Inactive nundated with pop-ups at start up!

tashers · 2009/10/17

[Inactive] nundated with pop-ups at start up!

MY computer runs on Windows XP and every time I start up there are tons of pop-ups on the screen and it takes yearrrs to gain any functionality, I have no idea what to do.

Here are the dds logs, first ones the attach file and the second is the dds file.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-10-13.01)

Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume2
Install Date: 3/19/2004 2:26:27 PM
System Uptime: 10/18/2009 1:29:55 PM (1 hours ago)

Motherboard: MICRO-STAR INTERNATIONAL CO., LTD | | MS-6577
Processor: Intel(R) Pentium(R) 4 CPU 2.60GHz | Socket 478 | 2600/100mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 71 GiB total, 10.134 GiB free.
D: is FIXED (FAT32) - 5 GiB total, 0.583 GiB free.
E: is CDROM ()
H: is Removable
J: is Removable
K: is Removable
L: is Removable

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP1688: 8/20/2009 2:27:10 PM - System Checkpoint
RP1689: 8/20/2009 9:45:53 PM - Unsigned driver install
RP1690: 8/21/2009 10:27:09 PM - System Checkpoint
RP1691: 8/22/2009 11:27:08 PM - System Checkpoint
RP1692: 8/24/2009 12:27:11 AM - System Checkpoint
RP1693: 8/25/2009 1:06:45 AM - System Checkpoint
RP1694: 8/25/2009 3:01:11 AM - Software Distribution Service 3.0
RP1695: 8/26/2009 3:06:27 AM - System Checkpoint
RP1696: 8/26/2009 10:02:57 PM - Installed Vegas Pro 9.0
RP1697: 8/26/2009 10:37:11 PM - Unsigned driver install
RP1698: 8/27/2009 3:00:41 AM - Software Distribution Service 3.0
RP1699: 8/27/2009 6:02:04 PM - Installed Sony Vegas Pro 8.0
RP1700: 8/27/2009 6:20:39 PM - Removed Vegas Pro 9.0
RP1701: 8/27/2009 7:03:48 PM - Installed Vegas Pro 9.0
RP1702: 8/27/2009 8:41:02 PM - Unsigned driver install
RP1703: 8/28/2009 12:59:20 AM - Removed Vegas Pro 9.0
RP1704: 8/28/2009 3:06:40 AM - Software Distribution Service 3.0
RP1705: 8/29/2009 3:01:19 AM - Software Distribution Service 3.0
RP1706: 8/30/2009 9:26:39 AM - System Checkpoint
RP1707: 8/31/2009 9:30:10 AM - System Checkpoint
RP1708: 9/1/2009 10:05:32 AM - System Checkpoint
RP1709: 9/2/2009 11:05:01 AM - System Checkpoint
RP1710: 9/3/2009 12:05:29 PM - System Checkpoint
RP1711: 9/4/2009 12:41:14 PM - System Checkpoint
RP1712: 9/5/2009 3:00:41 AM - Software Distribution Service 3.0
RP1713: 9/6/2009 3:40:46 AM - System Checkpoint
RP1714: 9/7/2009 4:40:47 AM - System Checkpoint
RP1715: 9/8/2009 9:06:09 AM - System Checkpoint
RP1716: 9/9/2009 10:07:07 AM - System Checkpoint
RP1717: 9/10/2009 3:02:17 AM - Software Distribution Service 3.0
RP1718: 9/10/2009 10:00:30 AM - Software Distribution Service 3.0
RP1719: 9/11/2009 3:00:51 AM - Software Distribution Service 3.0
RP1720: 9/12/2009 3:36:57 AM - System Checkpoint
RP1721: 9/13/2009 4:37:05 AM - System Checkpoint
RP1722: 9/14/2009 8:54:17 AM - System Checkpoint
RP1723: 9/15/2009 10:05:49 AM - System Checkpoint
RP1724: 9/16/2009 10:37:29 AM - System Checkpoint
RP1725: 9/17/2009 11:01:34 AM - System Checkpoint
RP1726: 9/18/2009 11:37:11 AM - System Checkpoint
RP1727: 9/19/2009 12:52:12 PM - System Checkpoint
RP1728: 9/20/2009 4:57:40 PM - System Checkpoint
RP1729: 9/21/2009 6:48:02 PM - System Checkpoint
RP1730: 9/22/2009 3:00:44 AM - Software Distribution Service 3.0
RP1731: 9/23/2009 7:01:38 AM - System Checkpoint
RP1732: 9/24/2009 8:37:19 AM - System Checkpoint
RP1733: 9/25/2009 12:53:28 PM - System Checkpoint
RP1734: 9/25/2009 3:39:59 PM - Installed Compatibility Pack for the 2007 Office system
RP1735: 9/26/2009 7:23:05 PM - System Checkpoint
RP1736: 9/27/2009 10:08:02 PM - System Checkpoint
RP1737: 9/28/2009 10:26:29 PM - System Checkpoint
RP1738: 9/30/2009 12:31:17 AM - System Checkpoint
RP1739: 10/1/2009 12:32:30 AM - System Checkpoint
RP1740: 10/1/2009 3:01:03 AM - Software Distribution Service 3.0
RP1741: 10/2/2009 3:32:58 AM - System Checkpoint
RP1742: 10/3/2009 9:30:43 AM - System Checkpoint
RP1743: 10/4/2009 8:03:19 PM - System Checkpoint
RP1744: 10/6/2009 12:47:48 PM - System Checkpoint
RP1745: 10/7/2009 1:32:31 PM - System Checkpoint
RP1746: 10/8/2009 8:52:34 AM - Removed FinePixViewer Resource
RP1747: 10/8/2009 8:55:21 AM - Removed FinePixViewer
RP1748: 10/9/2009 9:32:29 AM - System Checkpoint
RP1749: 10/10/2009 1:02:50 PM - System Checkpoint
RP1750: 10/11/2009 4:06:56 PM - System Checkpoint
RP1751: 10/12/2009 8:15:51 PM - System Checkpoint
RP1752: 10/14/2009 2:35:32 AM - System Checkpoint
RP1753: 10/14/2009 3:01:22 AM - Software Distribution Service 3.0
RP1754: 10/14/2009 5:42:37 PM - Installed iTunes
RP1755: 10/15/2009 10:21:55 PM - System Checkpoint
RP1756: 10/17/2009 11:46:15 AM - Software Distribution Service 3.0
RP1757: 10/17/2009 1:17:37 PM - Software Distribution Service 3.0
RP1758: 10/17/2009 3:19:50 PM - saturday 17 oct 09
RP1759: 10/18/2009 3:01:30 AM - Software Distribution Service 3.0
RP1760: 10/18/2009 1:21:56 PM - Software Distribution Service 3.0

==== Installed Programs ======================

µTorrent
4Musics WMA to WAV Converter 2.1
Adobe Acrobat 5.0
Adobe Flash Player 10 Plugin
Adobe Flash Player ActiveX
Adobe Photoshop 6.0
Adobe Photoshop Album 2.0 Starter Edition
Adobe Reader 7.1.0
Adobe Shockwave Player
AiO_Scan
AIOMinimal
AiOSoftware
Alarm 2.0.1
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ArcSoft PhotoBase 3
ArcSoft PhotoStudio 5
ArcSoft ShowBiz 2
AutoUpdate
Avanquest update
avast! Antivirus
AVIcodec (remove only)
BigPond Toolbar
Bonjour
Bonus Pack Documentation
BufferChm
Business Contact Manager for Outlook 2003
Canon CanoScan Toolbox 4.0
CanoScan LiDE20,30 Manual
Chopper Screen Saver
Compatibility Pack for the 2007 Office system
Copy
CreativeProjects
Critical Update for Windows Media Player 11 (KB959772)
CustomerResearchQFolder
D2300
D2300_Help
DeviceManagementQFolder
DivX Codec
DivX Converter
DivX Player
DivX Web Player
DNA
DocProc
e-tax 2009
Easy Internet Sign-up
Enhanced Multimedia Keyboard Solution
EPSON Printer Software
eSupportQFolder
EvilLyrics
EZface ActiveX 207
Fax
FinePix Studio
FreeRIP v2.96
FUJIFILM USB Driver
getPlus(R)_ocx
Google Earth
GTOneCare
Highlight Viewer (Windows Live Toolbar)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Format SDK (KB902344)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB954708)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
HP Customer Participation Program 7.0
HP Deskjet Preloaded Printer Drivers
HP Imaging Device Functions 7.0
HP Photo & Imaging 3.1
HP Photo and Imaging 2.0 - Photosmart Cameras
HP Photosmart and Deskjet 7.0 Software
HP Photosmart Essential
HP PSC & OfficeJet 3.0
HP Solution Center 7.0
HP Update
hph_ProductContext
hph_readme
hph_software
hph_software_req
HPIZ311
hpmdtab
HPPhotoSmartExpress
HPProductAssistant
HpSdpAppCoreApp
HPSystemDiagnostics
ImageMixer VCD/DVD2 for OLYMPUS
iMeshBar
InstantShare
Intel(R) Extreme Graphics Driver
InterActual Player
InterVideo Home Theater
InterVideo WinDVD Player
InterVideo WinDVDX
InterVideo WinDVRX
iTunes
J2SE Runtime Environment 5.0 Update 10
J2SE Runtime Environment 5.0 Update 11
J2SE Runtime Environment 5.0 Update 3
J2SE Runtime Environment 5.0 Update 6
Java 2 Runtime Environment, SE v1.4.2
Java(TM) 6 Update 11
Java(TM) 6 Update 2
Java(TM) 6 Update 3
Java(TM) 6 Update 5
Java(TM) SE Runtime Environment 6 Update 1
LiveReg (Symantec Corporation)
LiveUpdate 1.90 (Symantec Corporation)
Logitech Desktop Messenger
Logitech QuickCam
Logitech® Camera Driver
london Screen Saver
Macromedia Flash Player
Malwarebytes' Anti-Malware
MarketResearch
Media Library Management Wizard
Memories Disc Creator 2.0
Messenger Plus! Live
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB953297)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Data Access Components KB870669
Microsoft Encarta Encyclopedia Standard - WE 2004
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Money
Microsoft Money System Pack
Microsoft National Language Support Downlevel APIs
Microsoft Office Professional Edition 2003
Microsoft Office Standard Edition 2003
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Works 7.0
Minilyrics(remove only)
MobileMe Control Panel
Motorola Phone Tools
Movie Maker Background Music Files
Movie Maker Sound Effects
Movie Maker Title Images
Moviepass License Manager
Mozilla Firefox (3.0.14)
MP3 Wave Converter 3.0
MSN Music Assistant
MSXML 4.0 SP2 (KB925672)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
Multimedia Card Reader
Musicmatch for Windows Media Player
Musicmatch® Jukebox
ninemsn Toolbar
Nokia Connectivity Adapter Cable DKU-5
Nokia Connectivity Cable Driver
Nokia MTP driver
Nokia N73 highlights
Nokia Nseries Skin for Microsoft Windows Media Player
Nokia PC Connectivity Solution
Nokia PC Suite
Nokia themes for your device
Norton Security Scan
NVIDIA Ethernet Driver
NVIDIA GART Driver
OGA Notifier 1.7.0105.35.0
OmniPage SE
OpenOffice.org Installer 1.0
PC-Doctor for Windows
Personal License Update Wizard for Windows Media Player
Photo Story 3 for Windows
PhotoGallery
PICVideo Codecs
Print@Kodak by Kphoto
PrintScreen
ProfileWatcher 2.0
PS2
Python 2.2 combined Win32 extensions
QFolder
QuickProjects
QuickTime
Readme
RealPlayer
RecordNow!
Safari
SafeGuard
Scan
ScanToWeb
Security Update for CAPICOM (KB931906)
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 8 (KB969897)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371-v2)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Shockwave
Sibelius Scorch Plugin
SIW version 2009-09-09
SkinsHP1
SkinsHP2
Skype™ 4.0
Smart Menus (Windows Live Toolbar)
SolutionCenter
Sonic Update Manager
Sony USB Driver
Sony Vegas Pro 8.0
Spybot - Search & Destroy
Status
Teletext Epg Scanner
Toolbox
toolkit
TrayApp
Unload
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB968220)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB973815)
Updates from HP
URGE
VC80CRTRedist - 8.0.50727.762
Viduku 3.02
VLC media player 1.0.1
WebFldrs XP
WebReg
Windows Defender
Windows Defender Signatures
Windows Driver Package - Nokia Modem (06/12/2006 6.81.0.21)
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage v1.3.0254.0
Windows Genuine Advantage Validation Tool (KB892130)
Windows Imaging Component
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Live Favorites for Windows Live Toolbar
Windows Live Mail
Windows Live Messenger
Windows Live OneCare Family Safety
Windows Live OneCare safety scanner
Windows Live Sign-in Assistant
Windows Live Toolbar Extension (Windows Live Toolbar)
Windows Live Writer
Windows Media 7 PowerToys
Windows Media Bonus Pack for Windows XP
Windows Media Connect
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player Playlist Import to Excel Wizard
Windows Media Player Skin Importer
Windows Media Player Tray Control
Windows Rights Management Client
Windows Rights Management Client Backwards Compatibility
Windows XP Service Pack 3
Xiph QuickTime Components
Yahoo! Install Manager
Yahoo! Internet Mail

==== Event Viewer Messages From Past Week ========

10/14/2009 6:16:41 PM, error: Service Control Manager [7034] - The avast! Web Scanner service terminated unexpectedly. It has done this 1 time(s).
10/14/2009 6:14:35 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the avast! Web Scanner service to connect.
10/14/2009 6:14:35 PM, error: Service Control Manager [7000] - The avast! Web Scanner service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
10/14/2009 6:11:47 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Application Layer Gateway Service service to connect.
10/14/2009 6:11:47 PM, error: Service Control Manager [7000] - The Application Layer Gateway Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
10/14/2009 6:07:34 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the iPod Service service to connect.
10/14/2009 6:07:34 PM, error: Service Control Manager [7000] - The iPod Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
10/14/2009 6:07:34 PM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service iPod Service with arguments " " in order to run the server: {063D34A4-BF84-4B8D-B699-E8CA06504DDE}
10/14/2009 6:06:29 PM, error: WMPNetworkSvc [14344] - A new media server was not initialized because WMCreateDeviceRegistration() encountered error '0xc00d2711'. The Windows Media DRM components on your computer might be corrupted. Verify that protected files play correctly in Windows Media Player, and then restart the WMPNetworkSvc service.
10/14/2009 6:06:28 PM, error: Service Control Manager [7000] - The IMAPI CD-Burning COM Service service failed to start due to the following error: The system cannot find the file specified.
10/14/2009 6:04:15 PM, error: Service Control Manager [7022] - The Automatic Updates service hung on starting.
10/14/2009 5:56:18 PM, information: Windows File Protection [64004] - The protected system file imapi.exe could not be restored to its original, valid version. The file version of the bad file is unknown The specific error code is 0x00000490 [Element not found. ].
10/14/2009 10:59:11 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Windows Media Player Network Sharing Service service to connect.
10/14/2009 10:59:11 AM, error: Service Control Manager [7000] - The Windows Media Player Network Sharing Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

==== End Of File ===========================

Here is the dds log

DDS (Ver_09-10-13.01) - NTFSx86
Run by Owner at 14:09:59.26 on Sun 10/18/2009
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_11
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.503.229 [GMT 11:00]

AV: avast! antivirus 4.8.1296 [VPS 091017-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\Explorer.EXE
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\bgsvcgen.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe
C:\Program Files\InterVideo\Common\bin\WinCinemaMgr.exe
C:\Program Files\Common Files\InterVideo\SchSvr\SchSvr.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Multimedia Card Reader\shwicon2k.exe
C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\HP\KBD\KBD.EXE
C:\PROGRA~1\MUSICM~1\MUSICM~1\MMDiag.exe
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
C:\Program Files\Windows Live\Family Safety\fssui.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mim.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\PROGRA~1\HPPAVI~1\Pavilion\XPHWWBP4\plugin\bin\PCHButton.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Updates from HP\137903\Program\BackWeb-137903.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Safari\Safari.exe
C:\PROGRA~1\COMMON~1\PCSuite\DATALA~1\DATALA~1.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Documents and Settings\Owner\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://au.yahoo.com/?fr=fp-yie8
uDefault_Page_URL = hxxp://au.yahoo.com/?fr=fp-yie8
uDefault_Search_URL = hxxp://search.msn.com
uWindow Title = Windows Internet Explorer provided by Yahoo!7
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/wdgt3/*http://www.yahoo.com/ext/search/search.html
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = localhost;*.local
uSearchURL,(Default) = hxxp://as.starware.com/dp/search?x=wKX1ILEOi+UdWpSlz2q9Dzn13Emww/Ywll7P95aNkuXA5HGvcVR27H3LSqzKgTyfXw1dlthLW4cmm7+DkyHoC1lQBBuJzHPaI/YUnmKyEf+jtXgaUIE+n3pzy9llGklt
mWinlogon: Userinit=userinit.exe
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - No File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
TB: HP View: {b2847e28-5d7d-4deb-8b67-05d28bcf79f5} - c:\program files\hp\digital imaging\bin\hpdtlk02.dll
TB: {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No File
TB: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File
TB: ninemsn: {bdad1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\msn apps\msn toolbar\01.02.4000.1001\en-au\msntb.dll
TB: BigPond Toolbar: {7a431ec4-cc21-4df7-9db1-a2cf74c4cc98} - c:\program files\telstra\toolbar\bpumToolBand.dll
EB: {4528BBE0-4E08-11D5-AD55-00010333D0AD} - No File
EB: hp view: {8f4902b6-6c04-4ade-8052-aa58578a21bd} - c:\windows\system32\Shdocvw.dll
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
EB: &Research: {ff059e31-cc5a-4e2e-bf3b-96e929d65503} - c:\progra~1\mi1933~1\office11\REFIEBAR.DLL
uRun: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
uRun: [BackupNotify] c:\program files\hp\digital imaging\bin\backupnotify.exe
uRun: [Acme.PCHButton] c:\progra~1\hppavi~1\pavilion\xphwwbp4\plugin\bin\PCHButton.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [OM_Monitor] c:\program files\olympus\olympus master\Monitor.exe -NoStart
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [PcSync] c:\program files\nokia\nokia pc suite 6\PcSync2.exe /NoDialog
uRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
uRun: [BitTorrent DNA] "c:\program files\dna\btdna.exe "
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [uTorrent] "c:\program files\utorrent\uTorrent.exe "
mRun: [IMJPMIG8.1] "c:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
mRun: [MSPY2002] c:\windows\system32\ime\pintlgnt\ImScInst.exe /SYNC
mRun: [PHIME2002ASync] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNC
mRun: [PHIME2002A] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMEName
mRun: [hpsysdrv] c:\windows\system\hpsysdrv.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [CamMonitor] c:\program files\hp\digital imaging\unload\hpqcmon.exe
mRun: [UpdateManager] "c:\program files\common files\sonic\update manager\sgtray.exe" /r
mRun: [AutoTKit] c:\hp\bin\AUTOTKIT.EXE
mRun: [WinCinemaMgr] "c:\program files\intervideo\common\bin\WinCinemaMgr.exe "
mRun: [Home Theater SchSvr] "c:\program files\common files\intervideo\schsvr\SchSvr.exe "
mRun: [Recguard] c:\windows\sminst\RECGUARD.EXE
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
mRun: [VTTimer] VTTimer.exe
mRun: [Sunkist2k] c:\program files\multimedia card reader\shwicon2k.exe
mRun: [Omnipage] c:\program files\scansoft\omnipagese\opware32.exe
mRun: [EPSON Stylus C43 Series] c:\windows\system32\spool\drivers\w32x86\3\E_S10IC2.EXE /P23 "EPSON Stylus C43 Series" /O6 "USB001" /M "Stylus C43 "
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [AlcxMonitor] ALCXMNTR.EXE
mRun: [GvÃ¹Ãµš/‚²‘Ã†ÃŸfÃNb‰»9c:\program files\istsvc\istsvc.exe] c:\windows\bsopbj.exe
mRun: [Ã³#*K "h'Ã¾9Ã“œÃ·3rÃ…Wc:\program files\istsvc\istsvc.exe] c:\windows\bsopbj.exe
mRun: [BigPond Toolbar] "c:\program files\telstra\toolbar\bpumTray.exe "
mRun: [MimBoot] c:\progra~1\musicm~1\musicm~1\mimboot.exe
mRun: [TkBellExe] "realsched.exe" -osboot
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe "
mRun: [Windows Defender] "c:\program files\windows defender\MSASCui.exe" -hide
mRun: [KBD] c:\hp\kbd\KBD.EXE
mRun: [Picasa Media Detector] c:\program files\picasa2\PicasaMediaDetector.exe
mRun: [PCSuiteTrayApplication] c:\progra~1\nokia\nokiap~1\LAUNCH~1.EXE -startup
mRun: [fssui] "c:\program files\windows live\family safety\fssui.exe" -autorun
mRun: [winboot] wscript.exe \boot.ini
mRun: [avast!] c:\progra~1\alwils~1\avast4\ashDisp.exe
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\bin\AppleSyncNotifier.exe
mRun: [REGSHAVE] c:\program files\regshave\REGSHAVE.EXE /AUTORUN
mRun: [LogitechCommunicationsManager] "c:\program files\common files\logishrd\lcommgr\Communications_Helper.exe "
mRun: [LogitechQuickCamRibbon] "c:\program files\logitech\quickcam\Quickcam.exe" /hide
mRun: [MS32DLL] \.MS32DLL.dll.vbs
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe "
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\logite~1.lnk - c:\program files\logitech\desktop messenger\8876480\program\LogitechDesktopMessenger.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\update~1.lnk - c:\program files\updates from hp\137903\program\BackWeb-137903.exe
IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office11\EXCEL.EXE/3000
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mi1933~1\office11\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
Trusted Zone: bigpondmusic.com
Trusted Zone: musicmatch.com\online
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://a1540.g.akamai.net/7/1540/52/20061205/qtinstall.info.apple.com/qtactivex/qtplugin.cab
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/8/3/d/83d1fe15-fe0f-4bdf-b09c-4e3c49808ec7/LegitCheckControl.cab
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper.dll
DPF: {34A44FCF-50E3-63A5-A8DA-7835752B9571} - hxxp://www.captaincode.com/ccbar/ccbar.cab
DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} - hxxp://office.microsoft.com/officeupdate/content/opuc.cab
DPF: {48DD0448-9209-4F81-9F6D-D83562940134} - hxxp://lads.myspace.com/upload/MySpaceUploader1006.cab
DPF: {49232000-16E4-426C-A231-62846947304B} - hxxp://ipgweb.cce.hp.com/rdqcpqdktp/downloads/sysinfo.cab
DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://gfx1.mail.live.com/mail/w1/resources/MSNPUpld.cab
DPF: {5CB1506E-1DEA-4E63-89A7-E40E52AEA1FD} - hxxp://usfulfillment.puretracks.com/onager.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1120214541671
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1128158956890
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {91433D86-9F27-402C-B5E3-DEBDD122C339} - hxxp://www.netvenda.com/sites/games-au/aup/games7.cab
DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} - hxxp://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38069.1550231481
DPF: {A92E0798-BFA4-4FEE-BB48-8E2C69B2B0C5} - hxxp://www.navigram.com/engine/v812/PageDive5.cab
DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - hxxp://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_03-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} - hxxp://www.adobe.com/products/acrobat/nos/gp.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - hxxp://us.dl1.yimg.com/download.companion.yahoo.com/dl/toolbar/yiebio5_1_6_0.cab
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\logitech\desktop messenger\8876480\program\GAPlugProtocol-8876480.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: igfxcui - igfxsrvc.dll
Notify: jstdrv - jstdrv.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - c:\progra~1\wifd1f~1\MpShHook.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\owner\applic~1\mozilla\firefox\profiles\pfhd605m.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1561552&SearchSource=3&q=
FF - prefs.js: browser.startup.homepage - hxxp://studentsonline.bos.nsw.edu.au/
FF - plugin: c:\program files\mozilla firefox\plugins\npmozax.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npmusicn.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npyaxmpb.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}

============= SERVICES / DRIVERS ===============

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-10-13 111184]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2008-10-13 20560]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2008-2-25 43816]
R3 PhTVTune;ASUS WDM TV Tuner;c:\windows\system32\drivers\PhTVTune.sys [2003-10-24 24192]
S1 jscript;JavaScript VirtualMachine Driver;c:\windows\system32\jscript.sys [2008-12-13 0]
S3 ASPI;Advanced SCSI Programming Interface Driver;c:\windows\system32\drivers\ASPI32.SYS [2006-7-15 25244]

=============== Created Last 30 ================

2009-10-18 12:48 <DIR> --d----- c:\program files\SIW
2009-10-14 17:50 <DIR> --d----- c:\program files\iPod
2009-10-14 17:49 <DIR> --d----- c:\docume~1\alluse~1\applic~1\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2009-09-25 16:37 <DIR> --d----- c:\program files\MSECache

==================== Find3M ====================

2009-10-18 13:55 86,608 a---h--- c:\windows\system32\mlfcache.dat
2009-09-12 01:18 136,192 a------- c:\windows\system32\msv1_0.dll
2009-09-05 08:03 58,880 a------- c:\windows\system32\msasn1.dll
2009-08-26 19:00 247,326 a------- c:\windows\system32\strmdll.dll
2009-08-06 19:23 274,288 a------- c:\windows\system32\mucltui.dll
2009-08-06 19:23 215,920 a------- c:\windows\system32\muweb.dll
2009-08-05 20:01 204,800 a------- c:\windows\system32\mswebdvd.dll
2009-08-05 01:20 2,066,048 a------- c:\windows\system32\ntkrnlpa.exe
2009-08-04 20:44 2,189,184 a------- c:\windows\system32\ntoskrnl.exe
2009-08-04 19:52 1,193,832 a------- c:\windows\system32\FM20.DLL
2009-07-29 15:37 119,808 a------- c:\windows\system32\t2embed.dll
2009-07-29 15:37 81,920 a------- c:\windows\system32\fontsub.dll
2008-03-04 15:25 32 ac------ c:\docume~1\alluse~1\applic~1\ezsid.dat
2006-11-28 15:39 32 ac---r-- c:\documents and settings\all users\hash.dat
2006-04-15 20:37 24,192 a------- c:\documents and settings\owner\usbsermptxp.sys
2006-04-15 20:37 22,768 a------- c:\documents and settings\owner\usbsermpt.sys
2004-06-23 13:55 20,480 ac------ c:\program files\ProcManager.exe
2004-06-20 19:21 248 ac------ c:\program files\MIB2ROM.TXT
2004-04-08 10:55 10,196,336 ac------ c:\program files\RealPlayer10GOLD.exe
2000-11-08 14:15 28,672 ac------ c:\windows\inf\regshext.exe
2008-10-14 19:30 32,768 ac-sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008101420081015\index.dat

============= FINISH: 14:13:34.79 ===============

Thanks in advanced everybody

broni · 2009/10/18

Print these instructions out.

NOTE. If any of the programs listed below refuse to run, try renaming executive file to something else; for instance, rename hijackthis.exe to scanner.exe

***VERY IMPORTANT! Make sure, you update Superantispyware, and Malwarebytes before running the scans.***

STEP 1. Download SUPERAntiSpyware Free for Home Users:
http://www.superantispyware.com/

* Double-click SUPERAntiSpyware.exe and use the default settings for installation.
* An icon will be created on your desktop. Double-click that icon to launch the program.
* If asked to update the program definitions, click "Yes ". If not, update the definitions before scanning by selecting "Check for Updates ". (If you encounter any problems while downloading the updates, manually download and unzip them from here: http://www.superantispyware.com/definitions.html.)
* Close SUPERAntiSpyware.

PHYSICALLY DISCONNECT FROM THE INTERNET

Restart computer in Safe Mode.
To enter Safe Mode, restart computer, and keep tapping F8 key, until menu appears; select Safe Mode; you'll see "Safe Mode" in all four corners of your screen

* Open SUPERAntiSpyware.
* Click Scan your Computer... button.
* Click Scanning Preferences/Control Center... button.
* Under General and Startup tab, make sure, Start SUPERAntiSpyware when Windows starts option is UN-checked.
* Click the Scanning Control tab.
* Under Scanner Options make sure the following are checked (leave all others unchecked):
- Close browsers before scanning.
- Terminate memory threats before quarantining.
* Click the Close button to leave the control center screen.
* On the left, make sure you check C:\Fixed Drive.
* On the right, choose Perform Complete Scan.
* Click Next to start the scan. Please be patient while it scans your computer.
* After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click OK.
* Make sure everything has a checkmark next to it and click Next.
* A notification will appear that Quarantine and Removal is Complete. Click OK and then click the Finish button to return to the main menu.
* If asked if you want to reboot, click Yes.
* To retrieve the removal information after reboot, launch SUPERAntispyware again.
- Click Preferences, then click the Statistics/Logs tab.
- Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
- If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
- Please copy and paste the Scan Log results in your next reply.
* Click Close to exit the program.
Post SUPERAntiSpyware log.

RECONNECT TO THE INTERNET

RESTART COMPUTER!

STEP 2. Download Malwarebytes' Anti-Malware: http://www.malwarebytes.org/mbam.php to your desktop.
(Malwarebytes is free to use as a manual scanner. Payment is only required if you wish to have it run and update automatically which is not necessary for our purposes)

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform full scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

RESTART COMPUTER!

STEP 3. Download GMER: http://www.gmer.net/files.php, by clicking on Download EXE button.
Alternative downloads:
- http://majorgeeks.com/GMER_d5198.html
- http://www.softpedia.com/get/Interne...ers/GMER.shtml
Double click on downloaded .exe file, select Rootkit tab and click the Scan button.
When scan is completed, click Save button, and save the results as gmer.log
Warning ! Please, do not select the "Show all" checkbox during the scan.
Post the log to your next reply.

RESTART COMPUTER

STEP 4. Download HijackThis:
http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis/download
by clicking on Download HijackThis Installer
Install, and run it.
Post HijackThis log.
NOTE. If you're using Vista, right click on HijackThis, and click Run as Administrator
Do NOT attempt to "fix" anything!

DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!

Log in or Sign up

Inactive nundated with pop-ups at start up!

tashers Inactive Thread Starter

broni Moderator Malware Analyst

Share This Page

Log in or Sign up

Inactive nundated with pop-ups at start up!

tashers Inactive Thread Starter

broni Moderator Malware Analyst

Share This Page

Useful Searches