It's been almost three years since I've had a virus on my machine. Guess I've had a decent run.... but all good things must come to an end. Can someone help me get rid of this virus that has decided to infect my computer? I have followed your post and have the logs ready, I will post below. As for the AVG log there I don't see an easy "print log" option so let me know if I don't provide the correct information. THANK YOU IN ADVANCE FOR YOUR HELP, BEN AVG------------------------------------------------------------------------------------------------------------------------------------------------------------------------- Incident Status Location Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[ad.yieldmanager.com/] Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.serving-sys.com/] Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.bs.serving-sys.com/] Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[ad.yieldmanager.com/] Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.serving-sys.com/] Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[ad.yieldmanager.com/] Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.atdmt.com/] Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.zedo.com/] Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.xiti.com/] Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.zedo.com/] Spyware:Cookie/Tradedoubler Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.tradedoubler.com/] Spyware:Cookie/BurstBeacon Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.www.burstbeacon.com/] Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.tribalfusion.com/] Spyware:Cookie/Toplist Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.toplist.cz/] Spyware:Cookie/Target Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.target.com/] Spyware:Cookie/SexList Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.sexlist.com/] Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.server.iad.liveperson.net/hc/66305761] Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.server.iad.liveperson.net/hc/24797217] Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.statcounter.com/] Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.server.iad.liveperson.net/hc/24797217] Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.server.iad.liveperson.net/hc/70307935] Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.server.iad.liveperson.net/hc/2713995] Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.server.iad.liveperson.net/hc/80570461] Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.server.iad.liveperson.net/hc/91338698] Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.server.iad.liveperson.net/hc/12511569] Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.server.iad.liveperson.net/] Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.statcounter.com/] Spyware:Cookie/onestat.com Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.stat.onestat.com/] Spyware:Cookie/WebtrendsLive Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.statse.webtrendslive.com/] Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.statcounter.com/] Spyware:Cookie/onestat.com Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.stat.onestat.com/] Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.statcounter.com/] Spyware:Cookie/onestat.com Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.stat.onestat.com/] Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.statcounter.com/] Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.server.iad.liveperson.net/hc/18354542] Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.server.iad.liveperson.net/hc/86159690] Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.server.iad.liveperson.net/hc/66305761] Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.perf.overture.com/] Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.realmedia.com/] Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.overture.com/] Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.phg.hitbox.com/] Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.questionmarket.com/] Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.mediaplex.com/] Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.fastclick.net/] Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Ben\Cookies\ben@adrevolver[2].txt Spyware:Cookie/AdDynamix Not disinfected C:\Documents and Settings\Ben\Cookies\ben@ads.addynamix[1].txt Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\Ben\Cookies\ben@ads.pointroll[2].txt Spyware:Cookie/Adserver Not disinfected C:\Documents and Settings\Ben\Cookies\ben@adserver.easyad[2].txt Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Ben\Cookies\ben@advertising[1].txt Spyware:Cookie/NewMedia Not disinfected C:\Documents and Settings\Ben\Cookies\ben@anm.co[1].txt Spyware:Cookie/Apmebf Not disinfected C:\Documents and Settings\Ben\Cookies\ben@apmebf[2].txt Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Ben\Cookies\ben@atdmt[2].txt Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Ben\Cookies\ben@atwola[2].txt Spyware:Cookie/Azjmp Not disinfected C:\Documents and Settings\Ben\Cookies\ben@azjmp[2].txt Spyware:Cookie/Bluestreak Not disinfected C:\Documents and Settings\Ben\Cookies\ben@bluestreak[1].txt Spyware:Cookie/bravenetA Not disinfected C:\Documents and Settings\Ben\Cookies\ben@bravenet[1].txt Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Ben\Cookies\ben@bs.serving-sys[2].txt Spyware:Cookie/BurstNet Not disinfected C:\Documents and Settings\Ben\Cookies\ben@burstnet[2].txt Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\Ben\Cookies\ben@casalemedia[1].txt Spyware:Cookie/Ccbill Not disinfected C:\Documents and Settings\Ben\Cookies\ben@ccbill[1].txt Spyware:Cookie/Cd Freaks Not disinfected C:\Documents and Settings\Ben\Cookies\ben@cdfreaks[2].txt Spyware:Cookie/Clickbank Not disinfected C:\Documents and Settings\Ben\Cookies\ben@clickbank[1].txt Spyware:Cookie/Cd Freaks Not disinfected C:\Documents and Settings\Ben\Cookies\ben@club.cdfreaks[1].txt Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Ben\Cookies\ben@com[1].txt Spyware:Cookie/Hitslink Not disinfected C:\Documents and Settings\Ben\Cookies\ben@counter.hitslink[1].txt Spyware:Cookie/cs.sexcounter Not disinfected C:\Documents and Settings\Ben\Cookies\ben@cs.sexcounter[2].txt Spyware:Cookie/did-it Not disinfected C:\Documents and Settings\Ben\Cookies\ben@did-it[2].txt Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Ben\Cookies\ben@doubleclick[1].txt Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Ben\Cookies\ben@ehg-dig.hitbox[2].txt Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Ben\Cookies\ben@ehg.hitbox[2].txt Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Ben\Cookies\ben@fastclick[1].txt Spyware:Cookie/FortuneCity Not disinfected C:\Documents and Settings\Ben\Cookies\ben@fortunecity[1].txt Spyware:Cookie/GoStats Not disinfected C:\Documents and Settings\Ben\Cookies\ben@gostats[2].txt Spyware:Cookie/Go Not disinfected C:\Documents and Settings\Ben\Cookies\ben@go[1].txt Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Ben\Cookies\ben@hg1.hitbox[1].txt Spyware:Cookie/Screensavers Not disinfected C:\Documents and Settings\Ben\Cookies\ben@i.screensavers[1].txt Spyware:Cookie/Linksynergy Not disinfected C:\Documents and Settings\Ben\Cookies\ben@linksynergy[1].txt Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Ben\Cookies\ben@media.adrevolver[2].txt Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Ben\Cookies\ben@mediaplex[2].txt Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Ben\Cookies\ben@overture[1].txt Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Ben\Cookies\ben@perf.overture[1].txt Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Ben\Cookies\ben@phg.hitbox[1].txt Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\Ben\Cookies\ben@questionmarket[1].txt Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Ben\Cookies\ben@realmedia[1].txt Spyware:Cookie/WUpd Not disinfected C:\Documents and Settings\Ben\Cookies\ben@revenue[2].txt Spyware:Cookie/Searchportal Not disinfected C:\Documents and Settings\Ben\Cookies\ben@searchportal.information[1].txt Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\Ben\Cookies\ben@server.iad.liveperson[3].txt Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Ben\Cookies\ben@serving-sys[2].txt Spyware:Cookie/SexList Not disinfected C:\Documents and Settings\Ben\Cookies\ben@sexlist[2].txt Spyware:Cookie/SpyLog Not disinfected C:\Documents and Settings\Ben\Cookies\ben@spylog[2].txt Spyware:Cookie/onestat.com Not disinfected C:\Documents and Settings\Ben\Cookies\ben@stat.onestat[1].txt Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\Ben\Cookies\ben@statcounter[1].txt Spyware:Cookie/WebtrendsLive Not disinfected C:\Documents and Settings\Ben\Cookies\ben@statse.webtrendslive[1].txt Spyware:Cookie/Target Not disinfected C:\Documents and Settings\Ben\Cookies\ben@target[1].txt Spyware:Cookie/TeensForCash Not disinfected C:\Documents and Settings\Ben\Cookies\ben@teensforcash[2].txt Spyware:Cookie/Toplist Not disinfected C:\Documents and Settings\Ben\Cookies\ben@toplist[1].txt Spyware:Cookie/Tradedoubler Not disinfected C:\Documents and Settings\Ben\Cookies\ben@tradedoubler[2].txt Spyware:Cookie/Traffic Marketplace Not disinfected C:\Documents and Settings\Ben\Cookies\ben@trafficmp[2].txt Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Ben\Cookies\ben@tribalfusion[2].txt Spyware:Cookie/Weborama Not disinfected C:\Documents and Settings\Ben\Cookies\ben@weborama[1].txt Spyware:Cookie/BurstBeacon Not disinfected C:\Documents and Settings\Ben\Cookies\ben@www.burstbeacon[2].txt Spyware:Cookie/myaffiliateprogram Not disinfected C:\Documents and Settings\Ben\Cookies\ben@www.myaffiliateprogram[2].txt Spyware:Cookie/Cgi-bin Not disinfected C:\Documents and Settings\Ben\Cookies\ben@www2.addfreestats[1].txt Spyware:Cookie/Cgi-bin Not disinfected C:\Documents and Settings\Ben\Cookies\ben@www3.addfreestats[1].txt Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\Ben\Cookies\ben@xiti[1].txt Spyware:Cookie/Yadro Not disinfected C:\Documents and Settings\Ben\Cookies\ben@yadro[1].txt Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\Ben\Cookies\ben@zedo[2].txt Virus:Trj/Downloader.MDW Disinfected C:\Program Files\Adobe\Adobe Photoshop CS3\Plug-Ins\BackgroundRemover\Background.Remover.v1.0 patch.exe Virus:Trj/Downloader.MDW Disinfected C:\Program Files\ImageSkill\BackgroundRemover\Background.Remover.v1.0 patch.exe Potentially unwanted tool:Application/CloseApp Not disinfected C:\WINDOWS\system32\closeapp.exe Virus:Generic Worm Not disinfected D:\Software\Adobe.Photoshop.Plugin.Collection.100107-forAdobe\Adobe.CS3.Keygen.Pack\Adobe.CS3.Keygen.Pack.rar[ZWT\Dreamweaver CS3 Keygen + Activation ZWT.exe] Virus:Generic Worm Not disinfected D:\Software\Adobe.Photoshop.Plugin.Collection.100107-forAdobe\Adobe.CS3.Keygen.Pack\Adobe.CS3.Keygen.Pack.zip[Adobe.CS3.Keygen.Pack.rar][ZWT\Dreamweaver CS3 Keygen + Activation ZWT.exe] Virus:Trj/Downloader.MDW Disinfected D:\Software\Adobe.Photoshop.Plugin.Collection.100107-forAdobe\Background.Remover.v1.0.for.Adobe.Photoshop.Cracked-SSG\Background.Remover.v1.0 patch.exe PANDA---------(This list was so long that I couldn't post it all)---------------------------------------------------------------------------------------------------------------------------------------------------------------- <history> <!-- 01c848ec1389d160 --> <rec time="2007/12/28 00:53:35" user="SYSTEM" source="Virus"> <value>@HL_ReportFindRS</value> <attr name="filename">C:\WINDOWS\system32\xxyvvwt.dll</attr> <attr name="finding">@EID_Id_trj</attr> <attr name="virusname">Generic9.AHGK</attr> </rec> <rec time="2007/12/28 00:53:36" user="SYSTEM" source="Update"> <value>@HL_UpdateOK</value> <attr name="version">avi:1234-1205;iavi:1210-1147;</attr> </rec> <rec time="2007/12/28 00:53:37" user="Ben" source="Virus"> <value>@HL_ReportFindRS</value> <attr name="filename">C:\WINDOWS\system32\xxyvvwt.dll</attr> <attr name="finding">@EID_Id_trj</attr> <attr name="virusname">Generic9.AHGK</attr> </rec> <rec time="2007/12/28 00:54:06" user="SYSTEM" source="Virus"> <value>@HL_ReportFindRS</value> <attr name="filename">C:\WINDOWS\system32\xxyvvwt.dll</attr> <attr name="finding">@EID_Id_trj</attr> <attr name="virusname">Generic9.AHGK</attr> </rec> <rec time="2007/12/28 00:54:09" user="Ben" source="Virus"> <value>@HL_ReportFindRS</value> <attr name="filename">C:\WINDOWS\system32\xxyvvwt.dll</attr> <attr name="finding">@EID_Id_trj</attr> <attr name="virusname">Generic9.AHGK</attr> </rec> <rec time="2007/12/28 18:45:46" user="Ben" source="Virus"> <value>@HL_ReportFindRS</value> <attr name="filename">C:\WINDOWS\system32\xxyvvwt.dll</attr> <attr name="finding">@EID_Id_trj</attr> <attr name="virusname">Generic9.AHGK</attr> </rec> <rec time="2007/12/28 18:46:16" user="SYSTEM" source="Virus"> <value>@HL_ReportFindRS</value> <attr name="filename">C:\WINDOWS\system32\xxyvvwt.dll</attr> <attr name="finding">@EID_Id_trj</attr> <attr name="virusname">Generic9.AHGK</attr> </rec> <rec time="2007/12/28 18:46:16" user="Ben" source="Virus"> <value>@HL_ReportFindRS</value> <attr name="filename">C:\WINDOWS\system32\xxyvvwt.dll</attr> <attr name="finding">@EID_Id_trj</attr> <attr name="virusname">Generic9.AHGK</attr> </rec> <rec time="2007/12/28 18:46:46" user="SYSTEM" source="Virus"> <value>@HL_ReportFindRS</value> <attr name="filename">C:\WINDOWS\system32\xxyvvwt.dll</attr> <attr name="finding">@EID_Id_trj</attr> <attr name="virusname">Generic9.AHGK</attr> </rec> </history> HijackThis------------------------------------------------------------------------------------------------------------------------------------------------------------------------- Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 6:51:44 PM, on 12/28/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16544) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\crypserv.exe C:\Program Files\Media Center Magic\FrontView\fvsvc.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Eset\nod32krn.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Photodex\ProShowProducer\ScsiAccess.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE C:\WINDOWS\system32\svchost.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\Program Files\Internet Explorer\iexplore.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgemc.exe C:\Program Files\Grisoft\AVG7\avgwb.dat C:\Program Files\Grisoft\AVG7\avgcc.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local F3 - REG:win.ini: load=C:\WINDOWS\system32\geede.exe O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {0F4D416F-3EE1-4AB8-A09C-C4CD0FA968BE} - C:\WINDOWS\system32\geede.dll (file missing) O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: (no name) - {A74F3FC3-CC9A-4D4C-AFB5-B56F0CAA445D} - C:\WINDOWS\system32\xxyvvwt.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll O4 - HKLM\..\Run: [Glass2k] C:\Torrents\Done\Vista pack for XP by tuningmaniac\Glass Efect for XP by tuningmaniac\Glass2k.exe O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [dc9af4b4] rundll32.exe "C:\WINDOWS\system32\rwpsxeuv.dll",b O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user') O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/200707...ex/qtplugin.cab O16 - DPF: {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} (Dldrv2 Control) - http://download.gigabyte.com.tw/object/Dldrv.ocx O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.mail.live.com/mail/w1/resources/MSNPUpld.cab O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.adoramapix.com/components/aurig...geUploader4.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O20 - Winlogon Notify: xxyvvwt - C:\WINDOWS\SYSTEM32\xxyvvwt.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: FrontView Display Interface (fvsvc) - Media Center Magic - C:\Program Files\Media Center Magic\FrontView\fvsvc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowProducer\ScsiAccess.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- End of file - 9612 bytes