Bladerunner

HI, Maybe I went to far to collect all the logs and posted here without any expert asking for it. Is this is the reason why nobody will help me? The least I would expect from here is to let me know where I went wrong! THANK! AND GOODBYE!!!!!!

Hi, Could someone please look at my logs and help me !

And here is GMER log; I could not post GMER log because it was too long, so I have attached it as a zip fileGMER__1.zip I hope I did not step out of line by posting my logs without anyone asking for it. I am not in a hurry, just desperate! If I am wrong then please forgive me and I will follow your direction. Raman

Here is my dds logs DDS (Ver_09-10-24.04) - NTFSx86 Run by Raman Wahi at 9:30:23.92 on Sun 10/25/2009 Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_15 Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1024.585 [GMT -4:00] ============== Running Processes =============== C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\logonui.exe svchost.exe svchost.exe C:\WINDOWS\system32\spoolsv.exe svchost.exe C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\PrevxCSI\prevxcsi.exe c:\windows\system32\grr.exe C:\$ISR\0\ISRService.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\mst software\mst Defrag\mstDfrgS.exe C:\WINDOWS\system32\nvsvc32.exe c:\windows\system32\scl.exe C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe C:\Program Files\PrevxCSI\prevxcsi.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe C:\Program Files\Shadow Defender\DefenderDaemon.exe C:\$ISR\$APP\ISRMonitor.exe C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe C:\Program Files\Eazy-Ware\ezSched.exe C:\Program Files\mst software\mst Defrag\mstDefrag.exe C:\Program Files\Process Lasso\processlasso.exe C:\Program Files\Process Lasso\processgovernor.exe C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe C:\Program Files\Firetrust\Benign\B9.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\PROGRAM FILES\GOLDENSECTION NOTES\GSNotes.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\WINDOWS\System32\svchost.exe -k HTTPFilter C:\Documents and Settings\Raman Wahi\Desktop\dds.scr ============== Pseudo HJT Report =============== uSearch Page = hxxp://www.google.com uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uInternet Connection Wizard,ShellNext = iexplore uInternet Settings,ProxyServer = http=localhost:8080;https=localhost:8080 uSearchURL,(Default) = hxxp://www.google.com/search?q=%s BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll BHO: CCHelper Class: {0cf0b8ee-6596-11d5-a98e-0003470bb48e} - c:\program files\panicware\surf pal\CCHelper.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll BHO: RoboForm: {724d43a9-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\RoboForm.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.3.4501.1418\swg.dll BHO: PDF-XChange Viewer IE-Plugin: {c5d07eb6-bbce-4dae-acbb-d13a8d28cb1f} - c:\program files\tracker software\pdf-xchange viewer\pdf-viewer\PDFXCviewIEPlugin.dll BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_B7C5AC242193BB3E.dll BHO: WOT Helper: {c920e44a-7f78-4e64-bdd7-a57026e7feb7} - c:\program files\wot\WOT.dll BHO: CBHO Object: {cba74cda-df78-4ad9-954e-3b15d0a993de} - c:\program files\corestreet\spoofstick\SpoofStickBHO.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll TB: Panicware Surf &Pal: {0adcdfe7-8490-406d-91bf-88f71fd7f8ae} - c:\program files\panicware\surf pal\pwicc.dll TB: &RoboForm: {724d43a0-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\RoboForm.dll TB: Net Snippets: {67970b26-f57d-4455-8262-81c3ae3b8b5e} - c:\progra~1\netsni~1\NetSnip.dll TB: SpoofStick: {4d46ed77-1429-4cf6-8f63-c84b5d710baf} - c:\program files\corestreet\spoofstick\SpoofStick.dll TB: WOT: {71576546-354d-41c9-aae8-31f2ec22bf0d} - c:\program files\wot\WOT.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll TB: {05F8C4F5-7CCF-4129-B221-B2B4CFC589DA} - No File TB: {1FEA1109-9F65-4FDC-AEC5-033F6CC60641} - No File TB: {57F02779-3D88-4958-8AD3-83C12D86ADC7} - No File TB: {DB394A5A-C4A5-4BC1-A016-82285EFA1DA0} - No File EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File EB: {CC1DC91A-F90E-4906-B40E-FA1811DE4EFF} - No File EB: Net Snippets: {f9c00ef7-b192-4609-b2b8-d705ace341ff} - c:\progra~1\netsni~1\NetSnip.dll EB: {FC079985-9EF9-433B-A16D-19934BCAEF9A} - No File uRun: [b9] c:\program files\firetrust\benign\B9.exe /minimize uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe" uRun: [GSNotes] c:\program files\goldensection notes\GSNotes.exe uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe mRun: [TrueImageMonitor.exe] c:\program files\acronis\trueimagehome\TrueImageMonitor.exe mRun: [AcronisTimounterMonitor] c:\program files\acronis\trueimagehome\TimounterMonitor.exe mRun: [Acronis Scheduler2 Service] "c:\program files\common files\acronis\schedule2\schedhlp.exe" mRun: [shadow Defender Daemon] "c:\program files\shadow defender\DefenderDaemon.exe" /auto mRun: [iSR_MONITOR] c:\$isr\$app\ISRMonitor.exe mRun: [Google Quick Search Box] "c:\program files\google\quick search box\GoogleQuickSearchBox.exe" /autorun mRun: [WinPatrol] c:\program files\billp studios\winpatrol\winpatrol.exe -expressboot mRun: [EazyScheduler] c:\program files\eazy-ware\ezSched.exe mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [mst Defrag] c:\program files\mst software\mst defrag\mstDefrag.exe /minimize mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript mRun: [ProcessSupervisorGUI] c:\program files\process lasso\processlasso.exe mRun: [ProcessGovernor] c:\program files\process lasso\processgovernor.exe mRun: [nmctxth] "c:\program files\common files\pure networks shared\platform\nmctxth.exe" StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE uPolicies-explorer: GreyMSIAds = 1 (0x1) uPolicies-explorer: NoChangeAnimation = 0 (0x0) uPolicies-explorer: NoPrinters = 0 (0x0) uPolicies-explorer: RestrictRun = 0 (0x0) uPolicies-explorer: NoFileAssociate = 0 (0x0) uPolicies-explorer: NoDFSTab = 0 (0x0) uPolicies-explorer: DisableMyPicturesDirChange = 0 (0x0) uPolicies-explorer: DisableMyMusicDirChange = 0 (0x0) uPolicies-explorer: DisableFavoritesDirChange = 0 (0x0) uPolicies-explorer: NoSMConfigurePrograms = 0 (0x0) uPolicies-explorer: NoCommonGroups = 0 (0x0) uPolicies-explorer: NoStartMenuEjectPC = 0 (0x0) uPolicies-explorer: NoSimpleStartMenu = 0 (0x0) uPolicies-explorer: NoStartMenuSubFolders = 0 (0x0) uPolicies-explorer: NoDisconnect = 0 (0x0) uPolicies-explorer: NoFileUrl = 0 (0x0) uPolicies-explorer: NoExpandedNewMenu = 0 (0x0) uPolicies-explorer: SpecifyDefaultButtons = 0 (0x0) uPolicies-explorer: PromptRunasInstallNetPath = 0 (0x0) uPolicies-explorer: NoResolveTrack = 0 (0x0) uPolicies-explorer: NoDevMgrUpdate = 0 (0x0) uPolicies-explorer: NoDesktopCleanupWizard = 1 (0x1) uPolicies-explorer: NoSMMyPictures = 0 (0x0) uPolicies-explorer: NoStartMenuMyMusic = 0 (0x0) uPolicies-explorer: NoRecentDocsNetHood = 0 (0x0) uPolicies-explorer: NoInstrumentation = 0 (0x0) uPolicies-explorer: ForceCopyACLWithFile = 1 (0x1) mPolicies-explorer: NoWelcomeScreen = 0 (0x0) mPolicies-explorer: NoSMMyPictures = 0 (0x0) mPolicies-explorer: NoStartMenuMyMusic = 0 (0x0) mPolicies-explorer: NoRecentDocsNetHood = 0 (0x0) mPolicies-explorer: NoInstrumentation = 0 (0x0) mPolicies-explorer: NoSimpleStartMenu = 0 (0x0) mPolicies-explorer: EnableShellExecuteHooks = 1 (0x1) mPolicies-system: HideShutdownScripts = 0 (0x0) dPolicies-explorer: NoThemesTab = 0 (0x0) dPolicies-explorer: NoChangeAnimation = 0 (0x0) dPolicies-explorer: NoPrinters = 0 (0x0) dPolicies-explorer: RestrictRun = 0 (0x0) dPolicies-explorer: NoRecycleFiles = 0 (0x0) dPolicies-explorer: NoFileAssociate = 0 (0x0) dPolicies-explorer: NoDFSTab = 0 (0x0) dPolicies-explorer: DisableMyPicturesDirChange = 0 (0x0) dPolicies-explorer: DisableMyMusicDirChange = 0 (0x0) dPolicies-explorer: DisableFavoritesDirChange = 0 (0x0) dPolicies-explorer: NoInstrumentation = 0 (0x0) dPolicies-explorer: NoSMConfigurePrograms = 0 (0x0) dPolicies-explorer: NoSMMyPictures = 0 (0x0) dPolicies-explorer: NoStartMenuMyMusic = 0 (0x0) dPolicies-explorer: NoCommonGroups = 0 (0x0) dPolicies-explorer: NoStartMenuEjectPC = 0 (0x0) dPolicies-explorer: NoSimpleStartMenu = 0 (0x0) dPolicies-explorer: NoStartMenuSubFolders = 0 (0x0) dPolicies-explorer: NoDisconnect = 0 (0x0) dPolicies-explorer: HideClock = 0 (0x0) dPolicies-explorer: NoFileUrl = 0 (0x0) dPolicies-explorer: NoExpandedNewMenu = 0 (0x0) dPolicies-explorer: SpecifyDefaultButtons = 0 (0x0) dPolicies-explorer: NoRecentDocsNetHood = 0 (0x0) dPolicies-explorer: PromptRunasInstallNetPath = 0 (0x0) dPolicies-explorer: NoResolveTrack = 0 (0x0) dPolicies-explorer: NoDevMgrUpdate = 0 (0x0) dPolicies-system: NoVisualStyleChoice = 0 (0x0) dPolicies-system: NoColorChoice = 0 (0x0) dPolicies-system: NoSizeChoice = 0 (0x0) dPolicies-system: HideLogonScripts = 0 (0x0) IE: &Browse to... - c:\windows\web\browseto.htm IE: &Copy Location - c:\windows\web\graburl.htm IE: &Document Tree - c:\windows\web\tree.htm IE: &Highlight - c:\windows\web\highlight.htm IE: &ieSpell Options - c:\program files\iespell\iespell.dll/SPELLOPTION.HTM IE: &Links List - c:\windows\web\urllist.htm IE: &Lookup Word - c:\program files\qdictionary\dict.html IE: Add To Net Snippets - c:\progra~1\netsni~1\res\Clipper.htm IE: bugmenot - file://c:\program files\bugmenot.htm IE: Check &Spelling - c:\program files\iespell\iespell.dll/SPELLCHECK.HTM IE: Customize Menu - file://c:\program files\siber systems\ai roboform\RoboFormComCustomizeIEMenu.html IE: E&xport to Microsoft Excel - c:\progra~1\microsoft office\office10\EXCEL.EXE/3000 IE: Fill Forms - file://c:\program files\siber systems\ai roboform\RoboFormComFillForms.html IE: I&mages List - c:\windows\web\imglist.htm IE: Open Frame in &New Window - c:\windows\web\frm2new.htm IE: Open Top in New Window - c:\program files\urlchopper\OpenRoot.htm IE: Open Top in This Window - c:\program files\urlchopper\OpenHere.htm IE: Save Forms - file://c:\program files\siber systems\ai roboform\RoboFormComSavePass.html IE: Search &Google IE: Search Using Copernic Agent - c:\program files\copernic agent\CopernicAgentExt.dll/INTEGRATION_MENU_SEARCHEXT IE: Subscribe in NewsGator - c:\program files\newsgator\addref.htm IE: T&hesaurus - c:\program files\qdictionary\thes.html IE: View Partial So&urce - c:\windows\web\source.htm IE: Zoom &In - c:\windows\web\zoomin.htm IE: Zoom O&ut - c:\windows\web\zoomout.htm IE: {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - res://c:\program files\iespell\iespell.dll/SPELLCHECK.HTM IE: {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - res://c:\program files\iespell\iespell.dll/SPELLOPTION.HTM IE: {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - c:\program files\siber systems\ai roboform\RoboFormComFillForms.html IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - c:\program files\siber systems\ai roboform\RoboFormComSavePass.html IE: {438AFBA1-B0CB-11d2-9214-00104B3BCE5F} - c:\windows\web\tree.htm IE: {688DC797-DC11-46A7-9F1B-445F4F58CE6E} IE: {724d43aa-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\RoboFormComShowToolbar.html IE: {A0E6D3BD-A661-447D-8634-0751467857F3} - c:\program files\easy read\ZoomIn.js IE: {AEBB571B-4C48-438D-808D-999F168CDECE} - c:\program files\easy read\ZoomOut.js IE: {B0127AF2-316C-4f1d-BF35-3DE43971EEC5} - c:\windows\system32\proxypal.exe IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {0BCBCDD8-E5D9-417D-A752-C2DA929A21BF} - {4D459C49-EA39-4C99-8BBD-75EFB7D6759D} - c:\progra~1\copern~1\COPERN~1.DLL IE: {61622020-4131-11d3-9D63-FEA41EE8563B} - {6E8D51E0-412F-11d3-9D63-FEA41EE8563B} IE: {6F398960-8842-11D3-BEE0-0000C09E2CD5} - {6F398960-8842-11D3-BEE0-0000C09E2CD5} - c:\program files\urlchopper\URLchopper.dll IE: {6F398961-8842-11D3-BEE0-0000C09E2CD5} - {6F398961-8842-11D3-BEE0-0000C09E2CD5} - c:\program files\urlchopper\URLchopper.dll IE: {7130DF06-BBC1-4e16-83D4-1F875E65B695} - {F9C00EF7-B192-4609-B2B8-D705ACE341FF} - c:\progra~1\netsni~1\NetSnip.dll IE: {82B02F23-47B5-4e6c-8A75-8E0527D73989} - {B972A5CB-6628-4D92-8323-1B96DCEAF49A} - c:\program files\newsgator\NGIEExt.dll IE: {B06300D0-CCDE-11d2-92D3-0000F87A4A55} - {C651A691-CCD9-11D2-92D3-0000F87A4A55} - c:\windows\system32\webzone.dll IE: {BF80219A-CCDD-11d2-92D3-0000F87A4A55} - {C651A693-CCD9-11D2-92D3-0000F87A4A55} - c:\windows\system32\webzone.dll IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll IE: {F7D275AE-D4A5-4964-AD1F-5BD3705A5032} - {45BBA4B9-95FA-4D9D-ACCF-3D708C755A17} - c:\program files\clarifybutton\ClarifyButton.dll IE: {FC09D8A3-C85A-11d2-92D0-0000F87A4A55} - {A58D06D4-CA90-11D2-92D2-0000F87A4A55} - c:\windows\system32\oline.dll IE: {FF925300-80E6-11D4-A15B-FFF9086C1A3C} - {4DC701A0-93AD-11D4-A15B-AF07886E4A07} - c:\progra~1\dzsoft\favori~1\FavSeek.dll DPF: Microsoft XML Parser for Java DPF: {02CF1781-EA91-4FA5-A200-646E8241987C} - hxxp://esupport.sony.com/VaioInfo.CAB DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://download.microsoft.com/download/e/7/3/e7345c16-80aa-4488-ae10-9ac6be844f99/OGAControl.cab DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} - hxxp://www.ipix.com/download/ipixx.cab DPF: {13E23C9E-3018-4AC1-B998-C08BF1814DB0} DPF: {164B406B-0FD6-4E7F-BA7E-64D227D4CA37} - hxxp://www.digitalwebbooks.com/reader/dbplugin.cab DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/9/b/d/9bdc68ef-6a9f-4505-8fb8-d0d2d160e512/LegitCheckControl.cab DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {3DC2E31C-371A-4BD3-9A27-CDF57CE604CF} - hxxp://download.microsoft.com/download/7/1/D/71D9F11F-0C02-4707-9D60-D56EA8951020/pmupd806.exe DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} - hxxp://office.microsoft.com/officeupdate/content/opuc3.cab DPF: {41F17733-B041-4099-A042-B518BB6A408C} - hxxp://a1408.g.akamai.net/7/1408/9955/20031016/akamai.info.apple.com/iTunes4/WW/win/061-0848.20031022.TtzS4/iTunesSetup.exe DPF: {4B48D5DF-9021-45F7-A240-60304302A215} - hxxp://www.microsoft.com/security/controls/WebCleaner.cab DPF: {556DDE35-E955-11D0-A707-000000521957} - hxxp://www.xblock.com/download/xclean_micro.exe DPF: {556DDE36-E951-11D1-A708-000000521958} - hxxp://www.xblock.com/members/files/xcleaner_full_setup.cab DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1245977775218 DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cab DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1181088697234 DPF: {814EA0DA-E0D9-4AA4-833C-A1A6D38E79E9} - hxxp://das.microsoft.com/activate/cab/x86/i486/NTANSI/retail/DASAct.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab DPF: {8EDAD21C-3584-4E66-A8AB-EB0E5584767D} - hxxp://toolbar.google.com/data/GoogleActivate.cab DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} - hxxp://office.microsoft.com/officeupdate/content/opuc4.cab DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab DPF: {DE22A7AB-A739-4C58-AD52-21F9CD6306B7} - hxxp://download.microsoft.com/download/7/E/6/7E6A8567-DFE4-4624-87C3-163549BE2704/clearadj.cab DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} - hxxp://driveragent.com/files/driveragent.cab DPF: {F12B7A7B-D63B-4EA5-9B0B-2AEF1F6BBC64} - hxxp://www.calendar-updates.com/tv/ol2000/TV_Listings.cab DPF: {FF054BED-D972-4215-897E-726C3488DDBB} - hxxp://supportcentral.sel.sony.com/sdccommon/download/sonyctl.CAB Handler: copernicagent - {A979B6BD-E40B-4A07-ABDD-A62C64A4EBF6} - c:\progra~1\copern~1\COPERN~1.DLL Handler: copernicagentcache - {AAC34CFD-274D-4A9D-B0DC-C74C05A67E1D} - c:\progra~1\copern~1\COPERN~1.DLL Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - c:\program files\common files\pure networks shared\platform\puresp4.dll Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - c:\program files\wot\WOT.dll Notify: System Safety Monitor - SSMWinlogonEx.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll ============= SERVICES / DRIVERS =============== R0 diskpt;diskpt;c:\windows\system32\drivers\diskpt.sys [2009-3-14 182500] R0 pxscan;pxscan;c:\windows\system32\drivers\pxscan.sys [2009-2-22 22024] R0 pxsec;pxsec;c:\windows\system32\drivers\pxsec.sys [2009-4-16 27656] R0 safemon;System Safety Monitor 2.0 Core Engine;c:\windows\system32\drivers\safemon.sys [2008-8-3 223360] R0 tdrpman228;Acronis Try&Decide and Restore Points filter (build 228);c:\windows\system32\drivers\tdrpm228.sys [2009-6-27 902592] R2 CSIScanner;CSIScanner;c:\program files\prevxcsi\prevxcsi.exe [2009-10-2 4368952] R2 exelockdown;exelockdown;c:\windows\system32\drivers\exelockdown.sys [2007-8-17 14208] R2 Greyware Registry Rearguard;Greyware Registry Rearguard;c:\windows\system32\grr.exe [2007-4-22 258048] R2 ISRService;FirstDefense-ISR Service;c:\$isr\0\ISRService.exe [] R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2008-10-25 269648] R2 SonyFKC;FAN and Keyboard Control Service;c:\windows\system32\drivers\SonyFKC.sys [2001-12-14 12032] R2 System Change Log;System Change Log;c:\windows\system32\scl.exe [2004-8-18 102400] R2 V7;V7;c:\windows\system32\drivers\V7.SYS [2003-3-24 7196] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2008-10-25 19160] R3 SMBE;Sony MPEG2 Encoder Board (WDM);c:\windows\system32\drivers\Smbe.sys [2001-12-14 593000] R3 WBMS;Winbond Memory Stick Storage (MS) Device Driver;c:\windows\system32\drivers\wbms.sys [2003-1-14 30208] S0 Shadow;Shadow; [x] S3 BCM42XX;Broadcom iLine10 Network Adapter Driver;c:\windows\system32\drivers\bcm42xx5.sys [2001-12-14 54271] S3 CachemanXPService;CachemanXP;c:\progra~1\cachem~1\CachemanXP.exe [2004-2-1 244224] S3 CMC AntiRootkit Service;CMC AntiRootkit Servic;c:\windows\system32\drivers\cmcantirootkit.sys --> c:\windows\system32\drivers\cmcantirootkit.sys [?] S3 devkxrmsghookdrv;kX-Ray Msg Hook Enum Drv;\??\c:\windows\system32\drivers\kxrmsghookdrv.sys --> c:\windows\system32\drivers\kxrmsghookdrv.sys [?] S3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [2008-11-18 7808] S3 QCDJ;QCDJ;c:\docume~1\ramanw~1\locals~1\temp\qcdj.exe --> c:\docume~1\ramanw~1\locals~1\temp\QCDJ.exe [?] S3 SBRE;SBRE; [x] S4 ImapiHelper;ImapiHelper;c:\program files\alex feinman\iso recorder\ImapiHelper.exe [2004-8-27 118784] ============== File Associations =============== chm.file=?????????? =============== Created Last 30 ================ 2009-10-25 12:50:14 0 d-sha-r- C:\cmdcons 2009-10-25 12:44:06 98816 ----a-w- c:\windows\sed.exe 2009-10-25 12:44:06 236544 ----a-w- c:\windows\PEV.exe 2009-10-25 12:44:06 161792 ----a-w- c:\windows\SWREG.exe 2009-10-24 11:13:59 0 d-----w- C:\SysinternalsSuite 2009-10-18 12:25:29 0 d-----w- C:\SPDL 2009-10-17 21:57:07 0 d-----w- c:\program files\Pure Networks 2009-10-17 21:55:51 0 d-----w- c:\program files\WebEx 2009-10-17 21:55:11 25392 ----a-w- c:\windows\system32\drivers\pnarp.sys 2009-10-17 21:55:06 26672 ----a-w- c:\windows\system32\drivers\purendis.sys 2009-10-17 21:38:05 0 d-----w- c:\program files\common files\Pure Networks Shared 2009-10-11 02:39:40 2 --shatr- c:\windows\winstart.bat 2009-10-10 23:52:50 0 ----a-w- c:\windows\system32\JXNJSEWH 2009-10-10 22:55:17 0 d-----w- c:\program files\Windows Installer Clean Up 2009-10-09 02:19:12 195440 ------w- c:\windows\system32\MpSigStub.exe 2009-10-02 11:37:11 0 d-----w- c:\program files\PrevxCSI 2009-09-26 12:39:27 0 d-----w- c:\docume~1\alluse~1\applic~1\{755AC846-7372-4AC8-8550-C52491DAA8BD} ==================== Find3M ==================== 2009-10-24 04:41:28 22024 ----a-w- c:\windows\system32\drivers\pxscan.sys 2009-10-24 04:41:27 27656 ----a-w- c:\windows\system32\drivers\pxsec.sys 2009-10-17 18:19:41 1744 ----a-w- c:\windows\system32\d3d9caps.dat 2009-09-11 14:18:39 136192 ----a-w- c:\windows\system32\msv1_0.dll 2009-09-10 18:54:06 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-09-10 18:53:50 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-09-04 21:44:40 69464 ----a-w- c:\windows\system32\XAPOFX1_3.dll 2009-09-04 21:44:40 515416 ----a-w- c:\windows\system32\XAudio2_5.dll 2009-09-04 21:44:40 238936 ----a-w- c:\windows\system32\xactengine3_5.dll 2009-09-04 21:29:34 453456 ----a-w- c:\windows\system32\d3dx10_42.dll 2009-09-04 21:29:34 235344 ----a-w- c:\windows\system32\d3dx11_42.dll 2009-09-04 21:29:32 5501792 ----a-w- c:\windows\system32\d3dcsx_42.dll 2009-09-04 21:29:32 1974616 ----a-w- c:\windows\system32\D3DCompiler_42.dll 2009-09-04 21:29:30 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll 2009-09-04 21:03:36 58880 ----a-w- c:\windows\system32\msasn1.dll 2009-08-29 07:36:27 832512 ------w- c:\windows\system32\wininet.dll 2009-08-29 07:36:24 78336 ----a-w- c:\windows\system32\ieencode.dll 2009-08-29 07:36:24 17408 ----a-w- c:\windows\system32\corpol.dll 2009-08-26 08:00:21 247326 ----a-w- c:\windows\system32\strmdll.dll 2009-08-20 19:09:06 1193832 ----a-w- c:\windows\system32\FM20.DLL 2009-08-08 04:25:07 687104 ----a-w- c:\windows\is-0VGAJ.exe 2009-08-05 09:01:48 204800 ----a-w- c:\windows\system32\mswebdvd.dll 2009-08-05 00:44:46 2189184 ------w- c:\windows\system32\ntoskrnl.exe 2009-08-04 14:20:08 2066048 ------w- c:\windows\system32\ntkrnlpa.exe 2005-03-13 02:59:29 119 --sh--w- c:\program files\desktop.ini 2004-08-09 12:57:50 48185 ----a-w- c:\program files\bugmenot_uninstall.exe 2004-07-27 20:45:42 457 ----a-w- c:\program files\add-trusted.htm 2004-07-27 20:45:42 455 ----a-w- c:\program files\add-restricted.htm 2004-07-27 20:45:42 450 ----a-w- c:\program files\ts.htm 2004-06-19 12:33:12 2318 ----a-w- c:\program files\bugmenot_readme.txt 2004-06-19 12:06:17 560 ----a-w- c:\program files\bugmenot.htm 2003-09-17 01:53:25 6627 ----a-w- c:\program files\DeIsL1.isu 2003-09-17 01:32:25 355 ----a-w- c:\program files\_DEISREG.ISR 2003-08-27 19:19:18 36963 ----a-r- c:\program files\common files\SM1updtr.dll 2003-02-23 08:54:58 107 ----a-w- c:\program files\zMarker.txt 2001-12-15 02:56:59 17408 --sha-w- c:\program files\Thumbs.db 1997-04-23 05:16:12 40960 ----a-w- c:\program files\_ISREG32.DLL 2007-04-01 15:47:54 5 --sha-w- c:\windows\system32\bfddebfb0_s.dll 2008-06-01 04:04:30 32768 --sha-w- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008060120080602\index.dat ============= FINISH: 9:31:20.03 =============== UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT DDS (Ver_09-10-24.04) Microsoft Windows XP Home Edition Boot Device: \Device\Harddisk0\DP(1)0x7e00-0x4586932200+2 Install Date: 3/24/2003 10:05:53 PM System Uptime: 10/25/2009 9:14:46 AM (0 hours ago) Motherboard: ASUSTeK Computer INC. | | P4B266LM Processor: Intel® Pentium® 4 CPU 2.00GHz | mPGA 478 | 2018/100mhz ==== Disk Partitions ========================= A: is Removable C: is FIXED (NTFS) - 278 GiB total, 214.955 GiB free. D: is FIXED (NTFS) - 188 GiB total, 165.249 GiB free. E: is CDROM () F: is CDROM () G: is Removable H: is FIXED (NTFS) - 186 GiB total, 150.313 GiB free. ==== Disabled Device Manager Items ============= ==== System Restore Points =================== No restore point in system. ==== Installed Programs ====================== 1-abc.net Powerpong (remove only) 3D Live Pool 7-Zip 4.57 AAC Decoder Acronis

Hi, Lately having strange problems with my computer. Could not reinstall ESET, my Outpost firewall was acting strange. Had to uninstall. Now I don't have a firewall and no Anti-Virus program. I ran mbamPro but it did not find anything. I was going to reformat but I thought I will try to get help from you fellows. I have read some the posting in the infected area and have followed some of the procedure. I have made logs of DDS, Combofix and GMER. Since I don't have a active anti-virus program, I will have to run online virus program. I have no log for this yet. Any suggestions will be appriciated.