Jump to content

Another Google Redirect Problem, IE Only


Recommended Posts

DDS information attached and pasted. Thank you.

.

DDS (Ver_2011-06-23.01) - NTFSx86

Internet Explorer: 9.0.8112.16421

Run by Sean at 17:35:32 on 2011-08-14

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.1944.901 [GMT -5:00]

.

AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}

FW: McAfee Firewall *Disabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\ibmpmsvc.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\atieclxx.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe

C:\Windows\system32\mfevtps.exe

C:\Program Files\Luttmann\vmcPlayIt\PlayItVideoServer.exe

C:\Windows\system32\rundll32.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskhost.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\svchost.exe -k bthsvcs

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files\iTunes\iTunesHelper.exe

C:\Windows\System32\igfxpers.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\igfxsrvc.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Zune\ZuneLauncher.exe

C:\Program Files\Synaptics\SynTP\SynTPLpr.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe

C:\Program Files\McAfee.com\Agent\mcagent.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Users\Sean\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe

C:\Users\Sean\AppData\Local\Programs\Google\MusicManager\MusicManager.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Windows\System32\rundll32.exe

C:\Program Files\OpenOffice.org 3\program\soffice.exe

C:\Program Files\OpenOffice.org 3\program\soffice.bin

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\Common Files\McAfee\Core\mchost.exe

C:\Program Files\Windows Live\Mail\wlmail.exe

C:\Program Files\Windows Live\Contacts\wlcomm.exe

C:\Windows\system32\rundll32.exe

C:\Users\Sean\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Sean\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Sean\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Sean\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\conhost.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com/

uInternet Settings,ProxyOverride = *.local

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll

BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\common files\mcafee\systemcore\ScriptSn.20110813010005.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.5.5126.1836\swg.dll

BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

TB: MP3Bar: {f6bd6330-76f8-44d9-b775-87614e2d8374} - c:\program files\fiesta download manager\mp3bar.dll

TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll

uRun: [sansaDispatch] c:\users\sean\appdata\roaming\sandisk\sansa updater\SansaDispatch.exe

uRun: [Google Update] "c:\users\sean\appdata\local\google\update\GoogleUpdate.exe" /c

uRun: [MusicManager] "c:\users\sean\appdata\local\programs\google\musicmanager\MusicManager.exe"

uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background

uRun: [ienetnt5] rundll32.exe "c:\users\sean\appdata\local\tcpuser3xx\ienetnt5.dll",WinWebOffice mciMapppm

mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 10.0\reader\Reader_sl.exe"

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [igfxTray] c:\windows\system32\igfxtray.exe

mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe

mRun: [Persistence] c:\windows\system32\igfxpers.exe

mRun: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe

mRun: [Zune Launcher] "c:\program files\zune\ZuneLauncher.exe"

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [RIMBBLaunchAgent.exe] c:\program files\common files\research in motion\usb drivers\RIMBBLaunchAgent.exe

mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray

mRun: [mcui_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey

mRun: [TrojanScanner] c:\program files\trojan remover\Trjscan.exe /boot

StartupFolder: c:\users\sean\appdata\roaming\micros~1\windows\startm~1\programs\startup\openof~1.lnk - c:\program files\openoffice.org 3\program\quickstart.exe

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: &MP3Bar - c:\program files\fiesta download manager\mp3bar.dll/MENUSEARCH.HTM

IE: {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - c:\program files\paltalk messenger\Paltalk.exe

DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab

DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

TCP: DhcpNameServer = 10.1.1.1

TCP: Interfaces\{5F15A5AC-3E58-45AC-9E72-2AEAEF484463} : DhcpNameServer = 10.1.1.1

TCP: Interfaces\{CF9849A8-4CBA-47EC-A50D-60B175FA4C72} : DhcpNameServer = 172.16.64.215 172.16.64.215

TCP: Interfaces\{D48E1A52-1DEC-4D92-ABCD-8504A3A4FE7A} : DhcpNameServer = 10.1.1.1

TCP: Interfaces\{D48E1A52-1DEC-4D92-ABCD-8504A3A4FE7A}\47970786F6F6E6 : DhcpNameServer = 10.1.1.1

TCP: Interfaces\{D48E1A52-1DEC-4D92-ABCD-8504A3A4FE7A}\E47514843534 : DhcpNameServer = 10.1.1.1

Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll

Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll

Notify: igfxcui - igfxdev.dll

.

============= SERVICES / DRIVERS ===============

.

R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2011-3-13 459728]

R0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2011-8-13 165032]

R1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\drivers\mfenlfk.sys [2011-8-13 64584]

R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-13 48128]

R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-8-18 172032]

R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-8-12 366640]

R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2011-8-13 271480]

R2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2011-8-13 271480]

R2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2011-8-13 271480]

R2 McProxy;McAfee Proxy Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2011-8-13 271480]

R2 McShield;McShield;c:\program files\common files\mcafee\systemcore\mcshield.exe [2011-8-13 171168]

R2 mfefire;McAfee Firewall Core Service;c:\program files\common files\mcafee\systemcore\mfefire.exe [2011-8-13 188136]

R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2011-8-13 148520]

R2 PlayItVideoServer;PlayIt Video Server Manager;c:\program files\luttmann\vmcplayit\PlayItVideoServer.exe [2010-6-12 96768]

R3 amdkmdag;amdkmdag;c:\windows\system32\drivers\atipmdag.sys [2009-8-24 5073920]

R3 amdkmdap;amdkmdap;c:\windows\system32\drivers\atikmpag.sys [2009-8-24 106496]

R3 ATSwpWDF;AuthenTec TruePrint USB WBF WDF Driver;c:\windows\system32\drivers\ATSwpWDF.sys [2009-12-3 625224]

R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2010-4-14 45736]

R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2011-8-13 56064]

R3 e1yexpress;Intel® Gigabit Network Connections Driver;c:\windows\system32\drivers\e1y6032.sys [2008-8-22 225408]

R3 intelkmd;intelkmd;c:\windows\system32\drivers\igdpmd32.sys [2009-9-22 5946368]

R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\drivers\ManyCam.sys [2008-1-14 21632]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-8-12 22712]

R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2011-8-13 153280]

R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2011-8-13 314088]

R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\drivers\VSTAZL3.SYS [2009-7-13 207360]

R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-13 980992]

R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\drivers\VSTCNXT3.SYS [2009-7-13 661504]

R3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\drivers\WSDPrint.sys [2009-7-13 17920]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-7-22 136176]

S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]

S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-7-22 136176]

S3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2011-8-13 52320]

S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2011-8-13 84488]

S3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\drivers\netaapl.sys [2010-4-19 18432]

S3 NETw5s32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 32 Bit;c:\windows\system32\drivers\NETw5s32.sys [2009-9-15 6114816]

S3 netw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\netw5v32.sys [2009-6-10 4231168]

S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-7-1 52224]

S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2011-5-4 1343400]

S3 WMZuneComm;Zune Windows Mobile Connectivity Service;c:\program files\zune\WMZuneComm.exe [2010-11-11 268528]

.

=============== Created Last 30 ================

.

2011-08-14 21:15:27 -------- d-----w- c:\users\sean\appdata\local\{A933A686-647C-4635-99AB-A79B862AFAA6}

2011-08-14 21:15:15 -------- d-----w- c:\users\sean\appdata\local\{14EF090C-640E-43F3-8D61-42E355794B80}

2011-08-14 07:44:01 -------- d-----w- c:\windows\Standalone System Sweeper

2011-08-13 18:03:58 -------- d-s---w- C:\ComboFix

2011-08-13 18:02:59 -------- d-----w- c:\users\sean\appdata\local\{6ABFFF57-37A6-43B9-A698-0D8BBE04C17C}

2011-08-13 18:02:39 -------- d-----w- c:\users\sean\appdata\local\{DEE3A22B-8899-437E-9E0C-8ED3C1839798}

2011-08-13 17:50:54 77312 ----a-w- c:\windows\system32\ztvunace26.dll

2011-08-13 17:50:54 75264 ----a-w- c:\windows\system32\unacev2.dll

2011-08-13 17:50:54 69632 ----a-w- c:\windows\system32\ztvcabinet.dll

2011-08-13 17:50:54 162304 ----a-w- c:\windows\system32\ztvunrar36.dll

2011-08-13 17:50:54 153088 ----a-w- c:\windows\system32\UNRAR3.dll

2011-08-13 17:50:52 -------- d-----w- c:\users\sean\appdata\roaming\Simply Super Software

2011-08-13 17:50:52 -------- d-----w- c:\programdata\Simply Super Software

2011-08-13 17:50:52 -------- d-----w- c:\program files\Trojan Remover

2011-08-13 06:00:03 9344 ----a-w- c:\windows\system32\drivers\mfeclnk.sys

2011-08-13 05:59:01 84488 ----a-w- c:\windows\system32\drivers\mferkdet.sys

2011-08-13 05:59:01 64584 ----a-w- c:\windows\system32\drivers\mfenlfk.sys

2011-08-13 05:59:01 56064 ----a-w- c:\windows\system32\drivers\cfwids.sys

2011-08-13 05:59:01 52320 ----a-w- c:\windows\system32\drivers\mfebopk.sys

2011-08-13 05:59:01 314088 ----a-w- c:\windows\system32\drivers\mfefirek.sys

2011-08-13 05:59:01 165032 ----a-w- c:\windows\system32\drivers\mfewfpk.sys

2011-08-13 05:59:01 153280 ----a-w- c:\windows\system32\drivers\mfeavfk.sys

2011-08-13 05:58:48 -------- d-----w- c:\program files\common files\Mcafee

2011-08-13 05:58:47 -------- d-----w- c:\program files\McAfee.com

2011-08-13 05:58:44 -------- d-----w- c:\program files\McAfee

2011-08-13 05:58:33 148520 ----a-w- c:\windows\system32\mfevtps.exe

2011-08-12 22:44:35 388096 ----a-r- c:\users\sean\appdata\roaming\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe

2011-08-12 22:44:31 -------- d-----w- c:\program files\Trend Micro

2011-08-12 22:25:36 -------- d-----w- c:\users\sean\appdata\local\{61260269-A250-4FD1-8BB2-AEF3A1414A2E}

2011-08-12 22:25:19 -------- d-----w- c:\users\sean\appdata\local\{A48E6A20-6FC8-4CF7-BAF8-41F2BC254084}

2011-08-12 22:06:10 -------- d-----w- c:\users\sean\appdata\roaming\Malwarebytes

2011-08-12 22:05:46 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2011-08-12 22:05:45 -------- d-----w- c:\programdata\Malwarebytes

2011-08-12 22:05:42 22712 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-08-12 22:05:42 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2011-08-12 17:34:04 7071056 ----a-w- c:\programdata\microsoft\windows defender\definition updates\backup\mpengine.dll

2011-08-12 17:33:56 6881616 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{0c0424fa-36fd-4837-a2f5-3a694ea7b0ac}\mpengine.dll

2011-08-12 07:06:02 -------- d-----w- c:\users\sean\appdata\local\{588BF34C-D239-41DE-A393-4186D97D5A34}

2011-08-12 07:05:49 -------- d-----w- c:\users\sean\appdata\local\{3BB068B3-40FA-490C-A34E-DC8E7C9F1962}

2011-08-11 17:08:46 -------- d-----w- c:\users\sean\appdata\local\{D83C358F-2597-4B6C-989C-DCA0FDBDB7C4}

2011-08-11 17:08:33 -------- d-----w- c:\users\sean\appdata\local\{439B8418-40DD-4B72-A6AF-F1245E398231}

2011-08-11 02:29:12 -------- d-----w- c:\users\sean\appdata\local\tcpUser3xx

2011-08-10 20:13:40 -------- d-----w- c:\users\sean\appdata\local\{8A3A768D-3245-4F67-B103-E8BC2B2D86F4}

2011-08-10 20:13:27 -------- d-----w- c:\users\sean\appdata\local\{C63B4E36-E1CA-4458-9137-5C1E011C90CD}

2011-08-10 12:19:27 -------- d-----w- c:\programdata\MyChannelLogos

2011-08-10 12:19:27 -------- d-----w- c:\program files\My Channel Logos

2011-08-10 08:10:45 -------- d-----w- c:\users\sean\appdata\local\{2EB822E5-3ADB-4570-B952-332153705A59}

2011-08-10 08:10:30 -------- d-----w- c:\users\sean\appdata\local\{E3E761D6-7A51-459A-875A-931013E3F254}

2011-08-09 23:16:01 3912576 ----a-w- c:\windows\system32\ntoskrnl.exe

2011-08-09 23:16:00 3967872 ----a-w- c:\windows\system32\ntkrnlpa.exe

2011-08-09 20:07:59 -------- d-----w- c:\users\sean\appdata\local\{7E064216-A6E1-48BF-BE78-B199162A774C}

2011-08-09 20:07:47 -------- d-----w- c:\users\sean\appdata\local\{995002A2-AAC8-4713-AF99-2E0C9CE60FCC}

2011-08-09 05:32:02 -------- d-----w- c:\users\sean\appdata\local\{DEA7DC28-8710-40F4-9E1A-C615495EB1C0}

2011-08-09 05:31:31 -------- d-----w- c:\users\sean\appdata\local\{D5B5D704-0AA0-4B78-B10E-D40EC34CD7BB}

2011-08-08 15:54:19 -------- d-----w- c:\users\sean\appdata\local\{09FBC10F-4A37-467C-A184-52410286BB48}

2011-08-08 15:54:07 -------- d-----w- c:\users\sean\appdata\local\{DB05EA4B-56EA-4141-BAB2-A32E2E0CBD48}

2011-08-07 20:31:02 -------- d-----w- c:\users\sean\appdata\local\{9630BEDE-FDE0-4004-9F23-F5729838B025}

2011-08-07 20:30:50 -------- d-----w- c:\users\sean\appdata\local\{3659DD3F-FC4E-4452-9B6B-91338D749AA1}

2011-08-07 06:43:40 -------- d-----w- c:\program files\Defraggler

2011-08-07 06:38:42 -------- d-----w- c:\program files\CamStudio

2011-08-07 06:32:59 -------- d-----w- c:\program files\CamStudio 2.6b

2011-08-07 06:29:26 85504 ----a-w- c:\windows\system32\ff_vfw.dll

2011-08-07 06:29:25 -------- d-----w- c:\program files\ffdshow

2011-08-07 05:51:48 -------- d-----w- c:\users\sean\appdata\local\{D16A73A9-CE68-419F-8240-C1E5DE06E7E4}

2011-08-07 05:51:35 -------- d-----w- c:\users\sean\appdata\local\{BD655117-06CC-4E97-8480-15E1C4BE742A}

2011-08-06 18:26:56 -------- d-----w- c:\windows\system32\SPReview

2011-08-06 18:25:32 -------- d-----w- c:\windows\system32\EventProviders

2011-08-06 17:51:08 -------- d-----w- c:\users\sean\appdata\local\{8B73C5CC-8B0B-4A4B-99F3-B672867BD3E2}

2011-08-06 17:50:56 -------- d-----w- c:\users\sean\appdata\local\{6A57D0C0-424A-4B72-952F-C676BCAD89ED}

2011-08-06 05:50:22 -------- d-----w- c:\users\sean\appdata\local\{481BAC96-56CE-4105-BB9C-4DBDFF1B50A3}

2011-08-06 05:50:10 -------- d-----w- c:\users\sean\appdata\local\{21364B8C-737E-41E2-AD05-373C9BD6492C}

2011-08-06 05:49:52 -------- d-----w- c:\users\sean\Tracing

2011-08-06 05:37:54 18328 ----a-w- c:\programdata\microsoft\identitycrl\production\ppcrlconfig600.dll

2011-08-05 17:35:11 -------- d-----w- c:\users\sean\appdata\local\{3811FDF8-2FCA-43F5-8078-FAC62201B007}

2011-08-05 17:34:53 -------- d-----w- c:\users\sean\appdata\local\{CF195149-1716-4529-A07A-BA46B37F7D80}

2011-08-05 07:44:50 -------- d-----r- c:\program files\Skype

2011-08-04 09:34:00 -------- d-----w- c:\users\sean\appdata\local\{01CE82C9-63A1-47BC-B68F-9DA3FB2BCDBA}

2011-08-04 09:33:19 -------- d-----w- c:\users\sean\appdata\local\{DA3CD545-64BC-4CC4-9D54-914A4EEE9313}

2011-08-03 18:48:03 -------- d-----w- c:\users\sean\appdata\local\{48E7C5E3-0579-4D22-BDD0-A84A4454ACCB}

2011-08-03 06:47:38 -------- d-----w- c:\users\sean\appdata\local\{0B27CE81-DEFC-4B98-A80B-5D5F5CC1E84A}

2011-08-03 01:26:56 737072 ----a-w- c:\programdata\microsoft\ehome\packages\sportsv2\sportstemplatecore\Microsoft.MediaCenter.Sports.UI.dll

2011-08-03 01:26:40 4283672 ----a-w- c:\programdata\microsoft\ehome\packages\mceclientux\updateablemarkup\markup.dll

2011-08-03 01:26:22 42776 ----a-w- c:\programdata\microsoft\ehome\packages\mceclientux\dsm\StartResources.dll

2011-08-03 01:26:18 539968 ----a-w- c:\programdata\microsoft\ehome\packages\mcespotlight\mcespotlight\SpotlightResources.dll

2011-08-03 01:25:19 -------- d-----w- c:\users\sean\appdata\local\vmcPlayIt_Data

2011-08-03 01:25:17 -------- d-----w- c:\programdata\vmcPlayIt_Data

2011-08-03 01:13:28 -------- d-----w- c:\program files\Luttmann

2011-08-02 18:47:13 -------- d-----w- c:\users\sean\appdata\local\{49B899AB-607D-4E8C-9A86-93A1771208FC}

2011-08-01 21:08:10 -------- d-----w- c:\users\sean\appdata\local\{14EB2BD0-4069-4E8F-982C-8E6BC164F551}

2011-08-01 04:10:33 -------- d-----w- c:\users\sean\appdata\local\{CB422F94-93D3-428F-A52A-52C963E7FD53}

2011-07-30 18:42:53 -------- d-----w- c:\users\sean\appdata\local\{32ADA6CF-47CC-4B51-91AF-F48790BD36FE}

2011-07-30 05:12:03 -------- d-----w- c:\users\sean\appdata\local\{6D1DAD08-5240-4934-A518-1BC06DA10C35}

2011-07-29 17:11:36 -------- d-----w- c:\users\sean\appdata\local\{86C00C87-4E39-4A6B-9FF3-005C8D900436}

2011-07-28 22:35:23 -------- d-----w- c:\users\sean\appdata\local\{0012FC88-DA8A-434D-BEF6-CFB80F8893C0}

2011-07-28 06:15:18 -------- d-----w- c:\users\sean\appdata\local\{BCB89164-6933-43EC-9E68-88044938DDA7}

2011-07-27 18:14:53 -------- d-----w- c:\users\sean\appdata\local\{379F8FEB-49EE-4A86-B978-00666189A770}

2011-07-27 06:14:28 -------- d-----w- c:\users\sean\appdata\local\{42E82525-0541-45EE-815F-8FFB00305BD7}

2011-07-26 18:14:16 -------- d-----w- c:\users\sean\appdata\local\{23F2B9A5-E4D7-4561-A8F1-4B6EB630C2F1}

2011-07-26 01:48:39 -------- d-----w- c:\users\sean\appdata\local\{24F0CC3D-0554-4F43-A59F-665924878051}

2011-07-25 08:02:18 -------- d-----w- c:\users\sean\appdata\local\{38A749FB-6348-4229-8CCA-6C9966CA6B5D}

2011-07-25 05:28:03 -------- d-----w- c:\users\sean\appdata\local\WMTools Downloaded Files

2011-07-25 05:27:21 -------- d-----w- c:\program files\Movie Maker 2.6

2011-07-24 20:01:53 -------- d-----w- c:\users\sean\appdata\local\{2B265641-16D2-4145-94C2-30D70A87C435}

2011-07-23 17:03:32 -------- d-----w- c:\users\sean\appdata\local\{7D2C386A-12A9-49A0-B401-49881D1F559A}

2011-07-23 02:45:54 -------- d-----w- c:\program files\Chat loop

2011-07-22 20:49:28 -------- d-----w- c:\users\sean\appdata\local\{A0DB1D78-9601-4C8E-83A5-82421B5ABD07}

2011-07-22 09:52:15 -------- d-----w- c:\users\sean\appdata\local\{0BD196A7-B3EE-411F-A046-454D4E0CA13B}

2011-07-21 18:38:33 -------- d-----w- c:\users\sean\appdata\local\{09C07441-B269-4214-9FF6-4247EBDFCCDC}

2011-07-20 19:06:41 -------- d-----w- c:\users\sean\appdata\local\{1725824F-5243-4424-AD0D-0917AEAD8575}

2011-07-20 05:52:39 -------- d-----w- c:\users\sean\appdata\local\{5D03085C-4FF4-47AE-AB21-52C356A51660}

2011-07-19 17:52:14 -------- d-----w- c:\users\sean\appdata\local\{27CFA612-A6B8-415D-805E-889BB07017CC}

2011-07-19 04:24:02 -------- d-----w- c:\users\sean\appdata\local\ManyCam

2011-07-19 04:24:00 -------- d-----w- c:\users\sean\appdata\roaming\ManyCam

2011-07-19 04:23:10 -------- d-----w- c:\program files\ManyCam

2011-07-19 03:49:54 152848 ----a-w- c:\windows\system32\COMDLG32.OCX

2011-07-19 03:49:54 1081616 ----a-w- c:\windows\system32\MSCOMCTL.OCX

2011-07-19 03:49:52 -------- d-----w- c:\program files\common files\fwc

2011-07-19 03:49:51 -------- d-----w- c:\program files\Fake Webcam

2011-07-18 23:03:41 -------- d-----w- c:\users\sean\appdata\local\{DCA0F095-E433-4001-B1A2-08980A308BE8}

2011-07-17 18:46:41 -------- d-----w- c:\users\sean\appdata\local\{B424B13C-9BAF-4E6A-9A08-1CB592077C5B}

2011-07-17 04:49:08 -------- d-----w- c:\users\sean\appdata\local\{157D8B9E-F296-42DB-BDBB-B621DACFF95B}

2011-07-16 16:48:42 -------- d-----w- c:\users\sean\appdata\local\{8D5CBFC3-1067-4B3D-9DCF-569BC8FD6D52}

.

==================== Find3M ====================

.

2011-08-06 18:35:56 152576 ----a-w- c:\windows\system32\msclmd.dll

2011-07-23 00:48:09 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-07-22 02:54:43 1797632 ----a-w- c:\windows\system32\jscript9.dll

2011-07-22 02:48:26 1126912 ----a-w- c:\windows\system32\wininet.dll

2011-07-22 02:44:36 2382848 ----a-w- c:\windows\system32\mshtml.tlb

2011-07-16 04:27:30 290816 ----a-w- c:\windows\system32\KernelBase.dll

2011-07-16 02:17:19 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll

2011-07-16 02:17:19 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll

2011-07-16 02:17:19 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll

2011-07-16 02:17:19 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll

2011-07-09 02:30:00 223744 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys

2011-06-24 04:27:01 169984 ----a-w- c:\windows\system32\winsrv.dll

2011-06-24 04:22:20 271360 ----a-w- c:\windows\system32\conhost.exe

2011-06-21 05:34:23 1290624 ----a-w- c:\windows\system32\drivers\tcpip.sys

2011-06-15 08:55:19 86016 ----a-w- c:\windows\system32\odbccu32.dll

2011-06-15 08:55:19 81920 ----a-w- c:\windows\system32\odbccr32.dll

2011-06-15 08:55:19 319488 ----a-w- c:\windows\system32\odbcjt32.dll

2011-06-15 08:55:19 163840 ----a-w- c:\windows\system32\odbctrac.dll

2011-06-15 08:55:19 122880 ----a-w- c:\windows\system32\odbccp32.dll

2011-06-11 02:29:25 2334208 ----a-w- c:\windows\system32\win32k.sys

2011-06-10 01:58:58 472808 ----a-w- c:\windows\system32\deployJava1.dll

2011-05-25 00:14:10 222080 ------w- c:\windows\system32\MpSigStub.exe

2011-05-24 10:44:59 293376 ----a-w- c:\windows\system32\umpnpmgr.dll

2011-05-19 15:54:28 507904 ----a-r- c:\windows\system32\btwapi.dll

.

============= FINISH: 17:37:52.86 ===============

Link to post
Share on other sites

  • Staff

Hi and welcome to Malwarebytes.

Please update MBAM, run a Quick Scan, and post its log.

Next, please visit this webpage for instructions for running ComboFix:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

  • When the tool is finished, it will produce a report for you.
  • Please post the C:\ComboFix.txt along with a new DDS log so we may continue cleaning the system.

-screen317

Link to post
Share on other sites

  • 3 weeks later...
  • 3 weeks later...
  • Staff

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.