malwarebytes will not start

[GbH]

I have currently been tricked into downloading personal antivirus and i installed malwarebytes but it will not run when i click on it, i have tried searching through the forums for solutions but they all failed to help me. I am suspecting that personal antivirus is preventing me from such programs because i have tried installing spyhunter but it wont open as well. Malwarebytes is probaly the last hope for my computer, please help me.

[SpySentinel]

Hi GbH, Welcome to Malwarebytes

Download ComboFix from one of these locations:

Link 1

Link 2

* IMPORTANT !!! Save ComboFix.exe to your Desktop

• Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
  
• Double click on ComboFix.exe & follow the prompts.
  
• As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  
• Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
  

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.

[GbH]

Thank you, combofix was very helpful and i got Personal Antivirus off, here is the log I have for you :

ComboFix 09-08-10.06 - felix sun 08/11/2009 15:47.1.1 - NTFSx86

Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.480.149 [GMT -7:00]

Running from: c:\documents and settings\felix sun\Desktop\lol.exe

AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\documents and settings\felix sun\Application Data\PCPrivacyTool

c:\documents and settings\felix sun\Application Data\PCPrivacyTool\Logs\update.log

c:\documents and settings\felix sun\Desktop\Personal Antivirus.lnk

c:\documents and settings\felix sun\My Documents\Personal Antivirus.lnk

c:\program files\AskSearch\bin\DefaultSearch.dll

c:\recycler\S-1-5-21-2495073255-166745521-1182671931-1003

c:\recycler\S-1-5-21-299502267-842925246-682003330-1003

c:\windows\system32\drivers\gaopdxxtlempqx.sys

c:\windows\system32\drivers\UACskylknkdap.sys

c:\windows\system32\gaopdxcounter

c:\windows\system32\msxmlm.dll.tmp

c:\windows\system32\NetFilter.exe

c:\windows\system32\UACakcmyqltob.dll

c:\windows\system32\UACgmawuxtiva.dll

c:\windows\system32\uacinit.dll

c:\windows\system32\UACmrmsklyxlo.db

c:\windows\system32\UACuwprtumoto.dll

c:\windows\system32\UACwpuipqlclo.dat

c:\windows\system32\UACwsnkcdjbpf.dll

c:\windows\system32\UACwubqumkqoo.dll

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

-------\Service_gaopdxserv.sys

-------\Legacy_gaopdxserv.sys

-------\Service_UACd.sys

-------\Legacy_UACd.sys

((((((((((((((((((((((((( Files Created from 2009-07-11 to 2009-08-11 )))))))))))))))))))))))))))))))

.

2009-08-10 18:14 . 2009-08-10 18:14 -------- d-----w- c:\program files\Enigma Software Group

2009-08-10 17:16 . 2009-08-03 20:36 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2009-08-10 17:16 . 2009-08-10 17:16 -------- d-----w- c:\docume~1\ALLUSE~1\APPLIC~1\Malwarebytes

2009-08-10 17:16 . 2009-08-03 20:36 19096 ----a-w- c:\windows\system32\drivers\mbam.sys

2009-08-10 17:16 . 2009-08-10 17:30 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2009-08-09 19:35 . 2009-06-29 16:12 459264 -c----w- c:\windows\system32\dllcache\msfeeds.dll

2009-08-09 19:35 . 2009-06-29 16:12 268288 -c----w- c:\windows\system32\dllcache\iertutil.dll

2009-08-09 19:35 . 2009-06-29 16:12 52224 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll

2009-08-09 19:35 . 2009-06-29 16:12 63488 -c----w- c:\windows\system32\dllcache\icardie.dll

2009-08-09 19:35 . 2009-06-29 11:07 13824 -c----w- c:\windows\system32\dllcache\ieudinit.exe

2009-08-09 19:35 . 2009-06-29 16:12 380928 -c----w- c:\windows\system32\dllcache\ieapfltr.dll

2009-08-09 19:35 . 2009-06-29 08:33 2452872 -c----w- c:\windows\system32\dllcache\ieapfltr.dat

2009-08-09 19:35 . 2009-07-19 13:32 6067200 -c----w- c:\windows\system32\dllcache\ieframe.dll

2009-08-09 19:34 . 2007-08-14 01:54 33792 -c--a-w- c:\windows\system32\dllcache\custsat.dll

2009-08-07 19:53 . 2009-08-10 19:17 -------- d--h--w- C:\$AVG8.VAULT$

2009-08-07 19:47 . 2009-08-07 19:47 -------- d-----w- c:\documents and settings\felix sun\Local Settings\Application Data\AVG Security Toolbar

2009-08-07 19:40 . 2009-08-07 19:40 11952 ----a-w- c:\windows\system32\avgrsstx.dll

2009-08-07 19:40 . 2009-08-07 19:40 108552 ----a-w- c:\windows\system32\drivers\avgtdix.sys

2009-08-07 19:40 . 2009-08-07 19:40 335240 ----a-w- c:\windows\system32\drivers\avgldx86.sys

2009-08-07 19:40 . 2009-08-07 19:40 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys

2009-08-07 19:39 . 2009-08-11 22:08 -------- d-----w- c:\windows\system32\drivers\Avg

2009-08-07 19:39 . 2009-08-07 19:39 -------- d-----w- c:\docume~1\ALLUSE~1\APPLIC~1\AVG Security Toolbar

2009-08-07 19:38 . 2009-08-07 19:38 -------- d-----w- c:\program files\AVG

2009-08-07 19:38 . 2009-08-11 22:27 -------- d-----w- c:\docume~1\ALLUSE~1\APPLIC~1\avg8

2009-08-07 10:43 . 2009-08-07 21:13 81984 ----a-w- c:\windows\system32\bdod.bin

2009-08-07 10:26 . 2009-08-07 11:17 -------- d-----w- c:\windows\system32\CatRoot_bak

2009-08-07 10:20 . 2008-10-24 11:10 453632 -c----w- c:\windows\system32\dllcache\mrxsmb.sys

2009-08-07 10:20 . 2008-04-11 18:50 683520 -c----w- c:\windows\system32\dllcache\inetcomm.dll

2009-08-07 10:20 . 2008-12-11 11:57 333184 -c----w- c:\windows\system32\dllcache\srv.sys

2009-08-07 10:20 . 2008-10-03 10:15 247326 -c----w- c:\windows\system32\dllcache\strmdll.dll

2009-08-07 10:19 . 2008-04-21 10:02 215552 -c----w- c:\windows\system32\dllcache\wordpad.exe

2009-08-07 10:15 . 2008-05-01 14:30 331776 -c----w- c:\windows\system32\dllcache\msadce.dll

2009-08-07 10:14 . 2008-10-15 16:57 332800 -c----w- c:\windows\system32\dllcache\netapi32.dll

2009-08-07 10:13 . 2008-09-04 16:42 1106944 -c----w- c:\windows\system32\dllcache\msxml3.dll

2009-08-07 10:00 . 2009-08-10 18:11 -------- d--h--w- c:\windows\$hf_mig$

2009-08-06 23:05 . 2008-07-03 13:16 8454656 -c----w- c:\windows\system32\dllcache\shell32.dll

2009-08-06 22:34 . 2009-08-07 21:14 -------- d-----w- c:\program files\Common Files\BitDefender

2009-08-06 22:22 . 2009-08-06 22:22 -------- d-----w- c:\windows\system32\wbem\AutoRecover

2009-08-06 22:09 . 2004-08-04 07:56 221184 ----a-w- c:\windows\system32\wmpns.dll

2009-08-06 22:07 . 2004-08-04 07:56 9216 ------w- c:\windows\system32\proxycfg.exe

2009-08-06 22:07 . 2004-08-04 07:56 59392 ------w- c:\windows\system32\logman.exe

2009-08-06 22:05 . 2009-08-06 22:05 -------- d-----w- c:\windows\peernet

2009-08-06 22:05 . 2009-08-06 22:05 -------- d-----w- c:\windows\provisioning

2009-08-06 21:58 . 2009-08-06 21:58 -------- d-----w- c:\windows\ServicePackFiles

2009-08-06 21:51 . 2004-08-04 07:56 2897920 ------w- c:\windows\system32\xpsp2res.dll

2009-08-06 21:49 . 2008-07-09 07:38 26488 ----a-w- c:\windows\system32\spupdsvc.exe

2009-08-06 21:43 . 2009-08-06 21:43 -------- d-----w- c:\windows\EHome

2009-08-06 20:52 . 2009-08-06 22:51 -------- d-----w- c:\docume~1\ALLUSE~1\APPLIC~1\BitDefender

2009-08-06 12:22 . 2009-06-22 14:58 24576 ----a-w- c:\windows\system32\drivers\ndisrd.sys

2009-08-06 12:22 . 2009-05-14 09:58 61440 ----a-w- c:\windows\system32\ndisapi.dll

2009-08-06 12:22 . 2009-08-06 12:22 -------- d-----w- c:\program files\Common Files\Uninstall

2009-08-06 12:21 . 2009-08-06 12:22 -------- d-----w- c:\program files\PersonalAV

2009-08-05 02:27 . 2009-08-05 02:27 411368 ----a-w- c:\windows\system32\deploytk.dll

2009-08-05 02:26 . 2009-08-05 02:26 152576 ----a-w- c:\documents and settings\felix sun\Application Data\Sun\Java\jre1.6.0_15\lzma.dll

2009-07-31 13:48 . 2009-07-31 13:48 -------- d-----w- c:\documents and settings\felix sun\Application Data\acccore

2009-07-31 13:41 . 2009-07-31 13:41 -------- d-----w- c:\documents and settings\felix sun\Local Settings\Application Data\AOL OCP

2009-07-31 13:40 . 2009-07-31 13:40 -------- d-----w- c:\documents and settings\felix sun\Local Settings\Application Data\AOL

2009-07-31 13:40 . 2009-07-31 13:40 -------- d-----w- c:\program files\Common Files\Software Update Utility

2009-07-31 13:40 . 2009-07-31 13:40 -------- d-----w- c:\program files\AIM Search

2009-07-31 13:40 . 2009-07-31 13:40 -------- d-----w- c:\docume~1\ALLUSE~1\APPLIC~1\Viewpoint

2009-07-31 13:40 . 2009-07-31 13:40 -------- d-----w- c:\docume~1\ALLUSE~1\APPLIC~1\acccore

2009-07-31 13:39 . 2009-07-31 13:42 -------- d-----w- c:\docume~1\ALLUSE~1\APPLIC~1\AOL OCP

2009-07-31 13:39 . 2009-07-31 13:39 -------- d-----w- c:\docume~1\ALLUSE~1\APPLIC~1\AOL

2009-07-31 13:39 . 2009-07-31 13:40 -------- d-----w- c:\program files\AIM6

2009-07-24 21:41 . 2009-07-24 21:41 -------- d-----w- c:\documents and settings\felix sun\Application Data\AVG8

2009-07-24 21:13 . 2009-07-24 21:13 -------- d-----w- c:\windows\BDOSCAN8

2009-07-24 15:49 . 2009-07-24 15:49 77824 ----a-w- c:\documents and settings\felix sun\Application Data\Sun\Java\Deployment\cache\javaws\http\Dwww.vuze.com\P80\DMjws\RNaereg.jar\aereg.dll

2009-07-24 15:06 . 2009-07-24 15:08 -------- d-----w- c:\documents and settings\felix sun\Application Data\Winamp

2009-07-18 16:20 . 2009-07-20 02:03 3597824 -c----w- c:\windows\system32\dllcache\mshtml.dll

2009-07-18 16:20 . 2009-07-18 16:20 1506304 -c----w- c:\windows\system32\dllcache\shdocvw.dll

2009-07-15 20:18 . 2009-07-15 20:18 -------- d-----w- c:\program files\NickOnline

2009-07-15 20:15 . 2009-07-15 20:15 -------- d-----w- c:\documents and settings\felix sun\Local Settings\Application Data\Downloaded Installations

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-08-11 22:03 . 2007-05-31 15:46 -------- d-----w- c:\documents and settings\felix sun\Application Data\Skype

2009-08-10 15:55 . 2005-08-10 00:35 28 ----a-w- c:\windows\liccyval.dat

2009-08-08 21:38 . 2005-11-12 23:24 664 ----a-w- c:\windows\system32\d3d9caps.dat

2009-08-06 22:12 . 2002-08-03 15:17 81875 ----a-w- c:\windows\PCHEALTH\HELPCTR\OfflineCache\index.dat

2009-08-05 02:27 . 2005-10-11 23:35 -------- d-----w- c:\program files\Java

2009-07-31 13:40 . 2002-11-03 15:53 -------- d-----w- c:\program files\Viewpoint

2009-07-31 13:39 . 2003-09-03 23:02 -------- d-----w- c:\program files\Common Files\AOL

2009-07-31 13:27 . 2002-11-03 15:52 -------- d-----w- c:\program files\America Online 7.0

2009-07-24 02:38 . 2008-08-30 02:23 -------- d-----w- c:\docume~1\ALLUSE~1\APPLIC~1\Winamp Toolbar

2009-07-19 23:06 . 2008-07-23 13:36 34 ----a-w- c:\documents and settings\felix sun\jagex_runescape_preferences.dat

2009-06-29 16:12 . 2002-03-05 16:56 827392 ----a-w- c:\windows\system32\wininet.dll

2009-06-29 16:12 . 2009-08-06 22:06 78336 ------w- c:\windows\system32\ieencode.dll

2009-06-29 16:12 . 2002-08-03 15:04 17408 ------w- c:\windows\system32\corpol.dll

2009-06-16 14:55 . 2002-08-03 15:05 119808 ------w- c:\windows\system32\t2embed.dll

2009-06-16 14:55 . 2002-08-03 15:04 82432 ------w- c:\windows\system32\fontsub.dll

2009-06-03 19:27 . 2005-11-12 23:21 1290752 ----a-w- c:\windows\system32\quartz.dll

2009-05-25 15:48 . 2004-06-30 18:23 43520 ----a-w- c:\windows\system32\CmdLineExt03.dll

2007-10-23 20:45 . 2009-02-28 17:49 87400 -c--a-w- c:\program files\UnHyCam2.exe

2007-10-23 20:45 . 2009-02-28 17:49 882000 ----a-w- c:\program files\HyCam2.exe

2007-10-22 23:09 . 2009-02-28 17:49 106496 ----a-w- c:\program files\CamRes2.dll

2007-09-27 22:31 . 2009-02-28 17:49 5272 -c--a-w- c:\program files\HyCam2.tlb

2007-08-12 02:15 . 2009-02-28 17:49 57344 ----a-w- c:\program files\MClick2.dll

2006-12-14 21:13 . 2009-02-28 17:49 113628 ----a-w- c:\program files\HyCam2.chm

2006-12-14 18:18 . 2009-02-28 17:49 3274 -c--a-w- c:\program files\agreement.txt

2006-07-09 13:13 . 2009-02-28 17:49 82 ----a-w- c:\program files\HomePage.url

2004-05-05 20:57 . 2009-02-28 17:49 2018 -c--a-w- c:\program files\readme.txt

2004-04-16 22:07 . 2009-02-28 17:49 675 -c--a-w- c:\program files\HyCam2.cnt

1999-06-24 19:49 . 2009-02-28 17:49 421 -c--a-w- c:\program files\8-44100u.wav

1999-06-24 19:49 . 2009-02-28 17:49 587 -c--a-w- c:\program files\8-44100d.wav

1999-06-24 19:47 . 2009-02-28 17:49 225 -c--a-w- c:\program files\8-22050u.wav

1999-06-24 19:47 . 2009-02-28 17:49 317 -c--a-w- c:\program files\8-22050d.wav

1999-06-24 19:46 . 2009-02-28 17:49 135 -c--a-w- c:\program files\8-11025u.wav

1999-06-24 19:46 . 2009-02-28 17:49 183 -c--a-w- c:\program files\8-11025d.wav

1999-06-24 19:44 . 2009-02-28 17:49 127 -c--a-w- c:\program files\8-8000u.wav

1999-06-24 19:43 . 2009-02-28 17:49 151 -c--a-w- c:\program files\8-8000d.wav

1999-06-24 19:41 . 2009-02-28 17:49 220 -c--a-w- c:\program files\16-8000u.wav

1999-06-24 19:40 . 2009-02-28 17:49 260 -c--a-w- c:\program files\16-8000d.wav

1999-06-24 19:38 . 2009-02-28 17:49 956 -c--a-w- c:\program files\16-44100u.wav

1999-06-24 19:37 . 2009-02-28 17:49 1186 -c--a-w- c:\program files\16-44100d.wav

1999-06-24 19:34 . 2009-02-28 17:49 442 -c--a-w- c:\program files\16-22050u.wav

1999-06-24 19:34 . 2009-02-28 17:49 652 -c--a-w- c:\program files\16-22050d.wav

1999-06-24 18:54 . 2009-02-28 17:49 340 -c--a-w- c:\program files\16-11025d.wav

1999-06-24 18:50 . 2009-02-28 17:49 326 -c--a-w- c:\program files\16-11025u.wav

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-07-24 1090816]

[HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]

2009-07-24 16:55 1090816 ----a-w- c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-07-24 1090816]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]

"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-07-24 1090816]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-08-04 1667584]

"Skype"="c:\program files\Skype\Phone\Skype.exe" [2007-05-28 23458344]

"Aim6"="c:\program files\AIM6\aim6.exe" [2009-07-09 49968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SiSUSBRG"="c:\windows\SiSUSBrg.exe" [2002-04-27 102400]

"pccguide.exe"="c:\program files\Trend Micro\PC-cillin 2002\pccguide.exe" [2002-07-13 258048]

"PCCClient.exe"="c:\program files\Trend Micro\PC-cillin 2002\PCCClient.exe" [2002-06-20 327680]

"Pop3trap.exe"="c:\program files\Trend Micro\PC-cillin 2002\Pop3trap.exe" [2002-06-20 307266]

"ezShieldProtector for Px"="c:\windows\System32\ezSP_Px.exe" [2002-07-04 40960]

"TkBellExe"="c:\program files\Common Files\Real\Update_OB\evntsvc.exe" [2002-08-15 146432]

"ZTgServerSwitch"="c:\program files\support.com\client\bin\tgcmd.exe" [2002-04-12 1417216]

"QuickFinder Scheduler"="c:\program files\Corel\WordPerfect Office 2002\Programs\QFSCHD100.EXE" [2002-07-10 77887]

"C2K"="c:\windows\Cyb2k.exe" [2005-05-16 2800128]

"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-08-05 149280]

"HPDJ Taskbar Utility"="c:\windows\System32\spool\drivers\w32x86\3\hpztsb01.exe" [2000-08-07 192512]

"PersonalAV"="c:\program files\PersonalAV\pav.exe" [2009-08-06 1896448]

"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-08-07 2000152]

"LTSMMSG"="LTSMMSG.exe" - c:\windows\LTSMMSG.exe [2002-07-20 32768]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"RunNarrator"="Narrator.exe" - c:\windows\system32\narrator.exe [2004-08-04 53760]

c:\documents and settings\felix sun\Start Menu\Programs\Startup\

PowerReg Scheduler V3.exe [2004-1-31 225280]

c:\docume~1\ALLUSE~1\STARTM~1\Programs\Startup\

Adobe Gamma Loader.exe.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2002-9-10 113664]

America Online 7.0 Tray Icon.lnk - c:\program files\America Online 7.0\aoltray.exe [2002-11-3 32838]

Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [2000-1-21 65588]

VAIO Action Setup (Server).lnk - c:\program files\Sony\VAIO Action Setup\VAServ.exe [2002-8-15 40960]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]

2009-08-07 19:40 11952 ----a-w- c:\windows\system32\avgrsstx.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\Messenger\\msmsgs.exe"=

"c:\\Program Files\\AIM6\\aim6.exe"=

"c:\\Program Files\\support.com\\client\\bin\\tgcmd.exe"=

"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=

"c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=

"c:\\WINDOWS\\Cyb2k.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [8/7/2009 12:40 PM 335240]

R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [8/7/2009 12:40 PM 108552]

R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [8/7/2009 12:38 PM 297752]

R2 PCC_PFW;PC-Cillin Personal Firewall;c:\windows\system32\drivers\PCC_PFW.sys [6/19/2002 7:59 PM 43612]

R2 PCCPFW;PC-cillin PersonalFirewall;c:\program files\Trend Micro\PC-cillin 2002\PCCPFW.exe [6/19/2002 8:01 PM 155648]

R2 Tmfilter;Tmfilter;c:\windows\system32\drivers\TmXPFlt.sys [3/16/2002 9:46 PM 154368]

R2 Tmntsrv;Trend NT Realtime Service;c:\program files\Trend Micro\PC-cillin 2002\Tmntsrv.exe [6/19/2002 8:05 PM 176128]

R2 Tmpreflt;Tmpreflt;c:\windows\system32\drivers\tmpreflt.sys [3/16/2002 9:46 PM 18048]

R3 LucentSoftModem;Lucent Technologies Soft Modem;c:\windows\system32\drivers\LTSM.sys [8/3/2002 8:06 AM 815819]

S3 ldiskl;ldiskl;\??\c:\docume~1\FELIXS~1\LOCALS~1\Temp\ldiskl.sys --> c:\docume~1\FELIXS~1\LOCALS~1\Temp\ldiskl.sys [?]

S3 V0250Dev;Live! Cam Notebook Pro;c:\windows\system32\DRIVERS\V0250Dev.sys --> c:\windows\system32\DRIVERS\V0250Dev.sys [?]

--- Other Services/Drivers In Memory ---

*Deregistered* - NDISRD

.

- - - - ORPHANS REMOVED - - - -

URLSearchHooks-HookURL - (no file)

URLSearchHooks-Rank - (no file)

HKLM-Run-SiS KHooker - c:\windows\System32\khooker.exe

HKLM-Run-TimeSink Ad Client - c:\program files\TimeSink\AdGateway\TsAdBot.exe

HKLM-Run-SiS Tray - (no file)

HKLM-Run-MSDRV - NetFilter.exe

.

------- Supplementary Scan -------

.

uStart Page = hxxp://www.114la.com/index.htm

uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7

uInternet Connection Wizard,ShellNext = iexplore

IE: &D&ownload &with BitComet - c:\program files\BitComet\BitComet.exe/AddLink.htm

IE: &D&ownload all video with BitComet - c:\program files\BitComet\BitComet.exe/AddVideo.htm

IE: &D&ownload all with BitComet - c:\program files\BitComet\BitComet.exe/AddAllLink.htm

LSP: c:\windows\System32\lspcs.dll

DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab

FF - ProfilePath - c:\docume~1\FELIXS~1\APPLIC~1\Mozilla\Firefox\Profiles\mf5iu96z.default\

FF - prefs.js: browser.search.defaulturl - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2706&invocationType=tb50fftrie7&query=

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - hxxp://en-US.start2.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:en-US:official

FF - prefs.js: keyword.URL - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2706&invocationType=tb50fftrab&query=

FF - component: c:\documents and settings\felix sun\Application Data\Mozilla\Firefox\Profiles\mf5iu96z.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}\components\IBitCometExtension.dll

FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll

FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll

FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll

FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll

FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\xpavgtbapi.dll

FF - plugin: c:\program files\Mozilla Firefox\plugins\NpFv415.dll

FF - plugin: c:\program files\Mozilla Firefox\plugins\npViewpoint.dll

FF - plugin: c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll

FF - plugin: d:\reader\browser\nppdf32.dll

.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-08-11 16:08

Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully

hidden files: 0

**************************************************************************

.

--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'lsass.exe'(552)

c:\windows\System32\lspcs.dll

.

Completion time: 2009-08-11 16:15

ComboFix-quarantined-files.txt 2009-08-11 23:14

Pre-Run: 4,920,393,728 bytes free

Post-Run: 5,280,407,552 bytes free

279 --- E O F --- 2009-08-10 18:11

[SpySentinel]

You're welcome

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Open notepad and copy/paste the text in the quotebox below into it:

Collect::

c:\program files\PersonalAV

File::

c:\windows\liccyval.dat

Folder::

c:\docume~1\ALLUSE~1\APPLIC~1\Viewpoint

c:\program files\Viewpoint

Save this as CFScript.txt, in the same location as ComboFix.exe

Refering to the picture above, drag CFScript into ComboFix.exe

When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.

[screen317]

GbH,

SpySentinel will be away for a bit and I will be taking over for him. Please follow his most recent set of instructions and we'll continue from there.

-screen317

[screen317]

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!