PDA

View Full Version : Win32 Patched.CG



geedee137
2010-05-25, 02:12
AVG has detected the above but cannot remove it.

Didn't think it was causing a problem but just beeen advised that someone in my address book has received an e-mail from me that I didn't send.


Logs as requested

DDS (Ver_10-03-17.01)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 22/11/2009 14:41:52
System Uptime: 24/05/2010 19:50:21 (5 hours ago)

Motherboard: Hewlett-Packard | | 3085
Processor: AMD Athlon(tm) 64 Processor 3200+ | U23 | 1989/mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 75 GiB total, 35.54 GiB free.
D: is CDROM ()
F: is FIXED (NTFS) - 373 GiB total, 182.872 GiB free.

==== Disabled Device Manager Items =============

Class GUID: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Description: ATI SMBus
Device ID: PCI\VEN_1002&DEV_4372&SUBSYS_3085103C&REV_10\3&13C0B0C5&0&A0
Manufacturer: ATI Technologies Inc
Name: ATI SMBus
PNP Device ID: PCI\VEN_1002&DEV_4372&SUBSYS_3085103C&REV_10\3&13C0B0C5&0&A0
Service:

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: Network Controller
Device ID: PCI\VEN_14E4&DEV_4318&SUBSYS_1355103C&REV_02\4&13826118&0&10A4
Manufacturer:
Name: Network Controller
PNP Device ID: PCI\VEN_14E4&DEV_4318&SUBSYS_1355103C&REV_02\4&13826118&0&10A4
Service:

==== System Restore Points ===================

RP70: 24/02/2010 00:29:06 - Software Distribution Service 3.0
RP71: 27/02/2010 02:19:04 - System Checkpoint
RP72: 27/02/2010 14:54:36 - Unsigned printer driver HP PSC 1400 series installed.
RP73: 27/02/2010 15:44:09 - Unsigned printer driver HP PSC 1400 series installed.
RP74: 27/02/2010 16:45:17 - Unsigned printer driver HP PSC 1400 series installed.
RP75: 27/02/2010 19:44:46 - Unsigned printer driver HP PSC 1400 series installed.
RP76: 04/03/2010 18:23:05 - Avg8 Update
RP77: 04/03/2010 18:28:12 - Avg Update
RP78: 06/03/2010 01:23:59 - System Checkpoint
RP79: 07/03/2010 03:02:34 - System Checkpoint
RP80: 07/03/2010 10:57:37 - RegCure Backup
RP81: 09/03/2010 00:29:01 - System Checkpoint
RP82: 09/03/2010 19:22:16 - Avg Update
RP83: 12/03/2010 00:47:33 - Software Distribution Service 3.0
RP84: 12/03/2010 18:44:06 - RegCure Backup
RP85: 13/03/2010 11:43:47 - RegCure Backup
RP86: 15/03/2010 00:01:52 - RegCure Backup
RP87: 15/03/2010 18:27:30 - RegCure Backup
RP88: 16/03/2010 19:30:29 - Avg Update
RP89: 17/03/2010 01:06:57 - Software Distribution Service 3.0
RP90: 18/03/2010 23:58:23 - RegCure Backup
RP91: 20/03/2010 14:17:05 - RegCure Backup
RP92: 22/03/2010 23:59:22 - System Checkpoint
RP93: 01/04/2010 20:48:01 - Avg Update
RP94: 01/04/2010 20:49:25 - Avg Update
RP95: 02/04/2010 02:30:28 - Software Distribution Service 3.0
RP96: 02/04/2010 16:29:45 - RegCure Backup
RP97: 02/04/2010 17:57:36 - Restore Operation
RP98: 02/04/2010 18:03:21 - Restore Operation
RP99: 02/04/2010 18:09:28 - Restore Operation
RP100: 02/04/2010 18:15:39 - Restore Operation
RP101: 02/04/2010 18:31:36 - Restore Operation
RP102: 04/04/2010 01:22:15 - Avg Update
RP103: 04/04/2010 13:16:53 - Restore Operation
RP104: 04/04/2010 13:32:20 - Avg Update
RP105: 04/04/2010 13:48:57 - RegCure Backup
RP106: 05/04/2010 13:06:56 - Unsigned printer driver HP PSC 1400 series installed.
RP107: 05/04/2010 19:15:15 - Unsigned printer driver HP PSC 1400 series installed.
RP108: 06/04/2010 17:51:53 - Unsigned printer driver HP PSC 1400 series installed.
RP109: 11/04/2010 01:41:29 - System Checkpoint
RP110: 12/04/2010 23:48:22 - System Checkpoint
RP111: 13/04/2010 20:37:49 - Removed Apple Application Support
RP112: 13/04/2010 20:42:16 - Removed Apple Mobile Device Support
RP113: 14/04/2010 01:17:47 - Software Distribution Service 3.0
RP114: 16/04/2010 01:15:54 - System Checkpoint
RP115: 16/04/2010 08:11:37 - Software Distribution Service 3.0
RP116: 17/04/2010 01:26:44 - Software Distribution Service 3.0
RP117: 17/04/2010 17:14:44 - Software Distribution Service 3.0
RP118: 19/04/2010 01:14:40 - Software Distribution Service 3.0
RP119: 19/04/2010 18:35:01 - Avg Update
RP120: 19/04/2010 18:42:07 - Avg Update
RP121: 20/04/2010 00:18:12 - Removed Google Earth.
RP122: 20/04/2010 01:49:03 - Software Distribution Service 3.0
RP123: 21/04/2010 01:38:13 - Software Distribution Service 3.0
RP124: 23/04/2010 00:40:51 - System Checkpoint
RP125: 23/04/2010 01:50:16 - Software Distribution Service 3.0
RP126: 24/04/2010 01:25:43 - Software Distribution Service 3.0
RP127: 24/04/2010 08:57:17 - Software Distribution Service 3.0
RP128: 27/04/2010 00:50:35 - Software Distribution Service 3.0
RP129: 28/04/2010 01:08:51 - Software Distribution Service 3.0
RP130: 29/04/2010 00:46:21 - Software Distribution Service 3.0
RP131: 30/04/2010 18:06:07 - Avg Update
RP132: 01/05/2010 01:25:55 - Software Distribution Service 3.0
RP133: 01/05/2010 12:19:35 - Software Distribution Service 3.0
RP134: 01/05/2010 16:18:20 - Software Distribution Service 3.0
RP135: 01/05/2010 22:47:58 - RegCure Backup
RP136: 02/05/2010 03:00:30 - Software Distribution Service 3.0
RP137: 02/05/2010 03:04:58 - Software Distribution Service 3.0
RP138: 03/05/2010 02:16:12 - Software Distribution Service 3.0
RP139: 04/05/2010 02:05:23 - Software Distribution Service 3.0
RP140: 05/05/2010 02:09:57 - Software Distribution Service 3.0
RP141: 06/05/2010 18:06:47 - Avg Update
RP142: 07/05/2010 01:53:34 - Software Distribution Service 3.0
RP143: 08/05/2010 02:32:33 - Software Distribution Service 3.0
RP144: 08/05/2010 12:36:32 - Removed Google Earth.
RP145: 09/05/2010 03:00:35 - Software Distribution Service 3.0
RP146: 10/05/2010 01:11:37 - Software Distribution Service 3.0
RP147: 10/05/2010 20:38:28 - Installed iPod for Windows 2005-06-26
RP148: 11/05/2010 00:51:06 - Software Distribution Service 3.0
RP149: 11/05/2010 19:25:11 - Unsigned printer driver HP PSC 1400 series installed.
RP150: 12/05/2010 01:21:36 - Software Distribution Service 3.0
RP151: 14/05/2010 00:53:14 - System Checkpoint
RP152: 14/05/2010 01:09:02 - Software Distribution Service 3.0
RP153: 15/05/2010 02:18:05 - Software Distribution Service 3.0
RP154: 16/05/2010 01:11:01 - Software Distribution Service 3.0
RP155: 17/05/2010 00:59:35 - Software Distribution Service 3.0
RP156: 18/05/2010 01:15:50 - System Checkpoint
RP157: 18/05/2010 01:22:33 - Software Distribution Service 3.0
RP158: 19/05/2010 01:31:49 - Software Distribution Service 3.0
RP159: 22/05/2010 21:25:58 - RegCure Backup
RP160: 23/05/2010 01:23:50 - Software Distribution Service 3.0
RP161: 24/05/2010 01:07:17 - Software Distribution Service 3.0

==== Installed Programs ======================

1400
1400_Help
1400Trb
ABC Amber Audio Converter
Adobe Flash Player 10 ActiveX
Adobe Reader 8.2.0
AiO_Scan
AiOSoftware
Amazon MP3 Downloader 1.0.9
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Athlon 64 Processor Driver
ATI Display Driver
µTorrent
AVG 9.0
Bonjour
BufferChm
CCleaner (remove only)
Compaq Presario r4000 User Guides
Conexant AC-Link Audio
Copy
CP_AtenaShokunin1Config
cp_dwShrek2Albums1
cp_dwShrek2Cards1
CreativeProjects
CreativeProjectsTemplates
CueTour
Data Fax SoftModem with SmartCP
Destinations
Director
DocProc
DocumentViewer
ERUNT 1.1j
Fax
Google Chrome
Google Earth
Google Talk (remove only)
Google Toolbar for Internet Explorer
Google Update Helper
Google Updater
Hotfix for Windows XP (KB926239)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB976002-v5)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
HP Help and Support
HP Image Zone 4.7
HP Pavillion zv6000 User Guides
HP Product Assistant
HP PSC & OfficeJet 4.7
HP Update
HP Wireless Assistant 1.01 A3
HPSystemDiagnostics
InstantShare
iPod for Windows 2005-06-26
iPod for Windows 2006-01-10
iTunes
K-Lite Codec Pack 5.6.1 (Basic)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB953297)
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Office Standard Edition 2003
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
MSXML 4.0 SP2 (KB973688)
MSXML 6 Service Pack 2 (KB973686)
NETGEAR WG511v2 wireless PC card
OpenMG Secure Module 4.3.00
PanoStandAlone
PhotoGallery
Picasa 3
ProductContext
QFolder
Quick Launch Buttons 5.10 B3
QuickTime
Readme
RegCure
Scan
ScannerCopy
Security Update for CAPICOM (KB931906)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Media Player (KB973540)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB944338-v2)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958470)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371-v2)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971032)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974455)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB976325)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB980232)
SkinsHP1
Sky Broadband
Spotify
Super Collapse! II
Switch Sound File Converter
Synaptics Pointing Device Driver
Texas Instruments PCIxx21/x515 drivers.
TIxx21
TrayApp
Unload
Update for Windows Internet Explorer 8 (KB975364)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows XP (KB955759)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update for Windows XP (KB976749)
UserGuides
WebFldrs XP
WebReg
Winamp Toolbar for Firefox
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray
Windows Genuine Advantage Notifications (KB905474)
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 8
Windows Live Mail
Windows Media Format 11 runtime
Windows Media Player 11
WinRAR archiver

==== Event Viewer Messages From Past Week ========

22/05/2010 18:49:03, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the stisvc service.
22/05/2010 14:38:25, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: avgio
22/05/2010 14:38:07, error: Service Control Manager [7023] - The SSHNAS service terminated with the following error: The system cannot find the file specified.
22/05/2010 14:38:07, error: Service Control Manager [7000] - The Avira AntiVir Scheduler service failed to start due to the following error: The system cannot find the path specified.
22/05/2010 14:38:07, error: Service Control Manager [7000] - The Avira AntiVir Guard service failed to start due to the following error: The system cannot find the path specified.
19/05/2010 01:32:28, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x8007f0f4: Security Update for Windows XP (KB979683).
18/05/2010 17:59:17, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the iPod Service service to connect.
18/05/2010 17:59:17, error: Service Control Manager [7000] - The iPod Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
18/05/2010 17:59:17, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service iPod Service with arguments "" in order to run the server: {063D34A4-BF84-4B8D-B699-E8CA06504DDE}

==== End Of File ===========================
DDS (Ver_10-03-17.01) - NTFSx86
Run by Graham Davies at 0:01:37.07 on 25/05/2010
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.2.1252.44.1033.18.510.48 [GMT 1:00]

AV: AVG Internet Security *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: AntiVir Desktop *On-access scanning enabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\RegCure\RegCure.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\btbb_wcm\McciTrayApp.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\Program Files\AVG\AVG9\avgam.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\PROGRA~1\BTBROA~2\SMARTB~1\BTHelpNotifier.exe
C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Google\Google Talk\googletalk.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AVG\AVG9\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\NETGEAR\WG511v2\WG511v2.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Program Files\HPQ\Shared\hpqwmi.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\uTorrent\uTorrent.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Graham Davies.GRAHAM-0976B11A\Local Settings\Temporary Internet Files\Content.IE5\WXG86E2T\dds[1].com

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com
uSearch Page = hxxp://www.google.com
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uDefault_Search_URL = hxxp://www.google.com/ie
uSearch Bar = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = 127.0.0.1;*.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg9\avgssie.dll
BHO: {a057a204-bacc-4d26-9990-79a187e2698e} - AVG Security Toolbar
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.5.4723.1820\swg.dll
TB: AVG Security Toolbar: {a057a204-bacc-4d26-9990-79a187e2698e} -
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File
uRun: [googletalk] "c:\program files\google\google talk\googletalk.exe" /autostart
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [uTorrent] "c:\program files\utorrent\uTorrent.exe"
mRun: [Cpqset] c:\program files\hpq\default settings\cpqset.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [SynTPLpr] c:\program files\synaptics\syntp\SynTPLpr.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [eabconfg.cpl] c:\program files\hpq\quick launch buttons\EabServr.exe /Start
mRun: [hpWirelessAssistant] c:\program files\hpq\hp wireless assistant\HP Wireless Assistant.exe
mRun: [btbb_wcm_McciTrayApp] c:\program files\btbb_wcm\McciTrayApp.exe
mRun: [AVG9_TRAY] c:\progra~1\avg\avg9\avgtray.exe
mRun: [Motive SmartBridge] c:\progra~1\btbroa~2\smartb~1\BTHelpNotifier.exe
mRun: [Google Quick Search Box] "c:\program files\google\quick search box\GoogleQuickSearchBox.exe" /autorun
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [WinampAgent] "c:\program files\winamp\winampa.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
dRunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
IE: {08E730A4-FB02-45BD-A900-01E4AD8016F6} - http://www.sky.com
IE: {53F6FCCD-9E22-4d71-86EA-6E43136192AB}
IE: {925DAB62-F9AC-4221-806A-057BFB1014AA}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~4\office11\REFIEBAR.DLL
DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} - file:///C:/Program%20Files/Super%20Collapse!%20II/Images/stg_drm.ocx
DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} - hxxps://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos-beta/OnlineScanner.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - hxxp://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab
DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} - file:///C:/Program%20Files/Super%20Collapse!%20II/Images/armhelper.ocx
DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} - hxxp://skyonline.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: {73B5FFDD-5DC2-4C35-99B6-521DAF6F6B3B} = 192.168.0.1
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg9\avgpp.dll
Notify: AtiExtEvent - Ati2evxx.dll
Notify: avgrsstarter - avgrsstx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
LSA: Notification Packages = scecli dpryprt.dll

============= SERVICES / DRIVERS ===============

R? AntiVirSchedulerService;Avira AntiVir Scheduler
R? AntiVirService;Avira AntiVir Guard
R? avgio;avgio
R? gupdate;Google Update Service (gupdate)
R? SSHNAS;SSHNAS
S? avg9wd;AVG WatchDog
S? AVGIDSAgent;AVG9IDSAgent
S? AVGIDSDriverxpx;AVG9IDSDriver
S? AVGIDSErHrxpx;AVG9IDSErHr
S? AVGIDSFilterxpx;AVG9IDSFilter
S? AVGIDSShimxpx;AVG9IDSShim
S? AvgLdx86;AVG AVI Loader Driver x86
S? AvgMfx86;AVG On-access Scanner Minifilter Driver x86
S? avgntflt;avgntflt
S? AvgRkx86;avgrkx86.sys
S? AvgTdiX;AVG Network Redirector
S? HSFHWATI;HSFHWATI

=============== Created Last 30 ================


==================== Find3M ====================

2010-04-19 17:41:44 242896 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-04-09 20:48:18 3600384 ----a-w- c:\windows\system32\GPhotos.scr
2010-03-10 06:15:52 420352 ----a-w- c:\windows\system32\vbscript.dll
2010-03-04 18:27:21 12464 ----a-w- c:\windows\system32\avgrsstx.dll
2010-02-26 19:30:01 219136 ----a-w- c:\documents and settings\graham davies.graham-0976b11a\FgYFzJ.exe
2010-02-25 06:24:37 916480 ----a-w- c:\windows\system32\wininet.dll
2007-05-24 14:58:00 249856 ----a-w- c:\windows\inf\wg511v2\InsDrv2k.exe
2006-12-04 11:38:30 53248 ----a-w- c:\windows\inf\wg511v2\snetcfg .exe
2006-12-04 11:38:30 265984 ----a-w- c:\windows\inf\wg511v2\WG511v2XP.sys
2006-12-04 11:38:30 249856 ----a-w- c:\windows\inf\wg511v2\InsDrvlh.exe
2006-12-04 11:38:30 21376 ----a-w- c:\windows\inf\wg511v2\wlndis51.sys
2006-12-04 11:38:30 212992 ----a-w- c:\windows\inf\wg511v2\CopyWHQLDriver.exe
2008-10-04 23:01:51 32768 --sha-w- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008100520081006\index.dat

============= FINISH: 0:03:05.43 ===============

Blade81
2010-05-29, 13:52
IMPORTANT I notice there are signs of one or more P2P (Peer to Peer) File Sharing Programs on your computer.

µTorrent


I'd like you to read this thread (http://forums.spybot.info/showthread.php?t=282).

Please go to Control Panel > Add/Remove Programs and uninstall the programs listed above (in red).


After that:


Please visit this webpage for download links, and instructions for running ComboFix tool:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Please ensure you read this guide carefully first.


Please continue as follows:


Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix, link (http://www.bleepingcomputer.com/forums/topic114351.html)
Remember to re-enable them afterwards.


Click Yes to allow ComboFix to continue scanning for malware.


When the tool is finished, it will produce a report for you.

Please include the following reports for further review, and so we may continue cleansing the system:

C:\ComboFix.txt
New dds log.

A word of warning: Neither I nor sUBs are responsible for any damage you may have caused your machine by running ComboFix. This tool is not a toy and not for everyday use.

Blade81
2010-06-05, 20:22
Due to inactivity, this thread will now be closed.

Note:If it has been three days or more since your last post, and the helper assisting you posted a response to that post to which you did not reply, your topic will not be reopened. At that point, if you still require help, please start a new topic and include a fresh DDS log and a link to your previous thread. Please do not add any logs that might have been requested in the closed topic, you would be starting fresh.

If it has been less than three days since your last response and you need the thread re-opened, please send me or other MOD a private message (pm). A valid, working link to the closed topic is required.