TechSpot

Homepage redirects to http://search.entru.com/?s=21982

By cainedbutabel
May 7, 2011
  1. Hey, I am new to these forums and this is my first post. I use firefox and every time i open firefox, instead of going to my homepage, it redirects me here: Hyperlink edited out by Bobbye

    I assume I have some sort of virus. what do I need to do to get rid of it? I have run virus scans but nothing seems to get rid of the problem. Do I just need to re format my hard drive? Thanks in advance for any advice.
     
  2. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    Welcome to TechSpot! I'll be glad to help with the redirect. But I need information first:

    Please follow the steps in the Preliminary Virus and Malware Removal thread HERE.

    NOTE: If you already have any of the scanning programs on the computer, please remove them and download the versions in these links.

    When you have finished, leave the logs for review in your next reply .
    NOTE: Logs must be pasted in the replies. Attached logs will not be reviewed.

    Please do not use any other cleaning programs or scans while I'm helping you, unless I direct you to. Do not use a Registry cleaner or make any changes in the Registry.

    I have made note of but am removing the hyperlink you left for the redirect
     
  3. cainedbutabel

    cainedbutabel TS Rookie Topic Starter

    Malwarebytes' Anti-Malware 1.50.1.1100
    www.malwarebytes.org

    Database version: 6528

    Windows 6.1.7600
    Internet Explorer 9.0.8112.16421

    5/7/2011 3:20:39 PM
    mbam-log-2011-05-07 (15-20-39).txt

    Scan type: Quick scan
    Objects scanned: 156224
    Time elapsed: 12 minute(s), 24 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 0
    Registry Values Infected: 0
    Registry Data Items Infected: 0
    Folders Infected: 9
    Files Infected: 0

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    (No malicious items detected)

    Registry Values Infected:
    (No malicious items detected)

    Registry Data Items Infected:
    (No malicious items detected)

    Folders Infected:
    c:\Users\Levi\AppData\Roaming\HBLite (Adware.Hotbar) -> Quarantined and deleted successfully.
    c:\programdata\HBLiteSA (Adware.Hotbar) -> Quarantined and deleted successfully.
    c:\program files\HBLite (Adware.Hotbar) -> Quarantined and deleted successfully.
    c:\program files\HBLite\bin (Adware.Hotbar) -> Quarantined and deleted successfully.
    c:\program files\HBLite\bin\11.0.258.0 (Adware.Hotbar) -> Quarantined and deleted successfully.
    c:\program files\HBLite\bin\11.0.258.0\firefox (Adware.Hotbar) -> Quarantined and deleted successfully.
    c:\program files\HBLite\bin\11.0.258.0\firefox\extensions (Adware.Hotbar) -> Quarantined and deleted successfully.
    c:\program files\HBLite\bin\11.0.258.0\firefox\extensions\plugins (Adware.Hotbar) -> Quarantined and deleted successfully.
    c:\programdata\microsoft\Windows\start menu\Programs\Hotbar (Adware.Hotbar) -> Quarantined and deleted successfully.

    Files Infected:
    (No malicious items detected)


    GMER 1.0.15.15627 - http://www.gmer.net
    Rootkit quick scan 2011-05-07 15:39:44
    Windows 6.1.7600 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 Hitachi_ rev.FB2O
    Running: v38d4met.exe; Driver: C:\Users\Levi\AppData\Local\Temp\kxldapod.sys


    ---- Devices - GMER 1.0.15 ----

    AttachedDevice \FileSystem\Ntfs \Ntfs AVGIDSFilter.Sys (IDS Application Activity Monitor Filter Driver./AVG Technologies CZ, s.r.o. )
    AttachedDevice \Driver\tdx \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
    AttachedDevice \Driver\tdx \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
    AttachedDevice \Driver\tdx \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
    AttachedDevice \Driver\tdx \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
    AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (Kernel Mode Driver Framework Runtime/Microsoft Corporation)
    AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (Kernel Mode Driver Framework Runtime/Microsoft Corporation)

    ---- EOF - GMER 1.0.15 ----


    .
    DDS (Ver_11-03-05.01) - NTFSx86
    Run by Levi at 15:35:17.55 on Sat 05/07/2011
    Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_25
    Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.1915.381 [GMT -5:00]
    .
    AV: AVG Anti-Virus Free Edition 2011 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
    SP: AVG Anti-Virus Free Edition 2011 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    ============== Running Processes ===============
    .
    C:\PROGRA~1\AVG\AVG10\avgchsvx.exe
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\RtkAudioService.exe
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
    C:\Program Files\AVG\AVG10\avgwdsvc.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files\Flip Video\FlipShare\FlipShareService.exe
    C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
    C:\Windows\system32\PnkBstrA.exe
    C:\Windows\system32\PnkBstrB.exe
    C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\Program Files\Sony\VAIO Media plus\SOHCImp.exe
    C:\Program Files\Sony\VAIO Media plus\SOHDms.exe
    C:\Program Files\Sony\VAIO Media plus\SOHDs.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files\ArcSoft\Magic-i Visual Effects\uCamMonitor.exe
    C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
    C:\Program Files\Sony\VAIO Power Management\SPMService.exe
    C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
    C:\Windows\system32\DllHost.exe
    C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
    C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Windows\system32\DRIVERS\xaudio.exe
    C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\system32\igfxext.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe
    C:\Program Files\AVG\AVG10\avgnsx.exe
    C:\Program Files\AVG\AVG10\avgemcx.exe
    C:\Windows\system32\conhost.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
    C:\Program Files\Sony\ISB Utility\ISBMgr.exe
    C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
    C:\Program Files\Sony\VAIO Wireless Wizard\AutoLaunchWLASU.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\AVG\AVG10\avgtray.exe
    C:\Windows\System32\igfxtray.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files\DivX\DivX Update\DivXUpdate.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\Sony Corporation\SmartWi Connection Utility\CCP.exe
    C:\Users\Levi\Program Files\DNA\btdna.exe
    C:\Program Files\Sony\VAIO Media plus\VMpTtray.exe
    C:\Program Files\Sony Corporation\SmartWi Connection Utility\PowerManager.exe
    C:\Program Files\Sony Corporation\SmartWi Connection Utility\ThirdPartyAppMgr.exe
    C:\Program Files\Sony Corporation\SmartWi Connection Utility\UIManager.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
    C:\Windows\System32\alg.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Program Files\ooVoo\ooVoo.exe
    C:\Windows\system32\WUDFHost.exe
    C:\Users\Levi\AppData\Roaming\cacaoweb\cacaoweb.exe
    C:\Windows\system32\taskhost.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Program Files\McAfee Security Scan\2.1.121\SSScheduler.exe
    C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
    C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Windows\system32\DllHost.exe
    C:\PROGRA~1\AVG\AVG10\avgrsx.exe
    C:\Program Files\AVG\AVG10\avgcsrvx.exe
    C:\Program Files\Mozilla Firefox\plugin-container.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Users\Levi\Downloads\dds.scr
    C:\Windows\system32\conhost.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uDefault_Page_URL = hxxp://www.yahoo.com/?fr=fp-yie8
    uDefault_Search_URL = hxxp://www.google.com/ie
    uSearch Bar = hxxp://red.clientapps.yahoo.com/customize/ycomp/defaults/sb/*http://www.yahoo.com/search/ie.html
    uSearch Page = hxxp://red.clientapps.yahoo.com/customize/ycomp/defaults/sp/*http://www.yahoo.com
    uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2233703
    uWindow Title = Windows Internet Explorer provided by Yahoo!
    mDefault_Page_URL = hxxp://www.yahoo.com/?.home=ytie
    mStart Page = hxxp://search.entru.com/?s=21982
    uSearchAssistant = hxxp://www.google.com/ie
    uSearchURL,(Default) = hxxp://red.clientapps.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
    uURLSearchHooks: H - No File
    mURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn4\yt.dll
    BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn4\yt.dll
    BHO: IEPlugin Class: {11222041-111b-46e3-bd29-efb2449479b1} - c:\progra~1\arcsoft\mediac~1\intern~1\ARCURL~1.DLL
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\programdata\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
    BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - c:\program files\divx\divx plus web player\npdivx32.dll
    BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg10\avgssie.dll
    BHO: DivX HiQ: {593ddec6-7468-4cdd-90e1-42dadaa222e9} - c:\program files\divx\divx plus web player\npdivx32.dll
    BHO: PhotoPos Toolbar: {5d0ec45b-d2e4-4dd0-a5b2-69ddefe852a8} - c:\program files\photoposcomtbr\PhotoposComTbrLib.dll
    BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: Search Toolbar: {9d425283-d487-4337-bab6-ab8354a81457} - c:\program files\search toolbar\SearchToolbar.dll
    BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.3.4501.1418\swg.dll
    BHO: MSN Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\msn\toolbar\3.0.0988.2\msneshellx.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn4\YTSingleInstance.dll
    TB: MSN Toolbar: {1e61ed7c-7cb8-49d6-b9e9-ab4c880c8414} - c:\program files\msn\toolbar\3.0.0988.2\msneshellx.dll
    TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn4\yt.dll
    TB: PhotoPos Toolbar: {5d0ec45b-d2e4-4dd0-a5b2-69ddefe852a8} - c:\program files\photoposcomtbr\PhotoposComTbrLib.dll
    TB: Search Toolbar: {9d425283-d487-4337-bab6-ab8354a81457} - c:\program files\search toolbar\SearchToolbar.dll
    TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
    TB: {09EC805C-CB2E-4D53-B0D3-A75A428B81C7} - No File
    uRun: [BitTorrent DNA] "c:\users\levi\program files\dna\btdna.exe"
    uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
    uRun: [VMpTtray.exe] c:\program files\sony\vaio media plus\VMpTtray.exe
    uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
    uRun: [Speech Recognition] "c:\windows\speech\common\sapisvr.exe" -SpeechUX -Startup
    uRun: [Messenger (Yahoo!)] "c:\progra~1\yahoo!\messen~1\YahooMessenger.exe" -quiet
    uRun: [Pando Media Booster] c:\program files\pando networks\media booster\PMB.exe
    uRun: [fsm]
    uRun: [ooVoo.exe] c:\program files\oovoo\oovoo.exe /minimized
    uRun: [cacaoweb] "c:\users\levi\appdata\roaming\cacaoweb\cacaoweb.exe" -noplayer
    mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
    mRun: [RtHDVCpl] RtHDVCpl.exe
    mRun: [Skytel] Skytel.exe
    mRun: [ArcSoft Connection Service] c:\program files\common files\arcsoft\connection service\bin\ACDaemon.exe
    mRun: [ISBMgr.exe] "c:\program files\sony\isb utility\ISBMgr.exe"
    mRun: [SmartWiHelper] "c:\program files\sony corporation\smartwi connection utility\SmartWiHelper.exe" /WindowsStartup
    mRun: [VAIOMyMemCenter] "c:\program files\sony\vaio my memory center\VAIO MyMemCenter.exe" 1
    mRun: [VAIOSurvey] "c:\program files\sony\vaio survey\VAIO Sat Survey.exe"
    mRun: [VWLASU] "c:\program files\sony\vaio wireless wizard\AutoLaunchWLASU.exe"
    mRun: [x3watch] c:\program files\x3watch\x3watch.exe
    mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
    mRun: [AVG_TRAY] c:\program files\avg\avg10\avgtray.exe
    mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
    mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
    mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
    mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
    mRun: [Persistence] c:\windows\system32\igfxpers.exe
    mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
    mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
    mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
    StartupFolder: c:\users\levi\appdata\roaming\microsoft\windows\start menu\programs\startup\e-Speaking Voice and Speech Recognition Software.appref-ms
    StartupFolder: c:\users\levi\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
    StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\2.1.121\SSScheduler.exe
    StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\philip~1.lnk - c:\philips\gogear vibe device manager\GoGear_Vibe_DeviceManager.exe
    mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
    IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
    Trusted Zone: real.com\rhap-app-4-0
    Trusted Zone: real.com\rhapreg
    DPF: {59E937ED-AC7E-407D-B40B-6545B1EECDE7} - hxxp://www.weareautobots.com/ww/plugin/DFusionWeb.Installer.exe
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
    Handler: intu-help-qb1 - {9B0F96C7-2E4B-433e-ABF3-043BA1B54AE3} - c:\program files\intuit\quickbooks 2008\HelpAsyncPluggableProtocol.dll
    Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg10\avgpp.dll
    Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - c:\windows\system32\mscoree.dll
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
    Notify: igfxcui - igfxdev.dll
    Notify: VESWinlogon - VESWinlogon.dll
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - c:\users\levi\appdata\roaming\mozilla\firefox\profiles\e7v2150l.default\
    FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2233703&SearchSource=3&q={searchTerms}
    FF - prefs.js: browser.search.selectedEngine - 4shared Web Search
    FF - prefs.js: browser.startup.homepage - hxxp://search.entru.com/?s=21982
    FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?pc=Z039&form=ZGAADF&q=
    FF - component: c:\program files\avg\avg10\firefox\components\avgssff.dll
    FF - component: c:\program files\avg\avg10\firefox4\components\avgssff4.dll
    FF - component: c:\users\levi\appdata\roaming\mozilla\firefox\profiles\e7v2150l.default\extensions\{fb4ee65d-e8ef-4c39-a90c-dc09966cee93}\components\RadioWMPCore.dll
    FF - component: c:\users\levi\appdata\roaming\mozilla\firefox\profiles\e7v2150l.default\extensions\{fb4ee65d-e8ef-4c39-a90c-dc09966cee93}\components\RadioWMPCoreGecko19.dll
    FF - component: c:\users\levi\appdata\roaming\mozilla\firefox\profiles\e7v2150l.default\extensions\engine@conduit.com\components\RadioWMPCore.dll
    FF - component: c:\users\levi\appdata\roaming\mozilla\firefox\profiles\e7v2150l.default\extensions\engine@conduit.com\components\RadioWMPCoreGecko19.dll
    FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
    FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
    FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
    FF - plugin: c:\program files\google\google updater\2.4.1536.6592\npCIDetect13.dll
    FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
    FF - plugin: c:\program files\google\update\1.3.21.53\npGoogleUpdate3.dll
    FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
    FF - plugin: c:\program files\microsoft silverlight\4.0.60310.0\npctrlui.dll
    FF - plugin: c:\program files\microsoft\office live\npOLW.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npclntax_HBLiteSA.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
    FF - plugin: c:\program files\pando networks\media booster\npPandoWebPlugin.dll
    FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
    FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
    FF - plugin: c:\users\levi\appdata\local\yahoo!\browserplus\2.7.1\plugins\npybrowserplus_2.7.1.dll
    FF - plugin: c:\users\levi\program files\dna\plugins\npbtdna.dll
    .
    ---- FIREFOX POLICIES ----
    FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
    ============= SERVICES / DRIVERS ===============
    .
    R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2010-9-13 25680]
    R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2010-9-7 26064]
    R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2010-12-8 251728]
    R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2010-9-7 34384]
    R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2010-11-12 299984]
    R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-13 48128]
    R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg10\identity protection\agent\bin\AVGIDSAgent.exe [2011-1-6 6128720]
    R2 avgwd;AVG WatchDog;c:\program files\avg\avg10\avgwdsvc.exe [2010-10-22 265400]
    R2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-4-17 11032]
    R2 RtkAudioService;Realtek Audio Service;c:\windows\RTKAUDIOSERVICE.EXE [2008-8-1 104992]
    R2 SOHCImp;VAIO Media plus Content Importer;c:\program files\sony\vaio media plus\SOHCImp.exe [2008-8-21 103712]
    R2 SOHDms;VAIO Media plus Digital Media Server;c:\program files\sony\vaio media plus\SOHDms.exe [2008-8-21 353568]
    R2 SOHDs;VAIO Media plus Device Searcher;c:\program files\sony\vaio media plus\SOHDs.exe [2008-8-21 62752]
    R2 uCamMonitor;CamMonitor;c:\program files\arcsoft\magic-i visual effects\uCamMonitor.exe [2009-3-7 104960]
    R2 VAIO Power Management;VAIO Power Management;c:\program files\sony\vaio power management\SPMService.exe [2008-8-1 411488]
    R2 VCFw;VAIO Content Folder Watcher;c:\program files\common files\sony shared\vaio content folder watcher\VCFw.exe [2008-6-20 415744]
    R2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\sony\vcm intelligent analyzing manager\VcmIAlzMgr.exe [2008-8-21 337184]
    R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\drivers\ArcSoftKsUFilter.sys [2008-8-21 17920]
    R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2010-8-19 123472]
    R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2010-8-19 30288]
    R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2010-8-19 21072]
    R3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [2008-8-1 9344]
    R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\drivers\yk62x86.sys [2009-7-13 311296]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 gupdate1c9a51410e31172;Google Update Service (gupdate1c9a51410e31172);c:\program files\google\update\GoogleUpdate.exe [2009-3-14 133104]
    S2 MSMQSVC;Message Queuing Service;c:\windows\system32\mqsv32.exe --> c:\windows\system32\mqsv32.exe [?]
    S3 apf001;apf001;c:\game\softnyxgame\gunboundis\apf001.sys [2011-1-13 10872]
    S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
    S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2009-3-14 133104]
    S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\2.1.121\McCHSvc.exe [2010-9-3 227232]
    S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [2011-2-22 27192]
    S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\common files\sony shared\vcmxml\VcmXmlIfHelper.exe [2008-8-21 83232]
    S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-3-3 1343400]
    .
    =============== Created Last 30 ================
    .
    2011-05-07 20:07:13 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2011-05-07 20:07:09 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
    2011-05-07 20:07:08 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2011-05-07 17:10:05 -------- d-----w- c:\users\levi\appdata\local\{E13C2090-377E-4A7D-8F08-BA81F42D447A}
    2011-05-07 04:47:18 -------- d-----w- c:\users\levi\appdata\roaming\Malwarebytes
    2011-05-07 04:46:59 -------- d-----w- c:\progra~2\Malwarebytes
    2011-05-07 04:38:50 -------- d-----w- c:\users\levi\appdata\local\{4406015E-9FD2-429C-95CE-D46748D6D51F}
    2011-05-06 19:25:52 -------- d-----w- c:\users\levi\appdata\local\{1CF18D71-F798-4131-B478-9217FD890506}
    2011-05-06 00:25:42 -------- d-----w- c:\users\levi\appdata\local\{87112C80-4487-4211-B353-C8952937B55A}
    2011-05-05 07:00:34 -------- d-----w- c:\users\levi\appdata\local\{292D2096-A040-4210-84B8-F3961D7F4E7D}
    2011-05-05 05:43:00 -------- d-----w- c:\program files\Activision Value
    2011-05-05 04:44:07 -------- d-----w- c:\program files\18 WoS Across America
    2011-05-04 18:08:59 -------- d-----w- c:\users\levi\appdata\local\{76934BF4-C347-4F38-A8E7-06A838CE7CA2}
    2011-05-04 15:50:03 -------- d-----w- c:\users\levi\appdata\local\{4E32A30B-F174-4333-B614-6C77D2558E50}
    2011-05-03 20:53:42 -------- d-----w- c:\users\levi\appdata\local\{E7CD5CDF-E13F-4D09-88E7-3C79EF011921}
    2011-05-02 06:56:59 -------- d-----w- c:\users\levi\appdata\local\{284E2E8A-06B9-484D-BE70-EE1FCA819F49}
    2011-05-01 15:29:50 -------- d-----w- c:\users\levi\appdata\local\{25155021-340C-46C5-9B19-8333C702D23A}
    2011-04-30 16:51:53 -------- d-----w- c:\users\levi\appdata\local\{06FF731E-58D2-4069-95B6-AAF335A4AEFE}
    2011-04-29 21:24:30 -------- d-----w- c:\users\levi\appdata\local\{12C8D5D6-1EDA-4E7C-963B-7EDD2CC5FC80}
    2011-04-29 21:23:34 -------- d-----w- c:\users\levi\appdata\local\{D26D130D-548D-433A-9CED-BAD1E9A8CC07}
    2011-04-29 00:01:06 -------- d-----w- c:\users\levi\appdata\local\{99DA92C3-EDD1-4D17-85B3-03A359ACE52F}
    2011-04-27 23:19:59 -------- d-----w- c:\users\levi\appdata\local\{AFC4ED71-AD42-46F9-90B6-FA75AEB41CD2}
    2011-04-27 13:46:41 -------- d-----w- c:\users\levi\appdata\local\{63E2901C-2A80-4C65-95AF-4ED7971A93D3}
    2011-04-27 01:50:41 -------- d-----w- c:\users\levi\appdata\roaming\ooVoo Details
    2011-04-27 01:48:13 -------- d-----w- c:\program files\ooVoo
    2011-04-27 01:41:30 -------- d-----w- c:\users\levi\appdata\local\{07275164-B329-446B-A726-722C03F29B4D}
    2011-04-26 04:11:20 -------- d-----w- c:\users\levi\appdata\local\{CBB0EB62-43AE-4BFA-BE36-A604038CCE2D}
    2011-04-24 23:54:14 -------- d-----w- c:\users\levi\appdata\local\{CB5F2CFC-558B-43CD-9F88-EFA2C907D3E3}
    2011-04-23 23:49:06 -------- d-----w- c:\users\levi\appdata\local\{A483EF7B-6922-41EA-9061-0FB051898963}
    2011-04-23 07:35:20 -------- d-----w- c:\users\levi\appdata\local\{D7285F02-431F-409A-8020-6939F4BF142B}
    2011-04-23 06:15:57 -------- d-----w- c:\users\levi\appdata\local\DDMSettings
    2011-04-23 05:06:42 -------- d-----w- c:\progra~2\DivX
    2011-04-22 18:47:59 -------- d-----w- c:\users\levi\appdata\local\{1E5337C1-23FF-4019-B1F5-F48A51B84549}
    2011-04-22 18:47:13 -------- d-----w- c:\users\levi\appdata\local\{4F3A0594-39EE-4D85-9A6F-0B99CFC03E2D}
    2011-04-22 04:36:30 -------- d-----w- c:\users\levi\appdata\local\{34F69EE7-7908-4366-83BD-A37F1E8ED2DA}
    2011-04-21 21:59:30 -------- d-----w- C:\Games
    2011-04-21 15:04:30 -------- d-----w- c:\users\levi\appdata\local\{93330009-9D92-4055-A6FA-7A528B233A65}
    2011-04-20 22:01:17 -------- d-----w- c:\users\levi\appdata\local\{114C51EE-B2A8-4A27-978F-EE78676E78F3}
    2011-04-20 19:47:16 -------- d-----w- c:\users\levi\appdata\local\{A8797423-9E86-408D-85D4-62D51CF9CE17}
    2011-04-20 15:49:33 -------- d-----w- c:\users\levi\appdata\roaming\cacaoweb
    2011-04-19 15:07:55 -------- d-----w- c:\users\levi\appdata\local\{644A5265-E148-49DB-8D4E-112B47B32B6E}
    2011-04-18 21:07:44 -------- d-----w- c:\users\levi\appdata\local\{37689E11-E35B-4899-ABC0-1B07FF3365F6}
    2011-04-18 14:12:57 -------- d-----w- c:\users\levi\appdata\local\{CDB23EA9-D4AB-49C5-AF80-FBCFCB8AAA7D}
    2011-04-17 03:22:35 -------- d-----w- c:\users\levi\appdata\local\{02F3B16E-ABA8-499E-8B86-0072E80DE935}
    2011-04-16 22:30:47 -------- d-----w- c:\users\levi\appdata\local\{E1AD072F-2F69-433B-A4CC-A9407C33DE6A}
    2011-04-16 03:35:42 -------- d-----w- c:\users\levi\appdata\local\{71798976-17FA-446D-8967-31ADB45CD3AC}
    2011-04-15 15:05:26 -------- d-----w- c:\windows\Panther
    2011-04-15 14:26:58 -------- d-----w- c:\users\levi\appdata\local\{2B984BB9-A86F-4126-B955-C2AA66EB14B2}
    2011-04-14 08:39:02 103864 ----a-w- c:\program files\mozilla firefox\plugins\nppdf32.dll
    2011-04-14 08:39:02 103864 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll
    2011-04-14 03:14:49 221696 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
    2011-04-14 03:14:48 95744 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
    2011-04-14 03:14:48 69632 ----a-w- c:\windows\system32\drivers\bowser.sys
    2011-04-14 03:14:48 123392 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
    2011-04-14 03:14:42 309760 ----a-w- c:\windows\system32\drivers\srv2.sys
    2011-04-14 03:14:41 311296 ----a-w- c:\windows\system32\drivers\srv.sys
    2011-04-14 03:14:41 113664 ----a-w- c:\windows\system32\drivers\srvnet.sys
    2011-04-14 03:14:35 28672 ----a-w- c:\windows\system32\dnscacheugc.exe
    2011-04-14 03:14:35 132608 ----a-w- c:\windows\system32\dnsrslvr.dll
    2011-04-14 03:14:32 294912 ----a-w- c:\windows\system32\atmfd.dll
    2011-04-14 03:14:31 34304 ----a-w- c:\windows\system32\atmlib.dll
    2011-04-14 03:13:31 2331136 ----a-w- c:\windows\system32\win32k.sys
    2011-04-14 03:13:26 191488 ----a-w- c:\windows\system32\FXSCOVER.exe
    2011-04-14 03:13:23 288256 ----a-w- c:\windows\system32\XpsGdiConverter.dll
    2011-04-14 03:13:19 740864 ----a-w- c:\windows\system32\inetcomm.dll
    2011-04-14 03:13:13 1137664 ----a-w- c:\windows\system32\mfc42.dll
    2011-04-14 03:13:12 1164288 ----a-w- c:\windows\system32\mfc42u.dll
    2011-04-13 23:02:03 -------- d-----w- c:\users\levi\appdata\local\{10B7E8A7-BBE6-43E8-9A16-232FF9B32150}
    2011-04-13 23:00:09 -------- d-----w- c:\users\levi\appdata\local\{1D7C4767-273E-49C0-9863-5917F49DFD2C}
    2011-04-13 22:56:56 -------- d-----w- c:\users\levi\appdata\local\{E9DA2EB0-C3D3-413C-960A-FB5531C9ECC1}
    2011-04-11 16:56:17 -------- d-----w- c:\users\levi\appdata\local\{09A40AB3-B466-49E9-AB9B-6400ABE58AAB}
    2011-04-10 14:46:42 -------- d-----w- c:\users\levi\appdata\local\{65C446B7-7A18-4A2F-B94A-849CAAE29B37}
    2011-04-09 16:59:14 -------- d-----w- c:\users\levi\appdata\local\{4F072E88-3FDE-4752-94FA-2EE54911813C}
    2011-04-08 03:45:29 -------- d-----w- c:\users\levi\appdata\local\{AD336D53-A82B-41C1-BC47-87329D1587D9}
    .
    ==================== Find3M ====================
    .
    2011-04-15 14:51:02 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
    2011-04-15 14:51:01 161792 ----a-w- c:\windows\system32\msls31.dll
    2011-04-15 14:51:01 1126912 ----a-w- c:\windows\system32\wininet.dll
    2011-04-15 14:51:00 86528 ----a-w- c:\windows\system32\iesysprep.dll
    2011-04-15 14:51:00 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
    2011-04-15 14:51:00 48640 ----a-w- c:\windows\system32\mshtmler.dll
    2011-04-15 14:51:00 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
    2011-04-14 10:07:59 472808 ----a-w- c:\windows\system32\deployJava1.dll
    2011-03-12 11:31:58 442880 ----a-w- c:\windows\system32\XpsPrint.dll
    2011-03-11 05:39:35 1686016 ----a-w- c:\windows\system32\esent.dll
    2011-03-11 05:37:34 74240 ----a-w- c:\windows\system32\fsutil.exe
    2011-03-03 00:04:10 98304 ----a-w- c:\windows\system32\CmdLineExt.dll
    2011-02-26 05:33:07 2614784 ----a-w- c:\windows\explorer.exe
    2011-02-19 05:33:11 802304 ----a-w- c:\windows\system32\FntCache.dll
    2011-02-19 05:32:48 1074176 ----a-w- c:\windows\system32\DWrite.dll
    2011-02-19 05:32:35 739840 ----a-w- c:\windows\system32\d2d1.dll
    2011-02-18 05:33:29 31232 ----a-w- c:\windows\system32\prevhost.exe
    .
    ============= FINISH: 15:36:46.07 ===============


    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_11-03-05.01)
    .
    Microsoft Windows 7 Home Premium
    Boot Device: \Device\HarddiskVolume2
    Install Date: 12/14/2009 1:09:45 AM
    System Uptime: 5/7/2011 2:57:53 PM (1 hours ago)
    .
    Motherboard: Sony Corporation | | VAIO
    Processor: Intel(R) Pentium(R) Dual CPU T3200 @ 2.00GHz | N/A | 2000/166mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 140 GiB total, 18.946 GiB free.
    D: is Removable
    E: is Removable
    F: is CDROM (CDFS)
    .
    ==== Disabled Device Manager Items =============
    .
    ==== System Restore Points ===================
    .
    RP228: 4/15/2011 9:34:44 AM - Windows Update
    RP229: 4/19/2011 10:18:07 AM - Windows Update
    RP231: 4/21/2011 5:25:25 PM - Installed DirectX
    RP232: 4/22/2011 3:00:24 AM - Windows Update
    RP233: 4/27/2011 3:00:58 AM - Windows Update
    RP234: 4/28/2011 3:00:30 AM - Windows Update
    RP235: 5/2/2011 5:12:35 PM - Installed Java(TM) 6 Update 25
    RP237: 5/4/2011 11:27:39 PM - Removed Star Wars(R) Knights of the Old Republic(R) II: The SithÄ,öp‰’
    RP239: 5/4/2011 11:42:19 PM - Installed 18 WoS Across America
    .
    ==== Installed Programs ======================
    .
    .
    Update for Microsoft Office 2007 (KB2508958)
    18 WoS Across America
    3ivx MPEG-4 5.0.3 (remove only)
    Acrobat.com
    Adobe AIR
    Adobe Flash Player 10 ActiveX
    Adobe Flash Player 10 Plugin
    Adobe Reader 9.4.4
    Adobe Shockwave Player 11
    Age of Empires II & The Conquerors Expansion
    AnalogX AutoTune
    AP Tuner 3.08
    Apple Mobile Device Support
    Apple Software Update
    ArcSoft Magic-i Visual Effects
    ArcSoft WebCam Companion 2
    Auto-Tune EFX VST
    AVG 2011
    AVG PC Tuneup 2011
    BitZipper 2009
    Bonjour
    Cabela's Big Game Hunter 2004 Season
    Click to Disc
    Click to Disc Editor
    Compatibility Pack for the 2007 Office system
    D3DX10
    DivX Converter
    DivX Plus DirectShow Filters
    DivX Setup
    DivX Version Checker
    DNA
    FlipShare
    GIMP 2.6.7
    GoGear VIBE Device Manager
    Google Earth
    Google Update Helper
    Google Updater
    Graboid Video 2.01
    GunboundIS
    HDAUDIO SoftV92 Data Fax Modem with SmartCP
    Intel(R) Graphics Media Accelerator Driver
    Interlok driver setup x32
    iTunes
    Java Auto Updater
    Java(TM) 6 Update 25
    Java(TM) SE Runtime Environment 6
    Launchpad Enhanced
    Lux Delux 5.72
    Lux Delux 6.06
    Magic ISO Maker v5.5 (build 0276)
    Malwarebytes' Anti-Malware
    McAfee Security Scan Plus
    Media Converter for Philips
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1 Security Update (KB953297)
    Microsoft .NET Framework 4 Client Profile
    Microsoft Age of Empires II
    Microsoft Age of Empires II Trial Version
    Microsoft Age of Empires II: The Conquerors Expansion
    Microsoft Application Error Reporting
    Microsoft Office 2007 Service Pack 2 (SP2)
    Microsoft Office Excel MUI (English) 2007
    Microsoft Office Home and Student 2007
    Microsoft Office Live Add-in 1.5
    Microsoft Office OneNote MUI (English) 2007
    Microsoft Office PowerPoint MUI (English) 2007
    Microsoft Office PowerPoint Viewer 2007 (English)
    Microsoft Office Proof (English) 2007
    Microsoft Office Proof (French) 2007
    Microsoft Office Proof (Spanish) 2007
    Microsoft Office Proofing (English) 2007
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    Microsoft Office Shared MUI (English) 2007
    Microsoft Office Shared Setup Metadata MUI (English) 2007
    Microsoft Office Word MUI (English) 2007
    Microsoft Search Enhancement Pack
    Microsoft Silverlight
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft WorldWide Telescope
    MobileMe Control Panel
    Mozilla Firefox 4.0.1 (x86 en-US)
    Mozilla Firefox 4.0b7 (x86 en-US)
    MSN Toolbar
    MSVCRT
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    MSXML 4.0 SP2 Parser and SDK
    Music Transfer
    OGA Notifier 2.0.0048.0
    ooVoo
    OpenMG Secure Module 5.1.00
    Pando Media Booster
    PCFriendly
    Photo Pos Pro
    Photopos Toolbar (Remove Toolbar Only)
    Picasa 3
    Primo
    PunkBuster Services
    QuickBooks Simple Start 2008
    QuickTime
    RealPlayer
    Realtek High Definition Audio Driver
    RealUpgrade 1.0
    Revo Uninstaller Pro 2.5.1
    Rhapsody
    Roxio Central Audio
    Roxio Central Copy
    Roxio Central Core
    Roxio Central Data
    Roxio Central Tools
    Roxio Easy Media Creator 10 LJ
    Roxio Easy Media Creator Home
    Search Toolbar
    Security Update for 2007 Microsoft Office System (KB2288621)
    Security Update for 2007 Microsoft Office System (KB2288931)
    Security Update for 2007 Microsoft Office System (KB2345043)
    Security Update for 2007 Microsoft Office System (KB2466156)
    Security Update for 2007 Microsoft Office System (KB2509488)
    Security Update for 2007 Microsoft Office System (KB969559)
    Security Update for 2007 Microsoft Office System (KB976321)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
    Security Update for Microsoft Office Excel 2007 (KB2464583)
    Security Update for Microsoft Office InfoPath 2007 (KB979441)
    Security Update for Microsoft Office PowerPoint 2007 (KB2464594)
    Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)
    Security Update for Microsoft Office system 2007 (972581)
    Security Update for Microsoft Office system 2007 (KB974234)
    Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
    Security Update for Microsoft Office Word 2007 (KB2344993)
    Setting Utility Series
    Smart Defrag 1.20
    SmartWi Connection Utility
    Software Informer 1.0 BETA
    Sony Picture Utility
    Sony Video Shared Library
    Spelling Dictionaries Support For Adobe Reader 9
    Star Wars Galaxies: The Total Experience
    SupportSoft Assisted Service
    Synaptics Pointing Device Driver
    System Requirements Lab
    Update for 2007 Microsoft Office System (KB967642)
    Update for Microsoft Office 2007 Help for Common Features (KB963673)
    Update for Microsoft Office Excel 2007 Help (KB963678)
    Update for Microsoft Office OneNote 2007 (KB980729)
    Update for Microsoft Office OneNote 2007 Help (KB963670)
    Update for Microsoft Office Powerpoint 2007 Help (KB963669)
    Update for Microsoft Office Script Editor Help (KB963671)
    Update for Microsoft Office Word 2007 Help (KB963665)
    VAIO Care
    VAIO Content Folder Setting
    VAIO Content Metadata Intelligent Analyzing Manager
    VAIO Content Metadata Manager Setting
    VAIO Content Metadata XML Interface Library
    VAIO Control Center
    VAIO Data Restore Tool
    VAIO DVD Menu Data Basic
    VAIO Entertainment Platform
    VAIO Event Service
    VAIO Help and Support
    VAIO Launcher
    VAIO Media plus
    VAIO Movie Story
    VAIO Movie Story Template Data
    VAIO MusicBox
    VAIO MusicBox Sample Music
    VAIO My Memory Center
    VAIO OOBE and Welcome Center
    VAIO Original Function Setting
    VAIO Power Management
    VAIO Presentation Support
    VAIO Startup Assistant
    VAIO Survey
    VAIO Update 4
    VAIO Wallpaper Contents
    VAIO Wireless Wizard
    VC80CRTRedist - 8.0.50727.4053
    VLC media player 1.0.1
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live ID Sign-in Assistant
    Windows Live Installer
    Windows Live Messenger
    Windows Live Movie Maker
    Windows Live OneCare safety scanner
    Windows Live Photo Common
    Windows Live Photo Gallery
    Windows Live PIMT Platform
    Windows Live SOXE
    Windows Live SOXE Definitions
    Windows Live Sync
    Windows Live UX Platform
    Windows Live UX Platform Language Pack
    Windows Live Writer
    Windows Live Writer Resources
    Windows Media Player Firefox Plugin
    WinDVD for VAIO
    WinRAR archiver
    World of Tanks v.0.6.3.11
    Yahoo! Anti-Spy
    Yahoo! BrowserPlus 2.7.1
    Yahoo! Messenger
    Yahoo! Software Update
    Yahoo! Toolbar
    .
    ==== Event Viewer Messages From Past Week ========
    .
    5/7/2011 3:35:16 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {078AEF33-C48A-49F7-AFF3-A0EE810BFE7C} and APPID Unavailable to the user NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
    5/7/2011 3:17:40 PM, Error: Microsoft-Windows-SharedAccess_NAT [31004] - The DNS proxy agent was unable to allocate 0 bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error.
    5/7/2011 2:58:45 PM, Error: Service Control Manager [7000] - The atksgt service failed to start due to the following error: This driver has been blocked from loading
    5/7/2011 2:58:45 PM, Error: Application Popup [875] - Driver atksgt.sys has been blocked from loading.
    5/7/2011 2:37:01 PM, Error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{B29DB9AA-420D-49EB-9035-AA545CCBC678} because another computer on the network has the same name. The server could not start.
    5/7/2011 12:14:06 PM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.
    5/7/2011 11:03:13 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.
    5/6/2011 8:13:56 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the VzCdbSvc service.
    5/6/2011 3:37:44 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the FlipShare Service service.
    5/5/2011 7:26:43 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
    5/5/2011 7:26:43 PM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    5/5/2011 7:26:43 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
    5/4/2011 7:29:40 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Yahoo! Updater service to connect.
    5/4/2011 7:29:40 PM, Error: Service Control Manager [7000] - The Yahoo! Updater service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    5/4/2011 10:51:18 AM, Error: Service Control Manager [7022] - The Windows Search service hung on starting.
    5/3/2011 3:49:42 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the avgwd service.
    5/3/2011 1:51:07 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SOHDms service.
    5/2/2011 11:03:45 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
    5/1/2011 10:30:44 AM, Error: Service Control Manager [7022] - The VAIO Media plus Digital Media Server service hung on starting.
    4/30/2011 1:31:36 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.
    .
    ==== End Of File ===========================
     
  4. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    Okay, a good thing- I can see the bad page and can reset it with script you'll run after Combofix.

    You will have to remove AVG to run Combofix. Download AppRemover and save to the desktop
    How to Use AppRemover to Remove a Complete Security Application
    1. Double click the setup on the desktop> click Next
    2. Select “Remove Security Application”
    3. Let scan finish to determine security apps
    4. A screen like below will appear:
      http://www.appremover.com/about/chooseuninstall.gif/image_preview[/img[*] Click on [b]Next[/b] after choice has been made
      [*] Check the AVG program you want to uninstall
      [*] After uninstall shows complete, follow online prompts to Exit the program.[/list]

      [B]Temporary AV:[/B]
      [url=http://download.cnet.com/Avira-AntiVir-Personal-Free-Antivirus/3000-2239_4-10322935.html?part=dl-10322935&subj=dl&tag=button&cdlPid=11012914][b][color=blue]Avira-AntiVir-Personal-Free-Antivirus[/b][/color][/url]
      [URL="http://download.cnet.com/Avast-Free-Antivirus/3000-2239_4-10019223.html?part=dl-85737&subj=dl&tag=button"][B][COLOR="RoyalBlue"]Avast Free Version[/COLOR][/B][/URL]
      ===================================
      Please note: If you have Combofix on the desktop already, please uninstall it. The download the current version and do the scan: Uninstall directions [B]if needed[/B][list]
      [*] Click START> then RUN
      [*] Now type [b]Combofix /Uninstall[/b] in the runbox and click OK. Note the space between the X and the U, it needs to be there.[/list]
      ----------
      [b]Download Combofix from [url=http://www.bleepingcomputer.com/download/anti-virus/combofix]HERE[/url] or [url=http://www.forospyware.com/sUBs/ComboFix.exe]HERE[/b][/url] and save to the desktop[list]
      [*]Double click combofix.exe & follow the prompts.
      [*] ComboFix will check to see if the Microsoft Windows Recovery Console is installed. It is recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode if needed.
      [b]**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.[/b]
      [*]Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
      [*]Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:
      [img]http://img.photobucket.com/albums/v706/ried7/whatnext.png
    5. .Click on Yes, to continue scanning for malware
    6. .If Combofix asks you to update the program, allow
    7. .Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
    8. .Close any open browsers.
    9. .Double click combofix.exe[​IMG] & follow the prompts to run.
    10. When the scan completes , a report will be generated-it will open a text window. Please paste the C:\ComboFix.txt in next reply..
    Re-enable your Antivirus software.
    Notes:
    1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
    2. ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser.
    3. Combofix prevents autorun of ALL CD, floppy and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell your helper.
    4. CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.
     
  5. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    Did you install the Perfect Keylogger as plugins on both Internet Explorer and Firefox browsers?

    Are you having any connection problems? I not many timeout errors in the log.
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...