How to Remove Personal Antivirus [Delete Guide]

First topic message reminder :

This guide will give you easy instructions on how to remove Personal Antivirus for free.


What is Personal Antivirus? (Information)

Personal Antivirus is a fake security software which uses fraudulent strategies by displaying false or exaggerated security issues on your computer rather than any legitimate ones to coerce you into purchasing their software.


Personal Antivirus Screenshot:

---

Follow these instructions to continue:

1. Please download this removal tool: Malwarebytes' Anti-Malware.

If you are having problems downloading from the link above, click here:


Spoiler:

Download from here only if you have problems downloading from the link above.

2. Extract the file and install Malwarebytes' Anti-Malware by double clicking on winlogon.exe

3. Follow the prompts. Make sure that Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware are checked. Then click finish.

4. Malwarebytes' Anti-Malware will automatically update itself after the install, you can press the OK button to close that box and you will now be at the main program as shown below.

If you are having problems with the updater, you can use this link to manually update Malwarebytes' Anti-Malware with the latest database

Spoiler:

• Malwarebytes' Anti-Malwares' latest database
  

Download the Full database to your Desktop or to your usual Download Folder and install it by double clicking the file. Make sure that Malwarebytes' Anti-Malware is closed before installing the update.

5. Close ALL open Windows, Programs, File or Folders.

6. Make sure you are on the Scanner tab. Select Perform quick scan then click the Scan button as shown above.

7. Malwarebytes' Anti-Malware will now start scanning your computer for infected files as shown below.



8. When the scan is finished a message box will appear, click Ok to continue.

9. Click Show Results.


10. You will now be presented with a screen showing you the malware infections like shown below. Yours may look different depending on the infection you have.

11. Click on Remove seletced


12. When removing the files, Malwarebytes' Anti-Malware may require you to restart the computer in order to do a complete removal. If it displays a message stating that it needs to restart, please allow it to do so.

13. After that you can close the Malwarebytes' Anti-Malware window, your computer is now cleaned.

To protect your computer from future threats like this, you may want to consider purchasing the Pro version of Malwarebytes' Anti-Malware with real-time protection from this link.

---

Files Associated With Personal Antivirus:

Spoiler:

C:\Documents and Settings\All Users\Desktop\Personal Antivirus.lnk
C:\Documents and Settings\All Users\Start Menu\Programs\Personal Antivirus
C:\Documents and Settings\All Users\Start Menu\Programs\Personal Antivirus\Personal Antivirus Home Page.lnk
C:\Documents and Settings\All Users\Start Menu\Programs\Personal Antivirus\Personal Antivirus.lnk
C:\Documents and Settings\All Users\Start Menu\Programs\Personal Antivirus\Purchase License.lnk
%UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\Personal Antivirus.lnk
%UserProfile%\Application Data\Personal Antivirus
%UserProfile%\Application Data\Personal Antivirus\settings.ini
%UserProfile%\Application Data\Personal Antivirus\uill.ini
%UserProfile%\Application Data\Personal Antivirus\unins000.exe
%UserProfile%\Application Data\Personal Antivirus\Uninstall Personal Antivirus.lnk
%UserProfile%\Application Data\Personal Antivirus\db
%UserProfile%\Application Data\Personal Antivirus\db\config.cfg
%UserProfile%\Application Data\Personal Antivirus\db\Timeout.inf
%UserProfile%\Application Data\Personal Antivirus\db\Urls.inf
%UserProfile%\Local Settings\Application Data\Microsoft\Windows\log.txt
%UserProfile%\Local Settings\Application Data\Microsoft\Windows\pguard.ini
%UserProfile%\Local Settings\Application Data\Microsoft\Windows\services.exe
C:\Program Files\PersonalAV
C:\Program Files\PersonalAV\activate.ico
C:\Program Files\PersonalAV\Explorer.ico
C:\Program Files\PersonalAV\PerAvir.exe
C:\Program Files\PersonalAV\unins000.dat
C:\Program Files\PersonalAV\uninstall.ico
C:\Program Files\PersonalAV\working.log
C:\Program Files\PersonalAV\db
C:\Program Files\PersonalAV\db\DBInfo.ver
C:\Program Files\PersonalAV\db\ia080614.db
C:\Program Files\PersonalAV\db\ia080618x.db
C:\Program Files\PersonalAV\Languages
C:\Program Files\PersonalAV\Languages\IAEs.lng
C:\Program Files\PersonalAV\Languages\IAFr.lng
C:\Program Files\PersonalAV\Languages\IAGer.lng
C:\Program Files\PersonalAV\Languages\IAIt.lng
C:\WINDOWS\system32\log.txt
%UserProfile%\Application Data\Microsoft\Windows\winlogon.exe
%UserProfile%\Local Settings\Application Data\Microsoft\Internet Explorer\iGSh.png
%UserProfile%\Local Settings\Application Data\Microsoft\Internet Explorer\iMSh.png
%UserProfile%\Local Settings\Application Data\Microsoft\Internet Explorer\iPSh.png
%UserProfile%\Local Settings\Application Data\Microsoft\Internet Explorer\iv.exe
%UserProfile%\Local Settings\Application Data\Microsoft\Windows\log.txt
%UserProfile%\Local Settings\Application Data\Microsoft\Windows\pguard.ini
%UserProfile%\Local Settings\Application Data\Microsoft\Windows\services.exe

---

If you are still experiencing problems or difficulties following this guide or require any assistance removing this software, please post your questions in our Virus, Spyware & Malware Removal forums for free help.

You have to be logged in to post questions. Registration is free. By registering you are privileged to other virus removal resources in future.

YAHOOOOOOOOO!!!!!!!It worked.Thanks a million.I spent a sleepless night after this s*** kept popping up and have been searching for 13 hours before I found you guys.I downloaded it and it scanned my computer and I clicked the remove botton and bang.They were gone.You are the best.Very easy.

Thanks so much. It worked without a hitch!!! I accidentally downloaded that malware this afternoon and that popup was driving me nuts!

thank you so much!!!!! i can't tell you how much i appreciate your help. i followed the guide above and no more pop up!!!! yeah! is there a way that i can tell if the virus is gone - besides not seeing the pop up? i am still a little paranoid

Moderated Message:Caps converted to lower case. Please do not type in caps, thank you. -Doctor Inferno

thank you so much for the link! the personal antivirus disappeared from my desktop!!!! i can't thank you enough. your instructions were perfect. i needed to boot into the safemode and you helped with that too! thank you!!! if i don't see the icon anymore and i clicked on the link that removed it from your site, can i assume i am virus free? how do i know? i have norton and it didn't pick it up....so how do i know it's gone? and do i need to worry about my personal info on my computer? thanks!!!!

Moderated Message:Caps converted to lower case. Please do not type in caps, thank you. -Doctor Inferno

This saved my bacon! I'm so glad I found this!

Thankyou soooo much Geek Police. You rock. I cant beleive that there is actually a bunch of computer experts out here in cyberspace helping people like us for free. You guys are amazing.

Thanks, by following your instructions, I was able to get rid of the "personal anitvirus" message that kept popping up every 30 seconds

Thank you!! This worked! I had to download the removal program on my other computer and then save it to my infected computer...but in half an hour the virus was gone and for free. This is the real deal, no scam here.

Hi, i have installed malware bytes along with tons of others. Malware bytes got rid of it personal anti spyware the first time but it keeps coming back. Any advice?

I have a program on my computer called persoal virus removal can`t get it off.I did not put this on, it is saving my system is infected. what can I do?

Hello,
I have had no luck with removing Personal Anti virus using the methods discussed on this board.
I have tried running combofix, here are the results:

ComboFix 09-07-14.08 - vpnerry-newburn 07/16/2009 20:33.1.2 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1033.18.1918.965 [GMT -5:00]
Running from: c:\users\vpnerry-newburn\Downloads\Combo-Fix.exe
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: Norton 360 *On-access scanning disabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton 360 *disabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
SP: AVG Anti-Virus Free *enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
SP: Norton 360 *disabled* (Updated) {CBB7EE13-8244-4DAB-8B55-D5C7AA91E59A}
SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
* Created a new restore point
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\$recycle.bin\S-1-5-21-1351270306-1498828423-4002604896-500
c:\$recycle.bin\S-1-5-21-1591949361-2229242592-308272366-500
c:\$recycle.bin\S-1-5-21-2152478756-3922319563-605102323-500
c:\windows\system32\AutoRun.inf
c:\windows\system32\file.exe.tmp

The rest of the combo fix file

((((((((((((((((((((((((( Files Created from 2009-06-17 to 2009-07-17 )))))))))))))))))))))))))))))))
.
2009-07-17 01:06 . 2009-07-17 01:06 -------- d-----r- c:\program files\Norton Support
2009-07-17 00:41 . 2009-06-28 08:03 177520 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090715.067\NAVENG32.DLL
2009-07-17 00:41 . 2009-06-28 08:03 1181040 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090715.067\NAVEX32A.DLL
2009-07-17 00:41 . 2009-06-28 08:03 371248 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090715.067\EECTRL.SYS
2009-07-17 00:41 . 2009-06-28 08:03 259368 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090715.067\ECMSVR32.DLL
2009-07-17 00:41 . 2009-06-28 08:03 101936 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090715.067\ERASER.SYS
2009-07-17 00:41 . 2009-06-28 08:03 2414128 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090715.067\CCERASER.DLL
2009-07-17 00:41 . 2009-07-11 19:34 533880 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090712.001\Scxpx86.dll
2009-07-17 00:41 . 2009-07-11 19:34 276344 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090712.001\IDSXpx86.sys
2009-07-17 00:41 . 2009-07-11 19:34 293424 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090712.001\IDSvix86.sys
2009-07-17 00:41 . 2009-07-11 19:34 451960 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090712.001\IDSxpx86.dll
2009-07-17 00:41 . 2009-07-11 19:34 397360 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090712.001\IDSviA64.sys
2009-07-17 00:32 . 2009-07-17 00:32 -------- d-----w- c:\program files\test
2009-07-15 08:00 . 2009-07-15 08:00 87888 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090715.067\NAVENG.SYS
2009-07-15 08:00 . 2009-07-15 08:00 875728 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090715.067\NAVEX15.SYS
2009-07-12 00:06 . 2009-07-12 00:06 -------- d-----w- c:\users\vpnerry-newburn\AppData\Roaming\Malwarebytes
2009-07-12 00:05 . 2009-06-17 16:27 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-07-12 00:05 . 2009-07-14 23:34 -------- d-----w- c:\program files\Test2
2009-07-12 00:05 . 2009-07-12 00:05 -------- d-----w- c:\programdata\Malwarebytes
2009-07-12 00:05 . 2009-06-17 16:27 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-07-11 19:34 . 2009-07-11 19:34 276344 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\IDSXpx86.sys
2009-07-11 19:34 . 2009-07-11 19:34 293424 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\IDSvix86.sys
2009-07-11 19:34 . 2009-07-11 19:34 533880 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\Scxpx86.dll
2009-07-11 19:34 . 2009-07-11 19:34 451960 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\IDSxpx86.dll
2009-07-11 19:34 . 2009-07-11 19:34 397360 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\IDSviA64.sys
2009-07-11 00:27 . 2009-03-16 20:03 533880 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090709.001\Scxpx86.dll
2009-07-11 00:27 . 2009-03-12 23:24 396848 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090709.001\IDSviA64.sys
2009-07-11 00:27 . 2009-03-12 23:24 292912 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090709.001\IDSvix86.sys
2009-07-11 00:27 . 2009-03-12 23:24 276344 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090709.001\IDSXpx86.sys
2009-07-11 00:27 . 2009-03-12 23:24 447864 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090709.001\IDSxpx86.dll
2009-06-28 10:51 . 2009-06-28 23:11 -------- d-----w- C:\4f99a44daa7285366316d687d4b90c5b
2009-06-27 14:03 . 2009-06-27 14:03 746744 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2009-06-26 08:00 . 2009-06-26 08:00 -------- d-----w- c:\windows\CheckSur
2009-06-22 18:16 . 2009-06-25 01:15 -------- d-----w- C:\42dbf6832a6070a5398a55
2009-06-22 00:01 . 2009-06-22 00:01 -------- d-----w- c:\program files\Common Files\Uninstall
2009-06-22 00:01 . 2009-06-22 00:01 -------- d-----w- c:\program files\PersonalAV
.

Here's the rest of the combo fix test file:

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-11 00:19 . 2008-02-11 04:26 92184 ----a-w- c:\users\vpnerry-newburn\AppData\Local\GDIPFONTCACHEV1.DAT
2009-06-29 01:21 . 2008-03-01 14:59 1356 ----a-w- c:\users\vpnerry-newburn\AppData\Local\d3d9caps.dat
2009-06-28 23:10 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Sidebar
2009-06-28 23:10 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Photo Gallery
2009-06-28 23:10 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-06-28 21:05 . 2007-12-08 08:10 -------- d-----w- c:\programdata\NVIDIA
2009-06-25 01:15 . 2009-03-17 00:37 -------- d-----w- c:\programdata\HP Product Assistant
2009-06-25 01:15 . 2007-12-08 08:27 -------- d-----w- c:\program files\Microsoft Works
2009-06-18 16:27 . 2009-03-19 13:41 1460 ----a-w- c:\users\vpnerry-newburn\AppData\Roaming\wklnhst.dat
2009-06-09 21:55 . 2009-06-09 21:55 456304 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtb2CEB.tmp.exe
2009-05-28 01:22 . 2009-05-28 01:20 116839 ----a-w- c:\windows\hpqins00.dat
2009-05-16 22:38 . 2009-05-16 22:38 416128 ----a-w- c:\programdata\Microsoft\eHome\Packages\NetTV\Browse\NetTVResources.dll
2009-05-09 05:50 . 2009-06-09 22:01 915456 ----a-w- c:\windows\system32\wininet.dll
2009-05-09 05:34 . 2009-06-09 22:01 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-04-30 12:52 . 2009-06-15 01:19 292352 ----a-w- c:\windows\system32\psisdecd.dll
2009-04-30 12:44 . 2009-06-15 01:19 1244672 ----a-w- c:\windows\system32\mcmde.dll
2009-04-30 12:42 . 2009-06-15 01:19 428032 ----a-w- c:\windows\system32\EncDec.dll
2009-04-23 13:01 . 2009-06-09 22:01 788992 ----a-w- c:\windows\system32\rpcrt4.dll
2009-04-23 12:56 . 2009-06-09 22:01 696832 ----a-w- c:\windows\system32\localspl.dll
2009-04-22 21:29 . 2009-04-22 21:29 124464 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2009-04-21 12:04 . 2009-06-09 22:01 2028032 ----a-w- c:\windows\system32\win32k.sys
2007-12-08 07:32 . 2007-12-08 07:27 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A26503FE-B3B8-4910-A9DC-9CBD25C6B8D6}]
2009-04-13 16:12 3962184 ----a-w- c:\users\vpnerry-newburn\AppData\LocalLow\CyberDefender\cdmyidd.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{A26503FE-B3B8-4910-A9DC-9CBD25C6B8D6}"= "c:\users\vpnerry-newburn\AppData\LocalLow\CyberDefender\cdmyidd.dll" [2009-04-13 3962184]
[HKEY_CLASSES_ROOT\clsid\{a26503fe-b3b8-4910-a9dc-9cbd25c6b8d6}]
[HKEY_CLASSES_ROOT\Cdmyidd.SecurityToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{CD24EB02-9831-4838-99D0-726D411B1328}]
[HKEY_CLASSES_ROOT\Cdmyidd.SecurityToolbar]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{A26503FE-B3B8-4910-A9DC-9CBD25C6B8D6}"= "c:\users\vpnerry-newburn\AppData\LocalLow\CyberDefender\cdmyidd.dll" [2009-04-13 3962184]
[HKEY_CLASSES_ROOT\clsid\{a26503fe-b3b8-4910-a9dc-9cbd25c6b8d6}]
[HKEY_CLASSES_ROOT\Cdmyidd.SecurityToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{CD24EB02-9831-4838-99D0-726D411B1328}]
[HKEY_CLASSES_ROOT\Cdmyidd.SecurityToolbar]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-02-19 1232896]
"HPAdvisor"="c:\program files\Hewlett-Packard\HP Advisor\HPAdvisor.exe" [2007-10-04 1783136]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2006-11-02 125440]
"Search Protection"="c:\program files\Yahoo!\Search Protection\SearchProtection.exe" [2009-02-03 111856]
"YSearchProtection"="c:\program files\Yahoo!\Search Protection\SearchProtection.exe" [2009-02-03 111856]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-02-25 39408]
"WindowsWelcomeCenter"="oobefldr.dll" - c:\windows\System32\oobefldr.dll [2006-11-02 2159104]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2007-12-08 1006264]
"hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2007-04-18 65536]
"KBD"="c:\hp\KBD\KbdStub.EXE" [2006-12-08 65536]
"OsdMaestro"="c:\program files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" [2007-02-15 118784]
"SunJavaUpdateReg"="c:\windows\system32\jureg.exe" [2007-04-07 54936]
"HostManager"="c:\program files\Common Files\AOL\1204384318\ee\AOLSoftware.exe" [2006-09-26 50736]
"InstallAol"="c:\program files\Online Services\Aolus\InstallAol.exe" [2007-08-13 181584]
"2Wire Wireless Manager"="c:\program files\2Wire Wireless Manager\2Wire.exe" [2007-10-01 61440]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-22 13539872]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-22 92704]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-03-12 49152]
"YSearchProtection"="c:\program files\Yahoo!\Search Protection\SearchProtection.exe" [2009-02-03 111856]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2008-01-15 4874240]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2008-3-25 214360]
Snapfish Media Detector.lnk - c:\program files\Snapfish Picture Mover\SnapfishMediaDetector.exe [2007-5-7 1273856]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys]
@="FSFilter Activity Monitor"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=dword:00000001
"InternetSettingsDisableNotify"=dword:00000001
"AutoUpdateDisableNotify"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
"EnableFirewall"= 0 (0x0)
"DoNotAllowExceptions"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{2E5D4823-E659-42DC-ADD5-E484A6AC24FA}"= c:\program files\Cyberlink\PowerDirector\PDR.EXE:CyberLink PowerDirector
"{335AF392-29D2-474E-8415-964FD6098196}"= UDP:c:\program files\earthlink totalaccess\TaskPanl.exe:taskpanl
"{113157BF-D55B-4460-9D79-F7F5D8CF89FE}"= TCP:c:\program files\earthlink totalaccess\TaskPanl.exe:taskpanl
"{0A5EBDFC-29CB-411B-B72B-F7D65ED71374}"= UDP:c:\program files\earthlink totalaccess\TaskPanl.exe:taskpanl
"{BFC26CD8-06FA-4A52-8EFE-0A1A7CABAAFB}"= TCP:c:\program files\earthlink totalaccess\TaskPanl.exe:taskpanl
"{8DB691A0-F295-49E8-842B-A83600445513}"= UDP:c:\program files\earthlink totalaccess\TaskPanl.exe:taskpanl
"{D31192F1-533A-44D4-98F7-2D34386C9DC9}"= TCP:c:\program files\earthlink totalaccess\TaskPanl.exe:taskpanl
"{061D000B-428A-4090-8298-8C5301752BA1}"= UDP:c:\program files\Common Files\aol\acs\AOLDial.exe:AOL Connectivity Service Dialer
"{F4827E72-E3AE-47ED-AFF1-3CEF8AC86857}"= TCP:c:\program files\Common Files\aol\acs\AOLDial.exe:AOL Connectivity Service Dialer
"{3CBB6115-60BA-4FBD-823A-243A834780D0}"= UDP:c:\program files\Common Files\aol\acs\AOLacsd.exe:AOL Connectivity Service
"{E4CC4BD8-7D7D-411E-90DE-5AB9401BFFDB}"= TCP:c:\program files\Common Files\aol\acs\AOLacsd.exe:AOL Connectivity Service
"{6F3C7E99-69FB-4631-B50C-C41CA11DAE10}"= UDP:c:\program files\Common Files\aol\1204384318\ee\aolsoftware.exe:AOL Shared Components
"{51A808ED-10B9-49DE-B4B7-040B202E0F0D}"= TCP:c:\program files\Common Files\aol\1204384318\ee\aolsoftware.exe:AOL Shared Components
"{12122EEA-031C-4FD7-A221-6DC6B29371CE}"= UDP:c:\program files\Online Services\Aolus\AOLSETUP.EXE:AOL
"{57DBB9CC-7533-4782-BD4D-ADF8F05954A9}"= TCP:c:\program files\Online Services\Aolus\AOLSETUP.EXE:AOL
"{9A292DEC-D341-417C-A46B-9BCE019724D6}"= UDP:c:\program files\AOL 9.0\waol.exe:AOL
"{B882CB69-5CE9-4EA5-A9E7-8C0CF574F029}"= TCP:c:\program files\AOL 9.0\waol.exe:AOL
"{5E3D62A3-47E6-4AF5-8093-0088355C52DF}"= UDP:c:\program files\Common Files\aol\TopSpeed\3.0\aoltpsd3.exe:AOL TopSpeed
"{DDAF9BB1-FA19-41E1-8E66-569CD77F49E2}"= TCP:c:\program files\Common Files\aol\TopSpeed\3.0\aoltpsd3.exe:AOL TopSpeed
"{58CE86CB-7594-4CDB-B06D-555FBEBDA2B1}"= UDP:c:\program files\Common Files\aol\Loader\aolload.exe:AOL Loader
"{806A76AB-7DE9-46EF-AD7B-9FA286092277}"= TCP:c:\program files\Common Files\aol\Loader\aolload.exe:AOL Loader
"{490D2DC3-5C5D-40A0-9DF4-801CC98665FD}"= UDP:c:\program files\Common Files\aol\System Information\sinf.exe:AOL System Information
"{1443B3BB-9F0E-452A-A379-432EBC0B3BFB}"= TCP:c:\program files\Common Files\aol\System Information\sinf.exe:AOL System Information
"{2028591D-1713-4E81-8857-00300C5A28BB}"= UDP:c:\program files\AOL 9.0a\waol.exe:AOL
"{375BD338-B7BC-4D42-B896-C5B93E3EF7F0}"= TCP:c:\program files\AOL 9.0a\waol.exe:AOL
"{3F0A3FDD-4677-440F-99CD-E08CFBC90E42}"= UDP:c:\program files\TurboTax\Deluxe 2006\32bit\ttax.exe:TurboTax
"{032B39FD-7A0F-4CB6-AF5C-9A83288745D3}"= TCP:c:\program files\TurboTax\Deluxe 2006\32bit\ttax.exe:TurboTax
"{9475898D-9393-469C-A056-864B22CDD379}"= UDP:c:\program files\TurboTax\Deluxe 2006\32bit\updatemgr.exe:TurboTax Update Manager
"{B306443D-CEEF-4E96-B904-3A6267BB9A7B}"= TCP:c:\program files\TurboTax\Deluxe 2006\32bit\updatemgr.exe:TurboTax Update Manager
"{A7D580EA-6184-450A-B8E8-3FCB4B2A5EE0}"= UDP:c:\program files\TurboTax\Deluxe 2007\32bit\ttax.exe:TurboTax
"{0AEC26F2-7320-4304-8F78-F35A9B30D5D7}"= TCP:c:\program files\TurboTax\Deluxe 2007\32bit\ttax.exe:TurboTax
"{B817B331-DA71-4C8B-A597-B01742672B0B}"= UDP:c:\program files\TurboTax\Deluxe 2007\32bit\updatemgr.exe:TurboTax Update Manager
"{EA4C382F-A7B5-41DF-8871-4424CD9E8F75}"= TCP:c:\program files\TurboTax\Deluxe 2007\32bit\updatemgr.exe:TurboTax Update Manager
"{194C8B41-20D6-462C-A712-8EEE90C74289}"= UDP:c:\program files\AOL 9.0b\waol.exe:AOL
"{C2C67F20-4BE2-46F1-AD59-C96A24CD4962}"= TCP:c:\program files\AOL 9.0b\waol.exe:AOL
"{282D4CFC-62E1-43B2-96B8-DFA671651936}"= UDP:c:\program files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
"{68EDB24F-99FB-47F1-BBBA-01B429E5C527}"= TCP:c:\program files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)
"DoNotAllowExceptions"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)
"DoNotAllowExceptions"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"c:\\Program Files\\EarthLink TotalAccess\\TaskPanl.exe"= c:\program files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink
R0 SymEFA;Symantec Extended File Attributes;c:\windows\System32\drivers\N360\0300000.087\SymEFA.sys [4/22/2009 4:29 PM 310320]
R1 BHDrvx86;Symantec Heuristics Driver;c:\windows\System32\drivers\N360\0300000.087\BHDrvx86.sys [4/22/2009 4:29 PM 258608]
R1 ccHP;Symantec Hash Provider;c:\windows\System32\drivers\N360\0300000.087\cchpx86.sys [4/22/2009 4:29 PM 482352]
R1 IDSVix86;IDSVix86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090712.001\IDSvix86.sys [7/16/2009 7:41 PM 293424]
R2 IntuitUpdateService;Intuit Update Service;c:\program files\Common Files\Intuit\Update Service\IntuitUpdateService.exe [10/10/2008 6:45 AM 13088]
R2 N360;Norton 360;c:\program files\Norton 360\Engine\3.0.0.135\ccSvcHst.exe [4/22/2009 4:29 PM 115560]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [6/28/2009 3:03 AM 101936]
R3 netr73;USB Wireless 802.11 b/g Adaptor Driver for Vista;c:\windows\System32\drivers\netr73.sys [12/8/2007 2:42 AM 464384]
R3 SYMNDISV;Symantec Network Filter Driver;c:\windows\System32\drivers\N360\0300000.087\symndisv.sys [4/22/2009 4:29 PM 39984]
S3 athrusb;Atheros Wireless LAN USB device driver;c:\windows\System32\drivers\athrusb.sys [1/22/2009 4:06 PM 857600]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A509B1FF-37FF-4bFF-8CFF-4F3A747040FF}]
c:\windows\system32\rundll32.exe c:\windows\system32\advpack.dll,LaunchINFSectionEx c:\program files\Internet Explorer\clrtour.inf,DefaultInstall.ResetTour,,12
.
Contents of the 'Scheduled Tasks' folder
2009-04-22 c:\windows\Tasks\DriverCure.job
- c:\program files\ParetoLogic\DriverCure\DriverCure.exe [2009-02-27 19:07]
2009-07-01 c:\windows\Tasks\ParetoLogic Registration.job
- c:\program files\Common Files\ParetoLogic\UUS2\UUS.dll [2009-01-13 14:59]
2009-04-22 c:\windows\Tasks\ParetoLogic Update Version2.job
- c:\program files\Common Files\ParetoLogic\UUS2\Pareto_Update.exe [2009-01-13 14:59]
2009-07-17 c:\windows\Tasks\PersonalAV.job
- c:\program files\PersonalAV\pav.exe [2009-06-22 00:01]
2009-07-17 c:\windows\Tasks\RegCure Program Check.job
- c:\program files\RegCure\RegCure.exe [2008-12-29 17:58]
2009-02-15 c:\windows\Tasks\RegCure.job
- c:\program files\RegCure\RegCure.exe [2008-12-29 17:58]
2009-07-17 c:\windows\Tasks\User_Feed_Synchronization-{DAD83E96-82A7-4F9F-8F8D-5FECD111A0C1}.job
- c:\windows\system32\msfeedssync.exe [2009-03-27 11:31]
.

Here's the rest of the combo fix file:

.
- - - - ORPHANS REMOVED - - - -
HKLM-Run-HP Health Check Scheduler - [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe

.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com/?fr=fp-yie8
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Pavilion&pf=desktop
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
Trusted Zone: turbotax.com
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-07-16 20:38
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...

c:\users\VPNERR~1\AppData\Local\Temp\catchme.dll 53248 bytes executable
scan completed successfully
hidden files: 1
**************************************************************************
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\N360]
"ImagePath"="\"c:\program files\Norton 360\Engine\3.0.0.135\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton 360\Engine\3.0.0.135\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2009-07-17 20:41
ComboFix-quarantined-files.txt 2009-07-17 01:41
Pre-Run: 454,804,209,664 bytes free
Post-Run: 454,729,261,056 bytes free
260 --- E O F --- 2009-06-26 08:38

YOU GUYS ROCK!!!!
THANK YOU MY PC IS ALL FIXED BECAUSE OF YOU!!!!
I WILL SPEAD THE WORD ABOUT THIS SITE!!!!
**** Personal Antivirus Victum, Fixed my GeekPolice****
Happy in Michigan