Hi
I noticed that your AVG log displays 'No Action Taken' for all the files detected.
I suggest you run AVG again and quarantine the files. Pictorial instructions HERE. Do this after the following instructions in safe mode.
You may wish to copy and paste these instructions on notepad for easier reference later.
Boot into safe mode under your normal user name. See how
HERE
Next turn on "Show all files and folders, including hidden and system". See how
HERE
Go to start > run and type services.msc. Press the enter key.
Search for the following services. Double click to select stop if they are running. Set the startup type to disabled. Click apply/ok for each service you disable.
AlcxMonitor
DDCM
DDCActiveMenu
Go to start > Control Panel > Add and Remove Programs.
Remove anything related to the following:
Viewpoint
DDC / WildTangent
Open your task manager by pressing holding ctrl, alt and pressing del. Alternatively, use ctrl + shift + esc. Go to the processes tab, and end the following processes, if found:
DDCMan.exe
DDCActiveMenu.exe
ALCXMNTR.EXE
After that,
run HijackThis and fix the following entries, if found (do this by placing a tick in the check boxes beside these entries and clicking "Fix checked"):
R3 - URLSearchHook: (no name) - _{00D6A7E7-4A97-456f-848A-3B75BF7554D7} - (no file)
O2 - BHO: PnIEBrowserHelperObj Class - {4B5F2E08-6F39-479a-B547-B2026E4C7EDF} - (no file)
O2 - BHO: WIN Tools - {4E7BD74F-2B8D-469E-D0EA-F878F4D5FA7D} - C:\WINDOWS\DOWNLO~1\tgtb.dll (file missing)
O3 - Toolbar: (no name) - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - (no file)
O3 - Toolbar: EarthLink Toolbar - {D7F30B62-8269-41AF-9539-B2697FA7D77E} - (no file)
O3 - Toolbar: WIN Tools - {4E7BD74F-2B8D-469E-D0EA-F878F4D5FA7D} - C:\WINDOWS\DOWNLO~1\tgtb.dll (file missing)
O4 - HKLM\..\Run: [DDCM] "C:\Program Files\WildTangent\DDC\DDCManager\DDCMan.exe" -Background
O4 - HKLM\..\Run: [DDCActiveMenu] "C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -boot
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - c:\program files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - c:\program files\PartyGaming\PartyPoker\RunApp.exe (file missing)
Close HJT.
Navigate in Windows Explorer and delete the following
files and
folders in
bold.
C:\DOCUME~1\Owner\APPLIC~1\
Viewpoint
C:\Program Files\
WildTangent
C:\WINDOWS\
DOWNLO~1\tgtb.dll
You may run your AVG scan and quarantine the infected files now. Save the report after that.
Reboot into normal mode and rehide your protected OS files.
Thereafter, please post fresh HJT, ComboFix and AVG Antispyware logs from normal mode as attachments into this thread.
Regards,
Your friendly Momok =)
This thread is for the use of cuegt only. Please don't post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.