Free Malware Removal Forum

[exwizard]

Hello again!
Ok so i bought a new pc and made a lan network with my old pc and now im picking up alot of viruses and stuff from the old pc.
Most of the viruses are old as 2005 but i want them removed from both PCs if possible.
So far i have not seen any problems but the nod32 and spybot S&D are warning me all the time about it...

Hers my HJT logs from both PCs:

Old PC

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 9:50:40 PM, on 1/9/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
J:\WINDOWS\System32\smss.exe
J:\WINDOWS\system32\winlogon.exe
J:\WINDOWS\system32\services.exe
J:\WINDOWS\system32\lsass.exe
J:\WINDOWS\system32\svchost.exe
J:\WINDOWS\System32\svchost.exe
J:\WINDOWS\system32\svchost.exe
J:\WINDOWS\system32\spoolsv.exe
J:\WINDOWS\Explorer.EXE
J:\WINDOWS\system32\ntvdm.exe
J:\Program Files\Common Files\Real\Update_OB\realsched.exe
J:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
J:\Program Files\lg_fwupdate\fwupdate.exe
J:\Program Files\iTunes\iTunesHelper.exe
J:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
J:\Program Files\DAEMON Tools\daemon.exe
J:\Program Files\Comodo\Firewall\CPF.exe
J:\WINDOWS\SOUNDMAN.EXE
E:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
J:\WINDOWS\system32\RUNDLL32.EXE
J:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
J:\WINDOWS\system32\ctfmon.exe
J:\Program Files\Logitech\Profiler\lwemon.exe
D:\Program Files\CyberLink DVD Solution\Multimedia Launcher\PowerBar.exe
J:\Program Files\MSN Messenger\MsnMsgr.Exe
J:\Program Files\Google\Google Talk\googletalk.exe
J:\Program Files\Octoshape Streaming Services\XP\OctoshapeClient.exe
E:\Program Files\Curse\CurseClient.exe
J:\Program Files\GetRight\getright.exe
E:\Program Files\Logitech\SetPoint\SetPoint.exe
J:\Program Files\SEC\Natural Color\NaturalColorLoad.exe
J:\Program Files\GetRight\getright.exe
J:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
J:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe
J:\Program Files\Common Files\Sonic Shared\cinetray.exe
J:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
E:\Program Files\valve\Counter-Strike Source\hl2.exe
J:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
J:\Program Files\Comodo\Firewall\cmdagent.exe
J:\Program Files\Common Files\LightScribe\LSSrvc.exe
J:\WINDOWS\system32\nvsvc32.exe
J:\WINDOWS\system32\PnkBstrA.exe
J:\WINDOWS\system32\svchost.exe
J:\WINDOWS\system32\UAService7.exe
J:\WINDOWS\system32\wscntfy.exe
J:\Program Files\iPod\bin\iPodService.exe
J:\Program Files\PC Connectivity Solution\ServiceLayer.exe
\xy\SharedDocs\HiJackThis_v2.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tibia.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 170.211.155.162:3128
F3 - REG:win.ini: load= E:\TCWIN45\PIPELINE\remind.exe
O1 - Hosts: {\rtf1\ansi\ansicpg1252\deff0{\fonttbl{\f0\fnil\fcharset0 Courier New;}{\f1\fmodern\fprq1\fcharset0 Courier New;}{\f2\froman\fcharset0 Times New Roman;}}
O1 - Hosts: {\colortbl ;\red0\green0\blue0;}
O1 - Hosts: {\*\generator Msftedit 5.41.15.1507;}\viewkind4\uc1\pard\lang1033\f0\fs20 # Copyright (c) 1993-1999 Microsoft Corp.\par
O1 - Hosts: 69.80.225.31 nprotect.ryl.com.my
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - J:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - J:\Program Files\GetRight\xx2gr.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - e:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - J:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - J:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - J:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - J:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 - BHO: bho2gr Class - {F1FF080D-12A3-439A-A2EF-4BA95A3148E8} - E:\Program Files\Lightning Download\LD_Catch.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - J:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [TkBellExe] "J:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SpywareTerminator] "E:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [QuickTime Task] "J:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NVMixerTray] "J:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE J:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NeroFilterCheck] J:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "J:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [LGODDFU] "J:\Program Files\lg_fwupdate\fwupdate.exe" blrun
O4 - HKLM\..\Run: [iTunesHelper] "J:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ISUSScheduler] "J:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ISUSPM Startup] "J:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [GrooveMonitor] "J:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [DAEMON Tools] "J:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [Comodo Firewall] "J:\Program Files\Comodo\Firewall\CPF.exe" /background
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [PCSuiteTrayApplication] E:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE J:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "J:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] J:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Start WingMan Profiler] "J:\Program Files\Logitech\Profiler\lwemon.exe" /noui
O4 - HKCU\..\Run: [PowerBar] "d:\Program Files\CyberLink DVD Solution\Multimedia Launcher\PowerBar.exe" /AtBootTime
O4 - HKCU\..\Run: [MsnMsgr] "J:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [googletalk] "J:\Program Files\Google\Google Talk\googletalk.exe" /autostart
O4 - HKCU\..\Run: [NBJ] "J:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [Octoshape Streaming Services] "J:\Program Files\Octoshape Streaming Services\XP\OctoshapeClient.exe" -inv:bootrun
O4 - HKCU\..\Run: [CurseClient] e:\Program Files\Curse\CurseClient.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] J:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] J:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-21-299502267-1606980848-725345543-1003\..\Run: [ctfmon.exe] J:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-21-299502267-1606980848-725345543-1003\..\Run: [MsnMsgr] "J:\Program Files\MSN Messenger\MsnMsgr.Exe" /background (User '?')
O4 - HKUS\S-1-5-21-299502267-1606980848-725345543-1003\..\Run: [googletalk] "J:\Program Files\Google\Google Talk\googletalk.exe" /autostart (User '?')
O4 - HKUS\S-1-5-21-299502267-1606980848-725345543-1003\..\Run: [NBJ] "J:\Program Files\Ahead\Nero BackItUp\NBJ.exe" (User '?')
O4 - HKUS\S-1-5-21-299502267-1606980848-725345543-1003\..\Run: [Octoshape Streaming Services] "J:\Program Files\Octoshape Streaming Services\XP\OctoshapeClient.exe" -inv:bootrun (User '?')
O4 - HKUS\S-1-5-21-299502267-1606980848-725345543-1003\..\Run: [CurseClient] e:\Program Files\Curse\CurseClient.exe (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] J:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] J:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-21-299502267-1606980848-725345543-1003 Startup: OneNote 2007 Screen Clipper and Launcher.lnk = J:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (User '?')
O4 - S-1-5-21-299502267-1606980848-725345543-1003 Startup: Sonic CinePlayer Quick Launch.lnk = ? (User '?')
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = J:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Startup: Sonic CinePlayer Quick Launch.lnk = ?
O4 - Global Startup: Adobe Reader Speed Launch.lnk = J:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: GetRight - Tray Icon.lnk = J:\Program Files\GetRight\getright.exe
O4 - Global Startup: Logitech SetPoint.lnk = E:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: NaturalColorLoad.lnk = ?
O4 - Global Startup: Picture Package Menu.lnk = J:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
O4 - Global Startup: Picture Package VCD Maker.lnk = J:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe
O8 - Extra context menu item: Download with GetRight - J:\Program Files\GetRight\GRdownload.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://J:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Open with GetRight Browser - J:\Program Files\GetRight\GRbrowse.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - J:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - J:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - e:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - J:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - J:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - J:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - J:\Documents and Settings\XP\Start Menu\Programs\IMVU\Run IMVU.lnk
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - J:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - J:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/ms ... b31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/Mi ... b31267.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/So ... b56986.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 0216305593
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab
O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} (GameLauncher Control) - http://www.acclaim.com/cabs/acclaim_v5.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 3080803703
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramework/v ... b34246.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b56907.cab
O16 - DPF: {CD995117-98E5-4169-9920-6C12D4C0B548} (HGPlugin9USA Class) - http://gamedownload.ijjimax.com/gamedow ... in9USA.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/Mi ... b56986.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/So ... b31267.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - J:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - J:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - J:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - J:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Autodesk Licensing Service - Unknown owner - J:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Kaspersky Lab - e:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - J:\Program Files\Comodo\Firewall\cmdagent.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - J:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - J:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - J:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - J:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - J:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - J:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - J:\Program Files\WinPcap\rpcapd.exe
O23 - Service: ServiceLayer - Nokia. - J:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - J:\WINDOWS\system32\UAService7.exe
O24 - Desktop Component 0: J:\Program Files\DesktopEarth\current.bmp - J:\Program Files\DesktopEarth\current.bmp

--
End of file - 15717 bytes


NEW PC

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 9:31:48 PM, on 1/9/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\Logitech\G-series Software\LGDCore.exe
C:\Program Files\Logitech\G-series Software\LCDMon.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Eset\nod32kui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Creative\Shared Files\CTSched.exe
C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Logitech\G-series Software\Applets\LCDCountdown\LCDCountdown.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
C:\Program Files\Logitech\G-series Software\Applets\LCDPop3\LCDPOP3.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Logitech\G-series Software\Applets\LCDClock.exe
C:\Program Files\Logitech\G-series Software\Applets\LCDMedia.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\WINDOWS\system32\mdm.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\User\Desktop\New Folder\HiJackThis_v2.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: IE to GetRight Helper - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Program Files\GetRight\xx2gr.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" /r
O4 - HKLM\..\Run: [P17Helper] Rundll32 SPIRun.dll,RunDLLEntry
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program Files\Logitech\G-series Software\LGDCore.exe" /SHOWHIDE
O4 - HKLM\..\Run: [Launch LCDMon] "C:\Program Files\Logitech\G-series Software\LCDMon.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [CreativeTaskScheduler] "C:\Program Files\Creative\Shared Files\CTSched.exe" /logon
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRdownload.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\GetRight\GRbrowse.htm
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microso ... 7590682203
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 7590672015
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 9054 bytes

[askey127]

exwizard,
I will only address your "OLD" PC. Your new PC does not show any malware in the log, and I won't do two machines at once in one thread anyway.
Please delete your present version of HiJackThis. Its here:
J:\Program Files\PC Connectivity Solution\ServiceLayer.exe\xy\SharedDocs\HiJackThis_v2.exe
-----------------------------------------------
Download HJTInstall.exe and save to your Desktop.

• Doubleclick HJTInstall.exe to install it.
• By default it will install to C:\Program Files\Trend Micro\HijackThis. You can choose any location but do NOT install it in a TEMP folder.
• Click on Install.
• It will create a HijackThis icon on the desktop.
• Once installed, it will launch Hijackthis.
• Click on the Do a system scan and save a logfile button. It will scan and a text log file will open in notepad.
• Make sure Notepad's Format Menu has Word Wrap Unchecked.
• Copy/Paste the entire log to your next reply please.
• No matter what it says in the QuickStart Guide or elsewhere, DON'T USE the "ANALYZE THIS" button.
  Its Findings can be Dangerous for your machine.
• Please Don't have Hijackthis fix anything yet.
  Most of what it is in the log are legitimate entries, necessary for the operation of your computer.

----------------------------------------------------------
Download and Install CCleaner

• Download CCleaner from here . Choose the Slim version.
• Double click on ccsetupXXX_slim.exe to start the installation of CCleaner. (XXX is the version number)
• Click OK
• Click Next
• Click I agree
• Click Next
• Click Install
• Once the installation has finished, click Finish

-----------------------------------------------------------
Set Options in CCleaner and run Cleaning Scan.
Open CCleaner if it's not already running.
( Do not use the Registry block to clean anything with this program. It is for experts only and it is risky).

• Select Cleaner Settings.
  Check Internet Explorer, Windows Explorer, and System so that all items are checked. In the Advanced section, have a check only on Old PreFetch Data.
• Click on the Options block on the left. Select Advanced.
  Uncheck Only delete files in Windows Temp folders older than 48 hours.
• Set Cookie Retention.
  Click on the Options block on the left, then choose Cookies.
  Under the Cookies to delete pane, highlight any cookies you would like to retain permanently (those companies or sites with which you regularly visit or do business), and click the right arrow > to move them to the Cookies to keep pane.
• Run Cleaning Scan. Click on the Cleaner block on the left. Choose the Windows tab.
  Click the Run Cleaner button. This process could take a while. When CCleaner shows how much has been removed, cleaning is finished.

-----------------------------------------------------------
Retrieve the Installed Programs List from CCleaner
Open CCleaner if it's not already running.
In the Left Pane, click Tools
Verify that Uninstall is highlighted in color, or click on it.
In the lower Right, click Save to Text File.
Pull down the arrow at the top of the Save dialog and choose Desktop as the location.
You can leave the filename as install.txt
Click Save
Exit CCleaner by clicking on the X button in the upper right of the CCleaner window.
-----------------------------------------------------
Using Internet Explorer, Please Do an Online Scan with Kaspersky WebScanner.
Go here to run an online scanner from Kaspersky.

• Click on "Kaspersky Online Scanner"
• A new smaller window will pop up. Press on "Accept". After reading the contents.
• Now Kaspersky will update the anti-virus database. Let it run.
• Click on "Next">"Scan Settings", and make sure the database is set to "extended". And check both the scan options. Then click OK.
• Then click on "My Computer", and the scan will start.
• Once finished, save the log to your Desktop as filename KAV.txt

Note for Internet Explorer 7 users: If at any time you have trouble with the accept button of the license, click on the Zoom tool located at the right bottom of the IE window and set the zoom to 75 %. Once the license is accepted, reset to 100%.
If the file KAV.txt appears to be too large to post (more than a couple hundred lines), let me know and I will give you instructions that will convert it to a smaller file.

So we are looking for the CCleaner list install.txt and the contents of KAV.txt
askey127

[exwizard]

The kaspersky scan fails with this:

Update process FAILED. No further antivirus actions can be performed!

Attention, you must be online to activate Kaspersky Online Scanner, since the latest Anti-Virus bases version must be downloaded prior to scan. Otherwise we cannot guarantee detection of latest viruses. [21]


¤CĎ5¤ Delta Force Task Force Dagger Object Viewer
µTorrent
3D-FTP 7.01
3DMark06
3ds max 7
3ds max 7 Additional Maps and Materials
3ds max 7 Architectural Materials
3ds max 7 Reference Files
7-Zip 4.32
Ad-Aware SE Personal
Adobe Bridge 1.0
Adobe Common File Installer
Adobe Flash Player 9 ActiveX
Adobe Help Center 1.0
Adobe Photoshop CS2
Adobe Reader 7.0.8
Adobe Stock Photos 1.0
AGEIA PhysX v7.09.13
Ahead InCD EasyWrite Reader
Apple Software Update
ArcSoft Camera Suite
ASUS WLAN Card Utilities/Driver
AviSynth 2.5
BadCopy Pro
BB FlashBack
Blast Miner
Bof4
CCleaner (remove only)
Comodo Firewall
ConvertXtoDVD 2.2.3.258
Counter-Strike 1.6 no steam
Counter-Strike Source
Crashday-demo
DC++ 0.688
DesktopX
DirectDVD 6 HD
Dofus 1.12.0
DShow Viewer
DVBViewer TE
DVD Solution
dvdSanta 4.00
Dynasty Warriors 4 Hyper
Effective Site Studio
EPSON Attach To Email
EPSON Copy Utility 3
EPSON Easy Photo Print
EPSON File Manager
EPSON Image Clip Palette
EPSON Printer Software
EPSON Scan
EPSON Scan Assistant
EPSON Web-To-Page
ESDX3800 User's Guide
EVEREST Home Edition v1.51
EVEREST Ultimate Edition v2.80
EvilLyrics
FLV Player 1.3.3
Fraps
GetRight
Google Earth
Google Talk (remove only)
Google Video Player
GrabClipSave
GrabIt 1.6.1 Beta (build 936)
Half-Life
Hamachi 1.0.1.5
HighMAT Extension to Microsoft Windows XP CD Writing Wizard
HijackThis 2.0.2
Hotfix for MSXML 2 (KB887606)
Hotfix for Windows XP (KB319740)
Hotfix for Windows XP (KB889527)
Hotfix for Windows XP (KB896344)
Hotfix for Windows XP (KB897338)
Hotfix for Windows XP (KB898900)
Hotfix for Windows XP (KB903234)
Hotfix for Windows XP (KB904412)
Hotfix for Windows XP (KB906569)
Hotfix for Windows XP (KB907865)
Hotfix for Windows XP (KB909095)
Hotfix for Windows XP (KB912461)
Hotfix for Windows XP (KB912817)
Hotfix for Windows XP (KB913538)
Hotfix for Windows XP (KB914440)
Hotfix for Windows XP (KB917021)
Hotfix for Windows XP (KB918005)
Hotfix for Windows XP (KB918093)
Hotfix for Windows XP (KB918766)
Hotfix for Windows XP (KB918997)
Hotfix for Windows XP (KB919071)
Hotfix for Windows XP (KB924867)
Hotfix for Windows XP (KB924941)
Hotfix for Windows XP (KB926239)
Hotfix for Windows XP (KB928388)
Icy Tower v1.3.1
ijji - Gunz
IMVU Avatar chat software (BETA)
iPod Software 1.3 Updater
iTunes
J2SE Runtime Environment 5.0 Update 10
J2SE Runtime Environment 5.0 Update 11
J2SE Runtime Environment 5.0 Update 6
J2SE Runtime Environment 5.0 Update 9
Java DB 10.2.2.0
Java(TM) 6 Update 2
Java(TM) SE Development Kit 6 Update 3
Kaspersky Anti-Virus 6.0
K-Lite Codec Pack 3.5.0 Full
LG ODD Auto Firmware Update
Lightning Download
LightScribe 1.4.74.1
LIVE gaming on Windows Runtime Version 1.0.6027
Logitech Gaming Software
Logitech SetPoint
Macromedia Dreamweaver MX
Macromedia Extension Manager
Macromedia Fireworks MX
Macromedia Flash MX
Macromedia Flash Player
Macromedia FreeHand 10
Macromedia Shockwave Player
Micro DVD Player
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB886903)
Microsoft .NET Framework 1.1 Hotfix (KB925168)
Microsoft .NET Framework 2.0
Microsoft .NET Framework 3.0
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Game Studios Common Redistributables Pack 1
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Office XP Professional with FrontPage
Microsoft Software Update for Web Folders (English) 12
Microsoft Text-to-Speech Engine 4.0 (English)
Microsoft User-Mode Driver Framework Feature Pack 1.5
Microsoft Visual C++ 2005 Redistributable
Microsoft Windows Journal Viewer
Microsoft XML Parser
mIRC
MOV Converter 1.01
Mozilla Firefox (2.0.0.11)
MSN Gaming Zone
MSN Music Assistant
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 Parser and SDK
MSXML 6.0 Parser (KB927977)
Multimedia Launcher
Musicmatch® Jukebox
Natural Color
Nero Media Player
Nero OEM
NeroVision Express 2
Nokia Connectivity Cable Driver
Nokia PC Suite
Nokia Software Updater
NSS (remove only)
NVIDIA Drivers
NVIDIA Photoshop Plug-ins
NvMixer
Octoshape Streaming Services
OpenAL
Orion Studios DDV
OSS Internet Speed Booster 3.0.0.0
PAF Ultimate Splash Pack V3
PC Connectivity Solution
Picture Package
PIF DESIGNER
PowerProducer
PowerStrip 3 (remove only)
ProgDVB
Project1
Project1 (d:\My games\NovaLogic\)
Project1 (e:\CODESF\)
PSP Extreme Link
PunkBuster Services
PvPGN 1.8.0 RC2
QuickTime
RealPlayer
Realtek AC'97 Audio
RivaTuner v2.0 RC 15.6
RM Converter 3.28
Ruby-185-21
RYL Client ver 553
SDP Downloader
Security Update for Microsoft .NET Framework 2.0 (KB917283)
Security Update for Microsoft .NET Framework 2.0 (KB922770)
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899589)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901190)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB908531)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913446)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917537)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920214)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB922760)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923694)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB926255)
Shockwave
Sierra Utilities
Skype 1.3
SmartFTP Client 2.0
SmartFTP Client 2.0 Setup Files (remove only)
Software Update for Web Folders
Sonic CinePlayer DVD Pack
Sony USB Driver
SpeedSim
Spybot - Search & Destroy 1.4
Spyware Terminator
Street Hacker Demo 1.1.6
System Requirements Lab
Tarr Chronicles Patch 1.0.2.0
Tasker version 3.13
TeamSpeak 2 RC2
Tibia 7.92
Tina Pro for Windows - Demo
TrackMania Nations ESWC 0.1.7.5
UltraISO V7.65 ME
Unreal Tournament 2004
Unreal Tournament 3 (LG)
Update for Windows Internet Explorer 7 (KB928089)
Update for Windows XP (KB894391)
Update for Windows XP (KB897663)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB904942)
Update for Windows XP (KB907265)
Update for Windows XP (KB908521)
Update for Windows XP (KB910437)
Update for Windows XP (KB911280)
Update for Windows XP (KB916595)
Update for Windows XP (KB916846)
Update for Windows XP (KB920342)
Update for Windows XP (KB920872)
Update for Windows XP (KB922120)
Update for Windows XP (KB922582)
Uplink
Ventrilo Client
Ventrilo Server
VideoEgg Publisher
VideoLAN VLC media player 0.8.6a
Wanted v3.0 Screensaver
Warcraft III: All Products
WebQuiz XP Trial
Western Australian Time Zone Update
WiFi Jukebox Server
Winamp (remove only)
Windows Communication Foundation
Windows Driver Package - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)
Windows Driver Package - Nokia (WUDFRd) WPD (06/01/2007 6.84.33.0)
Windows Driver Package - Nokia Modem (02/15/2007 3.1)
Windows Driver Package - Nokia Modem (05/24/2007 6.84.0.1)
Windows Driver Package - Nokia Modem (08/03/2007 6.84.0.2)
Windows Driver Package - Nokia Modem (08/08/2007 3.3)
Windows Genuine Advantage v1.3.0254.0
Windows Imaging Component
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Media Format 11 runtime
Windows Media Player 11
Windows PowerShell(TM) 1.0
Windows Presentation Foundation
Windows Workflow Foundation
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB884020
Windows XP Hotfix - KB884883
Windows XP Hotfix - KB885222
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB885884
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB886677
Windows XP Hotfix - KB886716
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB889673
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
Windows XP Hotfix - KB894395
Windows XP Hotfix - KB896626
WinPcap 3.1
WinRAR archiver
WinZip
World of Warcraft
Xfire (remove only)
XP Royale Theme
XviD4PSP by Winnydows
Your Freedom



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:47:44 PM, on 1/12/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Boot mode: Normal

Running processes:
J:\WINDOWS\System32\smss.exe
J:\WINDOWS\system32\winlogon.exe
J:\WINDOWS\system32\services.exe
J:\WINDOWS\system32\lsass.exe
J:\WINDOWS\system32\svchost.exe
J:\WINDOWS\System32\svchost.exe
J:\WINDOWS\system32\svchost.exe
J:\WINDOWS\system32\spoolsv.exe
J:\WINDOWS\Explorer.EXE
J:\WINDOWS\system32\ntvdm.exe
J:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
J:\Program Files\lg_fwupdate\fwupdate.exe
J:\Program Files\iTunes\iTunesHelper.exe
J:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
J:\Program Files\DAEMON Tools\daemon.exe
J:\Program Files\Comodo\Firewall\CPF.exe
J:\WINDOWS\SOUNDMAN.EXE
E:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
J:\WINDOWS\system32\RUNDLL32.EXE
J:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
J:\WINDOWS\system32\ctfmon.exe
J:\Program Files\Logitech\Profiler\lwemon.exe
D:\Program Files\CyberLink DVD Solution\Multimedia Launcher\PowerBar.exe
J:\Program Files\MSN Messenger\MsnMsgr.Exe
J:\Program Files\Google\Google Talk\googletalk.exe
J:\Program Files\Octoshape Streaming Services\XP\OctoshapeClient.exe
E:\Program Files\Curse\CurseClient.exe
J:\Program Files\GetRight\getright.exe
E:\Program Files\Logitech\SetPoint\SetPoint.exe
J:\Program Files\SEC\Natural Color\NaturalColorLoad.exe
J:\Program Files\GetRight\getright.exe
J:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
J:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe
J:\Program Files\Common Files\Sonic Shared\cinetray.exe
J:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
E:\Program Files\valve\Counter-Strike Source\hl2.exe
J:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
J:\Program Files\Comodo\Firewall\cmdagent.exe
J:\Program Files\Common Files\LightScribe\LSSrvc.exe
J:\WINDOWS\system32\nvsvc32.exe
J:\WINDOWS\system32\PnkBstrA.exe
J:\WINDOWS\system32\svchost.exe
J:\WINDOWS\system32\UAService7.exe
J:\WINDOWS\system32\wscntfy.exe
J:\Program Files\iPod\bin\iPodService.exe
J:\Program Files\PC Connectivity Solution\ServiceLayer.exe
e:\Program Files\Real\RealPlayer\RealPlay.exe
J:\Program Files\Common Files\Real\Update_OB\realsched.exe
e:\Program Files\Real\RealPlayer\RealPlay.exe
J:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tibia.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 170.211.155.162:3128
F3 - REG:win.ini: load= E:\TCWIN45\PIPELINE\remind.exe
O1 - Hosts: {\rtf1\ansi\ansicpg1252\deff0{\fonttbl{\f0\fnil\fcharset0 Courier New;}{\f1\fmodern\fprq1\fcharset0 Courier New;}{\f2\froman\fcharset0 Times New Roman;}}
O1 - Hosts: {\colortbl ;\red0\green0\blue0;}
O1 - Hosts: {\*\generator Msftedit 5.41.15.1507;}\viewkind4\uc1\pard\lang1033\f0\fs20 # Copyright (c) 1993-1999 Microsoft Corp.\par
O1 - Hosts: 69.80.225.31 nprotect.ryl.com.my
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - J:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - J:\Program Files\GetRight\xx2gr.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - e:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - J:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - J:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - J:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - J:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 - BHO: bho2gr Class - {F1FF080D-12A3-439A-A2EF-4BA95A3148E8} - E:\Program Files\Lightning Download\LD_Catch.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - J:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [TkBellExe] "J:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SpywareTerminator] "E:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [QuickTime Task] "J:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NVMixerTray] "J:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE J:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NeroFilterCheck] J:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "J:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [LGODDFU] "J:\Program Files\lg_fwupdate\fwupdate.exe" blrun
O4 - HKLM\..\Run: [iTunesHelper] "J:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ISUSScheduler] "J:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ISUSPM Startup] "J:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [GrooveMonitor] "J:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [DAEMON Tools] "J:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [Comodo Firewall] "J:\Program Files\Comodo\Firewall\CPF.exe" /background
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [PCSuiteTrayApplication] E:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE J:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "J:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] J:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Start WingMan Profiler] "J:\Program Files\Logitech\Profiler\lwemon.exe" /noui
O4 - HKCU\..\Run: [PowerBar] "d:\Program Files\CyberLink DVD Solution\Multimedia Launcher\PowerBar.exe" /AtBootTime
O4 - HKCU\..\Run: [MsnMsgr] "J:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [googletalk] "J:\Program Files\Google\Google Talk\googletalk.exe" /autostart
O4 - HKCU\..\Run: [NBJ] "J:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [Octoshape Streaming Services] "J:\Program Files\Octoshape Streaming Services\XP\OctoshapeClient.exe" -inv:bootrun
O4 - HKCU\..\Run: [CurseClient] e:\Program Files\Curse\CurseClient.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] J:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] J:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-21-299502267-1606980848-725345543-1003\..\Run: [ctfmon.exe] J:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-21-299502267-1606980848-725345543-1003\..\Run: [MsnMsgr] "J:\Program Files\MSN Messenger\MsnMsgr.Exe" /background (User '?')
O4 - HKUS\S-1-5-21-299502267-1606980848-725345543-1003\..\Run: [googletalk] "J:\Program Files\Google\Google Talk\googletalk.exe" /autostart (User '?')
O4 - HKUS\S-1-5-21-299502267-1606980848-725345543-1003\..\Run: [NBJ] "J:\Program Files\Ahead\Nero BackItUp\NBJ.exe" (User '?')
O4 - HKUS\S-1-5-21-299502267-1606980848-725345543-1003\..\Run: [Octoshape Streaming Services] "J:\Program Files\Octoshape Streaming Services\XP\OctoshapeClient.exe" -inv:bootrun (User '?')
O4 - HKUS\S-1-5-21-299502267-1606980848-725345543-1003\..\Run: [CurseClient] e:\Program Files\Curse\CurseClient.exe (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] J:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] J:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-21-299502267-1606980848-725345543-1003 Startup: OneNote 2007 Screen Clipper and Launcher.lnk = J:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (User '?')
O4 - S-1-5-21-299502267-1606980848-725345543-1003 Startup: Sonic CinePlayer Quick Launch.lnk = ? (User '?')
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = J:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Startup: Sonic CinePlayer Quick Launch.lnk = ?
O4 - Global Startup: Adobe Reader Speed Launch.lnk = J:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: GetRight - Tray Icon.lnk = J:\Program Files\GetRight\getright.exe
O4 - Global Startup: Logitech SetPoint.lnk = E:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: NaturalColorLoad.lnk = ?
O4 - Global Startup: Picture Package Menu.lnk = J:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
O4 - Global Startup: Picture Package VCD Maker.lnk = J:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe
O8 - Extra context menu item: Download with GetRight - J:\Program Files\GetRight\GRdownload.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://J:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Open with GetRight Browser - J:\Program Files\GetRight\GRbrowse.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - J:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - J:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - e:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - J:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - J:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - J:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - J:\Documents and Settings\XP\Start Menu\Programs\IMVU\Run IMVU.lnk
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - J:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - J:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - J:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - J:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/ms ... b31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/Mi ... b31267.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/So ... b56986.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 0216305593
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab
O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} (GameLauncher Control) - http://www.acclaim.com/cabs/acclaim_v5.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 3080803703
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramework/v ... b34246.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b56907.cab
O16 - DPF: {CD995117-98E5-4169-9920-6C12D4C0B548} (HGPlugin9USA Class) - http://gamedownload.ijjimax.com/gamedow ... in9USA.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/Mi ... b56986.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/So ... b31267.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - J:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - J:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Autodesk Licensing Service - Unknown owner - J:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Kaspersky Lab - e:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - J:\Program Files\Comodo\Firewall\cmdagent.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - J:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - J:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - J:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - J:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - J:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - J:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - J:\Program Files\WinPcap\rpcapd.exe
O23 - Service: ServiceLayer - Nokia. - J:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - J:\WINDOWS\system32\UAService7.exe
O24 - Desktop Component 0: J:\Program Files\DesktopEarth\current.bmp - J:\Program Files\DesktopEarth\current.bmp

--
End of file - 15588 bytes

[askey127]

exwizard,
Your computer, as you know is loaded with gaming tools. Many of these, like Punkbuster, use spyware techniques to engage in the anti-piracy battle. In the process, they take control of much of your PC, and they meet the definition of spyware/malware.
It is not likely that your computer could be cleaned without breaking or removing some of these programs, and If you don't want these, you can't legally play the associated games.
As long as this machine is being used in this way, with these applications, it will never be technically clean. Good Antivirus applications (if you had one) would be flagging these all the time. If you want to continue to use this machine, I would suggest having an imaging program so you can reload it when the ads and infections get too difficult.

In addition, as you are also aware, you have tools designed to circumvent software legal requirements for file downloading and transfer. Which brings us to the bigger issue:
As long as you have these application types on this machine, by policy we must refrain from FIXING it. This is not negotiable.

askey127

[NonSuch]

As we are unable to assist you at this time, due to software on this system that is not in compliance with MRU guidelines, this topic is now closed.

If you later comply with MRU guidelines by removal of said software from this system, please start a new topic.

You can help support this site from this link :
Donations For Malware Removal