Inactive Homepage redirects to http://search.entru.com/?s=21982

[cainedbutabel]

Hey, I am new to these forums and this is my first post. I use firefox and every time i open firefox, instead of going to my homepage, it redirects me here: Hyperlink edited out by Bobbye

I assume I have some sort of virus. what do I need to do to get rid of it? I have run virus scans but nothing seems to get rid of the problem. Do I just need to re format my hard drive? Thanks in advance for any advice.

 

[Bobbye]

Welcome to TechSpot! I'll be glad to help with the redirect. But I need information first:

Please follow the steps in the Preliminary Virus and Malware Removal thread HERE.

NOTE: If you already have any of the scanning programs on the computer, please remove them and download the versions in these links.

When you have finished, leave the logs for review in your next reply .
NOTE: Logs must be pasted in the replies. Attached logs will not be reviewed.

Please do not use any other cleaning programs or scans while I'm helping you, unless I direct you to. Do not use a Registry cleaner or make any changes in the Registry.

I have made note of but am removing the hyperlink you left for the redirect

 

[cainedbutabel]

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 6528

Windows 6.1.7600
Internet Explorer 9.0.8112.16421

5/7/2011 3:20:39 PM
mbam-log-2011-05-07 (15-20-39).txt

Scan type: Quick scan
Objects scanned: 156224
Time elapsed: 12 minute(s), 24 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 9
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
c:\Users\Levi\AppData\Roaming\HBLite (Adware.Hotbar) -> Quarantined and deleted successfully.
c:\programdata\HBLiteSA (Adware.Hotbar) -> Quarantined and deleted successfully.
c:\program files\HBLite (Adware.Hotbar) -> Quarantined and deleted successfully.
c:\program files\HBLite\bin (Adware.Hotbar) -> Quarantined and deleted successfully.
c:\program files\HBLite\bin\11.0.258.0 (Adware.Hotbar) -> Quarantined and deleted successfully.
c:\program files\HBLite\bin\11.0.258.0\firefox (Adware.Hotbar) -> Quarantined and deleted successfully.
c:\program files\HBLite\bin\11.0.258.0\firefox\extensions (Adware.Hotbar) -> Quarantined and deleted successfully.
c:\program files\HBLite\bin\11.0.258.0\firefox\extensions\plugins (Adware.Hotbar) -> Quarantined and deleted successfully.
c:\programdata\microsoft\Windows\start menu\Programs\Hotbar (Adware.Hotbar) -> Quarantined and deleted successfully.

Files Infected:
(No malicious items detected)


GMER 1.0.15.15627 - http://www.gmer.net
Rootkit quick scan 2011-05-07 15:39:44
Windows 6.1.7600 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 Hitachi_ rev.FB2O
Running: v38d4met.exe; Driver: C:\Users\Levi\AppData\Local\Temp\kxldapod.sys


---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Ntfs \Ntfs AVGIDSFilter.Sys (IDS Application Activity Monitor Filter Driver./AVG Technologies CZ, s.r.o. )
AttachedDevice \Driver\tdx \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\tdx \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\tdx \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\tdx \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (Kernel Mode Driver Framework Runtime/Microsoft Corporation)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (Kernel Mode Driver Framework Runtime/Microsoft Corporation)

---- EOF - GMER 1.0.15 ----


.
DDS (Ver_11-03-05.01) - NTFSx86
Run by Levi at 15:35:17.55 on Sat 05/07/2011
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_25
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.1915.381 [GMT -5:00]
.
AV: AVG Anti-Virus Free Edition 2011 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2011 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\PROGRA~1\AVG\AVG10\avgchsvx.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\RtkAudioService.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\AVG\AVG10\avgwdsvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Flip Video\FlipShare\FlipShareService.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Windows\system32\PnkBstrA.exe
C:\Windows\system32\PnkBstrB.exe
C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Sony\VAIO Media plus\SOHCImp.exe
C:\Program Files\Sony\VAIO Media plus\SOHDms.exe
C:\Program Files\Sony\VAIO Media plus\SOHDs.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\ArcSoft\Magic-i Visual Effects\uCamMonitor.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Sony\VAIO Power Management\SPMService.exe
C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\igfxext.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe
C:\Program Files\AVG\AVG10\avgnsx.exe
C:\Program Files\AVG\AVG10\avgemcx.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
C:\Program Files\Sony\VAIO Wireless Wizard\AutoLaunchWLASU.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\AVG\AVG10\avgtray.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Sony Corporation\SmartWi Connection Utility\CCP.exe
C:\Users\Levi\Program Files\DNA\btdna.exe
C:\Program Files\Sony\VAIO Media plus\VMpTtray.exe
C:\Program Files\Sony Corporation\SmartWi Connection Utility\PowerManager.exe
C:\Program Files\Sony Corporation\SmartWi Connection Utility\ThirdPartyAppMgr.exe
C:\Program Files\Sony Corporation\SmartWi Connection Utility\UIManager.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Windows\System32\alg.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\ooVoo\ooVoo.exe
C:\Windows\system32\WUDFHost.exe
C:\Users\Levi\AppData\Roaming\cacaoweb\cacaoweb.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\McAfee Security Scan\2.1.121\SSScheduler.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\DllHost.exe
C:\PROGRA~1\AVG\AVG10\avgrsx.exe
C:\Program Files\AVG\AVG10\avgcsrvx.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Levi\Downloads\dds.scr
C:\Windows\system32\conhost.exe
.
============== Pseudo HJT Report ===============
.
uDefault_Page_URL = hxxp://www.yahoo.com/?fr=fp-yie8
uDefault_Search_URL = hxxp://www.google.com/ie
uSearch Bar = hxxp://red.clientapps.yahoo.com/customize/ycomp/defaults/sb/*http://www.yahoo.com/search/ie.html
uSearch Page = hxxp://red.clientapps.yahoo.com/customize/ycomp/defaults/sp/*http://www.yahoo.com
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2233703
uWindow Title = Windows Internet Explorer provided by Yahoo!
mDefault_Page_URL = hxxp://www.yahoo.com/?.home=ytie
mStart Page = hxxp://search.entru.com/?s=21982
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://red.clientapps.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
uURLSearchHooks: H - No File
mURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn4\yt.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn4\yt.dll
BHO: IEPlugin Class: {11222041-111b-46e3-bd29-efb2449479b1} - c:\progra~1\arcsoft\mediac~1\intern~1\ARCURL~1.DLL
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\programdata\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - c:\program files\divx\divx plus web player\npdivx32.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg10\avgssie.dll
BHO: DivX HiQ: {593ddec6-7468-4cdd-90e1-42dadaa222e9} - c:\program files\divx\divx plus web player\npdivx32.dll
BHO: PhotoPos Toolbar: {5d0ec45b-d2e4-4dd0-a5b2-69ddefe852a8} - c:\program files\photoposcomtbr\PhotoposComTbrLib.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Search Toolbar: {9d425283-d487-4337-bab6-ab8354a81457} - c:\program files\search toolbar\SearchToolbar.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.3.4501.1418\swg.dll
BHO: MSN Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\msn\toolbar\3.0.0988.2\msneshellx.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn4\YTSingleInstance.dll
TB: MSN Toolbar: {1e61ed7c-7cb8-49d6-b9e9-ab4c880c8414} - c:\program files\msn\toolbar\3.0.0988.2\msneshellx.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn4\yt.dll
TB: PhotoPos Toolbar: {5d0ec45b-d2e4-4dd0-a5b2-69ddefe852a8} - c:\program files\photoposcomtbr\PhotoposComTbrLib.dll
TB: Search Toolbar: {9d425283-d487-4337-bab6-ab8354a81457} - c:\program files\search toolbar\SearchToolbar.dll
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB: {09EC805C-CB2E-4D53-B0D3-A75A428B81C7} - No File
uRun: [BitTorrent DNA] "c:\users\levi\program files\dna\btdna.exe"
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [VMpTtray.exe] c:\program files\sony\vaio media plus\VMpTtray.exe
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [Speech Recognition] "c:\windows\speech\common\sapisvr.exe" -SpeechUX -Startup
uRun: [Messenger (Yahoo!)] "c:\progra~1\yahoo!\messen~1\YahooMessenger.exe" -quiet
uRun: [Pando Media Booster] c:\program files\pando networks\media booster\PMB.exe
uRun: [fsm]
uRun: [ooVoo.exe] c:\program files\oovoo\oovoo.exe /minimized
uRun: [cacaoweb] "c:\users\levi\appdata\roaming\cacaoweb\cacaoweb.exe" -noplayer
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [Skytel] Skytel.exe
mRun: [ArcSoft Connection Service] c:\program files\common files\arcsoft\connection service\bin\ACDaemon.exe
mRun: [ISBMgr.exe] "c:\program files\sony\isb utility\ISBMgr.exe"
mRun: [SmartWiHelper] "c:\program files\sony corporation\smartwi connection utility\SmartWiHelper.exe" /WindowsStartup
mRun: [VAIOMyMemCenter] "c:\program files\sony\vaio my memory center\VAIO MyMemCenter.exe" 1
mRun: [VAIOSurvey] "c:\program files\sony\vaio survey\VAIO Sat Survey.exe"
mRun: [VWLASU] "c:\program files\sony\vaio wireless wizard\AutoLaunchWLASU.exe"
mRun: [x3watch] c:\program files\x3watch\x3watch.exe
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [AVG_TRAY] c:\program files\avg\avg10\avgtray.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
StartupFolder: c:\users\levi\appdata\roaming\microsoft\windows\start menu\programs\startup\e-Speaking Voice and Speech Recognition Software.appref-ms
StartupFolder: c:\users\levi\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\2.1.121\SSScheduler.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\philip~1.lnk - c:\philips\gogear vibe device manager\GoGear_Vibe_DeviceManager.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
Trusted Zone: real.com\rhap-app-4-0
Trusted Zone: real.com\rhapreg
DPF: {59E937ED-AC7E-407D-B40B-6545B1EECDE7} - hxxp://www.weareautobots.com/ww/plugin/DFusionWeb.Installer.exe
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
Handler: intu-help-qb1 - {9B0F96C7-2E4B-433e-ABF3-043BA1B54AE3} - c:\program files\intuit\quickbooks 2008\HelpAsyncPluggableProtocol.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg10\avgpp.dll
Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - c:\windows\system32\mscoree.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
Notify: igfxcui - igfxdev.dll
Notify: VESWinlogon - VESWinlogon.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\levi\appdata\roaming\mozilla\firefox\profiles\e7v2150l.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2233703&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - 4shared Web Search
FF - prefs.js: browser.startup.homepage - hxxp://search.entru.com/?s=21982
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?pc=Z039&form=ZGAADF&q=
FF - component: c:\program files\avg\avg10\firefox\components\avgssff.dll
FF - component: c:\program files\avg\avg10\firefox4\components\avgssff4.dll
FF - component: c:\users\levi\appdata\roaming\mozilla\firefox\profiles\e7v2150l.default\extensions\{fb4ee65d-e8ef-4c39-a90c-dc09966cee93}\components\RadioWMPCore.dll
FF - component: c:\users\levi\appdata\roaming\mozilla\firefox\profiles\e7v2150l.default\extensions\{fb4ee65d-e8ef-4c39-a90c-dc09966cee93}\components\RadioWMPCoreGecko19.dll
FF - component: c:\users\levi\appdata\roaming\mozilla\firefox\profiles\e7v2150l.default\extensions\engine@conduit.com\components\RadioWMPCore.dll
FF - component: c:\users\levi\appdata\roaming\mozilla\firefox\profiles\e7v2150l.default\extensions\engine@conduit.com\components\RadioWMPCoreGecko19.dll
FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\google updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\google\update\1.3.21.53\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft silverlight\4.0.60310.0\npctrlui.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npclntax_HBLiteSA.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\pando networks\media booster\npPandoWebPlugin.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: c:\users\levi\appdata\local\yahoo!\browserplus\2.7.1\plugins\npybrowserplus_2.7.1.dll
FF - plugin: c:\users\levi\program files\dna\plugins\npbtdna.dll
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2010-9-13 25680]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2010-9-7 26064]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2010-12-8 251728]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2010-9-7 34384]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2010-11-12 299984]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-13 48128]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg10\identity protection\agent\bin\AVGIDSAgent.exe [2011-1-6 6128720]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg10\avgwdsvc.exe [2010-10-22 265400]
R2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-4-17 11032]
R2 RtkAudioService;Realtek Audio Service;c:\windows\RTKAUDIOSERVICE.EXE [2008-8-1 104992]
R2 SOHCImp;VAIO Media plus Content Importer;c:\program files\sony\vaio media plus\SOHCImp.exe [2008-8-21 103712]
R2 SOHDms;VAIO Media plus Digital Media Server;c:\program files\sony\vaio media plus\SOHDms.exe [2008-8-21 353568]
R2 SOHDs;VAIO Media plus Device Searcher;c:\program files\sony\vaio media plus\SOHDs.exe [2008-8-21 62752]
R2 uCamMonitor;CamMonitor;c:\program files\arcsoft\magic-i visual effects\uCamMonitor.exe [2009-3-7 104960]
R2 VAIO Power Management;VAIO Power Management;c:\program files\sony\vaio power management\SPMService.exe [2008-8-1 411488]
R2 VCFw;VAIO Content Folder Watcher;c:\program files\common files\sony shared\vaio content folder watcher\VCFw.exe [2008-6-20 415744]
R2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\sony\vcm intelligent analyzing manager\VcmIAlzMgr.exe [2008-8-21 337184]
R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\drivers\ArcSoftKsUFilter.sys [2008-8-21 17920]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2010-8-19 123472]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2010-8-19 30288]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2010-8-19 21072]
R3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [2008-8-1 9344]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\drivers\yk62x86.sys [2009-7-13 311296]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate1c9a51410e31172;Google Update Service (gupdate1c9a51410e31172);c:\program files\google\update\GoogleUpdate.exe [2009-3-14 133104]
S2 MSMQSVC;Message Queuing Service;c:\windows\system32\mqsv32.exe --> c:\windows\system32\mqsv32.exe [?]
S3 apf001;apf001;c:\game\softnyxgame\gunboundis\apf001.sys [2011-1-13 10872]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2009-3-14 133104]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\2.1.121\McCHSvc.exe [2010-9-3 227232]
S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [2011-2-22 27192]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\common files\sony shared\vcmxml\VcmXmlIfHelper.exe [2008-8-21 83232]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-3-3 1343400]
.
=============== Created Last 30 ================
.
2011-05-07 20:07:13 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-05-07 20:07:09 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-05-07 20:07:08 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-05-07 17:10:05 -------- d-----w- c:\users\levi\appdata\local\{E13C2090-377E-4A7D-8F08-BA81F42D447A}
2011-05-07 04:47:18 -------- d-----w- c:\users\levi\appdata\roaming\Malwarebytes
2011-05-07 04:46:59 -------- d-----w- c:\progra~2\Malwarebytes
2011-05-07 04:38:50 -------- d-----w- c:\users\levi\appdata\local\{4406015E-9FD2-429C-95CE-D46748D6D51F}
2011-05-06 19:25:52 -------- d-----w- c:\users\levi\appdata\local\{1CF18D71-F798-4131-B478-9217FD890506}
2011-05-06 00:25:42 -------- d-----w- c:\users\levi\appdata\local\{87112C80-4487-4211-B353-C8952937B55A}
2011-05-05 07:00:34 -------- d-----w- c:\users\levi\appdata\local\{292D2096-A040-4210-84B8-F3961D7F4E7D}
2011-05-05 05:43:00 -------- d-----w- c:\program files\Activision Value
2011-05-05 04:44:07 -------- d-----w- c:\program files\18 WoS Across America
2011-05-04 18:08:59 -------- d-----w- c:\users\levi\appdata\local\{76934BF4-C347-4F38-A8E7-06A838CE7CA2}
2011-05-04 15:50:03 -------- d-----w- c:\users\levi\appdata\local\{4E32A30B-F174-4333-B614-6C77D2558E50}
2011-05-03 20:53:42 -------- d-----w- c:\users\levi\appdata\local\{E7CD5CDF-E13F-4D09-88E7-3C79EF011921}
2011-05-02 06:56:59 -------- d-----w- c:\users\levi\appdata\local\{284E2E8A-06B9-484D-BE70-EE1FCA819F49}
2011-05-01 15:29:50 -------- d-----w- c:\users\levi\appdata\local\{25155021-340C-46C5-9B19-8333C702D23A}
2011-04-30 16:51:53 -------- d-----w- c:\users\levi\appdata\local\{06FF731E-58D2-4069-95B6-AAF335A4AEFE}
2011-04-29 21:24:30 -------- d-----w- c:\users\levi\appdata\local\{12C8D5D6-1EDA-4E7C-963B-7EDD2CC5FC80}
2011-04-29 21:23:34 -------- d-----w- c:\users\levi\appdata\local\{D26D130D-548D-433A-9CED-BAD1E9A8CC07}
2011-04-29 00:01:06 -------- d-----w- c:\users\levi\appdata\local\{99DA92C3-EDD1-4D17-85B3-03A359ACE52F}
2011-04-27 23:19:59 -------- d-----w- c:\users\levi\appdata\local\{AFC4ED71-AD42-46F9-90B6-FA75AEB41CD2}
2011-04-27 13:46:41 -------- d-----w- c:\users\levi\appdata\local\{63E2901C-2A80-4C65-95AF-4ED7971A93D3}
2011-04-27 01:50:41 -------- d-----w- c:\users\levi\appdata\roaming\ooVoo Details
2011-04-27 01:48:13 -------- d-----w- c:\program files\ooVoo
2011-04-27 01:41:30 -------- d-----w- c:\users\levi\appdata\local\{07275164-B329-446B-A726-722C03F29B4D}
2011-04-26 04:11:20 -------- d-----w- c:\users\levi\appdata\local\{CBB0EB62-43AE-4BFA-BE36-A604038CCE2D}
2011-04-24 23:54:14 -------- d-----w- c:\users\levi\appdata\local\{CB5F2CFC-558B-43CD-9F88-EFA2C907D3E3}
2011-04-23 23:49:06 -------- d-----w- c:\users\levi\appdata\local\{A483EF7B-6922-41EA-9061-0FB051898963}
2011-04-23 07:35:20 -------- d-----w- c:\users\levi\appdata\local\{D7285F02-431F-409A-8020-6939F4BF142B}
2011-04-23 06:15:57 -------- d-----w- c:\users\levi\appdata\local\DDMSettings
2011-04-23 05:06:42 -------- d-----w- c:\progra~2\DivX
2011-04-22 18:47:59 -------- d-----w- c:\users\levi\appdata\local\{1E5337C1-23FF-4019-B1F5-F48A51B84549}
2011-04-22 18:47:13 -------- d-----w- c:\users\levi\appdata\local\{4F3A0594-39EE-4D85-9A6F-0B99CFC03E2D}
2011-04-22 04:36:30 -------- d-----w- c:\users\levi\appdata\local\{34F69EE7-7908-4366-83BD-A37F1E8ED2DA}
2011-04-21 21:59:30 -------- d-----w- C:\Games
2011-04-21 15:04:30 -------- d-----w- c:\users\levi\appdata\local\{93330009-9D92-4055-A6FA-7A528B233A65}
2011-04-20 22:01:17 -------- d-----w- c:\users\levi\appdata\local\{114C51EE-B2A8-4A27-978F-EE78676E78F3}
2011-04-20 19:47:16 -------- d-----w- c:\users\levi\appdata\local\{A8797423-9E86-408D-85D4-62D51CF9CE17}
2011-04-20 15:49:33 -------- d-----w- c:\users\levi\appdata\roaming\cacaoweb
2011-04-19 15:07:55 -------- d-----w- c:\users\levi\appdata\local\{644A5265-E148-49DB-8D4E-112B47B32B6E}
2011-04-18 21:07:44 -------- d-----w- c:\users\levi\appdata\local\{37689E11-E35B-4899-ABC0-1B07FF3365F6}
2011-04-18 14:12:57 -------- d-----w- c:\users\levi\appdata\local\{CDB23EA9-D4AB-49C5-AF80-FBCFCB8AAA7D}
2011-04-17 03:22:35 -------- d-----w- c:\users\levi\appdata\local\{02F3B16E-ABA8-499E-8B86-0072E80DE935}
2011-04-16 22:30:47 -------- d-----w- c:\users\levi\appdata\local\{E1AD072F-2F69-433B-A4CC-A9407C33DE6A}
2011-04-16 03:35:42 -------- d-----w- c:\users\levi\appdata\local\{71798976-17FA-446D-8967-31ADB45CD3AC}
2011-04-15 15:05:26 -------- d-----w- c:\windows\Panther
2011-04-15 14:26:58 -------- d-----w- c:\users\levi\appdata\local\{2B984BB9-A86F-4126-B955-C2AA66EB14B2}
2011-04-14 08:39:02 103864 ----a-w- c:\program files\mozilla firefox\plugins\nppdf32.dll
2011-04-14 08:39:02 103864 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll
2011-04-14 03:14:49 221696 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-04-14 03:14:48 95744 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-04-14 03:14:48 69632 ----a-w- c:\windows\system32\drivers\bowser.sys
2011-04-14 03:14:48 123392 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-04-14 03:14:42 309760 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-04-14 03:14:41 311296 ----a-w- c:\windows\system32\drivers\srv.sys
2011-04-14 03:14:41 113664 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-04-14 03:14:35 28672 ----a-w- c:\windows\system32\dnscacheugc.exe
2011-04-14 03:14:35 132608 ----a-w- c:\windows\system32\dnsrslvr.dll
2011-04-14 03:14:32 294912 ----a-w- c:\windows\system32\atmfd.dll
2011-04-14 03:14:31 34304 ----a-w- c:\windows\system32\atmlib.dll
2011-04-14 03:13:31 2331136 ----a-w- c:\windows\system32\win32k.sys
2011-04-14 03:13:26 191488 ----a-w- c:\windows\system32\FXSCOVER.exe
2011-04-14 03:13:23 288256 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-04-14 03:13:19 740864 ----a-w- c:\windows\system32\inetcomm.dll
2011-04-14 03:13:13 1137664 ----a-w- c:\windows\system32\mfc42.dll
2011-04-14 03:13:12 1164288 ----a-w- c:\windows\system32\mfc42u.dll
2011-04-13 23:02:03 -------- d-----w- c:\users\levi\appdata\local\{10B7E8A7-BBE6-43E8-9A16-232FF9B32150}
2011-04-13 23:00:09 -------- d-----w- c:\users\levi\appdata\local\{1D7C4767-273E-49C0-9863-5917F49DFD2C}
2011-04-13 22:56:56 -------- d-----w- c:\users\levi\appdata\local\{E9DA2EB0-C3D3-413C-960A-FB5531C9ECC1}
2011-04-11 16:56:17 -------- d-----w- c:\users\levi\appdata\local\{09A40AB3-B466-49E9-AB9B-6400ABE58AAB}
2011-04-10 14:46:42 -------- d-----w- c:\users\levi\appdata\local\{65C446B7-7A18-4A2F-B94A-849CAAE29B37}
2011-04-09 16:59:14 -------- d-----w- c:\users\levi\appdata\local\{4F072E88-3FDE-4752-94FA-2EE54911813C}
2011-04-08 03:45:29 -------- d-----w- c:\users\levi\appdata\local\{AD336D53-A82B-41C1-BC47-87329D1587D9}
.
==================== Find3M ====================
.
2011-04-15 14:51:02 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2011-04-15 14:51:01 161792 ----a-w- c:\windows\system32\msls31.dll
2011-04-15 14:51:01 1126912 ----a-w- c:\windows\system32\wininet.dll
2011-04-15 14:51:00 86528 ----a-w- c:\windows\system32\iesysprep.dll
2011-04-15 14:51:00 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2011-04-15 14:51:00 48640 ----a-w- c:\windows\system32\mshtmler.dll
2011-04-15 14:51:00 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2011-04-14 10:07:59 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-03-12 11:31:58 442880 ----a-w- c:\windows\system32\XpsPrint.dll
2011-03-11 05:39:35 1686016 ----a-w- c:\windows\system32\esent.dll
2011-03-11 05:37:34 74240 ----a-w- c:\windows\system32\fsutil.exe
2011-03-03 00:04:10 98304 ----a-w- c:\windows\system32\CmdLineExt.dll
2011-02-26 05:33:07 2614784 ----a-w- c:\windows\explorer.exe
2011-02-19 05:33:11 802304 ----a-w- c:\windows\system32\FntCache.dll
2011-02-19 05:32:48 1074176 ----a-w- c:\windows\system32\DWrite.dll
2011-02-19 05:32:35 739840 ----a-w- c:\windows\system32\d2d1.dll
2011-02-18 05:33:29 31232 ----a-w- c:\windows\system32\prevhost.exe
.
============= FINISH: 15:36:46.07 ===============


.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_11-03-05.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 12/14/2009 1:09:45 AM
System Uptime: 5/7/2011 2:57:53 PM (1 hours ago)
.
Motherboard: Sony Corporation | | VAIO
Processor: Intel(R) Pentium(R) Dual CPU T3200 @ 2.00GHz | N/A | 2000/166mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 140 GiB total, 18.946 GiB free.
D: is Removable
E: is Removable
F: is CDROM (CDFS)
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP228: 4/15/2011 9:34:44 AM - Windows Update
RP229: 4/19/2011 10:18:07 AM - Windows Update
RP231: 4/21/2011 5:25:25 PM - Installed DirectX
RP232: 4/22/2011 3:00:24 AM - Windows Update
RP233: 4/27/2011 3:00:58 AM - Windows Update
RP234: 4/28/2011 3:00:30 AM - Windows Update
RP235: 5/2/2011 5:12:35 PM - Installed Java(TM) 6 Update 25
RP237: 5/4/2011 11:27:39 PM - Removed Star Wars(R) Knights of the Old Republic(R) II: The SithÄ,öp‰’
RP239: 5/4/2011 11:42:19 PM - Installed 18 WoS Across America
.
==== Installed Programs ======================
.
.
Update for Microsoft Office 2007 (KB2508958)
18 WoS Across America
3ivx MPEG-4 5.0.3 (remove only)
Acrobat.com
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.4.4
Adobe Shockwave Player 11
Age of Empires II & The Conquerors Expansion
AnalogX AutoTune
AP Tuner 3.08
Apple Mobile Device Support
Apple Software Update
ArcSoft Magic-i Visual Effects
ArcSoft WebCam Companion 2
Auto-Tune EFX VST
AVG 2011
AVG PC Tuneup 2011
BitZipper 2009
Bonjour
Cabela's Big Game Hunter 2004 Season
Click to Disc
Click to Disc Editor
Compatibility Pack for the 2007 Office system
D3DX10
DivX Converter
DivX Plus DirectShow Filters
DivX Setup
DivX Version Checker
DNA
FlipShare
GIMP 2.6.7
GoGear VIBE Device Manager
Google Earth
Google Update Helper
Google Updater
Graboid Video 2.01
GunboundIS
HDAUDIO SoftV92 Data Fax Modem with SmartCP
Intel(R) Graphics Media Accelerator Driver
Interlok driver setup x32
iTunes
Java Auto Updater
Java(TM) 6 Update 25
Java(TM) SE Runtime Environment 6
Launchpad Enhanced
Lux Delux 5.72
Lux Delux 6.06
Magic ISO Maker v5.5 (build 0276)
Malwarebytes' Anti-Malware
McAfee Security Scan Plus
Media Converter for Philips
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB953297)
Microsoft .NET Framework 4 Client Profile
Microsoft Age of Empires II
Microsoft Age of Empires II Trial Version
Microsoft Age of Empires II: The Conquerors Expansion
Microsoft Application Error Reporting
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Excel MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office Live Add-in 1.5
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft WorldWide Telescope
MobileMe Control Panel
Mozilla Firefox 4.0.1 (x86 en-US)
Mozilla Firefox 4.0b7 (x86 en-US)
MSN Toolbar
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
Music Transfer
OGA Notifier 2.0.0048.0
ooVoo
OpenMG Secure Module 5.1.00
Pando Media Booster
PCFriendly
Photo Pos Pro
Photopos Toolbar (Remove Toolbar Only)
Picasa 3
Primo
PunkBuster Services
QuickBooks Simple Start 2008
QuickTime
RealPlayer
Realtek High Definition Audio Driver
RealUpgrade 1.0
Revo Uninstaller Pro 2.5.1
Rhapsody
Roxio Central Audio
Roxio Central Copy
Roxio Central Core
Roxio Central Data
Roxio Central Tools
Roxio Easy Media Creator 10 LJ
Roxio Easy Media Creator Home
Search Toolbar
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB2466156)
Security Update for 2007 Microsoft Office System (KB2509488)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft Office Excel 2007 (KB2464583)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB2464594)
Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Setting Utility Series
Smart Defrag 1.20
SmartWi Connection Utility
Software Informer 1.0 BETA
Sony Picture Utility
Sony Video Shared Library
Spelling Dictionaries Support For Adobe Reader 9
Star Wars Galaxies: The Total Experience
SupportSoft Assisted Service
Synaptics Pointing Device Driver
System Requirements Lab
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VAIO Care
VAIO Content Folder Setting
VAIO Content Metadata Intelligent Analyzing Manager
VAIO Content Metadata Manager Setting
VAIO Content Metadata XML Interface Library
VAIO Control Center
VAIO Data Restore Tool
VAIO DVD Menu Data Basic
VAIO Entertainment Platform
VAIO Event Service
VAIO Help and Support
VAIO Launcher
VAIO Media plus
VAIO Movie Story
VAIO Movie Story Template Data
VAIO MusicBox
VAIO MusicBox Sample Music
VAIO My Memory Center
VAIO OOBE and Welcome Center
VAIO Original Function Setting
VAIO Power Management
VAIO Presentation Support
VAIO Startup Assistant
VAIO Survey
VAIO Update 4
VAIO Wallpaper Contents
VAIO Wireless Wizard
VC80CRTRedist - 8.0.50727.4053
VLC media player 1.0.1
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Messenger
Windows Live Movie Maker
Windows Live OneCare safety scanner
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Media Player Firefox Plugin
WinDVD for VAIO
WinRAR archiver
World of Tanks v.0.6.3.11
Yahoo! Anti-Spy
Yahoo! BrowserPlus 2.7.1
Yahoo! Messenger
Yahoo! Software Update
Yahoo! Toolbar
.
==== Event Viewer Messages From Past Week ========
.
5/7/2011 3:35:16 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {078AEF33-C48A-49F7-AFF3-A0EE810BFE7C} and APPID Unavailable to the user NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
5/7/2011 3:17:40 PM, Error: Microsoft-Windows-SharedAccess_NAT [31004] - The DNS proxy agent was unable to allocate 0 bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error.
5/7/2011 2:58:45 PM, Error: Service Control Manager [7000] - The atksgt service failed to start due to the following error: This driver has been blocked from loading
5/7/2011 2:58:45 PM, Error: Application Popup [875] - Driver atksgt.sys has been blocked from loading.
5/7/2011 2:37:01 PM, Error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{B29DB9AA-420D-49EB-9035-AA545CCBC678} because another computer on the network has the same name. The server could not start.
5/7/2011 12:14:06 PM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.
5/7/2011 11:03:13 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.
5/6/2011 8:13:56 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the VzCdbSvc service.
5/6/2011 3:37:44 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the FlipShare Service service.
5/5/2011 7:26:43 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
5/5/2011 7:26:43 PM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
5/5/2011 7:26:43 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
5/4/2011 7:29:40 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Yahoo! Updater service to connect.
5/4/2011 7:29:40 PM, Error: Service Control Manager [7000] - The Yahoo! Updater service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
5/4/2011 10:51:18 AM, Error: Service Control Manager [7022] - The Windows Search service hung on starting.
5/3/2011 3:49:42 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the avgwd service.
5/3/2011 1:51:07 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SOHDms service.
5/2/2011 11:03:45 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
5/1/2011 10:30:44 AM, Error: Service Control Manager [7022] - The VAIO Media plus Digital Media Server service hung on starting.
4/30/2011 1:31:36 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.
.
==== End Of File ===========================

 

[Bobbye]

Okay, a good thing- I can see the bad page and can reset it with script you'll run after Combofix.

You will have to remove AVG to run Combofix. Download AppRemover and save to the desktop
How to Use AppRemover to Remove a Complete Security Application

1. Double click the setup on the desktop> click Next
2. Select “Remove Security Application”
3. Let scan finish to determine security apps
4. A screen like below will appear:
   https://www.techspot.com/downloads/5514-appremover.htmlabout/chooseuninstall.gif/image_preview[/img[*] Click on [b]Next[/b] after choice has been made
   [*] Check the AVG program you want to uninstall
   [*] After uninstall shows complete, follow online prompts to Exit the program.[/list]
   
   [B]Temporary AV:[/B]
   [url=http://download.cnet.com/Avira-AntiVir-Personal-Free-Antivirus/3000-2239_4-10322935.html?part=dl-10322935&subj=dl&tag=button&cdlPid=11012914][b][color=blue]Avira-AntiVir-Personal-Free-Antivirus[/b][/color][/url]
   [URL="http://download.cnet.com/Avast-Free-Antivirus/3000-2239_4-10019223.html?part=dl-85737&subj=dl&tag=button"][B][COLOR="RoyalBlue"]Avast Free Version[/COLOR][/B][/URL]
   ===================================
   Please note: If you have Combofix on the desktop already, please uninstall it. The download the current version and do the scan: Uninstall directions [B]if needed[/B][list]
   [*] Click START> then RUN
   [*] Now type [b]Combofix /Uninstall[/b] in the runbox and click OK. Note the space between the X and the U, it needs to be there.[/list]
   ----------
   [b]Download Combofix from [url=http://www.bleepingcomputer.com/download/anti-virus/combofix]HERE[/url] or [url=http://www.forospyware.com/sUBs/ComboFix.exe]HERE[/b][/url] and save to the desktop[list]
   [*]Double click combofix.exe & follow the prompts.
   [*] ComboFix will check to see if the Microsoft Windows Recovery Console is installed. It is recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode if needed.
   [b]**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.[/b]
   [*]Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
   [*]Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:
   [img]http://img.photobucket.com/albums/v706/ried7/whatnext.png
5. .Click on Yes, to continue scanning for malware
6. .If Combofix asks you to update the program, allow
7. .Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
8. .Close any open browsers.
9. .Double click combofix.exe
   
   & follow the prompts to run.
10. When the scan completes , a report will be generated-it will open a text window. Please paste the C:\ComboFix.txt in next reply..

Re-enable your Antivirus software.
Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser.
3. Combofix prevents autorun of ALL CD, floppy and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell your helper.
4. CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.

 

[Bobbye]

Did you install the Perfect Keylogger as plugins on both Internet Explorer and Firefox browsers?

2011-04-14 08:39:02 103864> c:\program files\mozilla firefox\plugins\nppdf32.dll
2011-04-14 08:39:02 103864 > c:\program files\internet explorer\plugins\nppdf32.dll

Are you having any connection problems? I not many timeout errors in the log.