First, thanks so much to whoever is assisting me. I'm not exactly great with computers, so I hope I've followed the directions and posted this topic correctly. I sincerely apologize if I did not. I do not know the name of whatever is in my computer so I also apologize for not naming the Topic Title properly.
My Windows XP Professional computer is having the following issues:
-All ads on websites are replaced with false ads for "Vimax" male enhancement pills.
-PopUps appear on every website.
-Google search results pages automatically redirect to random pages seconds after completing search.
-Google search results links do not point to their intended websites.
-Ant-Virus/Spyware programs cannot update their databases.
-Cannot access some websites such as http://www.skydrive.live.com
I'm posting the HijackThis log and the DDS log.
-----------------------------------------------------
HijackThis
Logfile of Trend Micro HijackThis v2.0.2Scan saved at 7:05:30 PM, on 3/3/2009Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16705)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeE:\Program Files\Windows Defender\MsMpEng.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\netdde.exeE:\PROGRA~1\AVG\AVG8\avgwdsvc.exeC:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exeE:\PROGRA~1\AVG\AVG8\avgrsx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\wbem\wmiapsrv.exeC:\WINDOWS\System32\dmadmin.exeC:\WINDOWS\system32\Fast.exeC:\WINDOWS\system32\wscntfy.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\fast.exeE:\User Documents\Michael\Display\Currently Running Desktop Enhancement Applications\Taskix1.4_32\Taskix32.exeE:\Program Files\Zune\ZuneLauncher.exeE:\PROGRA~1\AVG\AVG8\avgtray.exeC:\WINDOWS\system32\winlogon.exeE:\Program Files\Zune\Zune.exeE:\Program Files\Mozilla Firefox\firefox.exeC:\WINDOWS\system32\NOTEPAD.EXEC:\WINDOWS\system32\NOTEPAD.EXEE:\User Documents\Michael\HiJackThis.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [url="http://go.microsoft.com/fwlink/?LinkId=54896"]http://go.microsoft.com/fwlink/?LinkId=54896[/url]R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [url="http://www.live.com/"]http://www.live.com/[/url]R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [url="http://go.microsoft.com/fwlink/?LinkId=69157"]http://go.microsoft.com/fwlink/?LinkId=69157[/url]R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [url="http://go.microsoft.com/fwlink/?LinkId=54896"]http://go.microsoft.com/fwlink/?LinkId=54896[/url]R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [url="http://go.microsoft.com/fwlink/?LinkId=54896"]http://go.microsoft.com/fwlink/?LinkId=54896[/url]R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [url="http://go.microsoft.com/fwlink/?LinkId=69157"]http://go.microsoft.com/fwlink/?LinkId=69157[/url]R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = [url="http://go.microsoft.com/fwlink/?LinkId=74005"]http://go.microsoft.com/fwlink/?LinkId=74005[/url]O2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - E:\Program Files\IEPro\iepro.dllO2 - BHO: StumbleUpon Launcher - {145B29F4-A56B-4b90-BBAC-45784EBEBBB7} - C:\Program Files\StumbleUpon\StumbleUponIEBar.dllO2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllO2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - E:\PROGRA~1\SPYBOT~1\SDHelper.dllO2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre6\bin\ssv.dllO2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Program Files\Java\jre6\bin\jp2ssv.dllO2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - E:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dllO3 - Toolbar: QT Breadcrumbs Address Bar - {af83e43c-dd2b-4787-826b-31b17dee52ed} - mscoree.dll (file missing)O3 - Toolbar: StumbleUpon Toolbar - {5093EB4C-3E93-40AB-9266-B607BA87BDC8} - C:\Program Files\StumbleUpon\StumbleUponIEBar.dllO3 - Toolbar: QT TabBar - {d2bf470e-ed1c-487f-a333-2bd8835eb6ce} - mscoree.dll (file missing)O3 - Toolbar: QT Tab Standard Buttons - {D2BF470E-ED1C-487F-A666-2BD8835EB6CE} - mscoree.dll (file missing)O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWndO4 - HKLM\..\Run: [FastUser] C:\WINDOWS\system32\fast.exeO4 - HKLM\..\Run: [Zune Launcher] "e:\Program Files\Zune\ZuneLauncher.exe"O4 - HKLM\..\Run: [QuickTime Task] "E:\Program Files\QuickTime\qttask.exe" -atboottimeO4 - HKLM\..\Run: [AVG8_TRAY] E:\PROGRA~1\AVG\AVG8\avgtray.exeO4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -kO4 - HKUS\S-1-5-21-1957994488-73586283-1417001333-1008\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Jason')O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] E:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] E:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'Default user')O8 - Extra context menu item: &ieSpell Options - res://E:\Program Files\ieSpell\iespell.dll/SPELLOPTION.HTMO8 - Extra context menu item: Check &Spelling - res://E:\Program Files\ieSpell\iespell.dll/SPELLCHECK.HTMO8 - Extra context menu item: Lookup on Merriam Webster - file://E:\Program Files\ieSpell\Merriam Webster.HTMO8 - Extra context menu item: Lookup on Wikipedia - file://E:\Program Files\ieSpell\wikipedia.HTMO8 - Extra context menu item: StumbleUpon PhotoBlog It! - res://StumbleUponIEBar.dll/blogimageO9 - Extra button: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - E:\Program Files\IEPro\iepro.dllO9 - Extra 'Tools' menuitem: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - E:\Program Files\IEPro\iepro.dllO9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - E:\Program Files\IEPro\iepro.dllO9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - E:\Program Files\IEPro\iepro.dllO9 - Extra button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - E:\Program Files\ieSpell\iespell.dllO9 - Extra 'Tools' menuitem: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - E:\Program Files\ieSpell\iespell.dllO9 - Extra button: (no name) - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - E:\Program Files\ieSpell\iespell.dllO9 - Extra 'Tools' menuitem: ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - E:\Program Files\ieSpell\iespell.dllO9 - Extra button: StumbleUpon - {75C9223A-409A-4795-A3CA-08DE6B075B4B} - C:\Program Files\StumbleUpon\StumbleUponIEBar.dllO9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLLO9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\PROGRA~1\SPYBOT~1\SDHelper.dllO9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\PROGRA~1\SPYBOT~1\SDHelper.dllO9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\system32\shdocvw.dllO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\system32\shdocvw.dllO15 - Trusted Zone: [url="http://www.crystalxp.net"]http://www.crystalxp.net[/url]O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - [url="http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab"]http://appldnld.apple.com.edgesuite.net/co...ex/qtplugin.cab[/url]O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} (Citrix ICA Client) - [url="http://a516.g.akamai.net/f/516/25175/7d/runaware.download.akamai.com/25175/citrix/wficat-no-eula.cab"]http://a516.g.akamai.net/f/516/25175/7d/ru...cat-no-eula.cab[/url]O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - [url="http://lads.myspace.com/upload/MySpaceUploader1006.cab"]http://lads.myspace.com/upload/MySpaceUploader1006.cab[/url]O16 - DPF: {4EFA317A-8569-4788-B175-5BAF9731A549} (Microsoft Virtual Server VMRC Advanced Control) - [url="http://www.windowsvistatestdrive.com/ActiveX/VMRCActiveXClient1.cab"]http://www.windowsvistatestdrive.com/Activ...iveXClient1.cab[/url]O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - [url="http://gfx2.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab"]http://gfx2.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab[/url]O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - [url="http://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1223257731109"]http://catalog.update.microsoft.com/v7/sit...b?1223257731109[/url]O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - [url="http://upload.facebook.com/controls/FacebookPhotoUploader3.cab"]http://upload.facebook.com/controls/Facebo...toUploader3.cab[/url]O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - [url="http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6662.cab"]http://cdn.scan.onecare.live.com/resource/...lscbase6662.cab[/url]O16 - DPF: {79E54B26-46B9-40EF-BFDC-0B1BB0D68897} - [url="http://www.piclens.com/shared/plinstll.cab"]http://www.piclens.com/shared/plinstll.cab[/url]O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - [url="http://cid-8493d227ede8e79b.spaces.live.com/PhotoUpload/MsnPUpld.cab"]http://cid-8493d227ede8e79b.spaces.live.co...ad/MsnPUpld.cab[/url]O16 - DPF: {C9386579-3C0F-4713-82C6-5BA8088C7C8D} (Windows Live SkyDrive Upload Tool) - [url="https://cid-8493d227ede8e79b.skydrive.live.com/Microsoft.Live.Folders.RichUpload.cab"]https://cid-8493d227ede8e79b.skydrive.live.....RichUpload.cab[/url]O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - [url="http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab"]http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab[/url]O17 - HKLM\System\CCS\Services\Tcpip\..\{BF0FDDB8-2BAD-464A-8077-571B3221C1A3}: NameServer = 208.67.220.220,208.67.222.222O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222 O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222 O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dllO23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exeO23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - E:\PROGRA~1\AVG\AVG8\avgwdsvc.exeO23 - Service: Intuit Update Service (IntuitUpdateService) - Intuit Inc. - C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe--End of file - 9955 bytes
DDS
DDS (Ver_09-02-01.01) - NTFSx86 Run by Mike at 18:48:08.01 on Tue 03/03/2009Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_11Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.959.294 [GMT -5:00]AV: AVG Anti-Virus Free *On-access scanning enabled* (Outdated)============== Running Processes ===============C:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeE:\Program Files\Windows Defender\MsMpEng.exeC:\WINDOWS\System32\svchost.exe -k netsvcsC:\WINDOWS\system32\svchost.exe -k WudfServiceGroupsvchost.exesvchost.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\netdde.exeE:\PROGRA~1\AVG\AVG8\avgwdsvc.exeC:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exeE:\PROGRA~1\AVG\AVG8\avgrsx.exeC:\WINDOWS\system32\svchost.exe -k imgsvcC:\WINDOWS\system32\wbem\wmiapsrv.exeC:\WINDOWS\System32\dmadmin.exeC:\WINDOWS\system32\Fast.exeC:\WINDOWS\system32\wscntfy.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\fast.exeE:\User Documents\Michael\Display\Currently Running Desktop Enhancement Applications\Taskix1.4_32\Taskix32.exeE:\Program Files\Zune\ZuneLauncher.exeE:\PROGRA~1\AVG\AVG8\avgtray.exeE:\Program Files\Zune\Zune.exeE:\Program Files\Mozilla Firefox\firefox.exeC:\WINDOWS\system32\NOTEPAD.EXEE:\User Documents\Michael\dds.scr============== Pseudo HJT Report ===============uStart Page = hxxp://www.live.com/BHO: IE7Pro BHO: {00011268-e188-40df-a514-835fcd78b1bf} - e:\program files\iepro\iepro.dllBHO: StumbleUpon Launcher: {145b29f4-a56b-4b90-bbac-45784ebebbb7} - c:\program files\stumbleupon\StumbleUponIEBar.dllBHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dllBHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No FileBHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - e:\progra~1\spybot~1\SDHelper.dllBHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - e:\program files\java\jre6\bin\ssv.dllBHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dllBHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - e:\program files\java\jre6\bin\jp2ssv.dllBHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - e:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dllTB: QT Breadcrumbs Address Bar: {af83e43c-dd2b-4787-826b-31b17dee52ed} - mscoree.dllTB: StumbleUpon Toolbar: {5093eb4c-3e93-40ab-9266-b607ba87bdc8} - c:\program files\stumbleupon\StumbleUponIEBar.dllTB: QT TabBar: {d2bf470e-ed1c-487f-a333-2bd8835eb6ce} - mscoree.dllTB: QT Tab Standard Buttons: {d2bf470e-ed1c-487f-a666-2bd8835eb6ce} - mscoree.dllTB: {DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} - No FileTB: {AEC32322-9D72-4C55-A108-33875F07BC03} - No FilemRun: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWndmRun: [FastUser] c:\windows\system32\fast.exemRun: [Taskix] e:\user documents\michael\display\currently running desktop enhancement applications\taskix1.4_32\Taskix32.exe startmRun: [Zune Launcher] "e:\program files\zune\ZuneLauncher.exe"mRun: [QuickTime Task] "e:\program files\quicktime\qttask.exe" -atboottimemRun: [AVG8_TRAY] e:\progra~1\avg\avg8\avgtray.exemRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -kdRun: [Picasa Media Detector] e:\program files\picasa2\PicasaMediaDetector.exeIE: &ieSpell Options - e:\program files\iespell\iespell.dll/SPELLOPTION.HTMIE: Check &Spelling - e:\program files\iespell\iespell.dll/SPELLCHECK.HTMIE: Lookup on Merriam Webster - file://e:\program files\iespell\Merriam Webster.HTMIE: Lookup on Wikipedia - file://e:\program files\iespell\wikipedia.HTMIE: StumbleUpon PhotoBlog It! - StumbleUponIEBar.dll/blogimageIE: {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - res://e:\program files\iespell\iespell.dll/SPELLCHECK.HTMIE: {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - res://e:\program files\iespell\iespell.dll/SPELLOPTION.HTMIE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exeIE: {FB5F1910-F110-11d2-BB9E-00C04F795683}IE: {000002a3-84fe-43f1-b958-f2c3ca804f1a} - {CD275D4E-791A-4993-9D4D-6A071EDD2709} - e:\program files\iepro\iepro.dllIE: {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - {B119EB0C-C021-46CF-85B0-34A760E0D5FE} - e:\program files\iepro\iepro.dllIE: {75C9223A-409A-4795-A3CA-08DE6B075B4B} - {145B29F4-A56B-4b90-BBAC-45784EBEBBB7} - c:\program files\stumbleupon\StumbleUponIEBar.dllIE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLLIE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - e:\progra~1\spybot~1\SDHelper.dllTrusted Zone: crystalxp.net\wwwDPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cabDPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://download.microsoft.com/download/e/4/9/e494c802-dd90-4c6b-a074-469358f075a6/OGAControl.cabDPF: {0DB074F0-617E-4EE9-912C-2965CF2AA5A4} - hxxp://download.microsoft.com/download/a/f/b/afba1967-2025-49da-8356-bc4132038945/VirtualEarth3D.cabDPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cabDPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cabDPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cabDPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} - hxxp://a516.g.akamai.net/f/516/25175/7d/runaware.download.akamai.com/25175/citrix/wficat-no-eula.cabDPF: {48DD0448-9209-4F81-9F6D-D83562940134} - hxxp://lads.myspace.com/upload/MySpaceUploader1006.cabDPF: {4EFA317A-8569-4788-B175-5BAF9731A549} - hxxp://www.windowsvistatestdrive.com/ActiveX/VMRCActiveXClient1.cabDPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://gfx2.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cabDPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} - hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1223257731109DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} - hxxp://upload.facebook.com/controls/FacebookPhotoUploader3.cabDPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6662.cabDPF: {79E54B26-46B9-40EF-BFDC-0B1BB0D68897} - hxxp://www.piclens.com/shared/plinstll.cabDPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} - hxxp://cid-8493d227ede8e79b.spaces.live.com/PhotoUpload/MsnPUpld.cabDPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cabDPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cabDPF: {C9386579-3C0F-4713-82C6-5BA8088C7C8D} - hxxps://cid-8493d227ede8e79b.skydrive.live.com/Microsoft.Live.Folders.RichUpload.cabDPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cabDPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cabDPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cabDPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cabDPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cabDPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cabDPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cabDPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cabTCP: NameServer = 208.67.220.220,208.67.222.222 TCP: {BF0FDDB8-2BAD-464A-8077-571B3221C1A3} = 208.67.220.220,208.67.222.222Handler: ms-its50 - {F8606A00-F5CF-11D1-B6BB-0000F80149F6} - c:\program files\common files\microsoft shared\information retrieval\itss50.dllNotify: AtiExtEvent - Ati2evxx.dllNotify: avgrsstarter - avgrsstx.dllSSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dllSEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - e:\progra~1\window~1\MpShHook.dllLSA: Notification Packages = scecli================= FIREFOX ===================FF - ProfilePath - c:\docume~1\mike\applic~1\mozilla\firefox\profiles\50naf5ex.default\FF - prefs.js: browser.startup.homepage - about:blankFF - component: e:\program files\mozilla firefox\components\iamfamous.dllFF - plugin: e:\program files\java\jre6\bin\new_plugin\npdeploytk.dllFF - plugin: e:\program files\java\jre6\bin\new_plugin\npjp2.dllFF - plugin: e:\program files\opera\program\plugins\npdsplay.dllFF - plugin: e:\program files\opera\program\plugins\nppl3260.dllFF - plugin: e:\program files\opera\program\plugins\nprpjplug.dllFF - plugin: e:\program files\opera\program\plugins\NPSWF32.dllFF - plugin: e:\program files\opera\program\plugins\npwmsdrm.dllFF - plugin: e:\program files\quicktime\plugins\npqtplugin.dllFF - plugin: e:\program files\quicktime\plugins\npqtplugin2.dllFF - plugin: e:\program files\quicktime\plugins\npqtplugin3.dllFF - plugin: e:\program files\quicktime\plugins\npqtplugin4.dllFF - plugin: e:\program files\quicktime\plugins\npqtplugin5.dllFF - plugin: e:\program files\quicktime\plugins\npqtplugin6.dllFF - plugin: e:\program files\quicktime\plugins\npqtplugin7.dllFF - plugin: e:\program files\real alternative\browser\plugins\nppl3260.dllFF - plugin: e:\program files\real alternative\browser\plugins\nprpjplug.dll============= SERVICES / DRIVERS ===============R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-2-6 325128]R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2009-2-6 27656]R1 CamdVideo32;CamdVideo32;c:\windows\system32\drivers\CamdVideo32.sys [2008-3-11 3768]R1 DrmRVideo32;DrmRVideo32;c:\windows\system32\drivers\DrmRVideo32.sys [2008-2-18 3768]R2 avg8wd;AVG Free8 WatchDog;e:\progra~1\avg\avg8\avgwdsvc.exe [2009-2-6 298264]R2 IntuitUpdateService;Intuit Update Service;c:\program files\common files\intuit\update service\IntuitUpdateService.exe [2008-10-10 13088]R2 WinDefend;Windows Defender;e:\program files\windows defender\MsMpEng.exe [2006-11-3 13592]R3 CamdDriverV32;CamdDriverV32;c:\windows\system32\drivers\CamdDriverV32.sys [2008-3-11 513152]R3 GETND5BV;VIA Velocity Family Gigabit Ethernet Adapter Driver;c:\windows\system32\drivers\getnd5bv.sys [2007-3-6 46080]S3 BANG;BANG;\??\c:\docume~1\mike\locals~1\temp\bang.sys --> c:\docume~1\mike\locals~1\temp\BANG.SYS [?]S3 DrmRDriverV32;DrmRDriverV32;c:\windows\system32\drivers\drmrdriverv32.sys --> c:\windows\system32\drivers\DrmRDriverV32.sys [?]S3 GETNDIS;VIA Networking Velocity Family Giga-bit Ethernet Adapter Driver;c:\windows\system32\drivers\getnd5b.sys [2004-1-29 44544]S3 pmxscan;Visioneer USB Kernel;c:\windows\system32\drivers\usbscan.sys [2008-12-19 15104]S4 SoundMovieServer;SoundMovieServer;c:\windows\system32\snmvtsvc.exe [2008-3-11 184320]=============== Created Last 30 ================2009-03-01 14:28 133,904 a------- c:\windows\system\MFCANS32.DLL2009-03-01 14:28 28,672 a------- c:\windows\system\CTL3D32.DLL2009-02-24 19:00 <DIR> --d----- c:\docume~1\mike\applic~1\IEPro2009-02-14 20:57 <DIR> --d----- c:\docume~1\mike\applic~1\GeoVid2009-02-14 20:55 <DIR> --d----- c:\program files\common files\GeoVid2009-02-14 20:55 <DIR> --d----- c:\docume~1\alluse~1\applic~1\GeoVid2009-02-14 20:55 1,047,552 a------- c:\windows\system32\mfc71u.dll2009-02-14 20:55 60,416 a------- c:\windows\system32\dsetup.dll2009-02-07 18:30 <DIR> --d----- c:\docume~1\mike\applic~1\Auslogics2009-02-06 17:49 <DIR> -cd-h--- C:\$AVG8.VAULT$2009-02-06 17:24 10,520 a------- c:\windows\system32\avgrsstx.dll2009-02-06 17:24 <DIR> --d----- c:\windows\system32\drivers\Avg2009-02-06 17:24 325,128 a------- c:\windows\system32\drivers\avgldx86.sys2009-02-06 17:24 <DIR> --d----- c:\program files\AVG==================== Find3M ====================2009-02-15 22:25 94,208 a------- c:\windows\DUMPf4e5.tmp2009-02-03 06:03 4,132 a------- c:\windows\system32\d3d9caps.dat2008-12-19 12:51 87,263 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat2008-12-05 16:15 410,984 a------- c:\windows\system32\deploytk.dll2001-11-23 11:08 712,704 ac------ c:\windows\inf\other\AUDIO3D.DLL1999-07-18 20:05 15,716 ac------ c:\windows\inf\i386\Pmxscan.sys2006-05-03 04:06 163,328 ---shr-- c:\windows\system32\flvDX.dll2007-02-21 05:47 31,232 ---shr-- c:\windows\system32\msfDX.dll2007-12-17 07:43 27,648 ---sh--- c:\windows\system32\Smab0.dll============= FINISH: 18:48:50.00 ===============