a2-41ca-ae01-ba4f87282c97} - (no file)
R3 - URLSearchHook: Swag Bucks Toolbar - {8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94} - C:\Program Files (x86)\Swag_Bucks\tbSwag.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin .dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Swag Bucks Toolbar - {8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94} - C:\Program Files (x86)\Swag_Bucks\tbSwag.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: BhoApp - {9d541c6a-573b-4888-b35e-6816e68c3620} - C:\Program Files (x86)\Antivirus\AvBho.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll
O2 - BHO: MSN Toolbar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN Toolbar\Platform\4.0.0379.0\npwinext.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: MSN Toolbar - {8dcb7100-df86-4384-8842-8fa844297b3f} - c:\Program Files (x86)\MSN Toolbar\Platform\4.0.0379.0\npwinext.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Swag Bucks Toolbar - {8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94} - C:\Program Files (x86)\Swag_Bucks\tbSwag.dll
O3 - Toolbar: LimeWire Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [LchDrvKey] LchDrvKey.exe
O4 - HKLM\..\Run: [LedKey] CNYHKey.exe
O4 - HKLM\..\Run: [Smart Copy] "C:\Program Files (x86)\IOI\Smart Copy\ButtonMonitor.exe" -A
O4 - HKLM\..\Run: [P2Go_Menu] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files (x86)\\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [YSearchProtection] "C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [MSN Toolbar] "c:\Program Files (x86)\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe"
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~2\AVG\AVG9\avgtray.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [PopRock] C:\Users\Pc\AppData\Local\Temp\c.exe
O4 - HKCU\..\Run: [Antivirus.exe] C:\Program Files (x86)\Antivirus\Antivirus.exe
O4 - HKCU\..\Run: [wscsvc32.exe] C:\Program Files (x86)\Antivirus\wscsvc32.exe
O4 - HKCU\..\Run: [{9B71D88C-C598-4935-C5D1-43AA4DB90836}] C:\Users\Pc\AppData\Roaming\Street\Street.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [4shared Desktop] "C:\Program Files (x86)\4shared Desktop\desktop.exe" "startup"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files (x86)\LimeWire\LimeWire.exe
O4 - Startup: RocketDock.lnk = C:\Windows\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files (x86)\Stardock\ObjectDock\ObjectDock.exe
O4 - Startup: TransBar.lnk = C:\Windows\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: UberIcon.lnk = C:\Windows\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O4 - Startup: Y'z Shadow.lnk = C:\Windows\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\bigfix.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files (x86)\PokerStars.NET\PokerStarsUpdate.exe
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/actives.../as2stubie.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgpp.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Unknown owner - C:\Windows\system32\agr64svc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - Unknown owner - C:\Windows\system32\Ati2evxx.exe (file missing)
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: dlbt_device - Unknown owner - C:\Windows\system32\dlbtcoms.exe (file missing)
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\GATEWAY\Gateway Recovery Management\Service\ETService.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\Gateway Games\Gateway Game Console\GameConsoleService.exe
O23 - Service: Google Update Service (gupdate1ca4a0cba5ff410) (gupdate1ca4a0cba5ff410) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: lxdiCATSCustConnectService - Lexmark International, Inc. - C:\Windows\system32\spool\DRIVERS\x64\3\\lxdiserv.exe
O23 - Service: lxdi_device - - C:\Windows\system32\lxdicoms.exe
O23 - Service: McciCMService - Alcatel-Lucent - C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
O23 - Service: McciCMService64 - Alcatel-Lucent - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
O23 - Service: Marvell Yukon Service (yksvc) - Unknown owner - RUNDLL32.EXE (file missing)
--
End of file - 16223 bytes

MALWARE: 43
SUSPECTS: 1
;************************************************************************** *************************************************************************** ******************************
PROTECTIONS
Description Version Active Updated
;========================================================================== =========================================================================== ==============================
Windows Defender Yes Yes
AVG Anti-Spyware 7, 5, 1, 43 No No
;========================================================================== =========================================================================== ==============================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;========================================================================== =========================================================================== ==============================
00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No c:\users\pc\appdata\roaming\microsoft\windows\cookies\low\pc@trafficmp[1].txt
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No c:\users\pc\appdata\roaming\microsoft\windows\cookies\low\pc@doubleclick[1].txt
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No c:\users\pc\appdata\roaming\microsoft\windows\cookies\low\pc@atdmt[1].txt
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No c:\users\pc\appdata\roaming\microsoft\windows\cookies\pc@atdmt[1].txt
00145457 Cookie/FastClick TrackingCookie No 0 Yes No c:\users\pc\appdata\roaming\microsoft\windows\cookies\low\pc@fastclick[2].txt
00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No c:\users\pc\appdata\roaming\microsoft\windows\cookies\low\pc@mediaplex[1].txt
00147517 Cookie/Versiontracker TrackingCookie No 0 Yes No c:\users\pc\appdata\roaming\microsoft\windows\cookies\low\pc@www.versiontra cker[1].txt
00147796 Cookie/Entrepreneur TrackingCookie No 0 Yes No c:\users\pc\appdata\roaming\microsoft\windows\cookies\low\pc@entrepreneur[2].txt
00148914 Cookie/Tucows TrackingCookie No 0 Yes No c:\users\pc\appdata\roaming\microsoft\windows\cookies\low\pc@tucows[2].txt
00149116 Cookie/Ccbill TrackingCookie No 0 Yes No c:\users\pcaf95\appdata\roaming\microsoft\windows\cookies\low\pcaf95@ccbill[2].txt
00167642 Cookie/Com.com TrackingCookie No 0 Yes No c:\users\pc\appdata\roaming\microsoft\windows\cookies\low\pc@com[1].txt
00167672 Cookie/DomainSponsor TrackingCookie No 0 Yes No c:\users\pcaf95\appdata\roaming\microsoft\windows\cookies\low\pcaf95@landin g.domainsponsor[2].txt
00167677 Cookie/WebPower TrackingCookie No 0 Yes No c:\users\pc\appdata\roaming\microsoft\windows\cookies\low\pc@webpower[1].txt
00167677 Cookie/WebPower TrackingCookie No 0 Yes No c:\users\pcaf95\appdata\roaming\microsoft\windows\cookies\low\pcaf95@webpow er[2].txt
00167704 Cookie/Xiti TrackingCookie No 0 Yes No c:\users\pc\appdata\roaming\microsoft\windows\cookies\low\pc@xiti[1].txt
00167704 Cookie/Xiti TrackingCookie No 0 Yes No c:\users\pcaf95\appdata\roaming\microsoft\windows\cookies\low\pcaf95@xiti[1].txt
00167704 Cookie/Xiti TrackingCookie No 0 Yes No c:\users\pc\appdata\roaming\microsoft\windows\cookies\low\pc@xiti[2].txt
00167744 Cookie/GoStats TrackingCookie No 0 Yes No c:\users\pc\appdata\roaming\microsoft\windows\cookies\low\pc@gostats[1].txt
00167747 Cookie/Azjmp TrackingCookie No 0 Yes No c:\users\pc\appdata\roaming\microsoft\windows\cookies\low\pc@azjmp[2].txt
00167747 Cookie/Azjmp TrackingCookie No 0 Yes No c:\users\pc\appdata\roaming\microsoft\windows\cookies\low\pc@azjmp[3].txt
00167747 Cookie/Azjmp TrackingCookie No 0 Yes No c:\users\pcaf95\appdata\roaming\microsoft\windows\cookies\low\pcaf95@azjmp[2].txt
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No c:\users\pc\appdata\roaming\microsoft\windows\cookies\low\pc@statcounter[2].txt
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No c:\users\pc\appdata\roaming\microsoft\windows\cookies\low\pc@ad.yieldmanage r[1].txt
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No c:\users\pcaf95\appdata\roaming\microsoft\windows\cookies\pcaf95@apmebf[1].txt
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No c:\users\pc\appdata\roaming\microsoft\windows\cookies\pc@apmebf[2].txt
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No c:\users\pc\appdata\roaming\microsoft\windows\cookies\low\pc@apmebf[1].txt
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No c:\users\pcaf95\appdata\roaming\microsoft\windows\cookies\low\pcaf95@apmebf[1].txt
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No c:\users\pc\appdata\roaming\microsoft\windows\cookies\low\pc@apmebf[3].txt
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No c:\users\pcaf95\appdata\local\temp\low\cookies\pcaf95@apmebf[2].txt
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No c:\users\pc\appdata\roaming\microsoft\windows\cookies\low\pc@apmebf[2].txt
00168076 Cookie/BurstNet TrackingCookie No 0 Yes No c:\users\pc\appdata\roaming\microsoft\windows\cookies\low\pc@burstnet[1].txt
00168077 Cookie/Versiontracker TrackingCookie No 0 Yes No c:\users\pc\appdata\roaming\microsoft\windows\cookies\low\pc@versiontracker[2].txt
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No c:\users\pc\appdata\roaming\microsoft\windows\cookies\low\pc@serving-sys[1].txt
00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No c:\users\pc\appdata\roaming\microsoft\windows\cookies\low\pc@bs.serving-sys[1].txt
00168095 Cookie/888 TrackingCookie No 0 Yes No c:\users\pcaf95\appdata\roaming\microsoft\windows\cookies\low\pcaf95@888[2].txt
00168097 Cookie/BurstBeacon TrackingCookie No 0 Yes No c:\users\pc\appdata\roaming\microsoft\windows\cookies\low\pc@www.burstbeaco n[1].txt
00169190 Cookie/Advertising TrackingCookie No 0 Yes No c:\users\pc\appdata\roaming\microsoft\windows\cookies\low\pc@advertising[3].txt
00169287 Cookie/Adrevolver TrackingCookie No 0 Yes No c:\users\pc\appdata\roaming\microsoft\windows\cookies\low\pc@media.adrevolv er[1].txt
00170556 Cookie/RealMedia TrackingCookie No 0 Yes No c:\users\pc\appdata\roaming\microsoft\windows\cookies\low\pc@realmedia[1].txt
00170557 Cookie/Com.com TrackingCookie No 0 Yes No c:\users\pcaf95\appdata\roaming\microsoft\windows\cookies\low\pcaf95@terra. com[1].txt
00170557 Cookie/Com.com TrackingCookie No 0 Yes No c:\users\pc\appdata\roaming\microsoft\windows\cookies\low\pc@terra.com[1].txt
00171633 Cookie/Cgi-bin TrackingCookie No 0 Yes No c:\users\pc\appdata\roaming\microsoft\windows\cookies\low\pc@www5.addfreest ats[1].txt
00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No c:\users\pc\appdata\roaming\microsoft\windows\cookies\low\pc@questionmarket[2].txt
00172221 Cookie/Zedo TrackingCookie No 0 Yes No c:\users\pc\appdata\roaming\microsoft\windows\cookies\pc@zedo[2].txt
00187950 Cookie/bravenetA TrackingCookie No 0 Yes No c:\users\pc\appdata\roaming\microsoft\windows\cookies\low\pc@bravenet[1].txt
00187950 Cookie/bravenetA TrackingCookie No 0 Yes No c:\users\pcaf95\appdata\roaming\microsoft\windows\cookies\low\pcaf95@braven et[1].txt
00187950 Cookie/bravenetA TrackingCookie No 0 Yes No c:\users\pc\appdata\roaming\microsoft\windows\cookies\low\pc@bravenet[2].txt
00191644 Cookie/adultfriendfinder TrackingCookie No 0 Yes No c:\users\pc\appdata\roaming\microsoft\windows\cookies\low\pc@adultfriendfin der[2].txt
00191644 Cookie/adultfriendfinder TrackingCookie No 0 Yes No c:\users\pcaf95\appdata\roaming\microsoft\windows\cookies\low\pcaf95@adultf riendfinder[1].txt
00194327 Cookie/Go TrackingCookie No 0 Yes No c:\users\pc\appdata\roaming\microsoft\windows\cookies\low\pc@go[1].txt
00194327 Cookie/Go TrackingCookie No 0 Yes No c:\users\pc\appdata\roaming\microsoft\windows\cookies\pc@go[1].txt
00207338 Cookie/Target TrackingCookie No 0 Yes No c:\users\pc\appdata\roaming\microsoft\windows\cookies\low\pc@target[1].txt
00207338 Cookie/Target TrackingCookie No 0 Yes No c:\users\pc\appdata\roaming\microsoft\windows\cookies\low\pc@target[3].txt
00207338 Cookie/Target TrackingCookie No 0 Yes No c:\users\pcaf95\appdata\roaming\microsoft\windows\cookies\low\pcaf95@target[1].txt
00207338 Cookie/Target TrackingCookie No 0 Yes No c:\users\pcaf95\appdata\roaming\microsoft\windows\cookies\low\pcaf95@target[2].txt
00207338 Cookie/Target TrackingCookie No 0 Yes No c:\users\pcaf95\appdata\local\temp\low\cookies\pcaf95@target[1].txt
00262020 Cookie/Atwola TrackingCookie No 0 Yes No c:\users\pc\appdata\roaming\microsoft\windows\cookies\pc@atwola[2].txt
00262020 Cookie/Atwola TrackingCookie No 0 Yes No c:\users\pcaf95\appdata\roaming\microsoft\windows\cookies\low\pcaf95@atwola[1].txt
00262020 Cookie/Atwola TrackingCookie No 0 Yes No c:\users\pc\appdata\roaming\microsoft\windows\cookies\low\pc@atwola[2].txt
00286732 Cookie/Cgi-bin TrackingCookie No 0 Yes No c:\users\pc\appdata\roaming\microsoft\windows\cookies\low\pc@www3.addfreest ats[2].txt
00286736 Cookie/Cgi-bin TrackingCookie No 0 Yes No c:\users\pc\appdata\roaming\microsoft\windows\cookies\low\pc@www6.addfreest ats[3].txt
00286736 Cookie/Cgi-bin TrackingCookie No 0 Yes No c:\users\pc\appdata\roaming\microsoft\windows\cookies\low\pc@www6.addfreest ats[2].txt
00286736 Cookie/Cgi-bin TrackingCookie No 0 Yes No c:\users\pcaf95\appdata\roaming\microsoft\windows\cookies\low\pcaf95@www6.a ddfreestats[1].txt
00286738 Cookie/Cgi-bin TrackingCookie No 0 Yes No c:\users\pc\appdata\roaming\microsoft\windows\cookies\low\pc@www1.addfreest ats[2].txt
00286738 Cookie/Cgi-bin TrackingCookie No 0 Yes No c:\users\pc\appdata\roaming\microsoft\windows\cookies\low\pc@www1.addfreest ats[1].txt
00294542 Bck/Prorat.HA Virus/Trojan No 1 Yes No c:\users\pc\documents\my stuff\viruz...no abrir\no zon bromaz\skins para msn.exe[server2.exe]
00382104 adware/msantispyware2009 Adware No 0 Yes No hkey_current_user\software\microsoft\windows\currentversion\run\poprock
03259749 Exploit/ASF.Gen Virus/Trojan No 0 Yes No c:\users\pc\music\musica 2\pit bull\pit bull - let's get crazy.mp3
03259749 Exploit/ASF.Gen Virus/Trojan No 0 Yes No c:\users\pc\music\musica 2\raul diblasio\di blasio.mp3
03259749 Exploit/ASF.Gen Virus/Trojan No 0 Yes No c:\users\pc\music\musica 2\raul diblasio\di blasio (unplugged version).mp3
05922253 Adware/AdOnDemand Adware No 0 Yes No c:\users\pc\appdata\roaming\desktopicon\ebayshortcuts.exe
;========================================================================== =========================================================================== ==============================
SUSPECTS
Sent Location
;========================================================================== =========================================================================== ==============================
No c:\winx87\services.exe
;========================================================================== =========================================================================== ==============================
VULNERABILITIES
Id Severity Description
;========================================================================== =========================================================================== ==============================
;========================================================================== =========================================================================== ==============================

pcaf95 · 16-Aug-2010, 12:17 AM #2

I posted this like 3 days ago and I haven't receive help...please help me!

**Cookiegal** · 18-Aug-2010, 01:29 PM #3

Please follow the instructions at this link and post the requested logs.

http://forums.techguy.org/virus-othe...e-posting.html

pcaf95 · 05:10 PM

Sorry for not reading that, I'll post them when I'm finished, and Thank You

Here's Everything that you request.

HiJackThis:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 2:48:33 PM, on 8/19/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18943)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Lexmark 3500-4500 Series\lxdimon.exe
C:\Program Files (x86)\Lexmark 3500-4500 Series\lxdiamon.exe
C:\Windows\vVX1000.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\BigFix\bigfix.exe
C:\Program Files (x86)\LimeWire\LimeWire.exe
C:\Windows\CNYHKey.exe
C:\Program Files (x86)\IOI\Smart Copy\ButtonMonitor.exe
C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe
C:\Program Files (x86)\AVG\AVG9\avgtray.exe
C:\Windows\ModLedKey.exe
C:\Program Files (x86)\Yahoo!\Messenger\ymsgr_tray.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10i_ActiveX.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/...ch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll
R3 - URLSearchHook: (no name) - {14f0d511-36a2-41ca-ae01-ba4f87282c97} - (no file)
R3 - URLSearchHook: Swag Bucks Toolbar - {8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94} - C:\Program Files (x86)\Swag_Bucks\tbSwag.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin .dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Swag Bucks Toolbar - {8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94} - C:\Program Files (x86)\Swag_Bucks\tbSwag.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: BhoApp - {9d541c6a-573b-4888-b35e-6816e68c3620} - C:\Program Files (x86)\Antivirus\AvBho.dll (file missing)
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll
O2 - BHO: MSN Toolbar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN Toolbar\Platform\4.0.0379.0\npwinext.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: MSN Toolbar - {8dcb7100-df86-4384-8842-8fa844297b3f} - c:\Program Files (x86)\MSN Toolbar\Platform\4.0.0379.0\npwinext.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Swag Bucks Toolbar - {8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94} - C:\Program Files (x86)\Swag_Bucks\tbSwag.dll
O3 - Toolbar: LimeWire Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [LchDrvKey] LchDrvKey.exe
O4 - HKLM\..\Run: [LedKey] CNYHKey.exe
O4 - HKLM\..\Run: [Smart Copy] "C:\Program Files (x86)\IOI\Smart Copy\ButtonMonitor.exe" -A
O4 - HKLM\..\Run: [P2Go_Menu] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files (x86)\\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [YSearchProtection] "C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [MSN Toolbar] "c:\Program Files (x86)\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe"
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~2\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [PopRock] C:\Users\Pc\AppData\Local\Temp\c.exe
O4 - HKCU\..\Run: [Antivirus.exe] C:\Program Files (x86)\Antivirus\Antivirus.exe
O4 - HKCU\..\Run: [wscsvc32.exe] C:\Program Files (x86)\Antivirus\wscsvc32.exe
O4 - HKCU\..\Run: [{9B71D88C-C598-4935-C5D1-43AA4DB90836}] C:\Users\Pc\AppData\Roaming\Street\Street.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [4shared Desktop] "C:\Program Files (x86)\4shared Desktop\desktop.exe" "startup"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files (x86)\LimeWire\LimeWire.exe
O4 - Startup: RocketDock.lnk = C:\Windows\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files (x86)\Stardock\ObjectDock\ObjectDock.exe
O4 - Startup: TransBar.lnk = C:\Windows\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: UberIcon.lnk = C:\Windows\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O4 - Startup: Y'z Shadow.lnk = C:\Windows\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\bigfix.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files (x86)\PokerStars.NET\PokerStarsUpdate.exe
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgpp.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Unknown owner - C:\Windows\system32\agr64svc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - Unknown owner - C:\Windows\system32\Ati2evxx.exe (file missing)
O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files (x86)\AVG\AVG9\Toolbar\ToolbarBroker.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: dlbt_device - Unknown owner - C:\Windows\system32\dlbtcoms.exe (file missing)
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\GATEWAY\Gateway Recovery Management\Service\ETService.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\Gateway Games\Gateway Game Console\GameConsoleService.exe
O23 - Service: Google Update Service (gupdate1ca4a0cba5ff410) (gupdate1ca4a0cba5ff410) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: lxdiCATSCustConnectService - Lexmark International, Inc. - C:\Windows\system32\spool\DRIVERS\x64\3\\lxdiserv.exe
O23 - Service: lxdi_device - - C:\Windows\system32\lxdicoms.exe
O23 - Service: McciCMService - Alcatel-Lucent - C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
O23 - Service: McciCMService64 - Alcatel-Lucent - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
O23 - Service: Marvell Yukon Service (yksvc) - Unknown owner - RUNDLL32.EXE (file missing)
--
End of file - 16830 bytes

DDS:

10-03-17.01) - NTFSX64
Run by Pc at 14:14:11.32 on Thu 08/19/2010
Internet Explorer: 8.0.6001.18943 BrowserJavaVersion: 1.6.0_20
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3838.1196 [GMT -5:00]
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
============== Running Processes ===============
C:\Windows\system32\wininit.exe
C:\Program Files (x86)\AVG\AVG9\avgchsva.exe
C:\Program Files (x86)\AVG\AVG9\avgrsa.exe
C:\Program Files (x86)\AVG\AVG9\avgcsrva.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\agr64svc.exe
C:\Windows\system32\svchost.exe -k apphost
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Windows\system32\dlbtcoms.exe
C:\Program Files\GATEWAY\Gateway Recovery Management\Service\ETService.exe
C:\Windows\system32\spool\DRIVERS\x64\3\lxdiserv.exe
C:\Windows\system32\lxdicoms.exe
C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\Program Files\Microsoft LifeCam\MSCamS64.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\AVG\AVG9\avgnsa.exe
C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Windows\system32\RUNDLL32.EXE
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\MHotKey.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RAVCpl64.exe
C:\Program Files (x86)\Lexmark 3500-4500 Series\lxdimon.exe
C:\Program Files (x86)\Lexmark 3500-4500 Series\lxdiamon.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Windows\vVX1000.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\BigFix\bigfix.exe
C:\Program Files (x86)\LimeWire\LimeWire.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\CNYHKey.exe
C:\Program Files (x86)\IOI\Smart Copy\ButtonMonitor.exe
C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe
C:\Program Files (x86)\AVG\AVG9\avgtray.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\ModLedKey.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ChiFuncExt.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Yahoo!\Messenger\ymsgr_tray.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10i_ActiveX.exe
C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Pc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\297HBUC6\dds[1].scr
============== Pseudo HJT Report ===============
uStart Page = hxxp://www.google.com/
uSearch Page =
uSearch Bar =
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://www.yahoo.com/
mDefault_Page_URL = hxxp://www.yahoo.com/
mDefault_Search_URL = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
mSearch Page = ${URL_SEARCHPAGE}
mLocal Page = c:\windows\syswow64\blank.htm
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant =
uURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files (x86)\avg\avg9\toolbar\IEToolbar.dll
uURLSearchHooks: H - No File
uURLSearchHooks: Swag Bucks Toolbar: {8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94} - c:\program files (x86)\swag_bucks\tbSwag.dll
mURLSearchHooks: Swag Bucks Toolbar: {8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94} - c:\program files (x86)\swag_bucks\tbSwag.dll
mURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files (x86)\avg\avg9\toolbar\IEToolbar.dll
mWinlogon: Userinit=userinit.exe
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files (x86)\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\programdata\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin .dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files (x86)\avg\avg9\avgssie.dll
{5c255c8a-e604-49b4-9d64-90988571cecb}
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files (x86)\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files (x86)\microsoft office\office12\GrooveShellExtensions.dll
BHO: Swag Bucks Toolbar: {8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94} - c:\program files (x86)\swag_bucks\tbSwag.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files (x86)\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: AvBhoApp Class: {9d541c6a-573b-4888-b35e-6816e68c3620} - c:\program files (x86)\antivirus\AvBho.dll
BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files (x86)\avg\avg9\toolbar\IEToolbar.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files (x86)\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files (x86)\google\googletoolbarnotifier\5.5.5126.1836\swg.dll
BHO: MSN Toolbar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files (x86)\msn toolbar\platform\4.0.0379.0\npwinext.dll
BHO: LimeWire Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files (x86)\ask.com\GenericAskToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files (x86)\java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files (x86)\windows live\toolbar\wltcore.dll
TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program files (x86)\avg\avg9\toolbar\IEToolbar.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files (x86)\windows live\toolbar\wltcore.dll
TB: MSN Toolbar: {8dcb7100-df86-4384-8842-8fa844297b3f} - c:\program files (x86)\msn toolbar\platform\4.0.0379.0\npwinext.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files (x86)\google\google toolbar\GoogleToolbar_32.dll
TB: Swag Bucks Toolbar: {8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94} - c:\program files (x86)\swag_bucks\tbSwag.dll
TB: LimeWire Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files (x86)\ask.com\GenericAskToolbar.dll
TB: {EEE6C35B-6118-11DC-9C72-001320C79847} - No File
TB: {4F11ACBB-393F-4C86-A214-FF3D0D155CC3} - No File
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [swg] "c:\program files (x86)\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [msnmsgr] "c:\program files (x86)\windows live\messenger\msnmsgr.exe" /background
uRun: [Messenger (Yahoo!)] "c:\program files (x86)\yahoo!\messenger\YahooMessenger.exe" -quiet
uRun: [PopRock] c:\users\pc\appdata\local\temp\c.exe
uRun: [Antivirus.exe] c:\program files (x86)\antivirus\Antivirus.exe
uRun: [wscsvc32.exe] c:\program files (x86)\antivirus\wscsvc32.exe
uRun: [{9B71D88C-C598-4935-C5D1-43AA4DB90836}] c:\users\pc\appdata\roaming\street\Street.exe
uRun: [Skype] "c:\program files (x86)\skype\phone\Skype.exe" /nosplash /minimized
uRun: [4shared Desktop] "c:\program files (x86)\4shared desktop\desktop.exe" "startup"
uRun: [WMPNSCFG] c:\program files (x86)\windows media player\WMPNSCFG.exe
mRun: [StartCCC] "c:\program files (x86)\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [LchDrvKey] LchDrvKey.exe
mRun: [LedKey] CNYHKey.exe
mRun: [Smart Copy] "c:\program files (x86)\ioi\smart copy\ButtonMonitor.exe" -A
mRun: [eRecoveryService]
mRun: [P2Go_Menu] "c:\program files (x86)\cyberlink\power2go\muitransfer\muistartmenu.exe" "c:\program files (x86)\cyberlink\power2go" updatewithcreateonce "software\cyberlink\power2go\6.0"
mRun: [GrooveMonitor] "c:\program files (x86)\microsoft office\office12\GrooveMonitor.exe"
mRun: [FaxCenterServer] "c:\program files (x86)\\lexmark fax solutions\fm3032.exe" /s
mRun: [YSearchProtection] "c:\program files (x86)\yahoo!\search protection\SearchProtection.exe"
mRun: [AppleSyncNotifier] c:\program files (x86)\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [SunJavaUpdateSched] "c:\program files (x86)\common files\java\java update\jusched.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files (x86)\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files (x86)\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [MSN Toolbar] "c:\program files (x86)\msn toolbar\platform\4.0.0379.0\mswinext.exe"
mRun: [Microsoft Default Manager] "c:\program files (x86)\microsoft\search enhancement pack\default manager\DefMgr.exe" -resume
mRun: [iTunesHelper] "c:\program files (x86)\itunes\iTunesHelper.exe"
mRun: [DivXUpdate] "c:\program files (x86)\divx\divx update\DivXUpdate.exe" /CHECKNOW
mRun: [LifeCam] "c:\program files (x86)\microsoft lifecam\LifeExp.exe"
mRun: [TkBellExe] "c:\program files (x86)\common files\real\update_ob\realsched.exe" -osboot
mRun: [AVG9_TRAY] c:\progra~2\avg\avg9\avgtray.exe
mRun: [QuickTime Task] "c:\program files (x86)\quicktime\QTTask.exe" -atboottime
StartupFolder: c:\users\pc\appdata\roaming\micros~1\windows\startm~1\programs\startup\lime wi~1.lnk - c:\program files (x86)\limewire\LimeWire.exe
StartupFolder: c:\users\pc\appdata\roaming\micros~1\windows\startm~1\programs\startup\rock et~1.lnk - c:\windows\bricopacks\vista inspirat 2\rocketdock\RocketDock.exe
StartupFolder: c:\users\pc\appdata\roaming\micros~1\windows\startm~1\programs\startup\star do~1.lnk - c:\program files (x86)\stardock\objectdock\ObjectDock.exe
StartupFolder: c:\users\pc\appdata\roaming\micros~1\windows\startm~1\programs\startup\tran sbar.lnk - c:\windows\bricopacks\vista inspirat 2\transbar\TransBar.exe
StartupFolder: c:\users\pc\appdata\roaming\micros~1\windows\startm~1\programs\startup\uber icon.lnk - c:\windows\bricopacks\vista inspirat 2\ubericon\UberIcon Manager.exe
StartupFolder: c:\users\pc\appdata\roaming\micros~1\windows\startm~1\programs\startup\y'zs ha~1.lnk - c:\windows\bricopacks\vista inspirat 2\yzshadow\YzShadow.exe
StartupFolder: c:\progra~3\micros~1\windows\startm~1\programs\startup\bigfix.lnk - c:\program files\bigfix\bigfix.exe
uPolicies-system: SetVisualStyle = c:\windows\resources\themes\inspirat2\Inspirat2.msstyles
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-explorer: ForceActiveDesktopOn = 0 (0x0)
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~2\micros~2\office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files (x86)\google\google toolbar\component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - c:\program files (x86)\pokerstars.net\PokerStarsUpdate.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files (x86)\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~2\micros~2\office12\ONBttnIE.dll
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~2\micros~2\office12\REFIEBAR.DLL
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - c:\program files (x86)\avg\avg9\toolbar\IEToolbar.dll
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files (x86)\microsoft office\office12\GrooveSystemServices.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files (x86)\avg\avg9\avgpp.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files (x86)\microsoft office\office12\GrooveShellExtensions.dll
BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - c:\program files (x86)\avg\avg9\avgssiea.dll
BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files (x86)\google\google toolbar\GoogleToolbar_64.dll
BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.5.5126.1836\swg64.dll
TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files (x86)\google\google toolbar\GoogleToolbar_64.dll
TB-X64: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
TB-X64: {EEE6C35B-6118-11DC-9C72-001320C79847} - No File
TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
TB-X64: {4F11ACBB-393F-4C86-A214-FF3D0D155CC3} - No File
TB-X64: {8BDEA9D6-6F62-45EB-8EE9-8A81AF0D2F94} - No File
mRun-x64: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun-x64: [RtHDVCpl] RAVCpl64.exe
mRun-x64: [Skytel] Skytel.exe
mRun-x64: [lxdimon.exe] "c:\program files (x86)\lexmark 3500-4500 series\lxdimon.exe"
mRun-x64: [lxdiamon] "c:\program files (x86)\lexmark 3500-4500 series\lxdiamon.exe"
mRun-x64: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
mRun-x64: [VX1000] c:\windows\vVX1000.exe
AppInit_DLLs-X64: avgrssta.dll
STS-X64: Deskscapes Class: {EC654325-1273-C2A9-2B7C-45D29BCE68FB} - c:\program files (x86)\stardock\object desktop\deskscapes3\deskscapes.dll
================= FIREFOX ===================
FF - ProfilePath - c:\users\pc\appdata\roaming\mozilla\firefox\profiles\mvnz874b.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=SOLTDF&PC=SUN1&q=
FF - prefs.js: browser.search.selectedEngine - Yahoo! Search
FF - prefs.js: browser.startup.homepage - hxxp://home.sweetim.com
FF - prefs.js: keyword.URL - hxxp://us.yhs.search.yahoo.com/avg/search?fr=yhs-avgb&type=yahoo_avg_hs2-tb-web_us&p=
FF - component: c:\program files (x86)\avg\avg9\firefox\components\avgssff.dll
FF - component: c:\program files (x86)\avg\avg9\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils 2.dll
FF - component: c:\program files (x86)\avg\avg9\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils 3.dll
FF - component: c:\program files (x86)\avg\avg9\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils 35.dll
FF - component: c:\program files (x86)\avg\avg9\toolbar\firefox\avg@igeared\components\xpavgtbapi.dll
FF - component: c:\program files (x86)\microsoft\search enhancement pack\search helper\firefoxextension\searchhelperextension\components\SEPsearchhelperff. dll
FF - component: c:\programdata\real\realplayer\browserrecordplugin\firefox\ext\components\n prpffbrowserrecordext.dll
FF - component: c:\users\pc\appdata\roaming\mozilla\firefox\profiles\mvnz874b.default\exten sions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\components\FFExternalAlert.dll
FF - component: c:\users\pc\appdata\roaming\mozilla\firefox\profiles\mvnz874b.default\exten sions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\components\RadioWMPCore.dll
FF - plugin: c:\program files (x86)\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files (x86)\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files (x86)\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files (x86)\google\update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files (x86)\microsoft\office live\npOLW.dll
FF - plugin: c:\program files (x86)\mozilla firefox\plugins\np_IEGetPlugin.dll
FF - plugin: c:\program files (x86)\mozilla firefox\plugins\npclntax_HotbarSA.dll
FF - plugin: c:\program files (x86)\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files (x86)\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\program files\real\realplayer\netscape6\nppl3260.dll
FF - plugin: c:\program files\real\realplayer\netscape6\nprjplug.dll
FF - plugin: c:\program files\real\realplayer\netscape6\nprpjplug.dll
FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5 videoshim.dll
FF - plugin: c:\windows\syswow64\macromed\flash\NPSWF32.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - truec:\program files (x86)\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\program files (x86)\mozilla firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDFE0BD779-44EE-4A4B-AA2E-743C63F2E5E6", "AllAccess");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
============= SERVICES / DRIVERS ===============
R1 AvgLdx64;AVG Free AVI Loader Driver x64;c:\windows\system32\drivers\avgldx64.sys [2010-8-13 269904]
R1 AvgMfx64;AVG Free On-access Scanner Minifilter Driver x64;c:\windows\system32\drivers\avgmfx64.sys [2010-8-13 35536]
R1 AvgTdiA;AVG Free Network Redirector x64;c:\windows\system32\drivers\avgtdia.sys [2010-8-13 317520]
R2 avg9wd;AVG Free WatchDog;c:\program files (x86)\avg\avg9\avgwdsvc.exe [2010-8-13 308136]
R2 ETService;Empowering Technology Service;c:\program files\gateway\gateway recovery management\service\ETService.exe [2009-4-14 24576]
R2 lxdi_device;lxdi_device;c:\windows\system32\lxdicoms.exe -service --> c:\windows\system32\lxdicoms.exe -service [?]
R2 lxdiCATSCustConnectService;lxdiCATSCustConnectService;c:\windows\system32\s pool\drivers\x64\3\lxdiserv.exe [2007-6-11 33712]
R2 McciCMService64;McciCMService64;c:\program files\common files\motive\McciCMService.exe [2009-7-8 495616]
R2 yksvc;Marvell Yukon Service;RUNDLL32.EXE ykx64coinst,serviceStartProc --> RUNDLL32.EXE ykx64coinst,serviceStartProc [?]
R3 yukonx64;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\drivers\yk60x64.sys [2008-8-5 392192]
S2 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;c:\windows\microsoft.net\framework64\v2.0.50727\mscorsvw.exe [2009-9-23 89920]
S2 gupdate1ca4a0cba5ff410;Google Update Service (gupdate1ca4a0cba5ff410);c:\program files (x86)\google\update\GoogleUpdate.exe [2009-10-10 133104]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files (x86)\avg\avg9\toolbar\ToolbarBroker.exe [2010-8-16 430152]
S3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 27648]
S3 nosGetPlusHelper;getPlus(R) Helper 3004;c:\windows\system32\svchost.exe -k nosGetPlusHelper [2008-1-20 27648]
S3 PerfHost;Performance Counter DLL Host;c:\windows\syswow64\perfhost.exe [2008-1-20 19968]
============== File Associations ===============
JSEFile=c:\windows\syswow64\WScript.exe "%1" %*
regfile="regedit.exe" "%1"
=============== Created Last 30 ================
2010-08-18 18:55:03 0 d-----w- c:\programdata\regid.1986-12.com.adobe
2010-08-18 13:35:05 0 d-----w- c:\users\pc\appdata\roaming\Sawer
2010-08-16 22:09:27 0 d-----w- c:\programdata\AVG Security Toolbar
2010-08-15 19:04:40 921624 ----a-w- C:\img2-003.raw
2010-08-14 13:14:38 0 d-----w- C:\Archivos de programa
2010-08-14 03:31:11 13048 ----a-w- c:\windows\system32\avgrssta.dll
2010-08-14 03:31:08 317520 ----a-w- c:\windows\system32\drivers\avgtdia.sys
2010-08-14 03:31:01 269904 ----a-w- c:\windows\system32\drivers\avgldx64.sys
2010-08-14 03:30:59 35536 ----a-w- c:\windows\system32\drivers\avgmfx64.sys
2010-08-14 03:30:57 0 d-----w- c:\windows\system32\drivers\Avg
2010-08-14 03:20:58 0 d-----w- c:\program files (x86)\Trend Micro
2010-08-14 00:50:50 0 d-----w- c:\program files (x86)\Panda Security
2010-08-13 21:50:09 0 d-----w- c:\users\pc\appdata\roaming\Grisoft
2010-08-13 21:49:57 0 d-----w- c:\programdata\Grisoft
2010-08-13 17:34:40 0 d-----w- c:\users\pc\appdata\roaming\Thinstall
2010-08-13 16:39:17 0 d-----w- c:\program files (x86)\Gimp-2.0
2010-08-13 16:38:12 0 d-----w- c:\users\pc\appdata\roaming\Juce VST Host
2010-08-11 23:47:55 0 d-----w- c:\program files\dl_Cats
2010-08-11 17:58:05 1426816 ----a-w- c:\windows\system32\drivers\tcpip.sys
2010-08-11 17:58:03 453120 ----a-w- c:\windows\system32\drivers\srv.sys
2010-08-11 17:58:03 175104 ----a-w- c:\windows\system32\drivers\srv2.sys
2010-08-11 17:58:00 2752000 ----a-w- c:\windows\system32\win32k.sys
2010-08-10 10:15:58 94208 ----a-w- c:\windows\syswow64\QuickTimeVR.qtx
2010-08-10 10:15:58 69632 ----a-w- c:\windows\syswow64\QuickTime.qts
2010-08-07 18:56:41 0 d-----w- c:\program files\Microsoft LifeCam
2010-08-07 18:56:41 0 d-----w- c:\program files (x86)\Microsoft LifeCam
2010-08-07 18:56:28 1974616 ----a-w- c:\windows\syswow64\D3DCompiler_42.dll
2010-08-07 18:56:28 1892184 ----a-w- c:\windows\syswow64\D3DX9_42.dll
2010-08-05 23:26:03 0 d-----w- c:\program files\DivX
2010-08-05 23:25:46 0 d-----w- c:\program files (x86)\common files\DivX Shared
2010-08-04 15:52:28 0 d-----w- c:\program files\iPod
2010-08-04 15:52:24 0 d-----w- c:\program files\iTunes
2010-08-04 15:52:24 0 d-----w- c:\program files (x86)\iTunes
2010-08-04 15:46:50 0 d-----w- c:\program files\Bonjour
2010-08-04 15:46:50 0 d-----w- c:\program files (x86)\Bonjour
2010-08-04 04:27:01 88 --sh--r- c:\programdata\857BEA6FC5.sys
2010-08-04 04:27:01 2516 --sha-w- c:\programdata\KGyGaAvL.sys
2010-08-03 16:11:12 11584512 ----a-w- c:\windows\syswow64\shell32.dll
2010-07-29 08:38:09 0 d-----w- c:\program files (x86)\common files\Macromedia
2010-07-29 08:37:59 0 d-----w- c:\programdata\Macromedia
2010-07-29 08:37:59 0 d-----w- c:\program files (x86)\Macromedia
2010-07-29 08:28:25 0 d-----w- c:\programdata\Corel
2010-07-29 08:28:25 0 d-----w- c:\program files (x86)\common files\Protexis
2010-07-29 08:25:54 0 d-----w- c:\program files (x86)\common files\Corel
2010-07-29 08:08:42 0 d-----w- c:\program files (x86)\Corel
2010-07-29 07:34:56 0 d-----w- c:\program files (x86)\Selteco
2010-07-29 04:23:59 0 d-----w- c:\program files (x86)\Conduit
2010-07-29 04:23:57 0 d-----w- c:\program files (x86)\Swag_Bucks
==================== Find3M ====================
2010-08-11 23:47:18 51200 ----a-w- c:\windows\inf\infpub.dat
2010-08-11 23:47:17 143360 ----a-w- c:\windows\inf\infstrng.dat
2010-08-11 23:46:55 86016 ----a-w- c:\windows\inf\infstor.dat
2010-08-10 17:30:45 185920 ----a-w- c:\windows\syswow64\rmoc3260.dll
2010-08-10 17:30:33 6656 ----a-w- c:\windows\syswow64\pndx5016.dll
2010-08-10 17:30:33 5632 ----a-w- c:\windows\syswow64\pndx5032.dll
2010-08-10 17:29:43 278528 ----a-w- c:\windows\syswow64\pncrt.dll
2010-06-26 06:30:12 1147904 ----a-w- c:\windows\system32\wininet.dll
2010-06-26 06:25:54 77312 ----a-w- c:\windows\system32\iesetup.dll
2010-06-26 06:25:54 132096 ----a-w- c:\windows\system32\iesysprep.dll
2010-06-26 06:05:49 916480 ----a-w- c:\windows\syswow64\wininet.dll
2010-06-26 06:05:41 1210368 ----a-w- c:\windows\syswow64\urlmon.dll
2010-06-26 06:04:40 206848 ----a-w- c:\windows\syswow64\occache.dll
2010-06-26 06:03:22 611840 ----a-w- c:\windows\syswow64\mstime.dll
2010-06-26 06:03:04 5951488 ----a-w- c:\windows\syswow64\mshtml.dll
2010-06-26 06:03:02 599040 ----a-w- c:\windows\syswow64\msfeeds.dll
2010-06-26 06:03:02 55296 ----a-w- c:\windows\syswow64\msfeedsbs.dll
2010-06-26 06:02:31 25600 ----a-w- c:\windows\syswow64\jsproxy.dll
2010-06-26 06:02:15 71680 ----a-w- c:\windows\syswow64\iesetup.dll
2010-06-26 06:02:15 1986560 ----a-w- c:\windows\syswow64\iertutil.dll
2010-06-26 06:02:15 164352 ----a-w- c:\windows\syswow64\ieui.dll
2010-06-26 06:02:15 109056 ----a-w- c:\windows\syswow64\iesysprep.dll
2010-06-26 06:02:14 55808 ----a-w- c:\windows\syswow64\iernonce.dll
2010-06-26 06:02:14 184320 ----a-w- c:\windows\syswow64\iepeers.dll
2010-06-26 06:02:14 11077120 ----a-w- c:\windows\syswow64\ieframe.dll
2010-06-26 06:02:09 387584 ----a-w- c:\windows\syswow64\iedkcs32.dll
2010-06-26 04:47:47 162816 ----a-w- c:\windows\system32\ieUnatt.exe
2010-06-26 04:25:02 133632 ----a-w- c:\windows\syswow64\ieUnatt.exe
2010-06-26 04:24:51 173056 ----a-w- c:\windows\syswow64\ie4uinit.exe
2010-06-26 04:24:17 13312 ----a-w- c:\windows\syswow64\msfeedssync.exe
2010-06-18 17:48:21 50688 ----a-w- c:\windows\system32\rtutils.dll
2010-06-18 17:31:29 36864 ----a-w- c:\windows\syswow64\rtutils.dll
2010-06-11 16:39:28 343040 ----a-w- c:\windows\system32\schannel.dll
2010-06-11 16:38:10 1869824 ----a-w- c:\windows\system32\msxml3.dll
2010-06-11 16:16:20 274944 ----a-w- c:\windows\syswow64\schannel.dll
2010-06-11 16:15:06 1248768 ----a-w- c:\windows\syswow64\msxml3.dll
2010-06-08 18:00:36 4697992 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-06-03 02:41:44 3600384 ----a-w- c:\windows\syswow64\GPhotos.scr
2010-05-27 20:08:17 81920 ----a-w- c:\windows\syswow64\iccvid.dll
2010-05-26 17:23:46 48128 ----a-w- c:\windows\system32\atmlib.dll
2010-05-26 17:06:41 34304 ----a-w- c:\windows\syswow64\atmlib.dll
2010-05-26 15:10:41 366080 ----a-w- c:\windows\system32\atmfd.dll
2010-05-26 14:47:41 289792 ----a-w- c:\windows\syswow64\atmfd.dll
2010-05-21 19:14:28 270208 ------w- c:\windows\system32\MpSigStub.exe
2009-11-15 18:24:44 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-09-20 05:15:52 68359 ----a-w- c:\program files\3.exe
2009-09-20 05:10:12 0 ----a-w- c:\program files\New Text Document.txt
2008-01-21 03:21:59 174 --sha-w- c:\program files\desktop.ini
2008-01-21 03:21:59 174 --sha-w- c:\program files (x86)\desktop.ini
2006-11-02 15:14:56 30674 ----a-w- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 15:14:56 30674 ----a-w- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 15:14:56 287440 ----a-w- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 15:14:56 287440 ----a-w- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 10:52:12 287440 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 10:52:12 287440 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 10:52:10 30674 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 10:52:10 30674 ----a-w- c:\windows\inf\perflib\0000\perfc.dat
2010-04-21 04:04:23 245760 --sha-w- c:\windows\serviceprofiles\localservice\appdata\roaming\microsoft\windows\i etldcache\index.dat
============= FINISH: 14:15:46.52 ===============

ark:

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-08-19 14:46:20
Windows 6.0.6002 Service Pack 2
Running: yt8x4ghi.exe

---- Registry - GMER 1.0.15 ----
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{1D3AF999-F087-AA94-D899-1F6A131BC50D}
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{1D3AF999-F087-AA94-D899-1F6A131BC50D}@haamljjamahckjgg 0x69 0x61 0x65 0x65 ...
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{1D3AF999-F087-AA94-D899-1F6A131BC50D}@iakjjiijnihhnpncif 0x63 0x61 0x6A 0x65 ...
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{1D3AF999-F087-AA94-D899-1F6A131BC50D}@iagljdbdgojcgjfigh 0x69 0x61 0x68 0x65 ...
---- EOF - GMER 1.0.15 ----

**Cookiegal** · 20-Aug-2010, 06:50 PM #5

Please download Malwarebytes' Anti-Malware from Here.

Double Click mbam-setup.exe to install the application.

Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select "Perform Quick Scan", then click Scan.
The scan may take some time to finish, so please be patient.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
When disinfection is completed, a log will open in Notepad and you may be prompted to restart. (See Extra Note)
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Copy and paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

pcaf95 · 20-Aug-2010, 08:41 PM #6

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Database version: 4454
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18943
8/20/2010 6:32:50 PM
mbam-log-2010-08-20 (18-32-50).txt
Scan type: Quick scan
Objects scanned: 156816
Time elapsed: 7 minute(s), 12 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 1
Registry Keys Infected: 43
Registry Values Infected: 4
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 6
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
C:\Program Files (x86)\Windows Live\Messenger\msimg32.dll (Adware.MyWebSearch) -> Delete on reboot.
Registry Keys Infected:
HKEY_CLASSES_ROOT\avbho.avbhoapp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\avbho.avbhoapp.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{cf54be1c-9359-4395-8533-1657cf209cfe} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9d541c6a-573b-4888-b35e-6816e68c3620} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{d518921a-4a03-425e-9873-b9a71756821e} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{65da0ce6-30d1-4144-a0b6-59bd01372e26} (Rogue.AntiVirus) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{0 0a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{0 7b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{0 7b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{0 7b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{1 00eb1fd-d03e-47fd-81f3-ee91287f9465} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{9 d541c6a-573b-4888-b35e-6816e68c3620} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6fd3 1ed6-7c94-4bbc-8e95-f927f4d3a949} (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{d95c 7240-0282-4c01-93f5-673bca03da86} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6 faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b1 8ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b1 8eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4d b7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9ff0 5104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{100e b1fd-d03e-47fd-81f3-ee91287f9465} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{a7cd dcdc-beeb-4685-a062-978f5e07ceee} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c542 8486-50a0-4a02-9d20-520b59a9f9b2} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c542 8486-50a0-4a02-9d20-520b59a9f9b3} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9d54 1c6a-573b-4888-b35e-6816e68c3620} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Brows er Helper Objects\{9d541c6a-573b-4888-b35e-6816e68c3620} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\bifrost1.2 (Bifrose.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\EES\bifrost (Backdoor.Bifrose) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\{9b71d88c-c598-4935-c5d1-43aa4db90836} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\antivirus.e xe (Rogue.AntiVirus) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\poprock (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\wscsvc32.ex e (Rogue.AntiVirus) -> Quarantined and deleted successfully.
Registry Data Items Infected:
HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> Quarantined and deleted successfully.
Folders Infected:
(No malicious items detected)
Files Infected:
C:\Program Files (x86)\Windows Live\Messenger\msimg32.dll (Adware.MyWebSearch) -> Delete on reboot.
C:\Program Files\3.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Pc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Antivirus.lnk (Rogue.AntiVirus) -> Quarantined and deleted successfully.
C:\Users\PCAF95\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Antivirus.lnk (Rogue.AntiVirus) -> Quarantined and deleted successfully.
C:\Windows\Tasks\{7B02EF0B-A410-4938-8480-9BA26420A627}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Windows\Tasks\{BB65B0FB-5712-401b-B616-E69AC55E2757}.job (Trojan.Downloader) -> Quarantined and deleted successfully.

**Cookiegal** · 21-Aug-2010, 04:39 PM #7

Click here to download ATF Cleaner by Atribune and save it to your desktop.

Double-click ATF-Cleaner.exe to run the program.
Under Main choose: Select All
Click the Empty Selected button.
- If you use Firefox:
  - Click Firefox at the top and choose: Select All
  - Click the Empty Selected button.
  - NOTE: If you would like to keep your saved passwords, please click No at the prompt.
- If you use Opera:
  - Click Opera at the top and choose: Select All
  - Click the Empty Selected button.
  - NOTE: If you would like to keep your saved passwords, please click No at the prompt.
Click Exit on the Main menu to close the program.

Then post a new HijackThis log please.

pcaf95 · 21-Aug-2010, 05:18 PM #8

After using the ATF cleaner, Here's my HiJackThis log:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 3:16:33 PM, on 8/21/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18943)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Lexmark 3500-4500 Series\lxdimon.exe
C:\Program Files (x86)\Lexmark 3500-4500 Series\lxdiamon.exe
C:\Windows\vVX1000.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\BigFix\bigfix.exe
C:\Program Files (x86)\LimeWire\LimeWire.exe
C:\Windows\CNYHKey.exe
C:\Program Files (x86)\IOI\Smart Copy\ButtonMonitor.exe
C:\Windows\ModLedKey.exe
C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe
C:\Program Files (x86)\AVG\AVG9\avgtray.exe
C:\Program Files (x86)\Yahoo!\Messenger\ymsgr_tray.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10i_ActiveX.exe
C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/...ch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll
R3 - URLSearchHook: (no name) - {14f0d511-36a2-41ca-ae01-ba4f87282c97} - (no file)
R3 - URLSearchHook: Swag Bucks Toolbar - {8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94} - C:\Program Files (x86)\Swag_Bucks\tbSwag.dll
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin .dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Swag Bucks Toolbar - {8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94} - C:\Program Files (x86)\Swag_Bucks\tbSwag.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll
O2 - BHO: MSN Toolbar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN Toolbar\Platform\4.0.0379.0\npwinext.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: MSN Toolbar - {8dcb7100-df86-4384-8842-8fa844297b3f} - c:\Program Files (x86)\MSN Toolbar\Platform\4.0.0379.0\npwinext.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Swag Bucks Toolbar - {8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94} - C:\Program Files (x86)\Swag_Bucks\tbSwag.dll
O3 - Toolbar: LimeWire Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [LchDrvKey] LchDrvKey.exe
O4 - HKLM\..\Run: [LedKey] CNYHKey.exe
O4 - HKLM\..\Run: [Smart Copy] "C:\Program Files (x86)\IOI\Smart Copy\ButtonMonitor.exe" -A
O4 - HKLM\..\Run: [P2Go_Menu] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files (x86)\\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [YSearchProtection] "C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [MSN Toolbar] "c:\Program Files (x86)\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe"
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~2\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [4shared Desktop] "C:\Program Files (x86)\4shared Desktop\desktop.exe" "startup"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files (x86)\LimeWire\LimeWire.exe
O4 - Startup: RocketDock.lnk = C:\Windows\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files (x86)\Stardock\ObjectDock\ObjectDock.exe
O4 - Startup: TransBar.lnk = C:\Windows\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: UberIcon.lnk = C:\Windows\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O4 - Startup: Y'z Shadow.lnk = C:\Windows\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\bigfix.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files (x86)\PokerStars.NET\PokerStarsUpdate.exe
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgpp.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Unknown owner - C:\Windows\system32\agr64svc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - Unknown owner - C:\Windows\system32\Ati2evxx.exe (file missing)
O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files (x86)\AVG\AVG9\Toolbar\ToolbarBroker.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: dlbt_device - Unknown owner - C:\Windows\system32\dlbtcoms.exe (file missing)
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\GATEWAY\Gateway Recovery Management\Service\ETService.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\Gateway Games\Gateway Game Console\GameConsoleService.exe
O23 - Service: Google Update Service (gupdate1ca4a0cba5ff410) (gupdate1ca4a0cba5ff410) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: lxdiCATSCustConnectService - Lexmark International, Inc. - C:\Windows\system32\spool\DRIVERS\x64\3\\lxdiserv.exe
O23 - Service: lxdi_device - - C:\Windows\system32\lxdicoms.exe
O23 - Service: McciCMService - Alcatel-Lucent - C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
O23 - Service: McciCMService64 - Alcatel-Lucent - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
O23 - Service: Marvell Yukon Service (yksvc) - Unknown owner - RUNDLL32.EXE (file missing)
--
End of file - 15962 bytes

**Cookiegal** · 22-Aug-2010, 01:31 PM #9

Open HijackThis and click on the Open Misc Tools section button. Click on the Open Uninstall Manager button. Click the Save List button. Save the list then copy and paste it here.

pcaf95 · 22-Aug-2010, 02:05 PM **#10**

Okey thankyou for helping me and here's what you requested:

4shared Desktop
Adobe AIR
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.3.3
Adobe Shockwave Player 11.5
AnalogX Vocal Remover (WinAmp)
Any Video Converter 2.7.8
Apple Application Support
Apple Software Update
ASIO4ALL
Ask Toolbar
ATT-HSI
Audacity 1.3.9 (Unicode)
AVG Free 9.0
BigFix
Catalyst Control Center - Branding
Collab
Compact Wireless-G USB Network Adapter with SpeedBooster Driver - WUSB54GSC
CorelDRAW Graphics Suite X4
CorelDRAW Graphics Suite X4 - Capture
CorelDRAW Graphics Suite X4 - Content
CorelDRAW Graphics Suite X4 - Draw
CorelDRAW Graphics Suite X4 - Filters
CorelDRAW Graphics Suite X4 - FontNav
CorelDRAW Graphics SUite X4 - ICA
CorelDRAW Graphics Suite X4 - IPM
CorelDRAW Graphics Suite X4 - Lang ES
CorelDRAW Graphics Suite X4 - PP
CorelDRAW Graphics Suite X4 - VBA
CorelDRAW(R) Graphics Suite X4
CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension
CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension
CyberLink LabelPrint
CyberLink MediaShow
CyberLink MediaShow
CyberLink Power2Go
CyberLink Power2Go
Daniusoft MP3 WAV Converter(Build 2.3.1.0)
DivX Setup
FL Studio 8
FL Studio 9
Free Studio version 4.2
Gateway Games
Gateway Recovery Management
getPlus+(R) Download Manager for Corel
Gimp 2.6.0
GlaceVerb 1.01
Google Chrome
Google Earth
Google Toolbar for Internet Explorer
Google Toolbar for Internet Explorer
Google Update Helper
Graffiti Studio 2.0
HiJackThis
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HyperCam 2
IL Download Manager
iPhone Configuration Utility
Java(TM) 6 Update 20
Java(TM) 6 Update 5
Junk Mail filter update
KB0817 Keyboard Driver
LG USB Modem driver
LimeWire 5.5.13
Macromedia Extension Manager
Macromedia Fireworks 8
Macromedia Flash 8
Macromedia Flash 8 Video Encoder
Malwarebytes' Anti-Malware
Marvell Miniport Driver
Microsoft Choice Guard
Microsoft Corporation
Microsoft Default Manager
Microsoft Money Essentials
Microsoft Money Shared Libraries
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Live Add-in 1.5
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft UI Engine
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable
Microsoft Works
Mozilla Firefox (3.6)
MSN Toolbar
MSN Toolbar Platform
MSVCRT
PhotoScape
Picasa 3
PokerStars.net
QuickTime
RealPlayer
Realtek High Definition Audio Driver
Realtek USB 2.0 Card Reader
RealUpgrade 1.0
Safari
Security Update for 2007 Microsoft Office System (KB2277947)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for 2007 Microsoft Office System (KB982312)
Security Update for 2007 Microsoft Office System (KB982331)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB982308)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office Outlook 2007 (KB980376)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office Publisher 2007 (KB982124)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2251419)
Selteco Bannershop GIF Animator
SHOUTcast Radio Toolbar
SHOUTcast Source DSP 1.9.1 (remove only)
Smart Copy 3.1.1.1
SnagIt 5
Swag Bucks Toolbar
Uninstall 1.0.0.1
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (kb2279264)
VC80CRTRedist - 8.0.50727.4053
Virtual DJ - Atomix Productions
Visual C++ 8.0 ATL (x86) WinSXS MSM
Visual C++ 8.0 CRT (x86) WinSXS MSM
Visual C++ 8.0 Runtime Setup Package (x64)
Visual C++ 8.0 Runtime Setup Package (x64)
Vuze
Winamp
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker
Windows Live OneCare safety scanner
Windows Live OneCare safety scanner
Windows Live Photo Gallery
Windows Live Sync
Windows Live Toolbar
Windows Live Upload Tool
Windows Live Writer
WinRAR archiver
Xara3D6
Xion v1.0 (build 100)
Yahoo! Messenger
Yahoo! Search Protection
Yahoo! Software Update

**Cookiegal** · 23-Aug-2010, 07:32 PM **#11**

Uninstall the following via the Control Panel - Add or Remove programs.

Ask Toolbar

Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version of Java components and upgrade the application.

Upgrading Java:

Download the latest version of Java Runtime Environment (JRE) 6 Update 21 .
Click the "Download" button to the right.
Select your Platform and check the box that says: "I agree to the Java SE Runtime Environment 21 License Agreement.".
Click on Continue.
Click on the link to download Windows Offline Installation (jre-6u21-windows-i586.exe) and save it to your desktop. Do NOT use the Sun Download Manager.
Close any programs you may have running - especially your web browser.
Go to Start > Control Panel, double-click on Add/Remove programs and remove all older versions of Java.
Check any item with Java Runtime Environment, JRE, J2SE or Java(TM) in the name.
Click the Remove or Change/Remove button.
Repeat as many times as necessary to remove each Java version.
Reboot your computer once all Java components are removed.
Then from your desktop double-click on the download to install the newest version.

These are the older versions of Java that you should uninstall:

Java(TM) 6 Update 20
Java(TM) 6 Update 5

How are things now?

pcaf95 · 23-Aug-2010, 11:52 PM **#12**

Thanks for your help, I really appreciated what you did. Everythings is running good so far if I have another problem I'll post it here. Thanks a lot for your help!

**Cookiegal** · 24-Aug-2010, 05:35 PM **#13**

Before you go, please run another Panda scan as you did at the beginning of the thread to see if anything still gets detected and post the log here.

pcaf95 · 26-Aug-2010, 10:38 PM **#14**

Umm I'm not sure which is the Panda scanner, can you give a link to the page?

Thanks

**Cookiegal** · 27-Aug-2010, 03:19 PM **#15**

You included that in your first post and ran it yourself. I assume it was a scan from Panda because of the format.

Here's a link to it:

http://www.pandasecurity.com/homeuse...ns/activescan/

Similar Threads
Title	Thread Starter	Forum	Replies	Last Post
There is no disk in the drive. Please insert a disk into drive (new)	smfaraz	Virus & Other Malware Removal	0	01-Jun-2010 07:10 AM
no disk in the drive	unknowazni4u	Windows XP	6	24-Sep-2008 09:37 PM
There is no disk in the drive	Hujambo	Windows XP	3	22-Dec-2006 07:42 AM
There is no disk in the drive. Please insert a disk into drive .	F150Guy	Virus & Other Malware Removal	7	17-Nov-2006 10:41 PM
There is no disk in the drive	MPeg3	Windows XP	5	13-Oct-2005 09:55 AM

Tag Cloud
access acer asus bios bsod computer crash desktop driver drivers error ethernet excel freeze gaming hard drive hardware hdmi internet laptop malware memory modem monitor motherboard network printer problem ram registry router security slow software sound toshiba trojan ubuntu 11.10 uninstall usb video virus vista wifi windows windows 7 windows 7 32 bit windows 7 64 bit windows xp wireless

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)

Find the solution to yourcomputer problem!

Find the solution to your
computer problem!