Hey everyone, here's a fresh malwarebytes and hjthis log, Ive had a LOT of problems with spyware, because of some friends of mine not browsing or downloading very safely. 
In any case, thanks in advance if anyone could be kind enough to interpret the results and let me know how to fix em, Thanks!!
Malwarebytes' Anti-Malware 1.39
Database version: 2432
Windows 5.1.2600 Service Pack 3
7/16/2009 1:29:44 AM
mbam-log-2009-07-16 (01-29-44).txt
Scan type: Full Scan (C:\|)
Objects scanned: 227851
Time elapsed: 54 minute(s), 13 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 16
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 22
Files Infected: 34
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CLASSES_ROOT\explorerbar.funexplorer
(Adware.DoubleD) -> Quarantined and deleted
successfully.
HKEY_CLASSES_ROOT\TypeLib\{ac5ab953-ed25-4f9c-87
f0-b086b0178ffa} (Adware.DoubleD) -> Quarantined
and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{6160f76a-1992-4b17-
a32d-0c706d159105} (Adware.DoubleD) ->
Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{25b8d58c-b0cb-46b0-ba64
-05b3804e4e86} (Adware.DoubleD) -> Quarantined
and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Cur
rentVersion\Ext\Stats\{25b8d58c-b0cb-46b0-ba64-0
5b3804e4e86} (Adware.DoubleD) -> Quarantined and
deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Cu
rrentVersion\Explorer\Browser Helper
Objects\{25b8d58c-b0cb-46b0-ba64-05b3804e4e86}
(Adware.DoubleD) -> Quarantined and deleted
successfully.
HKEY_CLASSES_ROOT\explorerbar.funexplorer.1
(Adware.DoubleD) -> Quarantined and deleted
successfully.
HKEY_CLASSES_ROOT\explorerbar.funredirector
(Adware.DoubleD) -> Quarantined and deleted
successfully.
HKEY_CLASSES_ROOT\explorerbar.funredirector.1
(Adware.DoubleD) -> Quarantined and deleted
successfully.
HKEY_CLASSES_ROOT\CLSID\{cdbfb47b-58a8-4111-bf95
-06178dce326d} (Adware.DoubleD) -> Quarantined
and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{35b8d58c-b0cb-46b0-ba64
-05b3804e4e86} (Adware.DoubleD) -> Quarantined
and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Cur
rentVersion\Ext\Stats\{cdbfb47b-58a8-4111-bf95-0
6178dce326d} (Adware.DoubleD) -> Quarantined and
deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Cur
rentVersion\Ext\Stats\{5617eca9-488d-4ba2-8562-9
710b9ab78d2} (Adware.DoubleD) -> Quarantined and
deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Cur
rentVersion\Ext\Stats\{35b8d58c-b0cb-46b0-ba64-0
5b3804e4e86} (Adware.DoubleD) -> Quarantined and
deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Cu
rrentVersion\Explorer\Browser Helper
Objects\{cdbfb47b-58a8-4111-bf95-06178dce326d}
(Adware.DoubleD) -> Quarantined and deleted
successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Cu
rrentVersion\Explorer\Browser Helper
Objects\{35b8d58c-b0cb-46b0-ba64-05b3804e4e86}
(Adware.DoubleD) -> Quarantined and deleted
successfully.
Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet
Explorer\Toolbar\WebBrowser\{5617eca9-488d-4ba2-
8562-9710b9ab78d2} (Adware.DoubleD) ->
Quarantined and deleted successfully.
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
C:\Program Files\DoubleD (Adware.DoubleD) ->
Quarantined and deleted successfully.
c:\program files\DoubleD\GamingHarbor Toolbar
(Adware.DoubleD) -> Quarantined and deleted
successfully.
C:\Program Files\Media Access Startup
(Adware.DoubleD) -> Quarantined and deleted
successfully.
c:\program files\media access startup\1.3.0.790_
(Adware.DoubleD) -> Quarantined and deleted
successfully.
c:\program files\media access
startup\1.3.0.790_\FF (Adware.DoubleD) ->
Quarantined and deleted successfully.
c:\program files\media access
startup\1.3.0.790_\FF\components
(Adware.DoubleD) -> Quarantined and deleted
successfully.
c:\program files\media access startup\1.5.0.850
(Adware.DoubleD) -> Quarantined and deleted
successfully.
c:\program files\media access
startup\1.5.0.850\Data (Adware.DoubleD) ->
Quarantined and deleted successfully.
c:\program files\media access
startup\1.5.0.850\FF (Adware.DoubleD) ->
Quarantined and deleted successfully.
c:\program files\media access
startup\1.5.0.850\FF\chrome (Adware.DoubleD) ->
Quarantined and deleted successfully.
c:\program files\media access
startup\1.5.0.850\FF\chrome\content
(Adware.DoubleD) -> Quarantined and deleted
successfully.
c:\program files\media access
startup\1.5.0.850\FF\components (Adware.DoubleD)
-> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer
(Adware.DoubleD) -> Quarantined and deleted
successfully.
c:\program files\internet saving
optimizer\3.3.0.4160 (Adware.DoubleD) ->
Quarantined and deleted successfully.
c:\program files\internet saving
optimizer\3.3.0.4160\Data (Adware.DoubleD) ->
Quarantined and deleted successfully.
c:\program files\internet saving
optimizer\3.3.0.4160\FF (Adware.DoubleD) ->
Quarantined and deleted successfully.
c:\program files\internet saving
optimizer\3.3.0.4160\FF\chrome (Adware.DoubleD)
-> Quarantined and deleted successfully.
c:\program files\internet saving
optimizer\3.3.0.4160\FF\chrome\content
(Adware.DoubleD) -> Quarantined and deleted
successfully.
c:\program files\internet saving
optimizer\3.3.0.4160\FF\components
(Adware.DoubleD) -> Quarantined and deleted
successfully.
C:\Program Files\System Search Dispatcher
(Adware.DoubleD) -> Quarantined and deleted
successfully.
c:\program files\system search
dispatcher\1.2.0.750 (Adware.DoubleD) ->
Quarantined and deleted successfully.
c:\program files\system search
dispatcher\1.2.0.750\Data (Adware.DoubleD) ->
Quarantined and deleted successfully.
Files Infected:
C:\Program Files\Media Access
Startup\1.5.0.850\HPIEAddOn.dll (Adware.DoubleD)
-> Quarantined and deleted successfully.
c:\system volume
information\_restore{dde3eb95-4b24-44d8-ad38-1f9
74b96c2f0}\RP68\A0030405.exe (Password.Stealer)
-> Quarantined and deleted successfully.
c:\program files\media access
startup\1.3.0.790_\HPCommon.dll (Adware.DoubleD)
-> Quarantined and deleted successfully.
c:\program files\media access
startup\1.3.0.790_\FF\components\HPFFAddOn.dll
(Adware.DoubleD) -> Quarantined and deleted
successfully.
c:\program files\media access
startup\1.5.0.850\HPCommon.dll (Adware.DoubleD)
-> Quarantined and deleted successfully.
c:\program files\media access
startup\1.5.0.850\hppx.exe (Adware.DoubleD) ->
Quarantined and deleted successfully.
c:\program files\media access
startup\1.5.0.850\MAHelper.exe (Adware.DoubleD)
-> Quarantined and deleted successfully.
c:\program files\media access
startup\1.5.0.850\unins000.dat (Adware.DoubleD)
-> Quarantined and deleted successfully.
c:\program files\media access
startup\1.5.0.850\unins000.exe (Adware.DoubleD)
-> Quarantined and deleted successfully.
c:\program files\media access
startup\1.5.0.850\Data\config.md
(Adware.DoubleD) -> Quarantined and deleted
successfully.
c:\program files\media access
startup\1.5.0.850\FF\chrome.manifest
(Adware.DoubleD) -> Quarantined and deleted
successfully.
c:\program files\media access
startup\1.5.0.850\FF\install.rdf
(Adware.DoubleD) -> Quarantined and deleted
successfully.
c:\program files\media access
startup\1.5.0.850\FF\chrome\HPAddOn.jar
(Adware.DoubleD) -> Quarantined and deleted
successfully.
c:\program files\media access
startup\1.5.0.850\FF\chrome\content\HPAddOn.js
(Adware.DoubleD) -> Quarantined and deleted
successfully.
c:\program files\media access
startup\1.5.0.850\FF\chrome\content\HPAddOn.xul
(Adware.DoubleD) -> Quarantined and deleted
successfully.
c:\program files\media access
startup\1.5.0.850\FF\components\HPFFAddOn.dll
(Adware.DoubleD) -> Quarantined and deleted
successfully.
c:\program files\media access
startup\1.5.0.850\FF\components\HPFFAddOn.xpt
(Adware.DoubleD) -> Quarantined and deleted
successfully.
c:\program files\media access
startup\1.5.0.850\FF\components\HPFFHelperCompon
ent.js (Adware.DoubleD) -> Quarantined and
deleted successfully.
c:\program files\internet saving
optimizer\3.3.0.4160\unins000.dat
(Adware.DoubleD) -> Quarantined and deleted
successfully.
c:\program files\internet saving
optimizer\3.3.0.4160\unins000.exe
(Adware.DoubleD) -> Quarantined and deleted
successfully.
c:\program files\internet saving
optimizer\3.3.0.4160\Data\config.md
(Adware.DoubleD) -> Quarantined and deleted
successfully.
c:\program files\internet saving
optimizer\3.3.0.4160\FF\chrome.manifest
(Adware.DoubleD) -> Quarantined and deleted
successfully.
c:\program files\internet saving
optimizer\3.3.0.4160\FF\install.rdf
(Adware.DoubleD) -> Quarantined and deleted
successfully.
c:\program files\internet saving
optimizer\3.3.0.4160\FF\chrome\NPAddOn.jar
(Adware.DoubleD) -> Quarantined and deleted
successfully.
c:\program files\internet saving
optimizer\3.3.0.4160\FF\chrome\content\NPAddOn.j
s (Adware.DoubleD) -> Quarantined and deleted
successfully.
c:\program files\internet saving
optimizer\3.3.0.4160\FF\chrome\content\NPAddOn.x
ul (Adware.DoubleD) -> Quarantined and deleted
successfully.
c:\program files\internet saving
optimizer\3.3.0.4160\FF\components\NPFFAddOn.dll
(Adware.DoubleD) -> Quarantined and deleted
successfully.
c:\program files\internet saving
optimizer\3.3.0.4160\FF\components\NPFFAddOn.xpt
(Adware.DoubleD) -> Quarantined and deleted
successfully.
c:\program files\internet saving
optimizer\3.3.0.4160\FF\components\NPFFHelperCom
ponent.js (Adware.DoubleD) -> Quarantined and
deleted successfully.
c:\program files\system search
dispatcher\1.2.0.750\unins000.dat
(Adware.DoubleD) -> Quarantined and deleted
successfully.
c:\program files\system search
dispatcher\1.2.0.750\unins000.exe
(Adware.DoubleD) -> Quarantined and deleted
successfully.
c:\program files\system search
dispatcher\1.2.0.750\Data\eacore.mx
(Adware.DoubleD) -> Quarantined and deleted
successfully.
c:\program files\system search
dispatcher\1.2.0.750\Data\URLDynamic.mx
(Adware.DoubleD) -> Quarantined and deleted
successfully.
c:\program files\system search
dispatcher\1.2.0.750\Data\URLStatic.mx
(Adware.DoubleD) -> Quarantined and deleted
successfully.
________________________________________________________________
HJTHIS LOG :
Logfile of HijackThis v1.99.1
Scan saved at 1:39:36 AM, on 7/16/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
c:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jucheck.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\hphmon06.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\WINDOWS\ALCMTR.EXE
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\HP_Owner.YOUR-4F1261A8E5\Desktop\Anti Spyware and Virus software\Hjthis\hijackthis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_CA&c=Q105&bd=pavilion&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_CA&c=Q105&bd=pavilion&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.bearshare.com/sidebar.html?src=ssb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://ca.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http://ca.search.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.gamingharbor.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_CA&c=Q105&bd=pavilion&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://ca.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://ca.search.yahoo.com
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: UrlHelper Class - {474597C5-AB09-49d6-A4D5-2E8D7341384E} - C:\Program Files\iMesh Applications\iMesh\iMeshIEHelper.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O3 - Toolbar: HP view - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: BearShare MediaBar - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareMediaBar.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpywareBlaster] C:\Program Files\SpywareBlaster\spywareblaster.exe
O4 - HKCU\..\Run: [FreeRAM XP] "C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe" -win
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Updates from HP.lnk = C:\Program Files\Updates from HP\309731\Program\Updates from HP.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: MsgPlusLoader.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\HP Game Console\GameConsoleService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
In any case, thanks in advance if anyone could be kind enough to interpret the results and let me know how to fix em, Thanks!!
Malwarebytes' Anti-Malware 1.39
Database version: 2432
Windows 5.1.2600 Service Pack 3
7/16/2009 1:29:44 AM
mbam-log-2009-07-16 (01-29-44).txt
Scan type: Full Scan (C:\|)
Objects scanned: 227851
Time elapsed: 54 minute(s), 13 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 16
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 22
Files Infected: 34
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CLASSES_ROOT\explorerbar.funexplorer
(Adware.DoubleD) -> Quarantined and deleted
successfully.
HKEY_CLASSES_ROOT\TypeLib\{ac5ab953-ed25-4f9c-87
f0-b086b0178ffa} (Adware.DoubleD) -> Quarantined
and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{6160f76a-1992-4b17-
a32d-0c706d159105} (Adware.DoubleD) ->
Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{25b8d58c-b0cb-46b0-ba64
-05b3804e4e86} (Adware.DoubleD) -> Quarantined
and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Cur
rentVersion\Ext\Stats\{25b8d58c-b0cb-46b0-ba64-0
5b3804e4e86} (Adware.DoubleD) -> Quarantined and
deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Cu
rrentVersion\Explorer\Browser Helper
Objects\{25b8d58c-b0cb-46b0-ba64-05b3804e4e86}
(Adware.DoubleD) -> Quarantined and deleted
successfully.
HKEY_CLASSES_ROOT\explorerbar.funexplorer.1
(Adware.DoubleD) -> Quarantined and deleted
successfully.
HKEY_CLASSES_ROOT\explorerbar.funredirector
(Adware.DoubleD) -> Quarantined and deleted
successfully.
HKEY_CLASSES_ROOT\explorerbar.funredirector.1
(Adware.DoubleD) -> Quarantined and deleted
successfully.
HKEY_CLASSES_ROOT\CLSID\{cdbfb47b-58a8-4111-bf95
-06178dce326d} (Adware.DoubleD) -> Quarantined
and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{35b8d58c-b0cb-46b0-ba64
-05b3804e4e86} (Adware.DoubleD) -> Quarantined
and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Cur
rentVersion\Ext\Stats\{cdbfb47b-58a8-4111-bf95-0
6178dce326d} (Adware.DoubleD) -> Quarantined and
deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Cur
rentVersion\Ext\Stats\{5617eca9-488d-4ba2-8562-9
710b9ab78d2} (Adware.DoubleD) -> Quarantined and
deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Cur
rentVersion\Ext\Stats\{35b8d58c-b0cb-46b0-ba64-0
5b3804e4e86} (Adware.DoubleD) -> Quarantined and
deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Cu
rrentVersion\Explorer\Browser Helper
Objects\{cdbfb47b-58a8-4111-bf95-06178dce326d}
(Adware.DoubleD) -> Quarantined and deleted
successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Cu
rrentVersion\Explorer\Browser Helper
Objects\{35b8d58c-b0cb-46b0-ba64-05b3804e4e86}
(Adware.DoubleD) -> Quarantined and deleted
successfully.
Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet
Explorer\Toolbar\WebBrowser\{5617eca9-488d-4ba2-
8562-9710b9ab78d2} (Adware.DoubleD) ->
Quarantined and deleted successfully.
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
C:\Program Files\DoubleD (Adware.DoubleD) ->
Quarantined and deleted successfully.
c:\program files\DoubleD\GamingHarbor Toolbar
(Adware.DoubleD) -> Quarantined and deleted
successfully.
C:\Program Files\Media Access Startup
(Adware.DoubleD) -> Quarantined and deleted
successfully.
c:\program files\media access startup\1.3.0.790_
(Adware.DoubleD) -> Quarantined and deleted
successfully.
c:\program files\media access
startup\1.3.0.790_\FF (Adware.DoubleD) ->
Quarantined and deleted successfully.
c:\program files\media access
startup\1.3.0.790_\FF\components
(Adware.DoubleD) -> Quarantined and deleted
successfully.
c:\program files\media access startup\1.5.0.850
(Adware.DoubleD) -> Quarantined and deleted
successfully.
c:\program files\media access
startup\1.5.0.850\Data (Adware.DoubleD) ->
Quarantined and deleted successfully.
c:\program files\media access
startup\1.5.0.850\FF (Adware.DoubleD) ->
Quarantined and deleted successfully.
c:\program files\media access
startup\1.5.0.850\FF\chrome (Adware.DoubleD) ->
Quarantined and deleted successfully.
c:\program files\media access
startup\1.5.0.850\FF\chrome\content
(Adware.DoubleD) -> Quarantined and deleted
successfully.
c:\program files\media access
startup\1.5.0.850\FF\components (Adware.DoubleD)
-> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer
(Adware.DoubleD) -> Quarantined and deleted
successfully.
c:\program files\internet saving
optimizer\3.3.0.4160 (Adware.DoubleD) ->
Quarantined and deleted successfully.
c:\program files\internet saving
optimizer\3.3.0.4160\Data (Adware.DoubleD) ->
Quarantined and deleted successfully.
c:\program files\internet saving
optimizer\3.3.0.4160\FF (Adware.DoubleD) ->
Quarantined and deleted successfully.
c:\program files\internet saving
optimizer\3.3.0.4160\FF\chrome (Adware.DoubleD)
-> Quarantined and deleted successfully.
c:\program files\internet saving
optimizer\3.3.0.4160\FF\chrome\content
(Adware.DoubleD) -> Quarantined and deleted
successfully.
c:\program files\internet saving
optimizer\3.3.0.4160\FF\components
(Adware.DoubleD) -> Quarantined and deleted
successfully.
C:\Program Files\System Search Dispatcher
(Adware.DoubleD) -> Quarantined and deleted
successfully.
c:\program files\system search
dispatcher\1.2.0.750 (Adware.DoubleD) ->
Quarantined and deleted successfully.
c:\program files\system search
dispatcher\1.2.0.750\Data (Adware.DoubleD) ->
Quarantined and deleted successfully.
Files Infected:
C:\Program Files\Media Access
Startup\1.5.0.850\HPIEAddOn.dll (Adware.DoubleD)
-> Quarantined and deleted successfully.
c:\system volume
information\_restore{dde3eb95-4b24-44d8-ad38-1f9
74b96c2f0}\RP68\A0030405.exe (Password.Stealer)
-> Quarantined and deleted successfully.
c:\program files\media access
startup\1.3.0.790_\HPCommon.dll (Adware.DoubleD)
-> Quarantined and deleted successfully.
c:\program files\media access
startup\1.3.0.790_\FF\components\HPFFAddOn.dll
(Adware.DoubleD) -> Quarantined and deleted
successfully.
c:\program files\media access
startup\1.5.0.850\HPCommon.dll (Adware.DoubleD)
-> Quarantined and deleted successfully.
c:\program files\media access
startup\1.5.0.850\hppx.exe (Adware.DoubleD) ->
Quarantined and deleted successfully.
c:\program files\media access
startup\1.5.0.850\MAHelper.exe (Adware.DoubleD)
-> Quarantined and deleted successfully.
c:\program files\media access
startup\1.5.0.850\unins000.dat (Adware.DoubleD)
-> Quarantined and deleted successfully.
c:\program files\media access
startup\1.5.0.850\unins000.exe (Adware.DoubleD)
-> Quarantined and deleted successfully.
c:\program files\media access
startup\1.5.0.850\Data\config.md
(Adware.DoubleD) -> Quarantined and deleted
successfully.
c:\program files\media access
startup\1.5.0.850\FF\chrome.manifest
(Adware.DoubleD) -> Quarantined and deleted
successfully.
c:\program files\media access
startup\1.5.0.850\FF\install.rdf
(Adware.DoubleD) -> Quarantined and deleted
successfully.
c:\program files\media access
startup\1.5.0.850\FF\chrome\HPAddOn.jar
(Adware.DoubleD) -> Quarantined and deleted
successfully.
c:\program files\media access
startup\1.5.0.850\FF\chrome\content\HPAddOn.js
(Adware.DoubleD) -> Quarantined and deleted
successfully.
c:\program files\media access
startup\1.5.0.850\FF\chrome\content\HPAddOn.xul
(Adware.DoubleD) -> Quarantined and deleted
successfully.
c:\program files\media access
startup\1.5.0.850\FF\components\HPFFAddOn.dll
(Adware.DoubleD) -> Quarantined and deleted
successfully.
c:\program files\media access
startup\1.5.0.850\FF\components\HPFFAddOn.xpt
(Adware.DoubleD) -> Quarantined and deleted
successfully.
c:\program files\media access
startup\1.5.0.850\FF\components\HPFFHelperCompon
ent.js (Adware.DoubleD) -> Quarantined and
deleted successfully.
c:\program files\internet saving
optimizer\3.3.0.4160\unins000.dat
(Adware.DoubleD) -> Quarantined and deleted
successfully.
c:\program files\internet saving
optimizer\3.3.0.4160\unins000.exe
(Adware.DoubleD) -> Quarantined and deleted
successfully.
c:\program files\internet saving
optimizer\3.3.0.4160\Data\config.md
(Adware.DoubleD) -> Quarantined and deleted
successfully.
c:\program files\internet saving
optimizer\3.3.0.4160\FF\chrome.manifest
(Adware.DoubleD) -> Quarantined and deleted
successfully.
c:\program files\internet saving
optimizer\3.3.0.4160\FF\install.rdf
(Adware.DoubleD) -> Quarantined and deleted
successfully.
c:\program files\internet saving
optimizer\3.3.0.4160\FF\chrome\NPAddOn.jar
(Adware.DoubleD) -> Quarantined and deleted
successfully.
c:\program files\internet saving
optimizer\3.3.0.4160\FF\chrome\content\NPAddOn.j
s (Adware.DoubleD) -> Quarantined and deleted
successfully.
c:\program files\internet saving
optimizer\3.3.0.4160\FF\chrome\content\NPAddOn.x
ul (Adware.DoubleD) -> Quarantined and deleted
successfully.
c:\program files\internet saving
optimizer\3.3.0.4160\FF\components\NPFFAddOn.dll
(Adware.DoubleD) -> Quarantined and deleted
successfully.
c:\program files\internet saving
optimizer\3.3.0.4160\FF\components\NPFFAddOn.xpt
(Adware.DoubleD) -> Quarantined and deleted
successfully.
c:\program files\internet saving
optimizer\3.3.0.4160\FF\components\NPFFHelperCom
ponent.js (Adware.DoubleD) -> Quarantined and
deleted successfully.
c:\program files\system search
dispatcher\1.2.0.750\unins000.dat
(Adware.DoubleD) -> Quarantined and deleted
successfully.
c:\program files\system search
dispatcher\1.2.0.750\unins000.exe
(Adware.DoubleD) -> Quarantined and deleted
successfully.
c:\program files\system search
dispatcher\1.2.0.750\Data\eacore.mx
(Adware.DoubleD) -> Quarantined and deleted
successfully.
c:\program files\system search
dispatcher\1.2.0.750\Data\URLDynamic.mx
(Adware.DoubleD) -> Quarantined and deleted
successfully.
c:\program files\system search
dispatcher\1.2.0.750\Data\URLStatic.mx
(Adware.DoubleD) -> Quarantined and deleted
successfully.
________________________________________________________________
HJTHIS LOG :
Logfile of HijackThis v1.99.1
Scan saved at 1:39:36 AM, on 7/16/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
c:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jucheck.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\hphmon06.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\WINDOWS\ALCMTR.EXE
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\HP_Owner.YOUR-4F1261A8E5\Desktop\Anti Spyware and Virus software\Hjthis\hijackthis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_CA&c=Q105&bd=pavilion&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_CA&c=Q105&bd=pavilion&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.bearshare.com/sidebar.html?src=ssb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://ca.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http://ca.search.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.gamingharbor.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_CA&c=Q105&bd=pavilion&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://ca.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://ca.search.yahoo.com
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: UrlHelper Class - {474597C5-AB09-49d6-A4D5-2E8D7341384E} - C:\Program Files\iMesh Applications\iMesh\iMeshIEHelper.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O3 - Toolbar: HP view - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: BearShare MediaBar - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareMediaBar.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpywareBlaster] C:\Program Files\SpywareBlaster\spywareblaster.exe
O4 - HKCU\..\Run: [FreeRAM XP] "C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe" -win
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Updates from HP.lnk = C:\Program Files\Updates from HP\309731\Program\Updates from HP.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: MsgPlusLoader.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\HP Game Console\GameConsoleService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
