Page 2 - Yet another .. no another ... Not valid win32 application

Uninstall.txt

Ad-Aware SE Personal
Adobe Flash Player ActiveX
Adobe Reader 7.0.9
Adobe Shockwave Player
AdwareAlert
Apple Mobile Device Support
Apple Software Update
AutoHotkey 1.0.47.05
AutoPlay Media Studio 5.0 Professional
AVG 7.5
Belkin All-in-One Print Server
BT Home Hub
BT Softphone 1.5.3.6
BT Yahoo! Applications
Calculatem Pro
CCleaner (remove only)
CleanUp!
Combined Community Codec Pack 2007-02-22
Compatibility Pack for the 2007 Office system
Creative EAX Console
Creative Speaker Settings
Device Control
Football Manager 2008
Free DVD MP3 Ripper 1.12
Free iPod Video Converter 1.32
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.0 (KB932471)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB896344)
Hotfix for Windows XP (KB914440)
Hotfix for Windows XP (KB915865)
Hotfix for Windows XP (KB926239)
InterVideo WinDVD
IsoBuster 2.1
iTunes
J2SE Runtime Environment 5.0 Update 10
J2SE Runtime Environment 5.0 Update 11
J2SE Runtime Environment 5.0 Update 6
J2SE Runtime Environment 5.0 Update 9
Java 2 Runtime Environment, SE v1.4.2_05
Java(TM) SE Runtime Environment 6 Update 1
Macromedia Dreamweaver 8
Macromedia Extension Manager
Macromedia Fireworks 8
Malwarebytes' Anti-Malware
Microangelo Toolset 6
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0
Microsoft .NET Framework 3.0
Microsoft .NET Framework 3.0
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office 2003 Primary Interop Assemblies
Microsoft Office Professional Edition 2003
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Visio MUI (English) 2007
Microsoft Office Visio Professional 2007
Microsoft Office Visio Professional 2007
Microsoft Silverlight
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Mindjet MindManager Pro 7
MSXML 4.0 SP2 (KB936181)
MSXML 6.0 Parser (KB933579)
Nero OEM
NeroVision Express 2 SE
News File Grabber 4.5.0.2
NVIDIA Drivers
ODF Add-in for Microsoft Word
Panda ActiveScan 2.0
Poker Tracker Version 2.16.03d
PokerTracker 3 (remove only)
PostgreSQL 8.3
PrimoPDF
PrimoPDF Redistribution Package
psqlODBC
QuickTime
RealPlayer
Realtek AC'97 Audio
Samsung CLP-500 Series
Security Update for Microsoft .NET Framework 2.0 (KB928365)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows Media Player 9 (KB917734)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913433)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB917159)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB918899)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920214)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921503)
Security Update for Windows XP (KB921883)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923694)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925486)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB929123)
Security Update for Windows XP (KB929969)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB931768)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB932168)
Security Update for Windows XP (KB933566)
Security Update for Windows XP (KB933729)
Security Update for Windows XP (KB935839)
Security Update for Windows XP (KB935840)
Security Update for Windows XP (KB936021)
Security Update for Windows XP (KB938829)
Security Update for Windows XP (KB941202)
Security Update for Windows XP (KB941568)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB941644)
Security Update for Windows XP (KB941693)
Security Update for Windows XP (KB943055)
Security Update for Windows XP (KB943460)
Security Update for Windows XP (KB943485)
Security Update for Windows XP (KB944653)
Security Update for Windows XP (KB945553)
Security Update for Windows XP (KB946026)
Security Update for Windows XP (KB948590)
Security Update for Windows XP (KB948881)
SetIP
Shared Add-in Extensibility Update for Microsoft .NET Framework 2.0 (KB908002)
Shared Add-in Support Update for Microsoft .NET Framework 2.0 (KB908002)
SmartTRAK
Spybot - Search & Destroy
Spybot - Search & Destroy 1.5.2.20
SQLite ODBC Driver (remove only)
SUPERAntiSpyware Free Edition
Texas Calculatem 4 with "AutoRead"
TomTom HOME
Update for Windows XP (KB894391)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB904942)
Update for Windows XP (KB908531)
Update for Windows XP (KB910437)
Update for Windows XP (KB911280)
Update for Windows XP (KB916595)
Update for Windows XP (KB920342)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB925720)
Update for Windows XP (KB925876)
Update for Windows XP (KB927891)
Update for Windows XP (KB929338)
Update for Windows XP (KB930916)
Update for Windows XP (KB931836)
Update for Windows XP (KB933360)
Update for Windows XP (KB936357)
Update for Windows XP (KB938828)
Update for Windows XP (KB942763)
Windows Communication Foundation
Windows Imaging Component
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Format SDK Hotfix - KB891122
Windows Media Player 11
Windows Media Player 11
Windows Presentation Foundation
Windows Workflow Foundation
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
WinRAR archiver
WinZip
WordBiz version 1.8

Still more to go...

Copy and paste the following text in the Quote box below into Notepad.
Click on File(in the menu at the top)>Save as../Save as Type: 'All Files' /File name: fix.reg to your desktop.
Then double click on the fix.reg file on your desktopand agree to merge it into the registry,then reboot...





I will be back in a bit with more

Task completed ...... Once again thank you

Items to uninstall...

AdwareAlert

J2SE Runtime Environment 5.0 Update 10
J2SE Runtime Environment 5.0 Update 11
J2SE Runtime Environment 5.0 Update 6
J2SE Runtime Environment 5.0 Update 9
Java 2 Runtime Environment, SE v1.4.2_05
Java(TM) SE Runtime Environment 6 Update 1

Poker Tracker Version 2.16.03d
PokerTracker 3 (remove only)

I see PC tools Antivirus running in your logs but not in your list. Is it already uninstalled?

* Download the latest version of Java Runtime Environment (JRE) 6 Update 5 HERE
* Scroll to Java Runtime Environment (JRE) 6 Update 5 and click on the download button
Click on the Accept License Agreement button
Next select
Download Now! Windows Offline Installation, Multi-language

Now close all windows, including your browser.
Double click on the Java installation that you downloaded and follow the prompts.

NEXT

Open HJT and click scan only, place a check by these entries DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:


O9 - Extra button: PartyGammon.com - {59A861EE-32B3-42cd-8CCA-FC130EDF3A44} - C:\Program Files\PartyGaming\PartyGammon\RunBackGammon.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyGammon.com - {59A861EE-32B3-42cd-8CCA-FC130EDF3A44} - C:\Program Files\PartyGaming\PartyGammon\RunBackGammon.exe (file missing)
O9 - Extra button: PacificPoker - {94EDF7B4-4272-4af3-8F8B-4E2F68E225B7} - C:\PROGRA~1\PACIFI~1\pacificpoker.exe (file missing)
O9 - Extra button: (no name) - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - (no file)
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra button: Ladbrokes Poker - {C2A80015-C447-4dc4-82DD-AED83D6ED57E} - C:\Microgaming\Poker\ladbrokesMPP\MPPoker.exe (file missing
O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)



Close all windows and browsers except HJT and click fix checked.



NEXT


* Please open Notepad (Start -> Run -> type notepad in the Open field -> OK) and copy and paste the text present inside the Quote box below:




* Save this as CFScript.txt and place it on your desktop.





* Referring to the screenshot above, drag CFScript.txt into ComboFix.exe.
* ComboFix will now run a scan on your system. It may reboot your system when it finishes. This is normal.
* When finished, it will produce a log for you. Copy and paste the contents of the log in your next reply.

With a new HJT log


CAUTION: Do not mouse-click ComboFix's window while it is running. That may cause it to stall.
Note: the above code was created specifically for this user. If you are not this user, do NOT follow these directions as they could damage the workings of your system.




Tell me how things are running...

ComboFix 08-04-08.10 - Russ 2008-04-10 16:54:28.6 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.44.1033.18.663 [GMT 1:00]
Running from: C:\Documents and Settings\Russ\Desktop\Combo-Fix.exe
Command switches used :: C:\Documents and Settings\Russ\Desktop\CFscript.txt
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\All Users\Application Data\TEMP
C:\Documents and Settings\Russ\Application Data\Azureus
C:\Documents and Settings\Russ\Application Data\Azureus\.certs
C:\Documents and Settings\Russ\Application Data\Azureus\.keystore
C:\Documents and Settings\Russ\Application Data\Azureus\.lock
C:\Documents and Settings\Russ\Application Data\Azureus\active\20E754084F9F3A4DD20D64125897437434C141CB.dat
C:\Documents and Settings\Russ\Application Data\Azureus\active\9AE5F41377EE1EB261B7FFD87D41138E37967CAA.dat
C:\Documents and Settings\Russ\Application Data\Azureus\active\A5922085C756BF356947D8526F8E3D272AB94C31.dat
C:\Documents and Settings\Russ\Application Data\Azureus\active\cache.dat
C:\Documents and Settings\Russ\Application Data\Azureus\azureus.config
C:\Documents and Settings\Russ\Application Data\Azureus\azureus.statistics
C:\Documents and Settings\Russ\Application Data\Azureus\banips.config
C:\Documents and Settings\Russ\Application Data\Azureus\dht\addresses.dat
C:\Documents and Settings\Russ\Application Data\Azureus\dht\contacts.dat
C:\Documents and Settings\Russ\Application Data\Azureus\dht\diverse.dat
C:\Documents and Settings\Russ\Application Data\Azureus\dht\general.dat
C:\Documents and Settings\Russ\Application Data\Azureus\dht\version.dat
C:\Documents and Settings\Russ\Application Data\Azureus\downloads.config
C:\Documents and Settings\Russ\Application Data\Azureus\ipfilter.cache
C:\Documents and Settings\Russ\Application Data\Azureus\logs\alerts_1.log
C:\Documents and Settings\Russ\Application Data\Azureus\logs\debug_1.log
C:\Documents and Settings\Russ\Application Data\Azureus\logs\seltrace_1.log
C:\Documents and Settings\Russ\Application Data\Azureus\logs\SpeedMan_1.log
C:\Documents and Settings\Russ\Application Data\Azureus\logs\thread_1.log
C:\Documents and Settings\Russ\Application Data\Azureus\logs\v3.ads_1.log
C:\Documents and Settings\Russ\Application Data\Azureus\logs\v3.CMsgr_1.log
C:\Documents and Settings\Russ\Application Data\Azureus\logs\v3.MD_1.log
C:\Documents and Settings\Russ\Application Data\Azureus\logs\v3.PMsgr_1.log
C:\Documents and Settings\Russ\Application Data\Azureus\logs\v3.Stream_1.log
C:\Documents and Settings\Russ\Application Data\Azureus\logs\v3.STres_1.log
C:\Documents and Settings\Russ\Application Data\Azureus\net\pm_2856.dat
C:\Documents and Settings\Russ\Application Data\Azureus\tmp\speedTestTorrent.torrent
C:\Documents and Settings\Russ\Application Data\Azureus\tracker.config
C:\Documents and Settings\Russ\Application Data\Azureus\unsentdata.config
C:\Documents and Settings\Russ\Application Data\Azureus\update.log
C:\Documents and Settings\Russ\Application Data\Azureus\update.properties
C:\Program Files\DNA
C:\Program Files\DNA\btdna.exe

.
((((((((((((((((((((((((( Files Created from 2008-03-10 to 2008-04-10 )))))))))))))))))))))))))))))))
.

2008-04-10 16:56 . 2008-04-10 16:56 53,248 --a------ C:\temp\catchme.dll
2008-04-10 16:50 . 2008-04-10 16:50 <DIR> d-------- C:\Program Files\Java
2008-04-10 16:50 . 2008-04-10 16:50 <DIR> d-------- C:\Program Files\Common Files\Java
2008-04-10 16:50 . 2008-02-22 02:33 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-04-10 16:41 . 2008-04-10 16:50 <DIR> d-------- C:\temp\hsperfdata_Russ
2008-04-10 16:41 . 2008-04-10 16:41 16,384 --a----t- C:\temp\Perflib_Perfdata_544.dat
2008-04-10 15:58 . 2008-04-10 15:58 <DIR> d-------- C:\temp\WPDNSE
2008-04-10 15:36 . 2008-04-10 16:56 <DIR> d-------- C:\temp
2008-04-10 15:31 . 2008-04-10 15:31 <DIR> d-------- C:\Program Files\Trend Micro
2008-04-09 16:27 . 2008-04-09 17:02 <DIR> d-------- C:\Program Files\SUPERAntiSpyware
2008-04-09 16:27 . 2008-04-09 16:27 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-04-09 16:27 . 2008-04-09 16:27 <DIR> d-------- C:\Documents and Settings\Russ\Application Data\SUPERAntiSpyware.com
2008-04-09 16:27 . 2008-04-09 16:27 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-04-09 16:07 . 2008-04-09 23:55 <DIR> d-------- C:\Program Files\CleanUp!
2008-04-09 12:42 . 2008-04-09 12:42 <DIR> d-------- C:\Documents and Settings\Russ\Application Data\Malwarebytes
2008-04-09 12:41 . 2008-04-09 12:41 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-04-09 12:41 . 2008-04-09 12:41 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-04-09 10:31 . 2008-04-09 12:08 <DIR> d-------- C:\Documents and Settings\Russ\Application Data\AVG7
2008-04-09 10:31 . 2008-04-09 10:31 <DIR> d-------- C:\Documents and Settings\LocalService\Application Data\AVG7
2008-04-09 10:31 . 2008-04-09 10:31 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-04-09 10:31 . 2008-04-09 10:33 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\avg7
2008-04-09 09:57 . 2008-04-09 09:58 <DIR> d-------- C:\Program Files\CCleaner
2008-04-09 09:21 . 2008-04-09 09:25 <DIR> d-------- C:\Program Files\Panda Security
2008-04-09 00:01 . 2008-04-09 00:01 <DIR> d-------- C:\Program Files\Advantage Analysis
2008-04-08 23:03 . 2008-04-09 04:25 <DIR> d-------- C:\Documents and Settings\Russ\.housecall6.6
2008-04-08 22:53 . 2008-04-10 10:25 <DIR> d-------- C:\WINDOWS\BDOSCAN8
2008-04-08 21:25 . 2008-04-10 13:24 <DIR> d-------- C:\Program Files\Comodo
2008-04-08 21:25 . 2007-11-26 10:38 238,848 --a------ C:\WINDOWS\UNBOC.EXE
2008-04-08 21:25 . 2007-05-08 17:01 208,896 --a------ C:\WINDOWS\CMDLIC.DLL
2008-04-08 21:25 . 2004-08-04 13:00 22,528 --a------ C:\WINDOWS\system32\wsock32.dlb
2008-04-08 21:11 . 2008-04-08 21:11 <DIR> d-------- C:\Program Files\Common Files\PC Tools
2008-04-03 15:13 . 2008-04-03 15:13 <DIR> d-------- C:\Program Files\iPod
2008-03-28 23:37 . 2008-03-28 23:37 90,112 --a------ C:\WINDOWS\system32\QuickTimeVR.qtx
2008-03-28 23:37 . 2008-03-28 23:37 57,344 --a------ C:\WINDOWS\system32\QuickTime.qts
2008-03-25 18:35 . 2008-03-25 18:35 <DIR> d-------- C:\Program Files\WordBiz

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-10 12:25 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-04-09 16:31 --------- d-----w C:\Program Files\btbb_wcm
2008-04-09 15:48 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-04-09 15:08 --------- d-----w C:\Documents and Settings\Russ\Application Data\Pro Cycling Manager 2007
2008-04-03 18:47 --------- d-----w C:\Documents and Settings\Russ\Application Data\Kontiki
2008-04-03 14:13 --------- d-----w C:\Program Files\iTunes
2008-04-03 14:12 --------- d-----w C:\Program Files\QuickTime
2008-03-27 17:19 --------- d-----w C:\Documents and Settings\Russ\Application Data\Apple Computer
2008-03-19 09:47 1,845,248 ----a-w C:\WINDOWS\system32\win32k.sys
2008-03-06 15:54 --------- d-----w C:\Program Files\RVG Software
2008-03-01 13:06 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2008-02-27 06:20 --------- d-----w C:\Documents and Settings\Russ\Application Data\Microgaming
2008-02-24 18:33 --------- d-----w C:\Documents and Settings\Russ\Application Data\postgresql
2008-02-20 06:51 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll
2008-02-20 05:32 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll
2008-02-18 19:31 --------- d-----w C:\Program Files\Clever Age
2008-02-18 19:30 --------- d-----w C:\Program Files\MSECache
2008-02-13 15:21 --------- d-----w C:\Program Files\Microsoft Silverlight
2008-02-12 07:56 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-02-10 20:52 691,545 ----a-w C:\WINDOWS\unins000.exe
2008-01-29 11:02 107,368 ----a-w C:\WINDOWS\system32\GEARAspi.dll
2008-01-21 20:02 737,280 ----a-w C:\WINDOWS\iun6002.exe
.

((((((((((((((((((((((((((((( snapshot@2008-04-10_13.54.55.23 )))))))))))))))))))))))))))))))))))))))))
.
- 2007-03-13 23:31:24 135,168 ----a-w C:\WINDOWS\system32\java.exe
+ 2008-02-22 00:23:35 135,168 ----a-w C:\WINDOWS\system32\java.exe
- 2007-03-13 23:31:28 135,168 ----a-w C:\WINDOWS\system32\javaw.exe
+ 2008-02-22 00:23:39 135,168 ----a-w C:\WINDOWS\system32\javaw.exe
- 2007-03-14 01:04:46 139,264 ----a-w C:\WINDOWS\system32\javaws.exe
+ 2008-02-22 01:33:32 139,264 ----a-w C:\WINDOWS\system32\javaws.exe
- 2008-04-10 12:50:45 71,084 ----a-w C:\WINDOWS\system32\perfc009.dat
+ 2008-04-10 14:59:47 71,084 ----a-w C:\WINDOWS\system32\perfc009.dat
- 2008-04-10 12:50:45 439,572 ----a-w C:\WINDOWS\system32\perfh009.dat
+ 2008-04-10 14:59:47 439,572 ----a-w C:\WINDOWS\system32\perfh009.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{07A11D74-9D25-4fea-A833-8B0D76A5577A}]
2007-05-18 00:05 71184 -ra------ C:\Program Files\Mindjet\MindManager 7\Mm7InternetExplorer.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 17:24 1694208]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 13:00 15360]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-02-29 16:03 1481968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Server Application for MFP Server"="C:\Program Files\Belkin\All-in-One Print Server\ServoApp.exe" [2006-08-03 16:21 290816]
"MFP Server Agent"="C:\Program Files\Belkin\All-in-One Print Server\MFPAgent.exe" [2006-08-31 08:44 716800]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-08-11 21:43 7630848]
"btbb_wcm_McciTrayApp"="C:\Program Files\btbb_wcm\McciTrayApp.exe" [ ]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 10:36 267048]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2008-04-09 15:37 579072]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2008-04-09 15:29 219136]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 12:55 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 12:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
Trusted 107e

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"eyeBeam SIP Client"="C:\Program Files\BT Broadband Talk Softphone\BTSoftphone.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
"TomTomHOME.exe"="C:\Program Files\TomTom HOME\TomTomHOME.exe" -s
"YBrowser"=C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
"btbb_wcm_McciTrayApp"=C:\Program Files\btbb_wcm\McciTrayApp.exe
"NvCplDaemon"=RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
"NvMediaCenter"=RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
"P17Helper"=Rundll32 P17.dll,P17Helper
"WinGuard Pro"=C:\WINDOWS\system32\wgp.exe
"btbb_McciTrayApp"=C:\Program Files\BT Broadband Desktop Help\bin\BTHelpNotifier.exe
"PCTAVApp"="C:\Program Files\PC Tools AntiVirus\PCTAV.exe" /MONITORSCAN

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe"=
"C:\\WINDOWS\\kdx\\KHost.exe"=
"C:\\Program Files\\BT Broadband Desktop Help\\bin\\BTHelpBrowser.exe"=
"C:\\Program Files\\Sony\\Station\\LaunchPad\\LaunchPad.exe"=
"C:\\Program Files\\Sports Interactive\\Football Manager 2008\\fm.exe"=
"C:\\WINDOWS\\system32\\mmc.exe"=
"C:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe"=
"C:\\Program Files\\Grisoft\\AVG7\\avgemc.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\Grisoft\\AVG7\\avginet.exe"=
"C:\\Program Files\\Grisoft\\AVG7\\avgcc.exe"=

R2 ALIWEHCD;Belkin All-In-One Print Server Enhanced Controller;C:\WINDOWS\system32\Drivers\mfpec.sys [2006-07-24 17:54]
R2 pgsql-8.3;PostgreSQL Database Server 8.3;C:\Poker\PostgreSQL\8.3\bin\pg_ctl.exe runservice -w -N "pgsql-8.3" -D "C:\Poker\PostgreSQL\8.3\data\" []
R3 WUSBVBus;MFP Server Detector;C:\WINDOWS\system32\DRIVERS\mfpvbus.sys [2006-08-03 16:52]
S3 p17filt;p17filt;C:\WINDOWS\system32\drivers\p17filt.sys [2006-03-20 18:34]

.
Contents of the 'Scheduled Tasks' folder
"2008-04-10 13:51:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************

catchme 0.3.1351 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-10 16:56:12
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

? [400]

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-04-10 16:56:40
ComboFix-quarantined-files.txt 2008-04-10 15:56:35
ComboFix2.txt 2008-04-10 14:36:30
ComboFix3.txt 2008-04-10 12:55:13
ComboFix4.txt 2008-04-09 15:59:33
Pre-Run: 19,981,803,520 bytes free
Post-Run: 19,966,472,192 bytes free
.
2008-04-09 20:07:30 --- E O F ---

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:58, on 2008-04-10
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\BT Home Hub\Wireless Configuration\WirelessDaemon.exe
C:\Program Files\Belkin\All-in-One Print Server\ServoApp.exe
C:\Program Files\Belkin\All-in-One Print Server\MFPAgent.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.red.clientapps.yahoo.com/customize/btyahoo/defaults/su/*http://uk.search.yahoo.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: CmjBrowserHelperObject Object - {07A11D74-9D25-4fea-A833-8B0D76A5577A} - C:\Program Files\Mindjet\MindManager 7\Mm7InternetExplorer.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\PROGRA~1\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: SidebarAutoLaunch Class - {F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D} - C:\Program Files\Yahoo!\browser\YSidebarIEBHO.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [Server Application for MFP Server] "C:\Program Files\Belkin\All-in-One Print Server\ServoApp.exe"
O4 - HKLM\..\Run: [MFP Server Agent] "C:\Program Files\Belkin\All-in-One Print Server\MFPAgent.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [btbb_wcm_McciTrayApp] C:\Program Files\btbb_wcm\McciTrayApp.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1229272821-963894560-1801674531-1014\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'postgres')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: BT Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\PROGRA~1\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Send to Mindjet MindManager - {941E1A34-C6AF-4baa-A973-224F9C3E04BF} - C:\Program Files\Mindjet\MindManager 7\Mm7InternetExplorer.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15026/CTSUEng.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/FacebookPhotoUploader.cab
O16 - DPF: {A93B47FD-9BF6-4DA8-97FC-9270B9D64A6C} (VaPgCtrl Class) - http://safeharbor.dyndns.org/plugin/h263ctrl.cab
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {C606BA60-AB76-48B6-96A7-2C4D5C386F70} (PreQualifier Class) - http://help.broadbandassist.com/bbdesktop/PreQual/files/MotivePreQual.cab
O16 - DPF: {F9043C85-F6F2-101A-A3C9-08002B2F49FB} (Microsoft Common Dialog Control, version 5.0 (SP2)) -
O16 - DPF: {FB5FBB7F-92B4-11D3-8332-00C04F8B209E} (Genesys Webtour Control) - https://content101.mc.iconf.net/gcc_installer/webtour/astbrowserquery.cab
O16 - DPF: {FBE37597-190E-4A06-978F-E39037999049} (Genesys Component Installer) - http://content101.mc.iconf.net/gcc_installer/gmcinstaller.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PostgreSQL Database Server 8.3 (pgsql-8.3) - PostgreSQL Global Development Group - C:\Poker\PostgreSQL\8.3\bin\pg_ctl.exe
O23 - Service: Wireless Adapter Configurator - Tech Mahindra- PUNE - C:\Program Files\BT Home Hub\Wireless Configuration\WirelessDaemon.exe
O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPCSER~1.EXE

--
End of file - 8697 bytes

Tell me how things are running...[/QUOTE]

Problems resolved:-
Not a valid win32 application - resolved
no firewall - resolved
no antivirus will load on startup. - resolved
cannot boot into 'safe' mode - resolved

Problems still apparent:-
Wireless icon indicating not connected but i have a wireless connection - not resolved

Also if i 'right-click' on any network connection i get the following message 'unexpected error'

Lets take a different look


Download Deckard's System Scanner. HERE

1. Close all applications and windows.
2. Double-click on dss.exe to run it, and follow the prompts.
3. When the scan is complete, a text file will open - Main.txt
4. Copy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of Main.txt in your thread here.
5. A folder, C:\Deckard, will also open. In it will be another text file, Extra.txt.
6. Attach Extra.txt to your post.

Note: some firewalls may warn that sigcheck.exe is trying to access the internet - please ensure that you allow sigcheck.exe permission to do so.

What Deckard's System Scanner will do:

* create a new System Restore point in Windows XP and Vista.
* clean your Temporary Files, Downloaded Program Files, and Internet Cache Files, and also empty the Recycle Bin on all drives.
* check some important areas of your system and produce a report for your analyst to review. Deckard's System Scanner automatically runs HijackThis for you, but it will also install and place a shortcut to HijackThis on your desktop if you do not already have HijackThis installed.


When you get the two notepad documents, click somewhere inside the notepad document and hold CTRL/Control and press A then C. This will "select all" and "copy" the text.

Please post both of the logs.

Main Txt

Deckard's System Scanner v20071014.68
Run by Russ on 2008-04-10 17:34:34
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
14: 2008-04-10 16:34:40 UTC - RP14 - Deckard's System Scanner Restore Point
13: 2008-04-10 16:07:50 UTC - RP13 - Installed AVG 7.5
12: 2008-04-10 15:54:18 UTC - RP12 - ComboFix created restore point
11: 2008-04-10 15:50:07 UTC - RP11 - Installed Java(TM) 6 Update 5
10: 2008-04-10 15:41:55 UTC - RP10 - Removed Java(TM) SE Runtime Environment 6 Update 1


-- First Restore Point --
1: 2008-04-10 09:24:53 UTC - RP1 - System Checkpoint


Backed up registry hives.
Performed disk cleanup.



-- HijackThis (run as Russ.exe) ------------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:35, on 2008-04-10
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\BT Home Hub\Wireless Configuration\WirelessDaemon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Belkin\All-in-One Print Server\ServoApp.exe
C:\Program Files\Belkin\All-in-One Print Server\MFPAgent.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Documents and Settings\Russ\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Russ.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.red.clientapps.yahoo.com/customize/btyahoo/defaults/su/*http://uk.search.yahoo.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: CmjBrowserHelperObject Object - {07A11D74-9D25-4fea-A833-8B0D76A5577A} - C:\Program Files\Mindjet\MindManager 7\Mm7InternetExplorer.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\PROGRA~1\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: SidebarAutoLaunch Class - {F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D} - C:\Program Files\Yahoo!\browser\YSidebarIEBHO.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [Server Application for MFP Server] "C:\Program Files\Belkin\All-in-One Print Server\ServoApp.exe"
O4 - HKLM\..\Run: [MFP S