Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Links being redirected and some removel programs prevented from running.


  • This topic is locked This topic is locked
2 replies to this topic

#1 sulla

sulla

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:06:46 AM

Posted 14 July 2009 - 04:33 PM

Hi all for the last day or so I have had a problem with links being redirected in google. One of the first things I did was run a complete scan with antivir and that found some things but did not fix the problem. I then downloaded malwarebytes and it would not even install until renamed and would not run until the link was renamed. It found several problems and fixed them. But a couple of hours later I started having the same problem. The only sites visited in that time where google or well known news sites etc.

I have read your Preparation Guide and here is the info it asks for.


DDS (Ver_09-06-26.01) - NTFSx86
Run by Patrick at 16:27:29.29 on Tue 07/14/2009
Internet Explorer: 7.0.5730.11 BrowserJavaVersion: 1.6.0_05
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.1440 [GMT -5:00]

AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {89D5DA74-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A135DDC-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A23862C-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A28427C-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A0203C4-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A2FB514-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A236A44-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {89F298A4-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A1ADD8C-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A276474-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A028B84-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A082964-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A2D8B74-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A2E3CDC-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A0BB3FC-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A312DDC-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {89FD19EC-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A31786C-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A087BE4-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {89EB95AC-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A12C554-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A411C04-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A194054-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A1678CC-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A0CD3E4-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {89E82324-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A0F094C-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A11E27C-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {89FF59EC-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning disabled* (Updated) {8A3D870C-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A2685C4-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A1D0DDC-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A0533A4-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {89E1E86C-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {89F1BBDC-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A03E8A4-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A14F324-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A21039C-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A0036B4-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {89C62C0C-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {89FCDDDC-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A260054-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A1E63AC-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A4CF3AC-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A19E77C-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A281DDC-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A29D6EC-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A474054-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A26BB24-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8984769C-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A20D5AC-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {89E81724-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A09F054-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A0CA72C-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {89FC8DDC-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {89C62A6C-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A247DDC-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A1C4744-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A06552C-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A00EDB4-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A0D7054-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A04139C-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A31BBAC-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A10E6EC-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A1DEDDC-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {89E7A4AC-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A19952C-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A43D494-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A49467C-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A2D2544-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A25C8F4-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A04CDDC-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {BADB0D00-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A394434-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A31CDDC-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A220DDC-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {89FDFDDC-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A2CCDDC-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {89FCBDDC-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A130BFC-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A26B81C-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A2B5B8C-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {89D22BFC-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning disabled* (Updated) {89B3566C-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A11B8CC-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A1A7DDC-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {89FF194C-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {89FEC91C-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {89C706FC-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A425DDC-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {89F423BC-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {89E6ABFC-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {89E7C754-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {89EF8B14-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A602800-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {89FA4DDC-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {89F2838C-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A0B7254-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A08E74C-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A01B39C-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {00000000-0000-0000-0000-000000000000}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A0A3DDC-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {89FE3944-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A26EBDC-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A2808A4-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A1366CC-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A4BF2B4-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {89407AA4-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A1A5DDC-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A30A25C-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A18AB74-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A11A714-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A2CEDDC-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {89E8AA64-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A0A6A14-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A095B84-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {89F7D8A4-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A0B38F4-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A189A44-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {89E703BC-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {89F66DB4-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {89F4C8A4-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A050A14-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {89CEC5FC-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A280DDC-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A2EC364-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A17B6C4-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A15853C-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A1389BC-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A0C2BAC-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A19F784-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A1EE7E4-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A2CD67C-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A03340C-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {0A603AA0-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A28CA14-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {89C8BDDC-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A18EC14-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A0BDB4C-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A152DDC-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir Desktop *On-access scanning disabled* (Outdated) {AD166499-45F9-482A-A743-FDD3350758C7}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A30A20C-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {89F83DDC-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A25D494-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {89FFA80C-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {89FC68BC-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A08C3E4-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning disabled* (Updated) {89FA47F4-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A3199EC-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A27CDB4-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A44D8B4-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A01673C-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A3C4BFC-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A1DB22C-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A279604-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {B58D3D50-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A25E57C-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {89891A24-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A04D94C-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A158DDC-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A09DA14-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A16C9EC-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A2865AC-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A24B96C-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A2A0DDC-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A1E657C-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A0E48CC-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A0D794C-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A28D40C-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {89F197E4-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {89FB1DDC-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A040BDC-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A3AA5BC-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A0A5DDC-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {89F1FC4C-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A078A14-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A1C8BDC-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A0D834C-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A24E9D4-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A27452C-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A4DEA1C-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {89E9583C-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A09187C-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A1A875C-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A33A0D4-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A008CEC-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A2088F4-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A27745C-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A2393C4-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A046644-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A1FE3A4-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A4716C4-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {89ED4C44-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A236964-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {89E505FC-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A1BF3BC-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A238A1C-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A19980C-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A045DDC-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A07EC1C-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {89C84DDC-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {89C7E33C-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A273DDC-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A0AA69C-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A2592AC-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A126A54-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A266DDC-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A337B64-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A0BD054-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A32AC1C-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {89FDDDDC-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {89BA35BC-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {89F519EC-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A25B054-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A07757C-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A16290C-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A2DEAC4-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8981C73C-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {89799DDC-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A1E654C-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A24DBFC-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A510374-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A0CC57C-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {89EDBA14-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8A1FC6C4-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {89FC14AC-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {89FFF69C-FFA4-00CC-0D24-347CA8A3377C}
FW: ZoneAlarm Firewall *disabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
svchost.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\DCPFLICS\DCPFLICS.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\Tablet.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Internet Explorer\Iexplore.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Free Download Manager\fdm.exe
C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\D-link AirPlus G DWL-G120 Wireless USB\120UTIL.exe
C:\Program Files\Trillian\trillian.exe
C:\WINDOWS\system32\PRISMSVR.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Patrick\Desktop\dds.scr

============== Pseudo HJT Report ===============

uSearch Bar = hxxp://www.google.com/ie
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uStart Page = hxxp://news.google.com/news?q=google&sourceid=ie7&rls=com.microsoft:en-US&ie=UTF-8&oe=utf8&um=1&sa=N&tab=wn
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: : {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: EWPBrowseObject Class: {68f9551e-0411-48e4-9aaf-4bc42a6a46be} - c:\program files\canon\easy-webprint\EWPBrowseLoader.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_05\bin\ssv.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\googletoolbar4.dll
BHO: AcroIEToolbarHelper Class: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\acrobat 6.0\acrobat\AcroIEFavClient.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\3.0.1225.9868\swg.dll
BHO: FDMIECookiesBHO Class: {cc59e0f9-7e43-44fa-9faa-8377850bf205} - c:\program files\free download manager\iefdm2.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 6.0\acrobat\AcroIEFavClient.dll
TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar4.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
TB: TextAloud: {f053c368-5458-45b2-9b4d-d8914bdddbff} - c:\progra~1\textal~1\TAForIE.dll
TB: Easy-WebPrint: {327c2873-e90d-4c37-aa9d-10ac9baba46c} - c:\program files\canon\easy-webprint\Toolband.dll
TB: Veoh Web Player Video Finder: {0fbb9689-d3d7-4f7a-a2e2-585b10099bfc} - c:\program files\veoh networks\veohwebplayer\VeohIEToolbar.dll
uRun: [Free Download Manager] "c:\program files\free download manager\fdm.exe" -autorun
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [VeohPlugin] "c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe"
uRun: [AdobeBridge]
mRun: [CanonMyPrinter] c:\program files\canon\myprinter\BJMyPrt.exe /logon
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [WinampAgent] "c:\program files\winamp\winampa.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [AdobeCS4ServiceManager] "c:\program files\common files\adobe\cs4servicemanager\CS4ServiceManager.exe" -launchedbylogin
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [ZoneAlarm Client] "c:\program files\zone labs\zonealarm\zlclient.exe"
StartupFolder: c:\docume~1\patrick\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
StartupFolder: c:\docume~1\patrick\startm~1\programs\startup\trillian.lnk - c:\program files\trillian\trillian.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\acroba~1.lnk - c:\program files\adobe\acrobat 6.0\distillr\acrotray.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adobeg~2.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\d-link~1.lnk - c:\program files\d-link airplus g dwl-g120 wireless usb\120UTIL.exe
uPolicies-explorer: ForceActiveDesktopOn = 0 (0x0)
IE: Download all with Free Download Manager - file://c:\program files\free download manager\dlall.htm
IE: Download selected with Free Download Manager - file://c:\program files\free download manager\dlselected.htm
IE: Download video with Free Download Manager - file://c:\program files\free download manager\dlfvideo.htm
IE: Download with Free Download Manager - file://c:\program files\free download manager\dllink.htm
IE: Easy-WebPrint Add To Print List - c:\program files\canon\easy-webprint\Toolband.dll/RC_AddToList.html
IE: Easy-WebPrint High Speed Print - c:\program files\canon\easy-webprint\Toolband.dll/RC_HSPrint.html
IE: Easy-WebPrint Preview - c:\program files\canon\easy-webprint\Toolband.dll/RC_Preview.html
IE: Easy-WebPrint Print - c:\program files\canon\easy-webprint\Toolband.dll/RC_Print.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {F47C1DB5-ED21-4dc1-853E-D1495792D4C5} - c:\program files\bodog poker\BPGame.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_04\bin\npjpi160_04.dll
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://a1540.g.akamai.net/7/1540/52/20061205/qtinstall.info.apple.com/qtactivex/qtplugin.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1151625637328
DPF: {84B93AC6-A7F2-4420-9FED-EE6735EA9C8D} - hxxp://video.vividas.com/CDN1/3929_Serenity/web/player/vivid_ocx.jpeg
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {C432C4BD-3566-411C-8F3C-E5E0D3AE5D33} - hxxp://www.streamingfaith.com/common/mbrowser/MINIBrowser.CAB
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CB50428B-657F-47DF-9B32-671F82AA73F7} - hxxp://www.photodex.com/pxplay.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab
DPF: {FFBB3F3B-0A5A-4106-BE53-DFE1E2340CB1} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.1.6.cab
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\patrick\applic~1\mozilla\firefox\profiles\j86djmrx.default\
FF - prefs.js: browser.startup.homepage - hxxp://news.google.com/nwshp?client=firefox-a&rls=org.mozilla:en-US:official&hl=en&tab=wn
FF - component: c:\program files\free download manager\firefox\extension\components\component.dll
FF - component: c:\program files\free download manager\firefox\extension\components\vmsfdmff.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdbplug.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdjvu.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npViewpoint_03050024.dll
FF - plugin: c:\program files\veoh networks\veohwebplayer\NPVeohTVPlugin.dll
FF - plugin: c:\program files\veoh networks\veohwebplayer\npWebPlayerVideoPluginATL.dll
FF - plugin: c:\program files\viewpoint\viewpoint media player\npViewpoint.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.cache_size", 51200);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.ogg.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.wave.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.autoplay.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess");
c:\program files\mozilla firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120);
c:\program files\mozilla firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("layout.css.dpi", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072);
c:\program files\mozilla firefox\greprefs\all.js - pref("geo.enabled", true);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35");
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json");

============= SERVICES / DRIVERS ===============

R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2009-7-13 11608]
R1 hwinterface;hwinterface;c:\windows\system32\drivers\hwinterface.sys [2008-4-19 3026]
R1 vsdatant;vsdatant;c:\windows\system32\vsdatant.sys [2005-6-22 353672]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2009-7-13 108289]
R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2009-7-13 185089]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2009-7-13 55640]
R2 vsmon;TrueVector Internet Monitor;c:\windows\system32\zonelabs\vsmon.exe -service --> c:\windows\system32\zonelabs\vsmon.exe -service [?]
R3 HCW848NT;Hauppauge Win/TV;c:\windows\system32\drivers\HCW848NT.sys [2009-2-15 140440]
S3 Ascvcamexmm;Ascvcamexmm; [x]
S3 Astddrvniri;Astddrvniri; [x]
S3 Hdaulirw;Hdaulirw; [x]
S3 Hscsuisp;Hscsuisp; [x]
S3 HSFHWCD2;HSFHWCD2;c:\windows\system32\drivers\HSFHWCD2.sys [2005-2-23 153984]
S3 Ipnstubwis;Ipnstubwis; [x]
S3 Msptacf;Msptacf; [x]
S3 Pdcorcsnff;Pdcorcsnff;c:\windows\system32\drivers\tsbvcap.sys [2001-8-17 21376]
S3 Spomgsrv;Spomgsrv; [x]
S4 Pdrf8xx;Pdrf8xx; [x]

=============== Created Last 30 ================

2009-07-14 16:13 1,221,512 a------- c:\windows\system32\zpeng25.dll
2009-07-14 15:42 <DIR> --d----- c:\windows\system32\scripting
2009-07-14 15:42 <DIR> --d----- c:\windows\l2schemas
2009-07-14 15:42 <DIR> --d----- c:\windows\system32\en
2009-07-14 15:42 <DIR> --d----- c:\windows\system32\bits
2009-07-14 15:40 <DIR> --d----- c:\windows\ServicePackFiles
2009-07-14 04:05 <DIR> --d----- c:\docume~1\patrick\applic~1\Malwarebytes
2009-07-14 04:03 <DIR> --d----- c:\program files\bam_remove
2009-07-14 03:58 38,160 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-07-14 03:58 19,096 a------- c:\windows\system32\drivers\mbam.sys
2009-07-14 03:58 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes
2009-07-14 03:58 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
2009-07-13 23:54 55,640 a------- c:\windows\system32\drivers\avgntflt.sys
2009-07-13 23:54 <DIR> --d----- c:\program files\Avira
2009-07-13 23:54 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Avira
2009-06-19 21:34 54,156 a---h--- c:\windows\QTFont.qfn
2009-06-19 21:34 1,409 a------- c:\windows\QTFont.for
2009-06-16 13:02 <DIR> --d----- c:\docume~1\alluse~1\applic~1\ALM

==================== Find3M ====================

2009-07-14 16:21 12,246 a------- c:\windows\system32\wacom.dat
2009-07-14 16:13 4,212 a---h--- c:\windows\system32\zllictbl.dat
2009-07-14 15:44 86,327 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat
2009-05-07 10:32 345,600 a------- c:\windows\system32\localspl.dll
2009-04-28 23:56 827,392 a------- c:\windows\system32\wininet.dll
2009-04-28 23:55 78,336 a------- c:\windows\system32\ieencode.dll
2009-04-17 07:26 1,847,168 a------- c:\windows\system32\win32k.sys
2008-07-20 18:04 87,608 a------- c:\docume~1\patrick\applic~1\inst.exe
2008-07-20 18:04 47,360 a------- c:\docume~1\patrick\applic~1\pcouffin.sys
2005-06-22 18:09 0 a------- c:\docume~1\patrick\applic~1\Install.dat
2005-04-07 22:59 868 a------- c:\program files\INSTALL.LOG
2004-12-01 18:34 716 a---h--- c:\docume~1\alluse~1\applic~1\pb7msys.dat
2006-07-26 13:48 56 ---shr-- c:\windows\system32\20AD88C50B.sys
2005-06-01 10:48 56 ---shr-- c:\windows\system32\5757B6A51D.sys
2006-07-26 13:48 12,208 a--sh--- c:\windows\system32\KGyGaAvL.sys

============= FINISH: 16:29:18.43 ===============




UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-06-26.01)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 10/31/2004 10:04:34 AM
System Uptime: 7/14/2009 4:20:46 PM (0 hours ago)

Motherboard: Intel Corporation | | D915PBL
Processor: IntelŪ PentiumŪ 4 CPU 3.40GHz | J2E1 | 3400/200mhz

==== Disk Partitions =========================

A: is Removable
C: is FIXED (NTFS) - 57 GiB total, 21.803 GiB free.
E: is CDROM ()
G: is FIXED (NTFS) - 233 GiB total, 34.205 GiB free.
H: is Removable
I: is Removable
J: is Removable
K: is Removable

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP1491: 7/13/2009 11:49:21 PM - Removed Ulead GIF Animator
RP1492: 7/13/2009 11:49:22 PM - Removed Toon Boom Studio 4.5
RP1493: 7/13/2009 11:49:24 PM - Removed Supreme Commander ™
RP1494: 7/13/2009 11:49:24 PM - Removed Google SketchUp 7
RP1495: 7/13/2009 11:49:24 PM - System Checkpoint
RP1496: 7/13/2009 11:49:25 PM - System Checkpoint
RP1497: 7/13/2009 11:49:25 PM - System Checkpoint
RP1498: 7/13/2009 11:49:25 PM - System Checkpoint
RP1499: 7/13/2009 11:49:25 PM - System Checkpoint
RP1500: 7/13/2009 11:49:25 PM - System Checkpoint
RP1501: 7/13/2009 11:49:26 PM - System Checkpoint
RP1502: 7/13/2009 11:49:26 PM - System Checkpoint
RP1503: 7/13/2009 11:49:26 PM - System Checkpoint
RP1504: 7/13/2009 11:49:26 PM - System Checkpoint
RP1505: 7/13/2009 11:49:27 PM - System Checkpoint
RP1506: 7/13/2009 11:49:27 PM - System Checkpoint
RP1507: 7/13/2009 11:49:27 PM - System Checkpoint
RP1508: 7/13/2009 11:49:28 PM - System Checkpoint
RP1509: 7/13/2009 11:49:28 PM - Software Distribution Service 3.0
RP1510: 7/13/2009 11:49:29 PM - System Checkpoint
RP1511: 7/13/2009 11:49:29 PM - System Checkpoint
RP1512: 7/13/2009 11:49:30 PM - System Checkpoint
RP1513: 7/13/2009 11:49:30 PM - System Checkpoint
RP1514: 7/13/2009 11:49:30 PM - System Checkpoint
RP1515: 7/13/2009 11:49:30 PM - System Checkpoint
RP1516: 7/13/2009 11:49:30 PM - System Checkpoint
RP1517: 7/13/2009 11:49:31 PM - System Checkpoint
RP1518: 7/13/2009 11:49:31 PM - System Checkpoint
RP1519: 7/13/2009 11:49:31 PM - System Checkpoint
RP1520: 7/13/2009 11:49:31 PM - System Checkpoint
RP1521: 7/13/2009 11:49:31 PM - System Checkpoint
RP1522: 7/13/2009 11:49:32 PM - System Checkpoint
RP1523: 7/13/2009 11:49:32 PM - System Checkpoint
RP1524: 7/13/2009 11:49:32 PM - System Checkpoint
RP1525: 7/13/2009 11:49:32 PM - System Checkpoint
RP1526: 7/13/2009 11:49:33 PM - System Checkpoint
RP1527: 7/13/2009 11:49:33 PM - System Checkpoint
RP1528: 7/13/2009 11:49:33 PM - System Checkpoint
RP1529: 7/13/2009 11:49:33 PM - System Checkpoint
RP1530: 7/13/2009 11:49:33 PM - System Checkpoint
RP1531: 7/13/2009 11:49:34 PM - System Checkpoint
RP1532: 7/13/2009 11:49:34 PM - System Checkpoint
RP1533: 7/13/2009 11:49:34 PM - System Checkpoint
RP1534: 7/13/2009 11:49:34 PM - System Checkpoint
RP1535: 7/13/2009 11:49:34 PM - Avira AntiVir Personal - 7/13/2009 23:42
RP1536: 7/14/2009 3:57:47 PM - Installed Windows XP WgaNotify.

==== Installed Programs ======================


==== Event Viewer Messages From Past Week ========

7/7/2009 12:45:41 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the TrueVector Internet Monitor service to connect.
7/7/2009 12:45:41 PM, error: Service Control Manager [7000] - The TrueVector Internet Monitor service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
7/7/2009 12:45:41 PM, error: Service Control Manager [7000] - The Spomgsrv service failed to start due to the following error: The system cannot find the path specified.
7/7/2009 12:45:41 PM, error: Service Control Manager [7000] - The Pdcorcsnff service failed to start due to the following error: The filename, directory name, or volume label syntax is incorrect.
7/7/2009 12:45:03 PM, error: HCW848NT [1] -
7/14/2009 9:14:19 AM, error: System Error [1003] - Error code 1000000a, parameter1 00000018, parameter2 00000002, parameter3 00000000, parameter4 8050f9fc.

==== End Of File ===========================

Attached Files


Edited by sulla, 14 July 2009 - 04:39 PM.


BC AdBot (Login to Remove)

 


#2 thcbytes

thcbytes

  • Malware Response Team
  • 14,790 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:46 AM

Posted 25 July 2009 - 07:39 AM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.

Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.

If you have already posted a DDS log, please do so again, as your situation may have changed.
Use the 'Add Reply' and add the new log to this thread.


Thanks and again sorry for the delay.

We need to see some information about what is happening in your machine. Please perform the following scan:
  • Download DDS by sUBs from one of the following links. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explaination about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE
Proud member - Unified Network of Instructors and Trained Eliminators
Posted Image

I do not accept personal donations for assistance provided. I would ask that you instead consider donating the greatest gift - Organ Donation. Your organs are of no use to you when your gone. You will save a life that would otherwise be lost!

http://donatelife.net/register-now/

#3 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 37,046 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:06:46 AM

Posted 03 August 2009 - 12:32 AM

Due to the lack of feedback, this Topic is now closed.

In case you still have problems, please send me a Private message to reopen this topic within the next 5 days. Beyond that point, please start a new topic.

Orange Blossom :thumbup2:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Internet Security, NoScript Firefox ext.


animinionsmalltext.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users