Jump to content

Help IE Homepage has been hijacked


Recommended Posts

The start page for Internet Explorer (http://myearthlink.net) is being hijacked to http://myhomelinkonline.com. All other pages

load correctly, but any attempt to go to myearthlink.net is redirected to the myhomelinkonline.com site.

I have changed the start page to my.earthlink.net and that does not get redirected.

Sometimes trying to go to other sites fails at first but a refresh will load the page.

The HJT file follows:

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 9:01:14 PM, on 1/1/2011

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.17093)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\WINDOWS\system32\cisvc.exe

C:\WINDOWS\System32\CTsvcCDA.exe

C:\WINDOWS\csifcsvc.exe

C:\WINDOWS\system32\drivers\KodakCCS.exe

C:\Program Files\Common Files\LightScribe\LSSrvc.exe

C:\WINDOWS\System32\nvsvc32.exe

C:\PROGRA~1\Dantz\RETROS~1\retrorun.exe

C:\Program Files\CyberLink\Shared Files\RichVideo.exe

C:\WINDOWS\System32\ScsiAccess.EXE

C:\Program Files\Dell Support Center\bin\sprtsvc.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\MsPMSPSv.exe

C:\Program Files\Canon\CAL\CALMAIN.exe

C:\WINDOWS\MXOaldr.exe

C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe

C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe

C:\PROGRA~1\Dantz\RETROS~1\ComboButton.exe

C:\WINDOWS\kdx\KHost.exe

C:\Program Files\Microsoft IntelliPoint\point32.exe

C:\Program Files\Hewlett-Packard\HP Deskjet 9800 Series\Toolbox\HPWQTBX.exe

C:\WINDOWS\System32\taskswitch.exe

C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe

C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe

C:\Program Files\Dell Support Center\bin\sprtcmd.exe

C:\WINDOWS\System32\DLA\DLACTRLW.EXE

C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe

C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe

C:\Program Files\iTunes8\iTunesHelper.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\DellSupport\DSAgnt.exe

C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe

C:\Program Files\EZBackitup\EZBkuptray.exe

C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe

C:\Program Files\Common Files\DataViz\DvzIncMsgr.exe

C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe

C:\Program Files\Palm\Hotsync.exe

C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe

C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe

C:\lotus\organize\easyclip.exe

C:\Program Files\BitDefender\BitDefender 2010\seccenter.exe

C:\lotus\smartctr\SUITEST.EXE

C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe

C:\Program Files\Common Files\Sonic Shared\CineTray.exe

C:\Program Files\Novatix\ExplorerPlus\Nxdlghlp.exe

C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe

C:\Program Files\WallpaperToy\Wallpapertoy.Exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe

C:\WINDOWS\system32\cidaemon.exe

C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe

C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe

C:\WINDOWS\system32\NOTEPAD.EXE

C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://my.earthlink.net/

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = http://localhost;*.local

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL

O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll

O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2010\IEToolbar.dll

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [MXO Auto Loader] C:\WINDOWS\MXOaldr.exe

O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe

O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe

O4 - HKLM\..\Run: [MaxtorCombo] "C:\PROGRA~1\Dantz\RETROS~1\ComboButton.exe"

O4 - HKLM\..\Run: [kdx] C:\WINDOWS\kdx\KHost.exe

O4 - HKLM\..\Run: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"

O4 - HKLM\..\Run: [HPWQTOOLBOX] C:\Program Files\Hewlett-Packard\HP Deskjet 9800 Series\Toolbox\HPWQTBX.exe "-i"

O4 - HKLM\..\Run: [diagent] "C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe" startup

O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\System32\taskswitch.exe

O4 - HKLM\..\Run: [AdaptecDirectCD] C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"

O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"

O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter

O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE

O4 - HKLM\..\Run: [bitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2010\IEShow.exe"

O4 - HKLM\..\Run: [bDAgent] "C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes8\iTunesHelper.exe"

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"

O4 - HKCU\..\Run: [EZBack-it-up Tray Scheduler] C:\Program Files\EZBackitup\EZBkuptray.exe

O4 - HKUS\S-1-5-18\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'Default user')

O4 - Startup: Dialog Tracker.lnk = C:\Program Files\Novatix\ExplorerPlus\Nxdlghlp.exe

O4 - Startup: Palm Registration.lnk = C:\Program Files\Palm\register.exe

O4 - Startup: Picture Motion Browser Media Check Tool.lnk = C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe

O4 - Startup: Wallpaper Changer.lnk = C:\Program Files\WallpaperToy\Wallpapertoy.Exe

O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe

O4 - Global Startup: Adobe Gamma Loader.lnk = ?

O4 - Global Startup: DataViz Inc Messenger.lnk = C:\Program Files\Common Files\DataViz\DvzIncMsgr.exe

O4 - Global Startup: HOTSYNCSHORTCUTNAME.lnk = C:\Program Files\Palm\Hotsync.exe

O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe

O4 - Global Startup: KODAK Software Updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe

O4 - Global Startup: Lotus Organizer EasyClip.lnk = ?

O4 - Global Startup: Lotus QuickStart.lnk = ?

O4 - Global Startup: Lotus SuiteStart.lnk = C:\lotus\smartctr\SUITEST.EXE

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe

O4 - Global Startup: Sonic CinePlayer Quick Launch.lnk = C:\Program Files\Common Files\Sonic Shared\CineTray.exe

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll

O15 - Trusted Zone: *.musicmatch.com

O15 - Trusted Zone: *.musicmatch.com (HKLM)

O16 - DPF: Yahoo! MLB StatTracker - http://aud12.sports.sc5.yahoo.com/java/y/mlbst8408_x.cab

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/200212...meInstaller.exe

O16 - DPF: {60EFC337-15C2-4369-B2A0-3429B071D8B8} (Hewlett-Packard Printer Diagnostics) - http://h50203.www5.hp.com/HPISWeb/Customer...SWebManager.CAB

O16 - DPF: {CC05BC12-2AA2-4AC7-AC81-0E40F83B1ADF} (Live365Player Class) - http://www.live365.com/players/play365.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O16 - DPF: {E9A7F56F-C40F-4928-8C6F-7A72F2A25222} (AxRUploadControl Object) - http://www.imagestation.com/common/classes....cab?v=1,0,0,38

O16 - DPF: {F54C1137-5E34-4B95-95A5-BA56D4D8D743} (Secure Delivery) - http://content-g.kontiki.com/kdx/v2.10/kon...current/kdx.cab

O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100

O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: BitDefender Arrakis Server (Arrakis3) - BitDefender S.R.L. http://www.bitdefender.com - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe

O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe

O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe

O23 - Service: FileCabinet Solution Print Service (FCPrintService) - Creative Solutions - C:\WINDOWS\csifcsvc.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender S.R.L. - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe

O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe

O23 - Service: Intel® NMS (NMSSvc) - Intel Corporation - C:\WINDOWS\System32\NMSSvc.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

O23 - Service: Retrospect Launcher (RetroLauncher) - Dantz Development Corporation - C:\PROGRA~1\Dantz\RETROS~1\retrorun.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\System32\ScsiAccess.EXE

O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe

O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe

--

End of file - 13666 bytes

Link to post
Share on other sites

:welcome:

is your computer behind a wireless router?

We need to see some additional information about what is happening in your machine.

Please perform the following scan:

  • Download DDS by sUBs from one of the following links. Save it to your desktop.

    [*]Double click on the DDS icon, allow it to run.

    [*]A small box will open, with an explanation about the tool.

    [*]When done, DDS will open two (2) logs

    1. DDS.txt

    2. Attach.txt

    [*] Save both reports to your desktop.

    [*] The instructions here ask you to attach the Attach.txt.

    DDS.jpg

    [*]Instead of attaching, please copy/past both logs into your next reply.

    [*]Close the program window, and delete the program from your desktop.

Please note: You may have to disable any script protection running if the scan fails to run.

After downloading the tool, disconnect from the internet and disable all antivirus protection.

Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE

Link to post
Share on other sites

:welcome:

is your computer behind a wireless router?

We need to see some additional information about what is happening in your machine.

Please perform the following scan:

  • Download DDS by sUBs from one of the following links. Save it to your desktop.

    [*]Double click on the DDS icon, allow it to run.

    [*]A small box will open, with an explanation about the tool.

    [*]When done, DDS will open two (2) logs

    1. DDS.txt

    2. Attach.txt

    [*] Save both reports to your desktop.

    [*] The instructions here ask you to attach the Attach.txt.

    DDS.jpg

    [*]Instead of attaching, please copy/past both logs into your next reply.

    [*]Close the program window, and delete the program from your desktop.

Please note: You may have to disable any script protection running if the scan fails to run.

After downloading the tool, disconnect from the internet and disable all antivirus protection.

Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE

Link to post
Share on other sites

:welcome:

is your computer behind a wireless router?

We need to see some additional information about what is happening in your machine.

Please perform the following scan:

  • Download DDS by sUBs from one of the following links. Save it to your desktop.

    [*]Double click on the DDS icon, allow it to run.

    [*]A small box will open, with an explanation about the tool.

    [*]When done, DDS will open two (2) logs

    1. DDS.txt

    2. Attach.txt

    [*] Save both reports to your desktop.

    [*] The instructions here ask you to attach the Attach.txt.

    DDS.jpg

    [*]Instead of attaching, please copy/past both logs into your next reply.

    [*]Close the program window, and delete the program from your desktop.

Please note: You may have to disable any script protection running if the scan fails to run.

After downloading the tool, disconnect from the internet and disable all antivirus protection.

Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE

Link to post
Share on other sites

Thank you very much for the help.

I have a Linksys Wireless-G router and a Westell Model 6100 DSL-2 router.

The two .txt files that you asked for are copied and pasted below.

Again, thanks for the assistance.

hshivley

DDS (Ver_10-12-12.02) - NTFSx86

Run by Harold L. Shively at 10:39:41.75 on Mon 01/03/2011

Internet Explorer: 7.0.5730.11

============== Running Processes ===============

DDS.txt

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\WINDOWS\system32\cisvc.exe

C:\WINDOWS\System32\CTsvcCDA.exe

C:\WINDOWS\csifcsvc.exe

C:\WINDOWS\system32\drivers\KodakCCS.exe

C:\Program Files\Common Files\LightScribe\LSSrvc.exe

C:\WINDOWS\System32\nvsvc32.exe

C:\PROGRA~1\Dantz\RETROS~1\retrorun.exe

C:\Program Files\CyberLink\Shared Files\RichVideo.exe

C:\WINDOWS\System32\ScsiAccess.EXE

C:\Program Files\Dell Support Center\bin\sprtsvc.exe

C:\WINDOWS\System32\MsPMSPSv.exe

C:\Program Files\Canon\CAL\CALMAIN.exe

C:\WINDOWS\MXOaldr.exe

C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe

C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe

C:\PROGRA~1\Dantz\RETROS~1\ComboButton.exe

C:\WINDOWS\kdx\KHost.exe

C:\Program Files\Microsoft IntelliPoint\point32.exe

C:\Program Files\Hewlett-Packard\HP Deskjet 9800 Series\Toolbox\HPWQTBX.exe

C:\WINDOWS\System32\taskswitch.exe

C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe

C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe

C:\WINDOWS\System32\alg.exe

C:\Program Files\Dell Support Center\bin\sprtcmd.exe

C:\WINDOWS\System32\DLA\DLACTRLW.EXE

C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe

C:\Program Files\iTunes8\iTunesHelper.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\DellSupport\DSAgnt.exe

C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe

C:\Program Files\EZBackitup\EZBkuptray.exe

C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe

C:\Program Files\Common Files\DataViz\DvzIncMsgr.exe

C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe

C:\Program Files\Palm\Hotsync.exe

C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe

C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe

C:\lotus\organize\easyclip.exe

C:\lotus\smartctr\SUITEST.EXE

C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe

C:\Program Files\Common Files\Sonic Shared\CineTray.exe

C:\Program Files\Novatix\ExplorerPlus\Nxdlghlp.exe

C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe

C:\Program Files\WallpaperToy\Wallpapertoy.Exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe

C:\WINDOWS\system32\cidaemon.exe

C:\Program Files\iTunes8\iTunes.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe

C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Documents and Settings\Harold L. Shively\Desktop\dds.scr

C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\System32\svchost.exe -k NetworkService

C:\WINDOWS\System32\svchost.exe -k LocalService

C:\WINDOWS\System32\svchost.exe -k LocalService

C:\WINDOWS\System32\svchost.exe -k imgsvc

============== Pseudo HJT Report ===============

uStart Page = hxxp://my.earthlink.net/

uInternet Settings,ProxyOverride = hxxp://localhost;*.local

BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll

BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\DLASHX_W.DLL

BHO: AcroIEToolbarHelper Class: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\acrobat 6.0\acrobat\AcroIEFavClient.dll

TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 6.0\acrobat\AcroIEFavClient.dll

TB: BitDefender Toolbar: {381ffde8-2394-4f90-b10d-fc6124a40f8c} - c:\program files\bitdefender\bitdefender 2010\IEToolbar.dll

TB: {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No File

EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - c:\program files\adobe\acrobat 6.0\acrobat\AcroIEFavClient.dll

EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File

uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background

uRun: [DellSupport] "c:\program files\dellsupport\DSAgnt.exe" /startup

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter

uRun: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\ahead\lib\NMBgMonitor.exe"

uRun: [EZBack-it-up Tray Scheduler] c:\program files\ezbackitup\EZBkuptray.exe

mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup

mRun: [updReg] c:\windows\UpdReg.EXE

mRun: [nwiz] nwiz.exe /install

mRun: [MXO Auto Loader] c:\windows\MXOaldr.exe

mRun: [MMTray] c:\program files\musicmatch\musicmatch jukebox\mm_tray.exe

mRun: [mmtask] c:\program files\musicmatch\musicmatch jukebox\mmtask.exe

mRun: [MaxtorCombo] "c:\progra~1\dantz\retros~1\ComboButton.exe"

mRun: [kdx] c:\windows\kdx\KHost.exe

mRun: [intelliPoint] "c:\program files\microsoft intellipoint\point32.exe"

mRun: [HPWQTOOLBOX] c:\program files\hewlett-packard\hp deskjet 9800 series\toolbox\HPWQTBX.exe "-i"

mRun: [diagent] "c:\program files\creative\sblive\diagnostics\diagent.exe" startup

mRun: [CoolSwitch] c:\windows\system32\taskswitch.exe

mRun: [AdaptecDirectCD] c:\program files\adaptec\easy cd creator 5\directcd\DirectCD.exe

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"

mRun: [dscactivate] "c:\program files\dell support center\gs_agent\custom\dsca.exe"

mRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe"

mRun: [LanguageShortcut] "c:\program files\cyberlink\powerdvd\language\Language.exe"

mRun: [NeroFilterCheck] c:\program files\common files\ahead\lib\NeroCheck.exe

mRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter

mRun: [DLA] c:\windows\system32\dla\DLACTRLW.EXE

mRun: [bitDefender Antiphishing Helper] "c:\program files\bitdefender\bitdefender 2010\IEShow.exe"

mRun: [bDAgent] "c:\program files\bitdefender\bitdefender 2010\bdagent.exe"

mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime

mRun: [iTunesHelper] "c:\program files\itunes8\iTunesHelper.exe"

mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent

dRun: [ALUAlert] c:\program files\symantec\liveupdate\ALUNotify.exe

mPolicies-explorer: <NO NAME> =

IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office10\EXCEL.EXE/3000

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

Trusted Zone: musicmatch.com

Trusted Zone: musicmatch.com

DPF: DirectAnimation Java Classes - file://c:\windows\java\classes\dajava.cab

DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab

DPF: Yahoo! MLB StatTracker - hxxp://aud12.sports.sc5.yahoo.com/java/y/mlbst8408_x.cab

DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://www.apple.com/qtactivex/qtplugin.cab

DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/swdir.cab

DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204

DPF: {41F17733-B041-4099-A042-B518BB6A408C} - hxxp://a1540.g.akamai.net/7/1540/52/20021205/qtinstall.info.apple.com/borris/us/win/QuickTimeInstaller.exe

DPF: {60EFC337-15C2-4369-B2A0-3429B071D8B8} - hxxp://h50203.www5.hp.com/HPISWeb/Customer/cabs/HPISWebManager.CAB

DPF: {CC05BC12-2AA2-4AC7-AC81-0E40F83B1ADF} - hxxp://www.live365.com/players/play365.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

DPF: {E9A7F56F-C40F-4928-8C6F-7A72F2A25222} - hxxp://www.imagestation.com/common/classes/SonyISUpload.cab?v=1,0,0,38

DPF: {F54C1137-5E34-4B95-95A5-BA56D4D8D743} - hxxp://content-g.kontiki.com/kdx/v2.10/kontiki/kontiki/current/kdx.cab

DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} - hxxps://secure.logmein.com/activex/ractrl.cab?lmi=100

Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

============= SERVICES / DRIVERS ===============

R? Arrakis3;BitDefender Arrakis Server

R? IFP300;iRiver Internet Audio Player IFP-300

R? JumpShot;Lexar Media USB Compact Flash Driver

R? mrtRate;mrtRate

R? V2210VID;DigitalCam Pro

S? bdfm;bdfm

S? Bdfndisf;BitDefender Firewall NDIS Filter Service

S? BDVEDISK;BDVEDISK

=============== Created Last 30 ================

2011-01-02 03:40:35 388096 ----a-r- c:\docume~1\harold~1.shi\applic~1\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe

2011-01-02 03:40:03 -------- d-----w- c:\program files\Trend Micro

2011-01-01 21:58:54 -------- d-----w- c:\docume~1\harold~1.shi\applic~1\Malwarebytes

2011-01-01 21:58:42 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2011-01-01 21:58:39 -------- d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes

2011-01-01 21:58:34 20952 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-01-01 21:58:33 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2010-12-19 01:32:55 -------- d-----w- c:\docume~1\alluse~1\applic~1\{429CAD59-35B1-4DBC-BB6D-1DB246563521}

2010-12-19 01:23:00 41984 ----a-w- c:\windows\system32\drivers\usbaapl.sys

2010-12-19 01:23:00 4184352 ----a-w- c:\windows\system32\usbaaplrc.dll

2010-12-19 01:21:59 -------- d-----w- c:\program files\Bonjour

2010-12-17 20:29:28 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin7.dll

2010-12-17 20:29:28 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin6.dll

2010-12-17 20:29:28 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin5.dll

2010-12-17 20:29:28 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin4.dll

2010-12-17 20:29:28 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin3.dll

2010-12-17 20:29:28 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin2.dll

2010-12-17 20:29:28 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin.dll

2010-12-15 03:53:58 40960 ------w- c:\windows\system32\dllcache\ndproxy.sys

2010-12-15 03:52:32 45568 ------w- c:\windows\system32\dllcache\wab.exe

==================== Find3M ====================

2010-11-30 01:38:30 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx

2010-11-30 01:38:30 69632 ----a-w- c:\windows\system32\QuickTime.qts

2010-11-18 18:12:44 81920 ------w- c:\windows\system32\isign32.dll

2010-11-06 00:34:12 832512 ----a-w- c:\windows\system32\wininet.dll

2010-11-06 00:34:11 78336 ----a-w- c:\windows\system32\ieencode.dll

2010-11-06 00:34:11 1830912 ----a-w- c:\windows\system32\inetcpl.cpl

2010-11-06 00:34:11 17408 ----a-w- c:\windows\system32\corpol.dll

2010-11-05 17:41:02 398744 ----a-r- c:\windows\system32\cpnprt2.cid

2010-11-03 12:25:53 389120 ----a-w- c:\windows\system32\html.iec

2010-10-28 13:13:22 290048 ----a-w- c:\windows\system32\atmfd.dll

2010-10-26 13:25:00 1853312 ------w- c:\windows\system32\win32k.sys

2010-10-07 20:23:02 91424 ----a-w- c:\windows\system32\dnssd.dll

2010-10-07 20:23:02 197920 ----a-w- c:\windows\system32\dnssdX.dll

2010-10-07 20:23:02 107808 ----a-w- c:\windows\system32\dns-sd.exe

============= FINISH: 10:52:25.51 ===============

----------------------------------------------------------------------------------------------------------------------------------------------

Attach.txt

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-12-12.02)

Microsoft Windows XP Professional

Boot Device: \Device\HarddiskVolume2

Install Date: 1/11/2003 12:18:26 PM

System Uptime: 1/1/2011 6:18:10 PM (40 hours ago)

Motherboard: Dell Computer Corp. | |

Processor: Intel® Pentium® 4 CPU 2.80GHz | Microprocessor | 2790/533mhz

==== Disk Partitions =========================

A: is Removable

C: is FIXED (NTFS) - 112 GiB total, 38.022 GiB free.

D: is FIXED (NTFS) - 56 GiB total, 50.404 GiB free.

E: is CDROM ()

F: is CDROM ()

G: is Removable

I: is FIXED (NTFS) - 153 GiB total, 118.685 GiB free.

==== Disabled Device Manager Items =============

==== System Restore Points ===================

==== Installed Programs ======================

5000 Series

7.9

Adobe Acrobat - Reader 6.0.2 Update

Adobe Acrobat 6.0.1 Standard

Adobe Acrobat and Reader 6.0.3 Update

Adobe Acrobat and Reader 6.0.4 Update

Adobe Acrobat and Reader 6.0.5 Update

Adobe Acrobat and Reader 6.0.6 Update

Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)

Adobe Atmosphere Player for Acrobat and Adobe Reader

Adobe Flash Player 10 ActiveX

Adobe Photoshop Elements 2.0

Adobe Reader 8.1.1

Adobe Reader 8.1.2

Adobe Reader 8.1.2 Security Update 1 (KB403742)

Adobe Reader 8.1.5

Adobe Shockwave Player

Alt-Tab Task Switcher Powertoy for Windows XP

Apple Application Support

Apple Mobile Device Support

Apple Software Update

aspi

AtomTime Pro 3.1a

AvantGo Client

AVS Audio Converter version 6.1

AVS Audio Editor version 5.2

AVS Audio Recorder version 3.9

AVS Cover Editor 1.3.1.96 (AVS4YOU)

AVS Disc Creator version 3.5

AVS Ringtone Maker version 1.6

AVS Update Manager 1.0

AVS Video Converter 6

AVS Video Editor 4

AVS Video Recorder 2.4

AVS Video ReMaker 3.1.1.83

AVS YouTube Uploader version 2.1

AVS4YOU Software Navigator 1.3

Back Roads Explorer 3D

Backyard Football 2002

BitDefender Total Security 2010

BlackBerry Desktop Software 4.3

Bonjour

Bounce from Shockwave.com (remove only)

Britannica Ready Reference

Calculator Powertoy for Windows XP

Camera Access Library

Camera Support Core Library

Camera Window DS

Camera Window DVC

Camera Window MC

Canon Camera Access Library

Canon Camera Support Core Library

Canon Camera Window DC_DV 5 for ZoomBrowser EX

Canon Camera Window DC_DV 6 for ZoomBrowser EX

Canon Camera Window DSLR 5 for ZoomBrowser EX

Canon Camera Window MC 6 for ZoomBrowser EX

Canon Digital Camera USB WIA Driver

Canon MovieEdit Task for ZoomBrowser EX

Canon PhotoRecord

Canon RAW Image Task for ZoomBrowser EX

Canon Utilities PhotoStitch 3.1

Canon Utilities RAW Image Converter

Canon Utilities RemoteCapture 2.2

Canon ZoomBrowser EX (E)

Card Games

CCHelp

CCScore

CmdHere Powertoy For Windows XP

CodeBaseOdbcStand

Coupon Printer for Windows

CR2

Critical Update for Windows Media Player 11 (KB959772)

Date Manager

Dell Digital Jukebox Driver

Dell Picture Studio - Dell Image Expert

Dell Solution Center

Dell Support Center

DellSupport

DeLorme Topo USA 7.0

DeLorme Topo USA 8.0

DigitalCam Pro

Documents To Go

DVD Suite

Easy CD Creator 5 Platinum

ESSAdpt

ESSANUP

ESSBrwr

ESSCAM

ESSCDBK

ESScore

ESSgui

ESShelp

ESSini

ESSPCD

ESSTUTOR

ESSvpaht

ESSvpot

ExplorerPlus 6.0

EZBack-it-up 2.0.1

Family Lawyer 2003

Family Lawyer Estate Planning Companion

FileCabinet Solution

FileCabinet Solution Print Driver

FL2003 Registration

Fun Web Products Easy Installer

Garmin Communicator Plugin

Garmin POI Loader

Garmin WebUpdater

Gutterball

Help and Support Customization

HiJackThis

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Hotfix for Windows Internet Explorer 7 (KB947864)

Hotfix for Windows Media Format 11 SDK (KB929399)

Hotfix for Windows Media Player 11 (KB939683)

Hotfix for Windows XP (KB2158563)

Hotfix for Windows XP (KB2443685)

Hotfix for Windows XP (KB952287)

Hotfix for Windows XP (KB954550-v5)

Hotfix for Windows XP (KB961118)

Hotfix for Windows XP (KB970653-v3)

Hotfix for Windows XP (KB976098-v2)

Hotfix for Windows XP (KB979306)

Hotfix for Windows XP (KB981793)

HP Deskjet 9800

HP Deskjet 9800 Series

HP Photo Printing

HTML Slideshow Powertoy for Windows XP

iHateSpam Outlook Edition

Image Resizer Powertoy for Windows XP

Intel® PRO Ethernet Adapter and Software

Intel® PROSet II

iPod for Windows 2005-10-12

iPod for Windows 2006-01-10

iRiver Manager

iTunes

KB408682

Kinoma Producer for Palm, Inc.

Kodak EasyShare software

KSU

Lernout & Hauspie TruVoice American English TTS Engine

Lexar Media Reader Products

LifeGlobe Goldfish Aquarium

LightScribe 1.4.124.1

LiveReg (Symantec Corporation)

LiveUpdate 3.0 (Symantec Corporation)

LMReaders

Lotus NotesSQL 3.01 driver

Lotus SmartSuite - English

Magic AAC to MP3 Converter 3.72

Magnifier Powertoy for Windows XP

Malwarebytes' Anti-Malware

MapSend DirectRoute North America

MGI Photovista 2.0 (Remove only)

MGI Photovista 3D Objects 1.0 (Remove only)

MGI VideoWave 4

MGI Virtual Tour Maker 1.0 (Remove only)

Microsoft .NET Framework (English)

Microsoft .NET Framework (English) v1.0.3705

Microsoft .NET Framework 1.0 Hotfix (KB928367)

Microsoft .NET Framework 1.1

Microsoft .NET Framework 1.1 Security Update (KB2416447)

Microsoft .NET Framework 1.1 Security Update (KB979906)

Microsoft .NET Framework 2.0 Service Pack 2

Microsoft .NET Framework 3.0 Service Pack 2

Microsoft .NET Framework 3.5 SP1

Microsoft Compression Client Pack 1.0 for Windows XP

Microsoft Data Access Components KB870669

Microsoft IntelliPoint 5.0

Microsoft Interactive Training

Microsoft Internationalized Domain Names Mitigation APIs

Microsoft Links 2001

Microsoft National Language Support Downlevel APIs

Microsoft Office XP Media Content

Microsoft Office XP Small Business

Microsoft Streets and Trips 2004

Microsoft User-Mode Driver Framework Feature Pack 1.0

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

MoodLogic

MovieEdit Task

MSN Music Assistant

MSXML 4.0 SP2 (KB927978)

MSXML 4.0 SP2 (KB936181)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MSXML 6 Service Pack 2 (KB954459)

Music Transfer

Musicmatch

Link to post
Share on other sites

  • 1 month later...
  • Staff

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.