Cozzas malware thread

cozza

What is the best to down load for free and all the others shall i delete ?

cozza

I have downloaded malware bytes / advance system care /. cc cleaner / super antispyware remover and hijack this .

aliEnRIK

cozza ~ I need a NEW hijack scan.
The one you posted is an OLD one

cozza

I may be sounding thick but is one of them above on my thread will they do or have i got to get a new one ? as i am not sure wether these ones are ok ?

cozza

I am just downloading a new avira to see if i can use that

cozza

vira AntiVir Personal
Report file date: 01 June 2009 15:53

Scanning for 1284893 virus strains and unwanted programs.

Licensee : Avira AntiVir Personal - FREE Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows Vista
Windows version : (Service Pack 2) [6.0.6002]
Boot mode : Normally booted
Username : carol
Computer name : CAZ-PC

Version information:
BUILD.DAT : 9.0.0.394 17962 Bytes 17/04/2009 11:20:00
AVSCAN.EXE : 9.0.3.5 466689 Bytes 17/04/2009 08:57:30
AVSCAN.DLL : 9.0.3.0 40705 Bytes 27/02/2009 10:58:24
LUKE.DLL : 9.0.3.2 209665 Bytes 20/02/2009 11:35:49
LUKERES.DLL : 9.0.2.0 12033 Bytes 27/02/2009 10:58:52
ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27/10/2008 12:30:36
ANTIVIR1.VDF : 7.1.2.12 3336192 Bytes 11/02/2009 20:33:26
ANTIVIR2.VDF : 7.1.2.105 513536 Bytes 03/03/2009 07:41:14
ANTIVIR3.VDF : 7.1.2.127 110592 Bytes 05/03/2009 14:58:20
Engineversion : 8.2.0.100
AEVDF.DLL : 8.1.1.0 106868 Bytes 27/01/2009 17:36:42
AESCRIPT.DLL : 8.1.1.56 352634 Bytes 26/02/2009 20:01:56
AESCN.DLL : 8.1.1.7 127347 Bytes 12/02/2009 11:44:25
AERDL.DLL : 8.1.1.3 438645 Bytes 29/10/2008 18:24:41
AEPACK.DLL : 8.1.3.10 397686 Bytes 04/03/2009 13:06:10
AEOFFICE.DLL : 8.1.0.36 196987 Bytes 26/02/2009 20:01:56
AEHEUR.DLL : 8.1.0.100 1618295 Bytes 25/02/2009 15:49:16
AEHELP.DLL : 8.1.2.2 119158 Bytes 26/02/2009 20:01:56
AEGEN.DLL : 8.1.1.24 336244 Bytes 04/03/2009 13:06:10
AEEMU.DLL : 8.1.0.9 393588 Bytes 09/10/2008 14:32:40
AECORE.DLL : 8.1.6.6 176501 Bytes 17/02/2009 14:22:44
AEBB.DLL : 8.1.0.3 53618 Bytes 09/10/2008 14:32:40
AVWINLL.DLL : 9.0.0.3 18177 Bytes 12/12/2008 08:47:59
AVPREF.DLL : 9.0.0.1 43777 Bytes 05/12/2008 10:32:15
AVREP.DLL : 8.0.0.3 155905 Bytes 20/01/2009 14:34:28
AVREG.DLL : 9.0.0.0 36609 Bytes 05/12/2008 10:32:09
AVARKT.DLL : 9.0.0.3 292609 Bytes 24/03/2009 15:05:41
AVEVTLOG.DLL : 9.0.0.7 167169 Bytes 30/01/2009 10:37:08
SQLITE3.DLL : 3.6.1.0 326401 Bytes 28/01/2009 15:03:49
SMTPLIB.DLL : 9.2.0.25 28417 Bytes 02/02/2009 08:21:33
NETNT.DLL : 9.0.0.0 11521 Bytes 05/12/2008 10:32:10
RCIMAGE.DLL : 9.0.0.21 2438401 Bytes 09/02/2009 11:45:45
RCTEXT.DLL : 9.0.37.0 86785 Bytes 17/04/2009 10:19:48

Configuration settings for the scan:
Jobname.............................: Short system scan after installation
Configuration file..................: c:\program files\avira\antivir desktop\setupprf.dat
Logging.............................: low
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Process scan........................: on
Scan registry.......................: on
Search for rootkits.................: off
Integrity checking of system files..: off
Scan all files......................: Intelligent file selection
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium

Start of the scan: 01 June 2009 15:53

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avconfig.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'VSSVC.exe' - '1' Module(s) have been scanned
Scan process 'setup.exe' - '1' Module(s) have been scanned
Scan process 'msiexec.exe' - '1' Module(s) have been scanned
Scan process 'presetup.exe' - '1' Module(s) have been scanned
Scan process 'avira_antivir_personal_en.exe' - '1' Module(s) have been scanned
Scan process 'wlcomm.exe' - '1' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
Scan process 'firefox.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'WmiPrvSE.exe' - '1' Module(s) have been scanned
Scan process 'unsecapp.exe' - '1' Module(s) have been scanned
Scan process 'wmpnetwk.exe' - '1' Module(s) have been scanned
Scan process 'wmpnscfg.exe' - '1' Module(s) have been scanned
Scan process 'sprtcmd.exe' - '1' Module(s) have been scanned
Scan process 'eDSloader.exe' - '1' Module(s) have been scanned
Scan process 'dwm.exe' - '1' Module(s) have been scanned
Scan process 'taskeng.exe' - '1' Module(s) have been scanned
Scan process 'taskeng.exe' - '1' Module(s) have been scanned
Scan process 'LifeTray.exe' - '1' Module(s) have been scanned
Scan process 'CLSched.exe' - '1' Module(s) have been scanned
Scan process 'eRecoveryService.exe' - '1' Module(s) have been scanned
Scan process 'SearchIndexer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'tgsrvc.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'sprtsvc.exe' - '1' Module(s) have been scanned
Scan process 'SeaPort.exe' - '1' Module(s) have been scanned
Scan process 'RichVideo.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'MSCamS32.exe' - '1' Module(s) have been scanned
Scan process 'LSSrvc.exe' - '1' Module(s) have been scanned
Scan process 'eDSService.exe' - '1' Module(s) have been scanned
Scan process 'CLCapSvc.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned
Scan process 'MemCheck.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'SLsvc.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'audiodg.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsm.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'avgrsx.exe' - '1' Module(s) have been scanned
Scan process 'wininit.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
63 processes with 63 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
[INFO] Please restart the search with Administrator rights
Master boot sector HD2
[INFO] No virus was found!
[INFO] Please restart the search with Administrator rights
Master boot sector HD3
[INFO] No virus was found!
[INFO] Please restart the search with Administrator rights
Master boot sector HD4
[INFO] No virus was found!
[INFO] Please restart the search with Administrator rights

Start scanning boot sectors:

Starting to scan executable files (registry).
The registry was scanned ( '40' files ).



End of the scan: 01 June 2009 15:54
Used time: 00:25 Minute(s)

The scan has been done completely.

0 Scanned directories
468 Files were scanned
0 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 files were deleted
0 Viruses and unwanted programs were repaired
0 Files were moved to quarantine
0 Files were renamed
0 Files cannot be scanned
468 Files not concerned
3 Archives were scanned
0 Warnings
0 Notes

cozza

this is what happens when i try to update avira

vira AntiVir Personal - Free Antivirus Updater

Creation time: Mon Jun 01 15:56:47 2009


Operating system:
Windows Vista (Service Pack 2) [6.0.6002]

Product information:
Product version: 9.0.0.394
Updater: C:\Program Files\Avira\AntiVir Desktop\update.exe 9.0.0.46
Plugin: C:\Program Files\Avira\AntiVir Desktop\updext.dll 9.0.0.6

Temp Directory: C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\
Backup folder: C:\ProgramData\Avira\AntiVir Desktop\BACKUP\
Installation Directory: C:\Program Files\Avira\AntiVir Desktop\
Updater folder: C:\Program Files\Avira\AntiVir Desktop\
AppData folder: C:\ProgramData\Avira\AntiVir Desktop\


[UPD] [INFO] Checking whether newer files are available.
[UPD] [INFO] Select update server 'http://80.190.143.235/update'.
[UPD] [INFO] Downloading of 'http://80.190.143.235/update/idx/master.idx' to 'C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
[UPD] [INFO] Downloading of 'http://80.190.143.235/update/idx/wks_avira-win32-en-pecl.idx' to 'C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\idx\wks_avira-win32-en-pecl.idx'.
[UPD] [INFO] Downloading of 'http://80.190.143.235/update/idx/wks_avira-win32-en-pecl.info.gz' to 'C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\idx\wks_avira-win32-en-pecl.info.gz'.
[UPD] [INFO] Downloading of 'http://80.190.143.235/update/idx/vdf.info.gz' to 'C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\idx\vdf.info.gz'.
[UPD] [INFO] Downloading of 'http://80.190.143.235/update/idx/ave2-win32-int.info.gz' to 'C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\idx\ave2-win32-int.info.gz'.
[UPD] [INFO] Downloading of 'http://80.190.143.235/update/idx/specvir-win32-int.info.gz' to 'C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\idx\specvir-win32-int.info.gz'.
[UPD] [INFO] Downloading of 'http://80.190.143.235/update/idx/wks_avira-win32-en-pecl-info.info.gz' to 'C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\idx\wks_avira-win32-en-pecl-info.info.gz'.
[UPD] [INFO] Compare local files with status of update server
[UPD] [INFO] Checking module SELFUPDATE:
[UPD] [INFO] Checking module VDF:
[UPD] [INFO] File 'vdf/antivir2.vdf' (local, server): 7.1.2.105 < 7.1.4.38
[UPD] [INFO] File 'vdf/antivir3.vdf' (local, server): 7.1.2.127 < 7.1.4.41
[UPD] [INFO] Checking module AVE2:
[UPD] [INFO] File 'ave2/win32/int/aecore.dll' (local, server): 8.1.6.6 < 8.1.6.12
[UPD] [INFO] File 'ave2/win32/int/aegen.dll' (local, server): 8.1.1.24 < 8.1.1.44
[UPD] [INFO] File 'ave2/win32/int/aeheur.dll' (local, server): 8.1.0.100 < 8.1.0.129
[UPD] [INFO] File 'ave2/win32/int/aepack.dll' (local, server): 8.1.3.10 < 8.1.3.18
[UPD] [INFO] File 'ave2/win32/int/aescn.dll' (local, server): 8.1.1.7 < 8.1.2.3
[UPD] [INFO] File 'ave2/win32/int/aescript.dll' (local, server): 8.1.1.56 < 8.1.2.0
[UPD] [INFO] File 'ave2/win32/int/aeset.dat' (local, server): 8.2.0.100 < 8.2.0.180
[UPD] [INFO] File 'ave2/win32/int/aevdf.dll' (local, server): 8.1.1.0 < 8.1.1.1
[UPD] [INFO] Checking module AVREP_NT:
[UPD] [INFO] Checking module MAIN:
[UPD] [INFO] The file 'wks_avira/win32/en/basic-nt/avupgsvc.exe' has been marked with the IGNORE flag and is therefore not included.
[UPD] [INFO] The file 'wks_avira/win32/en/basic-nt/presetup.exe' has been marked with the IGNORE flag and is therefore not included.
[UPD] [INFO] The file 'wks_avira/win32/en/basic-nt/vcredist_x86.exe' has been marked with the IGNORE flag and is therefore not included.
[UPD] [INFO] The file 'wks_avira/win32/en/classic-nt/filelist.ini' has been marked with the IGNORE flag and is therefore not included.
[UPD] [INFO] The file 'wks_avira/win32/en/classic-nt/product.ini' has been marked with the IGNORE flag and is therefore not included.
[UPD] [INFO] Checking module COMMAPPDATA_AV:
[UPD] [INFO] File'wks_avira/win32/en/basic-nt/addr_file.html' is already installed and is not being updated.
[UPD] [INFO] Checking module COMMAPP:
[UPD] [INFO] File'wks_avira/win32/en/classic-nt/produpd.avj' is already installed and is not being updated.
[UPD] [INFO] File'wks_avira/win32/en/classic-nt/scanjob.avj' is already installed and is not being updated.
[UPD] [INFO] File'wks_avira/win32/en/classic-nt/startupd.avj' is already installed and is not being updated.
[UPD] [INFO] File'wks_avira/win32/en/classic-nt/updjob.avj' is already installed and is not being updated.
[UPD] [INFO] Checking module COMMAPDATA_AV_PROFILES:
[UPD] [INFO] File'wks_avira/win32/en/classic-nt/folder.avp' is already installed and is not being updated.
[UPD] [INFO] File'wks_avira/win32/en/classic-nt/rootkit.avp' is already installed and is not being updated.
[UPD] [INFO] Checking module TEXT:
[UPD] [INFO] File'wks_avira/win32/en/classic-nt/eula.txt' is already installed and is not being updated.
[UPD] [INFO] Checking module DRV:
[UPD] [INFO] File 'wks_avira/win32/en/basic-nt/xp/avgntdd.sys' does not exist and is being installed.
[UPD] [INFO] File 'wks_avira/win32/en/basic-nt/xp/avgntmgr.sys' does not exist and is being installed.
[UPD] [INFO] Checking module PRODINFO:
[UPD] [INFO] 'C:\ProgramData\Avira\AntiVir Desktop\BACKUP\' requires 3741861 bytes of free disk space.
[UPD] [INFO] 'C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\' requires 12088660 bytes of free disk space.
[UPD] [INFO] 'C:\Program Files\Avira\AntiVir Desktop\' requires 6044330 bytes of free disk space.
[UPD] [INFO] Disk space OK.
[UPD] [INFO] Drive: C:\, free capacity: 2238832640 bytes.
[UPD] [INFO] New files are being downloaded...
[UPD] [INFO] Downloading of 'http://80.190.143.235/update/vdf/antivir2.vdf.gz' to 'C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\vdf\antivir2.vdf.gz'.
[UPD] [INFO] Downloading of 'http://80.190.143.235/update/vdf/antivir3.vdf.gz' to 'C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\vdf\antivir3.vdf.gz'.
[UPD] [INFO] Downloading of 'http://80.190.143.235/update/ave2/win32/int/aecore.dll.gz' to 'C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\ave2\win32\int\aecore.dll.gz'.
[UPD] [INFO] Downloading of 'http://80.190.143.235/update/ave2/win32/int/aegen.dll.gz' to 'C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\ave2\win32\int\aegen.dll.gz'.
[UPD] [INFO] Downloading of 'http://80.190.143.235/update/ave2/win32/int/aeheur.dll.gz' to 'C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\ave2\win32\int\aeheur.dll.gz'.
[UPD] [INFO] Downloading of 'http://80.190.143.235/update/ave2/win32/int/aepack.dll.gz' to 'C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\ave2\win32\int\aepack.dll.gz'.
[UPD] [INFO] Downloading of 'http://80.190.143.235/update/ave2/win32/int/aescn.dll.gz' to 'C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\ave2\win32\int\aescn.dll.gz'.
[UPD] [INFO] Downloading of 'http://80.190.143.235/update/ave2/win32/int/aescript.dll.gz' to 'C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\ave2\win32\int\aescript.dll.gz'.
[UPD] [INFO] Downloading of 'http://80.190.143.235/update/ave2/win32/int/aeset.dat.gz' to 'C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\ave2\win32\int\aeset.dat.gz'.
[UPD] [INFO] Downloading of 'http://80.190.143.235/update/ave2/win32/int/aevdf.dll.gz' to 'C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\ave2\win32\int\aevdf.dll.gz'.
[UPD] [INFO] License file: Full version
[UPD] [ERROR] 'C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\.\ave2\win32\int\aeheur.dll' could not be copied to 'C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\VALIDATION\aeheur.dll'. Error: 5
[UPD] [ERROR] Validation of the engine failed.

Summary:
********
10 Files downloaded
0 Files installed

15:57:15 The update failed!

aliEnRIK

cozza wrote: »

I may be sounding thick but is one of them above on my thread will they do or have i got to get a new one ? as i am not sure wether these ones are ok ?

I need you to RE SCAN using hijack and postme the NEW log
Delete the original log from your computer so you dont repost it

cozza

ogfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:23:52, on 01/06/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Program Files\TalkTalk\bin\sprtcmd.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\Explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aol.co.uk/talktalk
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://en.uk.acer.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [TalkTalk] "C:\Program Files\TalkTalk\bin\sprtcmd.exe" /P TalkTalk
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe (file missing)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O13 - Gopher Prefix:
O16 - DPF: {0CFA086E-6336-4D95-B6AA-90F564E99631} (TNSClicker.Clicker) - http://www.shopandscan.com/TNSClicker.CAB
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/FacebookPhotoUploader3.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - AppInit_DLLs: C:\Windows\System32\avgrsstx.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\CLSched.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eDataSecurity Service - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe
O23 - Service: SupportSoft Sprocket Service (TalkTalk) (sprtsvc_TalkTalk) - SupportSoft, Inc. - C:\Program Files\TalkTalk\bin\sprtsvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Common Files\Supportsoft\bin\ssrc.exe
O23 - Service: SupportSoft Repair Service (TalkTalk) (tgsrvc_TalkTalk) - SupportSoft, Inc. - C:\Program Files\Common Files\Supportsoft\bin\tgsrvc.exe

--
End of file - 8963 bytes

aliEnRIK

ok

then run a KASPERSKY ONLINE SCAN (click to scan 'MY COMPUTER')
http://www.kaspersky.co.uk/virusscanner
Please post the complete log it creates
I need the complete log as it only SCANS