View Full Version : antivirus pro 2009
kenjomak
2008-11-16, 20:07
I can't install or run the HJT program. I don't know where to begin. My laptop is infected with antivirus pro 2009. My os is windows xp. Thank you.
Hello kenjomak
Welcome to Safer Networking.
Please read Before You Post (http://forums.spybot.info/showthread.php?t=288)
That said, All advice given by anyone volunteering here, is taken at your own risk.
While best efforts are made to assist in removing infections safely, unexpected stuff can happen.
It is advisable that you back up your personal data before starting any clean up procedure.
Please download Malwarebytes' Anti-Malware from Here (http://www.majorgeeks.com/Malwarebytes_Anti-Malware_d5756.html) or Here (http://www.besttechie.net/tools/mbam-setup.exe)
Double Click mbam-setup.exe to install the application.
Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select "Perform Quick Scan", then click Scan.
The scan may take some time to finish,so please be patient.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.<-- Don't forget this
When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Copy and Paste the entire report in your next reply along with a New Hijackthis log.
Now try installing Hijackthis
Download Trendmicros Hijackthis (http://www.trendsecure.com/portal/en-US/_download/HJTInstall.exe) to your desktop.
Double click it to install
Follow the prompts and by default it will install in C:\Program Files\Trendmicro\Hijackthis\Highjackthis.exe
Open HJT Scan and Save a Log File, it will open in Notepad
Go to Format and make sure Wordwrap is Unchecked
Go to Edit> Select All.....Edit > Copy and Paste the new log into this thread by using the Post Reply and not start a New Thread.
Post the Malwarebytes log and a Hijackthis log if you can please
kenjomak
2008-11-21, 00:28
Malwarebytes' Anti-Malware 1.30
Database version: 1414
Windows 5.1.2600 Service Pack 2
11/20/2008 3:14:38 PM
mbam-log-2008-11-20 (15-14-25).txt
Scan type: Full Scan (C:\|D:\|)
Objects scanned: 178287
Time elapsed: 1 hour(s), 31 minute(s), 29 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 9
Registry Values Infected: 1
Registry Data Items Infected: 3
Folders Infected: 2
Files Infected: 85
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CLASSES_ROOT\CLSID\{3ec85b57-deeb-486a-b5b0-6b334dab57b3} (Trojan.Vundo) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3ec85b57-deeb-486a-b5b0-6b334dab57b3} (Trojan.Vundo) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{7505cbc6-bb5e-422e-a593-487304f37845} (Trojan.Vundo) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{7505cbc6-bb5e-422e-a593-487304f37845} (Trojan.Vundo) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{3655fbd2-e829-42d8-8077-e3cd70adf82b} (Trojan.Vundo) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3655fbd2-e829-42d8-8077-e3cd70adf82b} (Trojan.Vundo) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{b0fc7ce0-34d1-4fad-a429-cd95334babdd} (Trojan.Vundo) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b0fc7ce0-34d1-4fad-a429-cd95334babdd} (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> No action taken.
Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\squrqulpfhm (Trojan.Agent) -> No action taken.
Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Trojan.Agent) -> Data: c:\windows\system32\msupdt.exe -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Trojan.Agent) -> Data: system32\msupdt.exe -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Hijack.UserInit) -> Bad: (C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\msupdt.exe,) Good: (userinit.exe) -> No action taken.
Folders Infected:
C:\Documents and Settings\Owner.Maazyah\Application Data\GetModule (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Owner.Maazyah\Start Menu\Programs\AntivirusPro2009 (Rogue.AntivirusPro2009) -> No action taken.
Files Infected:
C:\Documents and Settings\Owner.Maazyah\Local Settings\Temp\wJQs.exe (Trojan.FakeAlert) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP134\A0050592.exe (Trojan.Clicker) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP134\A0050558.exe (Trojan.Clicker) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP134\A0050559.exe (Trojan.Clicker) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP134\A0050593.exe (Trojan.Clicker) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP134\A0050624.exe (Trojan.Clicker) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP134\A0050625.exe (Trojan.Clicker) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP135\A0050656.exe (Trojan.Clicker) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP135\A0050657.exe (Trojan.Clicker) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP135\A0050686.exe (Trojan.Clicker) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP135\A0050687.exe (Trojan.Clicker) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP135\A0050718.exe (Trojan.Clicker) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP135\A0050719.exe (Trojan.Clicker) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP137\A0050760.exe (Trojan.Clicker) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP137\A0050761.exe (Trojan.Clicker) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP137\A0050765.sys (Trojan.FakeAlert) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP137\A0050791.exe (Trojan.Clicker) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP137\A0050792.sys (Trojan.FakeAlert) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP137\A0050793.sys (Trojan.FakeAlert) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP137\A0050797.exe (Trojan.Clicker) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP137\A0050798.exe (Trojan.Clicker) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP137\A0050803.exe (Trojan.Clicker) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP137\A0050804.exe (Trojan.Clicker) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP137\A0050831.exe (Trojan.Clicker) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP137\A0050832.exe (Trojan.Clicker) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP139\A0051831.exe (Trojan.Clicker) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP139\A0051832.exe (Trojan.Clicker) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP139\A0051853.exe (Trojan.Clicker) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP139\A0051854.exe (Trojan.Clicker) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP139\A0052853.exe (Trojan.Clicker) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP139\A0052854.exe (Trojan.Clicker) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP139\A0052857.exe (Trojan.Clicker) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP139\A0052858.exe (Trojan.Clicker) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP139\A0053857.exe (Trojan.Clicker) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP139\A0053858.exe (Trojan.Clicker) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP139\A0053859.dll (Trojan.Vundo) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP139\A0054918.exe (Trojan.Clicker) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP139\A0054857.exe (Trojan.Clicker) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP139\A0054858.exe (Trojan.Clicker) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP139\A0054861.exe (Trojan.Clicker) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP139\A0054862.exe (Trojan.Clicker) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP139\A0054917.exe (Trojan.Clicker) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP139\A0054891.exe (Trojan.Clicker) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP139\A0054892.exe (Trojan.Clicker) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP140\A0055917.exe (Trojan.Clicker) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP140\A0055918.exe (Trojan.Clicker) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP140\A0055953.exe (Trojan.Clicker) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP140\A0055954.exe (Trojan.Clicker) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP140\A0055988.exe (Trojan.FakeAlert) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP140\A0055987.exe (Trojan.FakeAlert) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP141\A0056027.exe (Trojan.FakeAlert) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP141\A0056028.exe (Trojan.FakeAlert) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP141\A0056062.exe (Trojan.Clicker) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP141\A0056067.exe (Trojan.FakeAlert) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP141\A0056068.exe (Trojan.FakeAlert) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP141\A0057147.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\hdfangiv.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\wnrubafl.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\cxofhg.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\exahnfiu.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\ngpmpd.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\nhorqu.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\vmgxqjom.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\xwwfrt.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\yjptpfwy.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\yrsbpovy.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\qohnfc.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\rantrp.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\wpv591226379256.cpx (Trojan.Agent) -> No action taken.
C:\WINDOWS\Temp\stf69.tmp (Trojan.Dropper) -> No action taken.
C:\Documents and Settings\Owner.Maazyah\Application Data\GetModule\dicik.gz (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Owner.Maazyah\Application Data\GetModule\ofadik.gz (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Owner.Maazyah\Start Menu\Programs\AntivirusPro2009\AntivirusPro2009.lnk (Rogue.AntivirusPro2009) -> No action taken.
C:\Documents and Settings\Owner.Maazyah\Start Menu\Programs\AntivirusPro2009\Uninstall.lnk (Rogue.AntivirusPro2009) -> No action taken.
C:\WINDOWS\system32\podcbmymbplk.dll (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\msupdt.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\wpv801226379280.cpx (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Owner.Maazyah\Local Settings\Temp\7-v3av.exe (Trojan.TDSS) -> No action taken.
C:\Documents and Settings\Owner.Maazyah\Local Settings\Temp\wrdwn3 (Trojan.FakeAlert) -> No action taken.
C:\Documents and Settings\Owner.Maazyah\Local Settings\Temp\wrdwn4 (Trojan.FakeAlert) -> No action taken.
C:\Documents and Settings\Owner.Maazyah\Local Settings\Temp\wrdwn5 (Trojan.FakeAlert) -> No action taken.
C:\Documents and Settings\Owner.Maazyah\Local Settings\Temp\wrdwn6 (Trojan.FakeAlert) -> No action taken.
C:\Documents and Settings\Owner.Maazyah\Local Settings\Temp\wrdwn7 (Trojan.FakeAlert) -> No action taken.
C:\Documents and Settings\Owner.Maazyah\Local Settings\Temp\wrdwn8 (Trojan.FakeAlert) -> No action taken.
C:\Documents and Settings\Owner.Maazyah\Local Settings\Temp\wrdwn9 (Trojan.FakeAlert) -> No action taken.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:24:15 PM, on 11/20/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\Program Files\McAfee.com\VSO\oasclnt.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
C:\PROGRA~1\COMMON~1\AOL\121195~1\EE\AOLHOS~1.EXE
C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopDisplay.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\PROGRA~1\COMMON~1\AOL\121195~1\EE\AOLServiceHost.exe
C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe
C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe
C:\Program Files\Cyberlink\Shared Files\brs.exe
C:\Program Files\NCH Software\BroadCam\broadCam.exe
C:\WINDOWS\system32\iesvcmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\HighKey\HighKey1.exe
C:\Program Files\BigFix\bigfix.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\NCH Software\BroadCam\broadCam.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\LimeWire\LimeWire.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\WINDOWS\system32\svchost.exe
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.com/g/startpage.html?Ch=Retail&Br=GTW&Loc=ENG_US&Sys=PTB&M=MX6448
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.gateway.com/g/startpage.html?Ch=Retail&Br=GTW&Loc=ENG_US&Sys=PTB&M=MX6448
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: adsoftinc browser enhancer - {78AA22F7-D26B-D09F-95CF-0D63F968B361} - C:\WINDOWS\system32\podcbmymbplk.dll (file missing)
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1211952413\EE\AOLHostManager.exe
O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
O4 - HKLM\..\Run: [Reminder] %WINDIR%\Creator\Remind_XP.exe
O4 - HKLM\..\Run: [Recguard] %WINDIR%\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
O4 - HKLM\..\Run: [MSKDetectorExe] C:\PROGRA~1\McAfee\SPAMKI~1\MSKDetct.exe /startup
O4 - HKLM\..\Run: [VirusScan Online] c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [HP Software Update] "c:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe"
O4 - HKLM\..\Run: [RemoteControl8] "C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe"
O4 - HKLM\..\Run: [PDVD8LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe"
O4 - HKLM\..\Run: [BDRegion] C:\Program Files\Cyberlink\Shared Files\brs.exe
O4 - HKLM\..\Run: [BroadCamRun] "C:\Program Files\NCH Software\BroadCam\broadCam.exe" -logon
O4 - HKLM\..\Run: [iesvcmon] "C:\WINDOWS\system32\iesvcmon.exe"
O4 - HKCU\..\Run: [Power2GoExpress] NA
O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\America Online 9.0\AOL.EXE" -b
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [HighKey1] C:\Program Files\HighKey\HighKey1.exe
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\bigfix.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Install Pending Files.LNK = C:\Program Files\SIFXINST\SIFXINST.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra button: (no name) - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\program files\mcafee\spamkiller\mcapfbho.dll
O9 - Extra 'Tools' menuitem: McAfee Anti-Phishing Filter - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\program files\mcafee\spamkiller\mcapfbho.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
O20 - AppInit_DLLs: karna.dat
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: BroadCam Service (BroadCamService) - Unknown owner - C:\Program Files\NCH Software\BroadCam\broadCam.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
O23 - Service: McAfee SpamKiller Server (MskService) - McAfee Inc. - C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE
--
End of file - 10650 bytes
kenjomak,
Did you see my instructions for Malwarebytes???
# Make sure that everything is checked, and click Remove Selected.<-- Don't forget this
You had it set to Take No Action which did not accomplish much, you need to run it again and have it remove whatever it finds