TheTechGuide Forum

General Category => Tech Clinic => Topic started by: cashy_dria on March 28, 2009, 02:55:40 PM

Title: Yoog Problem
Post by: cashy_dria on March 28, 2009, 02:55:40 PM

I have a yoog toolbar active and it seems to be causing various problems on ma pc how can i get rid of it

Title: Yoog Problem
Post by: guestolo on March 28, 2009, 03:37:01 PM

Download DDS by sUBs from one of the following links. Save it to your desktop.

• [color=\"#0000FF\"]DDS.scr[/color] (http://\"http://download.bleepingcomputer.com/sUBs/dds.scr\")
           
  
• [color=\"#0000FF\"]DDS.pif[/color] (http://\"http://www.forospyware.com/sUBs/dds\")
  

Double click on the DDS icon, allow it to run.
A small box will open, with an explaination about the tool. No input is needed, the scan is running.
Notepad will open with the results.
Follow the instructions that pop up for posting the results.

It will prompt to attach one log, you can simply Copy and paste it to a response
 
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet

Title: Yoog Problem
Post by: cashy_dria on March 28, 2009, 08:39:44 PM

[quote name=\'guestolo\' post=\'460231\' date=\'Mar 28 2009, 03:37 PM\']Download DDS by sUBs from one of the following links. Save it to your desktop.

• [color=\"#0000ff\"]DDS.scr[/color] (http://\"http://download.bleepingcomputer.com/sUBs/dds.scr\")
  
• [color=\"#0000ff\"]DDS.pif[/color] (http://\"http://www.forospyware.com/sUBs/dds\")
  

Double click on the DDS icon, allow it to run.
A small box will open, with an explaination about the tool. No input is needed, the scan is running.
Notepad will open with the results.
Follow the instructions that pop up for posting the results.

It will prompt to attach one log, you can simply Copy and paste it to a response
 
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet[/quote]


UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-03-16.01)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 10/19/2007 11:49:58 PM
System Uptime: 3/29/2009 2:20:04 AM (0 hours ago)

Motherboard: BIOSTAR Group |  | NF61S-M7
Processor: Mobile AMD Sempron(tm) Processor 3000+ | Socket 754 | 1808/201mhz

==== Disk Partitions =========================

A: is Removable
C: is FIXED (NTFS) - 37 GiB total, 1.41 GiB free.
D: is CDROM (CDFS)

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP197: 2/7/2009 9:55:47 PM - System Checkpoint
RP198: 2/8/2009 6:51:42 PM - Software Distribution Service 3.0
RP199: 2/9/2009 3:44:19 PM - Software Distribution Service 3.0
RP200: 2/11/2009 3:27:40 PM - Software Distribution Service 3.0
RP201: 2/12/2009 5:13:45 PM - Software Distribution Service 3.0
RP202: 2/15/2009 4:08:27 PM - System Checkpoint
RP203: 2/17/2009 5:23:54 PM - System Checkpoint
RP204: 2/24/2009 10:12:27 PM - System Checkpoint
RP205: 2/25/2009 4:46:46 AM - Software Distribution Service 3.0
RP206: 2/26/2009 3:00:41 AM - Software Distribution Service 3.0
RP207: 2/28/2009 1:37:41 PM - System Checkpoint
RP208: 3/1/2009 6:46:26 PM - System Checkpoint
RP209: 3/6/2009 3:00:20 AM - Software Distribution Service 3.0
RP210: 3/12/2009 3:01:51 AM - Software Distribution Service 3.0
RP211: 3/14/2009 7:53:59 PM - Installed Microsoft Office Enterprise 2007
RP212: 3/14/2009 8:15:27 PM - Printer Driver Send To Microsoft OneNote Driver Installed
RP213: 3/14/2009 8:30:44 PM - Configured Microsoft Office Enterprise 2007
RP214: 3/15/2009 2:10:26 AM - Configured Microsoft Office Enterprise 2007
RP215: 3/15/2009 3:00:32 AM - Software Distribution Service 3.0
RP216: 3/16/2009 3:01:00 AM - Software Distribution Service 3.0
RP217: 3/17/2009 11:39:22 AM - System Checkpoint
RP218: 3/20/2009 3:00:28 AM - Software Distribution Service 3.0
RP219: 3/21/2009 3:00:23 AM - Software Distribution Service 3.0
RP220: 3/23/2009 12:19:05 AM - Software Distribution Service 3.0
RP221: 3/23/2009 3:00:35 AM - Software Distribution Service 3.0
RP222: 3/25/2009 12:42:30 AM - System Checkpoint
RP223: 3/26/2009 2:54:28 AM - System Checkpoint
RP224: 3/27/2009 8:37:54 AM - System Checkpoint
RP225: 3/27/2009 7:34:53 PM - Unsigned driver install
RP226: 3/28/2009 3:00:18 AM - Software Distribution Service 3.0
RP227: 3/29/2009 12:56:39 AM - Installed Windows Live Communications Platform

==== Installed Programs ======================

µTorrent
2007 Microsoft Office Suite Service Pack 1 (SP1)
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Photoshop 7.0
Adobe Photoshop CS
Adobe Reader 7.0.5
Apple Mobile Device Support
Apple Software Update
ArcSoft PhotoImpression 4
Ares 2.0.9
AutoUpdate
Bonjour
Compatibility Pack for the 2007 Office system
Contextual Tool Adzgalore
CursorXP
Digimax Viewer 2.1
DivX Codec
DivX Converter
DivX Player
DivX Web Player
Express Burn
Express Rip
FunPhotor 5.0
Highlight Viewer (Windows Live Toolbar)
Hotfix for Windows XP (KB935448)
Hotfix for Windows XP (KB952287)
hp deskjet 656c series (Remove only)
Imikimi Plugin
IMVU Avatar Chat Software
iTunes
Jasc Animation Shop 3
Java(tm) 6 Update 5
Java(tm) 6 Update 7
Lexmark 640 Series
LimeWire 4.16.7
Malwarebytes' Anti-Malware
Map Button (Windows Live Toolbar)
Messenger Plus! Live & Sponsor (CiD)
Microsoft Encarta Reference Library 2005
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Software Update for Web Folders  (English) 12
Microsoft Text-to-Speech Engine 4.0 (English)
Microsoft User-Mode Driver Framework Feature Pack 1.0.0 (Pre-Release 5348)
Microsoft Visual C++ 2005 Redistributable
Mozilla Firefox (3.0.8)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
NOD32 antivirus system
NOD32 FiX
Nokia Connectivity Cable Driver
Nokia PC Suite
NVIDIA Drivers
NVIDIA ForceWare Network Access Manager
OpenOffice.org Installer 1.0
Project64 1.6
QuickTime
QuickTime Alternative 1.67
Realtek High Definition Audio Driver
Recordpad
Roxio PhotoSuite 5
SAMSUNG CDMA Modem Driver Set
Samsung Master
SAMSUNG Mobile Composite Device Software
Samsung Mobile phone USB driver Software
SAMSUNG Mobile USB Modem 1.0 Software
Samsung Mobile USB Modem Software
Samsung PC Studio
Samsung PC Studio 3 USB Driver Installer
Samsung PC Studio II 2.0 PIMS & File Manager
Security Update for 2007 Microsoft Office System (KB951550)
Security Update for 2007 Microsoft Office System (KB951944)
Security Update for 2007 Microsoft Office System (KB958439)
Security Update for Microsoft Office Excel 2007 (KB958437)
Security Update for Microsoft Office OneNote 2007 (KB950130)
Security Update for Microsoft Office PowerPoint 2007 (KB951338)
Security Update for Microsoft Office Publisher 2007 (KB950114)
Security Update for Microsoft Office system 2007 (KB954326)
Security Update for Microsoft Office system 2007 (KB956828)
Security Update for Microsoft Office Word 2007 (KB956358)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB932168)
Security Update for Windows XP (KB933729)
Security Update for Windows XP (KB935839)
Security Update for Windows XP (KB935840)
Security Update for Windows XP (KB936021)
Security Update for Windows XP (KB937894)
Security Update for Windows XP (KB938127)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941568)
Security Update for Windows XP (KB941644)
Security Update for Windows XP (KB941693)
Security Update for Windows XP (KB943055)
Security Update for Windows XP (KB943460)
Security Update for Windows XP (KB943485)
Security Update for Windows XP (KB944338)
Security Update for Windows XP (KB944653)
Security Update for Windows XP (KB945553)
Security Update for Windows XP (KB946026)
Security Update for Windows XP (KB947864)
Security Update for Windows XP (KB948590)
Security Update for Windows XP (KB948881)
Security Update for Windows XP (KB950749)
Security Update for Windows XP (KB950759)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953838)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956390)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958215)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960714)
Security Update for Windows XP (KB960715)
Shockwave
Skypeâ„¢ 3.6
Smart Menus (Windows Live Toolbar)
Software Update for Web Folders
StyleXP (remove only)
SweetIM for Messenger 2.5
SweetIM Toolbar for Internet Explorer 3.2
Switch Sound File Converter
Update for Microsoft Office Outlook 2007 (KB952142)
Update for Office 2007 (KB946691)
Update for Outlook 2007 Junk Email Filter (kb962871)
Update for Windows XP (KB900485)
Update for Windows XP (KB908531)
Update for Windows XP (KB911280)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB927891)
Update for Windows XP (KB930916)
Update for Windows XP (KB938828)
Update for Windows XP (KB942763)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
V3780s Digital Camera Driver
VeohTV BETA
Virtual DJ - Atomix Productions
WavePad Sound Editor
Windows Genuine Advantage Notifications (KB905474)
Windows Live Communications Platform
Windows Live Favorites for Windows Live Toolbar
Windows Live installer
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Live Toolbar
Windows Live Toolbar Extension (Windows Live Toolbar)
Windows Media Format 11 runtime
Windows Media Player 11
WinRAR archiver
Yahoo! Browser Services
Yahoo! Install Manager
Yahoo! Internet Mail
Yahoo! Messenger
Yahoo! Toolbar

==== Event Viewer Messages From Past Week ========

3/24/2009 10:37:33 AM, error: W32Time [17]  - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
3/24/2009 5:06:23 AM, error: Print [6161]  - The document Sba excell 1( owned by Andrene failed to print on printer Lexmark 640 Series. Data type: LEMF. Size of the spool file in bytes: 603826. Number of bytes printed: 603826. Total number of pages in the document: 1. Number of pages printed: 0. Client machine: \\BE322CB733544B3. Win32 error code returned by the print processor: 126 (0x7e).
3/24/2009 3:30:05 AM, error: Print [6161]  - The document Sba excell 1.xlsx owned by Andrene failed to print on printer Lexmark 640 Series. Data type: LEMF. Size of the spool file in bytes: 6895302. Number of bytes printed: 6895302. Total number of pages in the document: 5. Number of pages printed: 0. Client machine: \\BE322CB733544B3. Win32 error code returned by the print processor: 126 (0x7e).
3/23/2009 2:50:08 PM, error: DCOM [10005]  - DCOM got error "%1058" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
3/23/2009 3:03:13 AM, error: Windows Update Agent [20]  - Installation Failure: Windows failed to install the following update with error 0x800705aa: Update for Windows XP (KB967715).
3/23/2009 3:03:07 AM, error: NtServicePack [4379]  - Windows XP Hotfix KB967715 installation failed.
KB967715 installation did not complete.
3/23/2009 3:03:07 AM, error: NtServicePack [4373]  - Windows XP KB967715 installation failed.
Insufficient system resources exist to complete the requested service.
3/24/2009 10:52:49 AM, error: W32Time [17]  - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 30 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
3/28/2009 3:01:19 AM, error: NtServicePack [4373]  - Windows XP KB967715 installation failed.
Insufficient system resources exist to complete the requested service.
3/28/2009 3:01:19 AM, error: NtServicePack [4379]  - Windows XP Hotfix KB967715 installation failed.
KB967715 installation did not complete.

==== End Of File ===========================

Title: Yoog Problem
Post by: guestolo on March 28, 2009, 09:36:25 PM

It's great that you posted the log that would of been attached
But can you again run it and post the Main log that opens

Title: Yoog Problem
Post by: cashy_dria on March 28, 2009, 10:41:20 PM

[quote name=\'guestolo\' post=\'460242\' date=\'Mar 28 2009, 09:36 PM\']It's great that you posted the log that would of been attached
But can you again run it and post the Main log that opens[/quote]

lol tht 1


DDS (Ver_09-03-16.01) - NTFSx86  
Run by Andrene at  2:36:40.81 on Sun 03/29/2009
Internet Explorer: 6.0.2900.2180 BrowserJavaVersion: 1.6.0_07
Microsoft Windows XP Professional  5.1.2600.2.1252.1.1033.18.958.316 [GMT 1:00]

AV: ESET NOD32 antivirus system 2.70 *On-access scanning enabled* (Updated)
FW: ActiveArmor Firewall *disabled*

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\WINDOWS\system32\lxdacoms.exe
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
C:\Program Files\Samsung\Digimax Viewer 2.1\STImgBrowser.exe
C:\Documents and Settings\Andrene\Start Menu\Programs\Startup\Microsoft Startup Controller.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Java\jre1.6.0_07\bin\jucheck.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Andrene\Desktop\dds.scr

============== Pseudo HJT Report ===============

uWindow Title = Service Pack 3 Internet Explorer
uStart Page = hxxp://www.yahoo.com/
uSearch Page = hxxp://us.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http://www.yahoo.com
uSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
mDefault_Page_URL = hxxp://www.yahoo.com/
mDefault_Search_URL = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
mSearch Page = hxxp://us.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http://www.yahoo.com
mStart Page = hxxp://www.yahoo.com/
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn0\yt.dll
uURLSearchHooks: SweetIM ToolbarURLSearchHook Class: {eee6c35d-6118-11dc-9c72-001320c79847} - c:\program files\sweetim\toolbars\internet explorer\mgHelper.dll
mWinlogon: SfcDisable=-99 (0xffffff9d)
mWinlogon: UIHost=c:\program files\tgtsoft\stylexp\CurrentLogon.EXE
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\progra~1\yahoo!\companion\installs\cpn0\yt.dll
BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: Yahoo! IE Services Button: {5bab4b5b-68bc-4b02-94d6-2fc0de4a7897} - c:\program files\yahoo!\common\yiesrvc.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_07\bin\ssv.dll
BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - No File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Windows Live Toolbar Helper: {bdbd1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll
BHO: 1 (0x1) - No File
BHO: SweetIM Toolbar Helper: {eee6c35c-6118-11dc-9c72-001320c79847} - c:\program files\sweetim\toolbars\internet explorer\mgToolbarIE.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\progra~1\yahoo!\companion\installs\cpn0\YTSingleInstance.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn0\yt.dll
TB: Windows Live Toolbar: {bdad1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll
TB: Veoh Browser Plug-in: {d0943516-5076-4020-a3b5-aefaf26ab263} - c:\program files\veoh networks\veoh\plugins\reg\VeohToolbar.dll
TB: SweetIM Toolbar for Internet Explorer: {eee6c35b-6118-11dc-9c72-001320c79847} - c:\program files\sweetim\toolbars\internet explorer\mgToolbarIE.dll
EB: Encarta &Researcher: {9455301c-cf6b-11d3-a266-00c04f689c50} - c:\program files\common files\microsoft shared\encarta researcher\EROPROJ.DLL
EB: Search panel: {07b9d706-8927-1bc0-6e92-d09dd0466ad1} - c:\windows\system32\jfojktmrwnimhpoxn.dll
uRun: [MsnMsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [<NO NAME>]
uRun: [rdr wipe] c:\docume~1\andrene\applic~1\stopma~1\New less.exe
uRun: [Messenger (Yahoo!)] "c:\program files\yahoo!\messenger\YahooMessenger.exe" -quiet
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [SkyTel] SkyTel.EXE
mRun: [Alcmtr] ALCMTR.EXE
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [nod32kui] "c:\program files\eset\nod32kui.exe" /WAITSERVICE
mRun: [SunJavaUpdateSched] "c:\program files\java\jre1.6.0_07\bin\jusched.exe"
mRun: [PCSuiteTrayApplication] c:\program files\nokia\nokia pc suite 6\LaunchApplication.exe -onlytray
mRun: [DataLayer] c:\program files\common files\pcsuite\datalayer\DataLayer.exe
mRun: [QuickTime Task] "c:\program files\quicktime alternative\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [MSConfig] c:\windows\pchealth\helpctr\binaries\MSConfig.exe /auto
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
dRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
dRunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll"
dRunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe
StartupFolder: c:\documents and settings\andrene\start menu\programs\startup\Microsoft Startup Controller.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\digima~1.lnk - c:\program files\samsung\digimax viewer 2.1\STImgBrowser.exe
uPolicies-disallowrun: 1 = command.com
uPolicies-disallowrun: 2 = avgcc.exe
uPolicies-disallowrun: 3 = egui.exe
uPolicies-disallowrun: 4 = avgw.exe
IE: &Search
IE: &Windows Live Search - c:\program files\windows live toolbar\msntb.dll/search.htm
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx (http://\"http://favorites.live.com/quickadd.aspx\")
IE: E&xport to Microsoft Excel - c:\progra~1\micros~1\office12\EXCEL.EXE/3000
IE: {d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\documents and settings\andrene\start menu\programs\imvu\Run IMVU.lnk
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_07\bin\ssv.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~1\office12\ONBttnIE.dll
IE: {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - c:\program files\yahoo!\common\yiesrvc.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~1\office12\REFIEBAR.DLL
IE: {9455301C-CF6B-11D3-A266-00C04F689C50} - {9455301C-CF6B-11D3-A266-00C04F689C50} - c:\program files\common files\microsoft shared\encarta researcher\EROPROJ.DLL
IE: {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - {552781AF-37E4-4FEE-920A-CED9E648EADD} - c:\program files\common files\microsoft shared\encarta search bar\ENCSBAR.DLL
LSP: c:\windows\system32\imon.dll
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper.dll
DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://gfx1.Email Removed.com/mail/w3/resources/MSNPUpld.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {D71F9A27-723E-4B8B-B428-B725E47CBA3E} - hxxp://imikimi.com/download/imikimi_plugin_0.5.1.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: msero - {B0D92A71-886B-453B-A649-1B91F93801E7} - c:\program files\common files\microsoft shared\encarta researcher\MSERO.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\andrene\applic~1\mozilla\firefox\profiles\sdrml0pg.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www3.yoog.com/search.php?q=
FF - prefs.js: browser.search.selectedEngine - Yoog Search
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
FF - prefs.js: keyword.URL - hxxp://www3.yoog.com/search.php?q=
FF - component: c:\program files\mozilla firefox\components\jfojktmrwnimhpoxn.dll
FF - component: c:\program files\mozilla firefox\components\nsadzgalore.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npkimi.dll
FF - plugin: c:\program files\quicktime alternative\plugins\npqtplugin.dll
FF - plugin: c:\program files\quicktime alternative\plugins\npqtplugin2.dll
FF - plugin: c:\program files\quicktime alternative\plugins\npqtplugin3.dll
FF - plugin: c:\program files\quicktime alternative\plugins\npqtplugin4.dll
FF - plugin: c:\program files\quicktime alternative\plugins\npqtplugin5.dll
FF - plugin: c:\program files\quicktime alternative\plugins\npqtplugin6.dll
FF - plugin: c:\program files\veoh networks\veoh\plugins\noreg\NPVeohVersion.dll

---- FIREFOX POLICIES ----
FF - user.js: google.toolbar.linkdoctor.enabled - false
FF - user.js: browser.search.selectedEngine - Yoog Search
FF - user.js: keyword.URL - hxxp://www3.yoog.com/search.php?q=
FF - user.js: keyword.enabled - true
FF - user.js: browser.search.defaultenginename - Yoog Search
FF - user.js: browser.search.defaulturl - hxxp://www3.yoog.com/search.php?q=

============= SERVICES / DRIVERS ===============

R1 BIOS;BIOS;c:\windows\system32\drivers\BIOS.sys [2007-10-19 13696]
R1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [2007-10-21 15424]
R2 lxda_device;lxda_device;c:\windows\system32\lxdacoms.exe -service --> c:\windows\system32\lxdacoms.exe -service [?]
R2 NOD32krn;NOD32 Kernel Service;c:\program files\eset\nod32krn.exe [2007-10-21 552064]
R3 DCamUSBPremier;V3780s Digital Camera;c:\windows\system32\drivers\MPIXVID.SYS [2008-9-3 81921]

=============== Created Last 30 ================

2009-03-29 01:23    77,824    a-------    c:\documents and settings\andrene\ffff.exe
2009-03-28 20:26    <DIR>    --d-----    c:\docume~1\andrene\applic~1\Malwarebytes
2009-03-28 20:26    15,504    a-------    c:\windows\system32\drivers\mbam.sys
2009-03-28 20:26    38,496    a-------    c:\windows\system32\drivers\mbamswissarmy.sys
2009-03-28 20:25    <DIR>    --d-----    c:\docume~1\alluse~1\applic~1\Malwarebytes
2009-03-28 20:25    <DIR>    --d-----    c:\program files\Malwarebytes' Anti-Malware
2009-03-22 17:34    <DIR>    --d-----    c:\program files\common files\Windows Live
2009-03-18 23:48    987,483    a-------    c:\documents and settings\andrene\explods.exe
2009-03-14 23:58    <DIR>    --dshr--    C:\RESTORE
2009-03-14 23:58    63,876    a-------    c:\documents and settings\andrene\explorers.exe
2009-03-14 21:15    32,592    a-------    c:\windows\system32\msonpmon.dll
2009-03-14 00:20    7,168    a--sh---    c:\windows\system32\Thumbs.db
2009-03-10 23:07    <DIR>    --dsh---    C:\found.000
2009-03-03 02:25    <DIR>    --dshr--    C:\SYSTEM
2009-03-01 18:51    21,504    a-------    c:\windows\system32\hidserv.dll
2009-03-01 18:51    9,600    a-------    c:\windows\system32\drivers\hidusb.sys
2009-03-01 18:51    31,744    a-------    c:\windows\system32\drivers\usbccgp.sys

==================== Find3M  ====================

2009-03-14 22:44    5,632    a--sh---    c:\program files\Thumbs.db
2009-02-09 11:20    1,847,424    a-------    c:\windows\system32\win32k.sys
2009-02-09 11:20    1,847,424    --------    c:\windows\system32\dllcache\win32k.sys
2009-01-30 13:00    671,744    a-------    c:\windows\system32\nsm826B.dll
2009-01-15 18:37    85,219    a-------    c:\windows\system32\cont_adzgalore-remove.exe
2008-04-17 05:28    32    a-------    c:\docume~1\alluse~1\applic~1\ezsid.dat

============= FINISH:  2:37:25.65 ===============

Title: Yoog Problem
Post by: guestolo on March 28, 2009, 10:58:13 PM

Download ComboFix from one of these locations:

[color=\"#0000FF\"]Link 1[/color] (http://\"http://download.bleepingcomputer.com/sUBs/ComboFix.exe\")
[color=\"#0000FF\"]Link 2[/color] (http://\"http://www.forospyware.com/sUBs/ComboFix.exe\")
[color=\"#0000FF\"]Link 3[/color] (http://\"http://subs.geekstogo.com/ComboFix.exe\")
[color=\"#FF0000\"]Save it ONLY to your Desktop[/color]

      --------------------------------------------------------------------
[color=\"#2E8B57\"]Temporarily Disable your AntiVirus/AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with this tool
[/color]

• Double click on ComboFix.exe & follow the prompts.
  
• As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
• Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

[color=\"#2e8b57\"]**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.
[/color]
(http://img.photobucket.com/albums/v706/ried7/RcAuto1.gif)

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:
(http://img.photobucket.com/albums/v706/ried7/whatnext.png)


Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply

NOTE: Do not mouseclick inside ComboFix window as it's running, it may cause it to stall
ComboFix will/may run again on startup, it will prompt that it's creating a log
This process could take up to 10 minutes, let it run uninterrupted please

Title: Yoog Problem
Post by: cashy_dria on March 29, 2009, 12:15:58 AM

[quote name=\'guestolo\' post=\'460247\' date=\'Mar 28 2009, 09:58 PM\']Download ComboFix from one of these locations:

[color=\"#0000ff\"]Link 1[/color] (http://\"http://download.bleepingcomputer.com/sUBs/ComboFix.exe\")
[color=\"#0000ff\"]Link 2[/color] (http://\"http://www.forospyware.com/sUBs/ComboFix.exe\")
[color=\"#0000ff\"]Link 3[/color] (http://\"http://subs.geekstogo.com/ComboFix.exe\")
[color=\"#ff0000\"]Save it ONLY to your Desktop[/color]

      --------------------------------------------------------------------
[color=\"#2e8b57\"]Temporarily Disable your AntiVirus/AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with this tool
[/color]

• Double click on ComboFix.exe & follow the prompts.
  
• As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
• Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

[color=\"#2e8b57\"]**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.
[/color]
(http://img.photobucket.com/albums/v706/ried7/RcAuto1.gif)

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:
(http://img.photobucket.com/albums/v706/ried7/whatnext.png)


Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply

NOTE: Do not mouseclick inside ComboFix window as it's running, it may cause it to stall
ComboFix will/may run again on startup, it will prompt that it's creating a log
This process could take up to 10 minutes, let it run uninterrupted please[/quote]

i dwnloaded da thing but umm how do i disable nod32

Title: Yoog Problem
Post by: guestolo on March 29, 2009, 12:23:03 AM

I'm not running Nod32, but try the following
 navigate to the system tray on the bottom right hand corner by the clock  and look for a (http://i94.photobucket.com/albums/l84/SillyGerman/BleepingComputer/nod32.png)  sign.
    * click it -> click on the (http://i94.photobucket.com/albums/l84/SillyGerman/BleepingComputer/nod32_quit.png) button.
    * a popup will warn that protection will now be disabled. Click on "Yes" to disable the Antivirus guard.

Title: Yoog Problem
Post by: cashy_dria on March 29, 2009, 12:45:57 PM

[quote name=\'guestolo\' post=\'460251\' date=\'Mar 29 2009, 12:23 AM\']I'm not running Nod32, but try the following
 navigate to the system tray on the bottom right hand corner by the clock  and look for a (http://i94.photobucket.com/albums/l84/SillyGerman/BleepingComputer/nod32.png)  sign.
    * click it -> click on the (http://i94.photobucket.com/albums/l84/SillyGerman/BleepingComputer/nod32_quit.png) button.
    * a popup will warn that protection will now be disabled. Click on "Yes" to disable the Antivirus guard.[/quote]

i remeoved the anti virus thing but combo fix does not work

Title: Yoog Problem
Post by: guestolo on March 29, 2009, 01:17:18 PM

Let's try it another way

Delete your copy of ComboFix
Redownload a fresh copy from one of the links I supplied earlier

Reboot your computer in Safe Mode by doing the following :

• Restart your computer
• After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
• Instead of Windows loading as normal, a menu with options should appear;
• Select the first option, to run Windows in Safe Mode, then press "Enter".
• Choose your usual account.

In safe mode

Try running ComboFix from Safe mode enviroment
You won't be able to install the Recovery console, but that's OK, just have it check for Malware if it will run