Hi, I am having a problem with a Very slow computer and popups. I did a scan with spybot after I got a virus warning from avast. I tried to put it in the vault and it said it was being used by another program... well actually by windows\system32\geBrpoMG.dll

I used spybot to fix the problems but they came back after reboot. I went to a site last night and got the first virus warning and put those in the vault fine. Now i'm getting random popups even when I'm not on a browser. Also, movie sites pop up and start playing movies. Also when I type it lags forever to do it and also when I right click anything it takes a long while for it to react at all. Um, I think thats it. Here is my hijackthis log. Thanks for any help.


ok um, i tried to copy and paste my log and its not letting me. I have selected all and tried to copy and then paste and Nothing. I'll try to attach. its not letting me attach either.

I just rebooted and hope it lets me paste

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:43:43 PM, on 12/23/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PSIService.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local
O3 - Toolbar: MYPOINTS - {A057A204-BACC-4D26-CEC4-75A487FD6484} - C:\PROGRA~1\mypoints\mypoints.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Neda\Programs\IMVU\Run IMVU.lnk
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {01016526-5E80-11D8-9E86-0007E96C65AE} (SmartAccess Ctl Class) - https://install.charter.com/diskless/bin/ssctlsma.dll
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - https://google.com/diskless/bin/tgctlcm.cab
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/...x/qtplugin.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/par...an_unicode.cab
O16 - DPF: {2DFF31F9-7893-4922-AF66-C9A1EB4EBB31} (Rhapsody Player Engine) - http://forms.real.com/real/player/do...e_Inst_Win.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {3107C2A8-9F0B-4404-A58B-21BD85268FBC} (PogoWebLauncher Control) - http://www.pogo.com/cdl/launcher/Pog...rInstaller.CAB
O16 - DPF: {32A155BD-68EC-404E-A14F-72A851C0811D} (WebNG-Uploader Control) - http://cp1.webng.com/client/fm/WebNG-Uploader.cab
O16 - DPF: {341FF14B-00CB-49F5-A427-A164DF1D5E1F} (MALPlaybackCtrl Class) - http://musicstore.connect.com/XSL/mb...LStreaming.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/reso...an8/oscan8.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1166401038125
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Measurement Services Client v.3.10) - http://advisor.futuremark.com/global/msc310.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{63435374-0A07-44DB-8735-CC8EACDD0080}: NameServer = 192.168.2.1
O20 - AppInit_DLLs: eqqpav.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O24 - Desktop Component 0: (no name) - http://www.blizzard.com/shared/blizz...blizz-logo.gif

--
End of file - 8543 bytes

I notice that you have Spybot's TeaTimer running. While this is normally a wonderful tool to protect against hijackers, it can also interfere with HijackThis fixes. So please disable TeaTimer by doing the following:

1. Run Spybot-S&D
2. Go to the Mode menu, and make sure "Advanced Mode" is selected
3. On the left hand side, choose Tools -> Resident
4. Uncheck "Resident TeaTimer" and OK any prompts

You can reenable TeaTimer once your system is clean.



* Please download Malwarebytes' Anti-Malware from HERE or HERE

Double Click mbam-setup.exe to install the application.

* Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and zLaunch Malwarebytes Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select "Perform Full Scan", then click Scan.
* The scan may take some time to finish,so please be patient.
* When the scan is complete, click OK, then Show Results to view the results.
* Make sure that everything is checked, and click Remove Selected.
* When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
* The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
* Copy&Paste the entire report in your next reply along with a fresh HijackThis log.


Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.

Hi, Thank you for replying. I did a scan with spyware doctor and mbam before you posted, but had only done the quick scan for mbam at first. I'll add the first scan then the other two from mbam yesterday and today. The first full scan of mbam took over 8 hours and still hadn't finished.. is that normal? So i stopped that scan and turned off my internet and did it while i slept. Here they are.

Malwarebytes' Anti-Malware 1.31
Database version: 1540
Windows 5.1.2600 Service Pack 3

12/24/2008 4:12:40 AM
mbam-log-2008-12-24 (04-12-40).txt

Scan type: Quick Scan
Objects scanned: 51275
Time elapsed: 22 minute(s), 31 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 3
Registry Keys Infected: 14
Registry Values Infected: 2
Registry Data Items Infected: 2
Folders Infected: 0
Files Infected: 7

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
C:\WINDOWS\system32\iifcAQkl.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\sriscwwy.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\geBrpoMG.dll (Trojan.Vundo) -> Delete on reboot.

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{48a24a70-b6b0-47fc-838a-62d65e102299} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{48a24a70-b6b0-47fc-838a-62d65e102299} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\gebrpomg (Trojan.Vundo) -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Ext\Stats\{6a6eae1b-4ad6-4035-974d-504d6dbaa9c3} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Ext\Stats\{48a24a70-b6b0-47fc-838a-62d65e102299} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\instkey (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run\ac5c349c (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\ShellExecuteHooks\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\LSA\Notification Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\iifcaqkl -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\LSA\Authentication Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\iifcaqkl -> Delete on reboot.

Folders Infected:
(No malicious items detected)

Files Infected:
C:\WINDOWS\system32\iifcAQkl.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\lkQAcfii.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lkQAcfii.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\sriscwwy.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\ywwcsirs.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\geBrpoMG.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\clkcnt.txt (Trojan.Vundo) -> Quarantined and deleted successfully.



FIRST FULL SCAN

Malwarebytes' Anti-Malware 1.31
Database version: 1540
Windows 5.1.2600 Service Pack 3

12/26/2008 8:04:37 PM
mbam-log-2008-12-26 (20-04-37).txt

Scan type: Full Scan (C:\|)
Objects scanned: 77408
Time elapsed: 8 hour(s), 46 minute(s), 15 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Documents and Settings\All Users\Application Data\uvovkhid\ojopsnqj.exe (Trojan.FakeAlert) -> Delete on reboot.

SECOND FULL SCAN

Malwarebytes' Anti-Malware 1.31
Database version: 1553
Windows 5.1.2600 Service Pack 3

12/27/2008 354 AM
mbam-log-2008-12-27 (03-56-54).txt

Scan type: Full Scan (C:\|)
Objects scanned: 164613
Time elapsed: 57 minute(s), 43 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 10

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Program Files\The Weather Channel FW\Framework\TheWeatherChannelNE.exe (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files\The Weather Channel FW\Framework\TheWeatherChannelQC.exe (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files\The Weather Channel FW\Framework\TheWeatherChannelqx.exe (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files\The Weather Channel FW\Framework\TheWeatherChannelSlnchr.exe (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files\The Weather Channel FW\Framework\TheWeatherChannelUpdate.exe (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files\The Weather Channel FW\Framework\wxfw.dll (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A82186EB-0D68-42A7-8CB4-82BA721FF872}\RP141\A0015901.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A82186EB-0D68-42A7-8CB4-82BA721FF872}\RP142\A0015964.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A82186EB-0D68-42A7-8CB4-82BA721FF872}\RP145\A0019292.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A82186EB-0D68-42A7-8CB4-82BA721FF872}\RP146\A0020694.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.

HIJACKTHIS

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:20:52 AM, on 12/27/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PSIService.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Yahoo!
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local
O2 - BHO: (no name) - {48A24A70-B6B0-47FC-838A-62D65E102299} - (no file)
O2 - BHO: SpywareGuardDLBLOCK.CBrowserHelper - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {991B16AB-9108-4852-98FC-2EADA4847A18} - (no file)
O3 - Toolbar: MYPOINTS - {A057A204-BACC-4D26-CEC4-75A487FD6484} - C:\PROGRA~1\mypoints\mypoints.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Neda\Programs\IMVU\Run IMVU.lnk
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {01016526-5E80-11D8-9E86-0007E96C65AE} (SmartAccess Ctl Class) - https://install.charter.com/diskless/bin/ssctlsma.dll
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - https://google.com/diskless/bin/tgctlcm.cab
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/...x/qtplugin.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/par...an_unicode.cab
O16 - DPF: {2DFF31F9-7893-4922-AF66-C9A1EB4EBB31} (Rhapsody Player Engine) - http://forms.real.com/real/player/do...e_Inst_Win.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {3107C2A8-9F0B-4404-A58B-21BD85268FBC} (PogoWebLauncher Control) - http://www.pogo.com/cdl/launcher/Pog...rInstaller.CAB
O16 - DPF: {32A155BD-68EC-404E-A14F-72A851C0811D} (WebNG-Uploader Control) - http://cp1.webng.com/client/fm/WebNG-Uploader.cab
O16 - DPF: {341FF14B-00CB-49F5-A427-A164DF1D5E1F} (MALPlaybackCtrl Class) - http://musicstore.connect.com/XSL/mb...LStreaming.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/reso...an8/oscan8.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1166401038125
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Measurement Services Client v.3.10) - http://advisor.futuremark.com/global/msc310.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{63435374-0A07-44DB-8735-CC8EACDD0080}: NameServer = 192.168.2.1
O20 - Winlogon Notify: geBrpoMG - C:\WINDOWS\
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O24 - Desktop Component 0: (no name) - http://www.blizzard.com/shared/blizz...blizz-logo.gif

--
End of file - 9287 bytes

so far my machine is working better as far as the popups and opening my browser, I'm a little concerned about how long it takes to open programs though. Also the startup and shutdown of my computer are still slow. Do I really need spyware doctor? And would those types of programs cause slow response with other programs?

Spyware doctor could be causeing a slow down but you do need some sort of anti-spyware programs.

Have you cleaned your old junk files lately or defragged?


Visit this page below to familiarize yourself to the tool below and download from one of the links provided.

A guide and tutorial on using ComboFix




If you have previously downloaded ComboFix,please delete that version now.



It is IMPORTANT that it is saved directly to your desktop

Close any open browsers.

Disconnect from the Internet.

Please do not re-connect your machine back to the Internet until Combofix has completely finished.

Disable your antivirus program and any realtime malware scanners and script blockers now


How To Disable



Double click on combofix.exe and follow the prompts.

When it's finished it will produce a log.
Post the entire contents of C:\ComboFix.txt into your next reply.

Note:
Do not mouseclick combofix's window while it's running.

That may cause the program to freeze/hang.

Do NOT post the ComboFix-quarantined-files.txt unless I ask.

Re-enable your anti-virus and re-connect back to the internet and post the combofix log.



*Note*
In case your Antivirus or any other realtime scanner is displaying an alert after you downloaded Combofix or while you use Combofix,please disable your scanner and redownload Combofix again.
Some scanners may see some combofix related components as suspicious and block or delete them while there's nothing wrong with them.

ComboFix SHOULD NOT be used unless requested by a forum helper.

oh ok, and avast isn't an anti spyware? there are so many programs i dont understand what is what lol. Are there any programs for spyware or things like that that I don't need that I have?

I have cleaned out files using the CCleaner within the last day or two and I have defraged within the last month or two. I just did the ComboFix scan and when I got back on it said my default browser changed from firefox to internet explorer so I changed that back to firefox. (i get less errors with firefox) Here is the log, I didn't see anything about quarantined files so i hope it isn't in the log there.

ComboFix 08-12-26.03 - Aaren 2008-12-27 20:24:05.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1023.684 [GMT -8:00]
Running from: c:\documents and settings\Aaren\Desktop\ComboFix.exe
AV: Spyware Doctor with AntiVirus *On-access scanning disabled* (Updated)
AV: avast! antivirus 4.8.1296 [VPS 081227-0] *On-access scanning disabled* (Updated)
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat
c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat
c:\windows\IE4 Error Log.txt
c:\windows\system32\ykvqxidq.dll

----- BITS: Possible infected sites -----

hxxp://www.graboid.com
.
((((((((((((((((((((((((( Files Created from 2008-11-28 to 2008-12-28 )))))))))))))))))))))))))))))))
.

2008-12-24 03:43 . 2008-12-03 19:52 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2008-12-24 03:42 . 2008-12-24 03:43 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware
2008-12-24 03:42 . 2008-12-03 19:52 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2008-12-23 23:56 . 2008-12-23 23:56 <DIR> d-------- c:\documents and settings\All Users\Application Data\PC Tools
2008-12-23 23:56 . 2008-12-23 23:53 160,792 --a------ c:\windows\system32\drivers\pctfw2.sys
2008-12-23 23:52 . 2008-12-23 23:55 <DIR> d-------- c:\program files\Common Files\PC Tools
2008-12-23 23:32 . 2008-12-27 20:17 <DIR> d-------- c:\program files\Spyware Doctor
2008-12-23 23:32 . 2008-12-23 23:32 <DIR> d-------- c:\documents and settings\Aaren\Application Data\PC Tools
2008-12-23 23:32 . 2008-08-25 12:36 81,288 --a------ c:\windows\system32\drivers\iksyssec.sys
2008-12-23 23:32 . 2008-08-25 12:36 66,952 --a------ c:\windows\system32\drivers\iksysflt.sys
2008-12-23 23:32 . 2008-08-25 12:36 40,840 --a------ c:\windows\system32\drivers\ikfilesec.sys
2008-12-23 23:32 . 2008-06-02 16:19 29,576 --a------ c:\windows\system32\drivers\kcom.sys
2008-12-23 23:19 . 2008-12-23 23:24 <DIR> d-------- c:\program files\Enigma Software Group
2008-12-23 13:38 . 2008-12-23 13:38 <DIR> d-------- c:\program files\TeaTimer (Spybot - Search & Destroy)
2008-12-23 13:38 . 2008-12-23 13:38 <DIR> d-------- c:\program files\SDHelper (Spybot - Search & Destroy)
2008-12-23 13:38 . 2008-12-23 13:38 <DIR> d-------- c:\program files\Misc. Support Library (Spybot - Search & Destroy)
2008-12-23 13:38 . 2008-12-23 13:38 <DIR> d-------- c:\program files\File Scanner Library (Spybot - Search & Destroy)
2008-12-04 12:40 . 2008-12-20 02:36 <DIR> d-------- c:\documents and settings\Aaren\Application Data\vlc
2008-12-02 12:49 . 2008-09-04 09:15 1,106,944 -----c--- c:\windows\system32\dllcache\msxml3.dll
2008-12-02 12:49 . 2008-10-24 03:21 455,296 -----c--- c:\windows\system32\dllcache\mrxsmb.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2008-12-28 04:17 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
2008-12-27 05:06 --------- d-----w c:\program files\Tri Peaks 2 Quest For The Ruby Ring
2008-12-27 04:20 --------- d-----w c:\documents and settings\All Users\Application Data\uvovkhid
2008-12-26 20:50 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2008-12-24 12:15 96,384 ----a-w c:\windows\system32\drivers\sptd0669.sys
2008-12-24 09:26 --------- d-----w c:\program files\CCleaner
2008-12-24 06:49 --------- d-----w c:\documents and settings\All Users\Application Data\Avg7
2008-12-23 21:53 --------- d-----w c:\program files\Spybot - Search & Destroy
2008-12-23 05:08 --------- d-----w c:\program files\PeerGuardian2
2008-12-20 09:58 --------- d-----w c:\documents and settings\Aaren\Application Data\.BitTornado
2008-12-16 16:20 3,350 --sha-w c:\windows\system32\KGyGaAvL.sys
2008-12-16 16:20 --------- d-----w c:\documents and settings\Aaren\Application Data\Corel
2008-12-16 04:05 --------- d-----w c:\program files\World of Warcraft
2008-12-04 20:38 --------- d-----w c:\program files\Graboid
2008-11-14 09:27 --------- d-----w c:\program files\mypoints
2008-11-14 09:27 --------- d-----w c:\documents and settings\Aaren\Application Data\mypoints
2008-10-16 22:13 202,776 ----a-w c:\windows\system32\wuweb.dll
2008-10-16 22:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll
2008-10-16 22:12 561,688 ----a-w c:\windows\system32\wuapi.dll
2008-10-16 22:12 323,608 ----a-w c:\windows\system32\wucltui.dll
2008-10-16 22:09 92,696 ----a-w c:\windows\system32\cdm.dll
2008-10-16 22:09 51,224 ----a-w c:\windows\system32\wuauclt.exe
2008-10-16 22:09 43,544 ----a-w c:\windows\system32\wups2.dll
2008-10-16 22:08 34,328 ----a-w c:\windows\system32\wups.dll
2008-10-16 22:06 268,648 ----a-w c:\windows\system32\mucltui.dll
2008-10-16 22:06 208,744 ----a-w c:\windows\system32\muweb.dll
2008-10-01 00:43 1,286,152 ----a-w c:\windows\system32\msxml4.dll
2007-04-19 22:52 41 -c--a-w c:\program files\Sims2Pack Clean Installer.ini
2007-02-24 16:46 10,838 -c-ha-w c:\program files\rphelp.GID
2007-02-24 16:33 13,326,120 -c--a-w c:\program files\setupeng.exe
2007-02-20 18:18 9,862 -c--a-w c:\program files\regprot.cfg
2007-01-29 04:57 6,469,352 -c--a-w c:\program files\avgas-setup-7.5.0.50.exe
2007-01-28 08:07 13,337 -c--a-w c:\program files\setuplog.txt
2006-12-29 00:49 6,972,904 -c--a-w c:\program files\PrecastSetup.Latest.exe
2006-12-23 15:56 36,808,256 -c--a-w c:\program files\iTunesSetup.exe
2006-12-21 03:38 180 -c--a-w c:\program files\DiamondCS Homepage.url
2006-12-17 09:26 23,510,720 -c--a-w c:\program files\dotnetfx.exe
2006-11-26 21:41 3,808,752 -c--a-w c:\program files\saytime-setup.exe
2006-10-10 08:08 8,506,408 -c--a-w c:\program files\Install_AIM.exe
2006-10-03 16:41 441,214 -c--a-w c:\program files\Sims2PackInstaller_v1514.exe
2006-08-22 17:33 1 -c--a-w c:\documents and settings\Aaren\SI.bin
2006-07-03 22:57 6,581,370 -c--a-w c:\program files\SimPE-Setup-0.58.exe
2006-06-20 23:12 4,231,068 -c--a-w c:\program files\BitTornado-0.3.15-w32install.exe
2006-03-29 04:47 714,526 -c--a-w c:\program files\KLS5 -7.66.zip
2006-01-21 07:18 4,203 -c--a-w c:\program files\license.txt
2006-01-21 07:18 37,707 -c--a-w c:\program files\rphelp.hlp
2006-01-21 07:18 23,552 -c--a-w c:\program files\RPADMIN.EXE
2006-01-21 07:18 19,614 -c--a-w c:\program files\regprot.exe
2006-01-21 07:18 1,116 -c--a-w c:\program files\rphelp.cnt
2006-01-05 23:22 69,120 -c--a-w c:\program files\KillBox.exe
2006-01-05 17:25 247,559 -c--a-w c:\program files\CWShredder.zip
2006-01-05 04:54 5,156 -c--a-w c:\program files\Activescan.txt
2006-01-04 16:36 7,391,952 -c--a-w c:\program files\ewido-setup.exe
2006-01-03 20:19 2,566,736 -c--a-w c:\program files\spywareblastersetup351.exe
2005-12-30 23:30 116,463,616 -c--a-w c:\program files\pse2trial.exe
2005-12-23 00:46 1,148,944 -c--a-w c:\program files\Setup_Toolbar.exe
2005-11-14 23:15 532,480 -c--a-w c:\program files\cwshredder.exe
2005-07-12 23:06 8,904 -c--a-w c:\program files\dcu.ini
2005-07-12 23:06 3,800 -c--a-w c:\program files\main.ini
2001-11-23 04:08 712,704 -c--a-r c:\windows\inf\OTHER\AUDIO3D.DLL
2005-05-14 01:12 217,073 -csha-r c:\windows\meta4.exe
2005-10-24 19:13 66,560 -csha-r c:\windows\MOTA113.exe
2005-10-14 05:27 422,400 -csha-r c:\windows\x2.64.exe
2006-12-04 20:01 88 --sh--r c:\windows\system32\08ABAF314C.sys
2005-10-08 03:14 308,224 --sha-r c:\windows\system32\avisynth.dll
2005-07-14 20:31 27,648 --sha-r c:\windows\system32\AVSredirect.dll
2005-06-26 23:32 616,448 --sha-r c:\windows\system32\cygwin1.dll
2005-06-22 06:37 45,568 --sha-r c:\windows\system32\cygz.dll
2004-01-25 08:00 70,656 --sha-r c:\windows\system32\i420vfw.dll
2006-04-27 18:24 2,945,024 --sha-r c:\windows\system32\Smab.dll
2005-02-28 21:16 240,128 --sha-r c:\windows\system32\x.264.exe
2004-01-25 08:00 70,656 --sha-r c:\windows\system32\yv12vfw.dll
2008-09-03 00:48 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012008090220080 903\index.dat
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{A057A204-BACC-4D26-CEC4-75A487FD6484}"= "c:\progra~1\mypoints\mypoints.dll" [2008-11-14 1909248]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{A057A204-BACC-4D26-CEC4-75A487FD6484}"= "c:\progra~1\mypoints\mypoints.dll" [2008-11-14 1909248]

[HKEY_CLASSES_ROOT\clsid\{a057a204-bacc-4d26-cec4-75a487fd6484}]
[HKEY_CLASSES_ROOT\mypoints.MYPOINTS]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]
"NBJ"="c:\program files\Ahead\Nero BackItUp\NBJ.exe" [2005-04-14 1957888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 40048]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-12-05 8523776]
"NvMediaCenter"="c:\windows\system32\NvMcTray. dll" [2007-12-05 81920]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp. exe" [2008-11-26 81000]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-05-27 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-07-30 289064]
"nwiz"="nwiz.exe" [2007-12-05 c:\windows\system32\nwiz.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Run]
"MySpaceIM"="c:\program files\MySpace\IM\MySpaceIM.exe" [2008-04-17 9117696]

c:\documents and settings\Neda\Programs\Startup\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-12-30 113664]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.I420"= i420vfw.dll
"msacm.l3acm"= l3codecp.acm
"msacm.ac3filter"= ac3filter.acm

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\AVG Anti-Spyware Driver]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\AVG Anti-Spyware Guard]
@=""

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-05-27 09:50 413696 c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegProt]
--a--c--- 2006-01-20 23:18 19614 c:\program files\regprot.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinPatrol]
--a------ 2005-12-12 23:18 222784 c:\program files\BillP Studios\WinPatrol\WinPatrol.exe

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\BitTornado\\btdownloadgui.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\World of Warcraft\\BackgroundDownloader.exe"=
"c:\\Program Files\\MySpace\\IM\\MySpaceIM.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\GloballyOpenPorts\List]
"3724:TCP"= 3724:TCP:Blizzard Downloader
"6112:TCP"= 6112:TCP:Blizzard Downloader

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-03-31 111184]
R1 pctfw2;pctfw2;\??\c:\windows\system32\drivers\pctf w2.sys [2008-12-23 160792]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswF sBlk.sys [2008-03-31 20560]
S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [2008-12-23 356920]

*Newly Created Service* - CATCHME
.
Contents of the 'Scheduled Tasks' folder

2008-12-23 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

2008-12-28 c:\windows\Tasks\lnotyccb.job
- c:\windows\system32\rundll32.exe [2008-04-13 16:12]
.
- - - - ORPHANS REMOVED - - - -

BHO-{48A24A70-B6B0-47FC-838A-62D65E102299} - (no file)
BHO-{991B16AB-9108-4852-98FC-2EADA4847A18} - (no file)
HKCU-Run-Uniblue RegistryBooster 2 - c:\program files\Uniblue\RegistryBooster 2\RegistryBooster.exe
Notify-geBrpoMG - (no file)


.
------- Supplementary Scan -------
.
uStart Page = hxxp://google.com
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*Yahoo!
IE: {{d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\documents and settings\Neda\Programs\IMVU\Run IMVU.lnk
LSP: c:\program files\Common Files\PC Tools\LSP\PCTLsp.dll
TCP: {63435374-0A07-44DB-8735-CC8EACDD0080} = 192.168.2.1

- c:\windows\Downloaded Program Files\RhapX.inf

c:\windows\Downloaded Program Files\PogoWebLauncher.ocx - O16 -: {3107C2A8-9F0B-4404-A58B-21BD85268FBC}
hxxp://www.pogo.com/cdl/launcher/PogoWebLauncherInstaller.CAB

c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_65 95b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\gdiplus.dll - c:\windows\Downloaded Program Files\WebNG-Uploader.ocx
O16 -: {32A155BD-68EC-404E-A14F-72A851C0811D}
hxxp://cp1.webng.com/client/fm/WebNG-Uploader.cab
c:\windows\Downloaded Program Files\WebNG-Uploader.inf
FF - ProfilePath - c:\documents and settings\Aaren\Application Data\Mozilla\Firefox\Profiles\4zscevdp.default\
FF - prefs.js: keyword.URL - hxxp://www.ask.com/web?o=101447&l=dis&q=
FF - plugin: c:\progra~1\Yahoo!\Common\npyaxmpb.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npvirtools.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
FF - plugin: c:\program files\Yahoo!\Shared\npYState.dll
.

************************************************** ************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-27 20:25:23
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

************************************************** ************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'lsass.exe'(572)
c:\program files\Common Files\PC Tools\LSP\PCTLsp.dll
.
Completion time: 2008-12-27 20:27:22
ComboFix-quarantined-files.txt 2008-12-28 04:26:11
ComboFix2.txt 2008-04-20 05:28:35

Pre-Run: 85,957,668,864 bytes free
Post-Run: 86,075,604,992 bytes free

WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOW S
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Micro soft Windows XP Home Edition" /noexecute=optin /fastdetect

239 --- E O F --- 2008-12-02 20:53:30



as far as i can tell things are running better but I haven't had a chance to go to sites and start programs yet.

Open notepad(Must be NotePad) and copy/paste the text in the quotebox below into it:NOT THE WORD QUOTE

Folder::
c:\documents and settings\All Users\Application Data\uvovkhid

Save this as CFScript

Then drag the CFScript into ComboFix.exe as you see in the screenshot below.






This will start ComboFix again. After reboot, (in case it asks to reboot), post the contents of Combofix.txt in your next reply together with a new HijackThislog.

ok i ran the combofix, here is the log for that

I have a question about another thing and we might have to wait to talk about it when my puter is better, but I play a game called world of warcraft and today i noticed errors as in I hear the sound when there is an error but so far I haven't had any popups telling me there is a problem, ok, actually I had two errors that gave me a thing to send into the game people but that was yesterday and then today I had several times where the noise just came up. I hope i didn't confuse you. I didn't know if it was something that was deleted or if its something with the game, just thought I'd ask.

ComboFix 08-12-26.03 - Aaren 2008-12-29 17:30:03.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1023.660 [GMT -8:00]
Running from: c:\documents and settings\Aaren\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Aaren\Desktop\CFScript.txt
AV: Spyware Doctor with AntiVirus *On-access scanning disabled* (Updated)
AV: avast! antivirus 4.8.1296 [VPS 081229-0] *On-access scanning disabled* (Updated)
* Created a new restore point
.
/wow section - STAGE 35
SED: can't read SetCSum00: No such file or directory
The process cannot access the file because it is being used by another process.


((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Application Data\uvovkhid

.
((((((((((((((((((((((((( Files Created from 2008-11-28 to 2008-12-30 )))))))))))))))))))))))))))))))
.

2008-12-24 03:43 . 2008-12-03 19:52 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2008-12-24 03:42 . 2008-12-24 03:43 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware
2008-12-24 03:42 . 2008-12-03 19:52 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2008-12-23 23:56 . 2008-12-23 23:56 <DIR> d-------- c:\documents and settings\All Users\Application Data\PC Tools
2008-12-23 23:56 . 2008-12-23 23:53 160,792 --a------ c:\windows\system32\drivers\pctfw2.sys
2008-12-23 23:52 . 2008-12-23 23:55 <DIR> d-------- c:\program files\Common Files\PC Tools
2008-12-23 23:32 . 2008-12-29 17:28 <DIR> d-------- c:\program files\Spyware Doctor
2008-12-23 23:32 . 2008-12-23 23:32 <DIR> d-------- c:\documents and settings\Aaren\Application Data\PC Tools
2008-12-23 23:32 . 2008-08-25 12:36 81,288 --a------ c:\windows\system32\drivers\iksyssec.sys
2008-12-23 23:32 . 2008-08-25 12:36 66,952 --a------ c:\windows\system32\drivers\iksysflt.sys
2008-12-23 23:32 . 2008-08-25 12:36 40,840 --a------ c:\windows\system32\drivers\ikfilesec.sys
2008-12-23 23:32 . 2008-06-02 16:19 29,576 --a------ c:\windows\system32\drivers\kcom.sys
2008-12-23 23:19 . 2008-12-23 23:24 <DIR> d-------- c:\program files\Enigma Software Group
2008-12-23 13:38 . 2008-12-23 13:38 <DIR> d-------- c:\program files\TeaTimer (Spybot - Search & Destroy)
2008-12-23 13:38 . 2008-12-23 13:38 <DIR> d-------- c:\program files\SDHelper (Spybot - Search & Destroy)
2008-12-23 13:38 . 2008-12-23 13:38 <DIR> d-------- c:\program files\Misc. Support Library (Spybot - Search & Destroy)
2008-12-23 13:38 . 2008-12-23 13:38 <DIR> d-------- c:\program files\File Scanner Library (Spybot - Search & Destroy)
2008-12-04 12:40 . 2008-12-20 02:36 <DIR> d-------- c:\documents and settings\Aaren\Application Data\vlc
2008-12-02 12:49 . 2008-09-04 09:15 1,106,944 -----c--- c:\windows\system32\dllcache\msxml3.dll
2008-12-02 12:49 . 2008-10-24 03:21 455,296 -----c--- c:\windows\system32\dllcache\mrxsmb.sys
2008-11-01 19:12 . 2008-09-08 02:41 333,824 -----c--- c:\windows\system32\dllcache\srv.sys
2008-11-01 19:11 . 2008-08-14 02:09 2,145,280 -----c--- c:\windows\system32\dllcache\ntkrnlmp.exe
2008-11-01 19:11 . 2008-09-15 04:12 1,846,400 -----c--- c:\windows\system32\dllcache\win32k.sys
2008-11-01 19:10 . 2008-08-14 02:11 2,189,184 -----c--- c:\windows\system32\dllcache\ntoskrnl.exe
2008-11-01 19:10 . 2008-08-14 01:33 2,066,048 -----c--- c:\windows\system32\dllcache\ntkrnlpa.exe
2008-11-01 19:10 . 2008-08-14 01:33 2,023,936 -----c--- c:\windows\system32\dllcache\ntkrpamp.exe
2008-11-01 19:10 . 2008-04-11 11:04 691,712 -----c--- c:\windows\system32\dllcache\inetcomm.dll
2008-11-01 19:10 . 2008-10-15 08:34 337,408 -----c--- c:\windows\system32\dllcache\netapi32.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2008-12-30 01:29 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
2008-12-27 05:06 --------- d-----w c:\program files\Tri Peaks 2 Quest For The Ruby Ring
2008-12-26 20:50 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2008-12-24 12:15 96,384 ----a-w c:\windows\system32\drivers\sptd0669.sys
2008-12-24 09:26 --------- d-----w c:\program files\CCleaner
2008-12-24 06:49 --------- d-----w c:\documents and settings\All Users\Application Data\Avg7
2008-12-23 21:53 --------- d-----w c:\program files\Spybot - Search & Destroy
2008-12-23 05:08 --------- d-----w c:\program files\PeerGuardian2
2008-12-20 09:58 --------- d-----w c:\documents and settings\Aaren\Application Data\.BitTornado
2008-12-16 16:20 3,350 --sha-w c:\windows\system32\KGyGaAvL.sys
2008-12-16 16:20 --------- d-----w c:\documents and settings\Aaren\Application Data\Corel
2008-12-16 04:05 --------- d-----w c:\program files\World of Warcraft
2008-12-04 20:38 --------- d-----w c:\program files\Graboid
2008-11-14 09:27 --------- d-----w c:\program files\mypoints
2008-11-14 09:27 --------- d-----w c:\documents and settings\Aaren\Application Data\mypoints
2008-10-16 22:13 202,776 ----a-w c:\windows\system32\wuweb.dll
2008-10-16 22:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll
2008-10-16 22:12 561,688 ----a-w c:\windows\system32\wuapi.dll
2008-10-16 22:12 323,608 ----a-w c:\windows\system32\wucltui.dll
2008-10-16 22:09 92,696 ----a-w c:\windows\system32\cdm.dll
2008-10-16 22:09 51,224 ----a-w c:\windows\system32\wuauclt.exe
2008-10-16 22:09 43,544 ----a-w c:\windows\system32\wups2.dll
2008-10-16 22:08 34,328 ----a-w c:\windows\system32\wups.dll
2008-10-16 22:06 268,648 ----a-w c:\windows\system32\mucltui.dll
2008-10-16 22:06 208,744 ----a-w c:\windows\system32\muweb.dll
2008-10-01 00:43 1,286,152 ----a-w c:\windows\system32\msxml4.dll
2008-09-15 12:12 1,846,400 ----a-w c:\windows\system32\win32k.sys
2008-09-10 01:14 1,307,648 ----a-w c:\windows\system32\msxml6.dll
2008-09-04 17:15 1,106,944 ----a-w c:\windows\system32\msxml3.dll
2007-04-19 22:52 41 -c--a-w c:\program files\Sims2Pack Clean Installer.ini
2007-02-24 16:46 10,838 -c-ha-w c:\program files\rphelp.GID
2007-02-24 16:33 13,326,120 -c--a-w c:\program files\setupeng.exe
2007-02-20 18:18 9,862 -c--a-w c:\program files\regprot.cfg
2007-01-29 04:57 6,469,352 -c--a-w c:\program files\avgas-setup-7.5.0.50.exe
2007-01-28 08:07 13,337 -c--a-w c:\program files\setuplog.txt
2006-12-29 00:49 6,972,904 -c--a-w c:\program files\PrecastSetup.Latest.exe
2006-12-23 15:56 36,808,256 -c--a-w c:\program files\iTunesSetup.exe
2006-12-21 03:38 180 -c--a-w c:\program files\DiamondCS Homepage.url
2006-12-17 09:26 23,510,720 -c--a-w c:\program files\dotnetfx.exe
2006-11-26 21:41 3,808,752 -c--a-w c:\program files\saytime-setup.exe
2006-10-10 08:08 8,506,408 -c--a-w c:\program files\Install_AIM.exe
2006-10-03 16:41 441,214 -c--a-w c:\program files\Sims2PackInstaller_v1514.exe
2006-08-22 17:33 1 -c--a-w c:\documents and settings\Aaren\SI.bin
2006-07-03 22:57 6,581,370 -c--a-w c:\program files\SimPE-Setup-0.58.exe
2006-06-20 23:12 4,231,068 -c--a-w c:\program files\BitTornado-0.3.15-w32install.exe
2006-03-29 04:47 714,526 -c--a-w c:\program files\KLS5 -7.66.zip
2006-01-21 07:18 4,203 -c--a-w c:\program files\license.txt
2006-01-21 07:18 37,707 -c--a-w c:\program files\rphelp.hlp
2006-01-21 07:18 23,552 -c--a-w c:\program files\RPADMIN.EXE
2006-01-21 07:18 19,614 -c--a-w c:\program files\regprot.exe
2006-01-21 07:18 1,116 -c--a-w c:\program files\rphelp.cnt
2006-01-05 23:22 69,120 -c--a-w c:\program files\KillBox.exe
2006-01-05 17:25 247,559 -c--a-w c:\program files\CWShredder.zip
2006-01-05 04:54 5,156 -c--a-w c:\program files\Activescan.txt
2006-01-04 16:36 7,391,952 -c--a-w c:\program files\ewido-setup.exe
2006-01-03 20:19 2,566,736 -c--a-w c:\program files\spywareblastersetup351.exe
2005-12-30 23:30 116,463,616 -c--a-w c:\program files\pse2trial.exe
2005-12-23 00:46 1,148,944 -c--a-w c:\program files\Setup_Toolbar.exe
2005-11-14 23:15 532,480 -c--a-w c:\program files\cwshredder.exe
2005-07-12 23:06 8,904 -c--a-w c:\program files\dcu.ini
2005-07-12 23:06 3,800 -c--a-w c:\program files\main.ini
2001-11-23 04:08 712,704 -c--a-r c:\windows\inf\OTHER\AUDIO3D.DLL
2005-05-14 01:12 217,073 -csha-r c:\windows\meta4.exe
2005-10-24 19:13 66,560 -csha-r c:\windows\MOTA113.exe
2005-10-14 05:27 422,400 -csha-r c:\windows\x2.64.exe
2006-12-04 20:01 88 --sh--r c:\windows\system32\08ABAF314C.sys
2005-10-08 03:14 308,224 --sha-r c:\windows\system32\avisynth.dll
2005-07-14 20:31 27,648 --sha-r c:\windows\system32\AVSredirect.dll
2005-06-26 23:32 616,448 --sha-r c:\windows\system32\cygwin1.dll
2005-06-22 06:37 45,568 --sha-r c:\windows\system32\cygz.dll
2004-01-25 08:00 70,656 --sha-r c:\windows\system32\i420vfw.dll
2006-04-27 18:24 2,945,024 --sha-r c:\windows\system32\Smab.dll
2005-02-28 21:16 240,128 --sha-r c:\windows\system32\x.264.exe
2004-01-25 08:00 70,656 --sha-r c:\windows\system32\yv12vfw.dll
2008-09-03 00:48 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012008090220080 903\index.dat
.

((((((((((((((((((((((((((((( snapshot@2008-12-27_20.25.45.98 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-12-29 18:36:15 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_644.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{A057A204-BACC-4D26-CEC4-75A487FD6484}"= "c:\progra~1\mypoints\mypoints.dll" [2008-11-14 1909248]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{A057A204-BACC-4D26-CEC4-75A487FD6484}"= "c:\progra~1\mypoints\mypoints.dll" [2008-11-14 1909248]

[HKEY_CLASSES_ROOT\clsid\{a057a204-bacc-4d26-cec4-75a487fd6484}]
[HKEY_CLASSES_ROOT\mypoints.MYPOINTS]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]
"NBJ"="c:\program files\Ahead\Nero BackItUp\NBJ.exe" [2005-04-14 1957888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 40048]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-12-05 8523776]
"NvMediaCenter"="c:\windows\system32\NvMcTray. dll" [2007-12-05 81920]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp. exe" [2008-11-26 81000]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-05-27 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-07-30 289064]
"nwiz"="nwiz.exe" [2007-12-05 c:\windows\system32\nwiz.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Run]
"MySpaceIM"="c:\program files\MySpace\IM\MySpaceIM.exe" [2008-04-17 9117696]

c:\documents and settings\Neda\Programs\Startup\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-12-30 113664]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.I420"= i420vfw.dll
"msacm.l3acm"= l3codecp.acm
"msacm.ac3filter"= ac3filter.acm

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\AVG Anti-Spyware Driver]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\AVG Anti-Spyware Guard]
@=""

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-05-27 09:50 413696 c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegProt]
--a--c--- 2006-01-20 23:18 19614 c:\program files\regprot.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinPatrol]
--a------ 2005-12-12 23:18 222784 c:\program files\BillP Studios\WinPatrol\WinPatrol.exe

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\BitTornado\\btdownloadgui.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\World of Warcraft\\BackgroundDownloader.exe"=
"c:\\Program Files\\MySpace\\IM\\MySpaceIM.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\GloballyOpenPorts\List]
"3724:TCP"= 3724:TCP:Blizzard Downloader
"6112:TCP"= 6112:TCP:Blizzard Downloader

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-03-31 111184]
R1 pctfw2;pctfw2;\??\c:\windows\system32\drivers\pctf w2.sys [2008-12-23 160792]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswF sBlk.sys [2008-03-31 20560]
S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [2008-12-23 356920]
.
Contents of the 'Scheduled Tasks' folder

2008-12-30 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

2008-12-29 c:\windows\Tasks\lnotyccb.job
- c:\windows\system32\rundll32.exe [2008-04-13 16:12]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://google.com
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*Yahoo!
IE: {{d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\documents and settings\Neda\Programs\IMVU\Run IMVU.lnk
LSP: c:\program files\Common Files\PC Tools\LSP\PCTLsp.dll
TCP: {63435374-0A07-44DB-8735-CC8EACDD0080} = 192.168.2.1

- c:\windows\Downloaded Program Files\RhapX.inf

c:\windows\Downloaded Program Files\PogoWebLauncher.ocx - O16 -: {3107C2A8-9F0B-4404-A58B-21BD85268FBC}
hxxp://www.pogo.com/cdl/launcher/PogoWebLauncherInstaller.CAB

c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_65 95b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\gdiplus.dll - c:\windows\Downloaded Program Files\WebNG-Uploader.ocx
O16 -: {32A155BD-68EC-404E-A14F-72A851C0811D}
hxxp://cp1.webng.com/client/fm/WebNG-Uploader.cab
c:\windows\Downloaded Program Files\WebNG-Uploader.inf
FF - ProfilePath - c:\documents and settings\Aaren\Application Data\Mozilla\Firefox\Profiles\4zscevdp.default\
FF - prefs.js: keyword.URL - hxxp://www.ask.com/web?o=101447&l=dis&q=
FF - plugin: c:\progra~1\Yahoo!\Common\npyaxmpb.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npvirtools.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
FF - plugin: c:\program files\Yahoo!\Shared\npYState.dll
.

************************************************** ************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-29 17:32:54
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...


************************************************** ************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'lsass.exe'(780)
c:\program files\Common Files\PC Tools\LSP\PCTLsp.dll
.
Completion time: 2008-12-29 17:35:11
ComboFix-quarantined-files.txt 2008-12-30 01:33:54
ComboFix2.txt 2008-12-28 04:27:23
ComboFix3.txt 2008-04-20 05:28:35

Pre-Run: 86,011,510,784 bytes free
Post-Run: 86,007,791,616 bytes free

238 --- E O F --- 2008-12-02 20:53:30














Here is the hijackthis log


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:42:27 PM, on 12/29/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Yahoo!
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local
O2 - BHO: SpywareGuardDLBLOCK.CBrowserHelper - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O3 - Toolbar: MYPOINTS - {A057A204-BACC-4D26-CEC4-75A487FD6484} - C:\PROGRA~1\mypoints\mypoints.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Neda\Programs\IMVU\Run IMVU.lnk
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {01016526-5E80-11D8-9E86-0007E96C65AE} (SmartAccess Ctl Class) - https://install.charter.com/diskless/bin/ssctlsma.dll
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - https://google.com/diskless/bin/tgctlcm.cab
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/...x/qtplugin.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/par...an_unicode.cab
O16 - DPF: {2DFF31F9-7893-4922-AF66-C9A1EB4EBB31} (Rhapsody Player Engine) - http://forms.real.com/real/player/do...e_Inst_Win.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {3107C2A8-9F0B-4404-A58B-21BD85268FBC} (PogoWebLauncher Control) - http://www.pogo.com/cdl/launcher/Pog...rInstaller.CAB
O16 - DPF: {32A155BD-68EC-404E-A14F-72A851C0811D} (WebNG-Uploader Control) - http://cp1.webng.com/client/fm/WebNG-Uploader.cab
O16 - DPF: {341FF14B-00CB-49F5-A427-A164DF1D5E1F} (MALPlaybackCtrl Class) - http://musicstore.connect.com/XSL/mb...LStreaming.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/reso...an8/oscan8.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1166401038125
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Measurement Services Client v.3.10) - http://advisor.futuremark.com/global/msc310.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{63435374-0A07-44DB-8735-CC8EACDD0080}: NameServer = 192.168.2.1
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O24 - Desktop Component 0: (no name) - http://www.blizzard.com/shared/blizz...blizz-logo.gif

--
End of file - 9079 bytes

Try uninstalling game and re-installing, malware may have done something to it.

No popups is the main thing.

If I was you I would also do an online scan with bitdefender:



Go here BitDefender and run an online scan with BitDefender (you will need to use Internet Explorer for this scan). When the ActiveX Control has loaded, click on "Click here to scan" and grab a coffee.

When BitDefender completes the scan, select the "Detected Problems" tab. Click on "Click here to export scan". Save the file as an HTML to your Desktop. Then click on the saved file and allow it to open with your browser. Go to Edit - Select All then copy/paste that log back here. Post back and let us know what it found (post the log).

And post a new HJT log also..

BitDefender Online Scanner

Scan report generated at: Thu, Jan 01, 2009 - 18:01:48

Scan path: A:\;C:\;D:\;E:\;F:\;G:\;

Statistics

Time


05:58:13

Files


383805

Folders


8806

Boot Sectors


0

Archives


18528

Packed Files


15833







Results

Identified Viruses


3

Infected Files


5

Suspect Files


0

Warnings


0

Disinfected


0

Deleted Files


5

Engines Info

Virus Definitions


2248223

Engine build


AVCORE v1.7 (build 8314.19) (i386) (Sep 29 2008 17:19:14)

Scan plugins


15

Archive plugins


42

Unpack plugins


7

E-mail plugins


6

System plugins


0







Scan Settings

First Action


Disinfect

Second Action


Delete

Heuristics


Yes

Enable Warnings


Yes

Scanned Extensions


*;

Exclude Extensions




Scan Emails


Yes

Scan Archives


Yes

Scan Packed


Yes

Scan Files


Yes

Scan Boot


Yes

Scanned File


Status

C:\Documents and Settings\Aaren\Desktop\New Folder (2)\nothing\The.Sims.2.Happy.Holiday.Stuff-RECHARGED[www.moviex.info]\lizzlovewrar\WinRAR.v3.70.Incl.Keymaker.And.Patch-CORE\320bc2bef584e85b424a8f76494c269b989.zip=>WinR AR.v3.70.Incl.Keymaker.And.Patch-CORE/keygen.exe


Infected with: Trojan.Generic.372257

C:\Documents and Settings\Aaren\Desktop\New Folder (2)\nothing\The.Sims.2.Happy.Holiday.Stuff-RECHARGED[www.moviex.info]\lizzlovewrar\WinRAR.v3.70.Incl.Keymaker.And.Patch-CORE\320bc2bef584e85b424a8f76494c269b989.zip=>WinR AR.v3.70.Incl.Keymaker.And.Patch-CORE/keygen.exe


Disinfection failed

C:\Documents and Settings\Aaren\Desktop\New Folder (2)\nothing\The.Sims.2.Happy.Holiday.Stuff-RECHARGED[www.moviex.info]\lizzlovewrar\WinRAR.v3.70.Incl.Keymaker.And.Patch-CORE\320bc2bef584e85b424a8f76494c269b989.zip=>WinR AR.v3.70.Incl.Keymaker.And.Patch-CORE/keygen.exe


Deleted

C:\Documents and Settings\Aaren\Desktop\New Folder (2)\nothing\The.Sims.2.Happy.Holiday.Stuff-RECHARGED[http://www.moviex.info]\lizzlovewrar...94c269b989.zip


Updated

C:\Qoobox\Quarantine\C\WINDOWS\system32\ykvqxidq.d ll.vir


Infected with: Trojan.Generic.1264692

C:\Qoobox\Quarantine\C\WINDOWS\system32\ykvqxidq.d ll.vir


Disinfection failed

C:\Qoobox\Quarantine\C\WINDOWS\system32\ykvqxidq.d ll.vir


Deleted

C:\System Volume Information\_restore{A82186EB-0D68-42A7-8CB4-82BA721FF872}\RP141\A0015899.dll


Infected with: Trojan.Generic.1267025

C:\System Volume Information\_restore{A82186EB-0D68-42A7-8CB4-82BA721FF872}\RP141\A0015899.dll


Disinfection failed

C:\System Volume Information\_restore{A82186EB-0D68-42A7-8CB4-82BA721FF872}\RP141\A0015899.dll


Deleted

C:\System Volume Information\_restore{A82186EB-0D68-42A7-8CB4-82BA721FF872}\RP150\A0020771.exe


Infected with: Trojan.Generic.372257

C:\System Volume Information\_restore{A82186EB-0D68-42A7-8CB4-82BA721FF872}\RP150\A0020771.exe


Disinfection failed

C:\System Volume Information\_restore{A82186EB-0D68-42A7-8CB4-82BA721FF872}\RP150\A0020771.exe


Deleted

C:\System Volume Information\_restore{A82186EB-0D68-42A7-8CB4-82BA721FF872}\RP151\A0020815.dll


Infected with: Trojan.Generic.1264692

C:\System Volume Information\_restore{A82186EB-0D68-42A7-8CB4-82BA721FF872}\RP151\A0020815.dll


Disinfection failed

C:\System Volume Information\_restore{A82186EB-0D68-42A7-8CB4-82BA721FF872}\RP151\A0020815.dll


Deleted

C:\WINDOWS\$hf_mig$\KB930178\update\KB930178.CAT


Clean

C:\WINDOWS\$hf_mig$\KB930178\update\spcustom.dll


Clean

C:\WINDOWS\$hf_mig$\KB930178\update\update.exe


Clean

C:\WINDOWS\$hf_mig$\KB930178\update\update.ver


Clean

C:\WINDOWS\$hf_mig$\KB930178\update\updatebr.inf


Clean

C:\WINDOWS\$hf_mig$\KB930178\update\update_SP2QFE. inf


Clean

C:\WINDOWS\$hf_mig$\KB930178\update\updspapi.dll


Clean

C:\WINDOWS\$hf_mig$\KB930916


Clean

C:\WINDOWS\$hf_mig$\KB930916\SP2QFE


Clean

C:\WINDOWS\$hf_mig$\KB930916\SP2QFE\ntfs.sys


Clean

C:\WINDOWS\$hf_mig$\KB930916\spmsg.dll


Clean

C:\WINDOWS\$hf_mig$\KB930916\spuninst.exe


Clean

C:\WINDOWS\$hf_mig$\KB930916\update


Clean

C:\WINDOWS\$hf_mig$\KB930916\update\branches.inf


Clean

C:\WINDOWS\$hf_mig$\KB930916\update\eula.txt


Clean

C:\WINDOWS\$hf_mig$\KB930916\update\KB930916.CAT


Clean

C:\WINDOWS\$hf_mig$\KB930916\update\spcustom.dll


Clean

C:\WINDOWS\$hf_mig$\KB930916\update\update.exe


Clean

C:\WINDOWS\$hf_mig$\KB930916\update\update.ver


Clean

C:\WINDOWS\$hf_mig$\KB930916\update\updatebr.inf


Clean

C:\WINDOWS\$hf_mig$\KB930916\update\update_SP2QFE. inf


Clean

C:\WINDOWS\$hf_mig$\KB930916\update\updspapi.dll


Clean

C:\WINDOWS\$hf_mig$\KB931261


Clean

C:\WINDOWS\$hf_mig$\KB931261\SP2QFE


Clean

C:\WINDOWS\$hf_mig$\KB931261\SP2QFE\upnphost.dll


Clean

C:\WINDOWS\$hf_mig$\KB931261\spmsg.dll


Clean

C:\WINDOWS\$hf_mig$\KB931261\spuninst.exe


Clean

C:\WINDOWS\$hf_mig$\KB931261\update


Clean

C:\WINDOWS\$hf_mig$\KB931261\update\branches.inf


Clean

C:\WINDOWS\$hf_mig$\KB931261\update\eula.txt


Clean

C:\WINDOWS\$hf_mig$\KB931261\update\KB931261.CAT


Clean

C:\WINDOWS\$hf_mig$\KB931261\update\spcustom.dll


Clean

C:\WINDOWS\$hf_mig$\KB931261\update\update.exe


Clean

C:\WINDOWS\$hf_mig$\KB931261\update\update.ver


Clean

C:\WINDOWS\$hf_mig$\KB931261\update\updatebr.inf


Clean

C:\WINDOWS\$hf_mig$\KB931261\update\update_SP2QFE. inf


Clean

C:\WINDOWS\$hf_mig$\KB931261\update\updspapi.dll


Clean

C:\WINDOWS\$hf_mig$\KB931768-IE7


Clean

C:\WINDOWS\$hf_mig$\KB931768-IE7\SP2QFE


Clean

C:\WINDOWS\$hf_mig$\KB931768-IE7\SP2QFE\advpack.dll


Clean

C:\WINDOWS\$hf_mig$\KB931768-IE7\SP2QFE\extmgr.dll


Clean

C:\WINDOWS\$hf_mig$\KB931768-IE7\SP2QFE\ie4uinit.exe


Clean

C:\WINDOWS\$hf_mig$\KB931768-IE7\SP2QFE\ieakeng.dll


Clean

C:\WINDOWS\$hf_mig$\KB931768-IE7\SP2QFE\ieaksie.dll


Clean

C:\WINDOWS\$hf_mig$\KB931768-IE7\SP2QFE\ieakui.dll


Clean

C:\WINDOWS\$hf_mig$\KB931768-IE7\SP2QFE\ieapfltr.dat


Clean

C:\WINDOWS\$hf_mig$\KB931768-IE7\SP2QFE\ieapfltr.dll


Clean

C:\WINDOWS\$hf_mig$\KB931768-IE7\SP2QFE\iedkcs32.dll


Clean

C:\WINDOWS\$hf_mig$\KB931768-IE7\SP2QFE\ieframe.dll


Clean

C:\WINDOWS\$hf_mig$\KB931768-IE7\SP2QFE\ieframe.dll.mui


Clean

C:\WINDOWS\$hf_mig$\KB931768-IE7\SP2QFE\iernonce.dll


Clean

C:\WINDOWS\$hf_mig$\KB931768-IE7\SP2QFE\iertutil.dll


Clean

C:\WINDOWS\$hf_mig$\KB931768-IE7\SP2QFE\ieudinit.exe


Clean

C:\WINDOWS\$hf_mig$\KB931768-IE7\SP2QFE\iexplore.exe


Clean

C:\WINDOWS\$hf_mig$\KB931768-IE7\SP2QFE\inetcpl.cpl


Clean

C:\WINDOWS\$hf_mig$\KB931768-IE7\SP2QFE\jsproxy.dll


Clean

C:\WINDOWS\$hf_mig$\KB931768-IE7\SP2QFE\msfeeds.dll


Clean

C:\WINDOWS\$hf_mig$\KB931768-IE7\SP2QFE\msfeedsbs.dll


Clean

C:\WINDOWS\$hf_mig$\KB931768-IE7\SP2QFE\mshtml.dll


Clean

C:\WINDOWS\$hf_mig$\KB931768-IE7\SP2QFE\mshtmled.dll


Clean

C:\WINDOWS\$hf_mig$\KB931768-IE7\SP2QFE\msrating.dll


Clean

C:\WINDOWS\$hf_mig$\KB931768-IE7\SP2QFE\mstime.dll


Clean

C:\WINDOWS\$hf_mig$\KB931768-IE7\SP2QFE\occache.dll


Clean

C:\WINDOWS\$hf_mig$\KB931768-IE7\SP2QFE\url.dll


Clean

C:\WINDOWS\$hf_mig$\KB931768-IE7\SP2QFE\urlmon.dll


Clean

C:\WINDOWS\$hf_mig$\KB931768-IE7\SP2QFE\webcheck.dll


Clean

C:\WINDOWS\$hf_mig$\KB931768-IE7\SP2QFE\wininet.dll


Clean

C:\WINDOWS\$hf_mig$\KB931768-IE7\spmsg.dll


Clean

C:\WINDOWS\$hf_mig$\KB931768-IE7\spuninst.exe


Clean

C:\WINDOWS\$hf_mig$\KB931768-IE7\update


Clean

C:\WINDOWS\$hf_mig$\KB931768-IE7\update\branches.inf


Clean

C:\WINDOWS\$hf_mig$\KB931768-IE7\update\eula.txt


Clean

C:\WINDOWS\$hf_mig$\KB931768-IE7\update\KB931768-IE7.CAT


Clean

C:\WINDOWS\$hf_mig$\KB931768-IE7\update\spcustom.dll


Clean

C:\WINDOWS\$hf_mig$\KB931768-IE7\update\update.exe


Clean

C:\WINDOWS\$hf_mig$\KB931768-IE7\update\update.ver


Clean

C:\WINDOWS\$hf_mig$\KB931768-IE7\update\updatebr.inf


Clean

C:\WINDOWS\$hf_mig$\KB931768-IE7\update\update_SP2QFE.inf


Clean

C:\WINDOWS\$hf_mig$\KB931768-IE7\update\updspapi.dll


Clean

C:\WINDOWS\$hf_mig$\KB931784


Clean

C:\WINDOWS\$hf_mig$\KB931784\SP2QFE


Clean

C:\WINDOWS\$hf_mig$\KB931784\SP2QFE\ntkrnlmp.exe


Clean

C:\WINDOWS\$hf_mig$\KB931784\SP2QFE\ntkrnlpa.exe


Clean

C:\WINDOWS\$hf_mig$\KB931784\SP2QFE\ntkrpamp.exe


Clean

C:\WINDOWS\$hf_mig$\KB931784\SP2QFE\ntoskrnl.exe


Clean

C:\WINDOWS\$hf_mig$\KB931784\spmsg.dll


Clean

C:\WINDOWS\$hf_mig$\KB931784\spuninst.exe


Clean

C:\WINDOWS\$hf_mig$\KB931784\update


Clean

C:\WINDOWS\$hf_mig$\KB931784\update\branches.inf


Clean

C:\WINDOWS\$hf_mig$\KB931784\update\eula.txt


Clean

C:\WINDOWS\$hf_mig$\KB931784\update\KB931784.CAT


Clean

C:\WINDOWS\$hf_mig$\KB931784\update\spcustom.dll


Clean

C:\WINDOWS\$hf_mig$\KB931784\update\update.exe


Clean

C:\WINDOWS\$hf_mig$\KB931784\update\update.ver


Clean

C:\WINDOWS\$hf_mig$\KB931784\update\updatebr.inf


Clean

C:\WINDOWS\$hf_mig$\KB931784\update\update_SP2QFE. inf


Clean

C:\WINDOWS\$hf_mig$\KB931784\update\updspapi.dll


Clean

C:\WINDOWS\$hf_mig$\KB931836


Clean

C:\WINDOWS\$hf_mig$\KB931836\SP2QFE


Clean

C:\WINDOWS\$hf_mig$\KB931836\SP2QFE\tzchange.exe


Clean

C:\WINDOWS\$hf_mig$\KB931836\SP2QFE\tzchange.exe=> (Dropped 0)


Clean

C:\WINDOWS\$hf_mig$\KB931836\SP2QFE\tzchange.exe=> (Dropped 0)=>(unicode)


Clean

C:\WINDOWS\$hf_mig$\KB931836\spmsg.dll


Clean

C:\WINDOWS\$hf_mig$\KB931836\spuninst.exe


Clean

C:\WINDOWS\$hf_mig$\KB931836\update


Clean

C:\WINDOWS\$hf_mig$\KB931836\update\branches.inf


Clean

C:\WINDOWS\$hf_mig$\KB931836\update\eula.txt


Clean

C:\WINDOWS\$hf_mig$\KB931836\update\KB931836.CAT


Clean

C:\WINDOWS\$hf_mig$\KB931836\update\spcustom.dll


Clean

C:\WINDOWS\$hf_mig$\KB931836\update\update.exe


Clean

C:\WINDOWS\$hf_mig$\KB931836\update\update.ver


Clean

C:\WINDOWS\$hf_mig$\KB931836\update\updatebr.inf


Clean

C:\WINDOWS\$hf_mig$\KB931836\update\update_SP2QFE. inf


Clean

C:\WINDOWS\$hf_mig$\KB931836\update\updspapi.dll


Clean

C:\WINDOWS\$hf_mig$\KB932168


Clean

C:\WINDOWS\$hf_mig$\KB932823-v3


Clean

C:\WINDOWS\$hf_mig$\KB932823-v3\SP2QFE


Clean

C:\WINDOWS\$hf_mig$\KB932823-v3\SP2QFE\msctf.dll


Clean

C:\WINDOWS\$hf_mig$\KB932823-v3\spmsg.dll


Clean

C:\WINDOWS\$hf_mig$\KB932823-v3\spuninst.exe


Clean

C:\WINDOWS\$hf_mig$\KB932823-v3\update


Clean

C:\WINDOWS\$hf_mig$\KB932823-v3\update\branches.inf


Clean

C:\WINDOWS\$hf_mig$\KB932823-v3\update\eula.txt


Clean

C:\WINDOWS\$hf_mig$\KB932823-v3\update\KB932823-v3.CAT


Clean

C:\WINDOWS\$hf_mig$\KB932823-v3\update\spcustom.dll


Clean

C:\WINDOWS\$hf_mig$\KB932823-v3\update\update.exe


Clean

C:\WINDOWS\$hf_mig$\KB932823-v3\update\update.ver


Clean

C:\WINDOWS\$hf_mig$\KB932823-v3\update\updatebr.inf


Clean

C:\WINDOWS\$hf_mig$\KB932823-v3\update\update_SP2QFE.inf


Clean

C:\WINDOWS\$hf_mig$\KB932823-v3\update\updspapi.dll


Clean

C:\WINDOWS\$hf_mig$\KB933360


Clean

C:\WINDOWS\$hf_mig$\KB933360\SP2QFE


Clean

C:\WINDOWS\$hf_mig$\KB933360\SP2QFE\tzchange.exe


Clean

C:\WINDOWS\$hf_mig$\KB933360\SP2QFE\tzchange.exe=> (Dropped 0)


Clean

C:\WINDOWS\$hf_mig$\KB933360\SP2QFE\tzchange.exe=> (Dropped 0)=>(unicode)


Clean

C:\WINDOWS\$hf_mig$\KB933360\spmsg.dll


Clean

C:\WINDOWS\$hf_mig$\KB933360\spuninst.exe


Clean

C:\WINDOWS\$hf_mig$\KB933360\update


Clean

C:\WINDOWS\$hf_mig$\KB933360\update\branches.inf


Clean

C:\WINDOWS\$hf_mig$\KB933360\update\eula.txt


Clean

C:\WINDOWS\$hf_mig$\KB933360\update\KB933360.CAT


Clean

C:\WINDOWS\$hf_mig$\KB933360\update\spcustom.dll


Clean

C:\WINDOWS\$hf_mig$\KB933360\update\update.exe


Clean

C:\WINDOWS\$hf_mig$\KB933360\update\update.ver


Clean

C:\WINDOWS\$hf_mig$\KB933360\update\updatebr.inf


Clean

C:\WINDOWS\$hf_mig$\KB933360\update\update_SP2QFE. inf


Clean

C:\WINDOWS\$hf_mig$\KB933360\update\updspapi.dll


Clean

C:\WINDOWS\$hf_mig$\KB933566-IE7


Clean

C:\WINDOWS\$hf_mig$\KB933566-IE7\SP2QFE


Clean

C:\WINDOWS\$hf_mig$\KB933566-IE7\SP2QFE\advpack.dll


Clean

C:\WINDOWS\$hf_mig$\KB933566-IE7\SP2QFE\extmgr.dll


Clean

C:\WINDOWS\$hf_mig$\KB933566-IE7\SP2QFE\ie4uinit.exe


Clean

C:\WINDOWS\$hf_mig$\KB933566-IE7\SP2QFE\ieakeng.dll


Clean

C:\WINDOWS\$hf_mig$\KB933566-IE7\SP2QFE\ieaksie.dll


Clean

C:\WINDOWS\$hf_mig$\KB933566-IE7\SP2QFE\ieakui.dll


Clean

C:\WINDOWS\$hf_mig$\KB933566-IE7\SP2QFE\ieapfltr.dat


Clean

C:\WINDOWS\$hf_mig$\KB933566-IE7\SP2QFE\ieapfltr.dll


Clean

C:\WINDOWS\$hf_mig$\KB933566-IE7\SP2QFE\iedkcs32.dll


Clean

C:\WINDOWS\$hf_mig$\KB933566-IE7\SP2QFE\ieframe.dll


Clean

C:\WINDOWS\$hf_mig$\KB933566-IE7\SP2QFE\ieframe.dll.mui


Clean

C:\WINDOWS\$hf_mig$\KB933566-IE7\SP2QFE\iernonce.dll


Clean

C:\WINDOWS\$hf_mig$\KB933566-IE7\SP2QFE\iertutil.dll


Clean

C:\WINDOWS\$hf_mig$\KB933566-IE7\SP2QFE\ieudinit.exe


Clean

C:\WINDOWS\$hf_mig$\KB933566-IE7\SP2QFE\iexplore.exe


Clean

C:\WINDOWS\$hf_mig$\KB933566-IE7\SP2QFE\inetcpl.cpl


Clean

C:\WINDOWS\$hf_mig$\KB933566-IE7\SP2QFE\jsproxy.dll


Clean

C:\WINDOWS\$hf_mig$\KB933566-IE7\SP2QFE\msfeeds.dll


Clean

C:\WINDOWS\$hf_mig$\KB933566-IE7\SP2QFE\msfeedsbs.dll


Clean

C:\WINDOWS\$hf_mig$\KB933566-IE7\SP2QFE\mshtml.dll


Clean

C:\WINDOWS\$hf_mig$\KB933566-IE7\SP2QFE\mshtmled.dll


Clean

C:\WINDOWS\$hf_mig$\KB933566-IE7\SP2QFE\msrating.dll


Clean

C:\WINDOWS\$hf_mig$\KB933566-IE7\SP2QFE\mstime.dll


Clean

C:\WINDOWS\$hf_mig$\KB933566-IE7\SP2QFE\occache.dll


Clean

C:\WINDOWS\$hf_mig$\KB933566-IE7\SP2QFE\url.dll


Clean

C:\WINDOWS\$hf_mig$\KB933566-IE7\SP2QFE\urlmon.dll


Clean

C:\WINDOWS\$hf_mig$\KB933566-IE7\SP2QFE\webcheck.dll


Clean

C:\WINDOWS\$hf_mig$\KB933566-IE7\SP2QFE\wininet.dll


Clean

C:\WINDOWS\$hf_mig$\KB933566-IE7\spmsg.dll


Clean

C:\WINDOWS\$hf_mig$\KB933566-IE7\spuninst.exe


Clean

C:\WINDOWS\$hf_mig$\KB933566-IE7\update


Clean

C:\WINDOWS\$hf_mig$\KB933566-IE7\update\branches.inf


Clean

C:\WINDOWS\$hf_mig$\KB933566-IE7\update\eula.txt


Clean

C:\WINDOWS\$hf_mig$\KB933566-IE7\update\KB933566-IE7.CAT


Clean

C:\WINDOWS\$hf_mig$\KB933566-IE7\update\spcustom.dll


Clean

C:\WINDOWS\$hf_mig$\KB933566-IE7\update\update.exe


Clean

C:\WINDOWS\$hf_mig$\KB933566-IE7\update\update.ver


Clean

C:\WINDOWS\$hf_mig$\KB933566-IE7\update\updatebr.inf


Clean

C:\WINDOWS\$hf_mig$\KB933566-IE7\update\update_SP2QFE.inf


Clean

C:\WINDOWS\$hf_mig$\KB933566-IE7\update\updspapi.dll


Clean

C:\WINDOWS\$hf_mig$\KB933729


Clean

C:\WINDOWS\$hf_mig$\KB935839


Clean

C:\WINDOWS\$hf_mig$\KB935839\SP2QFE


Clean

C:\WINDOWS\$hf_mig$\KB935839\SP2QFE\kernel32.dll


Clean

C:\WINDOWS\$hf_mig$\KB935839\spmsg.dll


Clean

C:\WINDOWS\$hf_mig$\KB935839\spuninst.exe


Clean

C:\WINDOWS\$hf_mig$\KB935839\update


Clean

C:\WINDOWS\$hf_mig$\KB935839\update\branches.inf


Clean

C:\WINDOWS\$hf_mig$\KB935839\update\eula.txt


Clean

C:\WINDOWS\$hf_mig$\KB935839\update\KB935839.CAT


Clean

C:\WINDOWS\$hf_mig$\KB935839\update\spcustom.dll


Clean

C:\WINDOWS\$hf_mig$\KB935839\update\update.exe


Clean

C:\WINDOWS\$hf_mig$\KB935839\update\update.ver


Clean

C:\WINDOWS\$hf_mig$\KB935839\update\updatebr.inf


Clean

C:\WINDOWS\$hf_mig$\KB935839\update\update_SP2QFE. inf


Clean

C:\WINDOWS\$hf_mig$\KB935839\update\updspapi.dll


Clean

C:\WINDOWS\$hf_mig$\KB935840


Clean

C:\WINDOWS\$hf_mig$\KB935840\SP2QFE


Clean

C:\WINDOWS\$hf_mig$\KB935840\SP2QFE\schannel.dll


Clean

C:\WINDOWS\$hf_mig$\KB935840\spmsg.dll


Clean

C:\WINDOWS\$hf_mig$\KB935840\spuninst.exe


Clean

C:\WINDOWS\$hf_mig$\KB935840\update


Clean

C:\WINDOWS\$hf_mig$\KB935840\update\branches.inf


Clean

C:\WINDOWS\$hf_mig$\KB935840\update\eula.txt


Clean

C:\WINDOWS\$hf_mig$\KB935840\update\KB935840.CAT


Clean

C:\WINDOWS\$hf_mig$\KB935840\update\spcustom.dll


Clean

C:\WINDOWS\$hf_mig$\KB935840\update\update.exe


Clean

C:\WINDOWS\$hf_mig$\KB935840\update\update.ver


Clean

C:\WINDOWS\$hf_mig$\KB935840\update\updatebr.inf


Clean

C:\WINDOWS\$hf_mig$\KB935840\update\update_SP2QFE. inf


Clean

C:\WINDOWS\$hf_mig$\KB935840\update\updspapi.dll


Clean

C:\WINDOWS\$hf_mig$\KB936021


Clean

C:\WINDOWS\$hf_mig$\KB936021\SP2QFE


Clean

C:\WINDOWS\$hf_mig$\KB936021\SP2QFE\msxml3.dll


Clean

C:\WINDOWS\$hf_mig$\KB936021\spmsg.dll


Clean

C:\WINDOWS\$hf_mig$\KB936021\spuninst.exe


Clean

C:\WINDOWS\$hf_mig$\KB936021\update


Clean

C:\WINDOWS\$hf_mig$\KB936021\update\branches.inf


Clean

C:\WINDOWS\$hf_mig$\KB936021\update\eula.txt


Clean

C:\WINDOWS\$hf_mig$\KB936021\update\KB936021.CAT


Clean

C:\WINDOWS\$hf_mig$\KB936021\update\spcustom.dll


Clean

C:\WINDOWS\$hf_mig$\KB936021\update\update.exe


Clean

C:\WINDOWS\$hf_mig$\KB936021\update\update.ver


Clean

C:\WINDOWS\$hf_mig$\KB936021\update\updatebr.inf


Clean

C:\WINDOWS\$hf_mig$\KB936021\update\update_SP2QFE. inf


Clean

C:\WINDOWS\$hf_mig$\KB936021\update\updspapi.dll


Clean

C:\WINDOWS\$hf_mig$\KB937143-IE7


Clean

C:\WINDOWS\$hf_mig$\KB937143-IE7\SP2QFE


Clean

C:\WINDOWS\$hf_mig$\KB937143-IE7\SP2QFE\advpack.dll


Clean

C:\WINDOWS\$hf_mig$\KB937143-IE7\SP2QFE\extmgr.dll


Clean

C:\WINDOWS\$hf_mig$\KB937143-IE7\SP2QFE\ie4uinit.exe


Clean

C:\WINDOWS\$hf_mig$\KB937143-IE7\SP2QFE\ieakeng.dll


Clean

C:\WINDOWS\$hf_mig$\KB937143-IE7\SP2QFE\ieaksie.dll


Clean

C:\WINDOWS\$hf_mig$\KB937143-IE7\SP2QFE\ieakui.dll


Clean

C:\WINDOWS\$hf_mig$\KB937143-IE7\SP2QFE\ieapfltr.dat


Clean

C:\WINDOWS\$hf_mig$\KB937143-IE7\SP2QFE\ieapfltr.dll


Clean

C:\WINDOWS\$hf_mig$\KB937143-IE7\SP2QFE\iedkcs32.dll


Clean

C:\WINDOWS\$hf_mig$\KB937143-IE7\SP2QFE\ieframe.dll


Clean

C:\WINDOWS\$hf_mig$\KB937143-IE7\SP2QFE\ieframe.dll.mui


Clean

C:\WINDOWS\$hf_mig$\KB937143-IE7\SP2QFE\iernonce.dll


Clean

C:\WINDOWS\$hf_mig$\KB937143-IE7\SP2QFE\iertutil.dll


Clean

C:\WINDOWS\$hf_mig$\KB937143-IE7\SP2QFE\ieudinit.exe


Clean

C:\WINDOWS\$hf_mig$\KB937143-IE7\SP2QFE\iexplore.exe


Clean

C:\WINDOWS\$hf_mig$\KB937143-IE7\SP2QFE\inetcpl.cpl


Clean

C:\WINDOWS\$hf_mig$\KB937143-IE7\SP2QFE\jsproxy.dll


Clean

C:\WINDOWS\$hf_mig$\KB937143-IE7\SP2QFE\msfeeds.dll


Clean

C:\WINDOWS\$hf_mig$\KB937143-IE7\SP2QFE\msfeedsbs.dll


Clean

C:\WINDOWS\$hf_mig$\KB937143-IE7\SP2QFE\mshtml.dll


Clean

C:\WINDOWS\$hf_mig$\KB937143-IE7\SP2QFE\mshtmled.dll


Clean

C:\WINDOWS\$hf_mig$\KB937143-IE7\SP2QFE\msrating.dll


Clean

C:\WINDOWS\$hf_mig$\KB937143-IE7\SP2QFE\mstime.dll


Clean

C:\WINDOWS\$hf_mig$\KB937143-IE7\SP2QFE\occache.dll


Clean

C:\WINDOWS\$hf_mig$\KB937143-IE7\SP2QFE\url.dll


Clean

C:\WINDOWS\$hf_mig$\KB937143-IE7\SP2QFE\urlmon.dll


Clean

C:\WINDOWS\$hf_mig$\KB937143-IE7\SP2QFE\webcheck.dll


Clean

C:\WINDOWS\$hf_mig$\KB937143-IE7\SP2QFE\wininet.dll


Clean

C:\WINDOWS\$hf_mig$\KB937143-IE7\spmsg.dll


Clean

C:\WINDOWS\$hf_mig$\KB937143-IE7\spuninst.exe


Clean

C:\WINDOWS\$hf_mig$\KB937143-IE7\update


Clean

C:\WINDOWS\$hf_mig$\KB937143-IE7\update\branches.inf


Clean

C:\WINDOWS\$hf_mig$\KB937143-IE7\update\eula.txt


Clean

C:\WINDOWS\$hf_mig$\KB937143-IE7\update\KB937143-IE7.CAT


Clean

C:\WINDOWS\$hf_mig$\KB937143-IE7\update\spcustom.dll


Clean

C:\WINDOWS\$hf_mig$\KB937143-IE7\update\update.exe


Clean

C:\WINDOWS\$hf_mig$\KB937143-IE7\update\update.ver


Clean

C:\WINDOWS\$hf_mig$\KB937143-IE7\update\updatebr.inf


Clean

C:\WINDOWS\$hf_mig$\KB937143-IE7\update\update_SP2QFE.inf


Clean

C:\WINDOWS\$hf_mig$\KB937143-IE7\update\updspapi.dll


Clean

C:\WINDOWS\$hf_mig$\KB938127-IE7


Clean

C:\WINDOWS\$hf_mig$\KB938127-IE7\SP2QFE


Clean

C:\WINDOWS\$hf_mig$\KB938127-IE7\SP2QFE\vgx.dll


Clean

C:\WINDOWS\$hf_mig$\KB938127-IE7\spmsg.dll


Clean

C:\WINDOWS\$hf_mig$\KB938127-IE7\spuninst.exe


Clean

C:\WINDOWS\$hf_mig$\KB938127-IE7\update


Clean

C:\WINDOWS\$hf_mig$\KB938127-IE7\update\branches.inf


Clean

C:\WINDOWS\$hf_mig$\KB938127-IE7\update\eula.txt


Clean

C:\WINDOWS\$hf_mig$\KB938127-IE7\update\KB938127-IE7.CAT


Clean

C:\WINDOWS\$hf_mig$\KB938127-IE7\update\spcustom.dll


Clean

C:\WINDOWS\$hf_mig$\KB938127-IE7\update\update.exe


Clean

C:\WINDOWS\$hf_mig$\KB938127-IE7\update\update.ver


Clean

C:\WINDOWS\$hf_mig$\KB938127-IE7\update\updatebr.inf


Clean

C:\WINDOWS\$hf_mig$\KB938127-IE7\update\update_SP2QFE.inf


Clean

C:\WINDOWS\$hf_mig$\KB938127-IE7\update\updspapi.dll


Clean

C:\WINDOWS\$hf_mig$\KB938828


Clean

C:\WINDOWS\$hf_mig$\KB938828\SP2QFE


Clean

C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe


Clean

C:\WINDOWS\$hf_mig$\KB938828\spmsg.dll


Clean

C:\WINDOWS\$hf_mig$\KB938828\spuninst.exe


Clean

C:\WINDOWS\$hf_mig$\KB938828\update


Clean

C:\WINDOWS\$hf_mig$\KB938828\update\branches.inf


Clean

C:\WINDOWS\$hf_mig$\KB938828\update\eula.txt


Clean

C:\WINDOWS\$hf_mig$\KB938828\update\KB938828.CAT


Clean

C:\WINDOWS\$hf_mig$\KB938828\update\spcustom.dll


Clean

C:\WINDOWS\$hf_mig$\KB938828\update\update.exe


Clean

C:\WINDOWS\$hf_mig$\KB938828\update\update.ver


Clean

C:\WINDOWS\$hf_mig$\KB938828\update\updatebr.inf


Clean

C:\WINDOWS\$hf_mig$\KB938828\update\update_SP2QFE. inf


Clean

C:\WINDOWS\$hf_mig$\KB938828\update\updspapi.dll


Clean

C:\WINDOWS\$hf_mig$\KB938829


Clean

C:\WINDOWS\$hf_mig$\KB938829\SP2QFE


Clean

C:\WINDOWS\$hf_mig$\KB938829\SP2QFE\gdi32.dll


Clean

C:\WINDOWS\$hf_mig$\KB938829\spmsg.dll


Clean

C:\WINDOWS\$hf_mig$\KB938829\spuninst.exe


Clean

C:\WINDOWS\$hf_mig$\KB938829\update


Clean

C:\WINDOWS\$hf_mig$\KB938829\update\branches.inf


Clean

C:\WINDOWS\$hf_mig$\KB938829\update\eula.txt


Clean

C:\WINDOWS\$hf_mig$\KB938829\update\KB938829.CAT


Clean

C:\WINDOWS\$hf_mig$\KB938829\update\spcustom.dll


Clean

C:\WINDOWS\$hf_mig$\KB938829\update\update.exe


Clean

C:\WINDOWS\$hf_mig$\KB938829\update\update.ver


Clean

C:\WINDOWS\$hf_mig$\KB938829\update\updatebr.inf


Clean

C:\WINDOWS\$hf_mig$\KB938829\update\update_SP2QFE. inf


Clean

C:\WINDOWS\$hf_mig$\KB938829\update\updspapi.dll


Clean

C:\WINDOWS\$hf_mig$\KB939653-IE7


Clean

C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE


Clean

C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\advpack.dll


Clean

C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\dxtrans.dll


Clean

C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\extmgr.dll


Clean

C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\icardie.dll


Clean

C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\ie4uinit.exe


Clean

C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\ieakeng.dll


Clean

C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\ieaksie.dll


Clean

C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\ieakui.dll


Clean

C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\ieapfltr.dat


Clean

C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\ieapfltr.dll


Clean

C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\iedkcs32.dll


Clean

C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\ieframe.dll


Clean

C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\ieframe.dll.mui


Clean

C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\iernonce.dll


Clean

C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\iertutil.dll


Clean

C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\ieudinit.exe


Clean

C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\iexplore.exe


Clean

C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\inetcpl.cpl


Clean

C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\jsproxy.dll


Clean














Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:15:55 PM, on 1/1/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PSIService.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local
O2 - BHO: SpywareGuardDLBLOCK.CBrowserHelper - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O3 - Toolbar: MYPOINTS - {A057A204-BACC-4D26-CEC4-75A487FD6484} - C:\PROGRA~1\mypoints\mypoints.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Neda\Programs\IMVU\Run IMVU.lnk
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {01016526-5E80-11D8-9E86-0007E96C65AE} (SmartAccess Ctl Class) - https://install.charter.com/diskless/bin/ssctlsma.dll
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - https://google.com/diskless/bin/tgctlcm.cab
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/...x/qtplugin.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/par...an_unicode.cab
O16 - DPF: {2DFF31F9-7893-4922-AF66-C9A1EB4EBB31} (Rhapsody Player Engine) - http://forms.real.com/real/player/do...e_Inst_Win.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {3107C2A8-9F0B-4404-A58B-21BD85268FBC} (PogoWebLauncher Control) - http://www.pogo.com/cdl/launcher/Pog...rInstaller.CAB
O16 - DPF: {32A155BD-68EC-404E-A14F-72A851C0811D} (WebNG-Uploader Control) - http://cp1.webng.com/client/fm/WebNG-Uploader.cab
O16 - DPF: {341FF14B-00CB-49F5-A427-A164DF1D5E1F} (MALPlaybackCtrl Class) - http://musicstore.connect.com/XSL/mb...LStreaming.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/reso...an8/oscan8.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1166401038125
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Measurement Services Client v.3.10) - http://advisor.futuremark.com/global/msc310.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{63435374-0A07-44DB-8735-CC8EACDD0080}: NameServer = 192.168.2.1
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O24 - Desktop Component 0: (no name) - http://www.blizzard.com/shared/blizz...blizz-logo.gif

--
End of file - 9044 bytes