0

hi im seeking your assistance. everytime i open my laptop Error loading otvasbpt.dll appears. please help me t fix this problem! thank you so much

3
Contributors
3
Replies
4
Views
5 Years
Discussion Span
Last Post by jholland1964
0

hi im seeking your assistance. everytime i open my laptop Error loading otvasbpt.dll appears. please help me t fix this problem! thank you so much

Hi kefert,

Sounds like a malware file has been removed but it is still being called on startup.
Please follow the steps in the linky below:

http://www.daniweb.com/hardware-and-software/microsoft-windows/viruses-spyware-and-other-nasties/threads/134865

I or another volunteer will check back as time permits.

Cheers :)
PP

Edited by PhilliePhan: The Usual...

0

hi! here is the log that shows after i run the programs!

DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 7.0.6001.18000 BrowserJavaVersion: 1.6.0_23
Run by Owner at 19:34:22 on 2012-01-27
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.2.1033.18.4085.2701 [GMT -5:00]
.
AV: ESET NOD32 Antivirus 4.0 *Enabled/Outdated* {CB0F8167-5331-BA19-698E-64816B6801A5}
SP: ESET NOD32 Antivirus 4.0 *Enabled/Outdated* {706E6083-750B-B597-533E-5FF310EF4B18}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\agr64svc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\dlbacoms.exe
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\GATEWAY\Gateway Recovery Management\Service\ETService.exe
C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
C:\Windows\sysWOW64\svchost.exe -k netsvc
C:\Program Files (x86)\IDT\WDM\STacSV64.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\PROGRA~2\TELEVI~2\bar\1.bin\64barsvc.exe
C:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe
C:\Program Files\Common Files\Authentium\AntiVirus5\vseqrts.exe
C:\Windows\system32\taskeng.exe
c:\Program Files (x86)\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64SrchMn.exe
C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64brmon.exe
C:\Program Files (x86)\Ask.com\Updater\Updater.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\SysWOW64\ping.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wuauclt.exe
C:\Users\Owner\Downloads\zwopc8hl.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\conime.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.babylon.com/?AF=100482&babsrc=HP_ss&mntrId=f4642074000000000000001f3c9e90cf
uDefault_Page_URL = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=1009&s=2&o=vp64&d=0209&m=m-6888h
mStart Page = hxxp://www.yahoo.com/
mDefault_Page_URL = hxxp://www.yahoo.com/
mDefault_Search_URL = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
mSearch Page = ${URL_SEARCHPAGE}
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
uInternet Settings,ProxyOverride = *.local
mSearchAssistant =
uURLSearchHooks: UrlSearchHook Class: {00000000-6e41-4fd3-8538-502f5495e5fc} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
uURLSearchHooks: Empty: {0696f815-a3a9-490a-bb14-9ec3350b1276} - C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64SrcAs.dll
mURLSearchHooks: ICQToolBar: {855f3b16-6d32-4fe6-8a56-bbb695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
mURLSearchHooks: H - No File
mURLSearchHooks: ICQToolBar: {855f3b16-6d32-4fe6-8a56-bbb695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
mURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll
mURLSearchHooks: H - No File
mURLSearchHooks: YTNavAssist.YTNavAssistPlugin Class: {81017ea9-9aa8-4a6a-9734-7af40e7d593f} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\YTNavAssist.dll
mWinlogon: Userinit=C:\Windows\SysWOW64\userinit.exe,
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll
BHO: Sky-Banners Browser Enhancer otvasbpt: {0258131a-9ab3-4154-a5c1-56a1835939f3} - adShotHlpr Object
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Street-Ads Browser Enhancer opiczwbv: {1d1043a9-7094-48dd-8e36-721159ed5074} - moigh Object
BHO: Yahooo Search Protection: {25bc7718-0bfa-40ea-b381-4b2d9732d686} - C:\Program Files (x86)\Yahoo!\Search Protection\ysp.dll
BHO: Babylon toolbar helper: {2eecd738-5844-4a99-b4b6-146bf802613b} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll
BHO: Search Assistant BHO: {5d79f641-c168-40df-a32f-bacea7509e75} - C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64SrcAs.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - No File
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll
BHO: Toolbar BHO: {cb41fc95-f1b3-4797-8bb6-1012ff62abba} - C:\PROGRA~2\TELEVI~2\bar\1.bin\64bar.dll
BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: {ef6ccd97-ae88-34cc-5208-22ac81b36dde} - voguecash browser enhancer
BHO: {f0626a63-410b-45e2-99a1-3f2475b2d695} - Search Assistant
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll
TB: Veoh Video Compass: {52836eb0-631a-47b1-94a6-61f9d9112dae} - C:\Program Files (x86)\Veoh Networks\Veoh Video Compass\SearchRecsPlugin.dll
TB: ICQToolBar: {855f3b16-6d32-4fe6-8a56-bbb695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
TB: TelevisionFanatic: {c98d5b61-b0ea-4d48-9839-1079d352d880} - C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64bar.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
TB: Babylon Toolbar: {98889811-442d-49dd-99d7-dc866be87dbc} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll
TB: {DD662A0C-12FE-4B38-BA53-247F7EC82F46} - No File
TB: {00000000-0000-0000-0000-000000000000} - No File
EB: ICQToolBar: {855f3b16-6d32-4fe6-8a56-bbb695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
uRun: [LvkdhfngNwycer\AppData\Local\Temp\3510000513.exe] C:\Users\Owner\AppData\Local\Temp\3510000513.exe
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [ehTray.exe] C:\Windows\ehome\ehTray.exe
uRun: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
uRun: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
uRun: [Akamai NetSession Interface] "C:\Users\Owner\AppData\Local\Akamai\netsession_win.exe"
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [oQwOvpJJoPhcmLJ.exe] C:\ProgramData\oQwOvpJJoPhcmLJ.exe
uRun: [msnmsgr] "C:\Program Files (x86)\MSN Messenger\msnmsgr.exe" /background
uRun: [{6DD04270-1628-98C2-CB9B-A40CBA49D084}] C:\Users\Owner\AppData\Roaming\Heduy\izkiaq.exe
mRun: [eRecoveryService]
mRun: [skb] rundll32 "otvasbpt.dll",,Run
mRun: [pyitresfcoxa] C:\Windows\System32\regsvr32.exe /s "C:\Windows\SysWow64\yustngnrzggwwsm.dll"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [RegWork] "C:\Program Files (x86)\RegWork\RegWork.exe"
mRun: [TelevisionFanatic Search Scope Monitor] "C:\PROGRA~2\TELEVI~2\bar\1.bin\64srchmn.exe" /m=2 /w /h
mRun: [TelevisionFanatic Browser Plugin Loader] C:\PROGRA~2\TELEVI~2\bar\1.bin\64brmon.exe
mRun: [ErrorTeck] "C:\Program Files (x86)\ErrorTeck\ErrorTeck.exe" /scan
mRun: [<NO NAME>]
mRun: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
dRun: [msnmsgr] "C:\Program Files (x86)\MSN Messenger\msnmsgr.exe" /background
dRunOnce: [<NO NAME>]
dRunOnce: [FlashPlayerUpdate] C:\Windows\SysWow64\Macromed\Flash\FlashUtil10c.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPODDT~1.LNK - C:\Program Files (x86)\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
uPolicies-explorer: NoDesktopCleanupWizard = 1 (0x1)
uPolicies-explorer: NoFolderOptions = 1 (0x1)
uPolicies-system: DisableRegistryTools = 1 (0x1)
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {BBF74FB9-ABCD-4678-880A-2511DAABB5E1} - {25BC7718-0BFA-40EA-B381-4B2D9732D686} - C:\Program Files (x86)\Yahoo!\Search Protection\ysp.dll
LSP: mswsock.dll
DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - hxxp://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei-4/WebfettiInitialSetup1.0.1.1.cab
DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} - hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{AB9C4EED-9E4E-41A8-9C47-61081C8AA69B} : DhcpNameServer = 192.168.0.1
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
SubSystems: Windows = basesrv,1 winsrv:UserServerDllInitialization,3 consrv:ConServerDllInitialization,2
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\xz4onoxh.default\
FF - prefs.js: browser.search.selectedEngine - Ask.com
FF - prefs.js: keyword.URL - hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=BLPV5&o=13149&locale=en_US&apn_uid=A26F6F15-BC77-48FD-AC1E-52991153CA15&apn_ptnrs=S0&apn_sauid=05B0D5A9-C9D3-435C-A813-EA0DF83EEEE0&apn_dtid=YYYYYYYYCA&&q=
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\NP64Stub.dll
FF - plugin: C:\Users\Owner\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
FF - plugin: C:\Users\Owner\AppData\Local\Yahoo!\BrowserPlus\2.4.21\Plugins\npybrowserplus_2.4.21.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
---- FIREFOX POLICIES ----
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=100482
FF - user.js: extensions.BabylonToolbar_i.babExt -
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar_i.id - f4642074000000000000001f3c9e90cf
FF - user.js: extensions.BabylonToolbar_i.hardId - f4642074000000000000001f3c9e90cf
FF - user.js: extensions.BabylonToolbar_i.instlDay - 15366
FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1723:09:58
FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar_i.tlbrId - tb9
FF - user.js: extensions.BabylonToolbar_i.instlRef - sst
.
============= SERVICES / DRIVERS ===============
.
R1 ElRawDisk;ElRawDisk;\??\C:\Windows\system32\drivers\rsdrvx64.sys --> C:\Windows\system32\drivers\rsdrvx64.sys [?]
R2 dlba_device;dlba_device;C:\Windows\system32\dlbacoms.exe -service --> C:\Windows\system32\dlbacoms.exe -service [?]
R2 ETService;Empowering Technology Service;C:\Program Files\GATEWAY\Gateway Recovery Management\Service\ETService.exe [2009-2-6 24576]
R2 ICQ Service;ICQ Service;C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe [2010-8-27 246520]
R2 SPService;SPService;C:\Windows\sysWOW64\svchost.exe -k netsvc --> C:\Windows\sysWOW64\svchost.exe -k netsvc [?]
R2 TelevisionFanaticService;TelevisionFanaticService;C:\PROGRA~2\TELEVI~2\bar\1.bin\64barsvc.exe [2012-1-11 42504]
R2 vseamps;vseamps;C:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe [2010-4-8 149544]
R2 vsedsps;vsedsps;C:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe [2010-4-8 148008]
R2 vseqrts;vseqrts;C:\Program Files\Common Files\Authentium\AntiVirus5\vseqrts.exe [2010-4-8 205352]
R3 NETw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\NETw5v64.sys --> C:\Windows\system32\DRIVERS\NETw5v64.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-1-5 135664]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-1-5 135664]
S3 NETw4v64;Intel(R) Wireless WiFi Link Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\NETw4v64.sys --> C:\Windows\system32\DRIVERS\NETw4v64.sys [?]
S3 PerfHost;Performance Counter DLL Host;C:\Windows\SysWOW64\perfhost.exe [2008-1-20 19968]
S3 qcusbser;ACER Android USB Device for Legacy Serial Communication;C:\Windows\system32\DRIVERS\qcusbser.sys --> C:\Windows\system32\DRIVERS\qcusbser.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-3-18 1020768]
S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-3-17 93184]
.
=============== Created Last 30 ================
.
2012-01-27 04:18:00 -------- d-----w- C:\Users\Owner\AppData\Local\libimobiledevice
2012-01-27 04:10:00 98304 ----a-w- C:\Windows\SysWow64\redmonnt.dll
2012-01-27 04:09:59 -------- d-----w- C:\Program Files (x86)\BabylonToolbar
2012-01-27 04:09:58 -------- d-----w- C:\Program Files (x86)\FoxTabPDFConverter
2012-01-27 04:09:52 -------- d-----w- C:\Users\Owner\AppData\Local\Babylon
2012-01-27 04:09:50 -------- d-----w- C:\Users\Owner\AppData\Roaming\Babylon
2012-01-27 04:09:50 -------- d-----w- C:\ProgramData\Babylon
2012-01-25 23:51:34 -------- d-----w- C:\Program Files\iPod
2012-01-25 23:51:29 -------- d-----w- C:\Program Files\iTunes
2012-01-22 16:38:30 -------- d-----w- C:\Users\Owner\AppData\Roaming\Yvno
2012-01-22 16:38:30 -------- d-----w- C:\Users\Owner\AppData\Roaming\Heduy
2012-01-14 04:09:49 -------- d-----w- C:\Program Files (x86)\Ask.com
2012-01-14 03:49:19 121816 ----a-w- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll
2012-01-13 05:37:31 -------- d-----w- C:\Users\Owner\EurekaLog
2012-01-13 04:40:12 -------- d-----w- C:\rei
2012-01-13 04:40:07 -------- d-----w- C:\Program Files\Reimage
2012-01-13 04:38:19 -------- d-----w- C:\Users\Owner\AppData\Roaming\PC Unleashed Online
2012-01-13 04:38:14 -------- d-----w- C:\ProgramData\PC Unleashed Online
2012-01-13 04:14:23 -------- d-----w- C:\Users\Owner\AppData\Roaming\ErrorTeck
2012-01-13 04:14:19 -------- d-----w- C:\Program Files (x86)\ErrorTeck
2012-01-13 01:30:09 -------- d-sh--w- C:\found.002
2012-01-13 01:23:19 -------- d-----w- C:\Users\Owner\AppData\Roaming\SpeedyPC Software
2012-01-13 01:23:19 -------- d-----w- C:\Users\Owner\AppData\Roaming\DriverCure
2012-01-13 01:23:15 -------- d-----w- C:\ProgramData\SpeedyPC Software
2012-01-13 01:23:15 -------- d-----w- C:\Program Files (x86)\SpeedyPC Software
2012-01-13 01:23:15 -------- d-----w- C:\Program Files (x86)\Common Files\SpeedyPC Software
2012-01-13 00:06:30 -------- d-----w- C:\ProgramData\Common Files
2012-01-11 23:37:16 -------- d-----w- C:\Program Files (x86)\TelevisionFanatic
2012-01-11 23:01:40 362348 ----a-w- C:\ProgramData\PUp3VBjiSUMyIA.exe
2011-12-31 18:33:38 626688 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcr80.dll
2011-12-31 18:33:38 548864 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcp80.dll
2011-12-31 18:33:38 479232 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcm80.dll
2011-12-31 18:33:38 43992 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozutils.dll
.
==================== Find3M ====================
.
2012-01-13 22:42:48 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-12-28 20:23:21 29184 ----a-w- C:\Windows\SysWow64\S6ovG.com
.
============= FINISH: 19:35:20.54 ===============
DDS (Ver_2011-08-26.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 06/02/2009 7:58:34 PM
System Uptime: 27/01/2012 6:57:25 PM (1 hours ago)
.
Motherboard: Gateway | |
Processor: Intel(R) Core(TM)2 CPU T6400 @ 2.00GHz | U2E1 | 2000/800mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 288 GiB total, 120.556 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Description: Dell AIO Printer A940
Device ID: ROOT\IMAGE\0000
Manufacturer: Dell
Name: Dell AIO Printer A940 #2
PNP Device ID: ROOT\IMAGE\0000
Service: usbscan
.
Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Description: Dell AIO Printer A940
Device ID: ROOT\IMAGE\0001
Manufacturer: Dell
Name: Dell AIO Printer A940 #3
PNP Device ID: ROOT\IMAGE\0001
Service: usbscan
.
==== System Restore Points ===================
.
.
==== Installed Programs ======================
.
A4 TECH USB PC Camera H
Acer Easy Link
Adobe AIR
Adobe Community Help
Adobe Download Assistant
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader 9.1
Apple Application Support
Apple Software Update
Babylon toolbar on IE
Camera Assistant Software for Gateway
Canon Digital Camera Solution Disk 40-46 Software Starter Guide
Canon MOV Decoder
Canon MOV Encoder
Canon MovieEdit Task for ZoomBrowser EX
Canon Personal Printing Guide
Canon Utilities CameraWindow
Canon Utilities CameraWindow DC
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
Canon Utilities MyCamera
Canon Utilities MyCamera DC
Canon Utilities PhotoStitch
Canon Utilities RemoteCapture Task for ZoomBrowser EX
Canon Utilities ZoomBrowser EX
Canon ZoomBrowser EX Memory Card Utility
Chikka Messenger V4
Compatibility Pack for the 2007 Office system
CyberLink LabelPrint
CyberLink Power2Go
Declan's French FlashCards v1.6
Facebook Video Calling 1.0.0.7930
FoxTab PDF Creator
Gateway Recovery Management
GearDrvs
Google Chrome
Google Earth
Google Toolbar for Internet Explorer
Google Update Helper
HiJackThis
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Photo and Imaging 2.0 - All-in-One
HP Photo and Imaging 2.0 - All-in-One Drivers
ICQ Toolbar
IDT Audio
Java Auto Updater
Java(TM) 6 Update 23
LiveUpdate (Symantec Corporation)
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Professional Edition 2003
Microsoft Office Suite Activation Assistant
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Works
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_CRT_x86
Mozilla Firefox 9.0.1 (x86 en-US)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
QuickTime
Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista
Realtek USB 2.0 Card Reader
Safari
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Sky-Banners browser enhancer
Skype Toolbars
Skype™ 4.2
SpeedyPC Pro
Support.com Toolbar
Support.com Toolbar Updater
TelevisionFanatic toolbar
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Veoh Video Compass
VP-EYE
Windows Live Messenger
Yahoo! BrowserPlus
Yahoo! Messenger
Yahoo! Search Protection
Yahoo! Software Update
Yahoo! Toolbar
.
==== End Of File ===========================

hope you can help me solve the problem. Thank you so much and more power!

0

Those are only two of the logs requested and it is not a removal program it only gives a picture of all that is installed and running on the computer. We need to see ALL the logs from the programs run from our Read Me First sticky, not just these two. According to the logs posted you did not install or run any of the other programs listed in the sticky, so you did NOT attempt to clean the machine, you only ran DDS. If you truly want to get the machine cleaned then you have to run all of the programs requested.

These two logs most definitely show a huge amount of malware on the computer.

You show three or parts of three different anti-virus programs on the computer though none of them show on the installed programs list;
ESET NOD32 Antivirus 4.0
Authentium AntiVirus5
Symantec\Norton

All of the items listed below are installed and were running on the computer during the DDS Scan and every single one of them is known malware;
AskToolbar
Babylon toolbar
Chikka Messenger V4
ICQToolBar
RegWork
Sky-Banners Browser Enhancer
SpeedyPC Pro
Street-Ads Browser Enhancer
Support.com Toolbar
Support.com Toolbar Updater
TelevisionFanatic toolbar
voguecash browser enhancer

Those listed above are just the ones I could easily identify, there are many, many others that I could not identify but they are running. Some of those above are listed in Add/Remove and must be Uninstalled using Add/Remove immediately. Not all of them are listed in Add/Remove but do uninstall all that are listed.

You also need to go into both Internet Explorer and Firefox and be sure all of those toolbars are removed.

Do this:
Go to this link
http://www.bleepingcomputer.com/download/anti-virus/rkill
and download the 7 rkill files to your desktop. These are all the same file but with different names in order to attempt to fool the infection processes which may try to stop it from running.
Once you have them all downloaded then double click on the first one to see if it will stop any infection processes that may be running. If one doesn't work then go on to the next one until one of them works.
When it works When RKill is run it will display a console screen. That console screen will continue to run until it RKill has finished. Once finished, the box will close and a log will be displayed showing all of the processes that were terminated by RKill and while RKill was running.

Once rkill has completed, DO NOT REBOOT the computer after running rkill because the infection process will start up again, but continue with these instructions:

Go to this link
http://majorgeeks.com/downloadget.php?id=5756&file=9&evp=693ee0b20204960edfd909666f809b26

and download Malwarebytes' Anti-Malware (MBA-M)
Save it to the desktop.
DoubleClick mbam-setup.exe and follow the prompts to install MBA-M.
* Be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version if one is available. There are always new updates to the definitions.
* Once the program has loaded, select Perform full scan, then choose the drive(s) then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected if malware is found.
* When MBA-M finishes, Notepad will open with the log. The log can be retrieved by opening up MBAM and clicking on the Logs Tab at the top of the program .

Reboot the computer

Post back with the results of the MBA-M scan. We need to see the FULL LOG.

Edited by jholland1964: n/a

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.