yes, the popups are gone. I would still like to remove the other things detected.
DDS (Ver_09-07-30.01) - NTFSx86
Run by Owner at 19:10:55.90 on Fri 08/14/2009
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_14
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.255.118 [GMT -6:00]
============== Running Processes ===============
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\vVX3000.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\TELUS_eCare_Lite\eCareTrayApp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\Update\1.2.183.7\GoogleCrashHandler.exe
svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
c:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Documents and Settings\Owner\Desktop\dds.scr
============== Pseudo HJT Report ===============
uStart Page =
hxxp://www.ask.com/?o=13920&l=disBHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AskBar BHO: {201f27d4-3704-41d6-89c1-aa35e39143ed} - c:\program files\askbardis\bar\bin\askBar.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Google Gears Helper: {e0fefe40-fbf9-42ae-ba58-794ca7e3fb53} - c:\program files\google\google gears\internet explorer\0.5.30.0\gears.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Ask Toolbar: {3041d03e-fd4b-44e0-b742-2d9b88305f98} - c:\program files\askbardis\bar\bin\askBar.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [MalwareRemovalBot] c:\program files\malwareremovalbot\MalwareRemovalBot.exe -boot
mRun: [VX3000] c:\windows\vVX3000.exe
mRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe"
mRun: [LanguageShortcut] "c:\program files\cyberlink\powerdvd\language\Language.exe"
mRun: [LifeCam] "c:\program files\microsoft lifecam\LifeExp.exe"
mRun: [TELUS_eCare_Lite_McciTrayApp] c:\program files\telus_ecare_lite\eCareTrayApp.exe
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [SunJavaUpdateSched] c:\program files\java\jre6\bin\jusched.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\wegame.lnk - c:\program files\wegame\wegame.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBC} - c:\program files\java\jre6\bin\jp2iexp.dll
IE: {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - {0B4350D1-055F-47A3-B112-5F2F2B0D6F08} - c:\program files\google\google gears\internet explorer\0.5.30.0\gears.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: ChatSpace Full Java Client 4.0.0.320 -
hxxp://discussion.fastseduction.com:856 ... s40320.cabDPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} -
hxxp://appldnld.apple.com.edgesuite.net ... plugin.cabDPF: {17492023-C23A-453E-A040-C7C580BBF700} -
hxxp://download.microsoft.com/download/ ... ontrol.cabDPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} -
hxxp://gfx2.hotmail.com/mail/w3/pr01/re ... NPUpld.cabDPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} -
hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cabDPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} -
hxxp://fpdownload.macromedia.com/get/fl ... rashim.cabDPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} -
hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cabDPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} -
hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cabDPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} -
hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cabSSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
================= FIREFOX ===================
FF - ProfilePath - c:\docume~1\owner\applic~1\mozilla\firefox\profiles\j8jwequv.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage -
hxxp://en-US.start3.mozilla.com/firefox ... S:officialFF - prefs.js: keyword.URL -
hxxp://toolbar.ask.com/toolbarv/askRedi ... t=&gc=1&q=FF - plugin: c:\program files\google\update\1.2.183.7\npGoogleOneClick8.dll
FF - plugin: c:\program files\opera\program\plugins\np_gp.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.cache_size", 51200);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.ogg.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.wave.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.autoplay.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess");
c:\program files\mozilla firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120);
c:\program files\mozilla firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("layout.css.dpi", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072);
c:\program files\mozilla firefox\greprefs\all.js - pref("geo.enabled", true);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35");
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json");
============= SERVICES / DRIVERS ===============
S2 ASKUpgrade;ASKUpgrade;c:\program files\askbardis\bar\bin\ASKUpgrade.exe [2009-8-10 234888]
S2 gupdate1c912132a900a32;Google Update Service (gupdate1c912132a900a32);c:\program files\google\update\GoogleUpdate.exe [2008-9-8 133104]
S3 ASPI;Advanced SCSI Programming Interface Driver;c:\windows\system32\drivers\ASPI32.SYS [2009-1-24 16512]
S3 cpuz128;cpuz128;\??\c:\docume~1\owner\locals~1\temp\cpuz_x32.sys --> c:\docume~1\owner\locals~1\temp\cpuz_x32.sys [?]
=============== Created Last 30 ================
2009-08-13 03:02 <DIR> --d----- c:\windows\ServicePackFiles
2009-08-10 22:26 <DIR> --d----- c:\program files\AskBarDis
2009-08-06 03:11 <DIR> --d----- c:\windows\system32\XPSViewer
2009-08-06 03:10 597,504 -c------ c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-08-06 03:10 89,088 -c------ c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-08-06 03:10 117,760 -------- c:\windows\system32\prntvpt.dll
2009-08-06 03:10 1,676,288 -c------ c:\windows\system32\dllcache\xpssvcs.dll
2009-08-06 03:10 575,488 -c------ c:\windows\system32\dllcache\xpsshhdr.dll
2009-08-06 03:10 1,676,288 -------- c:\windows\system32\xpssvcs.dll
2009-08-06 03:10 575,488 -------- c:\windows\system32\xpsshhdr.dll
2009-08-06 03:10 <DIR> --d----- C:\b737bcb98bd14d32300ae2b484438cf4
2009-08-06 03:02 <DIR> --d----- c:\program files\MSXML 6.0
2009-08-03 19:31 2,727,968 a--sh--- c:\windows\system32\drivers\fidbox.dat
2009-08-03 19:31 33,044 a--sh--- c:\windows\system32\drivers\fidbox.idx
2009-08-03 19:18 <DIR> --d----- c:\docume~1\owner\applic~1\MalwareRemovalBot
2009-08-02 21:05 <DIR> --d----- c:\docume~1\owner\applic~1\uTorrent
2009-08-01 18:27 3,584 a------- C:\1033.MST
2009-08-01 18:27 11,775,488 a------- C:\J2SE Runtime Environment 5.0 Update 5.msi
2009-07-30 20:07 <DIR> --d----- c:\program files\Sun
2009-07-30 20:06 73,728 a------- c:\windows\system32\javacpl.cpl
2009-07-30 20:06 410,984 a------- c:\windows\system32\deploytk.dll
2009-07-29 09:04 <DIR> -cd----- c:\windows\system32\dllcache\cache
2009-07-29 08:49 <DIR> a-dshr-- C:\cmdcons
2009-07-29 08:47 219,648 a------- c:\windows\PEV.exe
2009-07-29 08:47 161,792 a------- c:\windows\SWREG.exe
2009-07-29 08:47 98,816 a------- c:\windows\sed.exe
2009-07-22 10:22 <DIR> --d----- c:\program files\common files\Vbox
2009-07-22 10:21 <DIR> --d----- c:\program files\Macromedia
2009-07-22 10:07 166 a------- c:\windows\system32\Compress.res
2009-07-22 10:07 230 a------- c:\windows\reimage.ini
2009-07-22 10:05 <DIR> --d----- c:\program files\Reimage
2009-07-22 09:31 <DIR> --d----- c:\docume~1\owner\applic~1\Error Fix
==================== Find3M ====================
2009-08-14 16:41 1,632 a------- c:\windows\system32\d3d8caps.dat
2009-08-14 14:57 1,744 a------- c:\windows\system32\d3d9caps.dat
2009-08-05 03:11 204,800 a------- c:\windows\system32\mswebdvd.dll
2009-07-27 14:02 811,023 a------- c:\windows\java\packages\LJPRBNX3.ZIP
2009-07-17 12:55 58,880 a------- c:\windows\system32\atl.dll
2009-07-13 23:43 286,208 a------- c:\windows\system32\wmpdxm.dll
2009-06-29 10:12 827,392 a------- c:\windows\system32\wininet.dll
2009-06-29 10:12 78,336 a------- c:\windows\system32\ieencode.dll
2009-06-29 10:12 17,408 -------- c:\windows\system32\corpol.dll
2009-06-25 12:36 661,504 a------- c:\windows\system32\mqqm.dll
2009-06-25 12:36 517,120 a------- c:\windows\system32\mqsnap.dll
2009-06-25 12:36 471,552 a------- c:\windows\system32\mqutil.dll
2009-06-25 12:36 225,280 a------- c:\windows\system32\mqoa.dll
2009-06-25 12:36 186,880 a------- c:\windows\system32\mqtrig.dll
2009-06-25 12:36 177,152 a------- c:\windows\system32\mqrt.dll
2009-06-25 12:36 138,240 a------- c:\windows\system32\mqad.dll
2009-06-25 12:36 123,392 a------- c:\windows\system32\mqrtdep.dll
2009-06-25 12:36 95,744 a------- c:\windows\system32\mqsec.dll
2009-06-25 12:36 48,640 a------- c:\windows\system32\mqupgrd.dll
2009-06-25 12:36 47,104 a------- c:\windows\system32\mqdscli.dll
2009-06-25 12:36 16,896 a------- c:\windows\system32\mqise.dll
2009-06-22 05:49 117,248 a------- c:\windows\system32\mqtgsvc.exe
2009-06-22 05:49 19,968 a------- c:\windows\system32\mqbkup.exe
2009-06-22 05:49 4,608 a------- c:\windows\system32\mqsvc.exe
2009-06-22 05:48 91,776 a------- c:\windows\system32\drivers\mqac.sys
2009-06-16 08:55 119,808 a------- c:\windows\system32\t2embed.dll
2009-06-16 08:55 82,432 a------- c:\windows\system32\fontsub.dll
2009-06-12 05:50 80,896 a------- c:\windows\system32\tlntsess.exe
2009-06-12 05:50 76,288 a------- c:\windows\system32\telnet.exe
2009-06-10 08:21 84,992 a------- c:\windows\system32\avifil32.dll
2009-06-10 00:32 132,096 a------- c:\windows\system32\wkssvc.dll
2009-06-05 01:42 655,872 a------- c:\windows\system32\mstscax.dll
2009-06-03 13:27 1,290,752 a------- c:\windows\system32\quartz.dll
2009-05-19 07:05 1,380,403 a------- c:\windows\system32\avgsdk.dll
2009-05-17 18:29 35,382 a------- c:\windows\scunin.dat
2009-05-17 18:29 94,208 a------- c:\windows\ScUnin.exe
============= FINISH: 19:11:52.96 ===============