jake with problem

My broswer keeps changing when i click on site then i hit back a couple of times and it may go there. Then when i boot up it may take a half an hour then cant go nowhere fast it just freezes up and stays there for a long time. This is my first time need help please my hijack file is. not very good at explaining please bear with me please. i hope i did this right thank you


DDS (Ver_09-12-01.01) - NTFSx86 NETWORK
Run by Adam at 9:43:40.12 on Fri 12/25/2009
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_17
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.478 [GMT -5:00]

AV: Spyware Doctor with AntiVirus *On-access scanning enabled* (Updated) {D3C23B96-C9DC-477F-8EF1-69AF17A6EFF6}
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: avast! antivirus 4.8.1169 [VPS 091225-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Adam\My Documents\Downloads\HijackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Cobian Backup 9\Cobian.exe
C:\Program Files\Cobian Backup 9\cbInterface.exe
C:\Documents and Settings\Adam\My Documents\Downloads\dds.scr

============== Pseudo HJT Report ===============

uStart Page = www.google.com
uInternet Settings,ProxyOverride = *.local
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg9\avgssie.dll
BHO: Mediafour XPlay Explorer notifications: {4907c0ad-874d-44d9-b13e-7b0a4d8b9d3e} - c:\program files\mediafour\xplay 3\XPBHO.DLL
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.4.4525.1752\swg.dll
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar.dll
TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [avast!] c:\progra~1\alwils~1\avast4\ashDisp.exe
mRun: [MSConfig] c:\windows\pchealth\helpctr\binaries\MSCONFIG.EXE /auto
mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} - hxxp://download.mcafee.com/molbin/iss-loc/mcfscan/2,2,0,5835/mcfscan.cab
TCP: {42C7291D-E3D3-4FFD-86B5-B8C3F869B0C7} = 192.168.0.1,192.168.0.1
Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll
Handler: intu-help-qb1 - {9B0F96C7-2E4B-433e-ABF3-043BA1B54AE3} - c:\program files\intuit\quickbooks 2008\HelpAsyncPluggableProtocol.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg9\avgpp.dll
Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - c:\program files\common files\pure networks shared\platform\puresp4.dll
Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - c:\windows\system32\mscoree.dll
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll
Notify: AtiExtEvent - Ati2evxx.dll
Notify: avgrsstarter - avgrsstx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
mASetup: {61E3FE32-07B9-4563-A3E0-2DE2D620FE10} - c:\program files\pixiepack codec pack\InstallerHelper.exe

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\adam\applic~1\mozilla\firefox\profiles\6fjvey77.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - component: c:\documents and settings\adam\application data\mozilla\firefox\profiles\6fjvey77.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\components\bdqscan.dll
FF - component: c:\program files\avg\avg9\firefox\components\avgssff.dll
FF - plugin: c:\documents and settings\adam\application data\mozilla\firefox\profiles\6fjvey77.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
FF - plugin: c:\documents and settings\adam\application data\mozilla\firefox\profiles\6fjvey77.default\extensions\{e2883e8f-472f-4fb0-9522-ac9bf37916a7}\plugins\np_gp.dll
FF - plugin: c:\documents and settings\adam\local settings\application data\google\update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npCouponPrinter.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Internal security: No Registry Reference - c:\program files\mozilla firefox\extensions\{8CE11043-9A15-4207-A565-0C94C42D590D}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);

============= SERVICES / DRIVERS ===============

R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2009-12-2 207280]
R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-12-18 360584]
R2 aawservice;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\aawservice.exe [2008-5-12 611664]
S0 MDFSYSNT;MacDrive file system driver;c:\windows\system32\drivers\MDFSYSNT.SYS [2009-4-30 284416]
S0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2009-12-9 28552]
S1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-11-14 75856]
S1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-12-18 333192]
S1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2009-12-18 28424]
S1 CbFs;CbFs;c:\windows\system32\drivers\cbfs.sys [2009-9-11 136744]
S1 SASDIFSV;SASDIFSV;\??\c:\program files\superantispyware\sasdifsv.sys --> c:\program files\superantispyware\SASDIFSV.SYS [?]
S1 SASKUTIL;SASKUTIL;\??\c:\program files\superantispyware\saskutil.sys --> c:\program files\superantispyware\SASKUTIL.sys [?]
S2 a2free;a-squared Free Service;c:\program files\a-squared free\a2service.exe [2009-11-16 1858144]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-11-14 20560]
S2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast4\ashServ.exe [2009-11-14 144760]
S2 avg9wd;AVG Free WatchDog;c:\program files\avg\avg9\avgwdsvc.exe [2009-12-18 285392]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2009-12-15 135664]
S2 LinksysUpdater;Linksys Updater;c:\program files\linksys\linksys updater\bin\LinksysUpdater.exe [2008-11-13 204800]
S2 lxba_device;lxba_device;c:\windows\system32\lxbacoms.exe -service --> c:\windows\system32\lxbacoms.exe -service [?]
S2 M4iPodWPDService;M4iPodWPDService;c:\program files\common files\mediafour\ipod\M4iPodWPDService.exe [2009-7-6 208896]
S3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast4\ashMaiSv.exe [2009-11-14 247160]
S3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast4\ashWebSv.exe [2009-11-14 345464]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2007-11-6 34064]
S3 pbfilter;pbfilter;c:\program files\peerblock\pbfilter.sys [2009-10-8 14424]
S3 SASENUM;SASENUM;\??\c:\program files\superantispyware\sasenum.sys --> c:\program files\superantispyware\SASENUM.SYS [?]
S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\spyware doctor\pctsAuxs.exe [2009-12-2 359624]
S3 sdCoreService;PC Tools Security Service;c:\program files\spyware doctor\pctsSvc.exe [2009-12-2 1141712]

=============== Created Last 30 ================

2009-12-25 14:21:54 0 d-----w- c:\program files\Cobian Backup 9
2009-12-19 14:23:46 0 d-sh--w- C:\found.000
2009-12-19 01:50:55 0 d--h--w- C:\$AVG
2009-12-19 01:38:53 12464 ----a-w- c:\windows\system32\avgrsstx.dll
2009-12-19 01:38:51 360584 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2009-12-19 01:38:49 333192 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-12-19 01:38:47 0 d-----w- c:\windows\system32\drivers\Avg
2009-12-19 01:38:41 0 d-----w- c:\program files\AVG
2009-12-19 01:38:41 0 d-----w- c:\docume~1\alluse~1\applic~1\avg9
2009-12-18 11:13:59 0 d-----w- c:\windows\McAfee.com
2009-12-18 00:23:24 157712 ----a-w- c:\windows\system32\drivers\tmcomm.sys
2009-12-11 03:34:01 0 d-----w- c:\program files\trend micro
2009-12-10 08:48:51 0 d-----w- c:\documents and settings\adam\Pavark
2009-12-10 02:57:48 28552 ----a-w- c:\windows\system32\drivers\pavboot.sys
2009-12-10 02:55:39 0 d-----w- c:\program files\Panda Security
2009-12-10 02:42:31 0 d-----w- c:\windows\DED53B0BB67C4244AE6AD6FD3C28D1EF.TMP
2009-12-10 01:02:31 77312 ----a-w- c:\windows\system32\ztvunace26.dll
2009-12-10 01:02:31 75264 ----a-w- c:\windows\system32\unacev2.dll
2009-12-10 01:02:31 69632 ----a-w- c:\windows\system32\ztvcabinet.dll
2009-12-10 01:02:31 162304 ----a-w- c:\windows\system32\ztvunrar36.dll
2009-12-10 01:02:31 153088 ----a-w- c:\windows\system32\UNRAR3.dll
2009-12-10 01:02:29 0 d-----w- c:\program files\Trojan Remover
2009-12-10 01:02:29 0 d-----w- c:\docume~1\alluse~1\applic~1\Simply Super Software
2009-12-10 01:02:29 0 d-----w- c:\docume~1\adam\applic~1\Simply Super Software
2009-12-04 21:05:04 0 d-----w- c:\program files\Enigma Software Group
2009-12-04 02:31:18 0 d-----w- c:\program files\home plan software
2009-12-03 14:09:16 15064 ----a-w- c:\windows\system32\wuapi.dll.mui
2009-12-02 11:03:48 7387 ----a-w- c:\windows\system32\drivers\pctgntdi.cat
2009-12-02 11:03:48 233136 ----a-w- c:\windows\system32\drivers\pctgntdi.sys
2009-12-02 11:03:37 87784 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys
2009-12-02 11:03:37 7412 ----a-w- c:\windows\system32\drivers\PCTAppEvent.cat
2009-12-02 11:03:37 7383 ----a-w- c:\windows\system32\drivers\pctcore.cat
2009-12-02 11:03:37 207280 ----a-w- c:\windows\system32\drivers\PCTCore.sys
2009-12-02 11:03:30 7383 ----a-w- c:\windows\system32\drivers\pctplsg.cat
2009-12-02 11:03:30 70408 ----a-w- c:\windows\system32\drivers\pctplsg.sys
2009-12-02 11:03:22 0 d-----w- c:\program files\common files\PC Tools
2009-12-02 11:03:21 0 d-----w- c:\program files\Spyware Doctor
2009-12-02 11:03:21 0 d-----w- c:\docume~1\alluse~1\applic~1\PC Tools
2009-12-02 11:03:21 0 d-----w- c:\docume~1\adam\applic~1\PC Tools
2009-12-02 06:59:14 0 d-----w- c:\docume~1\adam\applic~1\QuickScan
2009-12-02 04:35:00 0 d-----w- c:\documents and settings\adam\TotalMovieConverter
2009-12-01 19:18:30 0 d-----w- c:\docume~1\adam\applic~1\Red Kawa
2009-12-01 19:07:41 0 d-----w- c:\program files\AviSynth 2.5
2009-12-01 18:00:56 0 d-----w- c:\docume~1\adam\applic~1\Softplicity
2009-12-01 10:03:29 0 d-----w- C:\ComboFix
2009-11-28 22:06:40 0 d-----w- c:\program files\OLYMPUS
2009-11-28 14:20:42 77312 ----a-w- c:\windows\MBR.exe
2009-11-28 14:20:42 260608 ----a-w- c:\windows\PEV.exe
2009-11-28 14:20:41 98816 ----a-w- c:\windows\sed.exe
2009-11-28 14:20:41 161792 ----a-w- c:\windows\SWREG.exe
2009-11-28 14:18:03 389120 ----a-w- c:\windows\system32\CF17123.exe

==================== Find3M ====================

2009-12-18 00:16:55 4534 ----a-w- c:\windows\system32\tmp.reg
2009-12-03 21:14:06 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-12-03 21:13:56 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-10-11 09:17:27 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-10-08 19:57:02 611328 ----a-w- c:\windows\system32\uiautomationcore.dll
2009-10-08 19:57:00 220160 ----a-w- c:\windows\system32\oleacc.dll
2009-10-08 19:56:56 20480 ----a-w- c:\windows\system32\oleaccrc.dll

============= FINISH: 9:43:49.75 ===============

Hi,

Welcome to Bleeping Computer. My name is m0le and I will be helping you with your log.

• Please subscribe to this topic, if you haven't already. You can subscribe by clicking the Options box to the right of your topic title and selecting Track This Topic.
  
  
• Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible.
  
  
• Please reply to this post so I know you are there.

The forum is busy and we need to have replies as soon as possible. If I haven't had a reply after 3 days I will bump the topic and if you do not reply by the following day after that then I will close the topic.

Once I receive a reply then I will return with your first instructions.

Thanks

Since this issue appears to be resolved ... this topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact me via pm with the address of the thread.

Everyone else please begin a New Topic.