Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google Redirected


  • Please log in to reply
1 reply to this topic

#1 Mike H.

Mike H.

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:12:43 PM

Posted 02 April 2012 - 08:51 PM

Was searching for data on a local busines yesterday and opened what I thought was a business directory ( ~alibjab) (?). It seemed funny and I tried to logout quickly but was captured.

I have scanned with:
Malwarebytes
CCleaner
Spybot
AVG2012 & Antirootkit
Norton TDSSKiller

/////////////////////////////////////////////////////////////////////////

04/03/12

Good Morning boopme,

Yes, I'm using Firefox but on a stand alone home desktop. Here is the file from minitoolbox along with the DDS, Attach and Ark files.


MiniToolBox by Farbar Version: 18-01-2012
Ran by HP_Owner (administrator) on 02-04-2012 at 22:24:35
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================
Windows IP ConfigurationSuccessfully flushed the DNS Resolver Cache.
========================= IE Proxy Settings: ==============================

Proxy is not enabled.
ProxyServer: proxy:8080

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================


93.113.196.118 www.google.com
93.113.196.119 www.bing.com


========================= IP Configuration: ================================

Realtek RTL8139/810x Family Fast Ethernet NIC = Local Area Connection 2 (Connected)
1394 Net Adapter = 1394 Connection (Connected)
PlayLinc Adapter = PlayLinc Connection (Media disconnected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection 2"

set address name="Local Area Connection 2" source=dhcp
set dns name="Local Area Connection 2" source=dhcp register=PRIMARY
set wins name="Local Area Connection 2" source=dhcp

# Interface IP Configuration for "PlayLinc Connection"

set address name="PlayLinc Connection" source=dhcp
set dns name="PlayLinc Connection" source=dhcp register=PRIMARY
set wins name="PlayLinc Connection" source=dhcp


popd
# End of interface IP configuration


Windows IP Configuration Host Name . . . . . . . . . . . . : Home Primary Dns Suffix . . . . . . . : Node Type . . . . . . . . . . . . : Unknown IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : Yes DNS Suffix Search List. . . . . . : homeEthernet adapter Local Area Connection 2: Connection-specific DNS Suffix . : home Description . . . . . . . . . . . : Realtek RTL8139/810x Family Fast Ethernet NIC Physical Address. . . . . . . . . : 00-15-F2-38-FE-B4 Dhcp Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes IP Address. . . . . . . . . . . . : 192.168.1.2 Subnet Mask . . . . . . . . . . . : 255.255.255.0 IP Address. . . . . . . . . . . . : fe80::215:f2ff:fe38:feb4%4 Default Gateway . . . . . . . . . : 192.168.1.1 DHCP Server . . . . . . . . . . . : 192.168.1.1 DNS Servers . . . . . . . . . . . : 192.168.1.1 fec0:0:0:ffff::1%1 fec0:0:0:ffff::2%1 fec0:0:0:ffff::3%1 Lease Obtained. . . . . . . . . . : Monday, April 02, 2012 12:19:19 PM Lease Expires . . . . . . . . . . : Tuesday, April 03, 2012 12:19:19 PMEthernet adapter PlayLinc Connection: Media State . . . . . . . . . . . : Media disconnected Description . . . . . . . . . . . : PlayLinc Adapter Physical Address. . . . . . . . . : 7A-77-00-00-00-01Tunnel adapter Teredo Tunneling Pseudo-Interface: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface Physical Address. . . . . . . . . : FF-FF-FF-FF-FF-FF-FF-FF Dhcp Enabled. . . . . . . . . . . : No IP Address. . . . . . . . . . . . : fe80::ffff:ffff:fffd%6 Default Gateway . . . . . . . . . : NetBIOS over Tcpip. . . . . . . . : DisabledTunnel adapter Automatic Tunneling Pseudo-Interface: Connection-specific DNS Suffix . : home Description . . . . . . . . . . . : Automatic Tunneling Pseudo-Interface Physical Address. . . . . . . . . : C0-A8-01-02 Dhcp Enabled. . . . . . . . . . . : No IP Address. . . . . . . . . . . . : fe80::5efe:192.168.1.2%2 Default Gateway . . . . . . . . . : DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1 fec0:0:0:ffff::2%1 fec0:0:0:ffff::3%1 NetBIOS over Tcpip. . . . . . . . : DisabledServer: Wireless_Broadband_Router.home
Address: 192.168.1.1

Name: google.com
Addresses: 72.14.204.100, 72.14.204.101, 72.14.204.113, 72.14.204.138
72.14.204.102

Pinging google.com [72.14.204.101] with 32 bytes of data:Reply from 72.14.204.101: bytes=32 time=18ms TTL=252Reply from 72.14.204.101: bytes=32 time=18ms TTL=252Ping statistics for 72.14.204.101: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 18ms, Maximum = 18ms, Average = 18msServer: Wireless_Broadband_Router.home
Address: 192.168.1.1

Name: yahoo.com
Addresses: 98.139.183.24, 209.191.122.70, 72.30.38.140

Pinging yahoo.com [209.191.122.70] with 32 bytes of data:Reply from 209.191.122.70: bytes=32 time=58ms TTL=249Reply from 209.191.122.70: bytes=32 time=65ms TTL=249Ping statistics for 209.191.122.70: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 58ms, Maximum = 65ms, Average = 61msServer: Wireless_Broadband_Router.home
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2

Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:Reply from 208.43.87.2: Destination host unreachable.Reply from 208.43.87.2: Destination host unreachable.Ping statistics for 208.43.87.2: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0msPinging 127.0.0.1 with 32 bytes of data:Reply from 127.0.0.1: bytes=32 time<1ms TTL=48Reply from 127.0.0.1: bytes=32 time<1ms TTL=48Ping statistics for 127.0.0.1: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 15 f2 38 fe b4 ...... Realtek RTL8139/810x Family Fast Ethernet NIC - Packet Scheduler Miniport
0x3 ...7a 77 00 00 00 01 ...... PlayLinc Adapter - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.2 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
169.254.0.0 255.255.0.0 192.168.1.2 192.168.1.2 20
192.168.1.0 255.255.255.0 192.168.1.2 192.168.1.2 20
192.168.1.2 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.1.255 255.255.255.255 192.168.1.2 192.168.1.2 20
224.0.0.0 240.0.0.0 192.168.1.2 192.168.1.2 20
255.255.255.255 255.255.255.255 192.168.1.2 3 1
255.255.255.255 255.255.255.255 192.168.1.2 192.168.1.2 1
Default Gateway: 192.168.1.1
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 30 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 31 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 32 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (03/25/2012 06:57:21 AM) (Source: Application Error) (User: )
Description: Faulting application easyshare.exe, version 6.40.53.95, faulting module ntdll.dll, version 5.1.2600.6055, fault address 0x0004468b.
Processing media-specific event for [easyshare.exe!ws!]

Error: (03/25/2012 06:57:08 AM) (Source: Application Error) (User: )
Description: Faulting application easyshare.exe, version 6.40.53.95, faulting module ntdll.dll, version 5.1.2600.6055, fault address 0x0004468b.
Processing media-specific event for [easyshare.exe!ws!]

Error: (03/21/2012 08:06:40 AM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module mshtml.dll, version 8.0.6001.19190, fault address 0x00067978.
Processing media-specific event for [iexplore.exe!ws!]

Error: (03/08/2012 09:38:22 AM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module mshtml.dll, version 8.0.6001.19190, fault address 0x000710a6.
Processing media-specific event for [iexplore.exe!ws!]

Error: (03/05/2012 10:52:02 AM) (Source: Microsoft Office 10) (User: )
Description: Fault bucket -1807610361.

Error: (03/05/2012 10:51:56 AM) (Source: Microsoft Office 10) (User: )
Description: Faulting application excel.exe, version 10.0.6871.0, faulting module excel.exe, version 10.0.6871.0, fault address 0x00021d51.

Error: (02/18/2012 10:34:52 AM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module mshtml.dll, version 8.0.6001.19190, fault address 0x00067978.
Processing media-specific event for [iexplore.exe!ws!]

Error: (02/18/2012 10:34:06 AM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module mshtml.dll, version 8.0.6001.19190, fault address 0x00067978.
Processing media-specific event for [iexplore.exe!ws!]

Error: (02/15/2012 08:47:55 AM) (Source: Application Error) (User: )
Description: Faulting application easyshare.exe, version 6.40.53.95, faulting module ntdll.dll, version 5.1.2600.6055, fault address 0x0004468b.
Processing media-specific event for [easyshare.exe!ws!]

Error: (02/15/2012 08:46:42 AM) (Source: Application Error) (User: )
Description: Faulting application easyshare.exe, version 6.40.53.95, faulting module ntdll.dll, version 5.1.2600.6055, fault address 0x0004468b.
Processing media-specific event for [easyshare.exe!ws!]


System errors:
=============
Error: (04/02/2012 05:04:53 PM) (Source: 0) (User: )
Description: \Device\Ide\IdePort0

Error: (04/02/2012 04:59:50 PM) (Source: 0) (User: )
Description: \Device\Ide\IdePort0

Error: (04/02/2012 04:59:47 PM) (Source: 0) (User: )
Description: \Device\Ide\IdePort0

Error: (04/02/2012 04:59:41 PM) (Source: 0) (User: )
Description: \Device\Ide\IdePort0

Error: (04/02/2012 00:26:51 PM) (Source: DCOM) (User: HP_Owner)
Description: DCOM got error "%%1058" attempting to start the service iPod Service with arguments ""
in order to run the server:
{063D34A4-BF84-4B8D-B699-E8CA06504DDE}

Error: (04/02/2012 00:21:25 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
ftsata2
iaStor
IntelIde
Lbd
ViaIde

Error: (04/02/2012 00:21:25 PM) (Source: Service Control Manager) (User: )
Description: The HP CUE DeviceDiscovery Service service hung on starting.

Error: (04/02/2012 00:19:53 PM) (Source: Service Control Manager) (User: )
Description: The Routing and Remote Access service terminated with service-specific error 711 (0x2C7).

Error: (04/02/2012 11:59:28 AM) (Source: DCOM) (User: HP_Owner)
Description: DCOM got error "%%1058" attempting to start the service iPod Service with arguments ""
in order to run the server:
{063D34A4-BF84-4B8D-B699-E8CA06504DDE}

Error: (04/02/2012 11:55:57 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
ftsata2
iaStor
IntelIde
Lbd
ViaIde


Microsoft Office Sessions:
=========================
Error: (03/25/2012 06:57:21 AM) (Source: Application Error)(User: )
Description: easyshare.exe6.40.53.95ntdll.dll5.1.2600.60550004468b

Error: (03/25/2012 06:57:08 AM) (Source: Application Error)(User: )
Description: easyshare.exe6.40.53.95ntdll.dll5.1.2600.60550004468b

Error: (03/21/2012 08:06:40 AM) (Source: Application Error)(User: )
Description: iexplore.exe8.0.6001.18702mshtml.dll8.0.6001.1919000067978

Error: (03/08/2012 09:38:22 AM) (Source: Application Error)(User: )
Description: iexplore.exe8.0.6001.18702mshtml.dll8.0.6001.19190000710a6

Error: (03/05/2012 10:52:02 AM) (Source: Microsoft Office 10)(User: )
Description: -1807610361

Error: (03/05/2012 10:51:56 AM) (Source: Microsoft Office 10)(User: )
Description: excel.exe10.0.6871.0excel.exe10.0.6871.000021d51

Error: (02/18/2012 10:34:52 AM) (Source: Application Error)(User: )
Description: iexplore.exe8.0.6001.18702mshtml.dll8.0.6001.1919000067978

Error: (02/18/2012 10:34:06 AM) (Source: Application Error)(User: )
Description: iexplore.exe8.0.6001.18702mshtml.dll8.0.6001.1919000067978

Error: (02/15/2012 08:47:55 AM) (Source: Application Error)(User: )
Description: easyshare.exe6.40.53.95ntdll.dll5.1.2600.60550004468b

Error: (02/15/2012 08:46:42 AM) (Source: Application Error)(User: )
Description: easyshare.exe6.40.53.95ntdll.dll5.1.2600.60550004468b


=========================== Installed Programs ============================

1600 (Version: 50.0.206.000)
1600_Help (Version: 50.0.206.000)
1600Trb (Version: 50.0.206.000)
32 Bit HP CIO Components Installer (Version: 7.1.8)
4660_4680_Help (Version: 1.00.0000)
Abacast Client
Adobe Acrobat 7.0 Professional (Version: 7.1.0)
Adobe Acrobat 7.1.0 Professional (Version: 7.1.0)
Adobe Download Manager (Version: 1.6.2.87)
Adobe Flash Player 11 ActiveX (Version: 11.1.102.55)
Adobe Flash Player 11 Plugin (Version: 11.0.1.152)
Adobe Reader X (10.1.2) (Version: 10.1.2)
Adobe Shockwave Player 11 (Version: 11)
Adobe SVG Viewer 3.0 (Version: 3.0)
Agere Systems PCI Soft Modem
AiO_Scan (Version: 50.0.206.000)
AiOSoftware (Version: 50.0.206.000)
AOL Coach Version 2.0(Build:20041026.5 en)
AOL Email Toolbar
Apple Application Support (Version: 1.5.2)
Apple Mobile Device Support (Version: 3.4.1.2)
Apple Software Update (Version: 2.1.3.127)
ATI Control Panel (Version: 6.14.10.5157)
ATI Display Driver (Version: 8.15-050607a-024880C-HP)
AVG 2012 (Version: 12.0.1913)
AVG 2012 (Version: 12.0.2114)
AVG 2012 (Version: 2012.0.1913)
Bonjour (Version: 3.0.0.2)
BPD_HPSU (Version: 1.00.0000)
bpd_scan (Version: 3.00.0000)
BPDSoftware (Version: 50.0.165.000)
BPDSoftware_Ini (Version: 1.00.0000)
BufferChm (Version: 100.0.170.000)
CameraDrivers (Version: 5.0.0.328)
CCleaner (Version: 3.10)
CCScore (Version: 6.02.1001.0001)
Cobian Backup 10
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
CP_AtenaShokunin1Config (Version: 53.0.13.000)
CP_CalendarTemplates1 (Version: 53.0.13.000)
CP_Package_Basic1 (Version: 53.0.13.000)
CP_Package_Variety1 (Version: 53.0.13.000)
CP_Package_Variety2 (Version: 53.0.13.000)
CP_Package_Variety3 (Version: 53.0.13.000)
CP_Panorama1Config (Version: 53.0.13.000)
CueTour (Version: 53.0.13.000)
CustomerResearchQFolder (Version: 1.00.0000)
Destination Component (Version: 100.0.0.0)
DeviceDiscovery (Version: 100.0.190.000)
DIGOpt (Version: 9.0.0917.2)
DIGReqEx (Version: 9.0.0917.2)
DocMgr (Version: 100.0.201.000)
DocProc (Version: 10.0.0.0)
DocProcQFolder (Version: 1.00.0000)
Download Updater (AOL LLC)
Enhanced Multimedia Keyboard Solution
ESSBrwr (Version: 6.04.0000.0001)
ESSCDBK (Version: 6.04.0000.0001)
ESScore (Version: 6.04.0000.0003)
ESSgui (Version: 6.04.0000.0001)
ESSini (Version: 6.04.0000.0001)
ESSPCD (Version: 6.04.0000.0001)
ESSPDock (Version: 6.03.0001.0004)
ESSSONIC (Version: 6.4.0000.0001)
ESSTOOLS (Version: 5.00.0000.0004)
essvatgt (Version: 6.04.0000.0001)
eSupportQFolder (Version: 1.00.0000)
Fax (Version: 100.0.272.000)
Form Fill (Windows Live Toolbar) (Version: 03.01.0146)
GdiplusUpgrade (Version: 1.00.01)
Google Chrome (Version: 12.0.742.100)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.2.2318.1946)
Google Update Helper (Version: 1.3.21.79)
GPBaseService (Version: 100.0.187.000)
GPBaseService2 (Version: 130.0.371.000)
HijackThis 2.0.2 (Version: 2.0.2)
HP Boot Optimizer (Version: 1.0.2)
HP Customer Participation Program 10.0 (Version: 10.0)
HP Document Manager 1.0 (Version: 1.0)
HP Image Zone 5.3 (Version: 5.3)
HP Imaging Device Functions 10.0 (Version: 10.0)
HP Officejet All-In-One Series (Version: 1.0)
HP Organize
HP Photosmart 330,380,420,470,7800,8000,8200 Series (Version: 8.1)
HP Photosmart Essential 2.5 (Version: 1.02.0000)
HP Photosmart Essential 2.5 (Version: 2.5)
HP PSC & OfficeJet 5.3.B
HP Smart Web Printing 4.60 (Version: 4.60)
HP Solution Center 13.0 (Version: 13.0)
HP Update (Version: 5.003.001.001)
HPProductAssistant (Version: 130.0.371.000)
HpSdpAppCoreApp (Version: 3.00.0000)
HPSSupply (Version: 100.0.170.000)
InstantShareAlert (Version: 1.00.0000)
InstantShareDevices (Version: 53.0.13.000)
InterVideo WinDVD Player
InterVideo WinDVD Player (Version: 5.0-B11.789)
iTunes (Version: 10.4.0.80)
J4680 (Version: 50.0.165.000)
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 30 (Version: 6.0.300)
kgcbase (Version: 5.03.0000.0004)
KODAK EASYSHARE Gallery Upload ActiveX Control
Kodak EasyShare software
LiveUpdate 3.0 (Symantec Corporation) (Version: 3.0.0.171)
LSI PCI Soft Modem (Version: 2.2.98)
Malwarebytes Anti-Malware version 1.60.1.1000 (Version: 1.60.1.1000)
Map Button (Windows Live Toolbar) (Version: 03.01.0146)
MarketResearch (Version: 100.0.170.000)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Money 2005 (Version: 14)
Microsoft National Language Support Downlevel APIs
Microsoft Office Live Add-in 1.4 (Version: 2.0.3008.0)
Microsoft Office Outlook Connector (Version: 1.8.3501.0)
Microsoft Office XP Professional with FrontPage (Version: 10.0.6626.0)
Microsoft Picture It! Express 9 (Version: 9.0.1305)
Microsoft Picture It! Library 9 (Version: 9.0.1305)
Microsoft Plus! Dancer LE (Version: 1.1.0.3522)
Microsoft Plus! Digital Media Edition Installer (Version: 1.1.0.3500)
Microsoft Plus! Photo Story 2 LE (Version: 1.1.0.3463)
Microsoft Silverlight (Version: 4.1.10111.0)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Works (Version: 08.04.0623)
Move Networks Media Player for Internet Explorer
Mozilla Firefox 9.0.1 (x86 en-US) (Version: 9.0.1)
MSN
MSN Encarta Plus Support Files (Version: 9.0.0801)
MSVCSetup (Version: 1.00.0000)
MSXML 4.0 SP2 (KB925672) (Version: 4.20.9839.0)
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP3 Parser (KB973685) (Version: 4.30.2107.0)
muvee autoProducer 4.0 (Version: 4.00.050)
NAVIGON Fresh 1.4.9 (Version: 1.4.9)
netbrdg (Version: 6.04.0000.0001)
NetDiag
NewCopy (Version: 50.0.206.000)
OCR Software by I.R.I.S. 10.0 (Version: 10.0)
Office 2003 Tour (Version: 1.0.0)
OfotoXMI (Version: 6.04.0000.0001)
OneCare Advisor (Windows Live Toolbar) (Version: 03.01.0159.04)
OpenMG AAC Add-on Module 1.0.00 (Version: 1.0.00.04270)
OpenMG Limited Patch 4.5-06-05-12-01
OpenMG Secure Module 4.5.01 (Version: 4.5.01.04270)
PanoStandAlone (Version: 53.0.13.000)
PC-Doctor 5 for Windows (Version: 5.00.2832.01)
PDF Manual NW-E000 Series (Version: 1.0)
PhotoGallery (Version: 53.0.13.000)
PlayLinc (Version: 2.0.8)
Popup Blocker (Windows Live Toolbar) (Version: 03.01.0146)
ProductContext (Version: 50.0.165.000)
ProductContext (Version: 50.0.206.000)
PSSWCORE (Version: 2.02.0000)
PSTAPlugin (Version: 8.01.0000)
Python 2.2 pywin32 extensions (build 203)
Python 2.2.3 (Version: 2.2.3)
Quicken 2005 (Version: 14.00.0000)
QuickTime (Version: 7.69.80.9)
RandMap (Version: 53.0.13.000)
Readme (Version: 50.0.206.000)
Redist (Version: 3.00.0000)
Saints Toolbar
Scan (Version: 10.1.0.0)
ScannerCopy (Version: 5.2.0.0)
SFR (Version: 7.01.0000.0003)
SHASTA (Version: 6.04.0000.0001)
Shop for HP Supplies (Version: 10.0)
skin0001 (Version: 6.04.0000.0004)
SkinsHP1 (Version: 53.0.13.000)
SKINXSDK (Version: 6.02.1001.0001)
Smart Menus (Windows Live Toolbar) (Version: 03.01.0146)
SmartWebPrinting (Version: 140.0.186.000)
SolutionCenter (Version: 130.0.373.000)
Sonic Express Labeler (Version: 2.1.0)
Sonic MyDVD Plus (Version: 6.1.3)
Sonic RecordNow Audio (Version: 2.0.2)
Sonic RecordNow Copy (Version: 2.0.2)
Sonic RecordNow Data (Version: 2.0.2)
Sonic Update Manager (Version: 3.0.0)
Sonic_PrimoSDK (Version: 53.0.13.000)
SonicStage 4.0 (Version: 4.0)
Spybot - Search & Destroy (Version: 1.6.0)
staticcr (Version: 6.04.0000.0005)
Status (Version: 100.0.272.000)
Toolbox (Version: 100.0.170.000)
tooltips (Version: 6.04.0000.0001)
TrayApp (Version: 100.0.170.000)
Unload (Version: 5.0.0)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Windows Internet Explorer 8 (KB969497) (Version: 1)
Update for Windows Internet Explorer 8 (KB976662) (Version: 1)
Update for Windows Internet Explorer 8 (KB976749) (Version: 1)
Update for Windows Internet Explorer 8 (KB980182) (Version: 1)
Updates from HP (remove only)
VC 9.0 Runtime (Version: 1.0.0)
Verizon Download Manager (Version: 16)
Verizon FiOS Activation
Verizon Help and Support Tool
Verizon Media Manager (Version: 9.4.94)
Verizon Servicepoint 3.7.44 (Version: 3.7.44)
Verizon Toolbar (Version: 6.0.0.29)
VideoToolkit01 (Version: 100.0.128.000)
Viewpoint Media Player
Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (Version: 9.0.30729.01)
VPRINTOL (Version: 6.04.0000.0001)
Vz In Home Agent (Version: 8.03.53)
WebFldrs XP (Version: 9.50.7523)
WebReg (Version: 100.0.170.000)
Winamp (Version: 5.531 )
Windows Genuine Advantage Notifications (KB905474) (Version: 1.7.0018.5)
Windows Genuine Advantage v1.3.0254.0 (Version: 1.3.0254.0)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Installer Clean Up (Version: 1.0.0.310)
Windows Installer Clean Up (Version: 3.00.00.0000)
Windows Internet Explorer 7 (Version: 20061027.150806)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Live Favorites for Windows Live Toolbar (Version: 03.01.0130)
Windows Live installer (Version: 12.0.1471.1025)
Windows Live Mail (Version: 12.0.1606.1023)
Windows Live Messenger (Version: 8.5.1302.1018)
Windows Live OneCare safety scanner
Windows Live Outlook Toolbar (Windows Live Toolbar) (Version: 03.01.0146)
Windows Live Toolbar (Version: 03.01.0146)
Windows Live Toolbar Extension (Windows Live Toolbar) (Version: 03.01.0146)
Windows Live Toolbar Feed Detector (Windows Live Toolbar) (Version: 03.01.0146)
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3 (Version: 20080414.031525)
WIRELESS (Version: 6.04.0000.0001)
Yahoo! Detect

========================= Devices: ================================

Name: Serial
Description: Serial
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Serial
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


========================= Memory info: ===================================

Percentage of memory in use: 32%
Total physical RAM: 3006.48 MB
Available physical RAM: 2039.32 MB
Total Pagefile: 5852.44 MB
Available Pagefile: 4935.5 MB
Total Virtual: 2047.88 MB
Available Virtual: 1967.64 MB

========================= Partitions: =====================================

1 Drive c: (HP_PAVILION) (Fixed) (Total:29.75 GB) (Free:4.85 GB) NTFS
2 Drive d: (HP_RECOVERY) (Fixed) (Total:7.5 GB) (Free:1.71 GB) FAT32
3 Drive f: () (Fixed) (Total:73.25 GB) (Free:62.9 GB) NTFS
4 Drive g: () (Fixed) (Total:73.25 GB) (Free:48.43 GB) NTFS
5 Drive h: () (Fixed) (Total:73.25 GB) (Free:72.71 GB) NTFS
6 Drive i: () (Fixed) (Total:59.72 GB) (Free:59.64 GB) NTFS

========================= Users: ========================================

User accounts for \\Home

Admin Administrator Guest
HelpAssistant HP_Owner SUPPORT_388945a0
SUPPORT_fddfa904


**** End of log ****


DDS.TXT follows
//////////////////////////////////////////////////////////////////////////////////

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_30
Run by HP_Owner at 16:48:11 on 2012-04-02
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.3006.2196 [GMT -4:00]
.
AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
============== Running Processes ===============
.
C:\PROGRA~1\AVG\AVG2012\avgrsx.exe
C:\Program Files\AVG\AVG2012\avgcsrvx.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\system32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
svchost.exe
C:\Program Files\LSI SoftModem\agrsmsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\AVG\AVG2012\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe -k hpdevmgmt
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\Program Files\VERIZONDM\bin\sprtsvc.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\VERIZONDM\bin\tgsrvc.exe
C:\Program Files\AVG\AVG2012\avgnsx.exe
C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
C:\Program Files\Verizon\McciTrayApp.exe
C:\PROGRA~1\Verizon\SMARTB~1\MotiveSB.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\AVG\AVG2012\avgtray.exe
G:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\VERIZONDM\bin\sprtcmd.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
c:\windows\system\hpsysdrv.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Cobian Backup 10\cbVSCService.exe
C:\Program Files\Cobian Backup 10\Cobian.exe
C:\Program Files\Cobian Backup 10\cbInterface.exe
C:\WINDOWS\System32\vssvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\explorer.exe
.
============== Pseudo HJT Report ===============
.
uSearch Page = hxxp://www.google.com
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uSearch Bar = hxxp://www.excite.com/microsoft/ie40/
uInternet Settings,ProxyOverride = <local>
uInternet Settings,ProxyServer = proxy:8080
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/ie
uURLSearchHooks: Verizon Toolbar: {f8d96645-337c-419b-8792-b6c126145811} - c:\program files\verizontb\verizonDx.dll
mURLSearchHooks: AOLMAILTBSearch Class: {98572e47-b5fe-43de-9aea-492a1d3064cd} - c:\program files\aol email toolbar\aolmailtb.dll
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: {102d7cb0-7e9c-4be6-a367-438d6db0874d} - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {3BD57223-9F1D-4484-B72F-BC1C5257B541} - No File
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg2012\avgssie.dll
BHO: {45698B67-1954-4A68-B559-957454464E9F} - No File
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - No File
BHO: {9030D464-4C02-4ABF-8ECC-5164760863C6} - No File
BHO: Updater For Verizon Toolbar: {96673559-e653-4cdc-8923-f89347a952c0} - c:\program files\verizontb\auxi\verizonAu.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.7018.1622\swg.dll
BHO: Windows Live Toolbar Helper: {bdbd1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll
BHO: 1 (0x1) - No File
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: {E607A6D4-FB95-425C-83A8-713DECC6283F} - No File
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: {F0E314DB-EF85-4481-B47D-31D1107BAF29} - No File
BHO: {F1ADBEE0-4716-414B-ACF7-3544FB8E0E34} - No File
BHO: Verizon Toolbar: {f8d96645-337c-419b-8792-b6c126145811} - c:\program files\verizontb\verizonDx.dll
BHO: AOL Email Toolbar Loader: {fbea8524-8c72-4208-9d12-7fb73e9926eb} - c:\program files\aol email toolbar\aolmailtb.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: Windows Live Toolbar: {bdad1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - g:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll
TB: {A057A204-BACC-4D26-BAF1-49F8CCAB3ED4} - No File
TB: AOL Email Toolbar: {a3704fa3-dbf6-46b5-b95e-0677dfd39577} - c:\program files\aol email toolbar\aolmailtb.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Verizon Toolbar: {f8d96645-337c-419b-8792-b6c126145811} - c:\program files\verizontb\verizonDx.dll
TB: {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No File
TB: {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - No File
TB: {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No File
EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - g:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
mRun: [Verizon_McciTrayApp] "c:\program files\verizon\McciTrayApp.exe"
mRun: [Motive SmartBridge] c:\progra~1\verizon\smartb~1\MotiveSB.exe
mRun: [Microsoft Works Update Detection] "c:\program files\common files\microsoft shared\works shared\WkUFind.exe"
mRun: [HPBootOp] "c:\program files\hewlett-packard\hp boot optimizer\HPBootOp.exe" /run
mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [Acrobat Assistant 7.0] "g:\program files\adobe\acrobat 7.0\distillr\Acrotray.exe"
mRun: [VERIZONDM] "c:\program files\verizondm\bin\sprtcmd.exe" /P VERIZONDM
mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup
mRun: [MSConfig] c:\windows\pchealth\helpctr\binaries\MSConfig.exe /auto
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - f:\program files\office10\OSA.EXE
IE: {E2D4D26B-0180-43a4-B05F-462D6D54C789} - c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\iebutton\support.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: vzTCPConfig - hxxp://my.verizon.com/micro/speedoptimizer/fios/vzTCPConfig.CAB
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204
DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21}
DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537}
DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase5483.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1215347304125
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {95D88B35-A521-472B-A182-BB1A98356421} - hxxp://asp.mathxl.com/books/_Players/PearsonInstallAsst2.cab
DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} - hxxp://www.crucial.com/controls/cpcScanner.cab
DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - hxxp://download.mcafee.com/molbin/shared/mcgdmgr/1,0,0,26/mcgdmgr.cab
DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}
DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
DPF: {E6D23284-0E9B-417D-A782-03E4487FC947} - hxxp://asp.mathxl.com/books/_Players/MathPlayer.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{6CE73081-C336-4414-B5F4-6BED2F36569A} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{B79CD0E0-7DB7-4724-A9D0-ED3179536593} : DhcpNameServer = 16.92.3.242 16.92.3.243 16.81.3.243 16.118.3.243
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll
Notify: AtiExtEvent - Ati2evxx.dll
AppInit_DLLs: mowqpc.dll lawtax.dll ywoser.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
Hosts: 93.113.196.118 www.google.com
Hosts: 93.113.196.119 www.bing.com
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\hp_owner\application data\mozilla\firefox\profiles\vaeqny4h.default\
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\common files\motive\npMotive.dll
FF - plugin: c:\program files\google\update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft silverlight\4.1.10111.0\npctrlui.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdnu.dll
FF - plugin: c:\program files\verizon\vsp\nprpspa.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2011-2-22 23120]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2011-1-19 32592]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2011-1-7 230608]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-3-1 40016]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2011-2-10 295248]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2012\AVGIDSAgent.exe [2011-10-12 4433248]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2011-8-2 192776]
R2 cbVSCService;Cobian Backup 10 Volume Shadow Copy service;c:\program files\cobian backup 10\cbVSCService.exe [2012-4-2 67584]
R2 sprtsvc_verizondm;SupportSoft Sprocket Service (verizondm);c:\program files\verizondm\bin\sprtsvc.exe [2011-12-1 206120]
R2 tgsrvc_verizondm;SupportSoft Repair Service (verizondm);c:\program files\verizondm\bin\tgsrvc.exe [2011-12-1 185640]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2011-3-30 134608]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2011-2-10 24272]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2011-2-10 16720]
R3 hamachi_oem;PlayLinc Adapter;c:\windows\system32\drivers\gan_adapter.sys [2006-9-27 10664]
S0 Lbd;Lbd;c:\windows\system32\drivers\lbd.sys --> c:\windows\system32\drivers\Lbd.sys [?]
S3 nosGetPlusHelper;getPlus® Helper 3004;c:\windows\system32\svchost.exe -k nosGetPlusHelper [2004-8-4 14336]
S4 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-6-5 136176]
S4 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-6-5 136176]
S4 ServicepointService;ServicepointService;c:\program files\verizon\vsp\ServicepointService.exe [2012-1-28 689464]
.
=============== Created Last 30 ================
.
2012-04-02 17:20:32 -------- d-----w- c:\documents and settings\hp_owner\local settings\application data\Safe mirror
2012-04-02 17:17:19 -------- d-----w- c:\program files\Cobian Backup 10
.
==================== Find3M ====================
.
2012-02-03 09:22:18 1860096 ------w- c:\windows\system32\win32k.sys
2012-01-11 19:06:47 3072 ------w- c:\windows\system32\iacenc.dll
2012-01-09 16:20:25 139784 ------w- c:\windows\system32\drivers\rdpwd.sys
2005-12-11 16:50:24 5037072 -c----w- c:\program files\spybotsd14.exe
2005-12-11 16:48:23 2855080 -c----w- c:\program files\aawsepersonal.exe
.
============= FINISH: 16:51:00.79 ===============

Attach.Txt follows:

//////////////////////////////////////////////////////

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume2
Install Date: 12/9/2005 6:21:53 PM
System Uptime: 4/2/2012 12:18:33 PM (4 hours ago)
.
Motherboard: ASUSTek Computer INC. | | Amberine M
Processor: AMD Athlon™ 64 Processor 3200+ | Socket 939 | 1989/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 30 GiB total, 4.858 GiB free.
D: is FIXED (FAT32) - 8 GiB total, 1.706 GiB free.
F: is FIXED (NTFS) - 73 GiB total, 62.9 GiB free.
G: is FIXED (NTFS) - 73 GiB total, 48.426 GiB free.
H: is FIXED (NTFS) - 73 GiB total, 72.715 GiB free.
I: is FIXED (NTFS) - 60 GiB total, 59.641 GiB free.
K: is Removable
L: is Removable
M: is Removable
N: is Removable
P: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: Serial
Device ID: ROOT\LEGACY_SERIAL\0000
Manufacturer:
Name: Serial
PNP Device ID: ROOT\LEGACY_SERIAL\0000
Service: Serial
.
==== System Restore Points ===================
.
RP8: 1/6/2012 4:59:49 PM - System Checkpoint
RP9: 1/10/2012 10:08:04 PM - Software Distribution Service 3.0
RP10: 1/13/2012 8:40:17 AM - Software Distribution Service 3.0
RP11: 1/20/2012 7:56:43 AM - Software Distribution Service 3.0
RP12: 1/24/2012 12:58:31 PM - Software Distribution Service 3.0
RP13: 2/11/2012 12:26:00 PM - Printer Driver Adobe PDF Converter Installed
RP14: 2/14/2012 7:25:45 PM - FiOS Installation
RP15: 2/17/2012 4:13:44 PM - Software Distribution Service 3.0
RP16: 2/24/2012 9:28:43 AM - Software Distribution Service 3.0
RP17: 2/25/2012 12:01:39 PM - Removed Vz In Home Agent
RP18: 2/29/2012 3:00:18 AM - Software Distribution Service 3.0
RP19: 2/29/2012 3:29:47 AM - Printer Driver Microsoft XPS Document Writer Installed
RP20: 3/3/2012 9:28:24 AM - Software Distribution Service 3.0
RP21: 3/4/2012 10:22:19 AM - Software Distribution Service 3.0
RP22: 3/14/2012 3:00:19 AM - Software Distribution Service 3.0
.
==== Installed Programs ======================
.
1600
1600_Help
1600Trb
32 Bit HP CIO Components Installer
4660_4680_Help
Abacast Client
Adobe Acrobat 7.0 Professional
Adobe Acrobat 7.1.0 Professional
Adobe Download Manager
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.2)
Adobe Shockwave Player 11
Adobe SVG Viewer 3.0
Agere Systems PCI Soft Modem
AiO_Scan
AiOSoftware
AOL Coach Version 2.0(Build:20041026.5 en)
AOL Email Toolbar
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ATI Control Panel
ATI Display Driver
AVG 2012
Bonjour
BPD_HPSU
bpd_scan
BPDSoftware
BPDSoftware_Ini
BufferChm
CameraDrivers
CCleaner
CCScore
Cobian Backup 10
Compatibility Pack for the 2007 Office system
CP_AtenaShokunin1Config
CP_CalendarTemplates1
CP_Package_Basic1
CP_Package_Variety1
CP_Package_Variety2
CP_Package_Variety3
CP_Panorama1Config
CueTour
CustomerResearchQFolder
Destination Component
DeviceDiscovery
DIGOpt
DIGReqEx
DocMgr
DocProc
DocProcQFolder
Download Updater (AOL LLC)
Enhanced Multimedia Keyboard Solution
ESSBrwr
ESSCDBK
ESScore
ESSgui
ESSini
ESSPCD
ESSPDock
ESSSONIC
ESSTOOLS
essvatgt
eSupportQFolder
Fax
Form Fill (Windows Live Toolbar)
GdiplusUpgrade
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
GPBaseService
GPBaseService2
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
HP Boot Optimizer
HP Customer Participation Program 10.0
HP Document Manager 1.0
HP Image Zone 5.3
HP Imaging Device Functions 10.0
HP Officejet All-In-One Series
HP Organize
HP Photosmart 330,380,420,470,7800,8000,8200 Series
HP Photosmart Essential 2.5
HP PSC & OfficeJet 5.3.B
HP Smart Web Printing 4.60
HP Solution Center 13.0
HP Update
HPProductAssistant
HpSdpAppCoreApp
HPSSupply
InstantShareAlert
InstantShareDevices
InterVideo WinDVD Player
iTunes
J4680
Java Auto Updater
Java™ 6 Update 30
kgcbase
KODAK EASYSHARE Gallery Upload ActiveX Control
Kodak EasyShare software
LiveUpdate 3.0 (Symantec Corporation)
LSI PCI Soft Modem
Malwarebytes Anti-Malware version 1.60.1.1000
Map Button (Windows Live Toolbar)
MarketResearch
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Money 2005
Microsoft National Language Support Downlevel APIs
Microsoft Office Live Add-in 1.4
Microsoft Office Outlook Connector
Microsoft Office XP Professional with FrontPage
Microsoft Picture It! Express 9
Microsoft Picture It! Library 9
Microsoft Plus! Dancer LE
Microsoft Plus! Digital Media Edition Installer
Microsoft Plus! Photo Story 2 LE
Microsoft Silverlight
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Works
Move Networks Media Player for Internet Explorer
Mozilla Firefox 9.0.1 (x86 en-US)
MSN
MSN Encarta Plus Support Files
MSVCSetup
MSXML 4.0 SP2 (KB925672)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP3 Parser (KB973685)
muvee autoProducer 4.0
NAVIGON Fresh 1.4.9
netbrdg
NetDiag
NewCopy
OCR Software by I.R.I.S. 10.0
Office 2003 Tour
OfotoXMI
OneCare Advisor (Windows Live Toolbar)
OpenMG AAC Add-on Module 1.0.00
OpenMG Limited Patch 4.5-06-05-12-01
OpenMG Secure Module 4.5.01
PanoStandAlone
PC-Doctor 5 for Windows
PDF Manual NW-E000 Series
PhotoGallery
PlayLinc
Popup Blocker (Windows Live Toolbar)
ProductContext
PSSWCORE
PSTAPlugin
Python 2.2 pywin32 extensions (build 203)
Python 2.2.3
QFolder
Quicken 2005
QuickTime
RandMap
Readme
Redist
Saints Toolbar
Scan
ScannerCopy
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2530548)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB2647516)
Security Update for Windows Internet Explorer 8 (KB969897)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB2621440)
Security Update for Windows XP (KB2641653)
Security Update for Windows XP (KB2647518)
Security Update for Windows XP (KB923689)
SFR
SHASTA
Shockwave
Shop for HP Supplies
skin0001
SkinsHP1
SKINXSDK
Smart Menus (Windows Live Toolbar)
SmartWebPrinting
SolutionCenter
Sonic Express Labeler
Sonic MyDVD Plus
Sonic RecordNow Audio
Sonic RecordNow Copy
Sonic RecordNow Data
Sonic Update Manager
Sonic_PrimoSDK
SonicStage 4.0
Spybot - Search & Destroy
staticcr
Status
Toolbox
tooltips
TrayApp
Unload
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB969497)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows Internet Explorer 8 (KB980182)
Updates from HP (remove only)
VC 9.0 Runtime
Verizon Download Manager
Verizon FiOS Activation
Verizon Help and Support Tool
Verizon Media Manager
Verizon Servicepoint 3.7.44
Verizon Toolbar
VideoToolkit01
Viewpoint Media Player
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
VPRINTOL
Vz In Home Agent
WebFldrs XP
WebReg
Winamp
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage v1.3.0254.0
Windows Genuine Advantage Validation Tool (KB892130)
Windows Installer Clean Up
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Live Favorites for Windows Live Toolbar
Windows Live installer
Windows Live Mail
Windows Live Messenger
Windows Live OneCare safety scanner
Windows Live Outlook Toolbar (Windows Live Toolbar)
Windows Live Toolbar
Windows Live Toolbar Extension (Windows Live Toolbar)
Windows Live Toolbar Feed Detector (Windows Live Toolbar)
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3
WIRELESS
Yahoo! Detect
.
==== Event Viewer Messages From Past Week ========
.
4/2/2012 11:55:57 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: ftsata2 iaStor IntelIde Lbd ViaIde
4/1/2012 6:52:03 AM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service iPod Service with arguments "" in order to run the server: {063D34A4-BF84-4B8D-B699-E8CA06504DDE}
4/1/2012 6:52:02 AM, error: RemoteAccess [20106] - Unable to add the interface {25DDD078-97B4-4B76-9374-A72545D584F2} with the Router Manager for the IP protocol. The following error occurred: Cannot complete this function.
4/1/2012 6:51:49 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: ftsata2 Lbd
4/1/2012 6:51:49 AM, error: Service Control Manager [7022] - The HP CUE DeviceDiscovery Service service hung on starting.
4/1/2012 5:33:01 PM, error: Service Control Manager [7024] - The Routing and Remote Access service terminated with service-specific error 711 (0x2C7).
4/1/2012 11:34:42 PM, error: PlugPlayManager [12] - The device 'Maxtor 6L300R0' (IDE\DiskMaxtor_6L300R0__________________________BAJ41G20\364c313134304837202020202020202020202020) disappeared from the system without first being prepared for removal.
3/31/2012 9:17:30 PM, error: Service Control Manager [7034] - The Automatic LiveUpdate Scheduler service terminated unexpectedly. It has done this 1 time(s).
3/31/2012 9:17:26 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
.
==== End Of File ===========================


Ark.text follows:

///////////////////////////////////////////////////////////////////////

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-04-02 21:41:37
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 ST340014AS rev.3.43
Running: gmer.exe; Driver: C:\DOCUME~1\HP_Owner\LOCALS~1\Temp\uxldipoc.sys


---- System - GMER 1.0.15 ----

SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwOpenProcess [0xB265CF3C]
SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwTerminateProcess [0xB265CFE4]
SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwTerminateThread [0xB265D080]
SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwWriteVirtualMemory [0xB265D11C]

---- Kernel code sections - GMER 1.0.15 ----

? C:\DOCUME~1\HP_Owner\LOCALS~1\Temp\mbr.sys The system cannot find the file specified. !

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3004] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 3E215505 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3004] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 3E2E9AA5 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3004] USER32.dll!CallNextHookEx 7E42B3C6 5 Bytes JMP 3E2DD119 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3004] USER32.dll!CreateWindowExW 7E42D0A3 5 Bytes JMP 3E2EDB14 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3004] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 3E254686 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3004] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 3E3E53AF C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3004] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 3E3E52E1 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3004] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 3E3E534C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3004] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 3E3E51B2 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3004] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 3E3E5214 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3004] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 3E3E5412 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3004] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 3E3E5276 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3004] ole32.dll!CoCreateInstance 774FF1BC 5 Bytes JMP 3E2EDB70 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3004] ole32.dll!OleLoadFromStream 7752983B 5 Bytes JMP 3E3E5717 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3052] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 3E215505 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3052] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 3E2E9AA5 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3052] USER32.dll!CallNextHookEx 7E42B3C6 5 Bytes JMP 3E2DD119 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3052] USER32.dll!CreateWindowExW 7E42D0A3 5 Bytes JMP 3E2EDB14 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3052] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 3E254686 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3052] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 3E3E53AF C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3052] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 3E3E52E1 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3052] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 3E3E534C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3052] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 3E3E51B2 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3052] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 3E3E5214 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3052] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 3E3E5412 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3052] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 3E3E5276 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3052] ole32.dll!CoCreateInstance 774FF1BC 5 Bytes JMP 3E2EDB70 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3052] ole32.dll!OleLoadFromStream 7752983B 5 Bytes JMP 3E3E5717 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3564] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 3E215505 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3564] USER32.dll!CreateWindowExW 7E42D0A3 5 Bytes JMP 3E2EDB14 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3564] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 3E3E53AF C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3564] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 3E3E52E1 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3564] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 3E3E534C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3564] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 3E3E51B2 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3564] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 3E3E5214 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3564] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 3E3E5412 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3564] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 3E3E5276 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Ntfs \Ntfs AVGIDSFilter.Sys (IDS Application Activity Monitor Filter Driver./AVG Technologies CZ, s.r.o. )
AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\Fastfat \Fat AVGIDSFilter.Sys (IDS Application Activity Monitor Filter Driver./AVG Technologies CZ, s.r.o. )

---- EOF - GMER 1.0.15 ----

Hope this helps.





Edited by Mike H., 03 April 2012 - 05:32 AM.


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,566 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:43 AM

Posted 02 April 2012 - 08:57 PM

Hi Mike ,I moved this to the Am I Infected forum as you did not completely post here.
What did you run?
Are you on a router? Are other machines on it,if so are they redirecting?

Do you use Firefox?


Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users