laldabomb8

It appears that after I ran my last mcafee scan the script errors have finally gone away. I appreciate your help in getting rid of the redirecting problem and the random sounds. Thank you

attached is my file. the only thing that i have added to my cpu since we have started this process is mcafee because the school i am attending requires it. didnt know if that was important for you to know. thanks for your help. GMER 1.zip

actually i wont post this until you tell me which sections you want checked because the way i have it right now itll be like 10 pages and im sure you dont want that

when i open it everything but the d drive is selected already. and since you didnt say which ones to check i dont know which ones to uncheck. so hopefully you want everything but the d drive sorry if not.

Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Database version: 6408 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 4/20/2011 6:06:26 PM mbam-log-2011-04-20 (18-06-26).txt Scan type: Quick scan Objects scanned: 192793 Time elapsed: 1 minute(s), 27 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) ComboFix 11-04-20.01 - CJ 04/20/2011 18:09:01.3.2 - x86 Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3582.2206 [GMT -4:00] Running from: c:\users\CJ\Desktop\ComboFix.exe AV: Lavasoft Ad-Watch Live! Anti-Virus *Enabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116} SP: Lavasoft Ad-Watch Live! *Enabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((( Files Created from 2011-03-20 to 2011-04-20 ))))))))))))))))))))))))))))))) . . 2011-04-20 22:12 . 2011-04-20 22:12 -------- d-----w- c:\users\Mcx2\AppData\Local\temp 2011-04-20 22:12 . 2011-04-20 22:12 -------- d-----w- c:\users\Mcx1\AppData\Local\temp 2011-04-20 22:12 . 2011-04-20 22:12 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-04-20 22:03 . 2011-04-20 22:03 -------- d-----w- c:\program files\Common Files\Adobe 2011-04-20 22:02 . 2011-04-20 22:02 -------- d-----w- c:\programdata\McAfee Security Scan 2011-04-20 22:02 . 2011-04-20 22:02 -------- d-----w- c:\program files\McAfee Security Scan 2011-04-20 22:02 . 2011-04-20 22:02 -------- d-----w- c:\program files\Common Files\Java 2011-04-18 21:14 . 2011-04-18 21:14 -------- d-----w- c:\program files\ESET 2011-04-17 12:54 . 2011-04-14 20:30 6792528 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{824CC740-63FC-4068-9FE3-ACFB3A011464}\mpengine.dll 2011-04-16 18:46 . 2011-04-16 18:46 -------- d-----w- c:\program files\Spybot - Search & Destroy 2011-04-16 06:24 . 2011-04-16 06:24 -------- d-----w- c:\users\CJ\AppData\Roaming\Malwarebytes 2011-04-16 06:23 . 2010-12-20 22:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-04-16 06:23 . 2011-04-16 06:23 -------- d-----w- c:\programdata\Malwarebytes 2011-04-16 06:23 . 2011-04-16 06:23 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-04-16 06:11 . 2011-04-16 06:19 -------- d-----w- c:\programdata\SecTaskMan 2011-04-16 06:11 . 2011-04-16 06:12 -------- d-----w- c:\program files\Security Task Manager 2011-04-15 07:43 . 2011-04-07 07:59 16432 ----a-w- c:\windows\system32\lsdelete.exe 2011-04-15 06:07 . 2011-04-01 07:22 64512 ----a-w- c:\windows\system32\drivers\Lbd.sys 2011-04-15 06:07 . 2011-04-15 06:07 98392 ----a-w- c:\windows\system32\drivers\SBREDrv.sys 2011-04-15 06:07 . 2011-04-15 06:07 -------- d-----w- c:\users\CJ\AppData\Local\Sunbelt Software 2011-04-15 06:07 . 2011-04-15 06:07 -------- dc----w- c:\programdata\{6A395471-4AA3-4072-AE1B-9B69A97AD164} 2011-04-15 06:07 . 2011-04-15 06:07 -------- d-----w- c:\program files\Lavasoft 2011-04-14 06:15 . 2011-03-03 03:31 2331136 ----a-w- c:\windows\system32\win32k.sys 2011-04-14 06:15 . 2011-02-24 05:32 288256 ----a-w- c:\windows\system32\XpsGdiConverter.dll 2011-04-14 06:15 . 2011-02-12 05:30 191488 ----a-w- c:\windows\system32\FXSCOVER.exe 2011-04-14 06:15 . 2011-03-11 05:40 1164288 ----a-w- c:\windows\system32\mfc42u.dll 2011-04-14 06:15 . 2011-03-11 05:40 1137664 ----a-w- c:\windows\system32\mfc42.dll 2011-04-14 06:15 . 2011-03-08 05:38 740864 ----a-w- c:\windows\system32\inetcomm.dll 2011-04-14 06:15 . 2011-02-23 05:05 221696 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys 2011-04-14 06:15 . 2011-02-23 05:05 95744 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys 2011-04-14 06:15 . 2011-02-23 05:05 123392 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2011-04-14 06:15 . 2011-02-23 05:05 69632 ----a-w- c:\windows\system32\drivers\bowser.sys 2011-04-14 04:03 . 2011-04-14 04:03 -------- d-----w- c:\users\CJ\AppData\Roaming\ParetoLogic 2011-04-14 04:03 . 2011-04-14 04:03 -------- d-----w- c:\users\CJ\AppData\Roaming\DriverCure 2011-04-14 04:03 . 2011-04-14 20:21 -------- d-----w- c:\programdata\ParetoLogic 2011-04-14 04:03 . 2011-04-14 04:03 -------- d-----w- c:\program files\ParetoLogic 2011-04-12 06:56 . 2011-04-12 06:56 40960 ----a-r- c:\users\CJ\AppData\Roaming\Microsoft\Installer\{9559F7CA-5E34-4237-A2D9-D856464AD727}\NewShortcut1_9559F7CA5E344237A2D9D856464AD727.exe 2011-04-12 06:56 . 2011-04-12 06:56 40960 ----a-r- c:\users\CJ\AppData\Roaming\Microsoft\Installer\{9559F7CA-5E34-4237-A2D9-D856464AD727}\ARPPRODUCTICON.exe 2011-04-12 06:56 . 2011-04-12 06:56 -------- d-----w- c:\program files\Project64 1.6 2011-03-28 23:50 . 2011-03-28 23:50 -------- d-----w- c:\program files\WinSCP . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-04-20 22:01 . 2010-05-19 23:21 472808 ----a-w- c:\windows\system32\deployJava1.dll 2011-03-26 12:26 . 2010-06-24 15:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2011-02-19 05:33 . 2011-03-09 18:10 802304 ----a-w- c:\windows\system32\FntCache.dll 2011-02-19 05:32 . 2011-03-09 18:10 1074176 ----a-w- c:\windows\system32\DWrite.dll 2011-02-19 05:32 . 2011-03-09 18:10 739840 ----a-w- c:\windows\system32\d2d1.dll 2011-02-03 05:45 . 2011-02-10 03:33 219008 ----a-w- c:\windows\system32\drivers\dxgmms1.sys 2011-02-02 22:11 . 2009-10-03 01:19 222080 ------w- c:\windows\system32\MpSigStub.exe . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlay] @="{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}" [HKEY_CLASSES_ROOT\CLSID\{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}] 2007-04-17 04:13 721408 ----a-w- c:\program files\Fingerprint Reader Suite\farchns.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlayOpen] @="{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}" [HKEY_CLASSES_ROOT\CLSID\{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}] 2007-04-17 04:13 721408 ----a-w- c:\program files\Fingerprint Reader Suite\farchns.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2009-07-14 144384] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504] "Octoshape Streaming Services"="c:\users\CJ\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" [2009-01-08 70936] "HLBackupScheduler"="c:\program files\Verizon V CAST Media Manager\V CAST Backup Scheduler.exe" [2010-12-08 5247624] "SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "VolPanel"="c:\program files\Creative\SBAudigy\Volume Panel\VolPanlu.exe" [2006-11-27 180224] "IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-03-21 174872] "DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-09-01 1164584] "PCMService"="c:\program files\Dell\MediaDirect\PCMService.exe" [2008-10-21 184320] "dellsupportcenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064] "NVHotkey"="c:\windows\system32\nvHotkey.dll" [2009-11-21 87144] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-12-13 421160] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2011-01-30 35736] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-10 932288] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2006-11-3 703280] McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "DisableCAD"= 1 (0x1) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\psfus] 2007-04-17 04:04 86528 ----a-w- c:\windows\System32\psqlpwd.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "mixer"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint] 2008-01-25 05:42 167936 ----a-w- c:\program files\DellTPad\Apoint.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier] 2010-03-17 01:58 47392 ----a-w- c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupportCenter] 2009-05-21 14:55 206064 ----a-w- c:\program files\Dell Support Center\bin\sprtcmd.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DLCGCATS] 2006-10-20 22:50 73728 ----a-w- c:\windows\System32\spool\drivers\w32x86\3\dlcgtime.dll . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dscactivate] 2007-11-15 13:24 16384 ----a-w- c:\program files\Dell Support Center\gs_agent\custom\dsca.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2010-12-13 22:16 421160 ----a-w- c:\program files\iTunes\iTunesHelper.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Octoshape Streaming Services] 2009-01-08 13:44 70936 ----a-w- c:\users\CJ\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OEM02Mon.exe] 2008-03-04 05:05 36864 ----a-w- c:\windows\OEM02Mon.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2010-12-24 23:50 421888 ----a-w- c:\program files\QuickTime\QTTask.exe . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R3 BTCFilterService;USB Networking Driver Filter Service;c:\windows\system32\DRIVERS\motfilt.sys [2009-01-29 6016] R3 DUBE100B;D-Link DUB-E100 USB 2.0 Fast Ethernet Adapter;c:\windows\system32\DRIVERS\DUBE100B.sys [2007-04-04 39424] R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232] R3 motandroidusb;Mot ADB Interface Driver;c:\windows\system32\Drivers\motoandroid.sys [2009-07-10 25856] R3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\DRIVERS\motccgp.sys [2010-06-18 19968] R3 motccgpfl;MotCcgpFlService;c:\windows\system32\DRIVERS\motccgpfl.sys [2009-01-29 8320] R3 Motousbnet;Motorola USB Networking Driver Service;c:\windows\system32\DRIVERS\Motousbnet.sys [2010-04-01 23424] R3 motusbdevice;Motorola USB Dev Driver;c:\windows\system32\DRIVERS\motusbdevice.sys [2010-01-26 9472] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-04-05 1343400] R4 iaNvStor;Intel® Turbo Memory Controller;c:\windows\system32\drivers\ianvstor.sys [2007-09-07 209408] S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2011-04-01 64512] S1 ElRawDisk;ElRawDisk;c:\windows\system32\drivers\elrawdsk.sys [2007-09-20 12800] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128] S2 {2E444BE9-B8EC-4CE6-8C2B-6536FB7F4FB7};Power Control [2010/03/24 21:26];c:\program files\Dell\MediaDirect\000.fcl [2009-10-01 18:10 87536] S2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\aestsrv.exe [2007-09-20 73728] S2 BNPagent;Client Security Agent Service;c:\program files\Bradford Networks\Client Security Agent\bndaemon.exe [2008-02-23 2645384] S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2011-04-11 1753048] S2 MotoConnect Service;MotoConnect Service;c:\program files\Motorola\MotoConnectService\MotoConnectService.exe [2010-06-24 91456] S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368] S3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2010-04-14 45736] S3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [2011-04-01 15232] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336] S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [2009-09-28 315392] . . --- Other Services/Drivers In Memory --- . *Deregistered* - Avgtdix . . ------- Supplementary Scan ------- . uInternet Settings,ProxyOverride = *.local IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html FF - ProfilePath - c:\users\CJ\AppData\Roaming\Mozilla\Firefox\Profiles\4c8bm6ta.default\ FF - prefs.js: browser.search.selectedEngine - AVG Secure Search FF - prefs.js: browser.startup.homepage - hxxp://www.msn.com/ FF - prefs.js: keyword.URL - hxxp://search.avg.com/route/?d=4c69bdce&v=6.103.018.001&i=26&tp=ab&iy=&ychte=us&lng=en-US&q= FF - prefs.js: network.proxy.type - 0 FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} . - - - - ORPHANS REMOVED - - - - . AddRemove-ESET Online Scanner - c:\program files\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe . . . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\{2E444BE9-B8EC-4CE6-8C2B-6536FB7F4FB7}] "ImagePath"="\??\c:\program files\Dell\MediaDirect\000.fcl" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'Explorer.exe'(4928) c:\program files\Fingerprint Reader Suite\farchns.dll c:\program files\Fingerprint Reader Suite\infra.dll . Completion time: 2011-04-20 18:13:38 ComboFix-quarantined-files.txt 2011-04-20 22:13 ComboFix2.txt 2011-04-18 20:53 ComboFix3.txt 2011-04-17 07:05 . Pre-Run: 9,555,337,216 bytes free Post-Run: 9,592,242,176 bytes free . - - End Of File - - EBDF3BA64BE7D5AC81C9B35B603553AA

i just had the sound thing happen again though. it was a neutrogena commercial followed by something on stamps. i had nothing open at the time.

Results of screen317's Security Check version 0.99.10 Windows 7 (UAC is enabled) Internet Explorer 8 `````````````````````````````` Antivirus/Firewall Check: Windows Firewall Enabled! ESET Online Scanner v3 WMI entry may not exist for antivirus; attempting automatic update. ``````````````````````````````` Anti-malware/Other Utilities Check: Ad-Aware Malwarebytes' Anti-Malware Java 6 Update 23 Java SE Development Kit 6 Update 12 Java DB 10.4.1.3 Out of date Java installed! Adobe Flash Player 10.2.152.32 Adobe Reader 9.4.3 Out of date Adobe Reader installed! ```````````````````````````````` Process Check: objlist.exe by Laurent Ad-Aware AAWService.exe Ad-Aware AAWTray.exe ``````````End of Log```````````` this is all the log for the eset scanner showed ESETSmartInstaller@High as CAB hook log: OnlineScanner.ocx - registred OK i ran it two times because the first time i clicked the uninstall on close and didnt have a log file. the first scan showed 6 threats all having to with trojans. 3 had to with java installer i believe. i have not noticed any random sounds today. this afternoon i was getting redirected while i was trying to do a project. however i have been clicking random sites through google after using these last scans and havnt noticed anything. i still have the script errors associated with sites that i have never seen before showing up.

Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Database version: 6393 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 4/18/2011 4:44:16 PM mbam-log-2011-04-18 (16-44-16).txt Scan type: Quick scan Objects scanned: 190333 Time elapsed: 1 minute(s), 6 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) ComboFix 11-04-17.03 - CJ 04/18/2011 16:48:35.2.2 - x86 Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3582.2023 [GMT -4:00] Running from: c:\users\CJ\Desktop\ComboFix.exe AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116} SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Created a new restore point . . ((((((((((((((((((((((((( Files Created from 2011-03-18 to 2011-04-18 ))))))))))))))))))))))))))))))) . . 2011-04-18 20:52 . 2011-04-18 20:52 -------- d-----w- c:\users\Mcx2\AppData\Local\temp 2011-04-18 20:52 . 2011-04-18 20:52 -------- d-----w- c:\users\Mcx1\AppData\Local\temp 2011-04-18 20:52 . 2011-04-18 20:52 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-04-17 12:54 . 2011-04-14 20:30 6792528 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{824CC740-63FC-4068-9FE3-ACFB3A011464}\mpengine.dll 2011-04-16 18:46 . 2011-04-16 18:46 -------- d-----w- c:\program files\Spybot - Search & Destroy 2011-04-16 06:24 . 2011-04-16 06:24 -------- d-----w- c:\users\CJ\AppData\Roaming\Malwarebytes 2011-04-16 06:23 . 2010-12-20 22:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-04-16 06:23 . 2011-04-16 06:23 -------- d-----w- c:\programdata\Malwarebytes 2011-04-16 06:23 . 2011-04-16 06:23 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-04-16 06:11 . 2011-04-16 06:19 -------- d-----w- c:\programdata\SecTaskMan 2011-04-16 06:11 . 2011-04-16 06:12 -------- d-----w- c:\program files\Security Task Manager 2011-04-15 07:43 . 2011-04-07 07:59 16432 ----a-w- c:\windows\system32\lsdelete.exe 2011-04-15 06:07 . 2011-04-01 07:22 64512 ----a-w- c:\windows\system32\drivers\Lbd.sys 2011-04-15 06:07 . 2011-04-15 06:07 98392 ----a-w- c:\windows\system32\drivers\SBREDrv.sys 2011-04-15 06:07 . 2011-04-15 06:07 -------- d-----w- c:\users\CJ\AppData\Local\Sunbelt Software 2011-04-15 06:07 . 2011-04-15 06:07 -------- dc----w- c:\programdata\{6A395471-4AA3-4072-AE1B-9B69A97AD164} 2011-04-15 06:07 . 2011-04-15 06:07 -------- d-----w- c:\program files\Lavasoft 2011-04-14 06:15 . 2011-03-03 03:31 2331136 ----a-w- c:\windows\system32\win32k.sys 2011-04-14 06:15 . 2011-02-24 05:32 288256 ----a-w- c:\windows\system32\XpsGdiConverter.dll 2011-04-14 06:15 . 2011-02-12 05:30 191488 ----a-w- c:\windows\system32\FXSCOVER.exe 2011-04-14 06:15 . 2011-03-11 05:40 1164288 ----a-w- c:\windows\system32\mfc42u.dll 2011-04-14 06:15 . 2011-03-11 05:40 1137664 ----a-w- c:\windows\system32\mfc42.dll 2011-04-14 06:15 . 2011-03-08 05:38 740864 ----a-w- c:\windows\system32\inetcomm.dll 2011-04-14 06:15 . 2011-02-23 05:05 221696 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys 2011-04-14 06:15 . 2011-02-23 05:05 95744 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys 2011-04-14 06:15 . 2011-02-23 05:05 123392 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2011-04-14 06:15 . 2011-02-23 05:05 69632 ----a-w- c:\windows\system32\drivers\bowser.sys 2011-04-14 04:03 . 2011-04-14 04:03 -------- d-----w- c:\users\CJ\AppData\Roaming\ParetoLogic 2011-04-14 04:03 . 2011-04-14 04:03 -------- d-----w- c:\users\CJ\AppData\Roaming\DriverCure 2011-04-14 04:03 . 2011-04-14 20:21 -------- d-----w- c:\programdata\ParetoLogic 2011-04-14 04:03 . 2011-04-14 04:03 -------- d-----w- c:\program files\ParetoLogic 2011-04-12 06:56 . 2011-04-12 06:56 40960 ----a-r- c:\users\CJ\AppData\Roaming\Microsoft\Installer\{9559F7CA-5E34-4237-A2D9-D856464AD727}\NewShortcut1_9559F7CA5E344237A2D9D856464AD727.exe 2011-04-12 06:56 . 2011-04-12 06:56 40960 ----a-r- c:\users\CJ\AppData\Roaming\Microsoft\Installer\{9559F7CA-5E34-4237-A2D9-D856464AD727}\ARPPRODUCTICON.exe 2011-04-12 06:56 . 2011-04-12 06:56 -------- d-----w- c:\program files\Project64 1.6 2011-03-28 23:50 . 2011-03-28 23:50 -------- d-----w- c:\program files\WinSCP . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-03-26 12:26 . 2010-06-24 15:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2011-02-19 05:33 . 2011-03-09 18:10 802304 ----a-w- c:\windows\system32\FntCache.dll 2011-02-19 05:32 . 2011-03-09 18:10 1074176 ----a-w- c:\windows\system32\DWrite.dll 2011-02-19 05:32 . 2011-03-09 18:10 739840 ----a-w- c:\windows\system32\d2d1.dll 2011-02-03 05:45 . 2011-02-10 03:33 219008 ----a-w- c:\windows\system32\drivers\dxgmms1.sys 2011-02-02 22:11 . 2009-10-03 01:19 222080 ------w- c:\windows\system32\MpSigStub.exe . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlay] @="{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}" [HKEY_CLASSES_ROOT\CLSID\{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}] 2007-04-17 04:13 721408 ----a-w- c:\program files\Fingerprint Reader Suite\farchns.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlayOpen] @="{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}" [HKEY_CLASSES_ROOT\CLSID\{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}] 2007-04-17 04:13 721408 ----a-w- c:\program files\Fingerprint Reader Suite\farchns.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2009-07-14 144384] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504] "Octoshape Streaming Services"="c:\users\CJ\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" [2009-01-08 70936] "HLBackupScheduler"="c:\program files\Verizon V CAST Media Manager\V CAST Backup Scheduler.exe" [2010-12-08 5247624] "SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "VolPanel"="c:\program files\Creative\SBAudigy\Volume Panel\VolPanlu.exe" [2006-11-27 180224] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288] "IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-03-21 174872] "DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-09-01 1164584] "PCMService"="c:\program files\Dell\MediaDirect\PCMService.exe" [2008-10-21 184320] "dellsupportcenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064] "NVHotkey"="c:\windows\system32\nvHotkey.dll" [2009-11-21 87144] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-12-13 421160] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2006-11-3 703280] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "DisableCAD"= 1 (0x1) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\psfus] 2007-04-17 04:04 86528 ----a-w- c:\windows\System32\psqlpwd.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "mixer"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint] 2008-01-25 05:42 167936 ----a-w- c:\program files\DellTPad\Apoint.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier] 2010-03-17 01:58 47392 ----a-w- c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupportCenter] 2009-05-21 14:55 206064 ----a-w- c:\program files\Dell Support Center\bin\sprtcmd.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DLCGCATS] 2006-10-20 22:50 73728 ----a-w- c:\windows\System32\spool\drivers\w32x86\3\dlcgtime.dll . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dscactivate] 2007-11-15 13:24 16384 ----a-w- c:\program files\Dell Support Center\gs_agent\custom\dsca.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2010-12-13 22:16 421160 ----a-w- c:\program files\iTunes\iTunesHelper.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Octoshape Streaming Services] 2009-01-08 13:44 70936 ----a-w- c:\users\CJ\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OEM02Mon.exe] 2008-03-04 05:05 36864 ----a-w- c:\windows\OEM02Mon.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2010-12-24 23:50 421888 ----a-w- c:\program files\QuickTime\QTTask.exe . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R3 BTCFilterService;USB Networking Driver Filter Service;c:\windows\system32\DRIVERS\motfilt.sys [2009-01-29 6016] R3 DUBE100B;D-Link DUB-E100 USB 2.0 Fast Ethernet Adapter;c:\windows\system32\DRIVERS\DUBE100B.sys [2007-04-04 39424] R3 motandroidusb;Mot ADB Interface Driver;c:\windows\system32\Drivers\motoandroid.sys [2009-07-10 25856] R3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\DRIVERS\motccgp.sys [2010-06-18 19968] R3 motccgpfl;MotCcgpFlService;c:\windows\system32\DRIVERS\motccgpfl.sys [2009-01-29 8320] R3 Motousbnet;Motorola USB Networking Driver Service;c:\windows\system32\DRIVERS\Motousbnet.sys [2010-04-01 23424] R3 motusbdevice;Motorola USB Dev Driver;c:\windows\system32\DRIVERS\motusbdevice.sys [2010-01-26 9472] R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-04-05 1343400] R4 iaNvStor;Intel® Turbo Memory Controller;c:\windows\system32\drivers\ianvstor.sys [2007-09-07 209408] S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2011-04-01 64512] S1 ElRawDisk;ElRawDisk;c:\windows\system32\drivers\elrawdsk.sys [2007-09-20 12800] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128] S2 {2E444BE9-B8EC-4CE6-8C2B-6536FB7F4FB7};Power Control [2010/03/24 21:26];c:\program files\Dell\MediaDirect\000.fcl [2009-10-01 18:10 87536] S2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\aestsrv.exe [2007-09-20 73728] S2 BNPagent;Client Security Agent Service;c:\program files\Bradford Networks\Client Security Agent\bndaemon.exe [2008-02-23 2645384] S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2011-04-11 1753048] S2 MotoConnect Service;MotoConnect Service;c:\program files\Motorola\MotoConnectService\MotoConnectService.exe [2010-06-24 91456] S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368] S3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2010-04-14 45736] S3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [2011-04-01 15232] S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [2009-09-28 315392] . . --- Other Services/Drivers In Memory --- . *NewlyCreated* - PXLDQPOC *Deregistered* - Avgtdix *Deregistered* - pxldqpoc . Contents of the 'Scheduled Tasks' folder . 2011-04-17 c:\windows\Tasks\Ad-Aware Update (Weekly).job - c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2011-04-01 13:34] . . ------- Supplementary Scan ------- . uInternet Settings,ProxyOverride = *.local IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html FF - ProfilePath - c:\users\CJ\AppData\Roaming\Mozilla\Firefox\Profiles\4c8bm6ta.default\ FF - prefs.js: browser.search.selectedEngine - AVG Secure Search FF - prefs.js: browser.startup.homepage - hxxp://www.msn.com/ FF - prefs.js: keyword.URL - hxxp://search.avg.com/route/?d=4c69bdce&v=6.103.018.001&i=26&tp=ab&iy=&ychte=us&lng=en-US&q= FF - prefs.js: network.proxy.type - 0 FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} . . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\{2E444BE9-B8EC-4CE6-8C2B-6536FB7F4FB7}] "ImagePath"="\??\c:\program files\Dell\MediaDirect\000.fcl" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'Explorer.exe'(3992) c:\program files\Fingerprint Reader Suite\farchns.dll c:\program files\Fingerprint Reader Suite\infra.dll . Completion time: 2011-04-18 16:53:44 ComboFix-quarantined-files.txt 2011-04-18 20:53 ComboFix2.txt 2011-04-17 07:05 . Pre-Run: 9,498,091,520 bytes free Post-Run: 9,441,275,904 bytes free . - - End Of File - - B9DA670B49911796D39AE891C4AC8EE7 . DDS (Ver_11-03-05.01) - NTFSx86 Run by CJ at 16:57:14.44 on Mon 04/18/2011 Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_23 Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3582.1831 [GMT -4:00] . AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\nvvsvc.exe C:\Windows\system32\aestsrv.exe C:\Program Files\Fingerprint Reader Suite\upeksvr.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bradford Networks\Client Security Agent\bndaemon.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe C:\Windows\system32\CTsvcCDA.exe C:\Windows\system32\dlcgcoms.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe C:\Program Files\Motorola\MotoConnectService\MotoConnectService.exe C:\Program Files\Dell Support Center\bin\sprtsvc.exe C:\Windows\system32\STacSV.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Windows\System32\bcmwltry.exe C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\svchost.exe -k bthsvcs C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\SearchIndexer.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\system32\svchost.exe -k SDRSVC C:\Windows\system32\taskhost.exe C:\Windows\system32\wuauclt.exe C:\Program Files\Motorola\MotoConnectService\MotoConnect.exe C:\Windows\Explorer.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Users\CJ\Desktop\dds.scr C:\Windows\system32\conhost.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uInternet Settings,ProxyOverride = *.local BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\dell\bae\BAE.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe uRun: [sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun uRun: [Octoshape Streaming Services] "c:\users\cj\appdata\roaming\octoshape\octoshape streaming services\OctoshapeClient.exe" -inv:bootrun uRun: [HLBackupScheduler] c:\program files\verizon v cast media manager\V CAST Backup Scheduler.exe uRun: [spybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe mRun: [VolPanel] "c:\program files\creative\sbaudigy\volume panel\VolPanlu.exe" /r mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [iAAnotif] "c:\program files\intel\intel matrix storage manager\Iaanotif.exe" mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW mRun: [PCMService] "c:\program files\dell\mediadirect\PCMService.exe" mRun: [dellsupportcenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P dellsupportcenter mRun: [NVHotkey] rundll32.exe c:\windows\system32\nvHotkey.dll,Start mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: DisableCAD = 1 (0x1) IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab Notify: psfus - c:\windows\system32\psqlpwd.dll . ================= FIREFOX =================== . FF - ProfilePath - c:\users\cj\appdata\roaming\mozilla\firefox\profiles\4c8bm6ta.default\ FF - prefs.js: browser.search.selectedEngine - AVG Secure Search FF - prefs.js: browser.startup.homepage - hxxp://www.msn.com/ FF - prefs.js: keyword.URL - hxxp://search.avg.com/route/?d=4c69bdce&v=6.103.018.001&i=26&tp=ab&iy=&ychte=us&lng=en-US&q= FF - prefs.js: network.proxy.type - 0 FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files\microsoft\office live\npOLW.dll FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll FF - plugin: c:\users\cj\appdata\roaming\mozilla\plugins\npoctoshape.dll FF - plugin: c:\windows\system32\tvuax\npTVUAx.dll FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} . ============= SERVICES / DRIVERS =============== . R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2011-4-15 64512] R1 ElRawDisk;ElRawDisk;c:\windows\system32\drivers\elrawdsk.sys [2008-9-8 12800] R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-13 48128] R2 {2E444BE9-B8EC-4CE6-8C2B-6536FB7F4FB7};Power Control [2010/03/24 21:26:15];c:\program files\dell\mediadirect\000.fcl [2008-6-25 87536] R2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\AEstSrv.exe [2009-12-7 73728] R2 BNPagent;Client Security Agent Service;c:\program files\bradford networks\client security agent\bndaemon.exe [2008-2-23 2645384] R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2011-4-1 1753048] R2 MotoConnect Service;MotoConnect Service;c:\program files\motorola\motoconnectservice\MotoConnectService.exe [2010-6-24 91456] R2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2011-4-16 1153368] R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2010-4-14 45736] R3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\lavasoft\ad-aware\kernexplorer.sys [2011-4-1 15232] R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\drivers\yk62x86.sys [2009-9-28 315392] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888] S3 BTCFilterService;USB Networking Driver Filter Service;c:\windows\system32\drivers\motfilt.sys [2009-1-29 6016] S3 DUBE100B;D-Link DUB-E100 USB 2.0 Fast Ethernet Adapter;c:\windows\system32\drivers\DUBE100B.sys [2007-4-4 39424] S3 motandroidusb;Mot ADB Interface Driver;c:\windows\system32\drivers\motoandroid.sys [2009-7-10 25856] S3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\drivers\motccgp.sys [2010-6-18 19968] S3 motccgpfl;MotCcgpFlService;c:\windows\system32\drivers\motccgpfl.sys [2009-1-29 8320] S3 Motousbnet;Motorola USB Networking Driver Service;c:\windows\system32\drivers\Motousbnet.sys [2010-4-1 23424] S3 motusbdevice;Motorola USB Dev Driver;c:\windows\system32\drivers\motusbdevice.sys [2010-1-25 9472] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\drivers\vwifimp.sys [2009-7-13 14336] S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-4-5 1343400] S4 iaNvStor;Intel® Turbo Memory Controller;c:\windows\system32\drivers\iaNvStor.sys [2008-6-25 209408] . =============== Created Last 30 ================ . 2011-04-18 20:53:16 -------- d-sh--w- C:\$RECYCLE.BIN 2011-04-17 12:54:25 6792528 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\{824cc740-63fc-4068-9fe3-acfb3a011464}\mpengine.dll 2011-04-17 06:58:59 98816 ----a-w- c:\windows\sed.exe 2011-04-17 06:58:59 89088 ----a-w- c:\windows\MBR.exe 2011-04-17 06:58:59 256512 ----a-w- c:\windows\PEV.exe 2011-04-17 06:58:59 161792 ----a-w- c:\windows\SWREG.exe 2011-04-16 18:46:33 -------- d-----w- c:\program files\Spybot - Search & Destroy 2011-04-16 06:24:00 -------- d-----w- c:\users\cj\appdata\roaming\Malwarebytes 2011-04-16 06:23:50 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-04-16 06:23:49 -------- d-----w- c:\progra~2\Malwarebytes 2011-04-16 06:23:46 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-04-16 06:11:07 -------- d-----w- c:\progra~2\SecTaskMan 2011-04-16 06:11:02 -------- d-----w- c:\program files\Security Task Manager 2011-04-15 07:43:35 16432 ----a-w- c:\windows\system32\lsdelete.exe 2011-04-15 06:07:52 64512 ----a-w- c:\windows\system32\drivers\Lbd.sys 2011-04-15 06:07:49 98392 ----a-w- c:\windows\system32\drivers\SBREDrv.sys 2011-04-15 06:07:39 -------- d-----w- c:\users\cj\appdata\local\Sunbelt Software 2011-04-15 06:07:20 -------- dc----w- c:\progra~2\{6A395471-4AA3-4072-AE1B-9B69A97AD164} 2011-04-15 06:07:15 -------- d-----w- c:\program files\Lavasoft 2011-04-14 06:15:55 288256 ----a-w- c:\windows\system32\XpsGdiConverter.dll 2011-04-14 06:15:55 2331136 ----a-w- c:\windows\system32\win32k.sys 2011-04-14 06:15:55 191488 ----a-w- c:\windows\system32\FXSCOVER.exe 2011-04-14 06:15:54 740864 ----a-w- c:\windows\system32\inetcomm.dll 2011-04-14 06:15:54 1164288 ----a-w- c:\windows\system32\mfc42u.dll 2011-04-14 06:15:54 1137664 ----a-w- c:\windows\system32\mfc42.dll 2011-04-14 06:15:53 95744 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys 2011-04-14 06:15:53 69632 ----a-w- c:\windows\system32\drivers\bowser.sys 2011-04-14 06:15:53 221696 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys 2011-04-14 06:15:53 123392 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2011-04-14 04:03:12 -------- d-----w- c:\users\cj\appdata\roaming\ParetoLogic 2011-04-14 04:03:12 -------- d-----w- c:\users\cj\appdata\roaming\DriverCure 2011-04-14 04:03:07 -------- d-----w- c:\program files\ParetoLogic 2011-04-14 04:03:07 -------- d-----w- c:\progra~2\ParetoLogic 2011-04-12 06:56:41 40960 ----a-r- c:\users\cj\appdata\roaming\microsoft\installer\{9559f7ca-5e34-4237-a2d9-d856464ad727}\NewShortcut1_9559F7CA5E344237A2D9D856464AD727.exe 2011-04-12 06:56:41 40960 ----a-r- c:\users\cj\appdata\roaming\microsoft\installer\{9559f7ca-5e34-4237-a2d9-d856464ad727}\ARPPRODUCTICON.exe 2011-04-12 06:56:41 -------- d-----w- c:\program files\Project64 1.6 2011-03-28 23:50:29 -------- d-----w- c:\program files\WinSCP . ==================== Find3M ==================== . 2011-03-03 05:29:23 132608 ----a-w- c:\windows\system32\dnsrslvr.dll 2011-03-03 05:27:30 28672 ----a-w- c:\windows\system32\dnscacheugc.exe 2011-02-24 05:32:44 981504 ----a-w- c:\windows\system32\wininet.dll 2011-02-24 05:30:16 44544 ----a-w- c:\windows\system32\licmgr10.dll 2011-02-24 04:23:48 386048 ----a-w- c:\windows\system32\html.iec 2011-02-24 03:50:26 1638912 ----a-w- c:\windows\system32\mshtml.tlb 2011-02-19 05:33:11 802304 ----a-w- c:\windows\system32\FntCache.dll 2011-02-19 05:32:48 1074176 ----a-w- c:\windows\system32\DWrite.dll 2011-02-19 05:32:35 739840 ----a-w- c:\windows\system32\d2d1.dll 2011-02-19 05:32:08 34304 ----a-w- c:\windows\system32\atmlib.dll 2011-02-19 03:37:02 294912 ----a-w- c:\windows\system32\atmfd.dll 2011-02-18 05:36:26 428032 ----a-w- c:\windows\system32\vbscript.dll 2011-02-02 22:11:20 222080 ------w- c:\windows\system32\MpSigStub.exe . ============= FINISH: 16:57:28.61 ===============

Random commercial like sounds will play randomly, I get script errors from sites that ive never been to, and whenever I use a search engine I get redirected to random sites. I need help and thank you in advance to who ever does. . DDS (Ver_11-03-05.01) - NTFSx86 Run by CJ at 3:15:27.15 on Sun 04/17/2011 Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_23 Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3582.2107 [GMT -4:00] . AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116} SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\nvvsvc.exe C:\Windows\system32\aestsrv.exe C:\Program Files\Fingerprint Reader Suite\upeksvr.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bradford Networks\Client Security Agent\bndaemon.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe C:\Windows\system32\CTsvcCDA.exe C:\Windows\system32\dlcgcoms.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe C:\Program Files\Motorola\MotoConnectService\MotoConnectService.exe C:\Program Files\Dell Support Center\bin\sprtsvc.exe C:\Windows\system32\STacSV.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Windows\System32\WLTRYSVC.EXE C:\Windows\System32\bcmwltry.exe C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\svchost.exe -k bthsvcs C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\SearchProtocolHost.exe C:\Program Files\Motorola\MotoConnectService\MotoConnect.exe C:\Windows\Explorer.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Program Files\Mozilla Firefox\firefox.exe C:\Windows\system32\wuauclt.exe C:\Windows\system32\svchost.exe -k SDRSVC C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Users\CJ\Desktop\dds.scr C:\Windows\system32\conhost.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uInternet Settings,ProxyOverride = *.local BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\dell\bae\BAE.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe uRun: [sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun uRun: [Octoshape Streaming Services] "c:\users\cj\appdata\roaming\octoshape\octoshape streaming services\OctoshapeClient.exe" -inv:bootrun uRun: [HLBackupScheduler] c:\program files\verizon v cast media manager\V CAST Backup Scheduler.exe uRun: [spybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe mRun: [VolPanel] "c:\program files\creative\sbaudigy\volume panel\VolPanlu.exe" /r mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [iAAnotif] "c:\program files\intel\intel matrix storage manager\Iaanotif.exe" mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW mRun: [PCMService] "c:\program files\dell\mediadirect\PCMService.exe" mRun: [dellsupportcenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P dellsupportcenter mRun: [NVHotkey] rundll32.exe c:\windows\system32\nvHotkey.dll,Start mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: DisableCAD = 1 (0x1) IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab Notify: psfus - c:\windows\system32\psqlpwd.dll . ================= FIREFOX =================== . FF - ProfilePath - c:\users\cj\appdata\roaming\mozilla\firefox\profiles\4c8bm6ta.default\ FF - prefs.js: browser.search.selectedEngine - AVG Secure Search FF - prefs.js: browser.startup.homepage - hxxp://www.msn.com/ FF - prefs.js: keyword.URL - hxxp://search.avg.com/route/?d=4c69bdce&v=6.103.018.001&i=26&tp=ab&iy=&ychte=us&lng=en-US&q= FF - prefs.js: network.proxy.type - 0 FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files\microsoft\office live\npOLW.dll FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll FF - plugin: c:\users\cj\appdata\roaming\mozilla\plugins\npoctoshape.dll FF - plugin: c:\windows\system32\tvuax\npTVUAx.dll FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} . ============= SERVICES / DRIVERS =============== . R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2011-4-15 64512] R1 ElRawDisk;ElRawDisk;c:\windows\system32\drivers\elrawdsk.sys [2008-9-8 12800] R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-13 48128] R2 {2E444BE9-B8EC-4CE6-8C2B-6536FB7F4FB7};Power Control [2010/03/24 21:26:15];c:\program files\dell\mediadirect\000.fcl [2008-6-25 87536] R2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\AEstSrv.exe [2009-12-7 73728] R2 BNPagent;Client Security Agent Service;c:\program files\bradford networks\client security agent\bndaemon.exe [2008-2-23 2645384] R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2011-4-1 1753048] R2 MotoConnect Service;MotoConnect Service;c:\program files\motorola\motoconnectservice\MotoConnectService.exe [2010-6-24 91456] R2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2011-4-16 1153368] R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2010-4-14 45736] R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\drivers\vwifimp.sys [2009-7-13 14336] R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\drivers\yk62x86.sys [2009-9-28 315392] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888] S3 BTCFilterService;USB Networking Driver Filter Service;c:\windows\system32\drivers\motfilt.sys [2009-1-29 6016] S3 DUBE100B;D-Link DUB-E100 USB 2.0 Fast Ethernet Adapter;c:\windows\system32\drivers\DUBE100B.sys [2007-4-4 39424] S3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\lavasoft\ad-aware\kernexplorer.sys [2011-4-1 15232] S3 motandroidusb;Mot ADB Interface Driver;c:\windows\system32\drivers\motoandroid.sys [2009-7-10 25856] S3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\drivers\motccgp.sys [2010-6-18 19968] S3 motccgpfl;MotCcgpFlService;c:\windows\system32\drivers\motccgpfl.sys [2009-1-29 8320] S3 Motousbnet;Motorola USB Networking Driver Service;c:\windows\system32\drivers\Motousbnet.sys [2010-4-1 23424] S3 motusbdevice;Motorola USB Dev Driver;c:\windows\system32\drivers\motusbdevice.sys [2010-1-25 9472] S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-4-5 1343400] S4 iaNvStor;Intel® Turbo Memory Controller;c:\windows\system32\drivers\iaNvStor.sys [2008-6-25 209408] . =============== Created Last 30 ================ . 2011-04-17 07:05:21 -------- d-sh--w- C:\$RECYCLE.BIN 2011-04-17 06:58:59 98816 ----a-w- c:\windows\sed.exe 2011-04-17 06:58:59 89088 ----a-w- c:\windows\MBR.exe 2011-04-17 06:58:59 256512 ----a-w- c:\windows\PEV.exe 2011-04-17 06:58:59 161792 ----a-w- c:\windows\SWREG.exe 2011-04-16 18:46:33 -------- d-----w- c:\program files\Spybot - Search & Destroy 2011-04-16 06:24:00 -------- d-----w- c:\users\cj\appdata\roaming\Malwarebytes 2011-04-16 06:23:50 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-04-16 06:23:49 -------- d-----w- c:\progra~2\Malwarebytes 2011-04-16 06:23:46 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-04-16 06:11:07 -------- d-----w- c:\progra~2\SecTaskMan 2011-04-16 06:11:02 -------- d-----w- c:\program files\Security Task Manager 2011-04-15 07:43:35 16432 ----a-w- c:\windows\system32\lsdelete.exe 2011-04-15 06:07:52 64512 ----a-w- c:\windows\system32\drivers\Lbd.sys 2011-04-15 06:07:49 98392 ----a-w- c:\windows\system32\drivers\SBREDrv.sys 2011-04-15 06:07:39 -------- d-----w- c:\users\cj\appdata\local\Sunbelt Software 2011-04-15 06:07:20 -------- dc----w- c:\progra~2\{6A395471-4AA3-4072-AE1B-9B69A97AD164} 2011-04-15 06:07:15 -------- d-----w- c:\program files\Lavasoft 2011-04-14 06:15:55 288256 ----a-w- c:\windows\system32\XpsGdiConverter.dll 2011-04-14 06:15:55 2331136 ----a-w- c:\windows\system32\win32k.sys 2011-04-14 06:15:55 191488 ----a-w- c:\windows\system32\FXSCOVER.exe 2011-04-14 06:15:54 740864 ----a-w- c:\windows\system32\inetcomm.dll 2011-04-14 06:15:54 1164288 ----a-w- c:\windows\system32\mfc42u.dll 2011-04-14 06:15:54 1137664 ----a-w- c:\windows\system32\mfc42.dll 2011-04-14 06:15:53 95744 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys 2011-04-14 06:15:53 69632 ----a-w- c:\windows\system32\drivers\bowser.sys 2011-04-14 06:15:53 221696 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys 2011-04-14 06:15:53 123392 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2011-04-14 04:03:12 -------- d-----w- c:\users\cj\appdata\roaming\ParetoLogic 2011-04-14 04:03:12 -------- d-----w- c:\users\cj\appdata\roaming\DriverCure 2011-04-14 04:03:07 -------- d-----w- c:\program files\ParetoLogic 2011-04-14 04:03:07 -------- d-----w- c:\progra~2\ParetoLogic 2011-04-12 06:56:41 40960 ----a-r- c:\users\cj\appdata\roaming\microsoft\installer\{9559f7ca-5e34-4237-a2d9-d856464ad727}\NewShortcut1_9559F7CA5E344237A2D9D856464AD727.exe 2011-04-12 06:56:41 40960 ----a-r- c:\users\cj\appdata\roaming\microsoft\installer\{9559f7ca-5e34-4237-a2d9-d856464ad727}\ARPPRODUCTICON.exe 2011-04-12 06:56:41 -------- d-----w- c:\program files\Project64 1.6 2011-03-28 23:50:29 -------- d-----w- c:\program files\WinSCP 2011-03-18 14:26:03 -------- d-----w- C:\moms flash 2011-03-18 14:24:35 -------- d-----w- c:\users\cj\appdata\local\Sony Corporation . ==================== Find3M ==================== . 2011-03-03 05:29:23 132608 ----a-w- c:\windows\system32\dnsrslvr.dll 2011-03-03 05:27:30 28672 ----a-w- c:\windows\system32\dnscacheugc.exe 2011-02-24 05:32:44 981504 ----a-w- c:\windows\system32\wininet.dll 2011-02-24 05:30:16 44544 ----a-w- c:\windows\system32\licmgr10.dll 2011-02-24 04:23:48 386048 ----a-w- c:\windows\system32\html.iec 2011-02-24 03:50:26 1638912 ----a-w- c:\windows\system32\mshtml.tlb 2011-02-19 05:33:11 802304 ----a-w- c:\windows\system32\FntCache.dll 2011-02-19 05:32:48 1074176 ----a-w- c:\windows\system32\DWrite.dll 2011-02-19 05:32:35 739840 ----a-w- c:\windows\system32\d2d1.dll 2011-02-19 05:32:08 34304 ----a-w- c:\windows\system32\atmlib.dll 2011-02-19 03:37:02 294912 ----a-w- c:\windows\system32\atmfd.dll 2011-02-18 05:36:26 428032 ----a-w- c:\windows\system32\vbscript.dll . ============= FINISH: 3:15:39.95 =============== Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Database version: 6372 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 4/17/2011 3:36:01 AM mbam-log-2011-04-17 (03-36-01).txt Scan type: Quick scan Objects scanned: 189658 Time elapsed: 1 minute(s), 3 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) Attach.zip