Google is being re-directed to another search engine

Please help,I have a problem with my searches in google being redirected to other engines. I have run spybot,adaware and malawarebytes and have removed the problem that they highlighted,but still the problem remains.Any help would be apprecited,thanks


Here's my logfile

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:38:10, on 17/06/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18248)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Thomson\ST330\diagnostics\diagnostics.exe
C:\Program Files\Froddle Pod\ipm_as.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Roxio Creator 2009\5.0\CPMonitor.exe
C:\Program Files\Ask & Record Toolbar\FLVSrvc.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Windows\ehome\ehmsas.exe
C:\hp\kbd\kbd.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Opera\opera.exe
C:\Users\aybsee\Desktop\hijackgpthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_gb&c=84&bd=Pavilion&pf=cndt
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_gb&c=84&bd=Pavilion&pf=cndt
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [diagnostics] "C:\Program Files\Thomson\ST330\diagnostics\diagnostics.exe" /icon -l:en
O4 - HKLM\..\Run: [IpodManagerService] C:\Program Files\Froddle Pod\ipm_as.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton 360\osCheck.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\11.0\SharedCOM\RoxWatchTray11.exe"
O4 - HKLM\..\Run: [CPMonitor] "C:\Program Files\Roxio Creator 2009\5.0\CPMonitor.exe"
O4 - HKLM\..\Run: [Ask and Record FLV Service] "C:\Program Files\Ask & Record Toolbar\FLVSrvc.exe" /run
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Download with &Shareaza - res://C:\Program Files\Gnutella Turbo\Plugins\RazaWebHook.dll/3000
O9 - Extra button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{990D65D1-2159-41E8-B150-CBC833F36E3A}: NameServer = 212.139.132.11 212.139.132.10
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Google Update Service (gupdate1c98b96f0dcc87) (gupdate1c98b96f0dcc87) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Roxio UPnP Renderer 11 - Sonic Solutions - C:\Program Files\Roxio Creator 2009\Digital Home 11\RoxioUPnPRenderer11.exe
O23 - Service: Roxio Upnp Server 11 - Sonic Solutions - C:\Program Files\Roxio Creator 2009\Digital Home 11\RoxioUpnpService11.exe
O23 - Service: LiveShare P2P Server 11 (RoxLiveShare11) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\11.0\SharedCOM\RoxLiveShare11.exe
O23 - Service: RoxMediaDB11 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\11.0\SharedCOM\RoxMediaDB11.exe
O23 - Service: Roxio Hard Drive Watcher 11 (RoxWatch11) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\11.0\SharedCOM\RoxWatch11.exe
O23 - Service: SpeedTouch 330 Manager (st330service) - THOMSON Telecom Belgium - C:\Program Files/Thomson/ST330/service/st330service.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe

--
End of file - 10914 bytes

Can I see the MBAM log please? I want to see what it's removed and what database version you have.

Thank you here is that log

Malwarebytes' Anti-Malware 1.37
Database version: 2282
Windows 6.0.6001 Service Pack 1

17/06/2009 12:12:01
mbam-log-2009-06-17 (12-12-01).txt

Scan type: Quick Scan
Objects scanned: 81694
Time elapsed: 5 minute(s), 40 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 13
Registry Values Infected: 1
Registry Data Items Infected: 2
Folders Infected: 2
Files Infected: 7

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ab8cd499-9b32-3d7f-8460-a02f87b55410} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ab8cd499-9b32-3d7f-8460-a02f87b55410} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{19127ad2-394b-70f5-c650-b97867baa1f7} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{19127ad2-394b-70f5-c650-b97867baa1f7} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{43bf8cd1-c5d5-2230-7bb2-98f22c2b7dc6} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{19127ad2-394b-70f5-c650-b97867baa1f7} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{43bf8cd1-c5d5-2230-7bb2-98f22c2b7dc6} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{aaaea1b4-c8ff-34c7-9f3d-1fbdffb70db2} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{6741f72d-c788-3a90-8d05-7a37d2b15682} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{ab8cd499-9b32-3d7f-8460-a02f87b55410} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ctfmon.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\D (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\D.1 (Trojan.Agent) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\userinit (Trojan.Agent) -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Trojan.Agent) -> Data: c:\windows\system32\oembios.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Hijack.Userinit) -> Bad: (C:\Windows\system32\userinit.exe,C:\Windows\system32\oembios.exe,) Good: (Userinit.exe) -> Quarantined and deleted successfully.

Folders Infected:
C:\WINDOWS\System32\sysproc64 (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\aybsee\AppData\Roaming\sysproc64 (Trojan.Agent) -> Quarantined and deleted successfully.

Files Infected:
C:\WINDOWS\System32\xwr15139.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
c:\WINDOWS\System32\sysproc64\sysproc32.sys (Trojan.Agent) -> Quarantined and deleted successfully.
c:\WINDOWS\System32\sysproc64\sysproc86.sys (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\aybsee\AppData\Roaming\sysproc64\sysproc32.sys (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\aybsee\AppData\Roaming\sysproc64\sysproc86.sys (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\oembios.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\aybsee\AppData\Roaming\oembios.exe (Trojan.Agent) -> Quarantined and deleted successfully.

Hello.
We need to go in for a closer look

• Please download DDS by sUBs to your Desktop (Important!!) from one of these locations:
  Link 1
  Link 2
  
• Double click DDS.scr to run.
  
• When complete, two logs will open. Save both of the report to your Desktop.
  
• Copy and paste BOTH logs back here, use more than one post if needed.
  

Thank you,here is the first part of the DDS.txt

DDS (Ver_09-05-14.01) - NTFSx86
Run by aybsee at 18:28:30.76 on 17/06/2009
Internet Explorer: 7.0.6001.18000
Microsoft Windows Vista™ Home Premium 6.0.6001.1.1252.44.1033.18.1918.967 [GMT 1:00]

AV: Lavasoft Ad-Watch Live! Anti-Virus *On-access scanning disabled* (Updated) {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33}
SP: Spybot - Search and Destroy *disabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: Lavasoft Ad-Watch Live! *enabled* (Updated) {67844DAE-4F77-4D69-9457-98E8CFFDAA22}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Thomson\ST330\service\st330service.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\Dwm.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
C:\Windows\system32\taskeng.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Thomson\ST330\diagnostics\diagnostics.exe
C:\Program Files\Froddle Pod\ipm_as.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Roxio Creator 2009\5.0\CPMonitor.exe
C:\Program Files\Ask & Record Toolbar\FLVSrvc.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\system32\svchost.exe -k hpdevmgmt
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\hp\kbd\kbd.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Opera\opera.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\aybsee\Desktop\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.co.uk/
uSearch Bar = Preserve
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_gb&c=84&bd=Pavilion&pf=cndt
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_gb&c=84&bd=Pavilion&pf=cndt
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
mURLSearchHooks: Demonoid Toolbar: {35b675b9-7f34-40df-8f49-5fab6b7e4aef} -
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AskBar BHO: {201f27d4-3704-41d6-89c1-aa35e39143ed} - c:\program files\askbardis\bar\bin\askBar.dll
BHO: NCO 2.0 IE BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\common files\symantec shared\coshared\browser\2.6\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\progra~1\common~1\symant~1\ids\IPSBHO.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.1.1309.3572\swg.dll
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn\YTSingleInstance.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: Show Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\common files\symantec shared\coshared\browser\2.6\CoIEPlg.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
TB: Ask Toolbar: {3041d03e-fd4b-44e0-b742-2d9b88305f98} - c:\program files\askbardis\bar\bin\askBar.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar.dll
TB: Demonoid Toolbar: {35b675b9-7f34-40df-8f49-5fab6b7e4aef} -
TB: {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No File
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [LightScribe Control Panel] c:\program files\common files\lightscribe\LightScribeControlPanel.exe -hidden
mRun: [hpsysdrv] c:\hp\support\hpsysdrv.exe
mRun: [KBD] c:\hp\kbd\KbdStub.EXE
mRun: [OsdMaestro] "c:\program files\hewlett-packard\on-screen osd indicator\OSD.exe"
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [HP Health Check Scheduler] c:\program files\hewlett-packard\hp health check\HPHC_Scheduler.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [diagnostics] "c:\program files\thomson\st330\diagnostics\diagnostics.exe" /icon -l:en
mRun: [IpodManagerService] c:\program files\froddle pod\ipm_as.exe
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\bin\AppleSyncNotifier.exe
mRun: [hpqSRMon] c:\program files\hp\digital imaging\bin\hpqSRMon.exe
mRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe"
mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"
mRun: [osCheck] "c:\program files\norton 360\osCheck.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [RoxWatchTray] "c:\program files\common files\roxio shared\11.0\sharedcom\RoxWatchTray11.exe"
mRun: [CPMonitor] "c:\program files\roxio creator 2009\5.0\CPMonitor.exe"
mRun: [Ask and Record FLV Service] "c:\program files\ask & record toolbar\FLVSrvc.exe" /run
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [PWRISOVM.EXE] c:\program files\poweriso\PWRISOVM.EXE
mRun: [Ad-Watch] c:\program files\lavasoft\ad-aware\AAWTray.exe
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Download with &Shareaza - c:\program files\gnutella turbo\plugins\RazaWebHook.dll/3000
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
TCP: {990D65D1-2159-41E8-B150-CBC833F36E3A} = 212.139.132.11 212.139.132.10
Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll

2nd part DDS.txt

============= SERVICES / DRIVERS ===============

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-6-12 64160]
R1 c2scsi;c2scsi;c:\windows\system32\drivers\C2SCSI.SYS [2008-8-11 254320]
R1 IDSvix86;Symantec Intrusion Prevention Driver;c:\progra~2\symantec\defini~1\symcdata\ipsdefs\20090610.001\IDSvix86.sys [2009-6-12 272432]
R2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe -k netsvcs [2008-1-21 21504]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2009-1-19 1005904]
R2 LiveUpdate Notice;LiveUpdate Notice;c:\program files\common files\symantec shared\CCSVCHST.EXE [2008-2-18 149352]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2009-3-4 101936]
R3 netr73;USB Wireless 802.11 b/g Adaptor Driver for Vista;c:\windows\system32\drivers\netr73.sys [2008-10-21 497152]
R3 ST330;ST330;c:\windows\system32\drivers\st330.sys [2009-1-22 30464]
R3 STBUS;STBUS;c:\windows\system32\drivers\stbus.sys [2009-1-22 12672]
R3 stppp;Speedtouch PPP Adapter Adapter;c:\windows\system32\drivers\stppp.sys [2009-1-22 35328]
R3 SYMNDISV;SYMNDISV;c:\windows\system32\drivers\symndisv.sys [2009-2-19 41008]
S2 ASKUpgrade;ASKUpgrade;c:\program files\askbardis\bar\bin\ASKUpgrade.exe [2009-5-1 234888]
S2 gupdate1c98b96f0dcc87;Google Update Service (gupdate1c98b96f0dcc87);c:\program files\google\update\GoogleUpdate.exe [2009-2-10 133104]
S2 Roxio Upnp Server 11;Roxio Upnp Server 11;c:\program files\roxio creator 2009\digital home 11\RoxioUpnpService11.exe [2008-8-14 367088]
S2 RoxLiveShare11;LiveShare P2P Server 11;c:\program files\common files\roxio shared\11.0\sharedcom\RoxLiveShare11.exe [2008-8-14 309744]
S2 RoxWatch11;Roxio Hard Drive Watcher 11;c:\program files\common files\roxio shared\11.0\sharedcom\RoxWatch11.exe [2008-8-14 170480]
S3 COH_Mon;COH_Mon;c:\windows\system32\drivers\COH_Mon.sys [2008-1-13 23888]
S3 PCD5SRVC{BD6912E3-AC9D80E8-05040000};PCD5SRVC{BD6912E3-AC9D80E8-05040000} - PCDR Kernel Mode Service Helper Driver;c:\progra~1\pc-doc~1\PCD5SRVC.pkms [2008-5-22 20640]
S3 Roxio UPnP Renderer 11;Roxio UPnP Renderer 11;c:\program files\roxio creator 2009\digital home 11\RoxioUPnPRenderer11.exe [2008-8-14 313840]
S3 RoxMediaDB11;RoxMediaDB11;c:\program files\common files\roxio shared\11.0\sharedcom\RoxMediaDB11.exe [2008-8-14 1124848]
S4 nvrd32;NVIDIA nForce RAID Driver;c:\windows\system32\drivers\nvrd32.sys [2008-9-1 133152]
S4 RelevantKnowledge;RelevantKnowledge;c:\program files\relevantknowledge\rlservice.exe /service --> c:\program files\relevantknowledge\rlservice.exe [?]
S4 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2009-2-16 1153368]

=============== Created Last 30 ================

2009-06-15 13:57 --d----- c:\program files\AudioLabel
2009-06-15 13:24 --d----- c:\program files\P2PFilter
2009-06-15 12:53 --d----- c:\program files\Readon Technology
2009-06-15 10:18 --d----- c:\program files\XviD
2009-06-15 10:17 --d----- c:\program files\Apex
2009-06-15 10:07 --d----- c:\users\aybsee\appdata\roaming\Bassic Technologies
2009-06-15 08:48 --d----- c:\program files\Vector Magic
2009-06-14 08:43 428,544 a------- c:\windows\system32\EncDec.dll
2009-06-14 08:43 293,376 a------- c:\windows\system32\psisdecd.dll
2009-06-14 08:43 217,088 a------- c:\windows\system32\psisrndr.ax
2009-06-14 08:43 177,664 a------- c:\windows\system32\mpg2splt.ax
2009-06-14 08:43 80,896 a------- c:\windows\system32\MSNP.ax
2009-06-12 16:32 64,160 a------- c:\windows\system32\drivers\Lbd.sys
2009-06-12 16:28 -cd-h--- c:\programdata\{2BAE6915-8510-4B9F-B498-02DA86258AA0}
2009-06-12 16:28 -cd-h--- c:\progra~2\{2BAE6915-8510-4B9F-B498-02DA86258AA0}
2009-06-12 16:28 --d----- c:\program files\Lavasoft
2009-06-11 21:40 --d----- c:\programdata\Fighters
2009-06-11 21:40 --d----- c:\progra~2\Fighters
2009-06-11 18:03 --d----- c:\program files\PowerISO
2009-06-11 02:42 --d----- c:\programdata\Bondi
2009-06-11 02:42 --d----- c:\progra~2\Bondi
2009-06-11 02:07 --d----- c:\users\aybsee\appdata\roaming\Downloaded Installations
2009-06-08 10:35 --d----- c:\users\aybsee\appdata\roaming\Thinstall
2009-06-07 12:01 --d----- c:\program files\iPod
2009-06-07 12:01 --d----- c:\program files\iTunes
2009-06-01 17:28 --d----- c:\users\aybsee\appdata\roaming\Acoustica
2009-06-01 14:09 --d----- c:\program files\common files\Droppix
2009-05-26 17:20 --d----- c:\programdata\Droppix
2009-05-26 17:20 --d----- c:\progra~2\Droppix
2009-05-26 17:18 90,112 a------- c:\windows\system32\QuickTimeVR.qtx
2009-05-26 17:18 57,344 a------- c:\windows\system32\QuickTime.qts
2009-05-24 13:57 159,678 a------- c:\windows\hpqins00.dat
2009-05-23 15:47 --d----- c:\program files\VS Revo Group
2009-05-22 19:29 249,856 -------- c:\windows\Setup1.exe
2009-05-22 19:29 73,216 a------- c:\windows\ST6UNST.EXE

==================== Find3M ====================

2009-06-17 14:03 410,984 a------- c:\windows\system32\deploytk.dll
2009-06-12 16:31 15,688 a------- c:\windows\system32\lsdelete.exe
2009-06-10 20:59 17,274 a------- c:\users\aybsee\appdata\roaming\wklnhst.dat
2009-06-07 11:56 51,200 a------- c:\windows\inf\infpub.dat
2009-06-07 11:56 143,360 a------- c:\windows\inf\infstrng.dat
2009-06-07 11:56 86,016 a------- c:\windows\inf\infstor.dat
2009-05-26 13:20 40,160 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-05-26 13:19 19,096 a------- c:\windows\system32\drivers\mbam.sys
2009-05-11 13:34 130,834 a------- c:\windows\hpoins18.dat
2009-05-01 08:45 3,411 a------- c:\windows\system32\SpoonUninstall-dBpoweramp Shorten Codec.dat
2009-05-01 08:43 653,176 a------- c:\windows\system32\SpoonUninstall.exe
2009-04-24 17:05 827,904 a------- c:\windows\system32\wininet.dll
2009-04-24 17:05 9,216 a------- c:\windows\system32\ctfmon_dw.exe
2009-04-24 17:02 78,336 a------- c:\windows\system32\ieencode.dll
2009-04-24 14:44 26,624 a------- c:\windows\system32\ieUnatt.exe
2009-04-24 06:39 87,608 a------- c:\users\aybsee\appdata\roaming\inst.exe
2009-04-24 06:39 47,360 a------- c:\users\aybsee\appdata\roaming\pcouffin.sys
2009-04-23 13:43 784,896 a------- c:\windows\system32\rpcrt4.dll
2009-04-23 13:42 636,928 a------- c:\windows\system32\localspl.dll
2009-04-23 08:11 17,766,400 a------- c:\windows\vsoConvertXtoDVD3_setup.exe
2009-04-23 05:29 10,099 a------- c:\windows\system32\SpoonUninstall-dBpoweramp DSP Effects.dat
2009-04-23 05:29 14,639 a------- c:\windows\system32\SpoonUninstall-dBpoweramp Music Converter.dat
2009-04-23 05:24 152,904 a------- c:\windows\system32\vghd.scr
2009-04-21 12:55 2,033,152 a------- c:\windows\system32\win32k.sys
2009-03-31 13:46 148,888 a------- c:\windows\system32\jusched.exe
2009-03-31 13:46 386,480 a------- c:\windows\system32\jucheck.exe
2009-03-31 13:46 54,680 a------- c:\windows\system32\jureg.exe
2008-09-01 03:59 665,600 a------- c:\windows\inf\drvindex.dat
2008-01-21 03:43 174 a--sh--- c:\program files\desktop.ini
2006-11-02 13:42 287,440 a------- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 13:42 287,440 a------- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 13:42 30,674 a------- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 13:42 30,674 a------- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 10:20 287,440 a------- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 10:20 287,440 a------- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 10:20 30,674 a------- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 10:20 30,674 a------- c:\windows\inf\perflib\0000\perfc.dat

============= FINISH: 18:30:30.95 ===============

This is the Attach.txt log

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-05-14.01)

Microsoft Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 22/01/2009 10:57:12
System Uptime: 17/06/2009 17:27:59 (1 hours ago)

Motherboard: OEM_MB | | Acacia
Processor: AMD Athlon(tm) Dual Core Processor 4450e | Socket AM2 | 2300/200mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 286 GiB total, 141.087 GiB free.
D: is FIXED (NTFS) - 13 GiB total, 1.722 GiB free.
E: is CDROM ()
F: is CDROM ()
G: is Removable
H: is Removable
I: is Removable
J: is Removable
L: is Removable

==== Disabled Device Manager Items =============

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft 6to4 Adapter
Device ID: ROOT\*6TO4MP\0018
Manufacturer: Microsoft
Name: 6TO4 Adapter
PNP Device ID: ROOT\*6TO4MP\0018
Service: tunnel

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft 6to4 Adapter
Device ID: ROOT\*6TO4MP\0032
Manufacturer: Microsoft
Name: 6TO4 Adapter
PNP Device ID: ROOT\*6TO4MP\0032
Service: tunnel

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft 6to4 Adapter
Device ID: ROOT\*6TO4MP\0051
Manufacturer: Microsoft
Name: 6TO4 Adapter
PNP Device ID: ROOT\*6TO4MP\0051
Service: tunnel

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft 6to4 Adapter
Device ID: ROOT\*6TO4MP\0063
Manufacturer: Microsoft
Name: 6TO4 Adapter
PNP Device ID: ROOT\*6TO4MP\0063
Service: tunnel

==== System Restore Points ===================


==== Installed Programs ======================

32 Bit HP CIO Components Installer
7-Zip 4.57
Activation Assistant for the 2007 Microsoft Office suites
Ad-Aware
Adobe AIR
Adobe Anchor Service CS3
Adobe Asset Services CS3
Adobe Bridge CS3
Adobe Bridge Start Meeting
Adobe Camera Raw 4.0
Adobe CMaps
Adobe Color - Photoshop Specific
Adobe Color Common Settings
Adobe Color EU Extra Settings
Adobe Color JA Extra Settings
Adobe Color NA Recommended Settings
Adobe Default Language CS3
Adobe Device Central CS3
Adobe ExtendScript Toolkit 2
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Fonts All
Adobe Help Viewer CS3
Adobe Linguistics CS3
Adobe PDF Library Files
Adobe Photoshop CS3
Adobe Reader 9.1.2
Adobe Setup
Adobe Stock Photos CS3
Adobe Type Support
Adobe Update Manager CS3
Adobe Version Cue CS3 Client
Adobe WinSoft Linguistics Plugin
Adobe XMP Panels CS3
Advanced SystemCare 3
AIO_CDA_ProductContext
AIO_CDA_Software
AIO_Scan
Allok 3GP PSP MP4 iPod Video Converter 5.1.1223
Any Video Converter 2.7.0
Apex Video Converter Super 6.12
AppCore
Apple Mobile Device Support
Apple Software Update
Ask & Record Toolbar 4.00
Ask Toolbar
µTorrent
AudioLabel
Backup
Bonjour
BufferChm
C3100
c3100_Help
Cards_Calendar_OrderGift_DoMorePlugout
ccCommon
CCleaner (remove only)
Choice Guard
Compatibility Pack for the 2007 Office system
ConvertXtoDVD 3.6.2.153
Copy
Date Cracker 2000
dBpoweramp DSP Effects
dBpoweramp Music Converter
dBpoweramp Shorten Codec
Destination Component
DeviceDiscovery
DirectX 9 Runtime
DocProc
EMC 11 Content
Enhanced Multimedia Keyboard Solution
Fax
Free&Easy Font Viewer 2.0
Froddle Pod
GearDrvs
GOM Player
Google Earth
Google Toolbar for Internet Explorer
Google Update Helper
Google Updater
GPBaseService
Hardware Diagnostic Tools
Hewlett-Packard Active Check for Health Check
Hewlett-Packard Asset Agent for Health Check
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Active Support Library
HP Customer Experience Enhancements
HP Customer Feedback
HP Customer Participation Program 10.0
HP Demo
HP Easy Setup - Frontend
HP Imaging Device Functions 10.0
HP On-Screen Cap/Num/Scroll Lock Indicator
HP Photosmart All-In-One Driver Software 10.0 Rel .2
HP Photosmart Essential
HP Photosmart Essential 2.5
HP Photosmart.All-In-One Driver Software 8.0 .A
HP Picasso Media Center Add-In
HP Recovery Manager RSS
HP Smart Web Printing
HP Solution Center 10.0
HP Total Care Advisor
HP Update
HPPhotoSmartDiscLabel_PaperLabel
HPPhotoSmartDiscLabel_PrintOnDisc
HPPhotoSmartDiscLabelContent1
hpphotosmartdisclabelplugin
HPPhotoSmartPhotobookWebPack1
HPProductAssistant
HPSSupply
ImgBurn
iTunes
Java(TM) 6 Update 14
K-Lite Mega Codec Pack 4.7.5
LabelPrint
LightScribe System Software 1.14.25.1
LiveUpdate (Symantec Corporation)
Malwarebytes' Anti-Malware
MarketResearch
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual J# 2.0 Redistributable Package
Microsoft Works
MobileMe Control Panel
MP3 Cutter Plus 1.0
MSVCRT
MSXML 4.0 SP2 (KB954430)
muvee autoProducer 6.1
My HP Games
Norton 360
Norton 360 (Symantec Corporation)
Norton 360 HTMLHelp
Norton Confidential Core
NVIDIA Drivers
OCR Software by I.R.I.S. 10.0
OpenOffice.org 3.1
Opera 9.64
P2PFilter 3.0.5
PanoStandAlone
PDF Settings
PhotoScape
Power2Go
PowerDVD
PowerISO
PS_AIO_02_Software
PS_AIO_02_Software_Min
PSSWCORE
Python 2.5.2
QuickTime
Readon TV Movie Radio Player 5.5.0.0
Real Alternative 1.9.0
Realtek High Definition Audio Driver
Revo Uninstaller 1.83
Roxio Activation Module
Roxio BackOnTrack
Roxio CinePlayer
Roxio CinePlayer Decoder Pack
Roxio Creator 2009
Roxio File Backup
Roxio Update Manager
Scan
Search Settings 1.2
Shop for HP Supplies
SmartSound Quicktracks Plugin
SolutionCenter
SoulSeek 157 NS 13c
SPBBC 32bit
SpeedTouch 330
Spybot - Search & Destroy
SpywareBlaster 4.2
Status
Switch Sound File Converter
Symantec Real Time Storage Protection Component
Symantec Technical Support Controls
SymNet
TagScanner 5.0 build 531
Toolbox
TrayApp
UnloadSupport
Vector Magic
VideoToolkit01
Virtual Earth 3D (Beta)
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
VLC media player 0.9.9
WebReg
Winamp
Windows Live Communications Platform
Windows Live Essentials
Windows Live Movie Maker Beta
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
WinRAR archiver
XviD MPEG-4 Codec
Yahoo! Toolbar

==== End Of File ===========================

Hello.

I strongly recommend you to remove Ask from your computer because it's:

• Promoting its toolbars on sites targeted to kids.
  
• Promoting its toolbars through ads that appear to be part of other companies' sites.
  
• Promoting its toolbars through other companies' spyware.
  
• Installing without any disclosure whatsoever and without any consent whatsoever.
  
• Soliciting installations via "deceptive door openers" that do not accurately describe the offer; failing to affirmatively show a license agreement; linking to a EULA via an off-screen link.
  
• Making confusing changes to users' browsers -- increasing Ask's revenues while taking users to pages they didn't intend to visit.
  

See here for more info.


If you choose to follow my recommendation then follow these instructions.

• Click Start >> Control Panel.
  
• Under the Programs click Uninstall a Program
  
• Highlight the following:
  
  7-Zip 4.57
  Ask Toolbar
  µTorrent
  MarketResearch
  
  
• Click on the Uninstall/Change button at the top.
  

Next, please open MBAM again, go into the update tab, and get the latest updates.
Then re-scan and post the new log.

thank you,I cannot find MarketResearch in Uninstall programs.I have removed the others.here is the Mbam log

Malwarebytes' Anti-Malware 1.38
Database version: 2299
Windows 6.0.6001 Service Pack 1

18/06/2009 07:49:13
mbam-log-2009-06-18 (07-49-13).txt

Scan type: Full Scan (C:\|D:\|)
Objects scanned: 334973
Time elapsed: 1 hour(s), 11 minute(s), 19 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 2

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\Users\aybsee\working files\documents\readon player\sopfilter\Setup-P2PFilter-3.0.5-2009-1-23.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\SKYNETlog.dat (Trojan.Agent) -> Delete on reboot.

• Download combofix from here
  Link 1
  Link 2
  

1. If you are using Firefox, make sure that your download settings are as follows:

* Tools->Options->Main tab
* Set to "Always ask me where to Save the files".

2. During the download, rename Combofix to Combo-Fix as follows:





3. It is important you rename Combofix during the download, but not after.
4. Please do not rename Combofix to other names, but only to the one indicated.
5. Close any open browsers.
6. We need to disable your local AV (Anti-virus) before running Combofix.

• See HERE for how to disable your AV. (Norton/Ad-Watch)
  
• Double click on ComboFix.exe.
  
• Follow the prompts. NOTE:
  
• Allow combofix to run
  
• Post C:\combofix.txt back here.
  
  Note:
  Do not mouseclick combofix's window whilst it's running. That may cause it to stall.
  

Thank you,here is that log
Part 1

ComboFix 09-06-17.04 - aybsee 18/06/2009 13:01.1 - NTFSx86
Microsoft Windows Vista™ Home Premium 6.0.6001.1.1252.44.1033.18.1918.881 [GMT 1:00]
Running from: c:\users\aybsee\Desktop\Combo-Fix.exe
AV: Lavasoft Ad-Watch Live! Anti-Virus *On-access scanning disabled* (Updated) {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33}
SP: Lavasoft Ad-Watch Live! *disabled* (Updated) {67844DAE-4F77-4D69-9457-98E8CFFDAA22}
SP: Spybot - Search and Destroy *disabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

D:\resycled
c:\users\aybsee\AppData\Roaming\inst.exe
c:\windows\system32\drivers\SKYNETxvlmosnt.sys
c:\windows\system32\SKYNETixpiejpe.dll
c:\windows\system32\SKYNETlog.dat
c:\windows\system32\SKYNETpxejobvs.dll
c:\windows\system32\SKYNETvpxhvhnr.dat
D:\Desktop.ini

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_ovfsthrirxitwcobtmvorlywtqdornnfvgphcp
-------\Service_RelevantKnowledge
-------\Service_SKYNETdxcqnbik


((((((((((((((((((((((((( Files Created from 2009-05-18 to 2009-06-18 )))))))))))))))))))))))))))))))
.

2009-06-18 12:07 . 2009-06-18 12:12 -------- d-----w- c:\users\aybsee\AppData\Local\temp
2009-06-18 07:40 . 2009-04-15 12:16 89104 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20090617.050\NAVENG.SYS
2009-06-18 07:40 . 2009-04-15 12:16 876144 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20090617.050\NAVEX15.SYS
2009-06-18 07:40 . 2009-04-15 12:16 371248 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20090617.050\EECTRL.SYS
2009-06-18 07:40 . 2009-04-15 12:16 259368 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20090617.050\ECMSVR32.DLL
2009-06-18 07:40 . 2009-04-15 12:16 2414128 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20090617.050\CCERASER.DLL
2009-06-18 07:40 . 2009-04-15 12:16 177520 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20090617.050\NAVENG32.DLL
2009-06-18 07:40 . 2009-04-15 12:16 1181040 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20090617.050\NAVEX32A.DLL
2009-06-18 07:40 . 2009-04-15 12:16 101936 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20090617.050\ERASER.SYS
2009-06-18 01:56 . 2009-04-15 12:16 89104 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20090617.025\NAVENG.SYS
2009-06-18 01:56 . 2009-04-15 12:16 876144 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20090617.025\NAVEX15.SYS
2009-06-18 01:56 . 2009-04-15 12:16 371248 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20090617.025\EECTRL.SYS
2009-06-18 01:56 . 2009-04-15 12:16 259368 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20090617.025\ECMSVR32.DLL
2009-06-18 01:56 . 2009-04-15 12:16 2414128 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20090617.025\CCERASER.DLL
2009-06-18 01:56 . 2009-04-15 12:16 177520 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20090617.025\NAVENG32.DLL
2009-06-18 01:56 . 2009-04-15 12:16 1181040 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20090617.025\NAVEX32A.DLL
2009-06-18 01:56 . 2009-04-15 12:16 101936 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20090617.025\ERASER.SYS
2009-06-15 12:57 . 2009-06-15 13:17 -------- d-----w- c:\program files\AudioLabel
2009-06-15 12:24 . 2009-06-15 12:24 -------- d-----w- c:\program files\P2PFilter
2009-06-15 11:54 . 2009-06-15 11:54 -------- d-----w- c:\users\aybsee\AppData\Local\Readon_Technology
2009-06-15 11:53 . 2009-06-15 11:53 -------- d-----w- c:\program files\Readon Technology
2009-06-15 09:18 . 2009-06-15 09:18 -------- d-----w- c:\program files\XviD
2009-06-15 09:09 . 2009-06-15 09:09 -------- d-----w- c:\users\aybsee\AppData\Local\Bassic_Technologies
2009-06-15 09:07 . 2009-06-15 09:07 -------- d-----w- c:\users\aybsee\AppData\Roaming\Bassic Technologies
2009-06-15 07:48 . 2009-06-15 07:48 -------- d-----w- c:\program files\Vector Magic
2009-06-15 05:35 . 2009-04-15 12:16 89104 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20090614.035\NAVENG.SYS
2009-06-15 05:35 . 2009-04-15 12:16 876144 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20090614.035\NAVEX15.SYS
2009-06-15 05:35 . 2009-04-15 12:16 371248 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20090614.035\EECTRL.SYS
2009-06-15 05:35 . 2009-04-15 12:16 259368 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20090614.035\ECMSVR32.DLL
2009-06-15 05:35 . 2009-04-15 12:16 2414128 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20090614.035\CCERASER.DLL
2009-06-15 05:35 . 2009-04-15 12:16 177520 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20090614.035\NAVENG32.DLL
2009-06-15 05:35 . 2009-04-15 12:16 1181040 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20090614.035\NAVEX32A.DLL
2009-06-15 05:35 . 2009-04-15 12:16 101936 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20090614.035\ERASER.SYS
2009-06-14 07:43 . 2009-04-30 12:37 293376 ----a-w- c:\windows\system32\psisdecd.dll
2009-06-14 07:43 . 2009-04-30 12:37 428544 ----a-w- c:\windows\system32\EncDec.dll
2009-06-12 20:18 . 2009-03-06 17:25 439672 ----a-w- c:\programdata\Symantec\Definitions\SymcData\ipsdefs\20090610.001\scxpx86.dll
2009-06-12 20:18 . 2009-02-09 22:59 272432 ----a-w- c:\programdata\Symantec\Definitions\SymcData\ipsdefs\20090610.001\IDSvix86.sys
2009-06-12 20:18 . 2009-02-09 22:59 251768 ----a-w- c:\programdata\Symantec\Definitions\SymcData\ipsdefs\20090610.001\symidsco.sys
2009-06-12 20:18 . 2009-02-09 22:59 685432 ----a-w- c:\programdata\Symantec\Definitions\SymcData\ipsdefs\20090610.001\idsxpx86.dll
2009-06-12 20:18 . 2009-02-09 22:59 173432 ----a-w- c:\programdata\Symantec\Definitions\SymcData\ipsdefs\20090610.001\SymIDSI.dll
2009-06-12 20:18 . 2009-02-09 22:59 370224 ----a-w- c:\programdata\Symantec\Definitions\SymcData\ipsdefs\20090610.001\IDSvia64.sys
2009-06-12 20:18 . 2009-02-05 23:55 157120 ----a-w- c:\programdata\Symantec\Definitions\SymcData\ipsdefs\20090610.001\IDS9xx86.dll
2009-06-12 15:32 . 2009-06-12 15:30 64160 ----a-w- c:\windows\system32\drivers\Lbd.sys
2009-06-12 15:30 . 2009-06-12 15:30 64160 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\Drivers\32\lbd.sys
2009-06-12 15:30 . 2009-06-12 15:30 40288 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\PrivacyClean.dll
2009-06-12 15:30 . 2009-06-12 15:30 212848 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\RPAPI.dll
2009-06-12 15:30 . 2009-06-12 15:30 640360 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\CEAPI.dll
2009-06-12 15:30 . 2009-06-12 15:30 540536 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\Ad-AwareCommand.exe
2009-06-12 15:30 . 2009-06-12 15:30 559464 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\Ad-AwareAdmin.exe
2009-06-12 15:30 . 2009-06-12 15:30 2352456 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\Ad-Aware.exe
2009-06-12 15:30 . 2009-06-12 15:30 627536 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\AAWWSC.exe
2009-06-12 15:30 . 2009-06-12 15:30 518488 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\AAWTray.exe
2009-06-12 15:30 . 2009-06-12 15:30 1005904 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\AAWService.exe
2009-06-12 15:28 . 2009-06-12 15:28 -------- dc-h--w- c:\programdata\{2BAE6915-8510-4B9F-B498-02DA86258AA0}
2009-06-12 15:28 . 2009-01-22 11:21 2892184 -c--a-w- c:\programdata\{2BAE6915-8510-4B9F-B498-02DA86258AA0}\Ad-AwareAE.exe
2009-06-12 15:28 . 2009-06-12 15:28 -------- d-----w- c:\program files\Lavasoft
2009-06-12 11:36 . 2009-06-12 11:36 456304 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtbFC4F.tmp.exe
2009-06-11 20:40 . 2009-06-11 20:44 -------- d-----w- c:\programdata\Fighters
2009-06-11 17:03 . 2009-06-11 17:03 -------- d-----w- c:\program files\PowerISO
2009-06-11 01:42 . 2009-06-11 01:42 982 ----a-w- c:\programdata\Bondi\RollingStone\Updates\System.Data.SQLite.dll
2009-06-11 01:42 . 2009-06-11 01:42 978 ----a-w- c:\programdata\Bondi\RollingStone\Updates\BondiReader.DJVU.dll
2009-06-11 01:42 . 2009-06-11 01:42 978 ----a-w- c:\programdata\Bondi\RollingStone\Updates\BondiReader.Core.dll
2009-06-11 01:42 . 2009-06-11 01:42 974 ----a-w- c:\programdata\Bondi\RollingStone\Updates\BondiReader.UI.dll
2009-06-11 01:42 . 2009-06-11 01:42 966 ----a-w- c:\programdata\Bondi\RollingStone\Updates\Lucene.Net.dll
2009-06-11 01:42 . 2009-06-11 01:42 250 ----a-w- c:\programdata\Bondi\RollingStone\Updates\BondiReader.Updater.New.exe
2009-06-11 01:42 . 2009-06-11 01:42 250 ----a-w- c:\programdata\Bondi\RollingStone\Updates\BondiReader.Updater.exe
2009-06-11 01:42 . 2009-06-11 01:42 250 ----a-w- c:\programdata\Bondi\RollingStone\Updates\BondiReader.Package.exe
2009-06-11 01:42 . 2009-06-11 01:42 250 ----a-w- c:\programdata\Bondi\RollingStone\Updates\BondiReader.Console.RollingStone.exe
2009-06-11 01:42 . 2009-06-11 01:42 250 ----a-w- c:\programdata\Bondi\RollingStone\Updates\BondiReader.Console.exe
2009-06-11 01:42 . 2009-06-11 01:42 -------- d-----w- c:\programdata\Bondi
2009-06-11 01:12 . 2009-06-11 01:12 -------- d-----w- c:\users\aybsee\AppData\Local\Bondi
2009-06-11 01:07 . 2009-06-11 01:07 -------- d-----w- c:\users\aybsee\AppData\Roaming\Downloaded Installations
2009-06-10 23:56 . 2009-06-10 23:56 -------- d-----w- c:\users\aybsee\AppData\Local\Thinstall
2009-06-09 22:02 . 2009-03-06 17:25 439672 ----a-w- c:\programdata\Symantec\Definitions\SymcData\ipsdefs\20090604.002\scxpx86.dll
2009-06-09 22:02 . 2009-02-09 22:59 272432 ----a-w- c:\programdata\Symantec\Definitions\SymcData\ipsdefs\20090604.002\IDSvix86.sys
2009-06-09 22:02 . 2009-02-09 22:59 251768 ----a-w- c:\programdata\Symantec\Definitions\SymcData\ipsdefs\20090604.002\symidsco.sys
2009-06-09 22:02 . 2009-02-09 22:59 685432 ----a-w- c:\programdata\Symantec\Definitions\SymcData\ipsdefs\20090604.002\idsxpx86.dll
2009-06-09 22:02 . 2009-02-09 22:59 173432 ----a-w- c:\programdata\Symantec\Definitions\SymcData\ipsdefs\20090604.002\SymIDSI.dll
2009-06-09 22:02 . 2009-02-09 22:59 370224 ----a-w- c:\programdata\Symantec\Definitions\SymcData\ipsdefs\20090604.002\IDSvia64.sys
2009-06-09 22:02 . 2009-02-05 23:55 157120 ----a-w- c:\programdata\Symantec\Definitions\SymcData\ipsdefs\20090604.002\IDS9xx86.dll
2009-06-08 09:36 . 2009-06-08 09:36 7168 ----a-w- c:\users\aybsee\AppData\Roaming\Thinstall\Active@ ZDelete\10000006e00002i\SearchIndexer.exe
2009-06-08 09:35 . 2009-06-11 16:56 -------- d-----w- c:\users\aybsee\AppData\Roaming\Thinstall
2009-06-07 11:01 . 2009-06-07 11:01 -------- d-----w- c:\program files\iPod
2009-06-07 11:01 . 2009-06-07 11:01 -------- d-----w- c:\program files\iTunes
2009-06-07 10:58 . 2009-06-07 10:59 -------- d-----w- c:\program files\QuickTime
2009-06-07 10:53 . 2009-06-07 10:53 75048 ----a-w- c:\programdata\Apple Computer\Installer Cache\iTunes 8.2.0.23\SetupAdmin.exe
2009-06-01 16:28 . 2009-06-01 16:28 -------- d-----w- c:\users\aybsee\AppData\Roaming\Acoustica
2009-06-01 13:09 . 2009-06-01 13:31 -------- d-----w- c:\program files\Common Files\Droppix
2009-05-31 22:42 . 2009-06-10 23:57 524288 ----a-w- c:\users\aybsee\AppData\Roaming\Thinstall\Uninstall Gold 2.0.2.8\%ProgramFilesDir%\Uninstall Gold\ArrmD12.dll
2009-05-26 16:20 . 2009-06-01 13:31 -------- d-----w- c:\programdata\Droppix
2009-05-24 12:57 . 2009-05-24 13:00 159678 ----a-w- c:\windows\hpqins00.dat
2009-05-23 14:47 . 2009-05-23 14:47 -------- d-----w- c:\program files\VS Revo Group
2009-05-22 18:29 . 2009-05-22 18:31 249856 ------w- c:\windows\Setup1.exe
2009-05-22 18:29 . 2009-05-22 18:31 73216 ----a-w- c:\windows\ST6UNST.EXE

.

part 2


.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-18 11:30 . 2009-01-22 14:17 -------- d-----w- c:\users\aybsee\AppData\Roaming\uTorrent
2009-06-18 09:36 . 2009-01-22 15:22 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2009-06-17 21:41 . 2009-01-22 15:20 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-06-17 21:40 . 2009-02-16 18:23 3561743 ----a-w- c:\programdata\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2009-06-17 18:45 . 2009-05-11 08:04 -------- d-----w- c:\program files\7-Zip
2009-06-17 16:26 . 2009-01-28 10:16 -------- d-----w- c:\programdata\Google Updater
2009-06-17 13:03 . 2009-01-27 11:12 410984 ----a-w- c:\windows\system32\deploytk.dll
2009-06-17 11:06 . 2009-01-22 14:35 -------- d-----w- c:\program files\SpywareBlaster
2009-06-17 10:27 . 2009-01-22 15:20 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-06-17 10:27 . 2009-01-22 15:20 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-06-16 16:38 . 2009-01-24 11:46 -------- d-----w- c:\programdata\Soulseek
2009-06-16 14:37 . 2008-08-31 18:51 -------- d-----w- c:\programdata\WildTangent
2009-06-16 14:37 . 2008-08-31 18:51 -------- d-----w- c:\program files\HP Games
2009-06-16 13:11 . 2009-01-22 12:49 -------- d-----w- c:\programdata\Roxio
2009-06-15 09:17 . 2009-06-15 09:17 -------- d-----w- c:\program files\Apex
2009-06-11 02:04 . 2009-01-22 12:04 -------- d-----w- c:\program files\Microsoft Works
2009-06-11 01:30 . 2009-03-29 09:15 -------- d-----w- c:\users\aybsee\AppData\Roaming\Vso
2009-06-10 19:59 . 2009-02-10 11:39 17274 ----a-w- c:\users\aybsee\AppData\Roaming\wklnhst.dat
2009-06-08 15:14 . 2009-01-22 12:06 314704 ----a-w- c:\users\aybsee\AppData\Local\GDIPFONTCACHEV1.DAT
2009-06-07 11:01 . 2009-01-22 15:50 -------- d-----w- c:\program files\Common Files\Apple
2009-06-01 13:10 . 2008-08-31 18:37 -------- d---a-w- c:\program files\Common Files\LightScribe
2009-05-27 14:02 . 2009-01-22 17:17 -------- d-----w- c:\users\aybsee\AppData\Roaming\Image Zone Express
2009-05-23 22:15 . 2009-05-16 12:47 -------- d-----w- c:\users\aybsee\AppData\Roaming\System32
2009-05-22 18:18 . 2009-01-27 15:37 1 ----a-w- c:\users\aybsee\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2009-05-20 09:33 . 2009-05-10 15:37 -------- d-----w- c:\users\aybsee\AppData\Roaming\dBpoweramp
2009-05-16 10:22 . 2009-01-22 12:18 -------- d-----w- c:\program files\Google
2009-05-15 10:01 . 2009-05-15 10:01 -------- d-----w- c:\program files\JRE
2009-05-15 10:01 . 2009-01-27 15:32 -------- d-----w- c:\program files\OpenOffice.org 3
2009-05-13 02:00 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-05-12 20:25 . 2009-05-12 20:25 -------- d-----w- c:\users\aybsee\AppData\Roaming\IObit
2009-05-12 20:25 . 2009-05-12 20:25 -------- d-----w- c:\program files\IObit
2009-05-11 14:36 . 2009-05-11 14:35 -------- d-----w- c:\program files\Virtual Earth 3D
2009-05-11 12:34 . 2009-01-22 17:05 130834 ----a-w- c:\windows\hpoins18.dat
2009-05-10 12:09 . 2009-05-10 11:36 -------- d-----w- c:\program files\DivX
2009-05-10 11:39 . 2009-05-10 11:39 -------- d-----w- c:\users\aybsee\AppData\Roaming\DivX
2009-05-10 10:22 . 2009-01-22 12:37 680 ----a-w- c:\users\aybsee\AppData\Local\d3d9caps.dat
2009-05-09 11:29 . 2009-01-22 16:37 -------- d-----w- c:\users\aybsee\AppData\Roaming\Any Video Converter
2009-05-03 08:10 . 2009-04-23 19:31 -------- d-----w- c:\users\aybsee\AppData\Roaming\Winamp
2009-05-01 11:39 . 2009-05-01 08:49 -------- d-----w- c:\program files\Ask & Record Toolbar
2009-05-01 07:45 . 2009-05-01 07:45 3411 ----a-w- c:\windows\system32\SpoonUninstall-dBpoweramp Shorten Codec.dat
2009-05-01 07:43 . 2009-04-23 04:29 653176 ----a-w- c:\windows\system32\SpoonUninstall.exe
2009-04-28 22:21 . 2009-04-28 22:21 -------- d-----w- c:\users\aybsee\AppData\Roaming\Free&Easy Font Viewer
2009-04-28 22:21 . 2009-04-28 22:21 -------- d-----w- c:\program files\Free&Easy Font Viewer
2009-04-25 03:05 . 2009-04-25 03:03 -------- d-----w- c:\users\aybsee\AppData\Roaming\NewsLeecher
2009-04-24 16:05 . 2009-06-10 09:18 827904 ----a-w- c:\windows\system32\wininet.dll
2009-04-24 16:05 . 2009-04-24 16:05 9216 ----a-w- c:\windows\system32\ctfmon_dw.exe
2009-04-24 16:02 . 2009-06-10 09:18 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-04-24 13:44 . 2009-06-10 09:18 26624 ----a-w- c:\windows\system32\ieUnatt.exe
2009-04-24 06:32 . 2009-04-24 06:32 -------- d-----w- c:\programdata\vsosdk
2009-04-24 05:39 . 2009-03-29 09:15 47360 ----a-w- c:\users\aybsee\AppData\Roaming\pcouffin.sys
2009-04-24 05:39 . 2009-03-29 09:15 47360 ----a-w- c:\users\aybsee\AppData\Roaming\pcouffin.sys
2009-04-24 05:39 . 2009-04-24 05:39 -------- d-----w- c:\program files\VSO
2009-04-23 19:32 . 2009-04-23 19:31 -------- d-----w- c:\program files\Winamp
2009-04-23 12:43 . 2009-06-10 09:18 784896 ----a-w- c:\windows\system32\rpcrt4.dll
2009-04-23 12:42 . 2009-06-10 09:18 636928 ----a-w- c:\windows\system32\localspl.dll
2009-04-23 12:06 . 2009-04-23 12:05 -------- d-----w- c:\programdata\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-04-23 07:11 . 2009-04-24 05:38 17766400 ----a-w- c:\windows\vsoConvertXtoDVD3_setup.exe
2009-04-23 04:29 . 2009-04-23 04:29 -------- d-----w- c:\users\aybsee\AppData\Roaming\AccurateRip
2009-04-23 04:29 . 2009-04-23 04:29 10099 ----a-w- c:\windows\system32\SpoonUninstall-dBpoweramp DSP Effects.dat
2009-04-23 04:29 . 2009-04-23 04:29 14639 ----a-w- c:\windows\system32\SpoonUninstall-dBpoweramp Music Converter.dat
2009-04-23 04:29 . 2009-04-23 04:29 -------- d-----w- c:\program files\Illustrate
2009-04-23 04:27 . 2009-04-07 21:48 5 ----a-w- c:\windows\sbacknt.bin
2009-04-23 04:24 . 2009-04-07 21:47 152904 ----a-w- c:\windows\system32\vghd.scr
2009-04-23 04:24 . 2009-04-07 21:47 -------- d-----w- c:\users\aybsee\AppData\Roaming\vghd
2009-04-22 09:02 . 2009-04-22 09:02 -------- d-----w- c:\program files\Opera
2009-04-21 12:01 . 2009-04-21 12:00 -------- d-----w- c:\program files\TagScanner
2009-04-21 11:55 . 2009-06-10 09:18 2033152 ----a-w- c:\windows\system32\win32k.sys
2009-04-15 12:16 . 2009-04-25 12:50 89104 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\BinHub\NAVENG.SYS
2009-04-15 12:16 . 2009-04-25 12:50 876144 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\BinHub\NAVEX15.SYS
2009-04-15 12:16 . 2009-04-25 12:50 371248 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\BinHub\EECTRL.SYS
2009-04-15 12:16 . 2009-04-25 12:50 259368 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\BinHub\ECMSVR32.DLL
2009-04-15 12:16 . 2009-04-25 12:50 2414128 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\BinHub\CCERASER.DLL
2009-04-15 12:16 . 2009-04-25 12:50 177520 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\BinHub\NAVENG32.DLL
2009-04-15 12:16 . 2009-04-25 12:50 1181040 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\BinHub\NAVEX32A.DLL
2009-04-15 12:16 . 2009-04-25 12:50 101936 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\BinHub\ERASER.SYS
2009-04-08 15:29 . 2009-04-08 15:29 4 ----a-w- c:\windows\info147.sys
2009-03-31 22:57 . 2009-04-03 07:07 583 ----a-w- c:\programdata\Symantec\Definitions\SymcData\ipsdefs\tmp7e4.tmp\cur.scr
2009-03-31 12:46 . 2008-08-31 18:41 148888 ----a-w- c:\windows\system32\jusched.exe
2009-03-31 12:46 . 2008-08-31 18:41 54680 ----a-w- c:\windows\system32\jureg.exe
2009-03-31 12:46 . 2008-08-31 18:41 386480 ----a-w- c:\windows\system32\jucheck.exe
2009-03-29 09:15 . 2009-03-29 09:15 47360 ----a-w- c:\windows\system32\drivers\pcouffin.sys
2009-03-28 15:11 . 2009-03-28 15:11 10134 ----a-r- c:\users\aybsee\AppData\Roaming\Microsoft\Installer\{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}\ARPPRODUCTICON.exe
2008-09-01 03:04 . 2008-09-01 03:04 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
.

part 3

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-01-22 39408]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-08-22 2363392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2007-04-18 65536]
"KBD"="c:\hp\KBD\KbdStub.EXE" [2006-12-08 65536]
"OsdMaestro"="c:\program files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" [2007-02-15 118784]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-22 13539872]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-22 92704]
"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-06-02 75008]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-10-14 49152]
"diagnostics"="c:\program files\Thomson\ST330\diagnostics\diagnostics.exe" [2009-01-22 557149]
"IpodManagerService"="c:\program files\Froddle Pod\ipm_as.exe" [2008-08-16 24576]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-05-13 177472]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-06-02 80896]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 32768]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2008-10-17 51048]
"osCheck"="c:\program files\Norton 360\osCheck.exe" [2008-02-26 988512]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"RoxWatchTray"="c:\program files\Common Files\Roxio Shared\11.0\SharedCOM\RoxWatchTray11.exe" [2008-08-14 240112]
"CPMonitor"="c:\program files\Roxio Creator 2009\5.0\CPMonitor.exe" [2008-08-10 80368]
"Ask and Record FLV Service"="c:\program files\Ask & Record Toolbar\FLVSrvc.exe" [2009-03-10 156672]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-05-30 292136]
"PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2009-03-15 180224]
"Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2009-06-12 518488]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-06-17 148888]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2008-3-25 214360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{D26E0A45-BEFB-420A-AF1E-A7F22077F9AD}"= UDP:c:\users\aybsee\AppData\Local\Temp\Installer.exe:SpeedTouch Home Install Wizard
"{CDE56FF1-CC4D-4DE0-B395-536262986840}"= TCP:c:\users\aybsee\AppData\Local\Temp\Installer.exe:SpeedTouch Home Install Wizard
"{959EBA42-E474-4351-A986-D3EAAE73A4DD}"= UDP:c:\program files\Thomson\ST330\service\st330service.exe:ST330 service
"{36BF70B8-CD6E-4C76-872E-0E52655F5A06}"= TCP:c:\program files\Thomson\ST330\service\st330service.exe:ST330 service
"{F2A387E2-AB3A-4476-88C0-E258B566D03E}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{E7D183F1-9843-4AC8-AD9D-112C07AB4720}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{9CD3B4BD-C60F-46DE-BD0F-0514D097B1EF}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent (TCP-In)
"{9588E044-B137-425E-8890-3171CC90EC81}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent (UDP-In)
"{92FF7AE2-7DFE-455E-BAE4-EC9F54407F5B}"= c:\program files\HP\Digital Imaging\bin\hpqpse.exe:hpqpse.exe
"{3A54F926-D26D-4B07-B6A7-659AE4EF8BD5}"= c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe:hpqphotocrm.exe
"{1C6EA98C-0B06-44FE-B4B7-3315414D2CA1}"= c:\program files\HP\Digital Imaging\bin\hpqsudi.exe:hpqsudi.exe
"{F07CE963-4E48-4FA3-8E1F-9C0EF12218E2}"= c:\program files\HP\Digital Imaging\bin\hpqpsapp.exe:hpqpsapp.exe
"{65B70298-FB7E-4E79-B2EB-5771EEE8F5E0}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{F585DFA8-86D9-41F2-BD86-5D6F8150729E}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{59E8C0D2-2D29-4433-B108-29717F15ECBA}"= UDP:c:\program files\HP\Digital Imaging\bin\hpqscnvw.exe:hpqscnvw
"{39084601-7A3C-4E44-A915-CE8E6F1E3398}"= TCP:c:\program files\HP\Digital Imaging\bin\hpqscnvw.exe:hpqscnvw
"TCP Query User{3E72BEA0-3A68-444C-97B2-038B647BFAB2}c:\\program files\\soulseekns\\slsk.exe"= UDP:c:\program files\soulseekns\slsk.exe:SoulSeek
"UDP Query User{B90E0A08-7429-41AA-AF7B-DB14BD526ED9}c:\\program files\\soulseekns\\slsk.exe"= TCP:c:\program files\soulseekns\slsk.exe:SoulSeek
"TCP Query User{3463CE11-B62D-45E9-B1E0-05D86CC75818}c:\\program files\\opera\\opera.exe"= UDP:c:\program files\opera\opera.exe:Opera Internet Browser
"UDP Query User{6A4EC7D3-C6A8-4426-B3E0-0E2A3BD36777}c:\\program files\\opera\\opera.exe"= TCP:c:\program files\opera\opera.exe:Opera Internet Browser
"{8216CA14-9378-40A3-AC97-11D61D55231C}"= Disabled:UDP:c:\program files\HP\Digital Imaging\bin\hpqtra08.exe:hpqtra08.exe
"{F5A3B14B-A7A3-48CC-BEAE-178C6F423C18}"= Disabled:TCP:c:\program files\HP\Digital Imaging\bin\hpqtra08.exe:hpqtra08.exe
"{A87D0D95-14D1-4891-9AEB-EE2AE087045F}"= Disabled:UDP:c:\program files\HP\Digital Imaging\bin\hpqste08.exe:hpqste08.exe
"{30C44C30-9803-467A-B922-E3A673C7019A}"= Disabled:TCP:c:\program files\HP\Digital Imaging\bin\hpqste08.exe:hpqste08.exe
"{E0B32054-F581-4554-A5B6-3451529FDEBC}"= Disabled:UDP:c:\program files\HP\Digital Imaging\bin\hpofxm08.exe:hpofxm08.exe
"{022C0EB4-92C8-412B-8E9B-C64CCA48F104}"= Disabled:TCP:c:\program files\HP\Digital Imaging\bin\hpofxm08.exe:hpofxm08.exe
"{378B40F0-C6EB-4882-89E3-6E88824FC54C}"= Disabled:UDP:c:\program files\HP\Digital Imaging\bin\hposfx08.exe:hposfx08.exe
"{35A6C999-8D55-42CA-B7D8-0DBCB12FD726}"= Disabled:TCP:c:\program files\HP\Digital Imaging\bin\hposfx08.exe:hposfx08.exe
"{206C1EEF-EFC2-465A-9B88-9D8F39C6201A}"= Disabled:UDP:c:\program files\HP\Digital Imaging\bin\hposid01.exe:hposid01.exe
"{61711455-1AA7-4C78-A5A8-902198793279}"= Disabled:TCP:c:\program files\HP\Digital Imaging\bin\hposid01.exe:hposid01.exe
"{4F8ED4D1-0789-4887-A66D-0DD59DA3D2F3}"= Disabled:UDP:c:\program files\HP\Digital Imaging\bin\hpzwiz01.exe:hpzwiz01.exe
"{54A8D041-CE28-4DF2-8813-5891F779988D}"= Disabled:TCP:c:\program files\HP\Digital Imaging\bin\hpzwiz01.exe:hpzwiz01.exe
"{7E4A26B1-C3AF-4DFC-96D5-C5E78FA32D83}"= Disabled:UDP:c:\program files\HP\Digital Imaging\bin\hpoews01.exe:hpoews01.exe
"{A2419E46-3DC7-41D1-BD0F-67F5F1859DD4}"= Disabled:TCP:c:\program files\HP\Digital Imaging\bin\hpoews01.exe:hpoews01.exe
"{83E92633-0065-4B16-A390-752A529AA45B}"= Disabled:UDP:c:\program files\HP\Digital Imaging\bin\hpiscnapp.exe:hpiscnapp.exe
"{D51B2528-15BE-4554-909A-65574FD6D808}"= Disabled:TCP:c:\program files\HP\Digital Imaging\bin\hpiscnapp.exe:hpiscnapp.exe
"{7F53999F-11B0-424D-BAD9-E82DA1F914CD}"= Disabled:UDP:c:\program files\HP\Digital Imaging\bin\hpqkygrp.exe:hpqkygrp.exe
"{B8945749-CE62-4B38-B76A-70B98AF3C8CF}"= Disabled:TCP:c:\program files\HP\Digital Imaging\bin\hpqkygrp.exe:hpqkygrp.exe
"{0DE6C9CD-4989-4306-A3DD-3BD3A3580229}"= UDP:c:\users\aybsee\AppData\Local\Temp\7zS976E.tmp\SymNRT.exe:Norton Removal Tool
"{24392C54-7AB2-4003-A3B5-9B12FA628E0C}"= TCP:c:\users\aybsee\AppData\Local\Temp\7zS976E.tmp\SymNRT.exe:Norton Removal Tool
"TCP Query User{38649AEC-18CD-44B2-B900-03141E10EDA5}c:\\program files\\orbitdownloader\\orbitnet.exe"= UDP:c:\program files\orbitdownloader\orbitnet.exe:P2P service of Orbit Downloader
"UDP Query User{3FDF429B-6221-449F-B456-685CFF7735D0}c:\\program files\\orbitdownloader\\orbitnet.exe"= TCP:c:\program files\orbitdownloader\orbitnet.exe:P2P service of Orbit Downloader
"TCP Query User{CA852980-8E53-4B06-91B6-CF5C2FDB0BC5}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{BF84E914-BE17-469B-94AB-4C3F9A0EA7EE}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer

part 4

"{372F8805-66E8-43C4-AE2C-DBB7A0D7F99B}"= UDP:c:\windows\Temp\~os697D.tmp\ossproxy.exe:ossproxy.exe
"{82B908E6-4361-4F16-9E3C-4CA818AF47F7}"= UDP:c:\windows\Temp\~osFF8.tmp\ossproxy.exe:ossproxy.exe
"{9C40F25C-D4DD-4B2B-960C-05F27E7E9CEB}"= UDP:c:\windows\Temp\~os9C01.tmp\ossproxy.exe:ossproxy.exe
"{2EC753DD-6AF5-475B-9613-10E869397AF0}"= UDP:c:\windows\Temp\~os27DC.tmp\ossproxy.exe:ossproxy.exe
"{9663B95E-6B57-4E65-8F18-1DEBF47858A6}"= UDP:c:\windows\Temp\~osAD7F.tmp\ossproxy.exe:ossproxy.exe
"{87E6A006-E940-4648-B4F9-9B9531D8245F}"= UDP:c:\windows\Temp\~os33FC.tmp\ossproxy.exe:ossproxy.exe
"{DB1E7BF1-09B0-44A7-9992-B990F29D6B57}"= UDP:c:\windows\Temp\~os45D7.tmp\ossproxy.exe:ossproxy.exe
"{076AC9BA-9FBA-4836-A9A4-04A3869E8619}"= UDP:c:\windows\Temp\~osCF60.tmp\ossproxy.exe:ossproxy.exe
"{F981BA21-8E65-481C-81F2-4AAFAB1D1A00}"= UDP:c:\windows\Temp\~os5938.tmp\ossproxy.exe:ossproxy.exe
"{5B30EB09-8874-4FAF-8775-DDECCB86C3B2}"= UDP:c:\windows\Temp\~osE466.tmp\ossproxy.exe:ossproxy.exe
"{33981B4B-F0F3-4CB1-97D5-789DF3960079}"= UDP:c:\windows\Temp\~os7050.tmp\ossproxy.exe:ossproxy.exe
"{6B074D2F-AD43-414E-A563-577631475F03}"= UDP:c:\windows\Temp\~osFA47.tmp\ossproxy.exe:ossproxy.exe
"{3DC8D359-2C2F-419F-8FAC-6A21D2D54C87}"= UDP:c:\windows\Temp\~os8344.tmp\ossproxy.exe:ossproxy.exe
"{F158436A-E3C7-4897-8A12-280432BF0044}"= UDP:c:\windows\Temp\~os964.tmp\ossproxy.exe:ossproxy.exe
"{B4404DD4-E81C-4FCF-A07E-00E82ADAB4D5}"= UDP:c:\windows\Temp\~os9666.tmp\ossproxy.exe:ossproxy.exe
"{EDA42005-798E-4F86-9533-17A9DF4CE980}"= UDP:c:\windows\Temp\~os259B.tmp\ossproxy.exe:ossproxy.exe
"{B21BFDC9-F732-4BCF-A494-3799B306E15C}"= UDP:c:\windows\Temp\~osE5ED.tmp\ossproxy.exe:ossproxy.exe
"{B860FB7A-3B98-4E8F-A9B6-CF6AEBEAC892}"= UDP:c:\windows\Temp\~os7234.tmp\ossproxy.exe:ossproxy.exe
"{ECAE0193-8C5C-47D3-824E-3E129E71ADC5}"= UDP:c:\windows\Temp\~os3840.tmp\ossproxy.exe:ossproxy.exe
"{D5905EEB-B08E-4506-94F2-81775A7BD4F8}"= UDP:c:\windows\Temp\~osC582.tmp\ossproxy.exe:ossproxy.exe
"{4E5F9487-060C-4D9D-9941-7B61EC7094D3}"= UDP:c:\windows\Temp\~os4E50.tmp\ossproxy.exe:ossproxy.exe
"{0D16F14D-1DC5-4C66-89BD-B3799CBE1BAD}"= UDP:c:\windows\Temp\~osD3B4.tmp\ossproxy.exe:ossproxy.exe
"{DC44D0F0-AB2C-44CE-8304-F985D2FEC41F}"= UDP:c:\windows\Temp\~os5CC1.tmp\ossproxy.exe:ossproxy.exe
"{EE1696E8-BEE4-40A8-9F6F-0F13DA863003}"= UDP:c:\windows\Temp\~osE689.tmp\ossproxy.exe:ossproxy.exe
"{9B1A2D57-D913-4E04-802E-3B486BD7ABFB}"= UDP:c:\windows\Temp\~os6E2F.tmp\ossproxy.exe:ossproxy.exe
"{AC904869-DBCB-4489-A8AC-76DB2992B08D}"= UDP:c:\windows\Temp\~osEC.tmp\ossproxy.exe:ossproxy.exe
"{D1F2D22B-5A08-46DF-8779-650B0ECEB39D}"= UDP:c:\windows\Temp\~os89BA.tmp\ossproxy.exe:ossproxy.exe
"{A71E96BB-D04F-4342-84A3-E8FD21584849}"= UDP:c:\windows\Temp\~osEE0.tmp\ossproxy.exe:ossproxy.exe
"{D0783B8B-89B2-4A63-BE71-B1AFEC40F58F}"= UDP:c:\windows\Temp\~osA037.tmp\ossproxy.exe:ossproxy.exe
"{B4F3A850-A756-4A59-954F-F0D30533971B}"= UDP:c:\windows\Temp\~os26E3.tmp\ossproxy.exe:ossproxy.exe
"{47CC9268-82E2-47BF-88B2-7124B5F852B8}"= UDP:c:\windows\Temp\~os4107.tmp\ossproxy.exe:ossproxy.exe
"{4E7D280B-800E-4CA6-921F-BA7732596B46}"= UDP:c:\windows\Temp\~osCA91.tmp\ossproxy.exe:ossproxy.exe
"{2802E7DB-040C-4986-927E-2ACBD7878310}"= UDP:c:\windows\Temp\~os56E8.tmp\ossproxy.exe:ossproxy.exe
"{26B59B79-1266-425C-8351-AFCD619B2158}"= UDP:c:\windows\Temp\~osE293.tmp\ossproxy.exe:ossproxy.exe
"{08287EA4-C688-498E-B911-7702EFDE0176}"= UDP:c:\windows\Temp\~os6EBB.tmp\ossproxy.exe:ossproxy.exe
"{1B1D9241-4A79-4395-9E81-87E71AAC9468}"= UDP:c:\windows\Temp\~osF7E7.tmp\ossproxy.exe:ossproxy.exe
"{C00BFAB8-94D7-4872-8687-2BBC0AEBD517}"= UDP:c:\windows\Temp\~os8104.tmp\ossproxy.exe:ossproxy.exe
"{59B78775-D7A7-458D-A219-EED2F08AAD73}"= UDP:c:\windows\Temp\~os15C3.tmp\ossproxy.exe:ossproxy.exe
"{193D0EA3-5BBB-4155-8410-292BDD6C94DC}"= UDP:c:\windows\Temp\~osA1EC.tmp\ossproxy.exe:ossproxy.exe
"{6026B35E-EE9E-42C0-B46B-73FE89AEBAD7}"= UDP:c:\windows\Temp\~os2CEC.tmp\ossproxy.exe:ossproxy.exe
"{A297FBF0-0627-477B-8797-9CF9EFE46D34}"= UDP:c:\windows\Temp\~osB981.tmp\ossproxy.exe:ossproxy.exe
"{EC26A3CB-239C-4F45-8AAE-72BEAA299EF3}"= UDP:c:\windows\Temp\~os5717.tmp\ossproxy.exe:ossproxy.exe
"{78F313B3-A455-4C61-8C78-1586A8195278}"= UDP:c:\windows\Temp\~os4B4.tmp\ossproxy.exe:ossproxy.exe
"{670A4702-934D-41F2-A8BE-E409497175B2}"= UDP:c:\windows\Temp\~os7FE.tmp\ossproxy.exe:ossproxy.exe
"{D86658E1-8C8D-4EDB-88DC-264D1F9434EF}"= UDP:c:\windows\Temp\~os9417.tmp\ossproxy.exe:ossproxy.exe
"{A1E1DA1B-B1DA-472A-8B71-BFE60F6CBBA5}"= UDP:c:\windows\Temp\~os1D90.tmp\ossproxy.exe:ossproxy.exe
"{A53955CF-3209-4EBB-BFAF-C73772FEFDDB}"= UDP:c:\windows\Temp\~osAAA3.tmp\ossproxy.exe:ossproxy.exe
"{4D47842E-F5C3-4310-BD13-DDE5D92FBE97}"= UDP:c:\windows\Temp\~os3D9E.tmp\ossproxy.exe:ossproxy.exe
"{F19107BB-8208-4DE7-9FC0-71A220276E7A}"= UDP:c:\windows\Temp\~osCFDE.tmp\ossproxy.exe:ossproxy.exe
"{E05BC5C0-391E-43C0-A4F2-EC34C8F79A28}"= UDP:c:\windows\Temp\~os589D.tmp\ossproxy.exe:ossproxy.exe
"{307C7464-B280-439C-855C-3C9F2E8B6DF0}"= UDP:c:\windows\Temp\~osE468.tmp\ossproxy.exe:ossproxy.exe
"{DA3E2223-116A-4428-B811-CB2B4FD30989}"= UDP:c:\windows\Temp\~os6FB6.tmp\ossproxy.exe:ossproxy.exe
"{D203DCF3-38AB-4581-BCAD-662FE37DB2FB}"= UDP:c:\windows\Temp\~osF6EE.tmp\ossproxy.exe:ossproxy.exe
"{30AF3383-B4C8-4510-80B4-214FC329DC7F}"= UDP:c:\windows\Temp\~os1B8.tmp\ossproxy.exe:ossproxy.exe
"{CD0899F9-B5A8-4217-A48D-4A24B07BFCAB}"= UDP:c:\windows\Temp\~osFDE1.tmp\ossproxy.exe:ossproxy.exe
"{8163E022-86F4-48FF-964C-DC2C02CC5BA4}"= UDP:c:\windows\Temp\~osFA0A.tmp\ossproxy.exe:ossproxy.exe
"{E9BE5AF9-01F5-442A-ADA5-9AA21E2F3426}"= UDP:c:\windows\Temp\~osEF8F.tmp\ossproxy.exe:ossproxy.exe
"{9E9F1EA9-DF0D-4DD1-B719-2BA1115F00B1}"= UDP:c:\windows\Temp\~osD674.tmp\ossproxy.exe:ossproxy.exe
"{8D145027-418C-459B-B015-A18D1EAC3AA9}"= UDP:c:\windows\Temp\~osBFD8.tmp\ossproxy.exe:ossproxy.exe
"{13DC02BD-6F69-48D5-97A7-93D6C61D13E3}"= UDP:c:\windows\Temp\~osB09C.tmp\ossproxy.exe:ossproxy.exe
"{0B10ED1F-E1A0-43B8-A7DF-21A584A32F8A}"= UDP:c:\windows\Temp\~os9D99.tmp\ossproxy.exe:ossproxy.exe
"{89B5F68E-3D89-49E0-81ED-233578CBC10D}"= UDP:c:\windows\Temp\~os61E1.tmp\ossproxy.exe:ossproxy.exe
"{E2DC5EA4-360F-4F8A-A07C-C1521C6BB51B}"= UDP:c:\windows\Temp\~osEC16.tmp\ossproxy.exe:ossproxy.exe
"{9BB46AA8-9D9E-4C93-A0B4-E5005502E431}"= UDP:c:\windows\Temp\~osD78D.tmp\ossproxy.exe:ossproxy.exe
"{87B34B45-BDF7-4315-BB4A-08BDE965D801}"= UDP:c:\windows\Temp\~os3AB.tmp\ossproxy.exe:ossproxy.exe
"{D61E4001-A197-41A8-8B4A-C8EDBDC8A3E6}"= UDP:c:\windows\Temp\~osDDD4.tmp\ossproxy.exe:ossproxy.exe
"{A3909EF3-972D-408C-8980-723A793ABDEF}"= UDP:c:\windows\Temp\~osC277.tmp\ossproxy.exe:ossproxy.exe
"{E79FF07E-8FFF-45B1-B149-5A66F33F007B}"= UDP:c:\windows\Temp\~osA805.tmp\ossproxy.exe:ossproxy.exe
"{0C5687B8-22C6-4B09-95AD-16D0D3A15CCE}"= UDP:c:\windows\Temp\~os92B1.tmp\ossproxy.exe:ossproxy.exe
"{54A5DAEE-5AE9-4A2D-BC12-0E2A2FA8A418}"= UDP:c:\windows\Temp\~os719A.tmp\ossproxy.exe:ossproxy.exe
"{C4C94B1B-85ED-42A2-A832-A2FD9120AA02}"= UDP:c:\windows\Temp\~os6673.tmp\ossproxy.exe:ossproxy.exe
"{91072AA5-9CE3-4266-96FD-728C156970CA}"= UDP:c:\windows\Temp\~os58CD.tmp\ossproxy.exe:ossproxy.exe
"{DCA3555B-711A-4C24-9959-380FB7467BCE}"= UDP:c:\windows\Temp\~os3565.tmp\ossproxy.exe:ossproxy.exe
"{7328CCFE-FFFC-492B-B3A1-1106FC2A2A94}"= UDP:c:\windows\Temp\~os371A.tmp\ossproxy.exe:ossproxy.exe
"{84704CC8-0D3D-4856-9EF9-7B981F9C3197}"= UDP:c:\windows\Temp\~os1613.tmp\ossproxy.exe:ossproxy.exe
"{DF32BE7B-A245-4CB1-95BB-08275280A9C3}"= UDP:c:\windows\Temp\~os3DA.tmp\ossproxy.exe:ossproxy.exe
"{F7A28B4F-A50C-441D-9D8C-B20BCF96056C}"= UDP:c:\windows\Temp\~osDF1C.tmp\ossproxy.exe:ossproxy.exe
"{048B8271-D311-4A0D-9351-F6C8FEFB006A}"= UDP:c:\windows\Temp\~osABBD.tmp\ossproxy.exe:ossproxy.exe
"{F0FD0085-2EE1-418F-AF3E-5464456DB41C}"= UDP:c:\windows\Temp\~osB168.tmp\ossproxy.exe:ossproxy.exe
"{E884332A-7ACB-4228-812E-8AADB7A25359}"= UDP:c:\windows\Temp\~os91A8.tmp\ossproxy.exe:ossproxy.exe
"{1D71E728-6866-49F4-8982-0335808F82CC}"= UDP:c:\windows\Temp\~os8EAC.tmp\ossproxy.exe:ossproxy.exe
"{4CA27AD1-192D-4D54-806F-41A62372544A}"= UDP:c:\windows\Temp\~os8A29.tmp\ossproxy.exe:ossproxy.exe
"{101EDBAE-8F34-4D5E-9663-E06E9D7669B7}"= UDP:c:\windows\Temp\~os9DF4.tmp\ossproxy.exe:ossproxy.exe
"{E943C365-0A4D-44E0-B973-98F06605EA17}"= UDP:c:\windows\Temp\~os2FC7.tmp\ossproxy.exe:ossproxy.exe
"{3FD679E8-BE8B-4B59-9516-38AB3DF8D60B}"= UDP:c:\windows\Temp\~osB895.tmp\ossproxy.exe:ossproxy.exe
"{401C7E8F-EE40-4B5A-B339-E57EEF0DBB22}"= UDP:c:\windows\Temp\~os4C7B.tmp\ossproxy.exe:ossproxy.exe
"{6DCA2AE4-0E6A-403B-8B2C-99A0645EFD08}"= UDP:c:\windows\Temp\~osF22B.tmp\ossproxy.exe:ossproxy.exe
"{323C77B8-0852-4402-9BEC-BA177A0B0B6E}"= UDP:c:\windows\Temp\~osD3E2.tmp\ossproxy.exe:ossproxy.exe
"{8CA04FD1-9974-4779-AA92-1598C504C0EE}"= UDP:c:\windows\Temp\~osA361.tmp\ossproxy.exe:ossproxy.exe
"{035443C1-007C-47D3-B800-6B780554CFD8}"= UDP:c:\windows\Temp\~os844D.tmp\ossproxy.exe:ossproxy.exe
"{68395E13-AC1E-46E9-A32B-2A16E7971C54}"= UDP:c:\windows\Temp\~os1AB2.tmp\ossproxy.exe:ossproxy.exe
"{60D95EB2-B65F-4894-BD1B-A591A3D28B72}"= UDP:c:\windows\Temp\~osB819.tmp\ossproxy.exe:ossproxy.exe
"{0726F895-EFD8-448E-A34F-B1A1A22E86D5}"= UDP:c:\windows\Temp\~os5F9D.tmp\ossproxy.exe:ossproxy.exe
"{420C3332-E545-4233-A02D-6E1516542636}"= UDP:c:\windows\Temp\~osEB0B.tmp\ossproxy.exe:ossproxy.exe
"{BC811F14-0EEC-430B-9CBA-8BD386AB8A22}"= UDP:c:\windows\Temp\~os5207.tmp\ossproxy.exe:ossproxy.exe
"{35246859-6B95-49BF-B63E-78463D1C92F9}"= UDP:c:\windows\Temp\~os73C9.tmp\ossproxy.exe:ossproxy.exe
"{3494B1E7-DB41-4FC0-9331-2B1E7D4DD296}"= UDP:c:\windows\Temp\~osA3E.tmp\ossproxy.exe:ossproxy.exe
"{F20A8329-BCDD-47F0-9AFF-67D23E1833E4}"= UDP:c:\windows\Temp\~os95CA.tmp\ossproxy.exe:ossproxy.exe
"{8E517BA1-07DA-4CF6-9875-B7C7F6E0AD17}"= UDP:c:\windows\Temp\~osBEBE.tmp\ossproxy.exe:ossproxy.exe
"{A9F8055C-0E96-4EA3-9270-31C0DB9BBF72}"= UDP:c:\windows\Temp\~osC37E.tmp\ossproxy.exe:ossproxy.exe
"{C48E0B15-3EE8-4147-8F04-E9AD5D8FE1D6}"= UDP:c:\windows\Temp\~osCC93.tmp\ossproxy.exe:ossproxy.exe
"{B9A16DB4-64D0-433D-94CF-BB62E24470A7}"= UDP:c:\windows\Temp\~osD52A.tmp\ossproxy.exe:ossproxy.exe
"{B75EAF5D-4FF8-4F06-AF29-A57EEAEF78AC}"= UDP:c:\windows\Temp\~os15B3.tmp\ossproxy.exe:ossproxy.exe
"{65D0C498-26E5-47CD-90DB-42EC1AC3F82A}"= UDP:c:\windows\Temp\~os7926.tmp\ossproxy.exe:ossproxy.exe
"{E65109DA-DBA3-47BF-9673-A9C7033AE0EA}"= UDP:c:\windows\Temp\~os9D0B.tmp\ossproxy.exe:ossproxy.exe
"{3B698975-A2AA-45EC-AC09-124B4A2F31E7}"= UDP:c:\windows\Temp\~osCE29.tmp\ossproxy.exe:ossproxy.exe
"{922598CB-E8AA-4DF4-B6E1-712ADFC4F208}"= UDP:c:\windows\Temp\~osBE60.tmp\ossproxy.exe:ossproxy.exe
"{23EC15AA-59EA-4D51-ADCE-3305F3500256}"= UDP:c:\windows\Temp\~osCAFE.tmp\ossproxy.exe:ossproxy.exe

Click Start > Run and copy/paste the following bolded text into the Run box and click OK:

ComboFix /u



This will also reset your restore points.

How is the machine running now?

Thank you,I believe my problem is now solved,as so far it appears to function normally.thanks once more