[and another one] -

and another one
Discuss and another one

Posted by: adamhic

Hey guys ran into another computer with problems let me know what you think. thankx

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\System32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr__.exe
C:\PROGRA~1\NORTON~1\navapw32.exe
C:\Program Files\AWS\WeatherBug\Weather.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Lexmark X74-X75\lxbbbmon.exe
C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Programs\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R3 - URLSearchHook: (no name) - {87766247-311C-43B4-8499-3D5FEC94A183} - (no file)
F3 - REG:win.ini: load=iexpIore.exe
F3 - REG:win.ini: run=iexpIore.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Default web browser] C:\WINDOWS\system32\iexpIore.exe
O4 - HKLM\..\Run: [Lexmark X74-X75] "C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe"
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr__.exe
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\RunServices: [Default web browser] C:\WINDOWS\system32\iexpIore.exe
O4 - HKCU\..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe 1
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [Consumer Input] C:\Program Files\Consumer Input\ConsumerInput.exe
O4 - HKCU\..\Run: [Consumer Input Update] C:\Program Files\Consumer Input\ConsumerInputUa.exe
O4 - HKCU\..\Run: [Forrester Panel] C:\Program Files\Forrester Panel\ForresterPanel.exe
O4 - HKCU\..\Run: [Forrester Panel Update] C:\Program Files\Forrester Panel\ForresterPanelUa.exe
O4 - HKCU\..\Run: [SAMCluster] C:\Program Files\Survey Alerts Manager\skinkers.exe
O4 - HKCU\..\Run: [WinTools] C:\PROGRA~1\COMMON~1\WinTools\WToolsA.exe
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe"
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &Search - [url]http://bar.mywebsearch.com/menusearch.html?p=ZUxdm068YYUS[/url]
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=about:blank
O16 - DPF: 3 Point Showdown by pogo - [url]http://threepoint01.pogo.com/applet/threepoint/threepoint-ob-assets.cab[/url]
O16 - DPF: 6th Street Omaha Poker by pogo - [url]http://game1.pogo.com/applet-6.1.5.21/omaha/omaha-ob-assets.cab[/url]
O16 - DPF: Aces Up! by pogo - [url]http://game1.pogo.com/applet-6.1.3.21/aces/aces-ob-assets.cab[/url]
O16 - DPF: Ali Baba Slots TM by pogo - [url]http://slots.pogo.com/applet-5.9.4.22/slots/alibaba-ob-assets.cab[/url]
O16 - DPF: Animal Ark by pogo - [url]http://playweb12.pogo.com/applet-6.1.4.22/animal/animal-ob-assets.cab[/url]
O16 - DPF: Backgammon by pogo - [url]http://gammon.pogo.com/applet-6.1.0.39/backgammon/backgammon-ob-assets.cab[/url]
O16 - DPF: Blackjack by pogo - [url]http://game1.pogo.com/applet-6.2.1.27/blackjack/blackjack-ob-assets.cab[/url]
O16 - DPF: Buckaroo Blackjack TM by pogo - [url]http://vbjack.pogo.com/applet-6.0.0.32/videoblackjack/videoblackjack-ob-assets.cab[/url]
O16 - DPF: Bump by pogo - [url]http://ea03.pogo.com/applet/bump/bump-ob-assets.cab[/url]
O16 - DPF: Canasta by pogo - [url]http://game1.pogo.com/applet-6.1.4.22/canasta/canasta-ob-assets.cab[/url]
O16 - DPF: Checkers by pogo - [url]http://game1.pogo.com/applet-6.1.4.22/checkers2/checkers-ob-assets.cab[/url]
O16 - DPF: Chess by pogo - [url]http://chess2.pogo.com/applet-5.8.5.28/chess2/chess2-ob-assets.cab[/url]
O16 - DPF: Cribbage by pogo - [url]http://crib.pogo.com/applet-5.8.6.20/cribbage/cribbage-ob-assets.cab[/url]
O16 - DPF: Dice Derby by pogo - [url]http://game1.pogo.com/applet-6.1.3.28/checkeredflag/checkeredflag-ob-assets.cab[/url]
O16 - DPF: Dominoes by pogo - [url]http://domino.pogo.com/applet-5.8.5.21/domino/domino-ob-assets.cab[/url]
O16 - DPF: Double Deuce Poker by pogo - [url]http://doublebonus.pogo.com/applet/videopoker2/doubledeuce-ob-assets.cab[/url]
O16 - DPF: Euchre by pogo - [url]http://euchre.pogo.com/applet-6.0.2.29/euchre/euchre-ob-assets.cab[/url]
O16 - DPF: First Class Solitaire by pogo - [url]http://solitaire.pogo.com/applet-5.9.4.22/solitaire2/solitaire2-ob-assets.cab[/url]
O16 - DPF: Fortune Bingo by pogo - [url]http://superbingo.pogo.com/applet-6.0.0.32/superbingo/superbingo-ob-assets.cab[/url]
O16 - DPF: Greenback Bayou by pogo - [url]http://greenback.pogo.com/applet-5.9.3.38/greenback/greenback-ob-assets.cab[/url]
O16 - DPF: Harvest Mania by pogo - [url]http://game1.pogo.com/applet-6.1.5.21/harvest/harvest-ob-assets.cab[/url]
O16 - DPF: Hearts by pogo - [url]http://hearts.pogo.com/applet-5.9.5.37/hearts/hearts-ob-assets.cab[/url]
O16 - DPF: High Stakes Poker by pogo - [url]http://game1.pogo.com/applet-6.1.5.21/drawpoker/drawpoker-ob-assets.cab[/url]
O16 - DPF: High Stakes Pool by pogo - [url]http://game1.pogo.com/applet-6.1.3.28/pool2/pool-ob-assets.cab[/url]
O16 - DPF: Its Outta Here 2 by pogo - [url]http://itsout.pogo.com/applet-5.8.5.28/itsoutofhere/itsoutofhere-ob-assets.cab[/url]
O16 - DPF: Jigsaw Detective by pogo - [url]http://game1.pogo.com/applet-6.1.4.29/jigsaw/jigsaw-ob-assets.cab[/url]
O16 - DPF: Jokers Wild Poker by pogo - [url]http://vpjoke.pogo.com/applet-5.9.3.29/videopoker2/jokerswild-ob-assets.cab[/url]
O16 - DPF: Jungle Gin by pogo - [url]http://game1.pogo.com/applet-6.2.1.27/gin/gin-ob-assets.cab[/url]
O16 - DPF: Keno by pogo - [url]http://keno.pogo.com/applet-5.8.4.18/keno/keno-ob-assets.cab[/url]
O16 - DPF: Lottso by pogo - [url]http://game1.pogo.com/applet-6.1.5.21/lottso/lottso-ob-assets.cab[/url]
O16 - DPF: Mah Jong Garden by pogo - [url]http://mahjong2.pogo.com/applet-5.9.0.18/mahjong/mahjong-ob-assets.cab[/url]
O16 - DPF: Multiline Slots by pogo - [url]http://game6.pogo.com/applet-6.1.1.21/mlslots/mlslots-ob-assets.cab[/url]
O16 - DPF: NASCAR Web Racing by pogo - [url]http://nascar.pogo.com/applet-5.9.2.38/nascar/nascar-ob-assets.cab[/url]
O16 - DPF: Pai Gow by pogo - [url]http://game3.pogo.com/applet-6.0.3.28/paigow/paigow-ob-assets.cab[/url]
O16 - DPF: Payday FreeCell by pogo - [url]http://freecell.pogo.com/applet-5.8.6.20/freecell/freecell-ob-assets.cab[/url]
O16 - DPF: Pebble Beach 3 Hole Challenge by pogo - [url]http://threehole.pogo.com/applet-5.9.0.18/threehole/threehole-ob-assets.cab[/url]
O16 - DPF: Perfect Pair Solitaire by pogo - [url]http://game1.pogo.com/applet-6.2.0.37/waterwheel/waterwheel-ob-assets.cab[/url]
O16 - DPF: Perfect Passer by pogo - [url]http://perfectpasser.pogo.com/applet-5.8.4.24/perfectpasser/perfectpasser-ob-assets.cab[/url]
O16 - DPF: Phlinx by pogo - [url]http://game1.pogo.com/applet-6.1.3.28/flinger/flinger-ob-assets.cab[/url]
O16 - DPF: Pinochle by pogo - [url]http://game4.pogo.com/applet-6.0.3.28/pinochle/pinochle-ob-assets.cab[/url]
O16 - DPF: Pirate's Gold by pogo - [url]http://solitaire30.pogo.com/applet-5.8.3.26/piratesgold/piratesgold-ob-assets.cab[/url]
O16 - DPF: Pop Fu by pogo - [url]http://popfu.pogo.com/applet-5.8.6.20/popfu/popfu-ob-assets.cab[/url]
O16 - DPF: Poppit by pogo - [url]http://game1.pogo.com/applet-6.2.0.30/poppit2/poppit2-ob-assets.cab[/url]
O16 - DPF: Poppit TM by pogo - [url]http://game5.pogo.com/applet-6.1.1.29/poppit/poppit-ob-assets.cab[/url]
O16 - DPF: Quick Shot by pogo - [url]http://quickshot01.pogo.com/applet/quickshot/quickshot-ob-assets.cab[/url]
O16 - DPF: Ricochet by pogo - [url]http://game4.pogo.com/applet-6.1.0.39/ricochet/ricochet-ob-assets.cab[/url]
O16 - DPF: Showbiz Slots 2 by pogo - [url]http://showbiz2.pogo.com/applet-5.9.5.37/slots/showbiz2-ob-assets.cab[/url]
O16 - DPF: Showbiz Slots by pogo - [url]http://showbiz.pogo.com/applet-5.8.1.28/slots/showbiz-ob-assets.cab[/url]
O16 - DPF: Spades by pogo - [url]http://spades.pogo.com/applet-5.9.5.30/spades/spades-ob-assets.cab[/url]
O16 - DPF: Spider Solitaire by pogo - [url]http://game4.pogo.com/applet-6.1.1.21/spider/spider-ob-assets.cab[/url]
O16 - DPF: Squelchies by pogo - [url]http://squelchies.pogo.com/applet-5.9.5.30/squelchies/squelchies-ob-assets.cab[/url]
O16 - DPF: Sweet Tooth TM by pogo - [url]http://sweettooth.pogo.com/applet-6.0.1.20/sweettooth/sweettooth-ob-assets.cab[/url]
O16 - DPF: Tank Hunter by pogo - [url]http://play03.pogo.com/applet/tank/tank-ob-assets.cab[/url]
O16 - DPF: Texas Hold'em Poker by pogo - [url]http://holdem2.pogo.com/applet-5.9.2.31/holdem/holdem-ob-assets.cab[/url]
O16 - DPF: The Sims Pinball by pogo - [url]http://game1.pogo.com/applet-6.1.4.29/simball/simball-ob-assets.cab[/url]
O16 - DPF: Top Down Baseball by pogo - [url]http://topdown02.pogo.com/applet/topdown/topdown-ob-assets.cab[/url]
O16 - DPF: Top Down Baseball Challenge by pogo - [url]http://topdown2.pogo.com/applet-5.8.2.19/topdown2/topdown2-ob-assets.cab[/url]
O16 - DPF: Tri-Peaks by pogo - [url]http://game1.pogo.com/applet-6.1.3.28/peaks/peaks-ob-assets.cab[/url]
O16 - DPF: Tube Runner by pogo - [url]http://ea03.pogo.com/applet/tube/tube-ob-assets.cab[/url]
O16 - DPF: Tumble Bees by pogo - [url]http://jumbee.pogo.com/applet-6.0.2.29/jumbee/jumbee-ob-assets.cab[/url]
O16 - DPF: Turbo 21 TM by pogo - [url]http://game1.pogo.com/applet-6.1.1.29/turbo21/turbo21-ob-assets.cab[/url]
O16 - DPF: Vert Skater by pogo - [url]http://vertskater.pogo.com/applet/vertskater/vertskater-ob-assets.cab[/url]
O16 - DPF: Video Poker by pogo - [url]http://vpoker.pogo.com/applet-6.0.3.28/videopoker2/videopoker-ob-assets.cab[/url]
O16 - DPF: Word Whomp Whackdown by pogo - [url]http://whackdown.pogo.com/applet-5.9.4.30/whackdown/whackdown-ob-assets.cab[/url]
O16 - DPF: WordJong by pogo - [url]http://game1.pogo.com/applet-6.1.3.28/wordjong/wordjong-ob-assets.cab[/url]
O16 - DPF: World Class Solitaire by pogo - [url]http://game4.pogo.com/applet-6.1.1.21/worldclass/worldclass-ob-assets.cab[/url]
O16 - DPF: Yahoo! Dots - [url]http://download.games.yahoo.com/games/clients/y/dtt1_x.cab[/url]
O16 - DPF: Yahoo! Go Fish - [url]http://download.games.yahoo.com/games/clients/y/zt3_x.cab[/url]
O16 - DPF: Yahoo! Towers 2.0 - [url]http://download.games.yahoo.com/games/clients/y/ywt0_x.cab[/url]
O16 - DPF: {084F552D-19EB-4668-9788-984CBC781A8F} (AsyncDownloader Class) - [url]http://survey.otxresearch.com/Preloader.dll[/url]
O16 - DPF: {0A891521-685E-4B6D-A9FD-759BB2CD6A66} (SecureImage Control) - [url]http://www.psbwebsurveys.com/secure/SecureImage.cab[/url]
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - [url]http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB[/url]
O16 - DPF: {2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C} (MiniBugTransporterX Class) - [url]http://wdownload.weatherbug.com/minibug/tricklers/AWS/MiniBugTransporter.cab?[/url]
O16 - DPF: {3A7FE611-1994-4EF1-A09F-99456752289D} - [url]http://install.wildtangent.com/ActiveLauncher/ActiveLauncher.cab[/url]
O16 - DPF: {4C226336-4032-489F-9674-67E74225979B} - [url]http://www.otxresearch.com/OTXMedia/OTXMedia.dll[/url]
O16 - DPF: {525A15D0-4938-11D4-94C7-0050DA20189B} (SnoopyCtrl Class) - [url]http://www.easports.com/downloads/games/common/snoopy/iesnoopy.cab[/url]
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) - [url]http://us.games2.yimg.com/download.games.yahoo.com/games/play/client/exentctl_0_0_0_1.ocx[/url]
O16 - DPF: {70522FA2-4656-11D5-B0E9-0050DAC24E8F} - [url]http://cc.iwon.com/ct/pm3/iwonpm_12_1,0,2,5.cab[/url]
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - [url]http://www.nick.com/common/groove/gx/GrooveAX28.cab[/url]
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - [url]http://www.worldwinner.com/games/shared/wwlaunch.cab[/url]
O16 - DPF: {91602283-B7B5-11D3-A32A-005004B0E00E} (DiscoverWhy Class) - [url]http://216.132.173.29/CabFiles/dwInfo.cab[/url]
O16 - DPF: {92CA8ACC-4E99-4A2A-93F1-B2C5CADC8613} (NMInstall Control) - [url]http://a14.g.akamai.net/f/14/7141/1d/www.nielsennetpanel.com/netmeter4_5/nminstall_en_4.52.30.0_SILENT_2.cab[/url]
O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} (cpbrkpie Control) - [url]http://a19.g.akamai.net/7/19/7125/4021/ftp.coupons.com/v3123/cpbrkpie.cab[/url]
O16 - DPF: {9D8D7672-93FF-417E-9024-C16AD141C50C} (Haunted Control) - [url]http://www.worldwinner.com/games/v48/haunted/haunted.cab[/url]
O16 - DPF: {A48D0309-8DA3-41AA-98E4-89194D471890} (Pulse V5 ActiveX Control) - [url]http://www.pulse3d.com/players/english/5.2/win/PulsePlayer5.2AxWin.cab[/url]
O16 - DPF: {A922B6AB-3B87-11D3-B3C2-0008C7DA6CB9} (InetDownload Class) - [url]https://media.pineconeresearch.com/ActiveX/downloadcontrol.cab[/url]
O16 - DPF: {B991DA79-51F7-4011-98D2-1F2592E82A56} (ACNPlayer2 Class) - [url]http://204.118.132.145/2_0/ACNePlayer.cab[/url]
O16 - DPF: {C02226EB-A5D7-4B1F-BD7E-635E46C2288D} (Toontown Installer ActiveX Control) - [url]http://download.toontown.com/sv1.0.14.17/ttinst.cab[/url]
O16 - DPF: {DE435CAE-6873-11D2-A750-00A024BB782C} (AppKeys Class) - [url]https://corr3.uni.edu/corridor-htdocs/appkeys.cab[/url]
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - [url]http://play05.pogo.com/game/deluxe/zuma/popcaploader_v5.cab[/url]
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

Posted by: Lobos

Hi adamhic

[b]Please follow these steps in order to clean your computer of [url=http://www.bleepingcomputer.com/forums/compupedia227.html]Malware[/url] which can include Viruses, Trojans, Worms, Spyware, Hijackers and Dialers.[/b]

[b][COLOR=red]Step 1:[/COLOR][/b]
Download Spybot and Adaware from the following locations and install them. You should run [b]both[/b] programs and clean up what it finds. This is to gaurantee that you find the most malware you can installed on your computer.

Before running the scans on both programs, it is [b]mandatory[/b] that you update the programs. There are update options in each program when you run them.

[URL=http://www.safer-networking.org/index.php?page=download]Spybot[/URL]

[URL=http://www.lavasoftusa.com/software/adaware/]Ad-aware[/URL]

If you would like to learn more about how to use these two programs with the proper settings you can read the tutorials below:

[url=http://www.bleepingcomputer.com/forums/tutorial48.html]Using Ad-aware to remove Spyware, Malware, & Hijackers from Your Computer.[/url]

[url=http://www.bleepingcomputer.com/forums/tutorial43.html]Using Spybot - Search & Destroy to remove Spyware, Malware, & Hijackers from Your Computer.[/url]

When you scan with both programs, fix everything that it finds.

When you are done with the scan and fixing the items.

Reboot between each one

Next

Please run these two online scans. Make sure they are set to clean automatically:

[URL=http://housecall.trendmicro.com/]TrendMicro's HouseCall[/URL]
[URL=http://www.pandasoftware.com/activescan/]ActiveScan[/URL]

You should try to delete any files that these scanners are unable to clean. Then let us know if its working better and what the scans found.

Post another high jack this log with the header also and any of the av scans that could not be cleaned

Lobos

Posted by: Warez Monster

Remove entries at your own risk

R3 - URLSearchHook: (no name) - {87766247-311C-43B4-8499-3D5FEC94A183} - (no file) Should be fixed.

O4 - HKLM\..\Run: [Default web browser] C:\WINDOWS\system32\iexpIore.exe Added as a result of the OBLIVION.B VIRUS! Note - don not confuse "IexpIore.exe" with "iexplore.exe" (Internet Explorer), the first has a captial "i" in place of lower case "L Must be fixed!

O4 - HKLM\..\RunServices: [Default web browser] C:\WINDOWS\system32\iexpIore.exe Added as a result of the OBLIVION.B VIRUS! Note - don not confuse "IexpIore.exe" with "iexplore.exe" (Internet Explorer), the first has a captial "i" in place of lower case "L" Must be fixed!

O4 - HKCU\..\Run: [WinTools] C:\PROGRA~1\COMMON~1\WinTools\WToolsA.exe WinTools adware Must be fixed!

O8 - Extra context menu item: &Search - [url]http://bar.mywebsearch.com/menusear...?p=ZUxdm068YYUS[/url] The entry &Search has been identified as nasty.

O14 - IERESET.INF: START_PAGE_URL=about :blank This entry should be fixed if this address does not belong to your PC-manufacturer or your 'Internet-Service-Provider (ISP)'. This entry should be fixed if 'about :blank' is not your PC-manufacturer or your 'Internet-Service-Provider (ISP)'.

O16 - DPF: {084F552D-19EB-4668-9788-984CBC781A8F} (AsyncDownloader Class) - [url]http://survey.otxresearch.com/Preloader.dll[/url] This entry is possibly nasty. Should be fixed.

O16 - DPF: {92CA8ACC-4E99-4A2A-93F1-B2C5CADC8613} (NMInstall Control) - [url]http://a14.g.akamai.net/f/14/7141/1....0_SILENT_2.cab[/url] This entry is possibly nasty. Should be fixed.

O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} (cpbrkpie Control) - [url]http://a19.g.akamai.net/7/19/7125/4...23/cpbrkpie.cab[/url] This entry is possibly nasty. Should be fixed.