Need help removing Adware

EDIT: How the fuck did this end up here? Someone move this to "https://www.mpgh.net/forum/166-anti-malware/" please

 

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 6:48:54 PM, on 12/15/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 SP3 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Minion Tools\Sandboxie v3.58\SbieSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\Google Talk\googletalk.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe
C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Ask.com\Updater\Updater.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files\Java\jre6\bin\jqs.exe
c:\program files\grasssoft\macro expert\MacroService.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\ManyCam\Bin\ManyCam.exe
C:\Documents and Settings\Administrator\Local Settings\Application

Data\Megamedia\Megakey\Megakey.exe
C:\Documents and Settings\Administrator\Local Settings\Application

Data\Megamedia\Megakey\MegakeyUpdater.exe
C:\Minion Tools\Sandboxie v3.58\SbieCtrl.exe
C:\Program Files\TechSmith\Snagit 10\Snagit32.exe
C:\Documents and Settings\Administrator\Application Data\*******\bin\*******.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Rainmeter\Rainmeter.exe
C:\Program Files\Nero\Update\NASvc.exe
C:\Program Files\Stardock\ObjectDockPlus2\ObjectDock.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\Program Files\Styler\Styler.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Trillian\trillian.exe
C:\Program Files\TechSmith\Snagit 10\TSCHelp.exe
C:\Program Files\TechSmith\Snagit 10\SnagPriv.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\TechSmith\Snagit 10\snagiteditor.exe
c:\program files\grasssoft\macro expert\MacroServiceWnd.exe
C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\WINDOWS\system32\mspaint.exe
C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManage r.exe
C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\TrueCrypt\TrueCrypt.exe
C:\Program Files\Hotspot Shield\bin\openvpnas.exe
C:\Program Files\Hotspot Shield\bin\hsswd.exe
C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
C:\Program Files\Hotspot Shield\bin\openvpntray.exe
C:\Program Files\Real\RealPlayer\update\realsched.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Adobe\Adobe Photoshop CS5.1\Photoshop.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\MSN Toolbar\Platform\5.0.1423.0\mswinext.exe
C:\Documents and Settings\Administrator\My Documents\Downloads\HijackThis.exe
C:\WINDOWS\system32\vsjitdebugger.exe
C:\WINDOWS\system32\vsjitdebugger.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =

Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

https://search.hotspotshield.com/g/?c=h
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Favorites
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program

Files\TechSmith\Snagit 10\SnagitBHO.dll
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program

Files\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program

Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer -

{3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All

Users\Application

Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrow serrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter -

{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (file

missing)
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program

Files\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program

Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: RoboForm BHO - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program

Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: MegaIeHelperBHO - {77F4E711-789B-447F-9614-96759B2F83C6} - C:\Documents and

Settings\Administrator\Local Settings\Application

Data\Megamedia\Megakey\MegaIeHelper.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} -

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program

Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: FlashGetBHO - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Documents and

Settings\Administrator\Application Data\FlashGetBHO\FlashGetBHO3.dll
O2 - BHO: Somoto Toolbar - {c3721e85-f0ac-4b7e-ae4c-3e738011dc9d} - C:\Program

Files\somototoolbar\vmntemplateX.dll
O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program

Files\MSN Toolbar\Platform\5.0.1423.0\npwinext.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program

Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} -

C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Microsoft Web Test Recorder 10.0 Helper -

{DDA57003-0068-4ed2-9D32-4D1EC707D94D} - C:\Program Files\Microsoft Visual Studio

10.0\Common7\IDE\PrivateAssemblies\Microsoft.Visua lStudio.QualityTools.RecorderBarBHO

100.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program

Files\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} -

C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Loader Class - {F880A4A8-C436-4AC4-AFD1-AA0BDC9552DD} - C:\Documents and

Settings\Administrator\My Documents\Win7 Customization\Findexer Kit\FindeXer.dll
O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program

Files\Hotspot Shield\HssIE\HssIE.dll
O3 - Toolbar: Somoto Toolbar - {c3721e85-f0ac-4b7e-ae4c-3e738011dc9d} - C:\Program

Files\somototoolbar\vmntemplateX.dll
O3 - Toolbar: Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program

Files\TechSmith\Snagit 10\SnagitIEAddin.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} -

C:\Program Files\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll
O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program

Files\Styler\TB\StylerTB.dll
O3 - Toolbar: @C:\Program Files\MSN Toolbar\Platform\5.0.1423.0\npwinext.dll,-100 -

{8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN

Toolbar\Platform\5.0.1423.0\npwinext.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program

Files\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program

Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe

/autostart
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java

Update\jusched.exe"
O4 - HKLM\..\Run: [PlusService] C:\Program Files\Yuna Software\Messenger

Plus!\PlusService.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE -startup
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files\Microsoft\Search

Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKLM\..\Run: [Vistadrv] C:\Documents and Settings\Administrator\My

Documents\Windows Vista and 7 Drive Status Bar for XP\Vista Drive Status\vsdrv.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\update\realsched.exe"

-osboot
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common

Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files\Common

Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManage r.exe" -launchedbylogin
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes'

Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn

Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program

Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Administrator\Local

Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [Tesseract-OCR] C:\Program Files\Tesseract-OCR\tesseract.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ViStart] C:\Program Files\ViStart\ViStart.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"

/background
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [ManyCam] "C:\Program Files\ManyCam\Bin\ManyCam.exe" /silent
O4 - HKCU\..\Run: [Megakey] C:\Documents and Settings\Administrator\Local

Settings\Application Data\Megamedia\Megakey\Megakey.exe /Tray
O4 - HKCU\..\Run: [MegakeyUpdater] C:\Documents and Settings\Administrator\Local

Settings\Application Data\Megamedia\Megakey\MegakeyUpdater.exe
O4 - HKCU\..\Run: [SandboxieControl] "C:\Minion Tools\Sandboxie v3.58\SbieCtrl.exe"
O4 - HKUS\S-1-5-19\..\Run: [ctfmon.exe] ctfmon.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [IDMan] C:\Program Files\Internet Download

Manager\IDMan.exe /onboot (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [ApplicationHistoryData] rundll32.exe "C:\Documents and

Settings\Administrator\Local Settings\Application

Data\ApplicationHistory\ApplicationHistoryData\App licationHistorydata.dll",DllRegiste

rServer (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx

nLite.inf,C,,4,N (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [ctfmon.exe] ctfmon.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx

nLite.inf,C,,4,N (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] ctfmon.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx

nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] ctfmon.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx

nLite.inf,C,,4,N (User 'Default user')
O4 - Startup: *******.lnk = C:\Documents and Settings\Administrator\Application

Data\*******\bin\*******.exe
O4 - Startup: Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe
O4 - Startup: Stardock ObjectDock.lnk = C:\Program

Files\Stardock\ObjectDockPlus2\ObjectDock.exe
O4 - Startup: Styler.lnk = ?
O4 - Startup: Trillian.lnk = C:\Program Files\Trillian\trillian.exe
O4 - Global Startup: Snagit 10.lnk = C:\Program Files\TechSmith\Snagit

10\Snagit32.exe
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky

Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm
O8 - Extra context menu item: Capture Web Page - C:\Documents and

Settings\Administrator\Local Settings\Application

Data\Megamedia\Megakey\CaptureWebPage.htm
O8 - Extra context menu item: Customize Menu - file://C:\Program Files\Siber

Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Download all by FlashGet3 - C:\Documents and

Settings\Administrator\Application Data\FlashGetBHO\GetAllUrl.htm
O8 - Extra context menu item: Download by FlashGet3 - C:\Documents and

Settings\Administrator\Application Data\FlashGetBHO\GetUrl.htm
O8 - Extra context menu item: Fetch to ********** - C:\Documents and

Settings\Administrator\Local Settings\Application

Data\Megamedia\Megakey\**********.htm
O8 - Extra context menu item: Fill Forms - file://C:\Program Files\Siber Systems\AI

RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: RoboForm Toolbar - file://C:\Program Files\Siber

Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Save Forms - file://C:\Program Files\Siber Systems\AI

RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Common

Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} -

file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} -

file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program

Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} -

file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} -

C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} -

file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: RoboForm Toolbar -

{724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI

RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} -

C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call -

{898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet

Explorer\skypeieplugin.dll
O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program

Files\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll
O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} -

C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra 'Tools' menuitem: Sothink SWF Catcher -

{E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF

Catcher\InternetExplorer.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} -

C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 -

{e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O10 - Unknown file in Winsock LSP: c:\documents and settings\all users\application

data\megamedia\megakey\msadm.dll
O10 - Unknown file in Winsock LSP: c:\documents and settings\all users\application

data\megamedia\megakey\msadm.dll
O10 - Unknown file in Winsock LSP: c:\documents and settings\all users\application

data\megamedia\megakey\msadm.dll
O10 - Unknown file in Winsock LSP: c:\documents and settings\all users\application

data\megamedia\megakey\msadm.dll
O10 - Unknown file in Winsock LSP: c:\documents and settings\all users\application

data\megamedia\megakey\msadm.dll
O10 - Unknown file in Winsock LSP: c:\documents and settings\all users\application

data\megamedia\megakey\msadm.dll
O10 - Unknown file in Winsock LSP: c:\documents and settings\all users\application

data\megamedia\megakey\msadm.dll
O10 - Unknown file in Winsock LSP: c:\documents and settings\all users\application

data\megamedia\megakey\msadm.dll
O10 - Unknown file in Winsock LSP: c:\documents and settings\all users\application

data\megamedia\megakey\msadm.dll
O10 - Unknown file in Winsock LSP: c:\documents and settings\all users\application

data\megamedia\megakey\msadm.dll
O10 - Unknown file in Winsock LSP: c:\documents and settings\all users\application

data\megamedia\megakey\msadm.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program

Files\AVG\AVG10\avgpp.dll (file missing)
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -

C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O22 - SharedTaskScheduler: Browseui preloader -

{438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon -

{8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: ObjectDockShellExt -

{1984D045-52CF-49cd-DB77-08F378FEA4DB} - C:\Program

Files\Stardock\ObjectDockPlus2\ODMenu.dll
O23 - Service: AVGIDSAgent - Unknown owner - C:\Program Files\AVG\AVG10\Identity

Protection\Agent\Bin\AVGIDSAgent.exe (file missing)
O23 - Service: Kaspersky Anti-Virus Service (AVP) - Kaspersky Lab ZAO - C:\Program

Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program

Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. -

C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Hotspot Shield Service (hshld) - Unknown owner - C:\Program

Files\Hotspot Shield\bin\openvpnas.exe
O23 - Service: Hotspot Shield Routing Service (HssSrv) - AnchorFree Inc. - C:\Program

Files\Hotspot Shield\HssWPR\hsssrv.exe
O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner -

C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE
O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - C:\Program

Files\Hotspot Shield\bin\hsswd.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc.

- C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Macro Expert - Unknown owner - c:\program files\grasssoft\macro

expert\MacroService.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program

Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG -

C:\Program Files\Nero\Update\NASvc.exe
O23 - Service: NMSAccess - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: Sandboxie Service (SbieSvc) - SANDBOXIE L.T.D - C:\Minion

Tools\Sandboxie v3.58\SbieSvc.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common

Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common

Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: wampapache - Apache Software Foundation -

c:\wamp\bin\apache\apache2.2.17\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner -

c:\wamp\bin\mysql\mysql5.5.8\bin\mysqld.exe

--
End of file - 20664 bytes

Symptoms:
-Internet Explorer will randomly open up an advertisement every once in a while
-Sometimes a .PNG with a random filename will ask me permission to save it, it says it's from some /Local/ folder.
-A Firefox Addon called "XUL Cache 1.0" asked to be installed to Firefox. I denied it. Haven't done much research on it yet but I think I saw something saying it was a "virus" or adware. Probably the biggest lead to what the problem is
-Get an error when I try to install AVG (not sure if related)
-Keep getting automatically signed out of MSN whenever I log on, have to restart the client to sign back on when this happens or else it will just stay in an infinite connecting loop, but then it will just fail again. (Not sure if related)

Anyone have any ideas?

Malwarebytes : Free anti-malware, anti-virus and spyware removal download

That will sort you out with most of the crapware that gets on our machines now and again.

Wait what?!

Why did you make the thread here? /facefloor

Moving this to Anti malware.

Quote:

---

Originally Posted by deano20010

Malwarebytes : Free anti-malware, anti-virus and spyware removal download

That will sort you out with most of the crapware that gets on our machines now and again.

---

Already have it. Did a full scan, but nothing. As weird as it sounds I restarted and I think it's just... gone. Nothing suspicious in my processes. Going to take a look at the start up files if it happens again.

Quote:

---

Originally Posted by bullpop

Wait what?!

Why did you make the thread here? /facefloor

Moving this to Anti malware.

---

Like I said in the original post's edit. I have no idea -- I had the anti malware section opened and everything. This kind of thing has happened before, suppose it's just a glitch.

Scan with 'CCleaner', 'Spybot S&D' and lastly with 'ComboFix'
/gewd

I won't even start about how shitty it is to have more AVs (ends up causing more harm than good, they often tend to conflict with each other and end up letting more viruses through than catching them by themselves). If I would hazard a guess, I would say it's probably MegaKey or something, I know they earn money by switching ads, they might have gone on to force them otherwise boh1

Or give Spybot SND a shot, Combofix is awesome too. Two best tools for getting rid of spyware and similar malware, and you're better off asking someone who does this professionally, there are quite a few forums where you can get help with malware boh1

Quote:

---

Originally Posted by Santa

I won't even start about how shitty it is to have more AVs (ends up causing more harm than good, they often tend to conflict with each other and end up letting more viruses through than catching them by themselves). If I would hazard a guess, I would say it's probably MegaKey or something, I know they earn money by switching ads, they might have gone on to force them otherwise boh1

Or give Spybot SND a shot, Combofix is awesome too. Two best tools for getting rid of spyware and similar malware, and you're better off asking someone who does this professionally, there are quite a few forums where you can get help with malware boh1

---

You might be right about that. Regardless of what it was, it's gone now.