"Insecure Internet activity. Threat of virus attack" WARNING

I keep getting this warning screen:
"Due to insecure Internet browsing your PC can easily get infected with viruses, worms and trojans without your knowledge, and that can lead to system slowdown, freezes and crashes.
Also insecure Internet activity can result in revealing your personal information.
To get full advanced real-time protection for PC and Internet activity, activate WinPC Antivirus.

We recommend you to protect your PC now and continue safe Internet browsing.

Click here to get full advanced real-time protection and continue browsing.
Continue to this website unprotected (not recommended)."

And for whatever reason, for the past couple of months, Internet Explorer shuts down on me when I'm using myspace.

Help!? Thank you!

Please download the current version of HijackThis from HERE

• Double click and run the installer.
  
• It will install to C:\Program Files\Trend Micro\HijackThis\hijackthis.exe
  
• After installing, you should get the user agreement, press accept and Hijack This will run.
  
• Select Do a system scan and save a log file. This will open a notepad file of everything Hijack This found, copy and paste it back here.
  

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:12:26 PM, on 12/14/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\Program Files\Trend Micro\Antivirus\Tmntsrv.exe
C:\Program Files\Trend Micro\Antivirus\tmproxy.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopDisplay.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe
C:\Program Files\Trend Micro\Antivirus\pccguide.exe
C:\Program Files\Trend Micro\Antivirus\PCClient.exe
C:\Program Files\Trend Micro\Antivirus\TMOAgent.exe
C:\Program Files\Wireless Optical Mouse\MOffice.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\Wireless Optical Mouse\MOUSE32A.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\BigFix\bigfix.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\Webroot\Spy Sweeper\SSU.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Internet Explorer\iexplore.exe
c:\program files\aol\aim toolbar 5.0\AolTbServer.exe
C:\PROGRA~1\AVG\AVG8\aAvgApi.exe
C:\Documents and Settings\Owner.YOUR-C810DDB26D\My Documents\My Pictures\RSIT.exe
C:\Program Files\trend micro\Owner.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.gateway.com/g/sidepanel.html?Ch=Retail&Br=GTW&Loc=ENG_US&Sys=PTB&M=MX6446
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.johnnycupcakes.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.gateway.com/g/sidepanel.html?Ch=Retail&Br=GTW&Loc=ENG_US&Sys=PTB&M=MX6446
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O3 - Toolbar: AIM Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [SynTPLpr] "C:\Program Files\Synaptics\SynTP\SynTPLpr.exe"
O4 - HKLM\..\Run: [SynTPEnh] "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
O4 - HKLM\..\Run: [Reminder] %WINDIR%\Creator\Remind_XP.exe
O4 - HKLM\..\Run: [Recguard] %WINDIR%\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [SMSERIAL] "C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe"
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [MSKDetectorExe] "C:\Program Files\McAfee\SpamKiller\MSKDetct.exe" /uninstall
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Antivirus\pccguide.exe"
O4 - HKLM\..\Run: [PCClient.exe] "C:\Program Files\Trend Micro\Antivirus\PCClient.exe"
O4 - HKLM\..\Run: [TM Outbreak Agent] "C:\Program Files\Trend Micro\Antivirus\TMOAgent.exe" /run
O4 - HKLM\..\Run: [REGSHAVE] "C:\Program Files\REGSHAVE\REGSHAVE.EXE" /AUTORUN
O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] "C:\Program Files\Wireless Optical Mouse\MOffice.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [brastk] brastk.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [Power2GoExpress] NA
O4 - HKCU\..\Run: [EasyLinkAdvisor] "C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe" /startup
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [Facegame] "C:\Documents and Settings\Owner.YOUR-C810DDB26D\Application Data\Facegame\Facegame.exe" 61A847B5BBF72813338B2B27128065E9C084320161C4661227A755E9C2933154389A
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\bigfix.exe
O8 - Extra context menu item: &AIM Search - c:\program files\aol\aim toolbar 5.0\resources\en-US\local\search.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: AIM Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Filter hijack: text/html - {0fdcc99d-a58f-4b82-a98c-f88a0c7aaca1} - C:\WINDOWS\system32\msiebbar.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL,avgrsstx.dll C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
O23 - Service: Trend NT Realtime Service (Tmntsrv) - Trend Micro Incorporated. - C:\Program Files\Trend Micro\Antivirus\Tmntsrv.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Incorporated. - C:\Program Files\Trend Micro\Antivirus\tmproxy.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

--
End of file - 10503 bytes

Hello.

I see you have Viewpoint software installed.

Viewpoint Manager is considered as foistware instead of malware since it is installed without users approval but doesn't spy or do anything "bad". Read this article: here and here

I suggest you remove the program now.

Go to Start > Control Panel > Add/Remove Programs and remove the following programs if present.

• Viewpoint Manager (remove only)
  
• Viewpoint Media Player
  
• Viewpoint Toolbar
  

• Open HijackThis
  
• Choose "Do a system scan only"
  
• Check the boxes in front of these lines:
  
  
  O4 - HKLM\..\Run: [brastk] brastk.exe
  O4 - HKCU\..\Run: [Facegame] "C:\Documents and Settings\Owner.YOUR-C810DDB26D\Application Data\Facegame\Facegame.exe" 61A847B5BBF72813338B2B27128065E9C084320161C4661227A755E9C2933154389A
  O18 - Filter hijack: text/html - {0fdcc99d-a58f-4b82-a98c-f88a0c7aaca1} - C:\WINDOWS\system32\msiebbar.dll
  
  
  
  
• Press "Fix Checked"
  
• Close Hijack This.
  

Please download and run this tool.

Download Malwarebytes' Anti-Malware from Here

Double Click mbam-setup.exe to install the application.

• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  
• If an update is found, it will download and install the latest version.
  
• Once the program has loaded, select "Perform Quick Scan", then click Scan.
  
• The scan may take some time to finish,so please be patient.
  
• When the scan is complete, click OK, then Show Results to view the results.
  
• Make sure that everything is checked, and click Remove Selected.
  
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note)
  
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  

Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.

Post the contents of the MBAM Log.

HiJack This doesn't appear to be on my computer anymore. When I was clicking it before to give you the text from the notepad, it didn't say it downloaded, but SpyWare Scan said it was protecting me from "Mal/Behav-067" everytime I tried to download it.

Hello.
This exe file is Hijack This.

C:\Program Files\trend micro\Owner.exe

RSIT renames it when run because some malware is able to hide from any program using the name "hijackthis.exe"

Still don't see it anywhere.

And Viewpoint wasn't in my Add/Remove Programs.

Okay, uninstall Hijack This via add/remove programs, then re-install it.

Please download the current version of HijackThis from HERE[LIST]
[*] Double click and run the installer.
[*] It will install to C:\Program Files\Trend Micro\HijackThis\hijackthis.exe
[*] After installing, you should get the user agreement, press accept and Hijack This will run.
[list]

I rebooted and was able to come across ViewPoint in my Add/Remove and I removed it. Also removed Hijack This, then tried to redownload it and it still brings up the warning that it's blocking Mal/Behav-067.

Am I doomed?!

Are you able to install Hijack This and MBAM?

If so, run MBAM scan after updating it.

Ran a MBAM scan:

Malwarebytes' Anti-Malware 1.36
Database version: 2143
Windows 5.1.2600 Service Pack 3

5/16/2009 8:51:58 PM
mbam-log-2009-05-16 (20-51-58).txt

Scan type: Quick Scan
Objects scanned: 109035
Time elapsed: 16 minute(s), 29 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 1
Registry Keys Infected: 8
Registry Values Infected: 2
Registry Data Items Infected: 6
Folders Infected: 0
Files Infected: 5

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
C:\WINDOWS\ieocx.dll (Trojan.Downloader) -> Delete on reboot.

Registry Keys Infected:
HKEY_CLASSES_ROOT\wininetapp.wininet (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{39fc2065-c9c7-49cd-8942-44cc2dedc844} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{39fc2065-c9c7-49cd-8942-44cc2dedc844} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39fc2065-c9c7-49cd-8942-44cc2dedc844} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\wininetapp.wininet.1 (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{4b66e1df-4de3-4cda-83b5-11673eadab0b} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{9692be2f-eb8f-49d9-a11c-c24c1ef734d5} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\WinPC Antivirus (Rogue.WinPCAntivirus) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_CURRENT_USER\Control Panel\don't load\scui.cpl (Hijack.SecurityCenter) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\don't load\wscui.cpl (Hijack.SecurityCenter) -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
C:\WINDOWS\ieocx.dll (Trojan.BHO) -> Delete on reboot.
C:\WINDOWS\system32\awtuSkki.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pmnoOHWN.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wvUnMeCr.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner.YOUR-C810DDB26D\Favorites\Free Porn Sex Porno - Raven Riley takes it in the ass like a real pro. What can i say, she loves the cock!.url (Rogue.Link) -> Quarantined and deleted successfully.

DDS (Ver_09-05-14.01) - NTFSx86
Run by Owner at 11:33:07.45 on Sun 05/17/2009
Internet Explorer: 7.0.5730.11
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.894.280 [GMT -5:00]

AV: *On-access scanning disabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: *disabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
svchost.exe
C:\Program Files\Trend Micro\Antivirus\Tmntsrv.exe
C:\Program Files\Trend Micro\Antivirus\tmproxy.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopDisplay.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe
C:\Program Files\Trend Micro\Antivirus\pccguide.exe
C:\Program Files\Trend Micro\Antivirus\PCClient.exe
C:\Program Files\Trend Micro\Antivirus\TMOAgent.exe
C:\Program Files\Wireless Optical Mouse\MOffice.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Wireless Optical Mouse\MOUSE32A.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\PROGRA~1\MICROS~3\rapimgr.exe
C:\Program Files\BigFix\bigfix.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Webroot\Spy Sweeper\SSU.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
c:\program files\aol\aim toolbar 5.0\AolTbServer.exe
C:\Documents and Settings\Owner.YOUR-C810DDB26D\Local Settings\Temporary Internet Files\Content.IE5\1WOVUQX1\dds[1].scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.johnnycupcakes.com/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
uSearch Bar = hxxp://www.gateway.com/g/sidepanel.html?Ch=Retail&Br=GTW&Loc=ENG_US&Sys=PTB&M=MX6446
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.gateway.com/g/sidepanel.html?Ch=Retail&Br=GTW&Loc=ENG_US&Sys=PTB&M=MX6446
mURLSearchHooks: H - No File
TB: AIM Toolbar: {de9c389f-3316-41a7-809b-aa305ed9d922} - c:\program files\aol\aim toolbar 5.0\aoltb.dll
TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar1.dll
TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File
EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll
uRun: [Power2GoExpress] NA
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Aim6] "c:\program files\aim6\aim6.exe" /d locale=en-US ee://aol/imApp
uRun: [H/PC Connection Agent] "c:\program files\microsoft activesync\wcescomm.exe"
mRun: [ehTray] c:\windows\ehome\ehtray.exe
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [SynTPLpr] "c:\program files\synaptics\syntp\SynTPLpr.exe"
mRun: [SynTPEnh] "c:\program files\synaptics\syntp\SynTPEnh.exe"
mRun: [AOL Spyware Protection] "c:\progra~1\common~1\aol\aolspy~1\AOLSP Scheduler.exe"
mRun: [Reminder] %WINDIR%\Creator\Remind_XP.exe
mRun: [Recguard] %WINDIR%\SMINST\RECGUARD.EXE
mRun: [ATICCC] "c:\program files\ati technologies\ati.ace\cli.exe" runtime -Delay
mRun: [SigmatelSysTrayApp] stsystra.exe
mRun: [SMSERIAL] "c:\program files\motorola\smserial\sm56hlpr.exe"
mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
mRun: [MSKDetectorExe] "c:\program files\mcafee\spamkiller\MSKDetct.exe" /uninstall
mRun: [SpySweeper] "c:\program files\webroot\spy sweeper\SpySweeperUI.exe" /startintray
mRun: [pccguide.exe] "c:\program files\trend micro\antivirus\pccguide.exe"
mRun: [PCClient.exe] "c:\program files\trend micro\antivirus\PCClient.exe"
mRun: [TM Outbreak Agent] "c:\program files\trend micro\antivirus\TMOAgent.exe" /run
mRun: [REGSHAVE] "c:\program files\regshave\REGSHAVE.EXE" /AUTORUN
mRun: [FLMOFFICE4DMOUSE] "c:\program files\wireless optical mouse\MOffice.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
StartupFolder: c:\docume~1\owner~1.you\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\bigfix.lnk - c:\program files\bigfix\bigfix.exe
IE: &AIM Search - c:\program files\aol\aim toolbar 5.0\resources\en-us\local\search.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - c:\program files\aim\aim.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\micros~3\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\micros~3\INetRepl.dll
IE: {3369AF0D-62E9-4bda-8103-B4C75499B578} - {DE9C389F-3316-41A7-809B-AA305ED9D922} - c:\program files\aol\aim toolbar 5.0\aoltb.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1238563908834
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_02-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_02-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Notify: AtiExtEvent - Ati2evxx.dll
Notify: WRNotifier - WRLogonNTF.dll
AppInit_DLLs: c:\progra~1\google\google~1\GOEC62~1.DLL

============= SERVICES / DRIVERS ===============

R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
R2 Tmfilter;Tmfilter;c:\windows\system32\drivers\TmXPFlt.sys [2006-9-14 205328]
R2 Tmntsrv;Trend NT Realtime Service;c:\program files\trend micro\antivirus\Tmntsrv.exe [2006-9-14 241737]
R2 Tmpreflt;Tmpreflt;c:\windows\system32\drivers\tmpreflt.sys [2006-9-14 36368]
R2 tmproxy;Trend Micro Proxy Service;c:\program files\trend micro\antivirus\tmproxy.exe [2006-9-14 204873]
R2 WebrootSpySweeperService;Webroot Spy Sweeper Engine;c:\program files\webroot\spy sweeper\SpySweeper.exe [2006-10-28 3296768]

=============== Created Last 30 ================

2009-05-16 20:32 --d----- c:\docume~1\owner~1.you\applic~1\Malwarebytes
2009-05-16 20:32 15,504 a------- c:\windows\system32\drivers\mbam.sys
2009-05-16 20:32 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-05-16 20:32 --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes
2009-05-16 20:32 --d----- c:\program files\Malwarebytes' Anti-Malware

==================== Find3M ====================

2009-03-06 09:22 284,160 a------- c:\windows\system32\pdh.dll
2009-03-02 19:18 826,368 a------- c:\windows\system32\wininet.dll
2009-02-20 13:09 78,336 a------- c:\windows\system32\ieencode.dll
2007-06-19 23:50 166 a------- c:\docume~1\owner~1.you\applic~1\wklnhst.dat
2008-09-25 23:29 32,768 a--sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008092520080926\index.dat

============= FINISH: 11:34:29.50 ===============

Hello.
Is Trend Micro AV you have here a trial, or just disabled?

• Open HijackThis.
  
• When Hijack This opens, click "Open the Misc Tools section"
  
• Then select "Open Uninstall Manager"
  
• Click on "Save List..." (generates uninstall_list.txt)
  
• Click Save, copy and paste the results in your next post.
  

For some reasons, Hijack This is only a .txt icon in my Program Files, I don't have it on here to use how you told me to.

Hello.
Okay, do you have attach.txt from the DDS run?

If so, post ATTACH.txt here. Ignore any warning that says not to post it.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-05-14.01)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 10/28/2006 7:55:22 PM
System Uptime: 5/16/2009 9:59:43 PM (14 hours ago)

Motherboard: Gateway | |
Processor: AMD Turion(tm) 64 Mobile Technology MK-36 | Socket M2/S1G1 | 1994/200mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 86 GiB total, 29.406 GiB free.
D: is FIXED (FAT32) - 7 GiB total, 4.634 GiB free.
E: is CDROM ()

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP660: 2/16/2009 4:30:46 AM - System Checkpoint
RP661: 2/17/2009 4:39:05 AM - System Checkpoint
RP662: 2/18/2009 4:39:33 AM - System Checkpoint
RP663: 2/19/2009 11:25:19 AM - System Checkpoint
RP664: 2/20/2009 11:40:13 AM - System Checkpoint
RP665: 2/21/2009 12:43:21 PM - System Checkpoint
RP666: 2/22/2009 12:53:56 PM - System Checkpoint
RP667: 2/23/2009 2:14:19 PM - System Checkpoint
RP668: 2/24/2009 2:45:12 PM - System Checkpoint
RP669: 2/25/2009 3:00:22 AM - Software Distribution Service 3.0
RP670: 2/26/2009 3:10:50 AM - System Checkpoint
RP671: 2/27/2009 3:11:09 AM - System Checkpoint
RP672: 2/28/2009 8:19:14 AM - System Checkpoint
RP673: 3/1/2009 9:15:42 AM - System Checkpoint
RP674: 3/2/2009 9:16:01 AM - System Checkpoint
RP675: 3/3/2009 9:36:58 AM - System Checkpoint
RP676: 3/4/2009 9:51:37 AM - System Checkpoint
RP677: 3/5/2009 11:04:52 AM - System Checkpoint
RP678: 3/6/2009 11:06:14 AM - System Checkpoint
RP679: 3/7/2009 1:00:41 PM - System Checkpoint
RP680: 3/8/2009 3:21:24 PM - System Checkpoint
RP681: 3/9/2009 4:06:11 PM - System Checkpoint
RP682: 3/10/2009 6:27:38 PM - System Checkpoint
RP683: 3/11/2009 2:00:20 AM - Software Distribution Service 3.0
RP684: 3/12/2009 2:13:32 AM - System Checkpoint
RP685: 3/13/2009 2:15:27 AM - System Checkpoint
RP686: 3/14/2009 2:18:33 AM - System Checkpoint
RP687: 3/15/2009 6:47:41 AM - System Checkpoint
RP688: 3/16/2009 7:16:50 AM - System Checkpoint
RP689: 3/17/2009 7:53:33 AM - System Checkpoint
RP690: 3/18/2009 8:06:54 AM - System Checkpoint
RP691: 3/19/2009 8:37:28 AM - System Checkpoint
RP692: 3/20/2009 8:37:49 AM - System Checkpoint
RP693: 3/21/2009 3:00:19 AM - Software Distribution Service 3.0
RP694: 3/22/2009 3:53:29 AM - System Checkpoint
RP695: 3/23/2009 4:11:57 AM - System Checkpoint
RP696: 3/24/2009 4:27:22 AM - System Checkpoint
RP697: 3/25/2009 4:27:48 AM - System Checkpoint
RP698: 3/25/2009 10:11:05 PM - Printer Driver WebEx Document Loader Installed
RP699: 3/27/2009 1:32:20 AM - System Checkpoint
RP700: 3/28/2009 3:23:49 AM - System Checkpoint
RP701: 3/29/2009 4:01:11 AM - System Checkpoint
RP702: 3/30/2009 4:14:26 AM - System Checkpoint
RP703: 3/31/2009 4:15:13 AM - System Checkpoint
RP704: 4/1/2009 1:09:21 AM - Software Distribution Service 3.0
RP705: 4/1/2009 1:39:07 AM - Software Distribution Service 3.0
RP706: 4/1/2009 2:32:06 AM - Printer Driver Microsoft XPS Document Writer Installed
RP707: 4/2/2009 3:00:50 AM - Software Distribution Service 3.0
RP708: 4/3/2009 4:04:22 AM - System Checkpoint
RP709: 4/4/2009 4:37:37 AM - System Checkpoint
RP710: 4/5/2009 4:37:57 AM - System Checkpoint
RP711: 4/6/2009 4:38:26 AM - System Checkpoint
RP712: 4/7/2009 5:21:37 AM - System Checkpoint
RP713: 4/8/2009 5:29:24 AM - System Checkpoint
RP714: 4/9/2009 5:31:12 AM - System Checkpoint
RP715: 4/10/2009 6:17:47 AM - System Checkpoint
RP716: 4/11/2009 6:17:59 AM - System Checkpoint
RP717: 4/12/2009 12:46:42 PM - System Checkpoint
RP718: 4/13/2009 1:34:30 PM - System Checkpoint
RP719: 4/14/2009 6:45:51 PM - System Checkpoint
RP720: 4/15/2009 7:02:27 PM - System Checkpoint
RP721: 4/16/2009 3:00:49 AM - Software Distribution Service 3.0
RP722: 4/17/2009 3:40:31 AM - System Checkpoint
RP723: 4/18/2009 5:32:05 PM - System Checkpoint
RP724: 4/19/2009 5:41:27 PM - System Checkpoint
RP725: 4/20/2009 6:45:37 PM - System Checkpoint
RP726: 4/21/2009 7:45:38 PM - System Checkpoint
RP727: 4/22/2009 8:52:48 PM - System Checkpoint
RP728: 4/24/2009 2:05:22 AM - System Checkpoint
RP729: 4/25/2009 2:19:38 AM - System Checkpoint
RP730: 4/26/2009 4:03:38 AM - System Checkpoint
RP731: 4/27/2009 4:23:11 PM - System Checkpoint
RP732: 4/28/2009 4:23:46 PM - System Checkpoint
RP733: 4/29/2009 4:38:38 PM - System Checkpoint
RP734: 5/4/2009 2:38:59 PM - System Checkpoint
RP735: 5/5/2009 3:00:31 AM - Software Distribution Service 3.0
RP736: 5/6/2009 7:16:09 AM - System Checkpoint
RP737: 5/7/2009 11:57:30 AM - System Checkpoint
RP738: 5/8/2009 12:56:27 PM - System Checkpoint
RP739: 5/9/2009 3:02:22 PM - System Checkpoint
RP740: 5/11/2009 12:53:16 AM - System Checkpoint
RP741: 5/13/2009 8:05:13 AM - System Checkpoint
RP742: 5/14/2009 2:50:12 PM - System Checkpoint
RP743: 5/16/2009 1:22:11 AM - System Checkpoint
RP744: 5/17/2009 3:01:57 AM - Software Distribution Service 3.0

==== Installed Programs ======================

Adobe Bridge 1.0
Adobe Common File Installer
Adobe Flash Player 10 ActiveX
Adobe Flash Player 9 ActiveX
Adobe Help Center 1.0
Adobe Illustrator CS2
Adobe Photoshop CS2
Adobe Reader 7.0
Adobe Stock Photos 1.0
Adobe SVG Viewer 3.0
AIM 6
AIM Toolbar 5.0
AOL Coach Version 2.0(Build:20041026.5 en)
AOL Connectivity Services
AOL Instant Messenger
AOL Spyware Protection
AOL Uninstaller (Choose which Products to Remove)
AOL You've Got Pictures Screensaver
Apple Mobile Device Support
Apple Software Update
ATI - Software Uninstall Utility
ATI Catalyst Control Center
ATI Display Driver
BigFix
Broadcom 802.11 Network Adapter
Browser Address Error Redirector
DVD Solution
FATE
FinePixViewer Ver.4.3
FUJIFILM USB Driver
Gateway Game Console
Google Desktop
gtw_logo
High Definition Audio Driver Package - KB888111
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Player 10 (KB903157)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
iPod Updater 2004-08-06
iTunes
J2SE Runtime Environment 5.0 Update 2
Macromedia Flash Player 8
Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft ActiveSync
Microsoft Digital Image Library 9 - Blocker
Microsoft Digital Image Starter Edition 2006
Microsoft Digital Image Starter Edition 2006 Editor
Microsoft Digital Image Starter Edition 2006 Library
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Money 2006
Microsoft National Language Support Downlevel APIs
Microsoft Office Standard Edition 2003
Microsoft Visual C++ 2005 Redistributable
Microsoft Works
Motorola SM56 Data Fax Modem
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
Napster
Napster Burn Engine
Power2Go 4.0
PowerDVD
Pure Networks Port Magic
QuickTime
RAW FILE CONVERTER LE
RealPlayer Basic
Recovery Software Suite Gateway
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB913433)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB961373)
SigmaTel Audio
Sonic Encoders
Spy Sweeper
Synaptics Pointing Device Driver
Texas Instruments PCIxx21/x515/xx12 drivers.
TIPCI
Tradewinds
Trend Micro Antivirus
Update for Windows Media Player 10 (KB910393)
Update for Windows Media Player 10 (KB913800)
Update for Windows Media Player 10 (KB926251)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB953356)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update Rollup 2 for Windows XP Media Center Edition 2005
VideoLAN VLC media player 0.8.6f
WebFldrs XP
WildTangent Web Driver
Windows Driver Package - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 7
Windows Media Format Runtime
Windows Media Player 10 Hotfix - KB894476
Windows Mobile Device Handbook
Windows XP Media Center Edition 2005 KB914548
Windows XP Service Pack 3
Wireless Optical Mouse

==== Event Viewer Messages From Past Week ========

5/16/2009 10:00:41 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: abp480n5 adpu160m agp440 agpCPQ Aha154x aic78u2 aic78xx AliIde alim1541 amdagp amsint asc asc3350p asc3550 cbidf cd20xrnt CmdIde Cpqarray dac2w2k dac960nt dpti2o hpn i2omp ini910u IntelIde mraid35x perc2 perc2hib ql1080 Ql10wnt ql12160 ql1240 ql1280 sisagp Sparrow symc810 symc8xx sym_hi sym_u3 TosIde ultra viaagp ViaIde
5/12/2009 8:02:41 PM, error: ipnathlp [32003] - The Network Address Translator (NAT) was unable to request an operation of the kernel-mode translation module. This may indicate misconfiguration, insufficient resources, or an internal error. The data is the error code.
5/12/2009 7:54:28 PM, error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{324CB911-3E5F-40DC-AC11-30E2AC3CA6BE} because another computer on the network has the same name. The server could not start.

==== End Of File ===========================

I see that you are running Napster.
P2P(Peer to peer) applications are designed to help you easily share and distribute files between you and a group of people. But they can also be used to distribute malware, and thus are not considered safe.
The removal of these programs is optional, but highly recommended.

Go to Start > Control Panel > Add/Remove Programs and remove the following programs.

• Adobe Reader 7.0
  
• J2SE Runtime Environment 5.0 Update 2
  
• Napster
  
• WildTangent Web Driver
  

Download and install VLC Player 0.9.9
When installing, it will ask if you want to uninstall the old version first before it can install the new version, so please select yes and allow it to install.

Then download and install Adobe Reader 9.1

How is the machine running now?

Upon downloading Adobe Reader 9.1, Spy Sweeper said a BHO was trying to attach itself, but I blocked the installation.

Then a little pop up came up saying:

Adobe Reader 9.1:
Error 1406.Could not write value to key
\SOFTWARE\Microsoft\Version\CurrentVersion\Explorer\BrowserHelperObjects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}. Verify that you have sufficient access to that key, or contact your support personnel.

Then you need to re-run it installer again, but don't block it this time.

I let it install and then I rebooted. A balloon still comes up and says my computer is at risk.

And internet explorer continues to shut down when using myspace.

Are the 2 related?

Hello.
The alert is real, there's something wrong with the current AV you have here. Hijack This shows AVG8, but the uninstall list doesn't.

Download and run avgremover.exe

For 32-Bit, Download: avgremover.exe

Go to Start > Control Panel > Add/Remove Programs and remove the following programs.

• Trend Micro Antivirus
  

Please install Avira antivirus otherwise you won't be protected.

1) Antivir PersonalEditionClassic
-Free anti-virus software for Windows.
-Detects and removes more than 50,000 viruses. Free support.

It is strongly recommended that you run only one antivirus program at a time. Having more than one antivirus program active in memory uses additional resources and can result in program conflicts and false virus alerts.

Let me know if the alert goes away after all that is done.

The alert came up again when I restarted the computer.

Did you install Avira?

I tried it again, I believe it's downloaded now.
First time, it said something about installing a language package.

Hello.
If it wants you to select a language, choose English.

I think I skipped the language part and installed it without it.

I'm at the screen where it says "This wizard will install Avira Antivir Personal on your computer" and wants me to click NEXT.

Okay, it should install English as default anyway.

Should I click NEXT on this screen?

Yes.

Admin Edit

Other people with this warning, please register here (free) and open a new topic here for help.

---

Okay, installation is complete.

The balloon popped up again to say I'm still at risk too.

Okay, update and run another MBAM scan.

AntiVir Guard found a virus or unwanted program.

C:\WINDOWS\system32\bae.dll

Contains recognition pattern of the ADSPY/BaRedir.A adware or spyware

Options:
Move to quarantine
Delete
Rename
Deny access
Ignore

What should I do?

And MBAM is currently stopped because of the AntiVir finding this.

Delete it if you want to, it's not needed anyway.

Deleted and scanning is back on.

Should I post the results when it's finished?

Another virus or unwanted program was found.

C:\Documents and Settings\Owner.YOUR-C810DDB26D\...\wJQs.exe

Is the TR/Dropper.Gen Trojan

Delete that one too?

Yes.

MBAM finished.

Malwarebytes' Anti-Malware 1.36
Database version: 2143
Windows 5.1.2600 Service Pack 3

5/17/2009 3:38:42 PM
mbam-log-2009-05-17 (15-38-42).txt

Scan type: Quick Scan
Objects scanned: 94555
Time elapsed: 51 minute(s), 21 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Hello.
Please right click the Avira icon in the tray > update it.

Update complete.

Still getting that warning?

Warning hasn't come up, I even restarted the computer and nothing came up! Hopefully that crisis is over.

Do you have any idea why my internet explorer keeps shutting down when I surf myspace? It's been like that for about 2 months now.

Nope, my best advice would be use Firefox.

Below I have included a number of recommendations for how to protect your computer in order to prevent future malware infections. Please take these recommendations seriously; these few simple steps can stave off the vast majority of spyware problems. As happy as we are to help you, for your sake we would rather not have repeat customers.

1) Please navigate to http://windowsupdate.microsoft.com and download all the "critical updates" for Windows. This can patch many of the security holes through which attackers can gain access to your computer.

Please either enable Automatic Updates under Start -> Control Panel -> Automatic Updates , or get into the habit of checking for Windows updates regularly. I cannot stress enough how important this is.

2) In order to protect yourself against spyware, you should consider installing and running the following free programs:

Ad-Aware SE
A tutorial on using Ad-Aware to remove spyware from your computer may be found here.

Spybot-Search & Destroy
A tutorial on using Spybot to remove spyware from your computer may be found here. Please also remember to enable Spybot's "Immunize" and "TeaTimer" features.

SpywareBlaster
A tutorial on using SpywareBlaster to prevent spyware from ever installing on your computer may be found here.

SpywareGuard
A tutorial on using SpywareGuard for realtime protection against spyware and hijackers may be found here.

Make sure to keep these programs up-to-date and to run them regularly, as this can prevent a great deal of spyware hassle.

3) Please consider using an alternate browser. Mozilla's Firefox browser is fantastic; it is much more secure than Internet Explorer, immune to almost all known browser hijackers, and also has the best built-in popup blocker (as an added benefit!) that I have ever seen. If you are interested, Firefox may be downloaded from here:
http://www.mozilla.org/products/firefox/
I also recommand the following add-ons for Firefox, they will help keep you safe from malicious scripts or activeX exploits.
https://addons.mozilla.org/en-US/firefox/addon/722
https://addons.mozilla.org/en-US/firefox/addon/1865
https://addons.mozilla.org/en-US/firefox/addon/433

4) Also make sure to run your antivirus software regularly, and to keep it up-to-date.

To help you keep your software updated, please considering using this free software program that will check for program updates.
Update Checker

5) Finally, consider maintaining a firewall. Some good free firewalls are Kerio, or
Outpost
A tutorial on understanding and using firewalls may be found here.

Please also read Tony Klein's excellent article: How I got Infected in the First Place

If you would take a moment to fill out our feedback form, we would appreciate it.
The link can be found here.

Hopefully this should take care of your problems! Good luck.