Theres this wierd thing that keeps popping up, its just the adio for what seems to be an online tv show called the daily blabber, and if im playing a game it wil randomly pop up and steal focus from the game and minimize it. I dont know how to fix it but Spy Bot wont find it but i have the Hijack This Logs

Logfile of HijackThis v1.99.1
Scan saved at 4:33:41 PM, on 9/1/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\FileZilla Server\FileZilla Server.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgwb.dat
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\HijackThis\HijackThis.exe

F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: FileZilla Server FTP server (FileZilla Server) - FileZilla Project - C:\Program Files\FileZilla Server\FileZilla Server.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Unknown owner - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe (file missing)
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe

Thanks in advance

Welcome monra55

Two logs
Download and run Silentrunners.Vbs post the log it creates please
http://www.silentrunners.org/sr_scriptuse.html click no to not skip the suplimentry searchs
Wait until there is a All Done message !!, Then open and post the log next to it.
Your antivirus script protection might interfear or alert, please allow it to run after a bit box will say done.


Post a combofix log
1. Download this file - combofix.exe
http://download.bleepingcomputer.com/sUBs/combofix.exe
2. Double click combofix.exe & follow the prompts.
3. When finished, it shall produce a log for you. Post that log in your next reply
Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall
If the log is large You might need to post half in one reply half in another.

"Silent Runners.vbs", revision 48, http://www.silentrunners.org/
Operating System: Windows XP SP2
Output limited to non-default values, except where indicated by "{++}"


Startup items buried in registry:
---------------------------------

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\
"{D0A022BC-0897-1033-0908-040518050001}" = ""C:\Program Files\Common Files\{D0A022BC-0897-1033-0908-040518050001}\Update.exe" mc-110-12-0000140" [file not found]

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}
"AIM" = "C:\Program Files\AIM\aim.exe -cnetwait.odl" ["America Online, Inc."]
"Steam" = ""c:\program files\steam\steam.exe" -silent" ["Valve Corporation"]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}
"AVG7_CC" = "C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP" ["GRISOFT, s.r.o."]

HKLM\Software\Microsoft\Active Setup\Installed Components\
>{26923b43-4d38-484f-9b9e-de460746276c}\(Default) = "Internet Explorer"
\StubPath = "C:\WINDOWS\system32\shmgrate.exe OCInstallUserConfigIE" [MS]
>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}\(Default) = "Outlook Express"
\StubPath = "C:\WINDOWS\system32\shmgrate.exe OCInstallUserConfigOE" [MS]

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\
"{42071714-76d4-11d1-8b24-00a0c9068ff3}" = "Display Panning CPL Extension"
-> {HKLM...CLSID} = "Display Panning CPL Extension"
\InProcServer32\(Default) = "deskpan.dll" [file not found]
"{88895560-9AA2-1069-930E-00AA0030EBC8}" = "HyperTerminal Icon Ext"
-> {HKLM...CLSID} = "HyperTerminal Icon Ext"
\InProcServer32\(Default) = "C:\WINDOWS\system32\hticons.dll" ["Hilgraeve, Inc."]
"{21569614-B795-46b1-85F4-E737A8DC09AD}" = "Shell Search Band"
-> {HKLM...CLSID} = "Shell Search Band"
\InProcServer32\(Default) = "C:\WINDOWS\system32\browseui.dll" [MS]
"{5E2121EE-0300-11D4-8D3B-444553540000}" = "Catalyst Context Menu extension"
-> {HKLM...CLSID} = "SimpleShlExt Class"
\InProcServer32\(Default) = "C:\Program Files\ATI Technologies\ATI.ACE\atiacmxx.dll" [empty string]
"{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF}" = "iTunes"
-> {HKLM...CLSID} = "iTunes"
\InProcServer32\(Default) = "C:\Program Files\iTunes\iTunesMiniPlayer.dll" ["Apple Computer, Inc."]
"{00DF1F20-0849-A4D1-0239-00D0AF3E9CB0}" = "TuneUp Shredder Shell Context Menu Extension"
-> {HKLM...CLSID} = "TuneUp Shredder Shell Context Menu Extension"
\InProcServer32\(Default) = ""C:\Program Files\TuneUp Utilities 2006\sdshelex.dll"" ["TuneUp Software GmbH"]
"{B41DB860-8EE4-11D2-9906-E49FADC173CA}" = "WinRAR shell extension"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]
"{42042206-2D85-11D3-8CFF-005004838597}" = "Microsoft Office HTML Icon Handler"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\Program Files\Microsoft Office\Office10\msohev.dll" [MS]
"{400CFEE2-39D0-46DC-96DF-E0BB5A4324B3}" = "My Logitech Pictures"
-> {HKLM...CLSID} = "My Logitech Pictures"
\InProcServer32\(Default) = "C:\Program Files\Logitech\Video\Namespc2.dll" ["Logitech Inc."]
"{EFA24E62-B078-11d0-89E4-00C04FC9E26E}" = "History Band"
-> {HKLM...CLSID} = "History Band"
\InProcServer32\(Default) = "C:\WINDOWS\system32\shdocvw.dll" [MS]
"{53578D6F-540D-4F6B-886B-FE7CA2E77698}" = (no title provided)
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\WINDOWS\system32\sbredir.dll" [file not found]
"{FD6530B0-9DFA-4AE7-AD6E-CF644E630258}" = (no title provided)
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\WINDOWS\system32\mdvidctl.dll" [file not found]
"{67BA9B5A-AAA2-49C9-A1B9-498B43808D74}" = (no title provided)
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\WINDOWS\system32\kkdpl.dll" [file not found]
"{29193A91-AA44-49A9-ACE2-6095B57D2219}" = (no title provided)
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\WINDOWS\system32\guard.tmp" [file not found]
"{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}" = "AVG7 Shell Extension"
-> {HKLM...CLSID} = "AVG7 Shell Extension Class"
\InProcServer32\(Default) = "C:\Program Files\Grisoft\AVG Free\avgse.dll" ["GRISOFT, s.r.o."]
"{9F97547E-460A-42C5-AE0C-81C61FFAEBC3}" = "AVG7 Find Extension"
-> {HKLM...CLSID} = "AVG7 Find Extension Class"
\InProcServer32\(Default) = "C:\Program Files\Grisoft\AVG Free\avgse.dll" ["GRISOFT, s.r.o."]
"{32020A01-506E-484D-A2A8-BE3CF17601C3}" = "AlcoholShellEx"
-> {HKLM...CLSID} = "AlcoholShellEx"
\InProcServer32\(Default) = "C:\PROGRA~1\ALCOHO~1\ALCOHO~1\AXShlEx.dll" ["Alcohol Soft Development Team"]
"{2B3453E4-49DF-11D3-8229-0080BE509050}" = "GMail Drive"
-> {HKLM...CLSID} = "GMail Drive"
\InProcServer32\(Default) = "C:\WINDOWS\system32\ShellExt\GMailFS.dll" ["Bjarke Viksoe"]
"{2B3453E4-49DF-11D3-8229-0080BE509052}" = "GMailFS Property Sheet"
-> {HKLM...CLSID} = "GMailFS Property Sheet"
\InProcServer32\(Default) = "C:\WINDOWS\system32\ShellExt\GMailFS.dll" ["Bjarke Viksoe"]
"{2B3453E4-49DF-11D3-8229-0080BE509054}" = "GMailFS Drop Handler"
-> {HKLM...CLSID} = "GMailFS Drop Handler"
\InProcServer32\(Default) = "C:\WINDOWS\system32\ShellExt\GMailFS.dll" ["Bjarke Viksoe"]
"{2B3453E4-49DF-11D3-8229-0080BE509056}" = "GMailFS Context Menu"
-> {HKLM...CLSID} = "GMailFS Context Menu"
\InProcServer32\(Default) = "C:\WINDOWS\system32\ShellExt\GMailFS.dll" ["Bjarke Viksoe"]
"{640167b4-59b0-47a6-b335-a6b3c0695aea}" = "Portable Media Devices"
-> {HKLM...CLSID} = "Portable Media Devices"
\InProcServer32\(Default) = "C:\WINDOWS\system32\Audiodev.dll" [MS]
"{35786D3C-B075-49b9-88DD-029876E11C01}" = "Portable Devices"
-> {HKLM...CLSID} = "Portable Devices"
\InProcServer32\(Default) = "C:\WINDOWS\system32\wpdshext.dll" [MS]
"{D6791A63-E7E2-4fee-BF52-5DED8E86E9B8}" = "Portable Devices Menu"
-> {HKLM...CLSID} = "Portable Devices Menu"
\InProcServer32\(Default) = "C:\WINDOWS\system32\wpdshext.dll" [MS]

HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\
"WPDShServiceObj" = "{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"
-> {HKLM...CLSID} = "WPDShServiceObj Class"
\InProcServer32\(Default) = "C:\WINDOWS\system32\WPDShServiceObj.dll" [MS]

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\
"AppInit_DLLs" = (value not set)

HKLM\Software\Classes\Folder\shellex\ColumnHandlers\
{F9DB5320-233E-11D1-9F84-707F02C10627}\(Default) = "PDF Column Info"
-> {HKLM...CLSID} = "PDF Shell Extension"
\InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll" ["Adobe Systems, Inc."]

HKLM\Software\Classes\*\shellex\ContextMenuHandlers\
AVG7 Shell Extension\(Default) = "{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}"
-> {HKLM...CLSID} = "AVG7 Shell Extension Class"
\InProcServer32\(Default) = "C:\Program Files\Grisoft\AVG Free\avgse.dll" ["GRISOFT, s.r.o."]
TuneUp Shredder\(Default) = "{00DF1F20-0849-A4D1-0239-00D0AF3E9CB0}"
-> {HKLM...CLSID} = "TuneUp Shredder Shell Context Menu Extension"
\InProcServer32\(Default) = ""C:\Program Files\TuneUp Utilities 2006\sdshelex.dll"" ["TuneUp Software GmbH"]
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]

HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\
TuneUp Shredder\(Default) = "{00DF1F20-0849-A4D1-0239-00D0AF3E9CB0}"
-> {HKLM...CLSID} = "TuneUp Shredder Shell Context Menu Extension"
\InProcServer32\(Default) = ""C:\Program Files\TuneUp Utilities 2006\sdshelex.dll"" ["TuneUp Software GmbH"]
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]

HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\
AVG7 Shell Extension\(Default) = "{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}"
-> {HKLM...CLSID} = "AVG7 Shell Extension Class"
\InProcServer32\(Default) = "C:\Program Files\Grisoft\AVG Free\avgse.dll" ["GRISOFT, s.r.o."]
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]


Active Desktop and Wallpaper:
-----------------------------

Active Desktop is enabled at this entry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState

HKCU\Software\Microsoft\Internet Explorer\Desktop\General\
"Wallpaper" = "C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Wallpaper1.bmp"

Active Desktop web content:

HKCU\Software\Microsoft\Internet Explorer\Desktop\Components\0\
"FriendlyName" = ""
"Source" = "C:\Program Files\Windows NT\kyheheb.html"
"SubscribedURL" = ""


Enabled Screen Saver:
---------------------

HKCU\Control Panel\Desktop\

HKCU\Software\Microsoft\Internet Explorer\Desktop\Components\1\
"SCRNSAVE.EXE" = "C:\WINDOWS\system32\logon.scr" [MS]


Enabled Scheduled Tasks:
------------------------

"1-Click Maintenance" -> launches: "C:\Program Files\TuneUp Utilities 2006\SystemOptimizer.exe /schedulestart" ["TuneUp Software GmbH"]


Winsock2 Service Provider DLLs:
-------------------------------

Namespace Service Providers

HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}
000000000001\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]
000000000002\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS]
000000000003\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]

Transport Service Providers

HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}
0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:
%SystemRoot%\system32\mswsock.dll [MS], 01 - 03, 06 - 15
%SystemRoot%\system32\rsvpsp.dll [MS], 04 - 05


Miscellaneous IE Hijack Points
------------------------------

HKLM\Software\Microsoft\Internet Explorer\AboutURLs\

Missing lines (compared with English-language version):
HIJACK WARNING! "TuneUp" = "file://C|/Documents and Settings/All Users/Application Data/TuneUp Software/Common/base.css" [file not found]


Running Services (Display Name, Service Name, Path {Service DLL}):
------------------------------------------------------------------

Ati HotKey Poller, Ati HotKey Poller, "C:\WINDOWS\system32\Ati2evxx.exe" ["ATI Technologies Inc."]
AVG E-mail Scanner, AVGEMS, "C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe" ["GRISOFT, s.r.o."]
AVG7 Alert Manager Server, Avg7Alrt, "C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe" ["GRISOFT, s.r.o."]
AVG7 Update Service, Avg7UpdSvc, "C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe" ["GRISOFT, s.r.o."]
Cyberlink RichVideo Service(CRVS), RichVideo, ""C:\Program Files\CyberLink\Shared files\RichVideo.exe"" [empty string]
FileZilla Server FTP server, FileZilla Server, "C:\Program Files\FileZilla Server\FileZilla Server.exe" ["FileZilla Project"]
iPodService, iPodService, "C:\Program Files\iPod\bin\iPodService.exe" ["Apple Computer, Inc."]


----------
+ This report excludes default entries except where indicated.
+ To see *everywhere* the script checks and *everything* it finds,
launch it from a command prompt or a shortcut with the -all parameter.
+ To search all directories of local fixed drives for DESKTOP.INI
DLL launch points and all Registry CLSIDs for dormant Explorer Bars,
use the -supp parameter or answer "No" at the first message box.
---------- (total run time: 25 seconds, including 8 seconds for message boxes)

eridani - 06-09-08 20:54:42.93
ComboFix 06.09.07 - Running from: C:\Documents and Settings\eridani\Desktop\Anti-Virus

Microsoft Windows XP [Version 5.1.2600]

(((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


C:\WINDOWS\keyboard1.dat
C:\WINDOWS\system32\aaa00000.sys
C:\WINDOWS\system32\BattyRun.dll
C:\WINDOWS\system32\tsuninst.exe
C:\WINDOWS\system32\VSL03.exe
C:\WINDOWS\system32\WinNB58.dll
C:\WINDOWS\justin.exe
C:\WINDOWS\pf78.exe
C:\WINDOWS\thiselt.exe
C:\Program Files\outlook
C:\Program Files\winupdates


((((((((((((((((((((((((((((((( Files Created from 2006-08-08 to 2006-09-08 ))))))))))))))))))))))))))))))))))


2006-08-25 14:34 233,472 C:\WINDOWS\system32REX Shared Library.dll
2006-08-25 14:34 225,280 --a------ C:\WINDOWS\system32\ReWire.dll
2006-08-24 22:30 790,016 --------- C:\WINDOWS\system32\WMVSENCD.dll
2006-08-24 22:30 656,896 --------- C:\WINDOWS\system32\WMVXENCD.dll
2006-08-24 22:30 611,840 --------- C:\WINDOWS\system32\wmpmde.dll
2006-08-24 22:30 532,992 --------- C:\WINDOWS\system32\wmdrmsdk.dll
2006-08-24 22:30 316,928 --------- C:\WINDOWS\system32\MP4SDECD.dll
2006-08-24 22:30 305,152 --------- C:\WINDOWS\system32\MSDelta.dll
2006-08-24 22:30 295,424 --------- C:\WINDOWS\system32\wmpeffects.dll
2006-08-24 22:30 284,160 --------- C:\WINDOWS\system32\PortableDeviceApi.dll
2006-08-24 22:30 259,072 --------- C:\WINDOWS\system32\MPG4DECD.dll
2006-08-24 22:30 258,560 --------- C:\WINDOWS\system32\MP43DECD.dll
2006-08-24 22:30 211,968 --------- C:\WINDOWS\system32\MFPLAT.dll
2006-08-24 22:30 2,589,184 --------- C:\WINDOWS\system32\WpdShext.dll
2006-08-24 22:30 198,144 --------- C:\WINDOWS\system32\PortableDeviceWMDRM.dll
2006-08-24 22:30 166,912 --------- C:\WINDOWS\system32\PortableDeviceTypes.dll
2006-08-24 22:30 133,120 --------- C:\WINDOWS\system32\WPDShServiceObj.dll
2006-08-24 22:30 132,096 --------- C:\WINDOWS\system32\PortableDeviceWiaCompat.dll
2006-08-24 22:30 130,048 --------- C:\WINDOWS\system32\wmpps.dll
2006-08-24 22:30 101,888 --------- C:\WINDOWS\system32\PortableDeviceClassExtension.dll
2006-08-24 22:30 1,539,584 --------- C:\WINDOWS\system32\WMVDECOD.dll
2006-08-24 22:30 1,532,416 --------- C:\WINDOWS\system32\WMVENCOD.dll
2006-08-24 22:30 1,392,128 --------- C:\WINDOWS\system32\WMVSDECD.dll
2006-08-24 20:27 249,344 --------- C:\WINDOWS\system32\drmupgds.exe
2006-08-24 20:26 95,288 --------- C:\WINDOWS\system32\WUDFCoinstaller.dll
2006-08-24 20:26 17,408 --------- C:\WINDOWS\system32\wpdshextautoplay.exe
2006-08-24 19:19 316,416 --------- C:\WINDOWS\system32\WUDFx.dll
2006-08-24 19:19 145,920 --------- C:\WINDOWS\system32\WudfHost.exe
2006-08-24 19:18 56,320 --------- C:\WINDOWS\system32\WudfSvc.dll
2006-08-24 19:18 168,448 --------- C:\WINDOWS\system32\WudfPlatform.dll


(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


2006-09-08 20:52 -------- d-------- C:\Program Files\Mozilla Firefox
2006-09-08 20:51 -------- d-------- C:\Program Files\mIRC
2006-09-08 20:37 -------- d-------- C:\Program Files\Steam
2006-09-04 21:23 -------- d-------- C:\Documents and Settings\eridani\Application Data\Aim
2006-09-04 21:11 -------- d-------- C:\Program Files\Windows Media Player
2006-09-04 21:11 -------- d-------- C:\Program Files\Windows Media Connect 2
2006-09-01 16:33 -------- d-------- C:\Program Files\HijackThis
2006-09-01 16:26 -------- d-a------ C:\Program Files\Common Files
2006-08-31 23:04 -------- d-------- C:\Documents and Settings\eridani\Application Data\uTorrent
2006-08-27 18:53 -------- d-------- C:\Program Files\Call of Duty
2006-08-26 12:19 -------- d-------- C:\Documents and Settings\eridani\Application Data\Propellerhead Software
2006-08-26 12:11 -------- d-------- C:\Program Files\Propellerhead
2006-08-25 14:34 233472 --a------ C:\WINDOWS\system32\REX Shared Library.dll
2006-08-25 14:05 223128 --a------ C:\WINDOWS\system32\drivers\vaxscsi.sys
2006-08-25 14:05 -------- d-------- C:\Program Files\Alcohol Soft
2006-08-24 22:42 8704 --a------ C:\WINDOWS\system32\wdfmgr.exe
2006-08-24 22:42 8704 --a------ C:\WINDOWS\system32\uwdf.exe
2006-08-24 22:30 99840 --a------ C:\WINDOWS\system32\wmpshell.dll
2006-08-24 22:30 990208 --a------ C:\WINDOWS\system32\drmv2clt.dll
2006-08-24 22:30 937984 --a------ C:\WINDOWS\system32\wmnetmgr.dll
2006-08-24 22:30 8337920 --a------ C:\WINDOWS\system32\wmploc.dll
2006-08-24 22:30 757248 --a------ C:\WINDOWS\system32\WMADMOD.dll
2006-08-24 22:30 7168 --a------ C:\WINDOWS\system32\asferror.dll
2006-08-24 22:30 63488 --a------ C:\WINDOWS\system32\wpdmtpus.dll
2006-08-24 22:30 629760 --a------ C:\WINDOWS\system32\wpd_ci.dll
2006-08-24 22:30 603648 --a------ C:\WINDOWS\system32\WMSPDMOD.dll
2006-08-24 22:30 537600 --a------ C:\WINDOWS\system32\blackbox.dll
2006-08-24 22:30 428032 --a------ C:\WINDOWS\system32\wmdrmdev.dll
2006-08-24 22:30 414208 --a------ C:\WINDOWS\system32\msscp.dll
2006-08-24 22:30 4096 --a------ C:\WINDOWS\system32\wmvdmoe2.dll
2006-08-24 22:30 4096 --a------ C:\WINDOWS\system32\wmvdmod.dll
2006-08-24 22:30 4096 --a------ C:\WINDOWS\system32\WMVADVE.DLL
2006-08-24 22:30 4096 --a------ C:\WINDOWS\system32\WMVADVD.dll
2006-08-24 22:30 4096 --a------ C:\WINDOWS\system32\wmsdmoe2.dll
2006-08-24 22:30 4096 --a------ C:\WINDOWS\system32\wmsdmod.dll
2006-08-24 22:30 4096 --a------ C:\WINDOWS\system32\wdfapi.dll
2006-08-24 22:30 4096 --a------ C:\WINDOWS\system32\MPG4DMOD.dll
2006-08-24 22:30 4096 --a------ C:\WINDOWS\system32\MP4SDMOD.dll
2006-08-24 22:30 4096 --a------ C:\WINDOWS\system32\MP43DMOD.dll
2006-08-24 22:30 37376 --a------ C:\WINDOWS\system32\wmdmps.dll
2006-08-24 22:30 35840 --a------ C:\WINDOWS\system32\wpdconns.dll
2006-08-24 22:30 349184 --a------ C:\WINDOWS\system32\wpdsp.dll
2006-08-24 22:30 347648 --a------ C:\WINDOWS\system32\wmdrmnet.dll
2006-08-24 22:30 33792 --a------ C:\WINDOWS\system32\wmdmlog.dll
2006-08-24 22:30 320512 --a------ C:\WINDOWS\system32\mswmdm.dll
2006-08-24 22:30 314368 --a------ C:\WINDOWS\system32\wmpdxm.dll
2006-08-24 22:30 276480 --a------ C:\WINDOWS\system32\audiodev.dll
2006-08-24 22:30 27648 --a------ C:\WINDOWS\system32\mspmsnsv.dll
2006-08-24 22:30 2450944 --a------ C:\WINDOWS\system32\wmvcore.dll
2006-08-24 22:30 242176 --a------ C:\WINDOWS\system32\wmpasf.dll
2006-08-24 22:30 228352 --a------ C:\WINDOWS\system32\cewmdm.dll
2006-08-24 22:30 227328 --a------ C:\WINDOWS\system32\wmerror.dll
2006-08-24 22:30 222208 --a------ C:\WINDOWS\system32\wmasf.dll
2006-08-24 22:30 210432 --a------ C:\WINDOWS\system32\qasf.dll
2006-08-24 22:30 204800 --a------ C:\WINDOWS\system32\wmpsrcwp.dll
2006-08-24 22:30 179712 --a------ C:\WINDOWS\system32\msnetobj.dll
2006-08-24 22:30 175104 --a------ C:\WINDOWS\system32\mspmsp.dll
2006-08-24 22:30 1660416 --a------ C:\WINDOWS\system32\wmpencen.dll
2006-08-24 22:30 157184 --a------ C:\WINDOWS\system32\wmidx.dll
2006-08-24 22:30 154624 --a------ C:\WINDOWS\system32\wpdmtp.dll
2006-08-24 22:30 1327616 --a------ C:\WINDOWS\system32\WMSPDMOE.dll
2006-08-24 22:30 11264 --a------ C:\WINDOWS\system32\LAPRXY.dll
2006-08-24 22:30 1118208 --a------ C:\WINDOWS\system32\WMADMOE.dll
2006-08-24 20:31 100864 --a------ C:\WINDOWS\system32\logagent.exe
2006-08-24 20:26 38656 --a------ C:\WINDOWS\system32\drivers\wpdusb.sys
2006-08-24 19:22 90112 --------- C:\WINDOWS\system32\drivers\WudfRd.sys
2006-08-24 19:18 84864 --------- C:\WINDOWS\system32\drivers\WudfPf.sys
2006-08-24 17:29 96256 --a------ C:\WINDOWS\system32\drivers\sptd8733.sys
2006-08-24 17:29 642560 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2006-08-20 17:40 -------- d-------- C:\Program Files\Online Services
2006-08-20 17:08 777472 --a------ C:\WINDOWS\system32\drivers\avg7core.sys
2006-08-20 17:08 4992 --a------ C:\WINDOWS\system32\drivers\avgtdi.sys
2006-08-20 17:08 4288 --a------ C:\WINDOWS\system32\drivers\avg7rsw.sys
2006-08-20 17:08 27904 --a------ C:\WINDOWS\system32\drivers\avg7rsxp.sys
2006-08-20 17:08 23424 --a------ C:\WINDOWS\system32\drivers\avgmfrs.sys
2006-08-20 17:08 -------- d---s---- C:\Documents and Settings\eridani\Application Data\Microsoft
2006-08-20 17:08 -------- d-------- C:\Program Files\Grisoft
2006-08-20 17:08 -------- d-------- C:\Documents and Settings\eridani\Application Data\AVG7
2006-08-20 14:48 -------- d-------- C:\Program Files\Common Files\Wise Installation Wizard
2006-08-15 00:33 -------- d-------- C:\Program Files\Shutterfly
2006-08-15 00:17 -------- d-------- C:\Program Files\FileZilla Server
2006-08-13 03:01 -------- d-------- C:\Program Files\Internet Explorer
2006-08-13 02:01 -------- d-------- C:\Program Files\Nofeel FTP Server
2006-08-13 01:52 -------- d-------- C:\Program Files\FileZilla
2006-08-13 01:51 -------- d-------- C:\Documents and Settings\eridani\Application Data\Nofeel FTP Server
2006-08-11 20:14 22752 --a------ C:\WINDOWS\system32\spupdsvc.exe
2006-07-28 02:51 -------- d-------- C:\Program Files\iPod
2006-07-28 01:34 -------- d--h----- C:\Program Files\InstallShield Installation Information
2006-07-27 08:24 679424 --a------ C:\WINDOWS\system32\inetcomm.dll
2006-07-25 19:51 -------- d-------- C:\Program Files\DivX
2006-07-21 03:24 72704 --a------ C:\WINDOWS\system32\hlink.dll
2006-07-20 03:36 -------- d-------- C:\Program Files\VTFEdit
2006-07-20 03:20 -------- d-------- C:\Program Files\WinRAR
2006-07-20 03:01 -------- d-------- C:\Program Files\Advanced GIF Animator
2006-07-18 22:13 1063 --a------ C:\WINDOWS\system32\tjzcd5f2.sys
2006-07-18 22:04 32768 --a------ C:\WINDOWS\evklgzlb.exe
2006-07-18 21:46 2560 --a------ C:\WINDOWS\_MSRSTRT.EXE
2006-07-18 21:45 69632 --a------ C:\WINDOWS\system32\ghcaepdc.dll
2006-07-18 21:45 69632 --a------ C:\WINDOWS\system32\ejnbglaj.dll
2006-07-18 21:45 61440 --a------ C:\WINDOWS\system32\tjzcd5f2.dll
2006-07-18 21:45 235134 --a------ C:\WINDOWS\srvchflymp.exe
2006-07-18 21:45 184829 --a------ C:\WINDOWS\srvjucvjga.exe
2006-07-18 21:45 0 --a------ C:\Documents and Settings\eridani\Application Data\internaldb41.dat
2006-07-18 21:45 -------- d-------- C:\Program Files\Windows NT
2006-07-18 21:44 8464 --a------ C:\WINDOWS\system32\sporder.dll
2006-07-16 09:40 15781 --a------ C:\WINDOWS\system32\drivers\mdc8021x.sys
2006-07-16 09:39 -------- d-------- C:\Program Files\Belkin
2006-07-10 23:08 -------- d-------- C:\Program Files\Google
2006-07-03 16:40 778240 --a------ C:\WINDOWS\system32\divx_xx0c.dll
2006-07-03 16:40 778240 --a------ C:\WINDOWS\system32\divx_xx07.dll
2006-07-03 16:40 761856 --a------ C:\WINDOWS\system32\divx_xx11.dll
2006-07-03 16:40 620180 --a------ C:\WINDOWS\system32\DivX.dll
2006-06-21 14:44 109568 --------- C:\WINDOWS\system32\pxinsi64.exe
2006-06-21 14:44 108544 --------- C:\WINDOWS\system32\pxcpyi64.exe
2006-06-21 05:49 53248 --a------ C:\WINDOWS\system32\dpuGUI10.dll
2006-06-21 05:43 520192 --a------ C:\WINDOWS\system32\DivXsm.exe
2006-06-21 05:43 3596288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2006-06-21 05:42 200704 --a------ C:\WINDOWS\system32\ssldivx.dll
2006-06-21 05:42 1044480 --a------ C:\WINDOWS\system32\libdivx.dll
2006-06-21 05:34 90112 --a------ C:\WINDOWS\system32\dpl100.dll
2006-06-21 05:34 593920 --a------ C:\WINDOWS\system32\dpuGUI11.dll
2006-06-21 05:34 57344 --a------ C:\WINDOWS\system32\dpv11.dll
2006-06-21 05:34 344064 --a------ C:\WINDOWS\system32\dpus11.dll
2006-06-21 05:34 294912 --a------ C:\WINDOWS\system32\dpu11.dll
2006-06-21 05:34 294912 --a------ C:\WINDOWS\system32\dpu10.dll
2006-06-21 05:34 200704 --a------ C:\WINDOWS\system32\dtu100.dll
2006-06-21 05:33 12288 --a------ C:\WINDOWS\system32\DivXWMPExtType.dll
2006-06-21 05:33 118784 --a------ C:\WINDOWS\system32\DivXCodecUpdateChecker.exe


(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVG7_CC"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgcc.exe /STARTUP"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
"Installed"="1"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AIM"="C:\\Program Files\\AIM\\aim.exe -cnetwait.odl"
"Steam"="\"c:\\program files\\steam\\steam.exe\" -silent"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
"NoActiveDesktopChanges"=dword:00000000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
"DisableTaskMgr"=dword:00000000

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
"NoActiveDesktop"=dword:00000000
"NoSaveSettings"=dword:00000000
"ClassicShell"=dword:00000000
"NoThemesTab"=dword:00000000
"ForceActiveDesktopOn"=dword:00000000

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\Run]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system]
"NoColorChoice"=dword:00000000
"NoSizeChoice"=dword:00000000
"NoDispScrSavPage"=dword:00000000
"NoDispCPL"=dword:00000000
"NoVisualStyleChoice"=dword:00000000
"NoDispSettingsPage"=dword:00000000
"NoDispAppearancePage"=dword:00000000
"NoDispBackgroundPage"=dword:00000000

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000000

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="C:\\Program Files\\Windows NT\\kyheheb.html"
"SubscribedURL"=""
"FriendlyName"=""
"Flags"=dword:00002000
"Position"=hex:2c,00,00,00,64,00,00,00,64,00,00,00,58,02,00,00,c8,00,00,00,e8,\
03,00,00,00,00,00,00,00,00,00,00,00,00,00,00,14,00,00,00,14,00,00,00
"CurrentState"=hex:01,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,64,00,00,00,64,00,00,00,58,02,00,00,c8,00,\
00,00,01,00,00,00
"RestoredStateInfo"=hex:00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components\1]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="My Current Home Page"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,4b,00,00,00,00,00,00,00,b5,04,00,00,00,04,00,00,00,\
00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:04,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\
ff,ff,04,00,00,00
"RestoredStateInfo"=hex:18,00,00,00,6a,02,00,00,23,00,00,00,a4,00,00,00,9a,00,\
00,00,01,00,00,00

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVG7_Run"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgw.exe /RUNONCE"

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVG7_Run"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgw.exe /RUNONCE"

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run-]
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"ATICCC"="\"C:\\Program Files\\ATI Technologies\\ATI.ACE\\cli.exe\" runtime -Delay"
"Jet Detection"="\"C:\\Program Files\\Creative\\SBLive\\PROGRAM\\ADGJDet.exe\""
"UpdReg"="C:\\WINDOWS\\UpdReg.EXE"
"WINDVDPatch"="CTHELPER.EXE"
"FileZilla Server Interface"="\"C:\\Program Files\\FileZilla Server\\FileZilla Server Interface.exe\""
"iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
"SunJavaUpdateSched"="C:\\Program Files\\Java\\jre1.5.0_06\\bin\\jusched.exe"
"LogitechVideoRepair"="C:\\Program Files\\Logitech\\Video\\ISStart.exe "
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE"
"RemoteControl"="\"C:\\Program Files\\CyberLink\\PowerDVD\\PDVDServ.exe\""
"LogitechVideoTray"="C:\\Program Files\\Logitech\\Video\\LogiTray.exe"



Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\1-Click Maintenance.job

Completion time: Fri 09/08/2006 20:55:56.65
ComboFix.txt

Launch Notepad (not wordpad), and copy and paste the contents of the code box below into a new text file.
Save it as file name: "fixme.reg" (not including the quotes). Save as file type: All files (*.*) and save it on your Desktop.


REGEDIT4
;
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components\0]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
"{53578D6F-540D-4F6B-886B-FE7CA2E77698}"=-
"{FD6530B0-9DFA-4AE7-AD6E-CF644E630258}"=-
"{67BA9B5A-AAA2-49C9-A1B9-498B43808D74}"=-
"{29193A91-AA44-49A9-ACE2-6095B57D2219}"=-
[-HKEY_CLASSES_ROOT\CLSID\{C0F74E2F-20F7-48AB-9A47-8D91FDF1DD59}]
[-HKEY_CLASSES_ROOT\CLSID\{53578D6F-540D-4F6B-886B-FE7CA2E77698}]
[-HKEY_CLASSES_ROOT\CLSID\{67BA9B5A-AAA2-49C9-A1B9-498B43808D74}]
[-HKEY_CLASSES_ROOT\CLSID\{FD6530B0-9DFA-4AE7-AD6E-CF644E630258}]
;

Now double-click on the fixme.reg file you saved and click on the Yes button when it asks if you would like to merge the information. Once you get a successful message delete fixme.reg.

C:\Program Files\Windows NT\kyheheb.html < delete that file if it still exists
================================
Go here http://www.virustotal.com/flash/index_en.html
submit each of these and let us know what was found
C:\WINDOWS\system32\ghcaepdc.dll
C:\WINDOWS\system32\ejnbglaj.dll
C:\WINDOWS\system32\tjzcd5f2.dll
C:\WINDOWS\system32\tjzcd5f2.sys
C:\WINDOWS\srvchflymp.exe
C:\WINDOWS\srvjucvjga.exe
C:\WINDOWS\evklgzlb.exe

AntiVir 7.1.1.16 09.09.2006 ADSPY/Agent.E
Authentium 4.93.8 09.09.2006 no virus found
Avast 4.7.844.0 09.08.2006 Win32:Adware-gen.
AVG 386 09.08.2006 Adware Generic.NFF
BitDefender 7.2 09.09.2006 Trojan.Cmapp.A
CAT-QuickHeal 8.00 09.09.2006 AdWare.Agent.e (Not a Virus)
ClamAV devel-20060426 09.09.2006 Trojan.Cmapp-1
DrWeb 4.33 09.09.2006 Adware.WildMedia
eTrust-InoculateIT 23.72.120 09.08.2006 no virus found
eTrust-Vet 30.3.3070 09.09.2006 no virus found
Ewido 4.0 09.09.2006 Adware.Agent
Fortinet 2.77.0.0 09.09.2006 no virus found
F-Prot 3.16f 09.09.2006 no virus found
F-Prot4 4.2.1.29 09.08.2006 no virus found
Ikarus 0.2.65.0 09.08.2006 AdWare.Agent.E
Kaspersky 4.0.2.24 09.09.2006 not-a-virus:AdWare.Win32.Agent.e
McAfee 4848 09.08.2006 potentially unwanted program Adware-CasClient
Microsoft 1.1560 09.09.2006 no virus found
NOD32v2 1.1746 09.08.2006 no virus found
Norman 5.90.23 09.08.2006 no virus found
Panda 9.0.0.4 09.09.2006 Adware/NewAds
Sophos 4.09.0 09.09.2006 no virus found
Symantec 8.0 09.09.2006 Trojan.Cmapp
TheHacker 5.9.8.208 09.08.2006 no virus found
UNA 1.83 09.08.2006 Adware.Agent.71E4
VBA32 3.11.1 09.09.2006 no virus found
VirusBuster 4.3.7:9 09.09.2006 no virus found

^^^^^^^^^^^^^^^^^^^^^^
C:\WINDOWS\system32\ghcaepdc.dll

C:\WINDOWS\system32\ejnbglaj.dll
\/ \/ \/ \/ \/ \/ \/ \/ \/ \/ \/ \/ \/ \/

AntiVir 7.1.1.16 09.09.2006 ADSPY/Agent.E
Authentium 4.93.8 09.09.2006 no virus found
Avast 4.7.844.0 09.08.2006 Win32:Adware-gen.
AVG 386 09.08.2006 Adware Generic.NFF
BitDefender 7.2 09.09.2006 Trojan.Cmapp.A
CAT-QuickHeal 8.00 09.09.2006 AdWare.Agent.e (Not a Virus)
ClamAV devel-20060426 09.09.2006 Trojan.Cmapp-1
DrWeb 4.33 09.09.2006 Adware.WildMedia
eTrust-InoculateIT 23.72.120 09.08.2006 no virus found
eTrust-Vet 30.3.3070 09.09.2006 no virus found
Ewido 4.0 09.09.2006 Adware.Agent
Fortinet 2.77.0.0 09.09.2006 no virus found
F-Prot 3.16f 09.09.2006 no virus found
F-Prot4 4.2.1.29 09.08.2006 no virus found
Ikarus 0.2.65.0 09.08.2006 AdWare.Agent.E
Kaspersky 4.0.2.24 09.09.2006 not-a-virus:AdWare.Win32.Agent.e
McAfee 4848 09.08.2006 potentially unwanted program Adware-CasClient
Microsoft 1.1560 09.09.2006 no virus found
NOD32v2 1.1746 09.08.2006 no virus found
Norman 5.90.23 09.08.2006 no virus found
Panda 9.0.0.4 09.09.2006 Adware/NewAds
Sophos 4.09.0 09.09.2006 no virus found
Symantec 8.0 09.09.2006 Trojan.Cmapp
TheHacker 5.9.8.208 09.08.2006 no virus found
UNA 1.83 09.08.2006 Adware.Agent.71E4
VBA32 3.11.1 09.09.2006 no virus found
VirusBuster 4.3.7:9 09.09.2006 no virus found

C:\WINDOWS\system32\tjzcd5f2.dll

AntiVir 7.1.1.16 09.09.2006 TR/Agent.RL.1
Authentium 4.93.8 09.09.2006 no virus found
Avast 4.7.844.0 09.08.2006 Win32:Trojan-gen. {Other}
AVG 386 09.08.2006 no virus found
BitDefender 7.2 09.09.2006 Trojan.Agent.RL
CAT-QuickHeal 8.00 09.09.2006 no virus found
ClamAV devel-20060426 09.09.2006 no virus found
DrWeb 4.33 09.09.2006 Adware.IEHelper
eTrust-InoculateIT 23.72.120 09.08.2006 Win32/SillyDl.AIM!Trojan
eTrust-Vet 30.3.3070 09.09.2006 Win32/Acee.B
Ewido 4.0 09.09.2006 Adware.IEHelper
Fortinet 2.77.0.0 09.09.2006 W32/Agent.CCR!tr
F-Prot 3.16f 09.09.2006 no virus found
F-Prot4 4.2.1.29 09.08.2006 no virus found
Ikarus 0.2.65.0 09.08.2006 no virus found
Kaspersky 4.0.2.24 09.09.2006 Trojan-Downloader.Win32.Agent.awb
McAfee 4848 09.08.2006 Downloader-AXF
Microsoft 1.1560 09.09.2006 no virus found
NOD32v2 1.1746 09.08.2006 no virus found
Norman 5.90.23 09.08.2006 W32/DLoader.AORN
Panda 9.0.0.4 09.09.2006 Adware/DollarRevenue
Sophos 4.09.0 09.09.2006 Troj/Agent-CCR
Symantec 8.0 09.09.2006 Downloader
TheHacker 5.9.8.208 09.08.2006 Trojan/Downloader-AXF
UNA 1.83 09.08.2006 Trojan.Win32.Agent.D4BE
VBA32 3.11.1 09.09.2006 no virus found
VirusBuster 4.3.7:9 09.09.2006 no virus found

C:\WINDOWS\system32\tjzcd5f2.sys

CLEAN

C:\WINDOWS\srvchflymp.exe
AntiVir 7.1.1.16 09.09.2006 no virus found
Authentium 4.93.8 09.09.2006 no virus found
Avast 4.7.844.0 09.08.2006 Win32:Adware-gen.
AVG 386 09.08.2006 no virus found
BitDefender 7.2 09.09.2006 Adware.Bho.AO
CAT-QuickHeal 8.00 09.09.2006 no virus found
ClamAV devel-20060426 09.09.2006 no virus found
DrWeb 4.33 09.09.2006 Adware.Iconclick
eTrust-InoculateIT 23.72.120 09.08.2006 no virus found
eTrust-Vet 30.3.3070 09.09.2006 no virus found
Ewido 4.0 09.09.2006 no virus found
Fortinet 2.77.0.0 09.09.2006 Adware/BHO!011
F-Prot 3.16f 09.09.2006 no virus found
F-Prot4 4.2.1.29 09.08.2006 no virus found
Ikarus 0.2.65.0 09.08.2006 no virus found
Kaspersky 4.0.2.24 09.09.2006 not-a-virus:AdWare.Win32.BHO.ao
McAfee 4848 09.08.2006 potentially unwanted program Adware-IconAds
Microsoft 1.1560 09.09.2006 no virus found
NOD32v2 1.1746 09.08.2006 no virus found
Norman 5.90.23 09.08.2006 no virus found
Panda 9.0.0.4 09.09.2006 no virus found
Sophos 4.09.0 09.09.2006 no virus found
Symantec 8.0 09.09.2006 Trojan.Popper
TheHacker 5.9.8.208 09.08.2006 no virus found
UNA 1.83 09.08.2006 Adware.BHO.C96D
VBA32 3.11.1 09.09.2006 AdWare.Win32.BHO.ao
VirusBuster 4.3.7:9 09.09.2006 no virus found

C:\WINDOWS\srvjucvjga.exe
AntiVir 7.1.1.16 09.09.2006 ADSPY/Effective.A.3
Authentium 4.93.8 09.09.2006 no virus found
Avast 4.7.844.0 09.08.2006 Win32:Adware-gen.
AVG 386 09.08.2006 no virus found
BitDefender 7.2 09.09.2006 Dropped:Adware.Sepoh.A
CAT-QuickHeal 8.00 09.09.2006 no virus found
ClamAV devel-20060426 09.09.2006 no virus found
DrWeb 4.33 09.09.2006 Adware.Zcont
eTrust-InoculateIT 23.72.120 09.08.2006 Win32/PCHope.5bx!Downloader
eTrust-Vet 30.3.3070 09.09.2006 Win32/Clspring.FB
Ewido 4.0 09.09.2006 no virus found
Fortinet 2.77.0.0 09.09.2006 Adware/PurityScan
F-Prot 3.16f 09.09.2006 no virus found
F-Prot4 4.2.1.29 09.08.2006 no virus found
Ikarus 0.2.65.0 09.08.2006 no virus found
Kaspersky 4.0.2.24 09.09.2006 not-a-virus:AdWare.Win32.PurityScan.ep
McAfee 4848 09.08.2006 no virus found
Microsoft 1.1560 09.09.2006 no virus found
NOD32v2 1.1746 09.08.2006 no virus found
Norman 5.90.23 09.08.2006 W32/PurityScan.ZW.dropper
Panda 9.0.0.4 09.09.2006 Spyware/7r7t
Sophos 4.09.0 09.09.2006 no virus found
Symantec 8.0 09.09.2006 Trojan.Popper
TheHacker 5.9.8.208 09.08.2006 no virus found
UNA 1.83 09.08.2006 Adware.PurityScan.517E
VBA32 3.11.1 09.09.2006 AdWare.Win32.PurityScan.ep
VirusBuster 4.3.7:9 09.09.2006 no virus found

C:\WINDOWS\evklgzlb.exe

Antivirus Version Update Result
AntiVir 7.1.1.16 09.09.2006 no virus found
Authentium 4.93.8 09.09.2006 no virus found
Avast 4.7.844.0 09.08.2006 no virus found
AVG 386 09.08.2006 Adware Generic.OMM
BitDefender 7.2 09.09.2006 Adware.Bkdspace.A
CAT-QuickHeal 8.00 09.09.2006 no virus found
ClamAV devel-20060426 09.09.2006 no virus found
DrWeb 4.33 09.09.2006 Adware.BookedSpace
eTrust-InoculateIT 23.72.120 09.08.2006 no virus found
eTrust-Vet 30.3.3070 09.09.2006 no virus found
Ewido 4.0 09.09.2006 Adware.BookedSpace
Fortinet 2.77.0.0 09.09.2006 Adware/BkdSpace
F-Prot 3.16f 09.09.2006 no virus found
F-Prot4 4.2.1.29 09.08.2006 no virus found
Ikarus 0.2.65.0 09.08.2006 no virus found
Kaspersky 4.0.2.24 09.09.2006 not-a-virus:AdWare.Win32.BookedSpace.h
McAfee 4848 09.08.2006 potentially unwanted program Adware-BkdSpace
Microsoft 1.1560 09.09.2006 no virus found
NOD32v2 1.1746 09.08.2006 no virus found
Norman 5.90.23 09.08.2006 no virus found
Panda 9.0.0.4 09.09.2006 no virus found
Sophos 4.09.0 09.09.2006 no virus found
Symantec 8.0 09.09.2006 no virus found
TheHacker 5.9.8.208 09.08.2006 no virus found
UNA 1.83 09.08.2006 Adware.BookedSpace
VBA32 3.11.1 09.09.2006 AdWare.Win32.BookedSpace.h
VirusBuster 4.3.7:9 09.09.2006 no virus found

Go ahead and Delete them.

Are there any current problems ?

hello id like to say thank you becuase as of now i dont have any problems with that anymore...but there is one more thing, my myspace account is mysteriously posting bulletins advertising adult sites and such and its getting really annoying since its doing this like 3-5 times a day would you by any chance know whats going on?

Please download ATF Cleaner (http://www.atribune.org/ccount/click.php?id=1) by Atribune.
Double-click ATF-Cleaner.exe to run the program.
Under Main choose: Select All
Click the Empty Selected button.
If you use Firefox browser
Click Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
If you use Opera browser
Click Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
Click Exit on the Main menu to close the program.
REBOOT afterwards!

If you still have problems at myspace i suggest you contact them, let us know.

As the problem appears to be resolved this topic has been archived.

If you need it re-opened please send me or your helper a private message (pm) and provide a link to the thread; this applies only to the original topic starter.

Cheers.