Jump to content

CelticFrost

Members
  • Posts

    13
  • Joined

  • Last visited

Reputation

0 Neutral
  1. When I logged onto my user account today and went to use the internet using Firefox I get 403 Forbidden. I get the same thing for any address I put in. I called my IP provider and we went through bunch of stuff like the ping command to yahoo and google and they all came back ok. So I take it I can reach out to a address but cant get to any website on my browser, also does same on IE. I can connect to the internet on mIRC Dalnet chat so that works. When the IP provider asked if I had another account iI said yes and we went to that one which is my wifes and you can get to any website address on her account. After that we tryed reseting my modem and rebooted and still same thing on my account. I dont know if Im hijacked or what, because I have been outta town last 10 days and the account hasnt been used since then till today and when I left all was working fine. I dont want to have to delete my account and start over if dont have to. If anybody has ideas how to fix this it would be great. Thank you in advance.
  2. When I logged onto my user account today and went to use the internet using Firefox I get 403 Forbidden. I get the same thing for any address I put in. I called my IP provider and we went through bunch of stuff like the ping command to yahoo and google and they all came back ok. So I take it I can reach out to a address but cant get to any website on my browser, also does same on IE. I can connect to the internet on mIRC Dalnet chat so that works. When the IP provider asked if I had another account iI said yes and we went to that one which is my wifes and you can get to any website address on her account. After that we tryed reseting my modem and rebooted and still same thing on my account. I dont know if Im hijacked or what, because I have been outta town last 10 days and the account hasnt been used since then till today and when I left all was working fine. I dont want to have to delete my account and start over if dont have to. If anybody has ideas how to fix this it would be great. Thank you in advance.
  3. No I havnt tryed that disabling the antivirus. Will do that now and try that update will let ya know how goes.
  4. Dont think im infected, just did a post on here bout couple weeks ago for a Google redirect problem and did all that stuff with Combofix and some other progs, so think I should be clean. Just ran a scan today with MB and cam back 0. Im running avast antivirus free. LoL I see your from Iowa, Altoona Ia here.
  5. Ok thank you. Also I have had problem installing Windows XP service Pack 3 KB936929 for a while now and have just gave up on it. Just now the update showed it again and still wont fully install. Looked for it on the MS download center and cant seem to find it? or the right one lol.
  6. Im getting a msg at the end of a Windows update saying that one of the following could not be fully installed. Its the Microsoft .Network 3.5 SP1 and .Net framework family update for 2.0 3.5. Dont know if these are crucial or not but when I close out the update after getting that msg the yellow shield with the ! on it is still on bottom right so I clicked it again and says one update available and its the same one. Tryed it again and did same thing. Thanks for any insight on this in advance.
  7. The Jotti scan said Found nothing on all scans and here is the ComboFix log. Computer is still working fine. ComboFix 10-05-30.09 - Mike 05/31/2010 9:18.2.1 - x86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.446.121 [GMT -5:00] Running from: c:\documents and settings\Mike.YOUR-4DACD0EA75\My Documents\Downloads\ComboFix.exe Command switches used :: c:\documents and settings\Mike.YOUR-4DACD0EA75\My Documents\Downloads\CFScript.txt AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} FILE :: "c:\windows\system32\puinsd.dll" . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\system32\puinsd.dll . ((((((((((((((((((((((((( Files Created from 2010-04-28 to 2010-05-31 ))))))))))))))))))))))))))))))) . 2010-05-30 16:07 . 2010-05-30 16:08 -------- d-----w- c:\documents and settings\All Users\Application Data\FreeHideIP 2010-05-30 16:07 . 2010-05-30 16:07 -------- d-----w- c:\documents and settings\Mike.YOUR-4DACD0EA75\Application Data\FreeHideIP 2010-05-30 16:07 . 2010-05-30 16:07 -------- d-----w- c:\program files\FreeHideIP 2010-05-25 00:18 . 2010-05-25 00:18 503808 ----a-w- c:\documents and settings\Mike.YOUR-4DACD0EA75\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-7e2dd005-n\msvcp71.dll 2010-05-25 00:18 . 2010-05-25 00:18 61440 ----a-w- c:\documents and settings\Mike.YOUR-4DACD0EA75\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-4caafccb-n\decora-sse.dll 2010-05-25 00:18 . 2010-05-25 00:18 499712 ----a-w- c:\documents and settings\Mike.YOUR-4DACD0EA75\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-7e2dd005-n\jmc.dll 2010-05-25 00:18 . 2010-05-25 00:18 348160 ----a-w- c:\documents and settings\Mike.YOUR-4DACD0EA75\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-7e2dd005-n\msvcr71.dll 2010-05-25 00:18 . 2010-05-25 00:18 12800 ----a-w- c:\documents and settings\Mike.YOUR-4DACD0EA75\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-4caafccb-n\decora-d3d.dll 2010-05-24 21:15 . 2010-04-29 20:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-05-24 21:15 . 2010-05-24 21:15 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-05-24 21:15 . 2010-04-29 20:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-05-24 21:03 . 2010-05-24 21:03 -------- d-----w- c:\documents and settings\Compaq_Administrator.YOUR-4DACD0EA75\Application Data\Malwarebytes 2010-05-22 23:08 . 2010-03-29 14:59 52224 ----a-w- c:\documents and settings\Compaq_Administrator.YOUR-4DACD0EA75\Application Data\Mozilla\Firefox\Profiles\00r9myd4.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\FFExternalAlert.dll 2010-05-22 23:08 . 2010-03-29 14:59 101376 ----a-w- c:\documents and settings\Compaq_Administrator.YOUR-4DACD0EA75\Application Data\Mozilla\Firefox\Profiles\00r9myd4.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\RadioWMPCore.dll 2010-05-22 22:56 . 2010-05-22 22:56 503808 ----a-w- c:\documents and settings\Compaq_Administrator.YOUR-4DACD0EA75\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-1c925385-n\msvcp71.dll 2010-05-22 22:56 . 2010-05-22 22:56 499712 ----a-w- c:\documents and settings\Compaq_Administrator.YOUR-4DACD0EA75\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-1c925385-n\jmc.dll 2010-05-22 22:56 . 2010-05-22 22:56 12800 ----a-w- c:\documents and settings\Compaq_Administrator.YOUR-4DACD0EA75\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-69a56f53-n\decora-d3d.dll 2010-05-22 22:56 . 2010-05-22 22:56 61440 ----a-w- c:\documents and settings\Compaq_Administrator.YOUR-4DACD0EA75\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-69a56f53-n\decora-sse.dll 2010-05-22 22:56 . 2010-05-22 22:56 348160 ----a-w- c:\documents and settings\Compaq_Administrator.YOUR-4DACD0EA75\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-1c925385-n\msvcr71.dll 2010-05-20 21:12 . 2010-05-20 21:12 -------- d-----w- c:\documents and settings\All Users\Application Data\TomTom 2010-05-20 21:06 . 2010-05-20 21:06 -------- d-----w- c:\documents and settings\Mike.YOUR-4DACD0EA75\Local Settings\Application Data\TomTom 2010-05-20 21:06 . 2010-05-20 21:06 -------- d-----w- c:\documents and settings\Mike.YOUR-4DACD0EA75\Application Data\TomTom 2010-05-20 21:06 . 2010-05-20 21:06 -------- d-----w- c:\program files\TomTom International B.V 2010-05-20 21:06 . 2010-05-20 21:06 -------- d-----w- c:\program files\TomTom HOME 2 2010-05-20 01:55 . 2010-05-20 01:55 -------- d-----w- c:\documents and settings\Compaq_Administrator.YOUR-4DACD0EA75\Local Settings\Application Data\Google 2010-05-19 21:40 . 2010-05-19 21:40 -------- d-----w- c:\documents and settings\Mike.YOUR-4DACD0EA75\Application Data\HPQ 2010-05-19 09:15 . 2010-05-19 09:15 -------- d-s---w- c:\documents and settings\NetworkService\UserData 2010-05-18 20:49 . 2010-05-18 20:49 -------- d-----w- c:\documents and settings\Mike.YOUR-4DACD0EA75\Application Data\Malwarebytes 2010-05-10 23:58 . 2010-05-10 23:58 -------- d-----w- c:\documents and settings\Mike.YOUR-4DACD0EA75\Local Settings\Application Data\Google 2010-05-05 21:30 . 2010-05-05 21:30 56766 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DivXPlusShortcuts\Uninstaller.exe 2010-05-05 21:30 . 2010-05-05 21:30 53600 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Update\Uninstaller.exe 2010-05-05 21:30 . 2010-05-05 21:30 57679 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Player\Uninstaller.exe 2010-05-05 21:29 . 2010-05-05 21:29 84040 ----a-w- c:\documents and settings\All Users\Application Data\DivX\TransferWizard\Uninstaller.exe 2010-05-05 21:29 . 2010-05-05 21:29 54166 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DSAVCDecoder\Uninstaller.exe 2010-05-05 21:29 . 2010-05-05 21:29 57532 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DSASPDecoder\Uninstaller.exe 2010-05-05 21:29 . 2010-05-05 21:29 54153 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DFXPlugin\Uninstaller.exe 2010-05-05 21:29 . 2010-05-05 21:29 54128 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Converter\Uninstaller.exe 2010-05-05 21:29 . 2010-05-05 21:29 57409 ----a-w- c:\documents and settings\All Users\Application Data\DivX\ControlPanel\Uninstaller.exe 2010-05-03 15:26 . 2010-05-03 15:28 -------- d-----w- C:\CtDriverInstTemp 2010-05-03 15:26 . 2010-05-03 15:28 -------- d-----w- C:\WebCam3Gen 2010-05-03 14:53 . 1999-01-08 21:39 143360 ----a-w- c:\windows\system32\vvlppc2.dll 2010-05-03 14:53 . 1999-01-06 15:47 30112 ----a-w- c:\windows\system32\drivers\vvlppc2.sys 2010-05-03 14:53 . 1998-09-18 18:59 71168 ----a-w- c:\windows\system32\vvldec32.dll 2010-05-03 14:53 . 1998-08-14 19:39 30720 ----a-w- c:\windows\system32\vvlcodec.dll . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-05-31 13:49 . 2010-03-23 22:49 -------- d-----w- c:\program files\Inbox 2010-05-30 14:18 . 2010-02-17 17:26 -------- d-----w- c:\documents and settings\Mike.YOUR-4DACD0EA75\Application Data\dvdcss 2010-05-26 12:33 . 2010-04-02 22:03 -------- d-----w- c:\program files\PlaySushi 2010-05-22 23:58 . 2010-02-13 13:58 159 ----a-w- c:\documents and settings\Compaq_Administrator.YOUR-4DACD0EA75\Local Settings\Application Data\fusioncache.dat 2010-05-21 01:52 . 2010-04-15 00:00 664 ----a-w- c:\windows\system32\d3d9caps.dat 2010-05-15 21:17 . 2010-02-22 20:18 -------- d-----w- c:\documents and settings\Mike.YOUR-4DACD0EA75\Application Data\DVD Flick 2010-05-15 15:01 . 2010-02-22 19:46 -------- d-----w- c:\documents and settings\Mike.YOUR-4DACD0EA75\Application Data\uTorrent 2010-05-13 22:07 . 2010-02-20 23:36 2106 ----a-w- c:\documents and settings\Compaq_Administrator.YOUR-4DACD0EA75\Application Data\wklnhst.dat 2010-05-10 23:54 . 2010-02-17 13:25 -------- d-----w- c:\documents and settings\Mike.YOUR-4DACD0EA75\Application Data\IObit 2010-05-06 20:59 . 2010-02-13 17:35 165032 ----a-w- c:\windows\system32\aswBoot.exe 2010-05-06 20:39 . 2010-02-13 17:36 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2010-05-06 20:39 . 2010-02-13 17:36 164048 ----a-w- c:\windows\system32\drivers\aswSP.sys 2010-05-06 20:34 . 2010-02-13 17:36 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2010-05-06 20:33 . 2010-02-13 17:36 100432 ----a-w- c:\windows\system32\drivers\aswmon2.sys 2010-05-06 20:33 . 2010-02-13 17:36 94800 ----a-w- c:\windows\system32\drivers\aswmon.sys 2010-05-06 20:33 . 2010-02-13 17:36 19024 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2010-05-06 20:33 . 2010-02-13 17:36 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys 2010-05-05 21:30 . 2010-04-26 00:08 -------- d-----w- c:\documents and settings\All Users\Application Data\DivX 2010-05-05 21:30 . 2010-04-26 00:12 57344 ----a-w- c:\documents and settings\All Users\Application Data\DivX\RunAsUser\RUNASUSERPROCESS.dll 2010-05-05 21:30 . 2007-09-20 22:38 -------- d-----w- c:\program files\DivX 2010-05-05 21:28 . 2010-04-26 00:08 144696 ----a-w- c:\documents and settings\All Users\Application Data\DivX\RunAsUser\RUNASUSERPROCESS.exe 2010-05-05 21:28 . 2010-04-26 00:12 754984 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Setup\Resource.dll 2010-05-05 21:28 . 2010-04-26 00:12 1180952 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Setup\DivXSetup.exe 2010-04-28 16:32 . 2010-04-14 14:27 -------- d-----w- c:\program files\MatriX 2010-04-26 00:14 . 2010-04-26 00:11 -------- d-----w- c:\documents and settings\Mike.YOUR-4DACD0EA75\Application Data\DivX 2010-04-26 00:12 . 2010-04-26 00:12 56978 ----a-w- c:\documents and settings\All Users\Application Data\DivX\WebPlayer\Uninstaller.exe 2010-04-26 00:11 . 2010-04-26 00:11 57054 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DSDesktopComponents\Uninstaller.exe 2010-04-26 00:11 . 2010-04-26 00:11 56458 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DivXDecoderShortcut\Uninstaller.exe 2010-04-26 00:11 . 2010-04-26 00:11 54174 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DSAACDecoder\Uninstaller.exe 2010-04-26 00:11 . 2010-04-26 00:11 54629 ----a-w- c:\documents and settings\All Users\Application Data\DivX\TranscodeEngine\Uninstaller.exe 2010-04-26 00:10 . 2010-04-26 00:10 54101 ----a-w- c:\documents and settings\All Users\Application Data\DivX\MPEG2Plugin\Uninstaller.exe 2010-04-26 00:10 . 2010-04-26 00:10 52963 ----a-w- c:\documents and settings\All Users\Application Data\DivX\MSVC80CRTRedist\Uninstaller.exe 2010-04-26 00:10 . 2010-04-26 00:10 54073 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Qt4.5\Uninstaller.exe 2010-04-26 00:10 . 2010-04-26 00:10 56969 ----a-w- c:\documents and settings\All Users\Application Data\DivX\ASPEncoder\Uninstaller.exe 2010-04-26 00:10 . 2009-08-15 03:14 -------- d-----w- c:\program files\Common Files\DivX Shared 2010-04-15 23:07 . 2006-09-12 00:59 -------- d-----w- c:\program files\Common Files\Java 2010-04-15 23:06 . 2010-04-15 23:07 411368 ----a-w- c:\windows\system32\deployJava1.dll 2010-04-15 23:06 . 2006-09-12 00:59 -------- d-----w- c:\program files\Java 2010-04-15 00:00 . 2010-04-15 00:00 348160 ----a-w- c:\documents and settings\Compaq_Administrator.YOUR-4DACD0EA75\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-5de7490b-n\msvcr71.dll 2010-04-15 00:00 . 2010-04-15 00:00 503808 ----a-w- c:\documents and settings\Compaq_Administrator.YOUR-4DACD0EA75\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-5de7490b-n\msvcp71.dll 2010-04-15 00:00 . 2010-04-15 00:00 61440 ----a-w- c:\documents and settings\Compaq_Administrator.YOUR-4DACD0EA75\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-69e04e31-n\decora-sse.dll 2010-04-15 00:00 . 2010-04-15 00:00 499712 ----a-w- c:\documents and settings\Compaq_Administrator.YOUR-4DACD0EA75\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-5de7490b-n\jmc.dll 2010-04-15 00:00 . 2010-04-15 00:00 12800 ----a-w- c:\documents and settings\Compaq_Administrator.YOUR-4DACD0EA75\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-69e04e31-n\decora-d3d.dll 2010-04-14 19:24 . 2010-04-14 19:24 348160 ----a-w- c:\documents and settings\Mike.YOUR-4DACD0EA75\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-57d4268f-n\msvcr71.dll 2010-04-14 19:24 . 2010-04-14 19:24 61440 ----a-w- c:\documents and settings\Mike.YOUR-4DACD0EA75\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-775eb6a8-n\decora-sse.dll 2010-04-14 19:24 . 2010-04-14 19:24 503808 ----a-w- c:\documents and settings\Mike.YOUR-4DACD0EA75\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-57d4268f-n\msvcp71.dll 2010-04-14 19:24 . 2010-04-14 19:24 499712 ----a-w- c:\documents and settings\Mike.YOUR-4DACD0EA75\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-57d4268f-n\jmc.dll 2010-04-14 19:24 . 2010-04-14 19:24 12800 ----a-w- c:\documents and settings\Mike.YOUR-4DACD0EA75\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-775eb6a8-n\decora-d3d.dll 2010-04-14 16:47 . 2010-02-13 17:35 38848 ----a-w- c:\windows\system32\avastSS.scr 2010-04-14 16:36 . 2010-03-18 04:28 -------- d-----w- c:\program files\Free DVD Creator 2010-04-14 13:15 . 2010-04-14 12:57 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS 2010-04-14 13:01 . 2006-09-12 01:35 -------- d-----w- c:\program files\Common Files\Adobe 2010-04-14 12:58 . 2010-04-14 12:58 -------- d-----w- c:\program files\Common Files\Adobe AIR 2010-04-14 12:57 . 2010-04-14 12:57 86016 ----a-w- c:\documents and settings\All Users\Application Data\NOS\Adobe_Downloads\arh.exe 2010-04-08 05:15 . 2010-03-15 04:34 -------- d-----w- c:\program files\DownloadToolz 2010-04-02 22:01 . 2010-02-27 04:13 -------- d-----w- c:\documents and settings\Compaq_Administrator.YOUR-4DACD0EA75\Application Data\Apple Computer 2010-04-01 01:14 . 2010-04-01 01:14 73000 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 9.1.0.79\SetupAdmin.exe 2010-04-01 01:11 . 2010-04-01 01:11 79144 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\Safari 5.31.22.7\SetupAdmin.exe 2010-03-31 01:58 . 2010-04-26 00:11 133616 ------w- c:\windows\system32\pxafs.dll 2010-03-31 01:58 . 2006-09-12 01:29 125424 ------w- c:\windows\system32\pxinsi64.exe 2010-03-31 01:58 . 2006-09-12 01:29 123888 ------w- c:\windows\system32\pxcpyi64.exe 2010-03-31 01:58 . 2005-08-19 17:00 44944 ----a-w- c:\windows\system32\drivers\pxhelp20.sys 2010-03-24 22:12 . 2010-03-24 22:01 170 ----a-w- c:\documents and settings\Mike.YOUR-4DACD0EA75\Application Data\wklnhst.dat 2010-03-18 18:48 . 2005-08-31 04:01 92947 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat 2010-03-18 18:48 . 2010-03-18 18:48 208896 ----a-w- c:\windows\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\WebHelper.dll 2010-03-18 18:48 . 2010-03-18 18:48 45056 ----a-w- c:\windows\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\uninstallUI\eHelpSetup.exe 2010-03-18 18:48 . 2010-03-18 18:48 61440 ----a-w- c:\windows\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\modemutil.dll 2010-03-18 18:48 . 2010-03-18 18:48 44032 ----a-w- c:\windows\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\Scripts\devcon.exe 2010-03-18 18:48 . 2010-03-18 18:48 40960 ----a-w- c:\windows\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\ScDmi.dll 2010-03-18 18:48 . 2010-03-18 18:48 341048 ----a-w- c:\windows\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\HPBasicDetection3.dll 2010-03-18 18:48 . 2010-03-18 18:48 32768 ----a-w- c:\windows\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\uploadHSC.dll 2010-03-18 18:48 . 2010-03-18 18:48 32768 ----a-w- c:\windows\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\Scom.dll 2010-03-18 18:48 . 2010-03-18 18:48 163840 ----a-w- c:\windows\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\modemcheck.dll 2010-03-09 14:53 . 2008-03-06 19:09 121325 ----a-w- c:\windows\hpoins15.dat 2010-03-08 17:59 . 2010-03-08 17:59 94208 ----a-w- c:\windows\system32\dpl100.dll 2010-03-03 14:22 . 2010-02-14 03:40 143 ----a-w- c:\documents and settings\Mike.YOUR-4DACD0EA75\Local Settings\Application Data\fusioncache.dat 2007-06-22 00:38 . 2007-06-22 00:38 30280 ----a-w- c:\program files\mozilla firefox\plugins\cgpcfg.dll 2007-06-22 00:38 . 2007-06-22 00:38 79432 ----a-w- c:\program files\mozilla firefox\plugins\CgpCore.dll 2007-06-22 00:38 . 2007-06-22 00:38 71240 ----a-w- c:\program files\mozilla firefox\plugins\confmgr.dll 2007-06-22 00:38 . 2007-06-22 00:38 140872 ----a-w- c:\program files\mozilla firefox\plugins\ctxmui.dll 2007-06-22 00:39 . 2007-06-22 00:39 38472 ----a-w- c:\program files\mozilla firefox\plugins\icafile.dll 2007-06-22 00:39 . 2007-06-22 00:39 46664 ----a-w- c:\program files\mozilla firefox\plugins\icalogon.dll 2007-06-22 00:39 . 2007-06-22 00:39 34376 ----a-w- c:\program files\mozilla firefox\plugins\logging.dll 2007-06-22 00:39 . 2007-06-22 00:39 685640 ----a-w- c:\program files\mozilla firefox\plugins\sslsdk_b.dll 2007-06-22 00:40 . 2007-06-22 00:40 30280 ----a-w- c:\program files\mozilla firefox\plugins\TcpPServ.dll . ------- Sigcheck ------- [-] 2009-12-09 . 05BE3D9A71972223AFF6A3C823BA51B1 . 2189312 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165\SP3QFE\ntoskrnl.exe [-] 2009-12-09 . 05BE3D9A71972223AFF6A3C823BA51B1 . 2189312 . . [5.1.2600.5913] . . c:\windows\SoftwareDistribution\Download\1e737459aaabc35cf71b0434922b4d59\SP3QFE\ntoskrnl.exe [-] 2009-12-08 . 78EC47F9B9A3A1D539262D8834C896CE . 2189184 . . [5.1.2600.5913] . . c:\windows\Driver Cache\i386\ntoskrnl.exe [-] 2009-12-08 . 78EC47F9B9A3A1D539262D8834C896CE . 2189184 . . [5.1.2600.5913] . . c:\windows\SoftwareDistribution\Download\1e737459aaabc35cf71b0434922b4d59\SP3GDR\ntoskrnl.exe [-] 2009-12-08 . 78EC47F9B9A3A1D539262D8834C896CE . 2189184 . . [5.1.2600.5913] . . c:\windows\system32\ntoskrnl.exe [-] 2009-12-08 . 5648297DBF1C631164F779863DF9D5BF . 2180352 . . [5.1.2600.3654] . . c:\windows\SoftwareDistribution\Download\1e737459aaabc35cf71b0434922b4d59\SP2GDR\ntoskrnl.exe [-] 2009-12-08 . 128D88B3176E70B2E3088ECEB842B673 . 2185984 . . [5.1.2600.3654] . . c:\windows\SoftwareDistribution\Download\1e737459aaabc35cf71b0434922b4d59\SP2QFE\ntoskrnl.exe [-] 2009-08-04 . FDE779EA1A564EBFE16F4E0F82B61BAD . 2189312 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3QFE\ntoskrnl.exe [7] 2009-02-08 . EFE8EACE83EAAD5849A7A548FB75B584 . 2189184 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe [7] 2009-02-06 . FACEBB0CA3154F77009CDFEE78A00BBB . 2180480 . . [5.1.2600.3520] . . c:\windows\system32\dllcache\ntoskrnl.exe [7] 2009-02-06 . 7A95B10A73737EBF24139AAA63F5212B . 2189056 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\ntoskrnl.exe [7] 2009-02-06 . 6A936E9D7BADAF3CAAEED1E1966EC1B0 . 2186112 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB956572\SP2QFE\ntoskrnl.exe [-] 2008-08-14 . 31914172342BFF330063F343AC6958FE . 2189184 . . [5.1.2600.5657] . . c:\windows\$hf_mig$\KB956841\SP3QFE\ntoskrnl.exe [7] 2008-04-13 . 0C89243C7C3EE199B96FCC16990E0679 . 2188928 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntoskrnl.exe [7] 2008-04-13 . 0C89243C7C3EE199B96FCC16990E0679 . 2188928 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\ntoskrnl.exe [7] 2007-02-28 . 5A5C8DB4AA962C714C8371FBDF189FC9 . 2182144 . . [5.1.2600.3093] . . c:\windows\$hf_mig$\KB931784\SP2QFE\ntoskrnl.exe [7] 2006-12-19 . CEF243F6DEFD20BE4ADDE26C7ECACB54 . 2182016 . . [5.1.2600.3051] . . c:\windows\$hf_mig$\KB929338\SP2QFE\ntoskrnl.exe [7] 2005-03-02 . 28187802B7C368C0D3AEF7D4C382AABB . 2179456 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\ntoskrnl.exe [-] 2009-12-09 . FFDCE1EEA79C678C40237D4E031E5B51 . 2066176 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165\SP3QFE\ntkrnlpa.exe [-] 2009-12-09 . FFDCE1EEA79C678C40237D4E031E5B51 . 2066176 . . [5.1.2600.5913] . . c:\windows\SoftwareDistribution\Download\1e737459aaabc35cf71b0434922b4d59\SP3QFE\ntkrnlpa.exe [-] 2009-12-08 . A6683E23468776F75EB2D8C6A02AAD3B . 2066048 . . [5.1.2600.5913] . . c:\windows\Driver Cache\i386\ntkrnlpa.exe [-] 2009-12-08 . A6683E23468776F75EB2D8C6A02AAD3B . 2066048 . . [5.1.2600.5913] . . c:\windows\SoftwareDistribution\Download\1e737459aaabc35cf71b0434922b4d59\SP3GDR\ntkrnlpa.exe [-] 2009-12-08 . A6683E23468776F75EB2D8C6A02AAD3B . 2066048 . . [5.1.2600.5913] . . c:\windows\system32\ntkrnlpa.exe [-] 2009-12-08 . 384B15FBDCE2A54089A922886DED4EA0 . 2057728 . . [5.1.2600.3654] . . c:\windows\SoftwareDistribution\Download\1e737459aaabc35cf71b0434922b4d59\SP2GDR\ntkrnlpa.exe [-] 2009-12-08 . BC123D9238A0C9BB3D853E407EE77254 . 2063104 . . [5.1.2600.3654] . . c:\windows\SoftwareDistribution\Download\1e737459aaabc35cf71b0434922b4d59\SP2QFE\ntkrnlpa.exe [-] 2009-08-04 . 363B2BBEE0AEDC9E5433616D0AD0236A . 2066176 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3QFE\ntkrnlpa.exe [7] 2009-02-08 . 5BA7F2141BC6DB06100D0E5A732C617A . 2066048 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\ntkrnlpa.exe [7] 2009-02-06 . 3006410E24772CC6953F0B5C01BEB35F . 2057728 . . [5.1.2600.3520] . . c:\windows\system32\dllcache\ntkrnlpa.exe [7] 2009-02-06 . 607352B9CB3D708C67F6039097801B5A . 2066176 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe [7] 2009-02-06 . 9D832AF3FD1917DB0E1E8B2F000A2E3A . 2062976 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB956572\SP2QFE\ntkrnlpa.exe [-] 2008-08-14 . A25E9B86EFFB2AF33BF51E676B68BFB0 . 2066048 . . [5.1.2600.5657] . . c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrnlpa.exe [7] 2008-04-13 . 109F8E3E3C82E337BB71B6BC9B895D61 . 2065792 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntkrnlpa.exe [7] 2008-04-13 . 109F8E3E3C82E337BB71B6BC9B895D61 . 2065792 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\ntkrnlpa.exe [7] 2007-02-28 . 4D3DBDCCBF97F5BA1E74F322B155C3BA . 2059392 . . [5.1.2600.3093] . . c:\windows\$hf_mig$\KB931784\SP2QFE\ntkrnlpa.exe [7] 2006-12-19 . BA4B97C00A437C1CC3DA365D93EE1E9D . 2059392 . . [5.1.2600.3051] . . c:\windows\$hf_mig$\KB929338\SP2QFE\ntkrnlpa.exe [7] 2005-03-02 . D8ABA3EAB509627E707A3B14F00FBB6B . 2056832 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\ntkrnlpa.exe . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2009-11-13 247144] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ftutil2"="ftutil2.dll" [2004-06-07 106496] "RTHDCPL"="RTHDCPL.EXE" [2006-06-14 16239616] "AlwaysReady Power Message APP"="ARPWRMSG.EXE" [2005-08-03 77312] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-05-09 7311360] "nwiz"="nwiz.exe" [2006-05-09 1519616] "Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2005-07-23 237568] "HPBootOp"="c:\program files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" [2006-02-16 249856] "HP Software Update"="c:\program files\HP\HP Software Update\HPwuSchd2.exe" [2005-02-17 49152] "avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-05-06 2815192] "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2006-09-12 180269] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-04-04 36272] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040] "DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-04-12 1135912] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-03-18 421888] c:\documents and settings\Default User\Start Menu\Programs\Startup\ Pin.lnk - c:\hp\bin\CLOAKER.EXE [2006-9-11 27136] PinMcLnk.lnk - c:\hp\bin\cloaker.exe [2006-9-11 27136] c:\documents and settings\Mike.YOUR-4DACD0EA75\Start Menu\Programs\Startup\ PinMcLnk.lnk - c:\hp\bin\cloaker.exe [2006-9-11 27136] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] 2004-10-13 23:24 1694208 ----a-w- c:\program files\Messenger\msmsgs.exe [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\DISC\\DISCover.exe"= "c:\\Program Files\\DISC\\DiscStreamHub.exe"= "c:\\Program Files\\DISC\\myFTP.exe"= "c:\\Program Files\\Compaq Connections\\5577497\\Program\\Compaq Connections.exe"= "c:\\WINDOWS\\system32\\dpvsetup.exe"= "c:\\Program Files\\Shareaza\\Shareaza.exe"= "c:\\Program Files\\uTorrent\\utorrent.exe"= "c:\\Program Files\\iMesh Applications\\iMesh\\iMesh.exe"= "c:\\moove\\_adv.exe"= "c:\\Program Files\\Mozilla Firefox\\firefox.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\MatriX\\mIRC.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2/13/2010 12:36 PM 164048] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2/13/2010 12:36 PM 19024] R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [11/13/2009 6:31 AM 92008] R2 vvlppc2;vvlppc2;c:\windows\system32\drivers\vvlppc2.sys [5/3/2010 9:53 AM 30112] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 . Contents of the 'Scheduled Tasks' folder 2010-05-27 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 18:34] . . ------- Supplementary Scan ------- . uStart Page = hxxp://search.orbitdownloader.com uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=64&bd=PRESARIO&pf=desktop mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=64&bd=PRESARIO&pf=desktop mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=64&bd=PRESARIO&pf=desktop uInternet Settings,ProxyServer = http=;ftp=;https=; IE: Inbox Search - tbr:iemenu Trusted Zone: moove.com Trusted Zone: trymedia.com Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\Inbox\ctbr.dll . - - - - ORPHANS REMOVED - - - - Notify-puinsd - puinsd.dll ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-05-31 09:31 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . ------------------------ Other Running Processes ------------------------ . c:\program files\Alwil Software\Avast5\AvastSvc.exe c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\windows\arservice.exe c:\program files\Bonjour\mDNSResponder.exe c:\windows\eHome\ehRecvr.exe c:\windows\eHome\ehSched.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\Common Files\LightScribe\LSSrvc.exe c:\windows\system32\nvsvc32.exe c:\windows\system32\wdfmgr.exe c:\windows\ehome\mcrdsvc.exe c:\windows\system32\dllhost.exe c:\windows\system32\wscntfy.exe c:\windows\RTHDCPL.EXE c:\windows\ARPWRMSG.EXE c:\windows\system\hpsysdrv.exe c:\program files\iTunes\iTunesHelper.exe c:\program files\DISC\DISCover.exe c:\program files\DISC\DiscUpdMgr.exe c:\program files\DISC\DiscStreamHub.exe c:\program files\iPod\bin\iPodService.exe . ************************************************************************** . Completion time: 2010-05-31 09:37:38 - machine was rebooted ComboFix-quarantined-files.txt 2010-05-31 14:37 ComboFix2.txt 2010-05-26 12:47 Pre-Run: 82,076,143,616 bytes free Post-Run: 82,014,998,528 bytes free Current=1 Default=1 Failed=0 LastKnownGood=5 Sets=,1,2,3,4,5 - - End Of File - - E55F0317FF2C9A050E697C6DE7EAD394
  8. Everything seems to be working fine now, Google is going to all links that I click on with no redirect. Thank you very! much! for the help. Here is the ComboFix log. ComboFix 10-05-25.05 - Mike 05/26/2010 7:23.1.1 - x86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.446.177 [GMT -5:00] Running from: c:\documents and settings\Mike.YOUR-4DACD0EA75\My Documents\Downloads\ComboFix.exe AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\program files\PlaySushi\PSTExt.dll c:\windows\system32\_004774_.tmp.dll c:\windows\system32\_004775_.tmp.dll c:\windows\system32\_004776_.tmp.dll c:\windows\system32\_004777_.tmp.dll c:\windows\system32\_004784_.tmp.dll c:\windows\system32\_004785_.tmp.dll c:\windows\system32\_004786_.tmp.dll c:\windows\system32\_004788_.tmp.dll c:\windows\system32\_004789_.tmp.dll c:\windows\system32\_004792_.tmp.dll c:\windows\system32\_004793_.tmp.dll c:\windows\system32\_004795_.tmp.dll c:\windows\system32\_004796_.tmp.dll c:\windows\system32\_004797_.tmp.dll c:\windows\system32\_004799_.tmp.dll c:\windows\system32\_004802_.tmp.dll c:\windows\system32\_004803_.tmp.dll c:\windows\system32\_004807_.tmp.dll c:\windows\system32\_004808_.tmp.dll c:\windows\system32\_004810_.tmp.dll c:\windows\system32\_004813_.tmp.dll c:\windows\system32\_004815_.tmp.dll c:\windows\system32\_004816_.tmp.dll c:\windows\system32\_004817_.tmp.dll c:\windows\system32\_004818_.tmp.dll c:\windows\system32\_004821_.tmp.dll c:\windows\system32\_004822_.tmp.dll c:\windows\system32\_004823_.tmp.dll c:\windows\system32\_004824_.tmp.dll c:\windows\system32\_004825_.tmp.dll c:\windows\system32\_004830_.tmp.dll c:\windows\system32\_004832_.tmp.dll c:\windows\system32\_004833_.tmp.dll c:\windows\system32\_004994_.tmp.dll c:\windows\system32\_004995_.tmp.dll c:\windows\system32\_004996_.tmp.dll c:\windows\system32\_004997_.tmp.dll c:\windows\system32\_005004_.tmp.dll c:\windows\system32\_005005_.tmp.dll c:\windows\system32\_005006_.tmp.dll c:\windows\system32\_005008_.tmp.dll c:\windows\system32\_005009_.tmp.dll c:\windows\system32\_005012_.tmp.dll c:\windows\system32\_005013_.tmp.dll c:\windows\system32\_005015_.tmp.dll c:\windows\system32\_005016_.tmp.dll c:\windows\system32\_005017_.tmp.dll c:\windows\system32\_005019_.tmp.dll c:\windows\system32\_005022_.tmp.dll c:\windows\system32\_005023_.tmp.dll c:\windows\system32\_005027_.tmp.dll c:\windows\system32\_005028_.tmp.dll c:\windows\system32\_005030_.tmp.dll c:\windows\system32\_005033_.tmp.dll c:\windows\system32\_005035_.tmp.dll c:\windows\system32\_005036_.tmp.dll c:\windows\system32\_005037_.tmp.dll c:\windows\system32\_005038_.tmp.dll c:\windows\system32\_005041_.tmp.dll c:\windows\system32\_005042_.tmp.dll c:\windows\system32\_005043_.tmp.dll c:\windows\system32\_005044_.tmp.dll c:\windows\system32\_005045_.tmp.dll c:\windows\system32\_005050_.tmp.dll c:\windows\system32\_005052_.tmp.dll c:\windows\system32\_005053_.tmp.dll c:\windows\system32\_007952_.tmp.dll c:\windows\system32\_007953_.tmp.dll c:\windows\system32\_007954_.tmp.dll c:\windows\system32\_007955_.tmp.dll c:\windows\system32\_007962_.tmp.dll c:\windows\system32\_007963_.tmp.dll c:\windows\system32\_007964_.tmp.dll c:\windows\system32\_007965_.tmp.dll c:\windows\system32\_007967_.tmp.dll c:\windows\system32\_007968_.tmp.dll c:\windows\system32\_007971_.tmp.dll c:\windows\system32\_007972_.tmp.dll c:\windows\system32\_007974_.tmp.dll c:\windows\system32\_007975_.tmp.dll c:\windows\system32\_007976_.tmp.dll c:\windows\system32\_007978_.tmp.dll c:\windows\system32\_007981_.tmp.dll c:\windows\system32\_007982_.tmp.dll c:\windows\system32\_007986_.tmp.dll c:\windows\system32\_007987_.tmp.dll c:\windows\system32\_007989_.tmp.dll c:\windows\system32\_007992_.tmp.dll c:\windows\system32\_007994_.tmp.dll c:\windows\system32\_007995_.tmp.dll c:\windows\system32\_007996_.tmp.dll c:\windows\system32\_007997_.tmp.dll c:\windows\system32\_007998_.tmp.dll c:\windows\system32\_008001_.tmp.dll c:\windows\system32\_008002_.tmp.dll c:\windows\system32\_008003_.tmp.dll c:\windows\system32\_008004_.tmp.dll c:\windows\system32\_008005_.tmp.dll c:\windows\system32\_008010_.tmp.dll c:\windows\system32\_008012_.tmp.dll c:\windows\system32\_008013_.tmp.dll c:\windows\system32\AutoRun.inf D:\Autorun.inf G:\Autorun.inf Infected copy of c:\windows\system32\drivers\intelide.sys was found and disinfected Restored copy from - Kitty had a snack . ((((((((((((((((((((((((( Files Created from 2010-04-26 to 2010-05-26 ))))))))))))))))))))))))))))))) . 2010-05-24 21:15 . 2010-04-29 20:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-05-24 21:15 . 2010-05-24 21:15 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-05-24 21:15 . 2010-04-29 20:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-05-24 21:03 . 2010-05-24 21:03 -------- d-----w- c:\documents and settings\Compaq_Administrator.YOUR-4DACD0EA75\Application Data\Malwarebytes 2010-05-24 11:56 . 2010-05-24 11:56 22528 ----a-w- c:\windows\system32\puinsd.dll 2010-05-20 21:12 . 2010-05-20 21:12 -------- d-----w- c:\documents and settings\All Users\Application Data\TomTom 2010-05-20 21:06 . 2010-05-20 21:06 -------- d-----w- c:\documents and settings\Mike.YOUR-4DACD0EA75\Local Settings\Application Data\TomTom 2010-05-20 21:06 . 2010-05-20 21:06 -------- d-----w- c:\documents and settings\Mike.YOUR-4DACD0EA75\Application Data\TomTom 2010-05-20 21:06 . 2010-05-20 21:06 -------- d-----w- c:\program files\TomTom International B.V 2010-05-20 21:06 . 2010-05-20 21:06 -------- d-----w- c:\program files\TomTom HOME 2 2010-05-20 01:55 . 2010-05-20 01:55 -------- d-----w- c:\documents and settings\Compaq_Administrator.YOUR-4DACD0EA75\Local Settings\Application Data\Google 2010-05-19 21:40 . 2010-05-19 21:40 -------- d-----w- c:\documents and settings\Mike.YOUR-4DACD0EA75\Application Data\HPQ 2010-05-19 09:15 . 2010-05-19 09:15 -------- d-s---w- c:\documents and settings\NetworkService\UserData 2010-05-18 20:49 . 2010-05-18 20:49 -------- d-----w- c:\documents and settings\Mike.YOUR-4DACD0EA75\Application Data\Malwarebytes 2010-05-10 23:58 . 2010-05-10 23:58 -------- d-----w- c:\documents and settings\Mike.YOUR-4DACD0EA75\Local Settings\Application Data\Google 2010-05-03 15:26 . 2010-05-03 15:28 -------- d-----w- C:\CtDriverInstTemp 2010-05-03 15:26 . 2010-05-03 15:28 -------- d-----w- C:\WebCam3Gen 2010-05-03 14:53 . 1999-01-08 21:39 143360 ----a-w- c:\windows\system32\vvlppc2.dll 2010-05-03 14:53 . 1999-01-06 15:47 30112 ----a-w- c:\windows\system32\drivers\vvlppc2.sys 2010-05-03 14:53 . 1998-09-18 18:59 71168 ----a-w- c:\windows\system32\vvldec32.dll 2010-05-03 14:53 . 1998-08-14 19:39 30720 ----a-w- c:\windows\system32\vvlcodec.dll . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-05-26 12:33 . 2010-04-02 22:03 -------- d-----w- c:\program files\PlaySushi 2010-05-26 12:04 . 2010-03-23 22:49 -------- d-----w- c:\program files\Inbox 2010-05-25 00:18 . 2010-05-25 00:18 503808 ----a-w- c:\documents and settings\Mike.YOUR-4DACD0EA75\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-7e2dd005-n\msvcp71.dll 2010-05-25 00:18 . 2010-05-25 00:18 61440 ----a-w- c:\documents and settings\Mike.YOUR-4DACD0EA75\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-4caafccb-n\decora-sse.dll 2010-05-25 00:18 . 2010-05-25 00:18 499712 ----a-w- c:\documents and settings\Mike.YOUR-4DACD0EA75\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-7e2dd005-n\jmc.dll 2010-05-25 00:18 . 2010-05-25 00:18 348160 ----a-w- c:\documents and settings\Mike.YOUR-4DACD0EA75\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-7e2dd005-n\msvcr71.dll 2010-05-25 00:18 . 2010-05-25 00:18 12800 ----a-w- c:\documents and settings\Mike.YOUR-4DACD0EA75\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-4caafccb-n\decora-d3d.dll 2010-05-22 23:58 . 2010-02-13 13:58 159 ----a-w- c:\documents and settings\Compaq_Administrator.YOUR-4DACD0EA75\Local Settings\Application Data\fusioncache.dat 2010-05-22 22:56 . 2010-05-22 22:56 503808 ----a-w- c:\documents and settings\Compaq_Administrator.YOUR-4DACD0EA75\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-1c925385-n\msvcp71.dll 2010-05-22 22:56 . 2010-05-22 22:56 499712 ----a-w- c:\documents and settings\Compaq_Administrator.YOUR-4DACD0EA75\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-1c925385-n\jmc.dll 2010-05-22 22:56 . 2010-05-22 22:56 12800 ----a-w- c:\documents and settings\Compaq_Administrator.YOUR-4DACD0EA75\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-69a56f53-n\decora-d3d.dll 2010-05-22 22:56 . 2010-05-22 22:56 61440 ----a-w- c:\documents and settings\Compaq_Administrator.YOUR-4DACD0EA75\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-69a56f53-n\decora-sse.dll 2010-05-22 22:56 . 2010-05-22 22:56 348160 ----a-w- c:\documents and settings\Compaq_Administrator.YOUR-4DACD0EA75\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-1c925385-n\msvcr71.dll 2010-05-21 01:52 . 2010-04-15 00:00 664 ----a-w- c:\windows\system32\d3d9caps.dat 2010-05-15 21:17 . 2010-02-22 20:18 -------- d-----w- c:\documents and settings\Mike.YOUR-4DACD0EA75\Application Data\DVD Flick 2010-05-15 15:01 . 2010-02-22 19:46 -------- d-----w- c:\documents and settings\Mike.YOUR-4DACD0EA75\Application Data\uTorrent 2010-05-13 22:07 . 2010-02-20 23:36 2106 ----a-w- c:\documents and settings\Compaq_Administrator.YOUR-4DACD0EA75\Application Data\wklnhst.dat 2010-05-10 23:54 . 2010-02-17 13:25 -------- d-----w- c:\documents and settings\Mike.YOUR-4DACD0EA75\Application Data\IObit 2010-05-06 20:59 . 2010-02-13 17:35 165032 ----a-w- c:\windows\system32\aswBoot.exe 2010-05-06 20:39 . 2010-02-13 17:36 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2010-05-06 20:39 . 2010-02-13 17:36 164048 ----a-w- c:\windows\system32\drivers\aswSP.sys 2010-05-06 20:34 . 2010-02-13 17:36 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2010-05-06 20:33 . 2010-02-13 17:36 100432 ----a-w- c:\windows\system32\drivers\aswmon2.sys 2010-05-06 20:33 . 2010-02-13 17:36 94800 ----a-w- c:\windows\system32\drivers\aswmon.sys 2010-05-06 20:33 . 2010-02-13 17:36 19024 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2010-05-06 20:33 . 2010-02-13 17:36 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys 2010-05-05 21:30 . 2010-04-26 00:08 -------- d-----w- c:\documents and settings\All Users\Application Data\DivX 2010-05-05 21:30 . 2010-04-26 00:12 57344 ----a-w- c:\documents and settings\All Users\Application Data\DivX\RunAsUser\RUNASUSERPROCESS.dll 2010-05-05 21:30 . 2010-05-05 21:30 56766 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DivXPlusShortcuts\Uninstaller.exe 2010-05-05 21:30 . 2007-09-20 22:38 -------- d-----w- c:\program files\DivX 2010-05-05 21:30 . 2010-05-05 21:30 53600 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Update\Uninstaller.exe 2010-05-05 21:30 . 2010-05-05 21:30 57679 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Player\Uninstaller.exe 2010-05-05 21:29 . 2010-05-05 21:29 84040 ----a-w- c:\documents and settings\All Users\Application Data\DivX\TransferWizard\Uninstaller.exe 2010-05-05 21:29 . 2010-05-05 21:29 54166 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DSAVCDecoder\Uninstaller.exe 2010-05-05 21:29 . 2010-05-05 21:29 57532 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DSASPDecoder\Uninstaller.exe 2010-05-05 21:29 . 2010-05-05 21:29 54153 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DFXPlugin\Uninstaller.exe 2010-05-05 21:29 . 2010-05-05 21:29 54128 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Converter\Uninstaller.exe 2010-05-05 21:29 . 2010-05-05 21:29 57409 ----a-w- c:\documents and settings\All Users\Application Data\DivX\ControlPanel\Uninstaller.exe 2010-05-05 21:28 . 2010-04-26 00:08 144696 ----a-w- c:\documents and settings\All Users\Application Data\DivX\RunAsUser\RUNASUSERPROCESS.exe 2010-05-05 21:28 . 2010-04-26 00:12 754984 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Setup\Resource.dll 2010-05-05 21:28 . 2010-04-26 00:12 1180952 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Setup\DivXSetup.exe 2010-04-28 16:32 . 2010-04-14 14:27 -------- d-----w- c:\program files\MatriX 2010-04-26 00:14 . 2010-04-26 00:11 -------- d-----w- c:\documents and settings\Mike.YOUR-4DACD0EA75\Application Data\DivX 2010-04-26 00:12 . 2010-04-26 00:12 56978 ----a-w- c:\documents and settings\All Users\Application Data\DivX\WebPlayer\Uninstaller.exe 2010-04-26 00:11 . 2010-04-26 00:11 57054 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DSDesktopComponents\Uninstaller.exe 2010-04-26 00:11 . 2010-04-26 00:11 56458 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DivXDecoderShortcut\Uninstaller.exe 2010-04-26 00:11 . 2010-04-26 00:11 54174 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DSAACDecoder\Uninstaller.exe 2010-04-26 00:11 . 2010-04-26 00:11 54629 ----a-w- c:\documents and settings\All Users\Application Data\DivX\TranscodeEngine\Uninstaller.exe 2010-04-26 00:10 . 2010-04-26 00:10 54101 ----a-w- c:\documents and settings\All Users\Application Data\DivX\MPEG2Plugin\Uninstaller.exe 2010-04-26 00:10 . 2010-04-26 00:10 52963 ----a-w- c:\documents and settings\All Users\Application Data\DivX\MSVC80CRTRedist\Uninstaller.exe 2010-04-26 00:10 . 2010-04-26 00:10 54073 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Qt4.5\Uninstaller.exe 2010-04-26 00:10 . 2010-04-26 00:10 56969 ----a-w- c:\documents and settings\All Users\Application Data\DivX\ASPEncoder\Uninstaller.exe 2010-04-26 00:10 . 2009-08-15 03:14 -------- d-----w- c:\program files\Common Files\DivX Shared 2010-04-15 23:07 . 2006-09-12 00:59 -------- d-----w- c:\program files\Common Files\Java 2010-04-15 23:06 . 2010-04-15 23:07 411368 ----a-w- c:\windows\system32\deployJava1.dll 2010-04-15 23:06 . 2006-09-12 00:59 -------- d-----w- c:\program files\Java 2010-04-15 00:00 . 2010-04-15 00:00 348160 ----a-w- c:\documents and settings\Compaq_Administrator.YOUR-4DACD0EA75\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-5de7490b-n\msvcr71.dll 2010-04-15 00:00 . 2010-04-15 00:00 503808 ----a-w- c:\documents and settings\Compaq_Administrator.YOUR-4DACD0EA75\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-5de7490b-n\msvcp71.dll 2010-04-15 00:00 . 2010-04-15 00:00 61440 ----a-w- c:\documents and settings\Compaq_Administrator.YOUR-4DACD0EA75\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-69e04e31-n\decora-sse.dll 2010-04-15 00:00 . 2010-04-15 00:00 499712 ----a-w- c:\documents and settings\Compaq_Administrator.YOUR-4DACD0EA75\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-5de7490b-n\jmc.dll 2010-04-15 00:00 . 2010-04-15 00:00 12800 ----a-w- c:\documents and settings\Compaq_Administrator.YOUR-4DACD0EA75\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-69e04e31-n\decora-d3d.dll 2010-04-14 19:24 . 2010-04-14 19:24 348160 ----a-w- c:\documents and settings\Mike.YOUR-4DACD0EA75\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-57d4268f-n\msvcr71.dll 2010-04-14 19:24 . 2010-04-14 19:24 61440 ----a-w- c:\documents and settings\Mike.YOUR-4DACD0EA75\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-775eb6a8-n\decora-sse.dll 2010-04-14 19:24 . 2010-04-14 19:24 503808 ----a-w- c:\documents and settings\Mike.YOUR-4DACD0EA75\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-57d4268f-n\msvcp71.dll 2010-04-14 19:24 . 2010-04-14 19:24 499712 ----a-w- c:\documents and settings\Mike.YOUR-4DACD0EA75\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-57d4268f-n\jmc.dll 2010-04-14 19:24 . 2010-04-14 19:24 12800 ----a-w- c:\documents and settings\Mike.YOUR-4DACD0EA75\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-775eb6a8-n\decora-d3d.dll 2010-04-14 16:47 . 2010-02-13 17:35 38848 ----a-w- c:\windows\system32\avastSS.scr 2010-04-14 16:36 . 2010-03-18 04:28 -------- d-----w- c:\program files\Free DVD Creator 2010-04-14 13:15 . 2010-04-14 12:57 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS 2010-04-14 13:01 . 2006-09-12 01:35 -------- d-----w- c:\program files\Common Files\Adobe 2010-04-14 12:58 . 2010-04-14 12:58 -------- d-----w- c:\program files\Common Files\Adobe AIR 2010-04-14 12:57 . 2010-04-14 12:57 86016 ----a-w- c:\documents and settings\All Users\Application Data\NOS\Adobe_Downloads\arh.exe 2010-04-08 05:15 . 2010-03-15 04:34 -------- d-----w- c:\program files\DownloadToolz 2010-04-05 12:25 . 2010-02-17 17:26 -------- d-----w- c:\documents and settings\Mike.YOUR-4DACD0EA75\Application Data\dvdcss 2010-04-02 22:01 . 2010-02-27 04:13 -------- d-----w- c:\documents and settings\Compaq_Administrator.YOUR-4DACD0EA75\Application Data\Apple Computer 2010-04-01 02:19 . 2010-02-28 02:29 -------- d-----w- c:\documents and settings\Mike.YOUR-4DACD0EA75\Application Data\Apple Computer 2010-04-01 01:24 . 2010-04-01 01:23 -------- d-----w- c:\program files\iTunes 2010-04-01 01:24 . 2010-04-01 01:23 -------- d-----w- c:\documents and settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521} 2010-04-01 01:23 . 2010-04-01 01:23 -------- d-----w- c:\program files\iPod 2010-04-01 01:23 . 2010-02-27 04:07 -------- d-----w- c:\program files\Common Files\Apple 2010-04-01 01:20 . 2007-09-20 22:40 -------- d-----w- c:\program files\QuickTime 2010-04-01 01:16 . 2010-04-01 01:16 -------- d-----w- c:\program files\Bonjour 2010-04-01 01:14 . 2010-04-01 01:14 73000 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 9.1.0.79\SetupAdmin.exe 2010-04-01 01:13 . 2010-04-01 01:13 -------- d-----w- c:\program files\Safari 2010-04-01 01:11 . 2010-04-01 01:11 79144 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\Safari 5.31.22.7\SetupAdmin.exe 2010-03-31 01:58 . 2010-04-26 00:11 133616 ------w- c:\windows\system32\pxafs.dll 2010-03-31 01:58 . 2006-09-12 01:29 125424 ------w- c:\windows\system32\pxinsi64.exe 2010-03-31 01:58 . 2006-09-12 01:29 123888 ------w- c:\windows\system32\pxcpyi64.exe 2010-03-31 01:58 . 2005-08-19 17:00 44944 ----a-w- c:\windows\system32\drivers\pxhelp20.sys 2010-03-29 14:59 . 2010-05-22 23:08 52224 ----a-w- c:\documents and settings\Compaq_Administrator.YOUR-4DACD0EA75\Application Data\Mozilla\Firefox\Profiles\00r9myd4.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\FFExternalAlert.dll 2010-03-29 14:59 . 2010-05-22 23:08 101376 ----a-w- c:\documents and settings\Compaq_Administrator.YOUR-4DACD0EA75\Application Data\Mozilla\Firefox\Profiles\00r9myd4.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\RadioWMPCore.dll 2010-03-28 22:26 . 2010-03-28 22:26 -------- d-----w- c:\documents and settings\Compaq_Administrator.YOUR-4DACD0EA75\Application Data\COWON 2010-03-24 22:12 . 2010-03-24 22:01 170 ----a-w- c:\documents and settings\Mike.YOUR-4DACD0EA75\Application Data\wklnhst.dat 2010-03-18 18:48 . 2005-08-31 04:01 92947 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat 2010-03-18 18:48 . 2010-03-18 18:48 208896 ----a-w- c:\windows\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\WebHelper.dll 2010-03-18 18:48 . 2010-03-18 18:48 45056 ----a-w- c:\windows\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\uninstallUI\eHelpSetup.exe 2010-03-18 18:48 . 2010-03-18 18:48 61440 ----a-w- c:\windows\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\modemutil.dll 2010-03-18 18:48 . 2010-03-18 18:48 44032 ----a-w- c:\windows\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\Scripts\devcon.exe 2010-03-18 18:48 . 2010-03-18 18:48 40960 ----a-w- c:\windows\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\ScDmi.dll 2010-03-18 18:48 . 2010-03-18 18:48 341048 ----a-w- c:\windows\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\HPBasicDetection3.dll 2007-06-22 00:38 . 2007-06-22 00:38 30280 ----a-w- c:\program files\mozilla firefox\plugins\cgpcfg.dll 2007-06-22 00:38 . 2007-06-22 00:38 79432 ----a-w- c:\program files\mozilla firefox\plugins\CgpCore.dll 2007-06-22 00:38 . 2007-06-22 00:38 71240 ----a-w- c:\program files\mozilla firefox\plugins\confmgr.dll 2007-06-22 00:38 . 2007-06-22 00:38 140872 ----a-w- c:\program files\mozilla firefox\plugins\ctxmui.dll 2007-06-22 00:39 . 2007-06-22 00:39 38472 ----a-w- c:\program files\mozilla firefox\plugins\icafile.dll 2007-06-22 00:39 . 2007-06-22 00:39 46664 ----a-w- c:\program files\mozilla firefox\plugins\icalogon.dll 2007-06-22 00:39 . 2007-06-22 00:39 34376 ----a-w- c:\program files\mozilla firefox\plugins\logging.dll 2007-06-22 00:39 . 2007-06-22 00:39 685640 ----a-w- c:\program files\mozilla firefox\plugins\sslsdk_b.dll 2007-06-22 00:40 . 2007-06-22 00:40 30280 ----a-w- c:\program files\mozilla firefox\plugins\TcpPServ.dll . ------- Sigcheck ------- [-] 2009-12-09 . 05BE3D9A71972223AFF6A3C823BA51B1 . 2189312 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165\SP3QFE\ntoskrnl.exe [-] 2009-12-09 . 05BE3D9A71972223AFF6A3C823BA51B1 . 2189312 . . [5.1.2600.5913] . . c:\windows\SoftwareDistribution\Download\1e737459aaabc35cf71b0434922b4d59\SP3QFE\ntoskrnl.exe [-] 2009-12-08 . 78EC47F9B9A3A1D539262D8834C896CE . 2189184 . . [5.1.2600.5913] . . c:\windows\Driver Cache\i386\ntoskrnl.exe [-] 2009-12-08 . 78EC47F9B9A3A1D539262D8834C896CE . 2189184 . . [5.1.2600.5913] . . c:\windows\SoftwareDistribution\Download\1e737459aaabc35cf71b0434922b4d59\SP3GDR\ntoskrnl.exe [-] 2009-12-08 . 78EC47F9B9A3A1D539262D8834C896CE . 2189184 . . [5.1.2600.5913] . . c:\windows\system32\ntoskrnl.exe [-] 2009-12-08 . 5648297DBF1C631164F779863DF9D5BF . 2180352 . . [5.1.2600.3654] . . c:\windows\SoftwareDistribution\Download\1e737459aaabc35cf71b0434922b4d59\SP2GDR\ntoskrnl.exe [-] 2009-12-08 . 128D88B3176E70B2E3088ECEB842B673 . 2185984 . . [5.1.2600.3654] . . c:\windows\SoftwareDistribution\Download\1e737459aaabc35cf71b0434922b4d59\SP2QFE\ntoskrnl.exe [-] 2009-08-04 . FDE779EA1A564EBFE16F4E0F82B61BAD . 2189312 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3QFE\ntoskrnl.exe [7] 2009-02-08 . EFE8EACE83EAAD5849A7A548FB75B584 . 2189184 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe [7] 2009-02-06 . FACEBB0CA3154F77009CDFEE78A00BBB . 2180480 . . [5.1.2600.3520] . . c:\windows\system32\dllcache\ntoskrnl.exe [7] 2009-02-06 . 7A95B10A73737EBF24139AAA63F5212B . 2189056 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\ntoskrnl.exe [7] 2009-02-06 . 6A936E9D7BADAF3CAAEED1E1966EC1B0 . 2186112 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB956572\SP2QFE\ntoskrnl.exe [-] 2008-08-14 . 31914172342BFF330063F343AC6958FE . 2189184 . . [5.1.2600.5657] . . c:\windows\$hf_mig$\KB956841\SP3QFE\ntoskrnl.exe [7] 2008-04-13 . 0C89243C7C3EE199B96FCC16990E0679 . 2188928 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntoskrnl.exe [7] 2008-04-13 . 0C89243C7C3EE199B96FCC16990E0679 . 2188928 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\ntoskrnl.exe [7] 2007-02-28 . 5A5C8DB4AA962C714C8371FBDF189FC9 . 2182144 . . [5.1.2600.3093] . . c:\windows\$hf_mig$\KB931784\SP2QFE\ntoskrnl.exe [7] 2006-12-19 . CEF243F6DEFD20BE4ADDE26C7ECACB54 . 2182016 . . [5.1.2600.3051] . . c:\windows\$hf_mig$\KB929338\SP2QFE\ntoskrnl.exe [7] 2005-03-02 . 28187802B7C368C0D3AEF7D4C382AABB . 2179456 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\ntoskrnl.exe [-] 2009-12-09 . FFDCE1EEA79C678C40237D4E031E5B51 . 2066176 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165\SP3QFE\ntkrnlpa.exe [-] 2009-12-09 . FFDCE1EEA79C678C40237D4E031E5B51 . 2066176 . . [5.1.2600.5913] . . c:\windows\SoftwareDistribution\Download\1e737459aaabc35cf71b0434922b4d59\SP3QFE\ntkrnlpa.exe [-] 2009-12-08 . A6683E23468776F75EB2D8C6A02AAD3B . 2066048 . . [5.1.2600.5913] . . c:\windows\Driver Cache\i386\ntkrnlpa.exe [-] 2009-12-08 . A6683E23468776F75EB2D8C6A02AAD3B . 2066048 . . [5.1.2600.5913] . . c:\windows\SoftwareDistribution\Download\1e737459aaabc35cf71b0434922b4d59\SP3GDR\ntkrnlpa.exe [-] 2009-12-08 . A6683E23468776F75EB2D8C6A02AAD3B . 2066048 . . [5.1.2600.5913] . . c:\windows\system32\ntkrnlpa.exe [-] 2009-12-08 . 384B15FBDCE2A54089A922886DED4EA0 . 2057728 . . [5.1.2600.3654] . . c:\windows\SoftwareDistribution\Download\1e737459aaabc35cf71b0434922b4d59\SP2GDR\ntkrnlpa.exe [-] 2009-12-08 . BC123D9238A0C9BB3D853E407EE77254 . 2063104 . . [5.1.2600.3654] . . c:\windows\SoftwareDistribution\Download\1e737459aaabc35cf71b0434922b4d59\SP2QFE\ntkrnlpa.exe [-] 2009-08-04 . 363B2BBEE0AEDC9E5433616D0AD0236A . 2066176 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3QFE\ntkrnlpa.exe [7] 2009-02-08 . 5BA7F2141BC6DB06100D0E5A732C617A . 2066048 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\ntkrnlpa.exe [7] 2009-02-06 . 3006410E24772CC6953F0B5C01BEB35F . 2057728 . . [5.1.2600.3520] . . c:\windows\system32\dllcache\ntkrnlpa.exe [7] 2009-02-06 . 607352B9CB3D708C67F6039097801B5A . 2066176 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe [7] 2009-02-06 . 9D832AF3FD1917DB0E1E8B2F000A2E3A . 2062976 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB956572\SP2QFE\ntkrnlpa.exe [-] 2008-08-14 . A25E9B86EFFB2AF33BF51E676B68BFB0 . 2066048 . . [5.1.2600.5657] . . c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrnlpa.exe [7] 2008-04-13 . 109F8E3E3C82E337BB71B6BC9B895D61 . 2065792 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntkrnlpa.exe [7] 2008-04-13 . 109F8E3E3C82E337BB71B6BC9B895D61 . 2065792 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\ntkrnlpa.exe [7] 2007-02-28 . 4D3DBDCCBF97F5BA1E74F322B155C3BA . 2059392 . . [5.1.2600.3093] . . c:\windows\$hf_mig$\KB931784\SP2QFE\ntkrnlpa.exe [7] 2006-12-19 . BA4B97C00A437C1CC3DA365D93EE1E9D . 2059392 . . [5.1.2600.3051] . . c:\windows\$hf_mig$\KB929338\SP2QFE\ntkrnlpa.exe [7] 2005-03-02 . D8ABA3EAB509627E707A3B14F00FBB6B . 2056832 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\ntkrnlpa.exe . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2009-11-13 247144] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ftutil2"="ftutil2.dll" [2004-06-07 106496] "RTHDCPL"="RTHDCPL.EXE" [2006-06-14 16239616] "AlwaysReady Power Message APP"="ARPWRMSG.EXE" [2005-08-03 77312] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-05-09 7311360] "nwiz"="nwiz.exe" [2006-05-09 1519616] "Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2005-07-23 237568] "HPBootOp"="c:\program files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" [2006-02-16 249856] "HP Software Update"="c:\program files\HP\HP Software Update\HPwuSchd2.exe" [2005-02-17 49152] "avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-05-06 2815192] "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2006-09-12 180269] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-04-04 36272] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040] "DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-04-12 1135912] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-03-18 421888] c:\documents and settings\Default User\Start Menu\Programs\Startup\ Pin.lnk - c:\hp\bin\CLOAKER.EXE [2006-9-11 27136] PinMcLnk.lnk - c:\hp\bin\cloaker.exe [2006-9-11 27136] c:\documents and settings\Mike.YOUR-4DACD0EA75\Start Menu\Programs\Startup\ PinMcLnk.lnk - c:\hp\bin\cloaker.exe [2006-9-11 27136] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\puinsd] 2010-05-24 11:56 22528 ----a-w- c:\windows\system32\puinsd.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] 2004-10-13 23:24 1694208 ----a-w- c:\program files\Messenger\msmsgs.exe [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\DISC\\DISCover.exe"= "c:\\Program Files\\DISC\\DiscStreamHub.exe"= "c:\\Program Files\\DISC\\myFTP.exe"= "c:\\Program Files\\Compaq Connections\\5577497\\Program\\Compaq Connections.exe"= "c:\\WINDOWS\\system32\\dpvsetup.exe"= "c:\\Program Files\\Shareaza\\Shareaza.exe"= "c:\\Program Files\\uTorrent\\utorrent.exe"= "c:\\Program Files\\iMesh Applications\\iMesh\\iMesh.exe"= "c:\\moove\\_adv.exe"= "c:\\Program Files\\Mozilla Firefox\\firefox.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\MatriX\\mIRC.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2/13/2010 12:36 PM 164048] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2/13/2010 12:36 PM 19024] R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [11/13/2009 6:31 AM 92008] R2 vvlppc2;vvlppc2;c:\windows\system32\drivers\vvlppc2.sys [5/3/2010 9:53 AM 30112] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 . Contents of the 'Scheduled Tasks' folder 2010-05-20 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 18:34] . . ------- Supplementary Scan ------- . uStart Page = hxxp://search.orbitdownloader.com uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=64&bd=PRESARIO&pf=desktop mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=64&bd=PRESARIO&pf=desktop mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=64&bd=PRESARIO&pf=desktop IE: Inbox Search - tbr:iemenu Trusted Zone: moove.com Trusted Zone: trymedia.com Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\Inbox\ctbr.dll . - - - - ORPHANS REMOVED - - - - BHO-{474597C5-AB09-49d6-A4D5-2E8D7341384E} - (no file) Notify-dimsntfy - (no file) ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-05-26 07:38 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(720) c:\windows\system32\puinsd.dll . ------------------------ Other Running Processes ------------------------ . c:\program files\Alwil Software\Avast5\AvastSvc.exe c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\windows\arservice.exe c:\program files\Bonjour\mDNSResponder.exe c:\windows\eHome\ehRecvr.exe c:\windows\eHome\ehSched.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\Common Files\LightScribe\LSSrvc.exe c:\windows\system32\nvsvc32.exe c:\windows\system32\wdfmgr.exe c:\windows\ehome\mcrdsvc.exe c:\windows\system32\dllhost.exe c:\windows\RTHDCPL.EXE c:\windows\ARPWRMSG.EXE c:\windows\system\hpsysdrv.exe c:\program files\iTunes\iTunesHelper.exe c:\program files\DISC\DISCover.exe c:\program files\DISC\DiscUpdMgr.exe c:\program files\DISC\DiscStreamHub.exe c:\program files\iPod\bin\iPodService.exe . ************************************************************************** . Completion time: 2010-05-26 07:47:52 - machine was rebooted ComboFix-quarantined-files.txt 2010-05-26 12:47 Pre-Run: 71,997,796,352 bytes free Post-Run: 72,035,082,240 bytes free Current=1 Default=1 Failed=0 LastKnownGood=5 Sets=,1,2,3,4,5 - - End Of File - - 79B11C70C12928E125809035871BC522
  9. Thank you Gringo for your reply and help on this matter. Sorry took so long to respond, had to wait till got home from work and the Gmer scan took near 5 hrs. Here are the logs from what you asked for. DDS (Ver_10-03-17.01) - NTFSx86 Run by Mike at 16:27:12.20 on Tue 05/25/2010 Internet Explorer: 6.0.2900.2180 BrowserJavaVersion: 1.6.0_20 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.446.71 [GMT -5:00] AV: avast! Antivirus *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} ============== Running Processes =============== C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe svchost.exe C:\Program Files\Alwil Software\Avast5\AvastSvc.exe C:\WINDOWS\system32\spoolsv.exe svchost.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\WINDOWS\arservice.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\WINDOWS\System32\svchost.exe -k HPZ12 C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe -k HPZ12 svchost.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe C:\WINDOWS\system32\dllhost.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\ARPWRMSG.EXE C:\Program Files\HP\HP Software Update\HPwuSchd2.exe C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\DivX\DivX Update\DivXUpdate.exe C:\WINDOWS\system32\wuauclt.exe c:\windows\system\hpsysdrv.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\PROGRA~1\Inbox\CToolbar.exe c:\PROGRA~1\Inbox\CMail.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\DISC\DISCover.exe C:\Program Files\DISC\DiscUpdMgr.exe C:\Program Files\DISC\DiscStreamHub.exe C:\Documents and Settings\Mike.YOUR-4DACD0EA75\My Documents\Downloads\dds.scr ============== Pseudo HJT Report =============== uStart Page = hxxp://search.orbitdownloader.com uSearch Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=64&bd=PRESARIO&pf=desktop uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=64&bd=PRESARIO&pf=desktop uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=64&bd=PRESARIO&pf=desktop uSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=64&bd=PRESARIO&pf=desktop mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=64&bd=PRESARIO&pf=desktop mDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=64&bd=PRESARIO&pf=desktop mSearch Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=64&bd=PRESARIO&pf=desktop mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=64&bd=PRESARIO&pf=desktop mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=64&bd=PRESARIO&pf=desktop mSearchAssistant = hxxp://search.imesh.com/sidebar.html?src=ssb uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: : {1cb20bf0-bbae-40a7-93f4-6435ff3d0411} - c:\progra~1\inbox\ctbr.dll BHO: PlaySushi: {21608b66-026f-4dcb-9244-0daca328dced} - c:\program files\playsushi\PSText.dll BHO: {474597c5-ab09-49d6-a4d5-2e8d7341384e} - UrlHelper Class BHO: hpWebHelper Class: {aaae832a-5fff-4661-9c8f-369692d1dcb9} - c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\plugin\WebHelper.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll TB: &Inbox.com Toolbar: {4b3803ea-5230-4dc3-a7fc-33638f3d3542} - c:\progra~1\inbox\ctbr.dll TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - uRun: [TomTomHOME.exe] "c:\program files\tomtom home 2\TomTomHOMERunner.exe" mRun: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode mRun: [RTHDCPL] RTHDCPL.EXE mRun: [AlwaysReady Power Message APP] ARPWRMSG.EXE mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [nwiz] nwiz.exe /install mRun: [Recguard] c:\windows\sminst\RECGUARD.EXE mRun: [HPBootOp] "c:\program files\hewlett-packard\hp boot optimizer\HPBootOp.exe" /run mRun: [HP Software Update] c:\program files\hp\hp software update\HPwuSchd2.exe mRun: [avast5] c:\progra~1\alwils~1\avast5\avastUI.exe /nogui mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime StartupFolder: c:\docume~1\mike~1.you\startm~1\programs\startup\pinmclnk.lnk - c:\hp\bin\cloaker.exe IE: Inbox Search - tbr:iemenu IE: {E2D4D26B-0180-43a4-B05F-462D6D54C789} - c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\iebutton\support.htm IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {EBD24BD3-E272-4FA3-A8BA-C5D709757CAB} - {EBD24BD3-E272-4FA3-A8BA-C5D709757CAB} - c:\program files\playsushi\PSText.dll Trusted Zone: moove.com Trusted Zone: trymedia.com DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\inbox\ctbr.dll Notify: puinsd - puinsd.dll AppInit_DLLs: c:\progra~1\imesha~1\mediabar\datamngr\datamngr.dll LSA: Notification Packages = scecli scecli scecli Hosts: 89.149.225.59 www.google.com Hosts: 89.149.225.59 www.google.de Hosts: 89.149.225.59 www.google.fr Hosts: 89.149.225.59 www.google.co.uk Hosts: 89.149.225.59 www.google.com.br Note: multiple HOSTS entries found. Please refer to Attach.txt ============= SERVICES / DRIVERS =============== R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-2-13 164048] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-2-13 19024] R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2010-2-13 40384] R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328] R2 TomTomHOMEService;TomTomHOMEService;c:\program files\tomtom home 2\TomTomHOMEService.exe [2009-11-13 92008] R2 vvlppc2;vvlppc2;c:\windows\system32\drivers\vvlppc2.sys [2010-5-3 30112] R3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast5\AvastSvc.exe [2010-2-13 40384] R3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast5\AvastSvc.exe [2010-2-13 40384] =============== Created Last 30 ================ 2010-05-25 21:24:30 0 ----a-w- c:\documents and settings\mike.your-4dacd0ea75\defogger_reenable 2010-05-24 21:15:42 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-05-24 21:15:40 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-05-24 21:15:40 0 d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-05-24 11:56:36 22528 ----a-w- c:\windows\system32\puinsd.dll 2010-05-20 21:12:25 0 d-----w- c:\docume~1\alluse~1\applic~1\TomTom 2010-05-20 21:06:56 0 d-----w- c:\docume~1\mike~1.you\applic~1\TomTom 2010-05-20 21:06:46 0 d-----w- c:\program files\TomTom International B.V 2010-05-20 21:06:30 0 d-----w- c:\program files\TomTom HOME 2 2010-05-19 21:40:13 0 d-----w- c:\docume~1\mike~1.you\applic~1\HPQ 2010-05-18 20:49:10 0 d-----w- c:\docume~1\mike~1.you\applic~1\Malwarebytes 2010-05-03 15:26:41 0 d-----w- C:\CtDriverInstTemp 2010-05-03 15:26:36 0 d-----w- C:\WebCam3Gen 2010-05-03 14:53:32 71168 ----a-w- c:\windows\system32\vvldec32.dll 2010-05-03 14:53:32 30720 ----a-w- c:\windows\system32\vvlcodec.dll 2010-05-03 14:53:32 30112 ----a-w- c:\windows\system32\drivers\vvlppc2.sys 2010-05-03 14:53:32 143360 ----a-w- c:\windows\system32\vvlppc2.dll 2010-04-26 22:04:42 353592 ----a-w- c:\windows\system32\DivXControlPanelApplet.cpl 2010-04-26 00:11:15 133616 ------w- c:\windows\system32\pxafs.dll 2010-04-26 00:08:35 0 d-----w- c:\docume~1\alluse~1\applic~1\DivX ==================== Find3M ==================== 2010-04-15 23:06:55 411368 ----a-w- c:\windows\system32\deployJava1.dll 2010-03-31 01:58:04 44944 ------w- c:\windows\system32\drivers\pxhelp20.sys 2010-03-31 01:58:04 125424 ------w- c:\windows\system32\pxinsi64.exe 2010-03-31 01:58:04 123888 ------w- c:\windows\system32\pxcpyi64.exe 2010-03-24 22:12:05 170 ----a-w- c:\docume~1\mike~1.you\applic~1\wklnhst.dat 2010-03-09 14:53:09 121325 ----a-w- c:\windows\hpoins15.dat 2010-03-08 17:59:18 94208 ----a-w- c:\windows\system32\dpl100.dll 2010-02-27 04:59:24 35200 ---ha-w- c:\windows\system32\mlfcache.dat ============= FINISH: 16:28:12.93 =============== DDS (Ver_10-03-17.01) Microsoft Windows XP Professional Boot Device: \Device\HarddiskVolume1 Install Date: 2/13/2010 7:57:10 AM System Uptime: 5/25/2010 9:18:56 AM (7 hours ago) Motherboard: ASUSTek Computer INC. | | NAOS Processor: AMD Athlon 64 Processor 3800+ | Socket AM2 | 2405/199mhz ==== Disk Partitions ========================= C: is FIXED (NTFS) - 140 GiB total, 67.215 GiB free. D: is FIXED (FAT32) - 9 GiB total, 0.536 GiB free. E: is CDROM () G: is FIXED (NTFS) - 466 GiB total, 281.733 GiB free. ==== Disabled Device Manager Items ============= ==== System Restore Points =================== RP20: 2/24/2010 6:17:29 PM - System Checkpoint RP21: 2/25/2010 6:44:38 PM - System Checkpoint RP22: 2/26/2010 9:31:55 PM - System Checkpoint RP23: 2/26/2010 10:11:27 PM - Installed iTunes RP24: 2/27/2010 10:45:42 PM - System Checkpoint RP25: 3/1/2010 5:13:56 PM - System Checkpoint RP26: 3/2/2010 5:37:03 PM - System Checkpoint RP27: 3/3/2010 7:48:48 AM - Removed Bonjour RP28: 3/3/2010 7:49:19 AM - Configured easy Internet sign-up RP29: 3/4/2010 8:52:16 PM - System Checkpoint RP30: 3/5/2010 10:20:00 PM - System Checkpoint RP31: 3/6/2010 11:47:23 PM - System Checkpoint RP32: 3/8/2010 6:03:09 PM - System Checkpoint RP33: 3/9/2010 7:18:08 PM - System Checkpoint RP34: 3/14/2010 9:58:52 PM - System Checkpoint RP35: 3/14/2010 10:03:08 PM - Installed COWON Media Center - jetAudio Basic VX RP36: 3/18/2010 1:13:54 PM - Software Distribution Service 3.0 RP37: 3/18/2010 1:20:02 PM - Software Distribution Service 3.0 RP38: 3/18/2010 1:25:26 PM - Software Distribution Service 3.0 RP39: 3/19/2010 1:35:19 PM - System Checkpoint RP40: 3/20/2010 2:35:24 PM - System Checkpoint RP41: 3/21/2010 3:52:42 PM - System Checkpoint RP42: 3/26/2010 4:06:19 PM - System Checkpoint RP43: 3/27/2010 4:19:51 PM - System Checkpoint RP44: 3/28/2010 6:08:57 PM - System Checkpoint RP45: 3/29/2010 9:42:41 PM - System Checkpoint RP46: 3/31/2010 7:20:00 AM - System Checkpoint RP47: 4/3/2010 6:08:33 AM - System Checkpoint RP48: 4/4/2010 6:14:51 AM - System Checkpoint RP49: 4/8/2010 8:59:58 AM - System Checkpoint RP50: 4/9/2010 4:10:53 PM - System Checkpoint RP51: 4/10/2010 8:18:15 PM - System Checkpoint RP52: 4/11/2010 8:46:30 PM - System Checkpoint RP53: 4/12/2010 9:12:06 PM - System Checkpoint RP54: 4/14/2010 8:00:03 AM - Removed Adobe Reader 7.0.5 RP55: 4/14/2010 8:00:25 AM - Installed Adobe Reader 9.3. RP56: 4/14/2010 2:23:47 PM - Installed Java 6 Update 18 RP57: 4/15/2010 6:06:05 PM - Removed Java 6 Update 18 RP58: 4/15/2010 6:06:48 PM - Installed Java 6 Update 20 RP59: 4/16/2010 6:34:22 PM - System Checkpoint RP60: 4/19/2010 9:13:00 AM - System Checkpoint RP61: 4/20/2010 6:43:48 AM - Software Distribution Service 3.0 RP62: 4/21/2010 9:42:02 AM - System Checkpoint RP63: 4/22/2010 4:55:50 PM - System Checkpoint RP64: 4/23/2010 6:01:03 PM - System Checkpoint RP65: 4/24/2010 6:38:27 PM - System Checkpoint RP66: 4/25/2010 8:06:10 PM - System Checkpoint RP67: 4/28/2010 8:24:15 AM - System Checkpoint RP68: 4/29/2010 4:15:04 PM - System Checkpoint RP69: 4/29/2010 9:22:02 PM - Software Distribution Service 3.0 RP70: 4/30/2010 9:28:50 PM - System Checkpoint RP71: 5/1/2010 10:17:28 PM - System Checkpoint RP72: 5/3/2010 9:05:46 AM - System Checkpoint RP73: 5/3/2010 10:10:05 AM - Unsigned driver install RP74: 5/3/2010 10:27:51 AM - Unsigned driver install RP75: 5/5/2010 5:14:09 PM - System Checkpoint RP76: 5/6/2010 7:19:25 PM - System Checkpoint RP77: 5/7/2010 7:41:55 PM - System Checkpoint RP78: 5/9/2010 8:12:32 AM - System Checkpoint RP79: 5/10/2010 8:58:21 AM - System Checkpoint RP80: 5/10/2010 6:56:14 PM - Advanced Uninstaller RestorePoint RP81: 5/12/2010 1:51:39 PM - System Checkpoint RP82: 5/13/2010 4:36:36 PM - System Checkpoint RP83: 5/14/2010 6:10:46 PM - System Checkpoint RP84: 5/16/2010 9:53:43 AM - System Checkpoint RP85: 5/17/2010 11:37:35 AM - System Checkpoint RP86: 5/18/2010 12:29:36 PM - System Checkpoint RP87: 5/19/2010 5:45:40 PM - System Checkpoint RP88: 5/20/2010 5:52:31 PM - System Checkpoint RP89: 5/21/2010 6:04:42 PM - System Checkpoint RP90: 5/22/2010 6:45:36 PM - System Checkpoint RP91: 5/23/2010 7:30:18 PM - System Checkpoint RP92: 5/24/2010 10:04:12 PM - System Checkpoint ==== Hosts File Hijack ====================== Hosts: 89.149.225.59 www.google.com Hosts: 89.149.225.59 www.google.de Hosts: 89.149.225.59 www.google.fr Hosts: 89.149.225.59 www.google.co.uk Hosts: 89.149.225.59 www.google.com.br Hosts: 89.149.225.59 www.google.it Hosts: 89.149.225.59 www.google.es Hosts: 89.149.225.59 www.google.co.jp Hosts: 89.149.225.59 www.google.com.mx Hosts: 89.149.225.59 www.google.ca Hosts: 89.149.225.59 www.google.com.au Hosts: 89.149.225.59 www.google.nl Hosts: 89.149.225.59 www.google.co.za Hosts: 89.149.225.59 www.google.be Hosts: 89.149.225.59 www.google.gr Hosts: 89.149.225.59 www.google.at Hosts: 89.149.225.59 www.google.se Hosts: 89.149.225.59 www.google.ch Hosts: 89.149.225.59 www.google.pt Hosts: 89.149.225.59 www.google.dk Hosts: 89.149.225.59 www.google.fi Hosts: 89.149.225.59 www.google.ie Hosts: 89.149.225.59 www.google.no Hosts: 89.149.225.59 www.google.ru Hosts: 89.149.225.59 www.google.ua Hosts: 89.149.225.59 www.google.pl Hosts: 89.149.225.59 www.google.ro Hosts: 89.149.225.59 www.google.co.nz Hosts: 89.149.225.59 www.google.in Hosts: 89.149.225.59 www.google.th Hosts: 89.149.225.59 www.google.tr Hosts: 89.149.225.59 www.google.hu Hosts: 89.149.225.59 www.google.cr Hosts: 89.149.225.59 www.google.lv Hosts: 89.149.225.59 www.google.lt Hosts: 89.149.225.59 www.google.bg Hosts: 89.149.225.59 www.google.be Hosts: 89.149.225.59 www.google.vn Hosts: 89.149.225.59 www.google.ve Hosts: 89.149.225.59 www.google.sw Hosts: 89.149.225.59 search.yahoo.com Hosts: 89.149.225.59 us.search.yahoo.com Hosts: 89.149.225.59 uk.search.yahoo.com ==== Installed Programs ======================
  10. I have seen quite a few post on this same subject but I wanna make sure that this gets done right if can. My pc has 2 user accounts, my wifes and mine. Noticed this problem on her account today as her homepage is google. We are both running Firefox as the default browser. So when trying to do a search on google it brings up the list of links to what was searched for but when ya click one it pops up Redirect in the top left of the browser and takes me to weird sites, nothing at all in common with the search. One of them is a site called ToseekA. Anyway so I tryed it on her account on IE also and same thing. So then decided to log off her account and try mine, same thing on both Firefox and IE. Went ahead and did a HiJack This log. Any help on this would be great, not sure how bad this is because other search engines work fine. Just like to get taken care of but there could be something on my machine that could be bad. Aslo did a quick scan with latest and updated version of Malwarebytes Anti Malware, it showed 0 . Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 5:58:46 PM, on 5/24/2010 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast5\AvastSvc.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\WINDOWS\arservice.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe C:\WINDOWS\system32\dllhost.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\TEMP\deji.tmp\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\ARPWRMSG.EXE C:\Program Files\HP\HP Software Update\HPwuSchd2.exe C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\DivX\DivX Update\DivXUpdate.exe C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe c:\windows\system\hpsysdrv.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\DISC\DISCover.exe C:\Program Files\DISC\DiscUpdMgr.exe C:\Program Files\DISC\DiscStreamHub.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\PROGRA~1\Inbox\CToolbar.exe c:\PROGRA~1\Inbox\CMail.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.orbitdownloader.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.imesh.com/sidebar.html?src=ssb R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O1 - Hosts: 89.149.225.59 www.google.com O1 - Hosts: 89.149.225.59 www.google.de O1 - Hosts: 89.149.225.59 www.google.fr O1 - Hosts: 89.149.225.59 www.google.co.uk O1 - Hosts: 89.149.225.59 www.google.com.br O1 - Hosts: 89.149.225.59 www.google.it O1 - Hosts: 89.149.225.59 www.google.es O1 - Hosts: 89.149.225.59 www.google.co.jp O1 - Hosts: 89.149.225.59 www.google.com.mx O1 - Hosts: 89.149.225.59 www.google.ca O1 - Hosts: 89.149.225.59 www.google.com.au O1 - Hosts: 89.149.225.59 www.google.nl O1 - Hosts: 89.149.225.59 www.google.co.za O1 - Hosts: 89.149.225.59 www.google.be O1 - Hosts: 89.149.225.59 www.google.gr O1 - Hosts: 89.149.225.59 www.google.at O1 - Hosts: 89.149.225.59 www.google.se O1 - Hosts: 89.149.225.59 www.google.ch O1 - Hosts: 89.149.225.59 www.google.pt O1 - Hosts: 89.149.225.59 www.google.dk O1 - Hosts: 89.149.225.59 www.google.fi O1 - Hosts: 89.149.225.59 www.google.ie O1 - Hosts: 89.149.225.59 www.google.no O1 - Hosts: 89.149.225.59 www.google.ru O1 - Hosts: 89.149.225.59 www.google.ua O1 - Hosts: 89.149.225.59 www.google.pl O1 - Hosts: 89.149.225.59 www.google.ro O1 - Hosts: 89.149.225.59 www.google.co.nz O1 - Hosts: 89.149.225.59 www.google.in O1 - Hosts: 89.149.225.59 www.google.th O1 - Hosts: 89.149.225.59 www.google.tr O1 - Hosts: 89.149.225.59 www.google.hu O1 - Hosts: 89.149.225.59 www.google.cr O1 - Hosts: 89.149.225.59 www.google.lv O1 - Hosts: 89.149.225.59 www.google.lt O1 - Hosts: 89.149.225.59 www.google.bg O1 - Hosts: 89.149.225.59 www.google.be O1 - Hosts: 89.149.225.59 www.google.vn O1 - Hosts: 89.149.225.59 www.google.ve O1 - Hosts: 89.149.225.59 www.google.sw O1 - Hosts: 89.149.225.59 search.yahoo.com O1 - Hosts: 89.149.225.59 us.search.yahoo.com O1 - Hosts: 89.149.225.59 uk.search.yahoo.com O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Inbox\ctbr.dll O2 - BHO: PlaySushi - {21608B66-026F-4DCB-9244-0DACA328DCED} - C:\Program Files\PlaySushi\PSText.dll O2 - BHO: UrlHelper Class - {474597C5-AB09-49d6-A4D5-2E8D7341384E} - (no file) O2 - BHO: hpWebHelper Class - {AAAE832A-5FFF-4661-9C8F-369692D1DCB9} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\WebHelper.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: &Inbox.com Toolbar - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Inbox\ctbr.dll O4 - HKLM\..\Run: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" O4 - S-1-5-18 Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'SYSTEM') O4 - S-1-5-18 Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'SYSTEM') O4 - .DEFAULT Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user') O4 - .DEFAULT Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'Default user') O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user') O4 - .DEFAULT User Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'Default user') O4 - Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe O8 - Extra context menu item: Inbox Search - tbr:iemenu O9 - Extra button: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm O9 - Extra 'Tools' menuitem: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm O9 - Extra button: Go PlaySushi! - {EBD24BD3-E272-4FA3-A8BA-C5D709757CAB} - C:\Program Files\PlaySushi\PSText.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O15 - Trusted Zone: *.moove.com O15 - Trusted Zone: http://*.trymedia.com (HKLM) O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Inbox\ctbr.dll O20 - AppInit_DLLs: C:\PROGRA~1\IMESHA~1\MediaBar\DataMngr\datamngr.dll O20 - Winlogon Notify: puinsd - C:\WINDOWS\SYSTEM32\puinsd.dll O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- End of file - 10627 bytes
  11. I have gotten this Yoog search engine added to my search bar in Firefox. I have searched around the net and found few things about it and many say its Malware. I can remove it from the list in the search options and then when I restart Firefox its there again. I also seen in some post on other places that they suggest to use Malwarebytes. I have and it didnt find this Yoog thing. Some suggest to reinstall Firefox and then theres some other ways like deleting things in the System32 folder. Im scared to do any of that. If anyone knows of a way to rid this please help...Thank you in advance.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.