I need help please I'm running Win 7 on my laptop when I scanned with NOD32 it came up with WIN32/Olmarik in my operating memory. I tried to delete it with no success. Then I downloaded Malware but it didn't want to update then I tried Super anti spyware didn't help. I took the harddrive and installed it in my desktop and tried to kill it that way but no the devil is still much alive. Can anyone please help me...

Hello Bennief and welcome to the forum

Could you please click the Prework link in my signature, follow the instructions and post back the requested logs.

This will give our security team the information they need to start removing any malware.

I have moved your thread to the New Hijackthis Logs forum in await of your reply

Regards,

Smokeycheech

I've analyzed mt machine attached the results,

[COLOR=#0]PCHF System Analyzer 1.14
http://www.pchelpforum.com/
07-16-2010 21:27:06

=============================================================================================================================

System manufacturer: Hewlett-Packard
System productname: Compaq Presario CQ60 Notebook PC

BIOS vendor: Hewlett-Packard

Motherboard: 3612 | Wistron
Processor: Pentium(R) Dual-Core CPU T4200 @ 2.00GHz | CPU | GenuineIntel

Memory: 2.93 GB

=============================================================================================================================

Operating System: Microsoft Windows 7 Ultimate | 6.1.7600 | 32 bit | OEM

Installation date: 14-Jan-10 14:13:19

=============================================================================================================================

Internet Explorer: 8.00.7600.16385
Windows Media Player: 12.0.7600.16385
Windows Installer: 5.0.7600.16385



[PROCESSES] =================================================================================================================

06/24/2010 09:27:12 | 000 810 144 | ----- | (ESET) - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [1684]
06/17/2009 12:21:20 | 000 073 728 | ----- | (Hewlett-Packard Company) - C:\Program Files\Common Files\LightScribe\LSSrvc.exe [1856]
01/28/2010 14:54:36 | 000 045 056 | ----- | (N/A) - C:\Program Files\MagicTune Premium\MagicTuneEngine.exe [1976]
09/23/2009 13:38:18 | 000 935 208 | ----- | (Nero AG) - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2012]
02/11/2010 13:42:32 | 000 172 328 | ----- | (TeamViewer GmbH) - C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe [1664]
04/14/2010 15:06:03 | 000 300 656 | ----- | (Speedbit Ltd.) - C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe [1260]
10/18/2007 01:37:04 | 000 386 560 | ----- | (Conexant Systems, Inc.) - C:\Windows\system32\drivers\xaudio.exe [1920]
11/04/2008 11:39:20 | 000 014 336 | ----- | (Vodafone) - C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [1940]
05/08/2007 16:24:20 | 000 054 840 | ----- | (Hewlett-Packard) - C:\Program Files\HP\HP Software Update\hpwuSchd2.exe [3248]
01/14/2010 18:42:46 | 000 144 784 | ----- | (Sun Microsystems, Inc.) - C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [3256]
04/17/2008 20:05:10 | 001 049 896 | ----- | (Synaptics, Inc.) - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3284]
04/17/2008 20:05:20 | 000 103 720 | ----- | (Synaptics, Inc.) - C:\Program Files\Synaptics\SynTP\SynTPHelper.exe [3348]
04/06/2010 10:35:14 | 000 141 848 | ----- | (Intel Corporation) - C:\Windows\system32\igfxtray.exe [3380]
04/06/2010 10:35:08 | 000 175 640 | ----- | (Intel Corporation) - C:\Windows\system32\hkcmd.exe [3404]
04/06/2010 10:35:12 | 000 169 496 | ----- | (Intel Corporation) - C:\Windows\system32\igfxpers.exe [3424]
03/26/2010 10:52:24 | 001 234 216 | ----- | (Nero AG) - C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe [3476]
06/24/2010 09:27:06 | 002 202 704 | ----- | (ESET) - C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [3576]
01/15/2010 15:33:31 | 001 417 293 | ----- | (Novell, Inc.) - C:\Novell\Messenger\NMCL32.exe [3596]
10/09/2009 16:47:24 | 025 623 336 | R---- | (Skype Technologies S.A.) - C:\Program Files\Skype\Phone\Skype.exe [3620]
06/17/2009 12:13:36 | 002 363 392 | ----- | (Hewlett-Packard Company) - C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [3636]
04/14/2010 15:06:03 | 000 140 920 | ----- | (Speedbit Ltd.) - C:\PROGRA~1\SPEEDB~1\VideoAcceleratorEngine.exe [3788]
06/29/2010 19:48:45 | 002 403 568 | ----- | (SUPERAntiSpyware.com) - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [3808]
01/28/2010 14:54:35 | 000 036 864 | ----- | (N/A) - C:\Program Files\MagicTune Premium\GammaTray.exe [3900]
10/09/2009 16:47:24 | 000 078 008 | R---- | (Skype Technologies) - C:\Program Files\Skype\Plugin Manager\skypePM.exe [3692]
03/25/2010 14:39:22 | 000 490 280 | ----- | (Nero AG) - C:\Program Files\Nero\Update\NASvc.exe [2956]
01/14/2010 18:42:46 | 000 329 104 | ----- | (Sun Microsystems, Inc.) - C:\Program Files\Java\jre1.6.0_07\bin\jucheck.exe [5360]
09/23/2009 22:19:52 | 000 116 280 | ----- | (Hewlett-Packard Co.) - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_clipbook.exe [3700]
07/16/2010 19:18:39 | 001 935 120 | ----- | (Emsi Software GmbH) - C:\Program Files\Emsisoft Anti-Malware\a2service.exe [4888]
07/15/2010 20:46:38 | 000 434 192 | ----- | (N/A) - C:\Program Files\Core Temp\Core Temp.exe [3176]
01/01/2007 23:22:02 | 003 739 648 | ----- | (Google) - C:\Program Files\Google\Google Talk\googletalk.exe [6040]


[PCHF HIJACK LOG] ===========================================================================================================

Blank Page: res://mshtml.dll/blank.htm
Desktop Navigation Failure: res://ieframe.dll/navcancl.htm
InPrivate Page: res://ieframe.dll/inprivate.htm
Navigation Canceled: res://ieframe.dll/navcancl.htm
Navigation Failure: res://ieframe.dll/navcancl.htm
No Add-ons: res://ieframe.dll/noaddon.htm
No Add-ons Info: res://ieframe.dll/noaddoninfo.htm
Offline Information: res://ieframe.dll/offcancl.htm
Webpage has expired: res://ieframe.dll/repost.htm
Security Risk: res://ieframe.dll/securityatrisk.htm
Tab page: hxxp://home.speedbit.com/tab/?aff=205

HKLM\Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=69157
HKLM\Default_Search_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM\Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM\Start Page: hxxp://go.microsoft.com/fwlink/?LinkId=69157

HKCU\Search Page: N/A
HKCU\Start Page: hxxp://www.google.com/

Hosts: 192.168.28.21 merlot


=============================================================================================================================

BHO: {0347C33E-8762-4905-BF09-768834316C61} HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office14\GROOVEEX.dll
BHO: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
BHO: {9030D464-4C02-4ABF-8ECC-5164760863C6} Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: {AA58ED58-01DD-4d91-8333-CF10577473F7} Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll
BHO: {B4F3A835-0E21-4959-BA22-42B3008E02FF} Office Document Cache Handler - C:\Program Files\Microsoft Office\Office14\URLREDIR.dll
BHO: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

TB: {2318C2B1-4965-11d4-9B18-009027A5CD4F} Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} Java Runtime Environment 1.6.0 - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} Java Runtime Environment 1.6.0 - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} Java Runtime Environment 1.6.0 - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

SEH: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} Groove GFS Stub Execution Hook - C:\Program Files\Microsoft Office\Office14\GROOVEEX.dll

URLSH: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Microsoft Url Search Hook - C:\Windows\system32\ieframe.dll

PF: {807573E5-5146-11D5-A672-00B0D022E945} text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll

PH: {828030A1-22C1-4009-854F-8E305202313F} livecall - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll
PH: {314111c7-a502-11d2-bbca-00c04f8ec294} ms-help - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
PH: {828030A1-22C1-4009-854F-8E305202313F} msnim - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll
PH: {3D206AE2-3039-413B-B748-3ACC562EC22A} nim - C:\Novell\Messenger\nmcg32.dll
PH: {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} skype4com - C:\Program Files\Common Files\Skype\Skype4COM.dll
PH: {03C514A3-1EFB-4856-9F99-10D7BE1653C0} wlmailhtml - C:\Program Files\Windows Live\Mail\mailcomm.dll

IE: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} Sun Java Console - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll - (COM)
IE: {48E73304-E1D6-4330-914C-F5F514E3486C} Send to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll - (COM)
IE: {FFFDC614-B694-4AE6-AB38-5D6374584B52} OneNote Lin&ked Notes - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll - (COM)
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} Show or hide HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll - (COM)

IE: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.exe/3000
IE: Free YouTube Download - C:\Users\Bennie\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm
IE: Free YouTube to Mp3 Converter - C:\Users\Bennie\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm
IE: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: Se&nd to OneNote - res:///105

Notifier: igfxcui - igfxdev.dll


[STARTUP] ===================================================================================================================

USER: C:\Users\Bennie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
USER: C:\Users\Bennie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
COMMON: C:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
COMMON: C:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\GammaTray.lnk
HKLM R: HP Software Update - C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
HKLM R: SunJavaUpdateSched - "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
HKLM R: UCam_Menu - "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\2.0"
HKLM R: UpdatePSTShortCut - "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
HKLM R: SynTPEnh - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
HKLM R: googletalk - C:\Program Files\Google\Google Talk\googletalk.exe /autostart
HKLM R: Adobe Reader Speed Launcher - "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
HKLM R: BCSSync - "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
HKLM R: IgfxTray - C:\Windows\system32\igfxtray.exe
HKLM R: HotKeysCmds - C:\Windows\system32\hkcmd.exe
HKLM R: Persistence - C:\Windows\system32\igfxpers.exe
HKLM R: Adobe ARM - "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKLM R: NBAgent - "C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart
HKLM R: egui - "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
HKLM R: Malwarebytes Anti-Malware (reboot) - "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
HKLM R: a-squared - "C:\Program Files\EMSISOFT ANTI-MALWARE\a2guard.exe" /d=60
HKCU R: Novell Messenger - "C:\Novell\Messenger\NMCL32.exe"
HKCU R: Skype - "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
HKCU R: LightScribe Control Panel - C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
HKCU R: OfficeSyncProcess - C:\Program Files\Microsoft Office\Office14\MSOSYNC.exe
HKCU R: IncrediMail - C:\Program Files\IncrediMail\bin\IncMail.exe /c
HKCU R: Sidebar - C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
HKCU R: swg - "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
HKCU R: Software Informer - "C:\Program Files\Software Informer\softinfo.exe" -autorun
HKCU R: SUPERAntiSpyware - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe


[SERVICES] ==================================================================================================================

EhttpSrv -- "C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe"
ekrn -- "C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe"
fsssvc -- "C:\Program Files\Windows Live\Family Safety\fsssvc.exe"
gupdate -- "C:\Program Files\Google\Update\GoogleUpdate.exe" /svc
gusvc -- "C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"
hpqcxs08 -- C:\Windows\system32\svchost.exe -k hpdevmgmt
hpqddsvc -- C:\Windows\system32\svchost.exe -k hpdevmgmt
HPSLPSVC -- C:\Windows\system32\svchost.exe -k HPService
IDriverT -- "C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe"
LightScribeService -- "C:\Program Files\Common Files\LightScribe\LSSrvc.exe"
MagicTuneEngine -- C:\Program Files\MagicTune Premium\MagicTuneEngine.exe
Microsoft SharePoint Workspace Audit Service -- "C:\Program Files\Microsoft Office\Office14\GROOVE.exe" /auditservice
NAUpdate -- "C:\Program Files\Nero\Update\NASvc.exe"
Nero BackItUp Scheduler 4.0 -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
Net Driver HPZ12 -- C:\Windows\system32\svchost.exe -k HPZ12
ose -- "C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.exe"
osppsvc -- "C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.exe"
Pml Driver HPZ12 -- C:\Windows\system32\svchost.exe -k HPZ12
TeamViewer5 -- "C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe" -service
VideoAcceleratorService -- C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe -start -scm
VMCService -- "C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe"
WatAdminSvc -- C:\Windows\system32\Wat\WatAdminSvc.exe
XAudioService -- C:\Windows\system32\drivers\xaudio.exe
a2AntiMalware -- "C:\Program Files\Emsisoft Anti-Malware\a2service.exe"


[CREATED WITHIN LAST 30 DAYS] ===============================================================================================

06/24/2010 09:04:14 | 000 136 120 | ----- | (ESET) - C:\Windows\system32\drivers\eamonm.sys
07/11/2010 01:57:26 | 000 421 888 | ----- | (SafeApp Software, LLC) - C:\Windows\system32\ComputerUpdaterLM.ocx
07/11/2010 01:57:28 | 000 069 632 | ----- | (SafeApp Software, LLC) - C:\Windows\system32\CUUpdateComponent.ocx
07/11/2010 01:57:26 | 000 135 168 | ----- | (SafeApp Software, LLC) - C:\Windows\system32\SafeAppRichList.ocx

07/13/2010 13:11:56 | 000 000 000 | ----- | C:\Buziol Games
07/09/2010 14:04:37 | 000 000 000 | -H--- | C:\_SYNCAPP
07/16/2010 08:32:15 | 000 000 000 | ----- | C:\Users\Bennie\AppData\Roaming\SUPERAntiSpyware.com
07/16/2010 08:15:59 | 000 000 000 | ----- | C:\Users\Bennie\AppData\Local\Threat Expert
07/12/2010 16:28:01 | 000 000 000 | ----- | C:\programdata\Computer Updater
07/15/2010 19:07:11 | 000 000 000 | ----- | C:\programdata\ESET
07/09/2010 20:14:29 | 000 000 000 | ----- | C:\programdata\Google
07/16/2010 08:32:15 | 000 000 000 | ----- | C:\programdata\SUPERAntiSpyware.com
07/15/2010 19:03:55 | 000 000 000 | ----- | C:\programdata\Uniblue
07/09/2010 12:51:41 | 000 000 000 | ----- | C:\Program Files\Ask.com
07/15/2010 20:04:22 | 000 000 000 | ----- | C:\Program Files\Core Temp
07/16/2010 19:18:36 | 000 000 000 | ----- | C:\Program Files\Emsisoft Anti-Malware
07/15/2010 19:07:11 | 000 000 000 | ----- | C:\Program Files\ESET
07/05/2010 17:58:21 | 000 000 000 | ----- | C:\Program Files\FNB Digital Phone
07/12/2010 11:05:26 | 000 000 000 | ----- | C:\Program Files\Free Download Manager
07/16/2010 08:32:06 | 000 000 000 | ----- | C:\Program Files\SUPERAntiSpyware


[MODIFIED WITHIN LAST 30 DAYS] ==============================================================================================

07/16/2010 17:51:39 | 999 999 999 | -HS-- | (N/A) - C:\hiberfil.sys
07/16/2010 17:51:45 | 999 999 999 | -HS-- | (N/A) - C:\pagefile.sys
06/24/2010 09:04:14 | 000 136 120 | ----- | (ESET) - C:\Windows\system32\drivers\eamonm.sys
07/11/2010 01:57:26 | 000 421 888 | ----- | (SafeApp Software, LLC) - C:\Windows\system32\ComputerUpdaterLM.ocx
07/11/2010 01:57:28 | 000 069 632 | ----- | (SafeApp Software, LLC) - C:\Windows\system32\CUUpdateComponent.ocx
07/11/2010 01:57:26 | 000 135 168 | ----- | (SafeApp Software, LLC) - C:\Windows\system32\SafeAppRichList.ocx

06/25/2010 19:11:49 | 000 000 000 | ----- | C:\AILog.txt
07/16/2010 16:16:29 | 003 206 634 | -H--- | C:\Users\Bennie\AppData\Local\IconCache.db
07/16/2010 17:51:46 | 000 067 584 | --S-- | C:\Windows\bootstat.dat
07/15/2010 21:42:00 | 238 972 453 | ----- | C:\Windows\MEMORY.DMP
07/16/2010 17:57:00 | 000 014 016 | -H--- | C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
07/16/2010 17:57:00 | 000 014 016 | -H--- | C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
07/04/2010 16:51:43 | 000 002 577 | ----- | C:\Windows\system32\config.nt
07/16/2010 19:19:32 | 000 104 580 | ----- | C:\Windows\system32\perfc009.dat
07/16/2010 19:19:32 | 000 618 332 | ----- | C:\Windows\system32\perfh009.dat


[FILE ANALYSIS] =============================================================================================================

05/21/2009 18:57:00 | 000 622 592 | ----- | -- | C:\programdata\HP\LGT\Data\Evidencecollectors\EvidenceCollectorDebug.dll
05/21/2009 18:57:02 | 000 007 680 | ----- | -- | C:\programdata\HP\LGT 2.0\data\hplgtv_ENU.dll
05/21/2009 18:57:02 | 000 007 680 | ----- | -- | C:\programdata\HP\LGT 2.0\data\hplgtv_links.dll
05/21/2009 18:57:02 | 000 007 680 | ----- | -- | C:\programdata\HP\LGT 2.0\data\hplgtv_plugin.dll
05/21/2009 18:57:02 | 000 007 680 | ----- | -- | C:\programdata\HP\LGT 2.0\data\hplgtv_uicfg.dll
05/21/2009 18:57:02 | 000 007 680 | ----- | -- | C:\programdata\HP\LGT 2.0\data\Languages\en_ww\hplgtv_uienu.dll
05/21/2009 18:57:02 | 000 007 680 | ----- | -- | C:\programdata\HP\LGT 2.0\data\templates\hplgtv_template.dll
05/21/2009 18:57:02 | 000 007 680 | ----- | -- | C:\programdata\HP\LGT 2.0\data\templates\Images\hplgtv_timages.dll
05/16/2010 17:42:57 | 056 982 041 | ----- | -- | C:\programdata\Installations\{AB6F6C80-1C35-4672-BDEF-F26FF214C409}\Samsung_PC_Studio_7.2.24.9.exe
02/08/2010 14:27:41 | 000 086 016 | ----- | -- | C:\programdata\NOS\Adobe_Downloads\arh.exe
07/16/2010 09:00:08 | 000 052 224 | ----- | -- | C:\Users\Bennie\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
07/16/2010 09:00:10 | 000 063 488 | ----- | -- | C:\Users\Bennie\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
07/16/2010 09:00:05 | 000 117 760 | ----- | -- | C:\Users\Bennie\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.dll
01/14/2010 19:53:23 | 000 004 608 | ----- | -- | C:\Users\Bennie\AppData\Local\Apps\2.0\TKLGWE6G.0W5\VCBWV3JQ.VH6\goog...app_9a8dfcd080ccb114_0001.0002_e9d42247d19090d3\clickonce_bootstrap.exe
12/19/2006 20:25:44 | 000 089 016 | ----- | -- | C:\Users\Bennie\AppData\Local\Google\Google Talk\sgsapi.dll
07/06/2010 19:40:37 | 000 665 488 | ----- | -- | C:\Users\Bennie\AppData\Local\IM\Runtime\IncrediMail_Install.exe
07/15/2010 20:03:19 | 000 006 144 | ----- | -- | C:\Users\Bennie\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V3.0.gadget\CoreTempReader.dll
07/15/2010 20:03:19 | 000 008 704 | ----- | -- | C:\Users\Bennie\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V3.0.gadget\GetCoreTempInfoNET.dll
07/15/2010 20:03:19 | 000 007 680 | ----- | -- | C:\Users\Bennie\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V3.0.gadget\SystemInfo.dll
05/25/2010 20:16:46 | 000 094 208 | ----- | -- | C:\Users\Bennie\AppData\Local\Temp\cabex.dll
03/19/2010 12:24:37 | 000 007 168 | R---- | -- | C:\Users\Bennie\AppData\Local\Temp\ResetDevice.exe
05/19/2010 19:00:26 | 000 665 488 | ----- | -- | C:\Users\Bennie\AppData\Local\Temp\ImInstaller\IncrediMail_Install.exe
07/15/2010 22:04:33 | 000 079 488 | ----- | -- | C:\Users\Bennie\AppData\Local\Temp\is-36HFL.tmp\gtapi.dll
03/07/2008 16:03:14 | 000 013 312 | ----- | -- | C:\Windows\system32\CallSimReader.dll
05/25/2010 19:07:10 | 000 007 680 | ----- | -- | C:\Windows\system32\CNMVS61.dll
01/14/2010 03:32:00 | 000 023 552 | ----- | -- | C:\Windows\system32\DirectCOM.dll
05/16/2010 18:33:51 | 000 110 592 | ----- | -- | C:\Windows\system32\FsUsbExDevice.dll
05/16/2010 18:33:51 | 000 036 608 | ----- | -- | C:\Windows\system32\FsUsbExDisk.sys
09/11/2009 01:14:18 | 000 757 818 | ----- | -- | C:\Windows\system32\gwadd1.dll
09/11/2009 00:50:48 | 000 098 354 | ----- | -- | C:\Windows\system32\GWLDO132.dll
09/11/2009 01:12:56 | 000 303 166 | ----- | -- | C:\Windows\system32\gwodm132.dll
09/11/2009 01:11:54 | 000 032 836 | ----- | -- | C:\Windows\system32\Gwshlimp.exe
01/08/2010 18:09:18 | 000 005 120 | ----- | -- | C:\Windows\system32\HdmiCoin.dll
04/01/2010 05:47:06 | 000 143 360 | ----- | -- | C:\Windows\system32\iglhcp32.dll
04/01/2010 05:47:06 | 000 208 896 | ----- | -- | C:\Windows\system32\iglhsip32.dll
09/10/2009 22:47:40 | 000 155 700 | ----- | -- | C:\Windows\system32\ODMA32.dll
03/07/2008 16:02:24 | 000 061 440 | ----- | -- | C:\Windows\system32\SimReader.dll
01/14/2010 03:35:00 | 000 309 248 | ----- | -- | C:\Windows\system32\sqlite36_engine.dll
07/31/2008 10:01:00 | 000 000 000 | ----- | -- | C:\Windows\system32\ToolBx.dll
03/09/2006 11:58:00 | 001 060 424 | ----- | -- | C:\Windows\system32\WdfCoInstaller01000.dll
07/14/2009 01:11:15 | 000 021 584 | ----- | -- | C:\Windows\system32\drivers\atapi.sys
10/25/2007 17:26:10 | 000 005 632 | ----- | -- | C:\Windows\system32\drivers\StarOpen.sys
04/01/2010 05:47:06 | 000 143 360 | ----- | -- | C:\Windows\system32\DriverStore\FileRepository\igdlh.inf_x86_neutral_dde32909c6a9ce61\iglhcp32.dll
04/01/2010 05:47:06 | 000 208 896 | ----- | -- | C:\Windows\system32\DriverStore\FileRepository\igdlh.inf_x86_neutral_dde32909c6a9ce61\iglhsip32.dll
01/08/2010 18:09:18 | 000 005 120 | ----- | -- | C:\Windows\system32\DriverStore\FileRepository\intchdmi.inf_x86_neutral_28d5fbd20f9dbc92\HdmiCoin.dll
01/14/2010 18:07:29 | 006 416 928 | ----- | -- | C:\Windows\system32\DriverStore\FileRepository\rtusbstor.inf_x86_neutral_beef95afbb8f2183\DriveIcon.dll
01/14/2008 18:39:16 | 000 006 656 | ----- | -- | C:\Windows\system32\DriverStore\FileRepository\shpacm.inf_x86_neutral_95d259c5c4b38ae2\i386\SHPACMFilter.sys
03/09/2006 11:58:00 | 001 060 424 | ----- | -- | C:\Windows\system32\DriverStore\FileRepository\synpd.inf_x86_neutral_16564a863dad02bf\WdfCoInstaller01000.dll
07/14/2009 02:56:23 | 000 099 328 | ----- | -- | C:\Windows\system32\DriverStore\FileRepository\wiaky002.inf_x86_neutral_c4a21cbd41020ee5\kywdds10.dll
07/14/2009 02:59:14 | 000 012 800 | ----- | -- | C:\Windows\system32\DriverStore\FileRepository\wiaky002.inf_x86_neutral_c4a21cbd41020ee5\kyweds10.dll
07/14/2009 02:56:32 | 000 193 536 | ----- | -- | C:\Windows\system32\DriverStore\FileRepository\wiaky002.inf_x86_neutral_c4a21cbd41020ee5\kywuds10.dll
07/14/2009 02:58:25 | 000 010 240 | ----- | -- | C:\Windows\system32\DriverStore\FileRepository\wiasa002.inf_x86_neutral_d00cb75222cc8460\SaErHdlr.dll
07/14/2009 02:58:40 | 000 037 376 | ----- | -- | C:\Windows\system32\DriverStore\FileRepository\wiasa002.inf_x86_neutral_d00cb75222cc8460\SaImgFlt.dll
07/14/2009 02:56:53 | 000 159 232 | ----- | -- | C:\Windows\system32\DriverStore\FileRepository\wiasa002.inf_x86_neutral_d00cb75222cc8460\SaMinDrv.dll
07/14/2009 02:59:08 | 000 011 776 | ----- | -- | C:\Windows\system32\DriverStore\FileRepository\wiasa002.inf_x86_neutral_d00cb75222cc8460\SaSegFlt.dll
01/26/2010 12:08:34 | 000 320 927 | ----- | -- | C:\Windows\system32\spool\drivers\w32x86\3\hpaiofax.dll


=============================================================================================================================

C4340B241A1ACB3AA04BACAB344ACAA
[/COLOR]

Thanks. Could you please also post the OTL log as requested in the prework

Still waiting for it to finish....

For some reason I cannot paste the files explorer keeps throwing me out.

Try attaching the notepad file mate

Sorry didnt know I can do that. Did u received it now?

That worked a treat mate

One of the security team will be with you as soon as they can to guide you further

Thanks Smokey I'm going to bed now, here in South Africa its time to close the eyes and I'm quite tired after dealing with the 2010 World cup, chat soon.

Sleep well friend! I bet you had a blast

Good day mate thanks for the reply, my problem with Malwarebytes is that it doesnt wanna update it keep giving me a error report. Ill forward it to you.

MBAM-ERROR-UPDATING (12002, 0, WinHttpSendRequest)