Solve : Virus has disabled all my protection programs?

1.	Solve : Virus has disabled all my protection programs?
Answer» Click START then RUN Now type Combo-Fix in the runbox Make sure there's a space between Combo-Fix and /u Then hit Enter. . That should uninstall ComboFix. Now restart the computer and install it again. Be sure to rename it during the install using the instructions from HERE. If that does or doesn't work try running Malwarebytes also. Malwarebytes' Anti-Malware 1.38 Database version: 2384 Windows 5.1.2600 Service PACK 2 07/07/2009 12:13:56 AM mbam-log-2009-07-07 (00-13-56).txt Scan type: Full Scan (C:\\|F:\\|L:\\|Z:\\|) Objects scanned: 248359 Time elapsed: 1 hour(s), 27 minute(s), 23 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) ----- Windows can't find "Combo-Fix". Another way to uninstall?Go to C:\Combo-Fix and delet ethe entire folder. Also delete the Qoobox folder. Download DDS from \|HERE\| or \|HERE\| or \|HERE\| and save it to your desktop. Vista users right click on dds and select Run as administrator (you will receive a UAC prompt, please allow it) * XP users Double click on dds to run it. * If your antivirus or firewall try to block DDS then please allow it to run. * When finished DDS will open two (2) logs. 1) DDS.txt 2) Attach.txt * Save both logs to your desktop. * Please copy and paste the entire contents of both logs in your next reply. Note: DDS will instruct you to post the Attach.txt log as an attachment. Please just post it as you would any other log by copy and pasting it into the reply. ------- DDS (Ver_09-06-26.01) - NTFSx86 Run by justin at 16:52:04.15 on 07/07/2009 Internet Explorer: 6.0.2900.2180 BrowserJavaVersion: 1.6.0_13 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.991.311 [GMT -7:00] ============== Running Processes =============== C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup svchost.exe svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe svchost.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\Mediafour\iPod\M4iPodWPDService.exe C:\Program Files\Network Associates\VirusScan\Mcshield.exe C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe C:\WINDOWS\system32\IoctlSvc.exe C:\Program Files\Sprint\Sierra Wireless\Sprint PCS CONNECTION Manager\SPCSUtilityService.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe C:\WINDOWS\System32\svchost.exe -k imgsvc C:\Program Files\Airlink101\AWLH4030\WLService.exe C:\Program Files\Airlink101\AWLH4030\WLanCfgAG.exe C:\Program Files\Viewpoint\Common\ViewpointService.exe C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE C:\Program Files\VIA\RAID\raid_tool.exe C:\WINDOWS\system32\VTTimer.exe C:\WINDOWS\system32\VTtrayp.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\Logi_MwX.Exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\WINDOWS\system32\hphmon04.exe C:\Program Files\Mediafour\XPlay 3\XPlay.exe C:\Program Files\Unlocker\UnlockerAssistant.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe C:\Program Files\Hewlett-Packard\AiO\hp officejet g series\Bin\hpoavn07.exe C:\Program Files\Launchy\Launchy.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE C:\Program Files\VirtuaWin\VirtuaWin.exe C:\PROGRA~1\HEWLET~1\AiO\Shared\Bin\hpoevm07.exe C:\WINDOWS\system32\hpoipm07.exe C:\Program Files\VirtuaWin\modules\WinList.exe C:\Program Files\Hewlett-Packard\AiO\Shared\bin\hpOSTS07.exe C:\Program Files\Hewlett-Packard\AiO\Shared\bin\hpOFXM07.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Sprint\Sierra Wireless\Sprint PCS Connection Manager\SPCSCM.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\justin\Desktop\dds.com ============== Pseudo HJT Report =============== uStart Page = hxxp://my.yahoo.com/index.html BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Mediafour XPlay Explorer notifications: {4907c0ad-874d-44d9-b13e-7b0a4d8b9d3e} - c:\program files\mediafour\xplay 3\XPBHO.DLL BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~2\office12\GRA8E1~1.DLL BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: Google Gears Helper: {e0fefe40-fbf9-42ae-ba58-794ca7e3fb53} - c:\program files\google\google gears\internet explorer\0.5.23.0\gears.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [Google Update] "c:\documents and settings\justin\local settings\application data\google\update\GoogleUpdate.exe" /c mRun: [ShStatEXE] "c:\program files\network associates\virusscan\SHSTAT.EXE" /STANDALONE mRun: [McAfeeUpdaterUI] "c:\program files\network associates\common framework\UpdaterUI.exe" /StartedFromRunKey mRun: [RaidTool] c:\program files\via\raid\raid_tool.exe mRun: [VTTimer] VTTimer.exe mRun: [VTTrayp] VTtrayp.exe mRun: [SoundMan] SOUNDMAN.EXE mRun: [Logitech Utility] Logi_MwX.Exe mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe" mRun: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE mRun: [HPDJ Taskbar Utility] c:\windows\system32\spool\drivers\w32x86\3\hpztsb07.exe mRun: [HPHmon04] c:\windows\system32\hphmon04.exe mRun: [{914C5BF8-EEDD-4F3A-A8BE-34EE71CF1B29}] "c:\program files\mediafour\xplay 3\XPlay.exe" mRun: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd mRun: [NeroFilterCheck] c:\program files\common files\nero\lib\NeroCheck.exe mRun: [NBKeyScan] "c:\program files\nero\nero8\nero backitup\NBKeyScan.exe" mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [UnlockerAssistant] "c:\program files\unlocker\UnlockerAssistant.exe" mRun: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpaiod~1.lnk - c:\program files\hewlett-packard\aio\hp officejet g series\bin\hpoavn07.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\launchy.lnk - c:\program files\launchy\Launchy.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\logite~1.lnk - c:\program files\logitech\setpoint\SetPoint.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\virtua~1.lnk - c:\program files\virtuawin\VirtuaWin.exe IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000 IE: {F4430FE8-2638-42e5-B849-800749B94EED} - c:\program files\partygaming.net\partypokernet\RunPF.exe IE: {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - {0B4350D1-055F-47A3-B112-5F2F2B0D6F08} - c:\program files\google\google gears\internet explorer\0.5.23.0\gears.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL Trusted Zone: turbotax.com DPF: {00000055-9980-0010-8000-00AA00389B71} - hxxp://codecs.microsoft.com/codecs/i386/fhg.CAB DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204 DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab TCP: {A315D4DD-5828-447F-BB9F-2F1F4CFD6E9C} = 68.28.50.91 68.28.58.92 Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - c:\program files\hp\hpcoretech\comp\hpuiprot.dll Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~2\office12\GRA8E1~1.DLL ================= FIREFOX =================== FF - ProfilePath - c:\docume~1\justin\applic~1\mozilla\firefox\profiles\2iky4cir.default\ FF - prefs.js: browser.startup.homepage - hxxp://my.yahoo.com/\|https://mail.google.com/mail/?nsr=0&zx=1x6pno7em8jhx&shva=1#inbox/11d75484357f61b2 FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?ei=UTF-8&fr=chrff-brandt_off&type=000123X001US&p= FF - component: c:\documents and settings\justin\application data\mozilla\firefox\profiles\2iky4cir.default\extensions\{62760fd6-b943-48c9-ab09-f99c6fe96088}\platform\winnt\components\EbayAccessService.dll FF - component: c:\documents and settings\justin\application data\mozilla\firefox\profiles\2iky4cir.default\extensions\{62760fd6-b943-48c9-ab09-f99c6fe96088}\platform\winnt\components\EbayFormSubmitObserver.dll FF - component: c:\program files\google\google gears\firefox\components\gears.dll FF - plugin: c:\documents and settings\justin\application data\mozilla\plugins\npgoogletalk.dll FF - plugin: c:\documents and settings\justin\local settings\application data\google\update\1.2.183.7\npGoogleOneClick8.dll FF - plugin: c:\program files\google\update\1.2.145.5\npGoogleOneClick8.dll FF - plugin: c:\program files\google\update\1.2.183.7\npGoogleOneClick8.dll FF - plugin: c:\program files\mozilla firefox\plugins\npmusicn.dll FF - plugin: c:\program files\mozilla firefox\plugins\npViewpoint.dll FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} ---- FIREFOX POLICIES ---- FF - user.js: network.http.max-persistent-connections-per-server - 4 FF - user.js: content.max.tokenizing.time - 200000 FF - user.js: content.notify.interval - 100000 FF - user.js: content.switch.threshold - 650000 FF - user.js: nglayout.initialpaint.delay - 300 FF - user.js: browser.tabs.tabMinWidth - 125 ============= SERVICES / DRIVERS =============== R0 MDFSYSNT;MacDrive file system driver;c:\windows\system32\drivers\MDFSYSNT.SYS [2008-10-24 293632] R1 CbFs;CbFs;c:\windows\system32\drivers\cbfs.sys [2009-2-22 136744] R1 NaiAvTdi1;NaiAvTdi1;c:\windows\system32\drivers\mvstdi5x.sys [2006-1-25 58048] R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2006-10-10 5632] R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2007-2-27 32256] R2 LBeepKE;LBeepKE;c:\windows\system32\drivers\LBeepKE.sys [2009-1-7 10384] R2 M4iPodWPDService;M4iPodWPDService;c:\program files\common files\mediafour\ipod\M4iPodWPDService.exe [2008-10-6 211456] R2 McShield;Network Associates McShield;c:\program files\network associates\virusscan\Mcshield.exe [2004-9-22 221191] R2 McTaskManager;Network Associates Task Manager;c:\program files\network associates\virusscan\VsTskMgr.exe [2004-9-22 28672] R2 Super G Wireless Cardbus Service;Super G Wireless Cardbus Adapter Service;c:\program files\airlink101\awlh4030\WLService.exe [2006-2-19 49152] R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2007-1-25 24652] R3 NaiAvFilter1;NaiAvFilter1;c:\windows\system32\drivers\naiavf5x.sys [2006-1-25 108256] R3 USBNET;Instant Wireless USB Network Adapter ver.2.6 Driver;c:\windows\system32\drivers\vnetusbl.sys [2006-3-11 107648] S2 gupdate1c9e5f3fd5fd1fe;Google Update Service (gupdate1c9e5f3fd5fd1fe);c:\program files\google\update\GoogleUpdate.exe [2009-6-5 133104] S2 McAfeeFramework;McAfee Framework Service;c:\program files\network associates\common framework\FrameworkService.exe [2006-1-25 102463] S3 PsSdk30;PsSdk30;\??\c:\windows\system32\drivers\pssdk30.drv --> c:\windows\system32\drivers\PsSdk30.drv [?] S3 PTDUBus;PANTECH UM175 Composite Device Driver ;c:\windows\system32\drivers\PTDUBus.sys [2009-2-1 29824] S3 PTDUMdm;PANTECH UM175 Drivers;c:\windows\system32\drivers\PTDUMdm.sys [2009-2-1 41344] S3 PTDUVsp;PANTECH UM175 Diagnostic Port;c:\windows\system32\drivers\PTDUVsp.sys [2009-2-1 39936] S3 PTDUWWAN;PANTECH UM175 WWAN Driver;c:\windows\system32\drivers\PTDUWWAN.sys [2009-2-1 59776] S3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2006-2-16 4096] =============== Created Last 30 ================ 2009-07-06 17:37--d-----C:\32788R22FWJFW.0.tmp 2009-07-06 16:12388,608a-------c:\windows\system32\cmd.execf 2009-07-06 14:43a-dshr--C:\cmdcons 2009-07-06 14:42161,792a-------c:\windows\SWREG.exe 2009-07-06 14:42155,136a-------c:\windows\PEV.exe 2009-07-06 14:4298,816a-------c:\windows\sed.exe 2009-07-06 14:41388,608a-------c:\windows\system32\CF21703.exe 2009-07-05 15:42--d-----c:\program files\CCleaner 2009-07-01 16:53--d-----c:\program files\Trend Micro 2009-06-26 15:31--d-----c:\docume~1\justin\applic~1\VirtuaWin 2009-06-26 15:31--d-----c:\program files\VirtuaWin 2009-06-25 22:00--d-----c:\docume~1\justin\applic~1\Launchy 2009-06-25 22:00--d-----c:\program files\Launchy 2009-06-24 14:26--d-----c:\program files\DVD-Cloner Platinum 2009-06-20 00:37--d-----c:\program files\Pod to PC 2009-06-18 22:04--d-----c:\program files\DVDFab 6 2009-06-17 12:11--d-----c:\docume~1\justin\applic~1\GrabIt 2009-06-12 22:20--d-----c:\program files\Western Digital Technologies 2009-06-12 00:24--d-----c:\program files\WBFS 2009-06-09 21:02--d-----c:\program files\AMT 2009-06-09 09:30--d-----c:\program files\iTunes ==================== Find3M ==================== 2009-06-25 21:5447,360a-------c:\docume~1\justin\applic~1\pcouffin.sys 2009-06-17 11:2738,160a-------c:\windows\system32\drivers\mbamswissarmy.sys 2009-06-17 11:2719,096a-------c:\windows\system32\drivers\mbam.sys 2009-06-05 11:422,060,288a-------c:\windows\system32\usbaaplrc.dll 2009-06-05 11:4239,424a-------c:\windows\system32\drivers\usbaapl.sys 2009-06-01 01:31359,808a-------c:\windows\system32\drivers\TCPIP.SYS 2009-05-28 22:0347,360a-------c:\windows\system32\drivers\pcouffin.sys 2009-05-21 15:12359,808a-------c:\windows\system32\drivers\TCPIP.SYS.ORIGINAL 2007-07-30 16:3332,968ac------c:\docume~1\justin\applic~1\GDIPFONTCACHEV1.DAT 2006-05-03 22:20454a-------c:\program files\Shortcut to games.lnk 2006-02-19 17:371,117,491ac------c:\program files\DVD_Shrink_v3[1].2_Install.exe ============= FINISH: 16:53:11.75 =============== UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT DDS (Ver_09-06-26.01) Microsoft Windows XP Professional Boot Device: \Device\HarddiskVolume1 Install DATE: 10/19/2005 4:44:32 AM System Uptime: 07/07/2009 4:38:31 PM (0 hours ago) Motherboard: ECS \| \| P4M800-M7 Processor: Intel(R) Pentium(R) 4 CPU 2.66GHz \| CPU 1 \| 2659/133mhz ==== Disk Partitions ========================= ==== Installed Programs ====================== µTorrent Adobe AIR Adobe Anchor Service CS3 Adobe Asset Services CS3 Adobe Bridge CS3 Adobe Bridge Start Meeting Adobe Camera Raw 4.0 Adobe CMaps Adobe Color - Photoshop Specific Adobe Color Common Settings Adobe Color EU Extra Settings Adobe Color JA Extra Settings Adobe Color NA Recommended Settings Adobe Default Language CS3 Adobe Device Central CS3 Adobe ExtendScript Toolkit 2 Adobe Flash Player 10 Plugin Adobe Fonts All Adobe Help Viewer CS3 Adobe Linguistics CS3 Adobe PDF Library Files Adobe Photoshop CS3 Adobe Reader 8.1.1 Adobe Reader 9.1 Adobe Setup Adobe Shockwave Player Adobe Stock Photos CS3 Adobe Type Support Adobe Update Manager CS3 Adobe Version Cue CS3 Client Adobe WinSoft Linguistics Plugin Adobe XMP Panels CS3 Airlink101 SuperG Wireless Adapter AnswerWorks 4.0 Runtime - English Apple Mobile Device Support Apple Software Update Audacity 1.2.6 Bonjour C-Media WDM Audio Driver CCleaner (remove only) CDDRV_Installer CloneDVD2 DVD Decrypter (Remove Only) DVD Shrink 3.2 DVDFab 6.0.1.0 (May 15, 2009) Google Gears Google Talk Plugin Google Update Helper HandBrake 0.9.3 HijackThis 2.0.2 Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Windows XP (KB926239) hp officejet g series ImagXpress Instant Wireless USB Adapter iTunes Java Adapter for Mobile Java(TM) 6 Update 13 Java(TM) 6 Update 5 Java(TM) 6 Update 7 KhalInstallWrapper Launchy 2.1.2 LG PC Suite II LG USB Modem driver Logitech iTouch Software Logitech MouseWare 9.79 Logitech Resource Center Logitech SetPoint Machinist2DLL Macromedia Flash Player 8 Malwarebytes' Anti-Malware McAfee VirusScan Enterprise Merriam-Webster Metafile Companion Microsoft .NET Framework 2.0 Service Pack 2 Microsoft .NET Framework 3.0 Service Pack 2 Microsoft .NET Framework 3.5 SP1 Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Office Access MUI (English) 2007 Microsoft Office Access Setup Metadata MUI (English) 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (English) 2007 Microsoft Office Groove MUI (English) 2007 Microsoft Office Groove Setup Metadata MUI (English) 2007 Microsoft Office InfoPath MUI (English) 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office Outlook MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Publisher MUI (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word MUI (English) 2007 Microsoft Silverlight Microsoft Software Update for Web Folders (English) 12 Microsoft User-Mode Driver Framework Feature Pack 1.7 Microsoft Visual C++ 2005 Redistributable Microsoft XML Parser Mozilla Firefox (3.0.11) MSXML 4.0 SP2 (KB936181) MSXML 6.0 Parser (KB933579) MSXML4 Parser Musicnotes Player V1.23.0 Nero 8 Ultra Edition HD neroxml overland PAC7302 PANTECH UM175 Driver PartitionMagic PartyPokerNet PDF Settings Photosmart 130,230,7150,7345,7350,7550 (Remove only) Platform Pod to PC 2.6 PowerDVD PowerISO PowerQuest PartitionMagic 8.0 QuickTime Real Alternative 1.9.0 Realtek AC'97 Audio Revo Uninstaller 1.80 Rosetta Stone 2.1.5.1A Security Update for Windows Media Player (KB911564) Security Update for Windows Media Player 6.4 (KB925398) Security Update for Windows Media Player 9 (KB911565) Security Update for Windows Media Player 9 (KB917734) Security Update for Windows Media Player 9 (KB936782) Security Update for Windows XP (KB890046) Security Update for Windows XP (KB893066) Security Update for Windows XP (KB893756) Security Update for Windows XP (KB896358) Security Update for Windows XP (KB896422) Security Update for Windows XP (KB896423) Security Update for Windows XP (KB896424) Security Update for Windows XP (KB896428) Security Update for Windows XP (KB899587) Security Update for Windows XP (KB899589) Security Update for Windows XP (KB899591) Security Update for Windows XP (KB900725) Security Update for Windows XP (KB901017) Security Update for Windows XP (KB901214) Security Update for Windows XP (KB902400) Security Update for Windows XP (KB904706) Security Update for Windows XP (KB905414) Security Update for Windows XP (KB905749) Security Update for Windows XP (KB905915) Security Update for Windows XP (KB908519) Security Update for Windows XP (KB908531) Security Update for Windows XP (KB911280) Security Update for Windows XP (KB911562) Security Update for Windows XP (KB911567) Security Update for Windows XP (KB911927) Security Update for Windows XP (KB912812) Security Update for Windows XP (KB912919) Security Update for Windows XP (KB913446) Security Update for Windows XP (KB913580) Security Update for Windows XP (KB914388) Security Update for Windows XP (KB914389) Security Update for Windows XP (KB916281) Security Update for Windows XP (KB917159) Security Update for Windows XP (KB917344) Security Update for Windows XP (KB917422) Security Update for Windows XP (KB917953) Security Update for Windows XP (KB918118) Security Update for Windows XP (KB918439) Security Update for Windows XP (KB918899) Security Update for Windows XP (KB919007) Security Update for Windows XP (KB920213) Security Update for Windows XP (KB920214) Security Update for Windows XP (KB920670) Security Update for Windows XP (KB920683) Security Update for Windows XP (KB920685) Security Update for Windows XP (KB921398) Security Update for Windows XP (KB921503) Security Update for Windows XP (KB921883) Security Update for Windows XP (KB922616) Security Update for Windows XP (KB922819) Security Update for Windows XP (KB923191) Security Update for Windows XP (KB923414) Security Update for Windows XP (KB923689) Security Update for Windows XP (KB923980) Security Update for Windows XP (KB924270) Security Update for Windows XP (KB924496) Security Update for Windows XP (KB924667) Security Update for Windows XP (KB925902) Security Update for Windows XP (KB926255) Security Update for Windows XP (KB926436) Security Update for Windows XP (KB927779) Security Update for Windows XP (KB927802) Security Update for Windows XP (KB928255) Security Update for Windows XP (KB928843) Security Update for Windows XP (KB929123) Security Update for Windows XP (KB930178) Security Update for Windows XP (KB931261) Security Update for Windows XP (KB931784) Security Update for Windows XP (KB932168) Security Update for Windows XP (KB935839) Security Update for Windows XP (KB935840) Security Update for Windows XP (KB936021) Security Update for Windows XP (KB937143) Security Update for Windows XP (KB938127) Security Update for Windows XP (KB938829) Sibelius Scorch (Firefox, Opera, Netscape only) Sprint Mobile Broadband (Sierra) Spybot - Search & Destroy SUPERAntiSpyware Free Edition Sure Cuts A Lot 1.016 TI Connect 1.6 Total Video Converter 3.10 TotalAudioConverter TuneUp Utilities 2008 Ultra Video Converter 4.4.0329 Universal Media Player Unlocker 1.8.7 Update for Windows XP (KB894391) Update for Windows XP (KB898461) Update for Windows XP (KB900485) Update for Windows XP (KB910437) Update for Windows XP (KB916595) Update for Windows XP (KB920872) Update for Windows XP (KB922582) Update for Windows XP (KB927891) Update for Windows XP (KB930916) Update for Windows XP (KB931836) Update for Windows XP (KB936357) Update for Windows XP (KB938828) VCRedistSetup VIA Platform Device Manager VIA Rhine-Family Fast Ethernet Adapter VIA/S3G Display Driver Viewpoint Manager (Remove Only) Viewpoint Media Player VirtuaWin v4.0.1 VZAccess Manager WBFS Manager 3.0 WD Diagnostics WebFldrs XP Windows Genuine Advantage v1.3.0254.0 Windows Imaging Component Windows Installer 3.1 (KB893803) Windows Media Format 11 runtime Windows Media Player 11 Windows Media Player Firefox Plugin Windows Rights Management Client Backwards Compatibility SP2 Windows Rights Management Client with Service Pack 2 Windows XP Hotfix - KB873339 Windows XP Hotfix - KB885250 Windows XP Hotfix - KB885835 Windows XP Hotfix - KB885836 Windows XP Hotfix - KB885884 Windows XP Hotfix - KB886185 Windows XP Hotfix - KB887472 Windows XP Hotfix - KB887742 Windows XP Hotfix - KB888113 Windows XP Hotfix - KB888302 Windows XP Hotfix - KB890859 Windows XP Hotfix - KB891781 Windows XP Service Pack 2 WinRAR archiver XML Paper Specification Shared Components Pack 1.0 XPlay 3 ==== End Of File =========================== Go to Add or Remove Programs and uninstall: Viewpoint Manager (Remove Only) Viewpoint Media Player . ---------- Download OTM by OldTimer to your desktop. Note: If you are running on Vista, right-click on OTM.exe and choose Run As Administrator. * Save it to your Desktop. * Double-click OTM.exe to run it. * Copy the lines in the codebox below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy) Code: [Select]:Processes explorer.exe :services Viewpoint Manager Service :reg :files C:\Program Files\Viewpoint C:\32788R22FWJFW.0.tmp c:\windows\system32\cmd.execf C:\cmdcons c:\windows\SWREG.exe c:\windows\PEV.exe c:\windows\sed.exe c:\windows\system32\CF21703.exe :Commands [purity] [emptytemp] [start explorer] [Reboot] * Return to OTM, right click in the "Paste Instructions for Items to be Moved" window (under the yellow bar) and choose Paste. * Click the red Moveit! button. * Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply. Close OTM Note: If a file or folder cannot be moved immediately you may be asked to reboot your computer in order to finish the move process. If asked to reboot, choose Yes. If not, reboot anyway. ---------- Use the ESET Online Antivirus Scanner This scanner requires Internet Explorer 1. Check the box next to YES, I accept the Terms of Use. 2. Click Start 3. When asked, allow the activex control to install 4. Click Start 5. Make sure that the option Remove found threats and the option Scan unwanted applications is check marked. 6. Click Scan 7. Wait for the scan to finish 8. Use notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt 9. Add the C:\Program Files\EsetOnlineScanner\log.txt log into your next reply.All processes killed ========== PROCESSES ========== No active process named explorer.exe was found! ========== SERVICES/DRIVERS ========== Service\Driver Viewpoint Manager Service not found. Service\Driver Viewpoint Manager Service not found. ========== REGISTRY ========== ========== FILES ========== C:\Program Files\Viewpoint\Viewpoint Media Player\NewComponents moved successfully. C:\Program Files\Viewpoint\Viewpoint Media Player\DownloadedComponents\VMgr_Win moved successfully. C:\Program Files\Viewpoint\Viewpoint Media Player\DownloadedComponents\AxMetaStream_Win moved successfully. C:\Program Files\Viewpoint\Viewpoint Media Player\DownloadedComponents moved successfully. C:\Program Files\Viewpoint\Viewpoint Media Player\Components moved successfully. C:\Program Files\Viewpoint\Viewpoint Media Player moved successfully. C:\Program Files\Viewpoint moved successfully. C:\32788R22FWJFW.0.tmp moved successfully. c:\windows\system32\cmd.execf moved successfully. Folder move failed. C:\cmdcons\SYSTEM32 scheduled to be moved on reboot. Folder move failed. C:\cmdcons scheduled to be moved on reboot. c:\windows\SWREG.exe moved successfully. c:\windows\PEV.exe moved successfully. c:\windows\sed.exe moved successfully. c:\windows\system32\CF21703.exe moved successfully. ========== COMMANDS ========== [EMPTYTEMP] User: Administrator ->TEMP folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 67 bytes User: All Users User: Application Data User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 67 bytes User: Guest ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 67 bytes ->Java cache emptied: 39940 bytes User: justin ->Temp folder emptied: 64185532 bytes ->Temporary Internet Files folder emptied: 2420411 bytes ->Java cache emptied: 5035 bytes ->FireFox cache emptied: 617298332 bytes User: LocalService ->Temp folder emptied: 0 bytes File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot. ->Temporary Internet Files folder emptied: 49286 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 482310 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 2775569 bytes File delete failed. C:\WINDOWS\temp\WFV3.tmp scheduled to be deleted on reboot. Windows Temp folder emptied: 52650027 bytes RecycleBin emptied: 25711730 bytes Total Files Cleaned = 730.15 mb OTM by OldTimer - Version 3.0.0.4 log created on 07072009_174324 Files moved on Reboot... C:\cmdcons\SYSTEM32 moved successfully. Folder move failed. C:\cmdcons scheduled to be moved on reboot. File C:\WINDOWS\temp\WFV3.tmp not found! Registry entries deleted on Reboot... [emailprotected] as CAB hook log: OnlineScanner.ocx - registred OK # version=6 # iexplore.exe=6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) # OnlineScanner.ocx=1.0.0.5886 # api_version=3.0.2 # EOSSerial=095d76691df05a4498bd7a723464f1fc # end=finished # remove_checked=true # archives_checked=true # unwanted_checked=true # unsafe_checked=true # antistealth_checked=true # utc_time=2009-07-08 08:56:23 # local_time=2009-07-08 01:56:23 (-0700, US Mountain Standard Time) # country="United States" # lang=1033 # osver=5.1.2600 NT Service Pack 2 # scanned=141587 # found=6 # cleaned=6 # scan_time=26750 C:\Documents and Settings\justin\Application Data\Symantec\Layouts\Norton AntiVirus\15.0\SymAllLanguages\NAVCD_RETAIL\20070826\CDStart.exea variant of Win32/Injector.FN trojan (deleted - quarantined)00000000000000000000000000000000C C:\Documents and Settings\justin\Application Data\Symantec\Layouts\Norton AntiVirus\15.0\SymAllLanguages\NAVCD_RETAIL\20070826\Setup.exea variant of Win32/Injector.FN trojan (deleted - quarantined)00000000000000000000000000000000C C:\Documents and Settings\justin\Desktop\16gb\Nero 8.3.2.1 Ultra Edition HD -Eng-\Nero-8.3.2.1_eng.exeWin32/Toolbar.AskSBar application (deleted - quarantined)00000000000000000000000000000000C C:\Program Files\BitLord\Downloads\FruityLoops Studio.rarprobably a variant of Win32/Delf trojan (deleted - quarantined)00000000000000000000000000000000C C:\Program Files\BitLord\Downloads\Nero 8.3.2.1 Ultra Edition HD -Eng-\Nero-8.3.2.1_eng.exeWin32/Toolbar.AskSBar application (deleted - quarantined)00000000000000000000000000000000C C:\Program Files\BitLord\Downloads\Rosetta\Rosetta Application.isoWin32/HackTool.Patcher.A application (deleted - quarantined)00000000000000000000000000000000C 1. Double click OTM to launch it. Vista users right click and choose Run As Administrator 2. Click on the CleanUp! button. 3. OTM will download a list from the Internet, if your firewall or other defensive programs alerts you, allow it access. 4. Click YES at the next prompt (list downloaded, Do you want to begin cleanup process?) 5. When finished exit out of OTM. ---------- How is the computer running now?My computer is free from all known symptoms! Thank you, thank you, a million times thank you. Ironically, your name doesn't suit the good that you have done and are doing, nevertheless please continue to help those of us who need it. Any recommendations to keep my computer protected and up to par?Use the Secunia Software Inspector to check for out of date software. Click Start Now Check the box next to Enable thorough system inspection. Click Start Allow the scan to finish and scroll down to see if any updates are needed. Update anything listed. . ---------- Go to Microsoft Windows Update and get all critical updates. ---------- I suggest using WOT - Web of Trust. WOT is a free Internet security addon for your browser. It will keep you safe from online scams, identity theft, spyware, spam, viruses and unreliable shopping sites. WOT warns you before you interact with a risky website. It's easy and it's free. SpywareBlaster - Secure your Internet Explorer to make it harder for ActiveX programs to run on your computer. Also STOP certain cookies from being added to your computer when running Mozilla based browsers like Firefox. * Using SpywareBlaster to protect your computer from Spyware and Malware * If you don't know what ActiveX controls are, see here Check out Keeping Yourself Safe On The Web for tips and free tools to help keep you safe in the future. Also see Slow Computer? It May Not Be Malware for free cleaning/maintenance tools to help keep your computer running smooth.

Answer»

Click START then RUN

Now type Combo-Fix in the runbox
Make sure there's a space between Combo-Fix and /u
Then hit Enter.
.
That should uninstall ComboFix.

Now restart the computer and install it again. Be sure to rename it during the install using the instructions from HERE.

If that does or doesn't work try running Malwarebytes also.

Malwarebytes' Anti-Malware 1.38
Database version: 2384
Windows 5.1.2600 Service PACK 2

07/07/2009 12:13:56 AM
mbam-log-2009-07-07 (00-13-56).txt

Scan type: Full Scan (C:\|F:\|L:\|Z:\|)
Objects scanned: 248359
Time elapsed: 1 hour(s), 27 minute(s), 23 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

-----
Windows can't find "Combo-Fix". Another way to uninstall?Go to C:\Combo-Fix and delet ethe entire folder. Also delete the Qoobox folder.

Download DDS from |HERE| or |HERE| or |HERE| and save it to your desktop.

Vista users right click on dds and select Run as administrator (you will receive a UAC prompt, please allow it)

* XP users Double click on dds to run it.
* If your antivirus or firewall try to block DDS then please allow it to run.
* When finished DDS will open two (2) logs.

1) DDS.txt
2) Attach.txt

* Save both logs to your desktop.
* Please copy and paste the entire contents of both logs in your next reply.

Note: DDS will instruct you to post the Attach.txt log as an attachment.
Please just post it as you would any other log by copy and pasting it into the reply.

-------
DDS (Ver_09-06-26.01) - NTFSx86
Run by justin at 16:52:04.15 on 07/07/2009
Internet Explorer: 6.0.2900.2180 BrowserJavaVersion: 1.6.0_13
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.991.311 [GMT -7:00]

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Mediafour\iPod\M4iPodWPDService.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\Program Files\Sprint\Sierra Wireless\Sprint PCS CONNECTION Manager\SPCSUtilityService.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\Program Files\Airlink101\AWLH4030\WLService.exe
C:\Program Files\Airlink101\AWLH4030\WLanCfgAG.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\VIA\RAID\raid_tool.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\system32\VTtrayp.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\Logi_MwX.Exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\system32\hphmon04.exe
C:\Program Files\Mediafour\XPlay 3\XPlay.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Hewlett-Packard\AiO\hp officejet g series\Bin\hpoavn07.exe
C:\Program Files\Launchy\Launchy.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\VirtuaWin\VirtuaWin.exe
C:\PROGRA~1\HEWLET~1\AiO\Shared\Bin\hpoevm07.exe
C:\WINDOWS\system32\hpoipm07.exe
C:\Program Files\VirtuaWin\modules\WinList.exe
C:\Program Files\Hewlett-Packard\AiO\Shared\bin\hpOSTS07.exe
C:\Program Files\Hewlett-Packard\AiO\Shared\bin\hpOFXM07.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Sprint\Sierra Wireless\Sprint PCS Connection Manager\SPCSCM.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\justin\Desktop\dds.com

============== Pseudo HJT Report ===============

uStart Page = hxxp://my.yahoo.com/index.html
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Mediafour XPlay Explorer notifications: {4907c0ad-874d-44d9-b13e-7b0a4d8b9d3e} - c:\program files\mediafour\xplay 3\XPBHO.DLL
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~2\office12\GRA8E1~1.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Google Gears Helper: {e0fefe40-fbf9-42ae-ba58-794ca7e3fb53} - c:\program files\google\google gears\internet explorer\0.5.23.0\gears.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Google Update] "c:\documents and settings\justin\local settings\application data\google\update\GoogleUpdate.exe" /c
mRun: [ShStatEXE] "c:\program files\network associates\virusscan\SHSTAT.EXE" /STANDALONE
mRun: [McAfeeUpdaterUI] "c:\program files\network associates\common framework\UpdaterUI.exe" /StartedFromRunKey
mRun: [RaidTool] c:\program files\via\raid\raid_tool.exe
mRun: [VTTimer] VTTimer.exe
mRun: [VTTrayp] VTtrayp.exe
mRun: [SoundMan] SOUNDMAN.EXE
mRun: [Logitech Utility] Logi_MwX.Exe
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
mRun: [HPDJ Taskbar Utility] c:\windows\system32\spool\drivers\w32x86\3\hpztsb07.exe
mRun: [HPHmon04] c:\windows\system32\hphmon04.exe
mRun: [{914C5BF8-EEDD-4F3A-A8BE-34EE71CF1B29}] "c:\program files\mediafour\xplay 3\XPlay.exe"
mRun: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
mRun: [NeroFilterCheck] c:\program files\common files\nero\lib\NeroCheck.exe
mRun: [NBKeyScan] "c:\program files\nero\nero8\nero backitup\NBKeyScan.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [UnlockerAssistant] "c:\program files\unlocker\UnlockerAssistant.exe"
mRun: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpaiod~1.lnk - c:\program files\hewlett-packard\aio\hp officejet g series\bin\hpoavn07.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\launchy.lnk - c:\program files\launchy\Launchy.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\logite~1.lnk - c:\program files\logitech\setpoint\SetPoint.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\virtua~1.lnk - c:\program files\virtuawin\VirtuaWin.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {F4430FE8-2638-42e5-B849-800749B94EED} - c:\program files\partygaming.net\partypokernet\RunPF.exe
IE: {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - {0B4350D1-055F-47A3-B112-5F2F2B0D6F08} - c:\program files\google\google gears\internet explorer\0.5.23.0\gears.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
Trusted Zone: turbotax.com
DPF: {00000055-9980-0010-8000-00AA00389B71} - hxxp://codecs.microsoft.com/codecs/i386/fhg.CAB
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
TCP: {A315D4DD-5828-447F-BB9F-2F1F4CFD6E9C} = 68.28.50.91 68.28.58.92
Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - c:\program files\hp\hpcoretech\comp\hpuiprot.dll
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll
Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~2\office12\GRA8E1~1.DLL

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\justin\applic~1\mozilla\firefox\profiles\2iky4cir.default\
FF - prefs.js: browser.startup.homepage - hxxp://my.yahoo.com/|https://mail.google.com/mail/?nsr=0&zx=1x6pno7em8jhx&shva=1#inbox/11d75484357f61b2
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?ei=UTF-8&fr=chrff-brandt_off&type=000123X001US&p=
FF - component: c:\documents and settings\justin\application data\mozilla\firefox\profiles\2iky4cir.default\extensions\{62760fd6-b943-48c9-ab09-f99c6fe96088}\platform\winnt\components\EbayAccessService.dll
FF - component: c:\documents and settings\justin\application data\mozilla\firefox\profiles\2iky4cir.default\extensions\{62760fd6-b943-48c9-ab09-f99c6fe96088}\platform\winnt\components\EbayFormSubmitObserver.dll
FF - component: c:\program files\google\google gears\firefox\components\gears.dll
FF - plugin: c:\documents and settings\justin\application data\mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\documents and settings\justin\local settings\application data\google\update\1.2.183.7\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.2.145.5\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.2.183.7\npGoogleOneClick8.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npmusicn.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npViewpoint.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: content.max.tokenizing.time - 200000
FF - user.js: content.notify.interval - 100000
FF - user.js: content.switch.threshold - 650000
FF - user.js: nglayout.initialpaint.delay - 300
FF - user.js: browser.tabs.tabMinWidth - 125

============= SERVICES / DRIVERS ===============

R0 MDFSYSNT;MacDrive file system driver;c:\windows\system32\drivers\MDFSYSNT.SYS [2008-10-24 293632]
R1 CbFs;CbFs;c:\windows\system32\drivers\cbfs.sys [2009-2-22 136744]
R1 NaiAvTdi1;NaiAvTdi1;c:\windows\system32\drivers\mvstdi5x.sys [2006-1-25 58048]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2006-10-10 5632]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2007-2-27 32256]
R2 LBeepKE;LBeepKE;c:\windows\system32\drivers\LBeepKE.sys [2009-1-7 10384]
R2 M4iPodWPDService;M4iPodWPDService;c:\program files\common files\mediafour\ipod\M4iPodWPDService.exe [2008-10-6 211456]
R2 McShield;Network Associates McShield;c:\program files\network associates\virusscan\Mcshield.exe [2004-9-22 221191]
R2 McTaskManager;Network Associates Task Manager;c:\program files\network associates\virusscan\VsTskMgr.exe [2004-9-22 28672]
R2 Super G Wireless Cardbus Service;Super G Wireless Cardbus Adapter Service;c:\program files\airlink101\awlh4030\WLService.exe [2006-2-19 49152]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2007-1-25 24652]
R3 NaiAvFilter1;NaiAvFilter1;c:\windows\system32\drivers\naiavf5x.sys [2006-1-25 108256]
R3 USBNET;Instant Wireless USB Network Adapter ver.2.6 Driver;c:\windows\system32\drivers\vnetusbl.sys [2006-3-11 107648]
S2 gupdate1c9e5f3fd5fd1fe;Google Update Service (gupdate1c9e5f3fd5fd1fe);c:\program files\google\update\GoogleUpdate.exe [2009-6-5 133104]
S2 McAfeeFramework;McAfee Framework Service;c:\program files\network associates\common framework\FrameworkService.exe [2006-1-25 102463]
S3 PsSdk30;PsSdk30;\??\c:\windows\system32\drivers\pssdk30.drv --> c:\windows\system32\drivers\PsSdk30.drv [?]
S3 PTDUBus;PANTECH UM175 Composite Device Driver ;c:\windows\system32\drivers\PTDUBus.sys [2009-2-1 29824]
S3 PTDUMdm;PANTECH UM175 Drivers;c:\windows\system32\drivers\PTDUMdm.sys [2009-2-1 41344]
S3 PTDUVsp;PANTECH UM175 Diagnostic Port;c:\windows\system32\drivers\PTDUVsp.sys [2009-2-1 39936]
S3 PTDUWWAN;PANTECH UM175 WWAN Driver;c:\windows\system32\drivers\PTDUWWAN.sys [2009-2-1 59776]
S3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2006-2-16 4096]

=============== Created Last 30 ================

2009-07-06 17:37--d-----C:\32788R22FWJFW.0.tmp
2009-07-06 16:12388,608a-------c:\windows\system32\cmd.execf
2009-07-06 14:43a-dshr--C:\cmdcons
2009-07-06 14:42161,792a-------c:\windows\SWREG.exe
2009-07-06 14:42155,136a-------c:\windows\PEV.exe
2009-07-06 14:4298,816a-------c:\windows\sed.exe
2009-07-06 14:41388,608a-------c:\windows\system32\CF21703.exe
2009-07-05 15:42--d-----c:\program files\CCleaner
2009-07-01 16:53--d-----c:\program files\Trend Micro
2009-06-26 15:31--d-----c:\docume~1\justin\applic~1\VirtuaWin
2009-06-26 15:31--d-----c:\program files\VirtuaWin
2009-06-25 22:00--d-----c:\docume~1\justin\applic~1\Launchy
2009-06-25 22:00--d-----c:\program files\Launchy
2009-06-24 14:26--d-----c:\program files\DVD-Cloner Platinum
2009-06-20 00:37--d-----c:\program files\Pod to PC
2009-06-18 22:04--d-----c:\program files\DVDFab 6
2009-06-17 12:11--d-----c:\docume~1\justin\applic~1\GrabIt
2009-06-12 22:20--d-----c:\program files\Western Digital Technologies
2009-06-12 00:24--d-----c:\program files\WBFS
2009-06-09 21:02--d-----c:\program files\AMT
2009-06-09 09:30--d-----c:\program files\iTunes

==================== Find3M ====================

2009-06-25 21:5447,360a-------c:\docume~1\justin\applic~1\pcouffin.sys
2009-06-17 11:2738,160a-------c:\windows\system32\drivers\mbamswissarmy.sys
2009-06-17 11:2719,096a-------c:\windows\system32\drivers\mbam.sys
2009-06-05 11:422,060,288a-------c:\windows\system32\usbaaplrc.dll
2009-06-05 11:4239,424a-------c:\windows\system32\drivers\usbaapl.sys
2009-06-01 01:31359,808a-------c:\windows\system32\drivers\TCPIP.SYS
2009-05-28 22:0347,360a-------c:\windows\system32\drivers\pcouffin.sys
2009-05-21 15:12359,808a-------c:\windows\system32\drivers\TCPIP.SYS.ORIGINAL
2007-07-30 16:3332,968ac------c:\docume~1\justin\applic~1\GDIPFONTCACHEV1.DAT
2006-05-03 22:20454a-------c:\program files\Shortcut to games.lnk
2006-02-19 17:371,117,491ac------c:\program files\DVD_Shrink_v3[1].2_Install.exe

============= FINISH: 16:53:11.75 ===============

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-06-26.01)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install DATE: 10/19/2005 4:44:32 AM
System Uptime: 07/07/2009 4:38:31 PM (0 hours ago)

Motherboard: ECS | | P4M800-M7
Processor: Intel(R) Pentium(R) 4 CPU 2.66GHz | CPU 1 | 2659/133mhz

==== Disk Partitions =========================

==== Installed Programs ======================

µTorrent
Adobe AIR
Adobe Anchor Service CS3
Adobe Asset Services CS3
Adobe Bridge CS3
Adobe Bridge Start Meeting
Adobe Camera Raw 4.0
Adobe CMaps
Adobe Color - Photoshop Specific
Adobe Color Common Settings
Adobe Color EU Extra Settings
Adobe Color JA Extra Settings
Adobe Color NA Recommended Settings
Adobe Default Language CS3
Adobe Device Central CS3
Adobe ExtendScript Toolkit 2
Adobe Flash Player 10 Plugin
Adobe Fonts All
Adobe Help Viewer CS3
Adobe Linguistics CS3
Adobe PDF Library Files
Adobe Photoshop CS3
Adobe Reader 8.1.1
Adobe Reader 9.1
Adobe Setup
Adobe Shockwave Player
Adobe Stock Photos CS3
Adobe Type Support
Adobe Update Manager CS3
Adobe Version Cue CS3 Client
Adobe WinSoft Linguistics Plugin
Adobe XMP Panels CS3
Airlink101 SuperG Wireless Adapter
AnswerWorks 4.0 Runtime - English
Apple Mobile Device Support
Apple Software Update
Audacity 1.2.6
Bonjour
C-Media WDM Audio Driver
CCleaner (remove only)
CDDRV_Installer
CloneDVD2
DVD Decrypter (Remove Only)
DVD Shrink 3.2
DVDFab 6.0.1.0 (May 15, 2009)
Google Gears
Google Talk Plugin
Google Update Helper
HandBrake 0.9.3
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Windows XP (KB926239)
hp officejet g series
ImagXpress
Instant Wireless USB Adapter
iTunes
Java Adapter for Mobile
Java(TM) 6 Update 13
Java(TM) 6 Update 5
Java(TM) 6 Update 7
KhalInstallWrapper
Launchy 2.1.2
LG PC Suite II
LG USB Modem driver
Logitech iTouch Software
Logitech MouseWare 9.79
Logitech Resource Center
Logitech SetPoint
Machinist2DLL
Macromedia Flash Player 8
Malwarebytes' Anti-Malware
McAfee VirusScan Enterprise
Merriam-Webster
Metafile Companion
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Software Update for Web Folders (English) 12
Microsoft User-Mode Driver Framework Feature Pack 1.7
Microsoft Visual C++ 2005 Redistributable
Microsoft XML Parser
Mozilla Firefox (3.0.11)
MSXML 4.0 SP2 (KB936181)
MSXML 6.0 Parser (KB933579)
MSXML4 Parser
Musicnotes Player V1.23.0
Nero 8 Ultra Edition HD
neroxml
overland
PAC7302
PANTECH UM175 Driver
PartitionMagic
PartyPokerNet
PDF Settings
Photosmart 130,230,7150,7345,7350,7550 (Remove only)
Platform
Pod to PC 2.6
PowerDVD
PowerISO
PowerQuest PartitionMagic 8.0
QuickTime
Real Alternative 1.9.0
Realtek AC'97 Audio
Revo Uninstaller 1.80
Rosetta Stone 2.1.5.1A
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows Media Player 9 (KB911565)
Security Update for Windows Media Player 9 (KB917734)
Security Update for Windows Media Player 9 (KB936782)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893066)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899589)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB905915)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB908531)
Security Update for Windows XP (KB911280)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912812)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913446)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB916281)
Security Update for Windows XP (KB917159)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB918899)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920214)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921503)
Security Update for Windows XP (KB921883)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB929123)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB932168)
Security Update for Windows XP (KB935839)
Security Update for Windows XP (KB935840)
Security Update for Windows XP (KB936021)
Security Update for Windows XP (KB937143)
Security Update for Windows XP (KB938127)
Security Update for Windows XP (KB938829)
Sibelius Scorch (Firefox, Opera, Netscape only)
Sprint Mobile Broadband (Sierra)
Spybot - Search & Destroy
SUPERAntiSpyware Free Edition
Sure Cuts A Lot 1.016
TI Connect 1.6
Total Video Converter 3.10
TotalAudioConverter
TuneUp Utilities 2008
Ultra Video Converter 4.4.0329
Universal Media Player
Unlocker 1.8.7
Update for Windows XP (KB894391)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB910437)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB927891)
Update for Windows XP (KB930916)
Update for Windows XP (KB931836)
Update for Windows XP (KB936357)
Update for Windows XP (KB938828)
VCRedistSetup
VIA Platform Device Manager
VIA Rhine-Family Fast Ethernet Adapter
VIA/S3G Display Driver
Viewpoint Manager (Remove Only)
Viewpoint Media Player
VirtuaWin v4.0.1
VZAccess Manager
WBFS Manager 3.0
WD Diagnostics
WebFldrs XP
Windows Genuine Advantage v1.3.0254.0
Windows Imaging Component
Windows Installer 3.1 (KB893803)
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player Firefox Plugin
Windows Rights Management Client Backwards Compatibility SP2
Windows Rights Management Client with Service Pack 2
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB885884
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
Windows XP Service Pack 2
WinRAR archiver
XML Paper Specification Shared Components Pack 1.0
XPlay 3

==== End Of File ===========================

Go to Add or Remove Programs and uninstall:

Viewpoint Manager (Remove Only)
Viewpoint Media Player

.
----------

Download OTM by OldTimer to your desktop.

Note: If you are running on Vista, right-click on OTM.exe and choose Run As Administrator.

* Save it to your Desktop.
* Double-click OTM.exe to run it.
* Copy the lines in the codebox below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy)

Code: [Select]:Processes
explorer.exe

:services
Viewpoint Manager Service

:reg

:files
C:\Program Files\Viewpoint
C:\32788R22FWJFW.0.tmp
c:\windows\system32\cmd.execf
C:\cmdcons
c:\windows\SWREG.exe
c:\windows\PEV.exe
c:\windows\sed.exe
c:\windows\system32\CF21703.exe

:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]

* Return to OTM, right click in the "Paste Instructions for Items to be Moved" window (under the yellow bar) and choose Paste.
* Click the red Moveit! button.
* Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
Close OTM

Note: If a file or folder cannot be moved immediately you may be asked to reboot your computer in order to finish the move process. If asked to reboot, choose Yes. If not, reboot anyway.

----------

Use the ESET Online Antivirus Scanner

This scanner requires Internet Explorer

1. Check the box next to YES, I accept the Terms of Use.
2. Click Start
3. When asked, allow the activex control to install
4. Click Start
5. Make sure that the option Remove found threats and the option Scan unwanted applications is check marked.
6. Click Scan
7. Wait for the scan to finish
8. Use notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
9. Add the C:\Program Files\EsetOnlineScanner\log.txt log into your next reply.All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== SERVICES/DRIVERS ==========
Service\Driver Viewpoint Manager Service not found.
Service\Driver Viewpoint Manager Service not found.
========== REGISTRY ==========
========== FILES ==========
C:\Program Files\Viewpoint\Viewpoint Media Player\NewComponents moved successfully.
C:\Program Files\Viewpoint\Viewpoint Media Player\DownloadedComponents\VMgr_Win moved successfully.
C:\Program Files\Viewpoint\Viewpoint Media Player\DownloadedComponents\AxMetaStream_Win moved successfully.
C:\Program Files\Viewpoint\Viewpoint Media Player\DownloadedComponents moved successfully.
C:\Program Files\Viewpoint\Viewpoint Media Player\Components moved successfully.
C:\Program Files\Viewpoint\Viewpoint Media Player moved successfully.
C:\Program Files\Viewpoint moved successfully.
C:\32788R22FWJFW.0.tmp moved successfully.
c:\windows\system32\cmd.execf moved successfully.
Folder move failed. C:\cmdcons\SYSTEM32 scheduled to be moved on reboot.
Folder move failed. C:\cmdcons scheduled to be moved on reboot.
c:\windows\SWREG.exe moved successfully.
c:\windows\PEV.exe moved successfully.
c:\windows\sed.exe moved successfully.
c:\windows\system32\CF21703.exe moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->TEMP folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: All Users

User: Application Data

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: Guest
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Java cache emptied: 39940 bytes

User: justin
->Temp folder emptied: 64185532 bytes
->Temporary Internet Files folder emptied: 2420411 bytes
->Java cache emptied: 5035 bytes
->FireFox cache emptied: 617298332 bytes

User: LocalService
->Temp folder emptied: 0 bytes
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 49286 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 482310 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 2775569 bytes
File delete failed. C:\WINDOWS\temp\WFV3.tmp scheduled to be deleted on reboot.
Windows Temp folder emptied: 52650027 bytes
RecycleBin emptied: 25711730 bytes

Total Files Cleaned = 730.15 mb

OTM by OldTimer - Version 3.0.0.4 log created on 07072009_174324

Files moved on Reboot...
C:\cmdcons\SYSTEM32 moved successfully.
Folder move failed. C:\cmdcons scheduled to be moved on reboot.
File C:\WINDOWS\temp\WFV3.tmp not found!

Registry entries deleted on Reboot...

[emailprotected] as CAB hook log:
OnlineScanner.ocx - registred OK
# version=6
# iexplore.exe=6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
# OnlineScanner.ocx=1.0.0.5886
# api_version=3.0.2
# EOSSerial=095d76691df05a4498bd7a723464f1fc
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2009-07-08 08:56:23
# local_time=2009-07-08 01:56:23 (-0700, US Mountain Standard Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 2
# scanned=141587
# found=6
# cleaned=6
# scan_time=26750
C:\Documents and Settings\justin\Application Data\Symantec\Layouts\Norton AntiVirus\15.0\SymAllLanguages\NAVCD_RETAIL\20070826\CDStart.exea variant of Win32/Injector.FN trojan (deleted - quarantined)00000000000000000000000000000000C
C:\Documents and Settings\justin\Application Data\Symantec\Layouts\Norton AntiVirus\15.0\SymAllLanguages\NAVCD_RETAIL\20070826\Setup.exea variant of Win32/Injector.FN trojan (deleted - quarantined)00000000000000000000000000000000C
C:\Documents and Settings\justin\Desktop\16gb\Nero 8.3.2.1 Ultra Edition HD -Eng-\Nero-8.3.2.1_eng.exeWin32/Toolbar.AskSBar application (deleted - quarantined)00000000000000000000000000000000C
C:\Program Files\BitLord\Downloads\FruityLoops Studio.rarprobably a variant of Win32/Delf trojan (deleted - quarantined)00000000000000000000000000000000C
C:\Program Files\BitLord\Downloads\Nero 8.3.2.1 Ultra Edition HD -Eng-\Nero-8.3.2.1_eng.exeWin32/Toolbar.AskSBar application (deleted - quarantined)00000000000000000000000000000000C
C:\Program Files\BitLord\Downloads\Rosetta\Rosetta Application.isoWin32/HackTool.Patcher.A application (deleted - quarantined)00000000000000000000000000000000C

1. Double click OTM to launch it.
Vista users right click and choose Run As Administrator
2. Click on the CleanUp! button.
3. OTM will download a list from the Internet, if your firewall or other defensive programs alerts you, allow it access.
4. Click YES at the next prompt (list downloaded, Do you want to begin cleanup process?)
5. When finished exit out of OTM.

----------

How is the computer running now?My computer is free from all known symptoms! Thank you, thank you, a million times thank you. Ironically, your name doesn't suit the good that you have done and are doing, nevertheless please continue to help those of us who need it.

Any recommendations to keep my computer protected and up to par?Use the Secunia Software Inspector to check for out of date software.

Click Start Now
Check the box next to Enable thorough system inspection.
Click Start
Allow the scan to finish and scroll down to see if any updates are needed.
Update anything listed.

.
----------

Go to Microsoft Windows Update and get all critical updates.

----------

I suggest using WOT - Web of Trust. WOT is a free Internet security addon for your browser. It will keep you safe from online scams, identity theft, spyware, spam, viruses and unreliable shopping sites. WOT warns you before you interact with a risky website. It's easy and it's free.

SpywareBlaster - Secure your Internet Explorer to make it harder for ActiveX programs to run on your computer. Also STOP certain cookies from being added to your computer when running Mozilla based browsers like Firefox.
* Using SpywareBlaster to protect your computer from Spyware and Malware
* If you don't know what ActiveX controls are, see here

Check out Keeping Yourself Safe On The Web for tips and free tools to help keep you safe in the future.

Also see Slow Computer? It May Not Be Malware for free cleaning/maintenance tools to help keep your computer running smooth.

Solve : Virus has disabled all my protection programs?

Discussion

No Comment Found

Related InterviewSolutions

Reply to Comment