Hello and welcome to Techspot.
All items in your AVG Antispyware log say "No Action Taken". That`s because you haven`t told AVG Antispyware to quarantine it`s results as per the instructions.
See this pictorial guide.
You`re also running a completely unpatched version of Windows. Once we get you cleaned up, it is very important that you install at least sp1 and preferably sp2.
Start by running this
Symantec/Norton uninstaller tool.
Then, do the following Exactly.
You might want to copy and paste these instructions into a notepad file. Then you can have the file open in safe mode, so you can follow the instructions easier.
Boot into safe mode, under your normal user name(NOT THE ADMINISTRATOR ACCOUNT). See how
HERE.
In Windows Explorer, turn on "Show all files and folders, including hidden and system". See how
HERE.
Run HJT with no other programmes open(except notepad). Click the scan button. Have HJT fix the following, by placing a tick in the little box next to(
if there).
O2 - BHO: MSVPS System - {208D7BCC-9857-4C9E-823B-D04E72490A67} - C:\WINDOWS\mxduo.dll
O2 - BHO: MSVPS System - {283A0EE3-2CC1-45AB-8207-B1D7B69C7F83} - C:\WINDOWS\duocore.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O9 - Extra button: (no name) - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: GamesBar - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\WINDOWS\System32\shdocvw.dll
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file://C:\Program Files\LucyQ\Images\stg_drm.ocx
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file://C:\Program Files\Magic Academy\Images\armhelper.ocx
O21 - SSODL: wmphost - {3BADCC26-E72B-49CC-B2EF-B68CFD452F63} - C:\WINDOWS\wmphost.dll
O21 - SSODL: wmpdev - {71F52C3A-F52A-4748-A142-AE154CAFCA05} - C:\WINDOWS\wmpdev.dll
O24 - Desktop Component 0: Privacy Protection - file:///C:\WINDOWS\privacy_danger\index.htm
Click on the fix checked button.
Close HJT.
Locate and delete the following
bold files and/or directories(
if there).
C:\WINDOWS\
privacy_danger<Delete the entire folder.
C:\WINDOWS\
wmpdev.dll
C:\WINDOWS\
wmphost.dll
C:\WINDOWS\
mxduo.dll
Reboot into normal mode and rehide your protected OS files.
Download and install this Service pack.
Post fresh HJT, Combofix and AVG Antispyware logs.
Also, let me know the results of the AVG Antirootkit scan. As per the instructions in
step11 of this thread.
Regards Howard :wave: :wave:
This thread is for the use of leslie wyld only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.