Update your Java version: http://www.java.com/en/download/index.jsp
Uninstall ALL older Java versions from Add\Remove in Control Panel.1. Print this post out, since you won't have an access to it, at some point.2. Close all windows, except for HijackThis.
2a. Go Start>Control Panel, double click on Add\Remove, and uninstall anything what contains word
Bearshare,
MyWebSearch,
Weatherbug (it may be listed as AWS Weatherbug), and
WinFixer (if present).
3. Put a checkmark next to the following HijackThis entries:
- R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant =
http://search.bearshare.com/sidebar.html?src=ssb- R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://search.bearshare.com/sidebar.html?src=ssb- R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://search.bearshare.com/sidebar.html?src=ssb- R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
http://search.bearshare.com/sidebar.html?src=ssb- R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file)
- R3 - URLSearchHook: BearShare MediaBar - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare applications\BearShare MediaBar\MediaBar.dll
- O1 - Hosts: 202.67.220.232 *Blocked Russian URL*
- O2 - BHO: (no name) - {0494D0D1-F8E0-41ad-92A3-14154ECE70AC} - (no file)
- O2 - BHO: (no name) - {0a0204f5-57bb-44a2-b547-2478f88d45e5} - C:\WINDOWS\system32\uavkbbko.dll (file missing)
- O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
- O2 - BHO: (no name) - {78f54146-bb29-478f-a40a-0f6c2093a403} - C:\WINDOWS\system32\uavkbbko.dll (file missing)
- O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
- O2 - BHO: (no name) - {90b29733-c5ce-4d2a-a2d7-4999d7f57d02} - C:\WINDOWS\system32\uavkbbko.dll (file missing)
- O2 - BHO: (no name) - {a2916ebb-c439-45be-832b-08edfbaf2e14} - C:\WINDOWS\system32\loglug.dll (file missing)
- O2 - BHO: (no name) - {D80C4E21-C346-4E21-8E64-20746AA20AEB} - (no file)
- O2 - BHO: (no name) - {e8c5a180-e323-4727-afce-7c08a4192f95} - C:\WINDOWS\system32\uavkbbko.dll (file missing)
- O2 - BHO: XBTP02634 - {F97DA966-F09D-4cab-BF29-75A0026986EA} - C:\PROGRA~1\BEARSH~2\BEARSH~1\MediaBar.dll
- O3 - Toolbar: (no name) - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - (no file)
- O3 - Toolbar: (no name) - {5AA06644-BC46-4220-A460-47A6EB47C96D} - (no file)
- O3 - Toolbar: BearShare MediaBar - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare applications\BearShare MediaBar\MediaBar.dll
- O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
- O4 - HKLM\..\Run: [NI.UWFX5] "C:\Documents and Settings\Gin Peterson\Local Settings\Temporary Internet Files\Content.IE5\89Y7W5UN\WinFixer2005ScannerInstall[1].exe"
- O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
- O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k(concerning the last two entries: right click on My Computer, selecting Properties and then the Advanced tab. Click on the Settings button in 'Startup and Recovery'. In the bottom pane - under 'Write debugging information' - click on the down arrow and then select 'None' - OK your way out.)- O8 - Extra context menu item: &Search -
http://bar.mywebsearch.com/menusearch.html?p=ZUxdm080YYUS- O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\Program Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU)
- O15 - Trusted Zone: *.doginhispen.com
- O15 - Trusted Zone: *.whataboutadog.com
- O16 - DPF: {09F1ADAC-76D8-4D0F-99A5-5C907DADB988} -
http://cdn.downloadcontrol.com/files/installers/cab/SystemDoctor2006FreeInstall. cab
- O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} -
http://static.windupdates.com/cab/MediaAccess/ie/bridge-c8.cab- O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} -
http://ak.imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralFWBInitialSe tup1.0.0.15.cab
- O16 - DPF: {88D758A3-D33B-45FD-91E3-67749B4057FA} (Sinstaller Class) -
http://dm.screensavers.com/dm/installers/si/1/sinstaller.cab- O16 - DPF: {B64F4A7C-97C9-11DA-8BDE-F66BAD1E3F3A} -
http://privacyprotector.com/.freeware/cab/installprivacyprotector.cab-
ALL O20 entries
4. Click on "Fix checked" button.
5. Turn off System Restore:
-
Windows XP:
1. Click Start.
2. Right-click the My Computer icon, and then click Properties.
3. Click the System Restore tab.
4. Check "Turn off System Restore".
5. Click Apply.
6. When turning off System Restore, the existing restore points will be deleted. Click Yes to do this.
7. Click OK.
-
Windows Vista:
1. Click Start.
2. Right-click the Computer icon, and then click Properties.
3. Click on System Protection under the Tasks column on the left side
4. Click on Continue on the "User Account Control" window that pops up
5. Under the System Protection tab, find Available Disks
6. Uncheck the box for any drive you wish to disable system restore on (in most cases, drive "C:")
7. When turning off System Restore, the existing restore points will be deleted. Click "Turn System Restore Off" on the popup window to do this.
8. Click OK
6. Restart in Normal Mode.
7. Turn System Restore on.
8. Run HijackThis again, and post back its log back here.