Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Ie7 Redirect Problem


  • Please log in to reply
8 replies to this topic

#1 emalvo

emalvo

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:11:17 PM

Posted 11 February 2007 - 08:10 PM

Good evening. I am using an HP Tablet PC and I have IE7 installed. I have run all the programs recommended on this forum from the Preparation page and I am still having the same problem. I do a search in Yahoo! or Google. When I click on the link I need, I get redirected to a strange site(s). The sites could be a funny looking search engine or porn.

Here is my HijackThis page:

Logfile of HijackThis v1.99.1
Scan saved at 7:01:03 PM, on 2/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\KeyboardSurrogate.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SYSTEM32\WISPTIS.EXE
C:\WINDOWS\System32\tabbtnu.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\TCServer.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\TabTip.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\HPQ\Q Menu\QICON.EXE
C:\Program Files\HPQ\Q Menu\CpqMcSrV.exe
C:\Program Files\Trend Micro\Internet Security 2007\pccguide.exe
C:\Program Files\Hewlett-Packard\HP Mobile Printing\HPBMOBIL.EXE
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\Cpqdiag\Cpqdfwag.exe
C:\Program Files\Olympus\DeviceDetector\DM1Service.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
C:\Program Files\Windows Media Player\WMPNetwk.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\PcScnSrv.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Administrator\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.hp.com/
R3 - URLSearchHook: Yahoo! Toolbar BETA - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Yahoo! Toolbar BETA - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [TabletTip] "C:\Program Files\Common Files\microsoft shared\ink\tabtip.exe" /resume
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] rundll32.exe nview.dll,nViewLoadHook
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [TabletWizard] C:\WINDOWS\help\SplshWrp.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [Q Menu] C:\Program Files\HPQ\Q Menu\QICON.EXE -QICON
O4 - HKLM\..\Run: [hpqMcSrv] "C:\Program Files\HPQ\Q Menu\CpqMcSrV.exe" /Start
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 2007\pccguide.exe"
O4 - HKLM\..\RunServices: [CPQDFWAG] C:\WINDOWS\Cpqdiag\CpqDfwAg.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [HP Mobile Printing] C:\Program Files\Hewlett-Packard\HP Mobile Printing\HPBMOBIL.EXE
O4 - HKCU\..\Run: [Zinio DLM] C:\Program Files\Zinio\ZDLM.exe /hide
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Device Detector 2.lnk = C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O15 - Trusted Zone: http://*.clinicstation
O15 - Trusted Zone: http://clinicstation.mdacc.tmc.edu
O15 - Trusted IP range: http://143.111.222.240
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://eu-housecall.trendmicro-europe.com/...ivex/hcImpl.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/...nst_current.cab
O16 - DPF: {D50AF668-390B-4D2E-92B8-12289AF33958} (ClinicStationLib.ctlCS) - http://143.111.222.240/ClinicStationLib.CAB
O17 - HKLM\System\CCS\Services\Tcpip\..\{4D274DC2-CFDD-44B7-92AE-8200941CACCF}: NameServer = 85.255.114.44,85.255.112.180
O17 - HKLM\System\CCS\Services\Tcpip\..\{667AA56E-626B-474D-9624-7361DCFFAFBE}: NameServer = 85.255.114.44,85.255.112.180
O17 - HKLM\System\CCS\Services\Tcpip\..\{97384288-C706-43C2-B1D8-8303F3111F09}: NameServer = 85.255.114.44,85.255.112.180
O17 - HKLM\System\CCS\Services\Tcpip\..\{AFA2044E-3C77-4925-AC55-AEBB7D24988D}: NameServer = 85.255.114.44,85.255.112.180
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.114.44 85.255.112.180
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.114.44 85.255.112.180
O20 - Winlogon Notify: loginkey - C:\Program Files\Common Files\Microsoft Shared\Ink\loginkey.dll
O20 - Winlogon Notify: TabBtnWL - C:\WINDOWS\SYSTEM32\TabBtnWL.dll
O20 - Winlogon Notify: tpgwlnotify - C:\WINDOWS\SYSTEM32\tpgwlnot.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Remote Diagnostics Enabling Agent (DfwWebAgent) - Hewlett-Packard - C:\WINDOWS\Cpqdiag\Cpqdfwag.exe
O23 - Service: DM1Service - OLYMPUS Corporation - C:\Program Files\Olympus\DeviceDetector\DM1Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
O23 - Service: Trend Micro Protection Against Spyware (PcScnSrv) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcScnSrv.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe



Any help you can provide is most appreciated.

BC AdBot (Login to Remove)

 


#2 RichieUK

RichieUK

    Malware Assassin


  • Malware Response Team
  • 13,614 posts
  • OFFLINE
  •  
  • Local time:05:17 AM

Posted 11 February 2007 - 08:29 PM

Welcome to Bleeping Computer emalvo :thumbsup:

Please download FixWareout from one of these sites:
http://downloads.subratam.org/Fixwareout.exe
http://www.bleepingcomputer.com/files/lonny/Fixwareout.exe

Save it to your desktop and run it.
Click Next,then Install,then make sure "Run fixit" is checked and click Finish.
The fix will begin; follow the prompts.
You will be asked to reboot your computer; please do so.
Your system may take longer than usual to load,this is normal.

When your system reboots,follow the prompts.
Afterwards, HijackThis will launch.
Please click Scan, and checkmark the following items:

O17 - HKLM\System\CCS\Services\Tcpip\..\{4D274DC2-CFDD-44B7-92AE-8200941CACCF}: NameServer = 85.255.114.44,85.255.112.180
O17 - HKLM\System\CCS\Services\Tcpip\..\{667AA56E-626B-474D-9624-7361DCFFAFBE}: NameServer = 85.255.114.44,85.255.112.180
O17 - HKLM\System\CCS\Services\Tcpip\..\{97384288-C706-43C2-B1D8-8303F3111F09}: NameServer = 85.255.114.44,85.255.112.180
O17 - HKLM\System\CCS\Services\Tcpip\..\{AFA2044E-3C77-4925-AC55-AEBB7D24988D}: NameServer = 85.255.114.44,85.255.112.180
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.114.44 85.255.112.180
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.114.44 85.255.112.180


Click 'Fix Checked'.
Close HijackThis,and click OK to proceed.
At the end of the fix you may need to restart your computer again.

Please post the contents of the logfile C:\fixwareout\report.txt in your next reply,along with a new Hijackthis log please.

Please Note:
Only do the following if you have connection problems after performing the above steps:
Go to Start>Control Panel,and choose 'Network Connections'.
Then right click on your default connection,usually 'Local Area Connection' or 'Dial-up Connection' if you are using Dial-up,then left click on 'Properties'.
Double-click on the 'Internet Protocol (TCP/IP)' item and select the radio button that says: 'Obtain DNS servers Automatically'.
Click OK twice,restart your computer.
Posted Image
Posted Image

#3 emalvo

emalvo
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:11:17 PM

Posted 11 February 2007 - 09:00 PM

[size=3]Thank you so much for replying!

Here's the FixIt file:


Fixwareout
Last edited 1/30/2007
Post this report in the forums please
...
Prerun check
HKLM run and Winlogon System values

System restarted
Reg Entries that were deleted
...
Random Runs removed from HKLM
...

Misc files.

Checking for older varients.

Postrun check
HKLM run
Winlogon System value


PLEASE NOTE, There CAN be LEGITIMATE FILES LISTED IN THIS SECTION.

This WILL/CAN also list Legit Files, Submit them at Virustotal
Search five digit cs, dm kd and jb files.

Current runs

Hosts file was reset, If you use a custom hosts file please replace it


Here's the HijackThis file:



Logfile of HijackThis v1.99.1
Scan saved at 7:54:03 PM, on 2/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\KeyboardSurrogate.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SYSTEM32\WISPTIS.EXE
C:\WINDOWS\System32\tabbtnu.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\Cpqdiag\Cpqdfwag.exe
C:\Program Files\Olympus\DeviceDetector\DM1Service.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
C:\Program Files\Windows Media Player\WMPNetwk.exe
C:\WINDOWS\System32\alg.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\PcScnSrv.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\PccGuide.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\TCServer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\TabTip.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\HPQ\Q Menu\QICON.EXE
C:\Program Files\HPQ\Q Menu\CpqMcSrV.exe
C:\Program Files\Hewlett-Packard\HP Mobile Printing\HPBMOBIL.EXE
C:\WINDOWS\System32\wbem\wmiprvse.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\Administrator\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.hp.com/
R3 - URLSearchHook: Yahoo! Toolbar BETA - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Yahoo! Toolbar BETA - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [TabletTip] "C:\Program Files\Common Files\microsoft shared\ink\tabtip.exe" /resume
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] rundll32.exe nview.dll,nViewLoadHook
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [TabletWizard] C:\WINDOWS\help\SplshWrp.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [Q Menu] C:\Program Files\HPQ\Q Menu\QICON.EXE -QICON
O4 - HKLM\..\Run: [hpqMcSrv] "C:\Program Files\HPQ\Q Menu\CpqMcSrV.exe" /Start
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 2007\pccguide.exe"
O4 - HKLM\..\RunServices: [CPQDFWAG] C:\WINDOWS\Cpqdiag\CpqDfwAg.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [HP Mobile Printing] C:\Program Files\Hewlett-Packard\HP Mobile Printing\HPBMOBIL.EXE
O4 - HKCU\..\Run: [Zinio DLM] C:\Program Files\Zinio\ZDLM.exe /hide
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Device Detector 2.lnk = C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O15 - Trusted Zone: http://*.clinicstation
O15 - Trusted Zone: http://clinicstation.mdacc.tmc.edu
O15 - Trusted IP range: http://143.111.222.240
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://eu-housecall.trendmicro-europe.com/...ivex/hcImpl.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/...nst_current.cab
O16 - DPF: {D50AF668-390B-4D2E-92B8-12289AF33958} (ClinicStationLib.ctlCS) - http://143.111.222.240/ClinicStationLib.CAB
O17 - HKLM\System\CCS\Services\Tcpip\..\{4D274DC2-CFDD-44B7-92AE-8200941CACCF}: NameServer = 85.255.114.44,85.255.112.180
O17 - HKLM\System\CCS\Services\Tcpip\..\{667AA56E-626B-474D-9624-7361DCFFAFBE}: NameServer = 85.255.114.44,85.255.112.180
O17 - HKLM\System\CCS\Services\Tcpip\..\{97384288-C706-43C2-B1D8-8303F3111F09}: NameServer = 85.255.114.44,85.255.112.180
O17 - HKLM\System\CCS\Services\Tcpip\..\{AFA2044E-3C77-4925-AC55-AEBB7D24988D}: NameServer = 85.255.114.44,85.255.112.180
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.114.44 85.255.112.180
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.114.44 85.255.112.180
O20 - Winlogon Notify: loginkey - C:\Program Files\Common Files\Microsoft Shared\Ink\loginkey.dll
O20 - Winlogon Notify: TabBtnWL - C:\WINDOWS\SYSTEM32\TabBtnWL.dll
O20 - Winlogon Notify: tpgwlnotify - C:\WINDOWS\SYSTEM32\tpgwlnot.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Remote Diagnostics Enabling Agent (DfwWebAgent) - Hewlett-Packard - C:\WINDOWS\Cpqdiag\Cpqdfwag.exe
O23 - Service: DM1Service - OLYMPUS Corporation - C:\Program Files\Olympus\DeviceDetector\DM1Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
O23 - Service: Trend Micro Protection Against Spyware (PcScnSrv) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcScnSrv.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe

Thanks Again.

#4 RichieUK

RichieUK

    Malware Assassin


  • Malware Response Team
  • 13,614 posts
  • OFFLINE
  •  
  • Local time:05:17 AM

Posted 11 February 2007 - 09:10 PM

Please download/install AVG Anti-Spyware 7.5.

Please follow these instructions carefully.
Launch/start up AVG Anti-Spyware.
On the main page click the 'Update' tab,and then 'Start Update'.
Once the updates have been installed,do the following:
Select the 'Scanner' icon at the top of the screen, then select the 'Settings' tab.
Once in the 'Settings' screen,under 'How to act?',then under 'Set default action for detected malware to:', click on 'Recommended actions',then click on 'Quarantine'.
Under 'Reports' select 'Automatically generate report after every scan' and unselect 'Only if threats were found'.
Exit AVG Anti-Spyware,don't run the scan just yet.

You might want to print/copy the following as you need to be in Safe Mode from here on.

Reboot your computer into SAFE MODE" using the F8 method.
To do this,restart your computer and after hearing your computer beep once during startup (but before the Windows icon appears) press the F8 key repeatedly.
A menu will appear with several options.
Use the arrow keys on your keyboard to navigate and select the option to run Windows in "Safe Mode".

Have Hijack This fix the following by placing a check in the appropriate boxes and selecting 'Fix checked'.
Make sure all browser and all Windows Explorer windows are closed before fixing:

O17 - HKLM\System\CCS\Services\Tcpip\..\{4D274DC2-CFDD-44B7-92AE-8200941CACCF}: NameServer = 85.255.114.44,85.255.112.180
O17 - HKLM\System\CCS\Services\Tcpip\..\{667AA56E-626B-474D-9624-7361DCFFAFBE}: NameServer = 85.255.114.44,85.255.112.180
O17 - HKLM\System\CCS\Services\Tcpip\..\{97384288-C706-43C2-B1D8-8303F3111F09}: NameServer = 85.255.114.44,85.255.112.180
O17 - HKLM\System\CCS\Services\Tcpip\..\{AFA2044E-3C77-4925-AC55-AEBB7D24988D}: NameServer = 85.255.114.44,85.255.112.180
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.114.44 85.255.112.180
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.114.44 85.255.112.180


Still in Safe Mode launch AVG Anti-Spyware.
Click the 'Scanner' icon at the top.
To start the scan click on 'Complete System Scan'.
Please be patient,it takes a while for the scan to finish.

Once the scan is complete,do the following.
If AVG Anti-Spyware detected any infected objects:,click on 'Apply All Actions'.
Next click on 'Save Report'.
Copy and paste that report into your next reply.
The report can be found under the 'Reports' tab at the top.
Close AVG Anti-Spyware when you've done.
Reboot normally.


Post the AVG Anti Spyware report and a new Hijackthis log into your next reply please.
Let me know how your pc is running now please.
Posted Image
Posted Image

#5 emalvo

emalvo
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:11:17 PM

Posted 11 February 2007 - 11:14 PM

Logfile of HijackThis v1.99.1
Scan saved at 10:07:05 PM, on 2/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\KeyboardSurrogate.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\Cpqdiag\Cpqdfwag.exe
C:\Program Files\Olympus\DeviceDetector\DM1Service.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
C:\Program Files\Windows Media Player\WMPNetwk.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\PcScnSrv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\SYSTEM32\WISPTIS.EXE
C:\WINDOWS\System32\tabbtnu.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\TCServer.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\TabTip.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\PccGuide.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\HPQ\Q Menu\QICON.EXE
C:\Program Files\HPQ\Q Menu\CpqMcSrV.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
C:\Program Files\Hewlett-Packard\HP Mobile Printing\HPBMOBIL.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\QuickTime\QuickTimePlayer.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\PccUpdUI.exe
C:\WINDOWS\system32\dumprep.exe
C:\WINDOWS\system32\dumprep.exe
C:\Documents and Settings\Administrator\Desktop\HijackThis.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\pcclient.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.hp.com/
R3 - URLSearchHook: Yahoo! Toolbar BETA - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Yahoo! Toolbar BETA - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [TabletTip] "C:\Program Files\Common Files\microsoft shared\ink\tabtip.exe" /resume
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] rundll32.exe nview.dll,nViewLoadHook
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [TabletWizard] C:\WINDOWS\help\SplshWrp.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [Q Menu] C:\Program Files\HPQ\Q Menu\QICON.EXE -QICON
O4 - HKLM\..\Run: [hpqMcSrv] "C:\Program Files\HPQ\Q Menu\CpqMcSrV.exe" /Start
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 2007\pccguide.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\RunServices: [CPQDFWAG] C:\WINDOWS\Cpqdiag\CpqDfwAg.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [HP Mobile Printing] C:\Program Files\Hewlett-Packard\HP Mobile Printing\HPBMOBIL.EXE
O4 - HKCU\..\Run: [Zinio DLM] C:\Program Files\Zinio\ZDLM.exe /hide
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Device Detector 2.lnk = C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O15 - Trusted Zone: http://*.clinicstation
O15 - Trusted Zone: http://clinicstation.mdacc.tmc.edu
O15 - Trusted IP range: http://143.111.222.240
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://eu-housecall.trendmicro-europe.com/...ivex/hcImpl.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/...nst_current.cab
O16 - DPF: {D50AF668-390B-4D2E-92B8-12289AF33958} (ClinicStationLib.ctlCS) - http://143.111.222.240/ClinicStationLib.CAB
O20 - Winlogon Notify: loginkey - C:\Program Files\Common Files\Microsoft Shared\Ink\loginkey.dll
O20 - Winlogon Notify: TabBtnWL - C:\WINDOWS\SYSTEM32\TabBtnWL.dll
O20 - Winlogon Notify: tpgwlnotify - C:\WINDOWS\SYSTEM32\tpgwlnot.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Remote Diagnostics Enabling Agent (DfwWebAgent) - Hewlett-Packard - C:\WINDOWS\Cpqdiag\Cpqdfwag.exe
O23 - Service: DM1Service - OLYMPUS Corporation - C:\Program Files\Olympus\DeviceDetector\DM1Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
O23 - Service: Trend Micro Protection Against Spyware (PcScnSrv) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcScnSrv.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe



AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 9:56:14 PM 2/11/2007

+ Scan result:



C:\System Volume Information\_restore{5C698C25-75B8-408B-9541-16068DBADF18}\RP207\A0042136.exe -> Adware.180Solutions : Cleaned.
C:\System Volume Information\_restore{5C698C25-75B8-408B-9541-16068DBADF18}\RP200\A0040053.exe -> Adware.FreeVideo : Cleaned.
C:\Setup.exe -> Backdoor.Hupigon.cge : Cleaned.
C:\WINDOWS\G_Server2006.exe -> Backdoor.Hupigon.cge : Cleaned.
:mozilla.163:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gyuxps8o.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.229:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gyuxps8o.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.365:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gyuxps8o.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.58:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gyuxps8o.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.590:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gyuxps8o.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.6:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gyuxps8o.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.99:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gyuxps8o.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@bookspan.122.2o7 [1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@www.abcsearch[1].txt -> TrackingCookie.Abcsearch : Cleaned.
:mozilla.21:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gyuxps8o.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.22:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gyuxps8o.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.23:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gyuxps8o.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@adbrite[1].txt -> TrackingCookie.Adbrite : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@atdmt[1].txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@bluestreak [2].txt -> TrackingCookie.Bluestreak : Cleaned.
:mozilla.667:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gyuxps8o.default\cookies.txt -> TrackingCookie.Burstbeacon : Cleaned.
:mozilla.65:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gyuxps8o.default\cookies.txt -> TrackingCookie.Com : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@doubleclick [1].txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@enhance[1].txt -> TrackingCookie.Enhance : Cleaned.
:mozilla.85:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gyuxps8o.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.39:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gyuxps8o.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.40:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gyuxps8o.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.41:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gyuxps8o.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.42:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gyuxps8o.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@fastclick [2].txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.713:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gyuxps8o.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.714:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gyuxps8o.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.715:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gyuxps8o.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.716:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gyuxps8o.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.717:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gyuxps8o.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.116:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gyuxps8o.default\cookies.txt -> TrackingCookie.Hotlog : Cleaned.
:mozilla.421:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gyuxps8o.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.422:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gyuxps8o.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.423:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gyuxps8o.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.424:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gyuxps8o.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.425:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gyuxps8o.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.450:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gyuxps8o.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.451:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gyuxps8o.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.863:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gyuxps8o.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.864:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gyuxps8o.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.867:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gyuxps8o.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@sales.liveperson[4].txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.300:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gyuxps8o.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.301:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gyuxps8o.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.302:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gyuxps8o.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.314:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gyuxps8o.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@data1.perf.overture[1].txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@data4.perf.overture [1].txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@perf.overture[1].txt -> TrackingCookie.Overture : Cleaned.
:mozilla.341:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gyuxps8o.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.342:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gyuxps8o.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.373:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gyuxps8o.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.374:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gyuxps8o.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.375:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gyuxps8o.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.376:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gyuxps8o.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.377:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gyuxps8o.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.378:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gyuxps8o.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.394:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gyuxps8o.default\cookies.txt -> TrackingCookie.Revenue : Cleaned.
:mozilla.93:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gyuxps8o.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.94:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gyuxps8o.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.452:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gyuxps8o.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.453:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gyuxps8o.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.454:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gyuxps8o.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.455:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gyuxps8o.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.456:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gyuxps8o.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.24:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gyuxps8o.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.25:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gyuxps8o.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.26:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gyuxps8o.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.27:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gyuxps8o.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.28:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gyuxps8o.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.29:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gyuxps8o.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.580:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gyuxps8o.default\cookies.txt -> TrackingCookie.Starware : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@try.starware[2].txt -> TrackingCookie.Starware : Cleaned.
:mozilla.529:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gyuxps8o.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.530:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gyuxps8o.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.531:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gyuxps8o.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.532:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gyuxps8o.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.533:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gyuxps8o.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.534:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gyuxps8o.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.845:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gyuxps8o.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.848:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gyuxps8o.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@anad.tacoda[2].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@anat.tacoda[2].txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.568:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gyuxps8o.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.569:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gyuxps8o.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.570:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gyuxps8o.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.571:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gyuxps8o.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.572:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gyuxps8o.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.573:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gyuxps8o.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.574:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gyuxps8o.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.577:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gyuxps8o.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.578:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gyuxps8o.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@tribalfusion [1].txt -> TrackingCookie.Tribalfusion : Cleaned.
C:\Documents and Settings\Administrator\Cookies\administrator@statse.webtrendslive[1].txt -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.814:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gyuxps8o.default\cookies.txt -> TrackingCookie.Yadro : Cleaned.
:mozilla.815:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gyuxps8o.default\cookies.txt -> TrackingCookie.Yadro : Cleaned.
:mozilla.839:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gyuxps8o.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.840:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gyuxps8o.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.841:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gyuxps8o.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.


::Report end





--
----Erika

#6 emalvo

emalvo
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:11:17 PM

Posted 11 February 2007 - 11:30 PM

By the Way, I just hit on a link in google and it redirected me again. ARrgghh..I don't understand.

#7 emalvo

emalvo
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:11:17 PM

Posted 11 February 2007 - 11:36 PM

Here a link to one of the websites that popped up. Incidentally, I don't have this problem with Firefox.

http://mov-x-archive.com/%22rick%20rubin%2...;rpt=1&kt=1

#8 RichieUK

RichieUK

    Malware Assassin


  • Malware Response Team
  • 13,614 posts
  • OFFLINE
  •  
  • Local time:05:17 AM

Posted 12 February 2007 - 08:57 AM

Download and run Winsock XP Fix:
http://www.snapfiles.com/get/winsockxpfix.html

***********************

Download HostsXpert 3.8:
http://www.funkytoad.com/download/HostsXpert.zip
1. Extract the zip file to your desktop or a permanent folder on your hard drive.
2. Open the folder and double-click on the Hoster.exe
3. Press "Restore Microsofts Original Hosts File"
4. Press "OK" and exit the program.

Go to:
C:\WINDOWS\System32\drivers\etc\HOSTS.
1) Right-click on the HOSTS file
2) Click Properties
3) You will see a window open. Look at the bottom of the window. To the right of Attributes, check the box that says Read-only.
4) Click Apply/OK.

***********************

Go to Control Panel.
If you are using Windows XP's Category View,select 'Network and Internet Connections',otherwise double click on 'Network Connections'.
Then right click on your default connection, usually local area connection for cable and dsl, and left click on 'Properties'.
Double-click on 'Internet Protocol (TCP/IP)' and select the radio dial that says 'Obtain DNS servers automatically'.
Press OK twice to get out of the properties screen and reboot if it asks.

Do that for every connection listed,reboot when you've finished.
Let me know whats happening now please.
Posted Image
Posted Image

#9 emalvo

emalvo
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:11:17 PM

Posted 12 February 2007 - 07:16 PM

After performing the newest fix, I went in to Yahoo!, did a search for The Eagles.

1. My results -- http://search.yahoo.com/search?p=the+eagle...ss&ei=UTF-8

2. when I clicked on the link for www.philadelphiaeagles.com, I got: http://www.hometeams.com/ went back and then got:

http://www.giftconga.com/path/lp_mg_picdes...mp;xprodid=1427




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users