cannot open links in google or update anti spyware

	Advanced Search

Welcome to Omgili,
Omgili (Oh My God I Love It ;) is a search engine for discussions. With Omgili you can find answers and solutions, debates, discussions, personal experiences, opinions and more... To learn more about Omgili click here.

This is a complete preview of the discussion as it was indexed by Omgili crawlers. Use this preview if the original discussion is unavailable.
Click here to view the original discussion.


	cannot open links in google or update anti spyware The problem i have been having is with my anti spyware software and virus scanners, i cannot update the ones already on my computer or install new ones such as spybot. Also, when i do a search in google and click on a link it open a new browser window with advertisements and i cannot get to the page i want without the copy and paste in to the address bar. I also cannot install hijackthis, i go to install it and it says "do you want to run this file?" and i click yes and nothing happens. I also cannot connect to some websites that are related to anti spyware such as the lavasoft.com and the spybot website. Are there any other options for me?


	Sorry for the delay. Hello and welcome to Cexx. My name is km2357 and I will be helping you to remove any infection(s) that you may have. I will be giving you a series of instructions that need to be followed in the order in which I give them to you. If for any reason you do not understand an instruction or are just unsure then please do not guess, simply post back with your questions/concerns and we will go through it again. Please do not start another thread or topic, I will assist you at this thread until we solve your problems. Lastly the fix may take several attempts and my replies may take some time but I will stick with it if you do the same. If you can't connect to the websites in the instructions below, you can use a USB/Flash drive and a clean computer to transfer ComboFix over to your infected computer. Once ComboFix completes its run, try installing HiJackThis. If sucessful, I would like to see a HiJackThis Log and an Uninstall List in your next post. Instructions will be below the ComboFix instructions. Step # 1 : Download and Run ComboFix Download Combofix from any of the links below. You must rename it before saving it. Save it to your desktop. Link 1 Link 2 Link 3 Double click on Combo-Fix.exe & follow the prompts. When finished, it will produce a report for you. Note: Do not mouseclick combofix's window while it's running. That may cause it to stall To get a HJT log, do the following: Doubleclick HJTInstall.exe to install it. By default it will install to C:\Program Files\Trend Micro\HijackThis . Click on Install . It will create a HijackThis icon on the desktop. Once installed, it will launch Hijackthis . Click on the Do a system scan and save a logfile button. It will scan and the log should open in notepad. Copy/Paste the log to your next reply please. Don't use the Analyse This button, its findings are dangerous if misinterpreted. Don't have Hijackthis fix anything yet. Most of what it finds will be harmless or even required. To access the Uninstall Manager you would do the following: 1. Start HijackThis 2. Click on the Config button 3. Click on the Misc Tools button 4. Click on the Open Uninstall Manager button. 5. Click on the Save list... Button and specify where you would like to save this file. When you press Save button a notepad will open with the contents of that file. Simply copy and paste the contents of that notepad here on your next reply. Please include the Uninstall List , C:\ComboFix.txt and a fresh HiJackThis Log in your next reply so we can continue cleaning the system. Use multiple posts if you can't fit everything into one post.


	I cannot open any of the links you provided me with for combofix. It either says error loading page or when i try and save the link to my desktop through orbit it says there are no mirror sites. I am stumped. should i try safe mode with networking and try and download it then? I forgot to tell you, only firefox is working and no other web browsers.


	I was able to install hijackthis and here is the logfile: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 1:02:16 AM, on 12/21/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\PROGRA~1\INTERV~1\WinDVR\WINSCH~1.EXE C:\Program Files\InterVideo\WinDVR\WinRemote.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\SanDisk\Sansa Updater\SansaDispatch.exe C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\WINDOWS\vsnp2std.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe C:\Program Files\Spyware Doctor\pctsTray.exe C:\Program Files\Microsoft ActiveSync\wcescomm.exe C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\PROGRA~1\MICROS~3\rapimgr.exe C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Orbitdownloader\orbitdm.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\VIA\RAID\raid_tool.exe C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Handspring\HOTSYNC.EXE C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\WINDOWS\system32\lkcitdl.exe C:\WINDOWS\system32\lkads.exe C:\WINDOWS\system32\lktsrv.exe C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe C:\WINDOWS\system32\nisvcloc.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Spyware Doctor\pctsAuxs.exe C:\Program Files\Spyware Doctor\pctsSvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Smith Micro\StuffIt 12.0.1\ArcNameService.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\System32\alg.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\WINDOWS\system32\wbem\wmiprvse.exe R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O1 - Hosts: 66.98.148.65 auto.search.msn.com O1 - Hosts: 66.98.148.65 auto.search.msn.es O2 - BHO: (no name) - {0000CC75-ACF3-4cac-A0A9-DD3868E06852} - (no file) O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [WINSCHEDULER] C:\PROGRA~1\INTERV~1\WinDVR\WINSCH~1.EXE O4 - HKLM\..\Run: [WinRemote] "C:\Program Files\InterVideo\WinDVR\WinRemote.exe" O4 - HKLM\..\Run: [amd_dc_opt] "C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [SansaDispatch] C:\Program Files\SanDisk\Sansa Updater\SansaDispatch.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [basicsmssmenu] "C:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe" O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe" O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKUS\S-1-5-18\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil9e.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil9e.exe (User 'Default user') O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: Dropbox.lnk = C:\Program Files\Dropbox\dropbox.exe O4 - Startup: HotSync Manager.lnk = C:\Program Files\Handspring\HOTSYNC.EXE O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: HP Photosmart Premier Fast Start.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqthb08.exe O4 - Global Startup: Orbit.lnk = C:\Program Files\Orbitdownloader\orbitdm.exe O4 - Global Startup: VIA RAID TOOL.lnk = C:\Program Files\VIA\RAID\raid_tool.exe O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201 O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204 O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203 O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab O16 - DPF: {54BE6B6F-3056-470B-97E1-BB92E051B6C4} - http://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab O16 - DPF: {5F5F9FB8-878E-4455-95E0-F64B2314288A} (ijjiPlugin2 Class) - http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin11USA.cab O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/webplayer/stage6/windows/DivXBrowserPlugin.cab O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{9BEDA07D-61A8-4E28-95D8-D249FFBE17E0}: NameServer = 208.67.222.222,208.255.220.220 O20 - AppInit_DLLs: C:\WINDOWS\system32\wmfhotfix.dll O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL O20 - Winlogon Notify: nnnlmnl - nnnlmnl.dll (file missing) O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Basics Service - Seagate Technology LLC - C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: crd - Unknown owner - C:\DOCUME~1\john\LOCALS~1\Temp\IXP001.TMP\poststp.exe (file missing) O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Lookout Citadel Server (LkCitadelServer) - National Instruments, Inc. - C:\WINDOWS\system32\lkcitdl.exe O23 - Service: National Instruments PSP Server Locator (lkClassAds) - National Instruments, Inc. - C:\WINDOWS\system32\lkads.exe O23 - Service: National Instruments Time Synchronization (lkTimeSync) - National Instruments, Inc. - C:\WINDOWS\system32\lktsrv.exe O23 - Service: National Instruments Domain Service (NIDomainService) - National Instruments, Inc. - C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe O23 - Service: NILM License Manager - Macrovision Corporation - C:\Program Files\National Instruments\Shared\License Manager\Bin\lmgrd.exe O23 - Service: NI Service Locator (niSvcLoc) - National Instruments Corp. - C:\WINDOWS\system32\nisvcloc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe O23 - Service: Stuffit Archive Name Service - Smith Micro Software, Inc. - C:\Program Files\Smith Micro\StuffIt 12.0.1\ArcNameService.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe -- End of file - 12959 bytes hope this helps


	Quote: i cannot open any of the links you provided me with for combofix. It either says error loading page or when i try and save the link to my desktop through orbit it says there are no mirror sites. I am stumped. should i try safe mode with networking and try and download it then? I forgot to tell you, only firefox is working and no other web browsers Let's avoid using Safe Mode with Networking unless we need to. Do you have access to a clean computer and have a USB/Flash Drive? If so, you can download ComboFix (using the links I gave previously) onto a clean computer and transfer it over to your computer to run it. If you are able to get ComboFix that way (remember to rename it like I showed you in the last post), then run it and post back the log in your next post. Did you add the following lines to your Hosts file? Do you recognize them? O1 - Hosts: 66.98.148.65 auto.search.msn.com O1 - Hosts: 66.98.148.65 auto.search.msn.es I also need to see an Uninstall List as well: Step # 1 : Make an uninstall list using HijackThis To access the Uninstall Manager you would do the following: 1. Start HijackThis 2. Click on the Config button 3. Click on the Misc Tools button 4. Click on the Open Uninstall Manager button. 5. Click on the Save list... Button and specify where you would like to save this file. When you press Save button a notepad will open with the contents of that file. Simply copy and paste the contents of that notepad here on your next reply. In your next post/reply, I need to see the following: 1. Answers about the O1 lines. 2. ComboFix Log, if available. 3. Uninstall List 4. A fresh HiJackThis Log


	Here is the uninstall list: Sansa Media Converter Abexo Free Registry Cleaner ACE Mega CoDecS Pack Ad-Aware Adobe Bridge 1.0 Adobe Common File Installer Adobe Flash Player 10 Plugin Adobe Flash Player ActiveX Adobe Help Center 1.0 Adobe Photoshop CS2 Adobe Shockwave Player Adobe Stock Photos 1.0 Apple Mobile Device Support Apple Software Update AsusUpdate AVG Anti-Spyware 7.5 Avira AntiVir Personal - Free Antivirus BitComet 0.70 BitTorrent 4.2.1 BlackBerry Desktop Software 4.3 BlackBerry Desktop Software 4.3 BlackBerry v4.2.1 for the 8100 Series Wireless Handheld Bonjour Civilization III - Play the World v1.21F Civilization III v1.29f ClamWin Free Antivirus 0.91.2 DAEMON Tools Data Lifeguard dBpowerAMP Ogg Vorbis Codec Direct Show Ogg Vorbis Filter (remove only) DivX Content Uploader DivX Web Player Documents To Go Drive Manager Drive Manager DriverGuide Toolkit Dropbox Dual-Core Optimizer Dummy File Creator v1.1 DVD Decrypter (Remove Only) DVD Shrink 3.2 FLV Player 1.3.3 Foxit Reader Freez FLV to AVI/MPEG/WMV Converter Full Tilt Poker Game Elements PC Recoil Pad GameShadow getPlus(R)_ocx GGE909 PC Recoil Pad Google Earth Google Updater Haali Media Splitter HijackThis 2.0.2 HI-TECH C51-lite V9.60PL0 HI-TECH PICC lite V9.60PL0 Hotfix for Windows Media Format 11 SDK (KB929399) Hotfix for Windows Media Player 11 (KB939683) Hotfix for Windows XP (KB909394) Hotfix for Windows XP (KB926239) Hotfix for Windows XP (KB952287) HP Customer Participation Program 7.0 HP Document Viewer 7.0 HP Imaging Device Functions 7.0 HP Photosmart Essential HP Photosmart Premier Software 6.5 HP Photosmart, Officejet and Deskjet 7.0.A HP Software Update HP Solution Center 7.0 ijji Auto Installer ImgBurn InterActual Player InterVideo WinDVR iPod for Windows 2005-10-12 iPodAid iPod to Computer Transfer 6 IrfanView (remove only) IsoBuster 1.8 iTunes iZotope Ozone Free 1.0 for Winamp J2SE Runtime Environment 5.0 Update 10 J2SE Runtime Environment 5.0 Update 11 J2SE Runtime Environment 5.0 Update 4 J2SE Runtime Environment 5.0 Update 6 J2SE Runtime Environment 5.0 Update 8 J2SE Runtime Environment 5.0 Update 9 Java(TM) 6 Update 2 Java(TM) 6 Update 3 Java(TM) 6 Update 5 Java(TM) 6 Update 7 Java(TM) SE Runtime Environment 6 Update 1 JBidwatcher 2 JBidwatcher 2 KeePass Password Safe 1.09 LG ODD Auto Firmware Update LiveReg (Symantec Corporation) LiveUpdate 1.80 (Symantec Corporation) Marvell Miniport Driver Matroska Pack Microsoft .NET Framework 1.1 Microsoft .NET Framework 2.0 Service Pack 1 Microsoft ActiveSync 4.0 Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Office Professional Edition 2003 Microsoft User-Mode Driver Framework Feature Pack 1.0 Microsoft WorldWide Telescope MIKSOFT Mobile Media Converter Mozilla Firefox (3.0.5) MSN MSN Music Assistant MSXML 4.0 SP2 (KB936181) MSXML 4.0 SP2 (KB954430) MSXML 6 Service Pack 2 (KB954459) Music Catalyst GT 1.3.1 National Instruments Software Nero 6 Ultra Edition NI EULA Depot NI MDF Support nLite 1.4.1 Norton WMI Update NVIDIA Drivers OCR Software by I.R.I.S 7.0 oggcodecs 0.69.8924 Orbit Downloader Palm Desktop and Synchronization Software PartyPoker PlayNC Launcher Pocket Movie Master Pocket-DVD Studio(remove only) PokerStars Quickoffice QuickTime Real Alternative 1.43 Realtek AC'97 Audio Rocket Arena 3 1.76 (remove only) Roxio Media Manager SAMSUNG Mobile Modem Driver Set Samsung Mobile phone USB driver Software SAMSUNG Mobile USB Modem 1.0 Software SAMSUNG Mobile USB Modem Software Samsung PC Studio 3 Sansa Updater Security Update for Windows Media Player (KB911564) Security Update for Windows Media Player (KB952069) Security Update for Windows Media Player 10 (KB911565) Security Update for Windows Media Player 10 (KB917734) Security Update for Windows Media Player 11 (KB936782) Security Update for Windows Media Player 11 (KB954154) Security Update for Windows Media Player 6.4 (KB925398) Security Update for Windows XP (KB890046) Security Update for Windows XP (KB893066) Security Update for Windows XP (KB893756) Security Update for Windows XP (KB896358) Security Update for Windows XP (KB896422) Security Update for Windows XP (KB896423) Security Update for Windows XP (KB896424) Security Update for Windows XP (KB896428) Security Update for Windows XP (KB896688) Security Update for Windows XP (KB899587) Security Update for Windows XP (KB899588) Security Update for Windows XP (KB899589) Security Update for Windows XP (KB899591) Security Update for Windows XP (KB900725) Security Update for Windows XP (KB901017) Security Update for Windows XP (KB901214) Security Update for Windows XP (KB902400) Security Update for Windows XP (KB904706) Security Update for Windows XP (KB905414) Security Update for Windows XP (KB905749) Security Update for Windows XP (KB905915) Security Update for Windows XP (KB908519) Security Update for Windows XP (KB908531) Security Update for Windows XP (KB911562) Security Update for Windows XP (KB911567) Security Update for Windows XP (KB911927) Security Update for Windows XP (KB912812) Security Update for Windows XP (KB912919) Security Update for Windows XP (KB913446) Security Update for Windows XP (KB913580) Security Update for Windows XP (KB914388) Security Update for Windows XP (KB914389) Security Update for Windows XP (KB917159) Security Update for Windows XP (KB917344) Security Update for Windows XP (KB917422) Security Update for Windows XP (KB917953) Security Update for Windows XP (KB918118) Security Update for Windows XP (KB918439) Security Update for Windows XP (KB918899) Security Update for Windows XP (KB919007) Security Update for Windows XP (KB920213) Security Update for Windows XP (KB920214) Security Update for Windows XP (KB920670) Security Update for Windows XP (KB920683) Security Update for Windows XP (KB920685) Security Update for Windows XP (KB921398) Security Update for Windows XP (KB921503) Security Update for Windows XP (KB921883) Security Update for Windows XP (KB922616) Security Update for Windows XP (KB922760) Security Update for Windows XP (KB922819) Security Update for Windows XP (KB923191) Security Update for Windows XP (KB923414) Security Update for Windows XP (KB923689) Security Update for Windows XP (KB923694) Security Update for Windows XP (KB923980) Security Update for Windows XP (KB924191) Security Update for Windows XP (KB924270) Security Update for Windows XP (KB924496) Security Update for Windows XP (KB924667) Security Update for Windows XP (KB925454) Security Update for Windows XP (KB925486) Security Update for Windows XP (KB925902) Security Update for Windows XP (KB926255) Security Update for Windows XP (KB926436) Security Update for Windows XP (KB927779) Security Update for Windows XP (KB927802) Security Update for Windows XP (KB928090) Security Update for Windows XP (KB928255) Security Update for Windows XP (KB928843) Security Update for Windows XP (KB929123) Security Update for Windows XP (KB929969) Security Update for Windows XP (KB930178) Security Update for Windows XP (KB931261) Security Update for Windows XP (KB931768) Security Update for Windows XP (KB931784) Security Update for Windows XP (KB932168) Security Update for Windows XP (KB933566) Security Update for Windows XP (KB933729) Security Update for Windows XP (KB935839) Security Update for Windows XP (KB935840) Security Update for Windows XP (KB936021) Security Update for Windows XP (KB937143) Security Update for Windows XP (KB937894) Security Update for Windows XP (KB938127) Security Update for Windows XP (KB938464) Security Update for Windows XP (KB938829) Security Update for Windows XP (KB939653) Security Update for Windows XP (KB941202) Security Update for Windows XP (KB941568) Security Update for Windows XP (KB941569) Security Update for Windows XP (KB941644) Security Update for Windows XP (KB941693) Security Update for Windows XP (KB942615) Security Update for Windows XP (KB943055) Security Update for Windows XP (KB943460) Security Update for Windows XP (KB943485) Security Update for Windows XP (KB944338) Security Update for Windows XP (KB944533) Security Update for Windows XP (KB944653) Security Update for Windows XP (KB945553) Security Update for Windows XP (KB946026) Security Update for Windows XP (KB946648) Security Update for Windows XP (KB947864) Security Update for Windows XP (KB948590) Security Update for Windows XP (KB948881) Security Update for Windows XP (KB950749) Security Update for Windows XP (KB950759) Security Update for Windows XP (KB950760) Security Update for Windows XP (KB950762) Security Update for Windows XP (KB950974) Security Update for Windows XP (KB951066) Security Update for Windows XP (KB951376) Security Update for Windows XP (KB951376-v2) Security Update for Windows XP (KB951698) Security Update for Windows XP (KB951748) Security Update for Windows XP (KB952954) Security Update for Windows XP (KB953838) Security Update for Windows XP (KB953839) Security Update for Windows XP (KB954211) Security Update for Windows XP (KB954600) Security Update for Windows XP (KB955069) Security Update for Windows XP (KB956390) Security Update for Windows XP (KB956391) Security Update for Windows XP (KB956802) Security Update for Windows XP (KB956803) Security Update for Windows XP (KB956841) Security Update for Windows XP (KB957095) Security Update for Windows XP (KB957097) Security Update for Windows XP (KB958215) Security Update for Windows XP (KB958644) Security Update for Windows XP (KB960714) ShutxDown Sportsbook.com Poker Spyware Doctor 6.0 StuffIt 12 SUPERAntiSpyware Free Edition TMPGEnc 3.0 XPress TMPGEnc DVD Author 1.5 TMPGEnc DVD Source Creator 2.0 TMPGEnc Plus 2.5 TMPGEnc Sound Player TurboTax Deluxe 2005 TurboTax Deluxe Deduction Maximizer 2006 TurboTax ItsDeductible 2005 TurboTax ItsDeductible 2006 TypingMaster Pro UltraISO V7.62 ME Update for Windows XP (KB894391) Update for Windows XP (KB896727) Update for Windows XP (KB898461) Update for Windows XP (KB900485) Update for Windows XP (KB910437) Update for Windows XP (KB911280) Update for Windows XP (KB916595) Update for Windows XP (KB920872) Update for Windows XP (KB922582) Update for Windows XP (KB927891) Update for Windows XP (KB929338) Update for Windows XP (KB930916) Update for Windows XP (KB931836) Update for Windows XP (KB933360) Update for Windows XP (KB938828) Update for Windows XP (KB942763) Update for Windows XP (KB942840) Update for Windows XP (KB946627) Update for Windows XP (KB951072-v2) Update for Windows XP (KB955839) USB Driver USB2.0 PC Camera (SN9C201&202) VIA Integrated Setup Wizard Virtual Cable Tester WexTech AnswerWorks Winamp Windows Driver Package - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0) Windows Installer 3.1 (KB893803) Windows Media Format 11 runtime Windows Media Format 11 runtime Windows Media Player 10 Hotfix - KB894476 Windows Media Player 11 Windows Media Player 11 Windows WMF Metafile Vulnerability HotFix 1.2 Windows XP Hotfix - KB873333 Windows XP Hotfix - KB873339 Windows XP Hotfix - KB885250 Windows XP Hotfix - KB885835 Windows XP Hotfix - KB885836 Windows XP Hotfix - KB886185 Windows XP Hotfix - KB887472 Windows XP Hotfix - KB887742 Windows XP Hotfix - KB888113 Windows XP Hotfix - KB888302 Windows XP Hotfix - KB890859 Windows XP Hotfix - KB891781 Windows XP Hotfix - KB893086 WinRAR archiver World of Warcraft XP Codec Pack here is the hijackthis log: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 3:20:24 PM, on 12/21/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\PROGRA~1\INTERV~1\WinDVR\WINSCH~1.EXE C:\Program Files\InterVideo\WinDVR\WinRemote.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\SanDisk\Sansa Updater\SansaDispatch.exe C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\WINDOWS\vsnp2std.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe C:\Program Files\Spyware Doctor\pctsTray.exe C:\Program Files\Microsoft ActiveSync\wcescomm.exe C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\PROGRA~1\MICROS~3\rapimgr.exe C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Orbitdownloader\orbitdm.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\VIA\RAID\raid_tool.exe C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Handspring\HOTSYNC.EXE C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\WINDOWS\system32\lkcitdl.exe C:\WINDOWS\system32\lkads.exe C:\WINDOWS\system32\lktsrv.exe C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe C:\WINDOWS\system32\nisvcloc.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Spyware Doctor\pctsAuxs.exe C:\Program Files\Spyware Doctor\pctsSvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Smith Micro\StuffIt 12.0.1\ArcNameService.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\System32\alg.exe C:\Program Files\BitComet\BitComet.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\WINDOWS\system32\notepad.exe C:\WINDOWS\system32\wbem\wmiprvse.exe R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O1 - Hosts: 66.98.148.65 auto.search.msn.com O1 - Hosts: 66.98.148.65 auto.search.msn.es O2 - BHO: (no name) - {0000CC75-ACF3-4cac-A0A9-DD3868E06852} - (no file) O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [WINSCHEDULER] C:\PROGRA~1\INTERV~1\WinDVR\WINSCH~1.EXE O4 - HKLM\..\Run: [WinRemote] "C:\Program Files\InterVideo\WinDVR\WinRemote.exe" O4 - HKLM\..\Run: [amd_dc_opt] "C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [SansaDispatch] C:\Program Files\SanDisk\Sansa Updater\SansaDispatch.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [basicsmssmenu] "C:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe" O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe" O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKUS\S-1-5-18\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil9e.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil9e.exe (User 'Default user') O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: Dropbox.lnk = C:\Program Files\Dropbox\dropbox.exe O4 - Startup: HotSync Manager.lnk = C:\Program Files\Handspring\HOTSYNC.EXE O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: HP Photosmart Premier Fast Start.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqthb08.exe O4 - Global Startup: Orbit.lnk = C:\Program Files\Orbitdownloader\orbitdm.exe O4 - Global Startup: VIA RAID TOOL.lnk = C:\Program Files\VIA\RAID\raid_tool.exe O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201 O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204 O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203 O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab O16 - DPF: {54BE6B6F-3056-470B-97E1-BB92E051B6C4} - http://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab O16 - DPF: {5F5F9FB8-878E-4455-95E0-F64B2314288A} (ijjiPlugin2 Class) - http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin11USA.cab O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/webplayer/stage6/windows/DivXBrowserPlugin.cab O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{9BEDA07D-61A8-4E28-95D8-D249FFBE17E0}: NameServer = 208.67.222.222,208.255.220.220 O20 - AppInit_DLLs: C:\WINDOWS\system32\wmfhotfix.dll O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL O20 - Winlogon Notify: nnnlmnl - nnnlmnl.dll (file missing) O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Basics Service - Seagate Technology LLC - C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: crd - Unknown owner - C:\DOCUME~1\john\LOCALS~1\Temp\IXP001.TMP\poststp.exe (file missing) O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Lookout Citadel Server (LkCitadelServer) - National Instruments, Inc. - C:\WINDOWS\system32\lkcitdl.exe O23 - Service: National Instruments PSP Server Locator (lkClassAds) - National Instruments, Inc. - C:\WINDOWS\system32\lkads.exe O23 - Service: National Instruments Time Synchronization (lkTimeSync) - National Instruments, Inc. - C:\WINDOWS\system32\lktsrv.exe O23 - Service: National Instruments Domain Service (NIDomainService) - National Instruments, Inc. - C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe O23 - Service: NILM License Manager - Macrovision Corporation - C:\Program Files\National Instruments\Shared\License Manager\Bin\lmgrd.exe O23 - Service: NI Service Locator (niSvcLoc) - National Instruments Corp. - C:\WINDOWS\system32\nisvcloc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe O23 - Service: Stuffit Archive Name Service - Smith Micro Software, Inc. - C:\Program Files\Smith Micro\StuffIt 12.0.1\ArcNameService.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe -- End of file - 13078 bytes i still cannot get combofix to install. Will try again soon.


	Oh yeah, i do not know what the O1 codes are.


	Quote: i still cannot get combofix to install. Will try again soon It sounds like you were able to download it from another computer and transfer it successfully to your computer. Did you rename ComboFix.exe as instructed in Reply #1 of this thread? If not, try that and see if ComboFix will run. If it does, post its log back here in your next post. Besides running ComboFix, I'd also like for you to do the following: Remove one of your Anti Virus programs. You are operating your computer with multiple Anti Virus programs running in memory at once: Avira AntiVir Personal - Free Antivirus ClamWin Free Antivirus 0.91.2 Anti-virus programs take up an enormous amount of your computer's resources when they are actively scanning your computer. Having two anti-virus programs running at the same time can cause your computer to run very slow, become unstable and even, in rare cases, crash. Please remove one of them. IMPORTANT I notice there are signs of one or more P2P (Person to Person) File Sharing Programs on your computer. BitComet 0.70 BitTorrent 4.2.1 I'd like you to read the Guidelines for P2P Programs where we explain why it's not a good idea to have them. Also available here . My recommendation is you go to Control Panel > Add/Remove Programs and uninstall the programs listed above (in red). Remove Poker programs From your log I can see you've installed poker programs. A lot of poker programs are infected/can infect you with malware. I would advise you to go to Add/Remove programs and uninstall the following poker program(s): Full Tilt Poker PartyPoker Sportsbook.com Poker Here are links to some poker sites regarded as safe for your reference. 1. Http://www.pokerstars.net/ - This is a free to use/play site with play money. 2. Http://www.pokerstars.com/ - This is a free to use/play site with play money and real money. In your next post/reply, I need to see the following: 1. ComboFix Log 2. A fresh HiJackThis Log


	I have been using the poker programs for years and never had a problem. Right now one of the webpages i cannot view is the guidlines for peer to peer programs. Let's fix the problem and then i will look at the guidelines. Still cannot download combofix. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 10:17:12 PM, on 12/22/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\PROGRA~1\INTERV~1\WinDVR\WINSCH~1.EXE C:\Program Files\InterVideo\WinDVR\WinRemote.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\SanDisk\Sansa Updater\SansaDispatch.exe C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\WINDOWS\vsnp2std.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe C:\Program Files\Spyware Doctor\pctsTray.exe C:\Program Files\Microsoft ActiveSync\wcescomm.exe C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\PROGRA~1\MICROS~3\rapimgr.exe C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Orbitdownloader\orbitdm.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\VIA\RAID\raid_tool.exe C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Handspring\HOTSYNC.EXE C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\WINDOWS\system32\lkcitdl.exe C:\WINDOWS\system32\lkads.exe C:\WINDOWS\system32\lktsrv.exe C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe C:\WINDOWS\system32\nisvcloc.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Spyware Doctor\pctsAuxs.exe C:\Program Files\Spyware Doctor\pctsSvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Smith Micro\StuffIt 12.0.1\ArcNameService.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\System32\alg.exe C:\Program Files\BitComet\BitComet.exe C:\Program Files\Orbitdownloader\orbitnet.exe C:\Program Files\Java\jre1.6.0_07\bin\jucheck.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\WINDOWS\system32\wbem\wmiprvse.exe R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O1 - Hosts: 66.98.148.65 auto.search.msn.com O1 - Hosts: 66.98.148.65 auto.search.msn.es O2 - BHO: (no name) - {0000CC75-ACF3-4cac-A0A9-DD3868E06852} - (no file) O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [WINSCHEDULER] C:\PROGRA~1\INTERV~1\WinDVR\WINSCH~1.EXE O4 - HKLM\..\Run: [WinRemote] "C:\Program Files\InterVideo\WinDVR\WinRemote.exe" O4 - HKLM\..\Run: [amd_dc_opt] "C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [SansaDispatch] C:\Program Files\SanDisk\Sansa Updater\SansaDispatch.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [basicsmssmenu] "C:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe" O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe" O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKUS\S-1-5-18\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil9e.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil9e.exe (User 'Default user') O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: Dropbox.lnk = C:\Program Files\Dropbox\dropbox.exe O4 - Startup: HotSync Manager.lnk = C:\Program Files\Handspring\HOTSYNC.EXE O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: HP Photosmart Premier Fast Start.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqthb08.exe O4 - Global Startup: Orbit.lnk = C:\Program Files\Orbitdownloader\orbitdm.exe O4 - Global Startup: VIA RAID TOOL.lnk = C:\Program Files\VIA\RAID\raid_tool.exe O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201 O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204 O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203 O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab O16 - DPF: {54BE6B6F-3056-470B-97E1-BB92E051B6C4} - http://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab O16 - DPF: {5F5F9FB8-878E-4455-95E0-F64B2314288A} (ijjiPlugin2 Class) - http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin11USA.cab O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/webplayer/stage6/windows/DivXBrowserPlugin.cab O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{9BEDA07D-61A8-4E28-95D8-D249FFBE17E0}: NameServer = 208.67.222.222,208.255.220.220 O20 - AppInit_DLLs: C:\WINDOWS\system32\wmfhotfix.dll O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL O20 - Winlogon Notify: nnnlmnl - nnnlmnl.dll (file missing) O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Basics Service - Seagate Technology LLC - C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: crd - Unknown owner - C:\DOCUME~1\john\LOCALS~1\Temp\IXP001.TMP\poststp.exe (file missing) O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Lookout Citadel Server (LkCitadelServer) - National Instruments, Inc. - C:\WINDOWS\system32\lkcitdl.exe O23 - Service: National Instruments PSP Server Locator (lkClassAds) - National Instruments, Inc. - C:\WINDOWS\system32\lkads.exe O23 - Service: National Instruments Time Synchronization (lkTimeSync) - National Instruments, Inc. - C:\WINDOWS\system32\lktsrv.exe O23 - Service: National Instruments Domain Service (NIDomainService) - National Instruments, Inc. - C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe O23 - Service: NILM License Manager - Macrovision Corporation - C:\Program Files\National Instruments\Shared\License Manager\Bin\lmgrd.exe O23 - Service: NI Service Locator (niSvcLoc) - National Instruments Corp. - C:\WINDOWS\system32\nisvcloc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe O23 - Service: Stuffit Archive Name Service - Smith Micro Software, Inc. - C:\Program Files\Smith Micro\StuffIt 12.0.1\ArcNameService.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe -- End of file - 13177 bytes


	Quote: still cannot download combofix. Do you have access to a clean computer and have a USB/Flash Drive available? If so, then download ComboFix (remember to rename it to Combo-Fix.exe before saving it) to the clean computer's Desktop. Then put the file onto the USB drive and transfer it onto your infected computer's Desktop then run it and post back the log in your next reply, if successful. It sounds like the malware infection(s) you have are blocking you from downloading ComboFix onto your computer. The only way for now to get ComboFix onto your computer is by using a clean computer and a flash drive.


	Here is the combofix log: Start Time= Wed 12/24/2008 16:06:36.46 QuickScan did not find any signs of infected files Find3M Report 2008-12-21 01:02:06 ( .D... ) "C:\Program Files\Trend Micro" 2008-12-20 14:26:50 ( .D... ) "C:\Program Files\Spyware Cease" 2008-12-19 12:49:08 ( .D... ) "C:\Program Files\Trojan Killer" 2008-12-18 15:58:02 23804784 ( A.... ) "C:\aaw2008.exe" 2008-12-18 15:44:22 15083520 ( A.... ) "C:\spybotsd160.exe" 2008-12-18 15:41:42 2539400 ( A.... ) "C:\mbam-setup.exe" 2008-12-18 14:04:42 ( .D... ) "C:\Documents and Settings\john\Application Data\GrabPro" 2008-12-16 14:19:46 ( .D... ) "C:\Program Files\Spyware Doctor" 2008-12-16 14:19:46 ( .D... ) "C:\Documents and Settings\john\Application Data\PC Tools" 2008-12-12 09:33:24 3060224 ( A.... ) "C:\WINDOWS\system32\mshtml.dll" 2008-12-09 15:24:38 17593280 ( A.... ) "C:\WINDOWS\system32\MRT.exe" 2008-12-04 23:40:02 ( .D... ) "C:\Program Files\InterActual" 2008-12-03 13:03:20 ( .D... ) "C:\Program Files\Smith Micro" 2008-11-02 16:24:56 ( .D... ) "C:\Program Files\Seagate" 2008-10-29 09:37:44 401927 ( A.... ) "C:\WINDOWS\system32\mioengine.exe" 2008-10-28 23:40:00 ( .D.H. ) "C:\Program Files\InstallJammer Registry" 2008-10-28 23:40:00 ( .D... ) "C:\Program Files\ShutxDown" 2008-10-23 05:01:36 283648 ( A.... ) "C:\WINDOWS\system32\gdi32.dll" 2008-10-22 01:47:08 62976 ( ) "C:\WINDOWS\system32\tzchange.exe" 2008-10-16 14:13:40 1809944 ( A.... ) "C:\WINDOWS\system32\wuaueng.dll" 2008-10-16 14:13:40 202776 ( A.... ) "C:\WINDOWS\system32\wuweb.dll" 2008-10-16 14:12:22 323608 ( A.... ) "C:\WINDOWS\system32\wucltui.dll" 2008-10-16 14:12:20 561688 ( A.... ) "C:\WINDOWS\system32\wuapi.dll" 2008-10-16 14:09:44 92696 ( A.... ) "C:\WINDOWS\system32\cdm.dll" 2008-10-16 14:09:44 51224 ( A.... ) "C:\WINDOWS\system32\wuauclt.exe" 2008-10-16 14:09:44 43544 ( A.... ) "C:\WINDOWS\system32\wups2.dll" 2008-10-16 14:08:58 34328 ( A.... ) "C:\WINDOWS\system32\wups.dll" 2008-10-16 02:37:04 1494528 ( A.... ) "C:\WINDOWS\system32\shdocvw.dll" 2008-10-16 02:37:04 1023488 ( A.... ) "C:\WINDOWS\system32\browseui.dll" 2008-10-16 02:37:04 659456 ( A.... ) "C:\WINDOWS\system32\wininet.dll" 2008-10-16 02:37:04 615936 ( A.... ) "C:\WINDOWS\system32\urlmon.dll" 2008-10-16 02:37:04 474112 ( A.... ) "C:\WINDOWS\system32\shlwapi.dll" 2008-10-16 02:37:04 449024 ( A.... ) "C:\WINDOWS\system32\mshtmled.dll" 2008-10-16 02:37:04 16384 ( A.... ) "C:\WINDOWS\system32\jsproxy.dll" 2008-10-16 02:37:02 1054208 ( A.... ) "C:\WINDOWS\system32\danim.dll" 2008-10-16 02:37:02 532480 ( A.... ) "C:\WINDOWS\system32\mstime.dll" 2008-10-16 02:37:02 357888 ( A.... ) "C:\WINDOWS\system32\dxtmsft.dll" 2008-10-16 02:37:02 251392 ( A.... ) "C:\WINDOWS\system32\iepeers.dll" 2008-10-16 02:37:02 205312 ( A.... ) "C:\WINDOWS\system32\dxtrans.dll" 2008-10-16 02:37:02 151040 ( A.... ) "C:\WINDOWS\system32\cdfview.dll" 2008-10-16 02:37:02 146432 ( A.... ) "C:\WINDOWS\system32\msrating.dll" 2008-10-16 02:37:02 96256 ( A.... ) "C:\WINDOWS\system32\inseng.dll" 2008-10-16 02:37:02 55808 ( A.... ) "C:\WINDOWS\system32\extmgr.dll" 2008-10-16 02:37:02 39424 ( A.... ) "C:\WINDOWS\system32\pngfilt.dll" 2008-10-15 08:57:56 332800 ( A.... ) "C:\WINDOWS\system32\netapi32.dll" 2008-10-15 06:00:42 351744 ( A.... ) "C:\WINDOWS\system32\xpsp3res.dll" 2008-10-03 02:15:48 247326 ( A.... ) "C:\WINDOWS\system32\strmdll.dll" 2008-09-30 16:43:34 1286152 ( A.... ) "C:\WINDOWS\system32\msxml4.dll" 2008-09-25 20:11:30 571 ( A.... ) "C:\Documents and Settings\john\Application Data\transfer.log" Reg Loading Points Note empty entries are not shown [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run] "SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.6.0_07\\bin\\jusched.exe\"" "NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe" "WINSCHEDULER"="C:\\PROGRA~1\\INTERV~1\\WinDVR\\WINSCH~1.EXE" "WinRemote"="\"C:\\Program Files\\InterVideo\\WinDVR\\WinRemote.exe\"" "amd_dc_opt"="\"C:\\Program Files\\AMD\\Dual-Core Optimizer\\amd_dc_opt.exe\"" "NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup" "nwiz"="nwiz.exe /install" "NvMediaCenter"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvMcTray.dll,NvTaskbarInit" "SansaDispatch"="C:\\Program Files\\SanDisk\\Sansa Updater\\SansaDispatch.exe" "avgnt"="\"C:\\Program Files\\AntiVir PersonalEdition Classic\\avgnt.exe\" /min" "SoundMan"="SOUNDMAN.EXE" @="" "RoxWatchTray"="\"C:\\Program Files\\Common Files\\Roxio Shared\\9.0\\SharedCOM\\RoxWatchTray9.exe\"" "!AVG Anti-Spyware"="\"C:\\Program Files\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized" "HP Software Update"="C:\\Program Files\\HP\\HP Software Update\\HPWuSchd2.exe" "snp2std"="C:\\WINDOWS\\vsnp2std.exe" "iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\"" "basicsmssmenu"="\"C:\\Program Files\\Seagate\\Basics\\Basics Status\\MaxMenuMgrBasics.exe\"" "ISTray"="\"C:\\Program Files\\Spyware Doctor\\pctsTray.exe\"" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run] "MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background" "H/PC Connection Agent"="\"C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe\"" "SUPERAntiSpyware"="C:\\Program Files\\SUPERAntiSpyware\\SUPERAntiSpyware.exe" "swg"="C:\\Program Files\\Google\\GoogleToolbarNotifier\\GoogleToolbarNotifier.exe" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system] "DisableRegistryTools"=dword: [HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce] "FlashPlayerUpdate"="C:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil9e.exe" [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword: 91 [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\runonce] "FlashPlayerUpdate"="C:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil9e.exe" [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword: 91 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader" "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"="" "{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5" "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"="" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^ WinCinema Manager.lnk] "backup"="C:\\WINDOWS\\pss\\ WinCinema Manager.lnkCommon Startup" "location"="Common Startup" "command"="C:\\PROGRA~1\\SanDisk\\Common\\Bin\\WINCIN~1.EXE " "item"=" WinCinema Manager" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^InterVideo WinCinema Manager.lnk] "backup"="C:\\WINDOWS\\pss\\InterVideo WinCinema Manager.lnkCommon Startup" "location"="Common Startup" "command"="C:\\PROGRA~1\\INTERV~1\\Common\\Bin\\WINCIN~1.EXE " "item"="InterVideo WinCinema Manager" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "CiSvc"=dword: 3 "helpsvc"=dword: 2 "FastUserSwitchingCompatibility"=dword: 3 "ERSvc"=dword: 2 "wuauserv"=dword: 2 Contents of the 'Scheduled Tasks' folder C:\WINDOWS\tasks\AppleSoftwareUpdate.job C:\WINDOWS\tasks\Symantec NetDetect.job Completion time: Wed 12/24/2008 16:07:42.56 ComboFix ver 06.06.17 - This logfile is located at C:\ComboFix.txt here is the hijackthis log: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 4:14:56 PM, on 12/24/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\PROGRA~1\INTERV~1\WinDVR\WINSCH~1.EXE C:\Program Files\InterVideo\WinDVR\WinRemote.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\SanDisk\Sansa Updater\SansaDispatch.exe C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\WINDOWS\vsnp2std.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe C:\Program Files\Spyware Doctor\pctsTray.exe C:\Program Files\Microsoft ActiveSync\wcescomm.exe C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\PROGRA~1\MICROS~3\rapimgr.exe C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Orbitdownloader\orbitdm.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\VIA\RAID\raid_tool.exe C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Handspring\HOTSYNC.EXE C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\WINDOWS\system32\lkcitdl.exe C:\WINDOWS\system32\lkads.exe C:\WINDOWS\system32\lktsrv.exe C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe C:\WINDOWS\system32\nisvcloc.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Spyware Doctor\pctsAuxs.exe C:\Program Files\Spyware Doctor\pctsSvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Smith Micro\StuffIt 12.0.1\ArcNameService.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\System32\alg.exe C:\Program Files\Orbitdownloader\orbitnet.exe C:\Program Files\Java\jre1.6.0_07\bin\jucheck.exe C:\Program Files\BitComet\BitComet.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\WINDOWS\system32\wbem\wmiprvse.exe R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O1 - Hosts: 66.98.148.65 auto.search.msn.com O1 - Hosts: 66.98.148.65 auto.search.msn.es O2 - BHO: (no name) - {0000CC75-ACF3-4cac-A0A9-DD3868E06852} - (no file) O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [WINSCHEDULER] C:\PROGRA~1\INTERV~1\WinDVR\WINSCH~1.EXE O4 - HKLM\..\Run: [WinRemote] "C:\Program Files\InterVideo\WinDVR\WinRemote.exe" O4 - HKLM\..\Run: [amd_dc_opt] "C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [SansaDispatch] C:\Program Files\SanDisk\Sansa Updater\SansaDispatch.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [basicsmssmenu] "C:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe" O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe" O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKUS\S-1-5-18\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil9e.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil9e.exe (User 'Default user') O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: Dropbox.lnk = C:\Program Files\Dropbox\dropbox.exe O4 - Startup: HotSync Manager.lnk = C:\Program Files\Handspring\HOTSYNC.EXE O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: HP Photosmart Premier Fast Start.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqthb08.exe O4 - Global Startup: Orbit.lnk = C:\Program Files\Orbitdownloader\orbitdm.exe O4 - Global Startup: VIA RAID TOOL.lnk = C:\Program Files\VIA\RAID\raid_tool.exe O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201 O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204 O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203 O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab O16 - DPF: {54BE6B6F-3056-470B-97E1-BB92E051B6C4} - http://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab O16 - DPF: {5F5F9FB8-878E-4455-95E0-F64B2314288A} (ijjiPlugin2 Class) - http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin11USA.cab O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/webplayer/stage6/windows/DivXBrowserPlugin.cab O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{9BEDA07D-61A8-4E28-95D8-D249FFBE17E0}: NameServer = 208.67.222.222,208.255.220.220 O20 - AppInit_DLLs: C:\WINDOWS\system32\wmfhotfix.dll O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL O20 - Winlogon Notify: nnnlmnl - nnnlmnl.dll (file missing) O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Basics Service - Seagate Technology LLC - C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: crd - Unknown owner - C:\DOCUME~1\john\LOCALS~1\Temp\IXP001.TMP\poststp.exe (file missing) O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Lookout Citadel Server (LkCitadelServer) - National Instruments, Inc. - C:\WINDOWS\system32\lkcitdl.exe O23 - Service: National Instruments PSP Server Locator (lkClassAds) - National Instruments, Inc. - C:\WINDOWS\system32\lkads.exe O23 - Service: National Instruments Time Synchronization (lkTimeSync) - National Instruments, Inc. - C:\WINDOWS\system32\lktsrv.exe O23 - Service: National Instruments Domain Service (NIDomainService) - National Instruments, Inc. - C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe O23 - Service: NILM License Manager - Macrovision Corporation - C:\Program Files\National Instruments\Shared\License Manager\Bin\lmgrd.exe O23 - Service: NI Service Locator (niSvcLoc) - National Instruments Corp. - C:\WINDOWS\system32\nisvcloc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe O23 - Service: Stuffit Archive Name Service - Smith Micro Software, Inc. - C:\Program Files\Smith Micro\StuffIt 12.0.1\ArcNameService.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe -- End of file - 13213 bytes


	Sorry for the long delay. Where did you download ComboFix? The version you used is very old. Please only download ComboFix from the links I provide. I'd like for you to delete ComboFix from your computer and then download the newest version from one of the links below: Link 1 Link 2 Link 3 Then run ComboFix and post the new ComboFix Log and a fresh HiJackThis Log in your next post/reply. Thanks.

Discussion Title: cannot open links in google or update anti spyware
Title Keywords: cannot open links google update anti spyware

Omgili Home

About

FAQ

Plugins

Usenet