Virus Scan 8 pop up appeared on my computer last week. I removed that. Then White Smoke Translator toolbar appeared. Now I have Windows Blank popping up and leaving and History deleting screen appearing. I ran McAfee, Malwarebytes, and Ad-Aware. Removed what they showed. Still having problems. Here are my logs:
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Database version: 5500
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18999
1/10/2011 8:09:43 PM
mbam-log-2011-01-10 (20-09-43).txt
Scan type: Quick scan
Objects scanned: 146240
Time elapsed: 8 minute(s), 0 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
------------------------------------------
GMER 1.0.15.15530 - http://www.gmer.net
Rootkit quick scan 2011-01-10 22:15:35
Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 WDC_WD3200AAKS-75L9A0 rev.01.03E01
Running: d7jcdixw.exe; Driver: C:\Users\Susan\AppData\Local\Temp\pglcypow.sys
---- System - GMER 1.0.15 ----
Code \SystemRoot\system32\drivers\mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwMapViewOfSection [0x82E3F0B8]
Code \SystemRoot\system32\drivers\mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwTerminateProcess [0x82E3F0E2]
Code \SystemRoot\system32\drivers\mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwUnmapViewOfSection [0x82E3F0CE]
Code \SystemRoot\system32\drivers\mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwYieldExecution [0x82E3F0A4]
Code \SystemRoot\system32\drivers\mfehidk.sys (McAfee Link Driver/McAfee, Inc.) NtMapViewOfSection
---- Devices - GMER 1.0.15 ----
Device Ntfs.sys (NT File System Driver/Microsoft Corporation)
Device fastfat.SYS (Fast FAT File System Driver/Microsoft Corporation)
AttachedDevice fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \Driver\tdx \Device\Tcp mfewfpk.sys (Anti-Virus Mini-Firewall Driver/McAfee, Inc.)
AttachedDevice \Driver\tdx \Device\Udp mfewfpk.sys (Anti-Virus Mini-Firewall Driver/McAfee, Inc.)
---- EOF - GMER 1.0.15 ----
----------------------------------------------
DDS (Ver_10-12-12.02) - NTFSx86
Run by Susan at 22:16:52.51 on Mon 01/10/2011
Internet Explorer: 8.0.6001.18999
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.1.1033.18.2036.1069 [GMT -6:00]
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {61CDFD9D-3CAC-9270-C6FC-52325ACB795B}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
============== Running Processes ===============
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Dell\DellDock\DockLogin.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\AERTSrv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k hpdevmgmt
C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\PSIService.exe
C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Kodak\KODAK Share Button App\Listener.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\Java\Java Update\jusched .exe
C:\Program Files\Sony\PMB\PMBVolumeWatcher .exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
C:\Users\Susan\Desktop\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe
============== Pseudo HJT Report ===============
uSearch Page =
uWindow Title = Internet Explorer provided by Dell
uStart Page = hxxp://www.google.com/
uSearch Bar =
mSearch Bar = hxxp://www.google.com
uSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%s
mURLSearchHooks: Zynga Toolbar: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - c:\program files\zynga\tbZyng.dll
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Zynga Toolbar: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - c:\program files\zynga\tbZyng.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\common files\mcafee\systemcore\ScriptSn.20101104055059.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Search Toolbar: {9d425283-d487-4337-bab6-ab8354a81457} - c:\program files\search toolbar\SearchToolbar.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - c:\program files\windows live\companion\companioncore.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5805.1910\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - No File
TB: Zynga Toolbar: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - c:\program files\zynga\tbZyng.dll
TB: {0C8413C1-FAD1-446C-8584-BE50576F863E} - No File
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Search Toolbar: {9d425283-d487-4337-bab6-ab8354a81457} - c:\program files\search toolbar\SearchToolbar.dll
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRunOnce: [Shockwave Updater] c:\windows\system32\adobe\shockw~1\SWHELP~1.EXE -Update -1103472 -"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0; Trident/4.0; FBSMTWB; GTB6.6; JobsSearchToolbar 1.2; SLCC1; .NET CLR 2.0.50727; MDDC; .NET CLR 3.5.30729; .NET CLR 3.0.30729; OfficeLiveConnector.1.5; OfficeLivePatch.1.3; .NET4.0C)" -"http://www.southparkstudios.com/games/cc/playset/playset2.html"
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [dellsupportcenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P dellsupportcenter
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [Monitor] "c:\program files\leapfrog\leapfrog connect\Monitor.exe"
mRun: [ReminderApp] c:\program files\nova development\greeting card factory photo card maker 2.0\ReminderApp.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [<NO NAME>]
mRun: [mcui_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask .exe" -atboottime
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [PMBVolumeWatcher] c:\program files\sony\pmb\PMBVolumeWatcher.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-explorer: NoAutoUpdate = 1 (0x1)
mPolicies-explorer: NoWindowsUpdate = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 2 (0x2)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
Trusted Zone: internet
Trusted Zone: mcafee.com
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: jpip - {B92DD248-E3D5-4A92-B311-C9B841681455} - c:\program files\lizardtech\express view\expressview.dll
Handler: sidlet - {B92DD248-E3D5-4A92-B311-C9B841681455} - c:\program files\lizardtech\express view\expressview.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
Notify: igfxcui - igfxdev.dll
IFEO: image file execution options - svchost.exe
Hosts: 64.86.17.56 google.ae
Hosts: 64.86.17.56 google.as
Hosts: 64.86.17.56 google.at
Hosts: 64.86.17.56 google.az
Hosts: 64.86.17.56 google.ba
Note: multiple HOSTS entries found. Please refer to Attach.txt
============= SERVICES / DRIVERS ===============
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-9-25 64160]
R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2009-3-25 386840]
R1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\drivers\mfenlfk.sys [2010-7-10 64304]
R1 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2010-7-10 164840]
R2 AERTFilters;Andrea RT Filters Service;c:\windows\system32\AERTSrv.exe [2007-12-5 77824]
R2 DockLoginService;Dock Login Service;c:\program files\dell\delldock\DockLogin.exe [2008-9-23 155648]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2009-7-3 1029456]
R2 McMPFSvc;McAfee Personal Firewall Service;"c:\program files\common files\mcafee\mcsvchost\McSvHost.exe" /McCoreSvc [2010-7-10 271480]
R2 McNaiAnn;McAfee VirusScan Announcer;"c:\program files\common files\mcafee\mcsvchost\McSvHost.exe" /McCoreSvc [2010-7-10 271480]
R2 McProxy;McAfee Proxy Service;"c:\program files\common files\mcafee\mcsvchost\McSvHost.exe" /McCoreSvc [2010-7-10 271480]
R2 McShield;McShield;c:\program files\common files\mcafee\systemcore\mcshield.exe [2010-7-10 171168]
R2 mfefire;McAfee Firewall Core Service;c:\program files\common files\mcafee\systemcore\mfefire.exe [2010-7-10 188136]
R2 mfevtp;McAfee Validation Trust Protection Service;c:\program files\common files\mcafee\systemcore\mfevtps.exe [2010-7-10 141792]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files\sony\pmb\PMBDeviceInfoProvider.exe [2009-10-24 360224]
R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2010-7-10 55840]
R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2010-7-10 152960]
R3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2010-7-10 52104]
R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2010-7-10 313288]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-2-19 135664]
S3 FlyUsb;FLY Fusion;c:\windows\system32\drivers\FlyUsb.sys [2009-7-30 19456]
S3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2010-10-29 39272]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-9-22 1493352]
S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2010-7-10 84264]
S3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2010-7-10 34248]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S4 TomTomHOMEService;TomTomHOMEService;c:\program files\tomtom home 2\TomTomHOMEService.exe [2009-11-13 92008]
S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-22 51040]
=============== Created Last 30 ================
2011-01-11 02:30:54 94848 ----a-w- C:\pglcypow.sys
2011-01-11 02:00:38 79362 ----a-w- c:\progra~2\o4lniqBY.exe
2011-01-11 01:13:50 -------- d-----w- c:\progra~2\MFAData
2011-01-03 05:44:09 -------- d-----w- c:\program files\VS Revo Group
2010-12-31 07:47:58 6273872 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\{3db25efd-7536-4ed6-be42-6e1cb4cd338a}\mpengine.dll
2010-12-26 17:03:57 -------- d-----w- c:\program files\common files\Kodak
2010-12-26 17:03:55 -------- d-----w- c:\program files\Kodak
2010-12-26 17:01:18 -------- d-----w- c:\progra~2\{49FC035F-4D1B-4459-B8B7-1EF5D11C6BAC}
2010-12-15 23:45:57 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat
==================== Find3M ====================
2011-01-03 05:18:26 848 --sha-w- c:\progra~2\KGyGaAvL.sys
2010-11-04 18:56:07 345600 ----a-w- c:\windows\system32\wmicmiplugin.dll
2010-11-04 18:55:38 352768 ----a-w- c:\windows\system32\taskschd.dll
2010-11-04 18:55:38 270336 ----a-w- c:\windows\system32\taskcomp.dll
2010-11-04 18:55:12 601600 ----a-w- c:\windows\system32\schedsvc.dll
2010-11-04 16:34:06 171520 ----a-w- c:\windows\system32\taskeng.exe
2010-11-02 06:01:54 916480 ----a-w- c:\windows\system32\wininet.dll
2010-11-02 05:57:41 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-11-02 05:57:27 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2010-11-02 05:57:11 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-11-02 05:57:11 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-11-02 05:01:31 385024 ----a-w- c:\windows\system32\html.iec
2010-11-02 04:26:10 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2010-11-02 04:24:44 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2010-10-28 15:44:56 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-10-28 13:27:47 292352 ----a-w- c:\windows\system32\atmfd.dll
2010-10-28 13:20:12 2048 ----a-w- c:\windows\system32\tzres.dll
2010-10-19 16:41:44 222080 ------w- c:\windows\system32\MpSigStub.exe
2010-10-18 13:37:35 81920 ----a-w- c:\windows\system32\consent.exe
2010-10-18 13:31:24 2038272 ----a-w- c:\windows\system32\win32k.sys
============= FINISH: 22:17:59.57 ===============
-------------------------------------------------------------------
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
DDS (Ver_10-12-12.02)
Microsoft® Windows Vista™ Home Basic
Boot Device: \Device\HarddiskVolume3
Install Date: 2/5/2009 8:44:13 PM
System Uptime: 1/10/2011 10:06:40 PM (0 hours ago)
Motherboard: Dell Inc. | | 0G679R
Processor: Intel(R) Celeron(R) CPU 450 @ 2.20GHz | Socket 775 | 2194/200mhz
==== Disk Partitions =========================
C: is FIXED (NTFS) - 283 GiB total, 209.075 GiB free.
D: is FIXED (NTFS) - 15 GiB total, 9.347 GiB free.
E: is CDROM ()
==== Disabled Device Manager Items =============
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft Tun Miniport Adapter
Device ID: ROOT\*TUNMP\0001
Manufacturer: Microsoft
Name: Teredo Tunneling Pseudo-Interface
PNP Device ID: ROOT\*TUNMP\0001
Service: tunmp
==== System Restore Points ===================
==== Hosts File Hijack ======================
Hosts: 64.86.17.56 google.ae
Hosts: 64.86.17.56 google.as
Hosts: 64.86.17.56 google.at
Hosts: 64.86.17.56 google.az
Hosts: 64.86.17.56 google.ba
Hosts: 64.86.17.56 google.be
Hosts: 64.86.17.56 google.bg
Hosts: 64.86.17.56 google.bs
Hosts: 64.86.17.56 google.ca
Hosts: 64.86.17.56 google.cd
Hosts: 64.86.17.56 google.com.gh
Hosts: 64.86.17.56 google.com.hk
Hosts: 64.86.17.56 google.com.jm
Hosts: 64.86.17.56 google.com.mx
Hosts: 64.86.17.56 google.com.my
Hosts: 64.86.17.56 google.com.na
Hosts: 64.86.17.56 google.com.nf
Hosts: 64.86.17.56 google.com.ng
Hosts: 64.86.17.56 google.ch
Hosts: 64.86.17.56 google.com.np
Hosts: 64.86.17.56 google.com.pr
Hosts: 64.86.17.56 google.com.qa
Hosts: 64.86.17.56 google.com.sg
Hosts: 64.86.17.56 google.com.tj
Hosts: 64.86.17.56 google.com.tw
Hosts: 64.86.17.56 google.dj
Hosts: 64.86.17.56 google.de
Hosts: 64.86.17.56 google.dk
Hosts: 64.86.17.56 google.dm
Hosts: 64.86.17.56 google.ee
Hosts: 64.86.17.56 google.fi
Hosts: 64.86.17.56 google.fm
Hosts: 64.86.17.56 google.fr
Hosts: 64.86.17.56 google.ge
Hosts: 64.86.17.56 google.gg
Hosts: 64.86.17.56 google.gm
Hosts: 64.86.17.56 google.gr
Hosts: 64.86.17.56 google.ht
Hosts: 64.86.17.56 google.ie
Hosts: 64.86.17.56 google.im
Hosts: 64.86.17.56 google.in
Hosts: 64.86.17.56 google.it
Hosts: 64.86.17.56 google.ki
Hosts: 64.86.17.56 google.la
Hosts: 64.86.17.56 google.li
Hosts: 64.86.17.56 google.lv
Hosts: 64.86.17.56 google.ma
Hosts: 64.86.17.56 google.ms
Hosts: 64.86.17.56 google.mu
Hosts: 64.86.17.56 google.mw
Hosts: 64.86.17.56 google.nl
Hosts: 64.86.17.56 google.no
Hosts: 64.86.17.56 google.nr
Hosts: 64.86.17.56 google.nu
Hosts: 64.86.17.56 google.pl
Hosts: 64.86.17.56 google.pn
Hosts: 64.86.17.56 google.pt
Hosts: 64.86.17.56 google.ro
Hosts: 64.86.17.56 google.ru
Hosts: 64.86.17.56 google.rw
Hosts: 64.86.17.56 google.sc
Hosts: 64.86.17.56 google.se
Hosts: 64.86.17.56 google.sh
Hosts: 64.86.17.56 google.si
Hosts: 64.86.17.56 google.sm
Hosts: 64.86.17.56 google.sn
Hosts: 64.86.17.56 google.st
Hosts: 64.86.17.56 google.tl
Hosts: 64.86.17.56 google.tm
Hosts: 64.86.17.56 google.tt
Hosts: 64.86.17.56 google.us
Hosts: 64.86.17.56 google.vu
Hosts: 64.86.17.56 google.ws
Hosts: 64.86.17.56 google.co.ck
Hosts: 64.86.17.56 google.co.id
Hosts: 64.86.17.56 google.co.il
Hosts: 64.86.17.56 google.co.in
Hosts: 64.86.17.56 google.co.jp
Hosts: 64.86.17.56 google.co.kr
Hosts: 64.86.17.56 google.co.ls
Hosts: 64.86.17.56 google.co.ma
Hosts: 64.86.17.56 google.co.nz
Hosts: 64.86.17.56 google.co.tz
Hosts: 64.86.17.56 google.co.ug
Hosts: 64.86.17.56 google.co.uk
Hosts: 64.86.17.56 google.co.za
Hosts: 64.86.17.56 google.co.zm
Hosts: 64.86.17.56 google.com
Hosts: 64.86.17.56 google.com.af
Hosts: 64.86.17.56 google.com.ag
Hosts: 64.86.17.56 google.com.ar
Hosts: 64.86.17.56 google.com.au
Hosts: 64.86.17.56 google.com.bn
Hosts: 64.86.17.56 google.com.br
Hosts: 64.86.17.56 google.com.by
Hosts: 64.86.17.56 google.com.bz
Hosts: 64.86.17.56 google.com.cu
Hosts: 64.86.17.56 google.com.ec
Hosts: 64.86.17.56 google.com.fj
Hosts: 64.86.17.56 www.google.ae
Hosts: 64.86.17.56 www.google.as
Hosts: 64.86.17.56 www.google.at
Hosts: 64.86.17.56 www.google.az
Hosts: 64.86.17.56 www.google.ba
Hosts: 64.86.17.56 www.google.be
Hosts: 64.86.17.56 www.google.bg
Hosts: 64.86.17.56 www.google.bs
Hosts: 64.86.17.56 www.google.ca
Hosts: 64.86.17.56 www.google.cd
Hosts: 64.86.17.56 www.google.com.gh
Hosts: 64.86.17.56 www.google.com.hk
Hosts: 64.86.17.56 www.google.com.jm
Hosts: 64.86.17.56 www.google.com.mx
Hosts: 64.86.17.56 www.google.com.my
Hosts: 64.86.17.56 www.google.com.na
Hosts: 64.86.17.56 www.google.com.nf
Hosts: 64.86.17.56 www.google.com.ng
Hosts: 64.86.17.56 www.google.ch
Hosts: 64.86.17.56 www.google.com.np
Hosts: 64.86.17.56 www.google.com.pr
Hosts: 64.86.17.56 www.google.com.qa
Hosts: 64.86.17.56 www.google.com.sg
Hosts: 64.86.17.56 www.google.com.tj
Hosts: 64.86.17.56 www.google.com.tw
Hosts: 64.86.17.56 www.google.dj
Hosts: 64.86.17.56 www.google.de
Hosts: 64.86.17.56 www.google.dk
Hosts: 64.86.17.56 www.google.dm
Hosts: 64.86.17.56 www.google.ee
Hosts: 64.86.17.56 www.google.fi
Hosts: 64.86.17.56 www.google.fm
Hosts: 64.86.17.56 www.google.fr
Hosts: 64.86.17.56 www.google.ge
Hosts: 64.86.17.56 www.google.gg
Hosts: 64.86.17.56 www.google.gm
Hosts: 64.86.17.56 www.google.gr
Hosts: 64.86.17.56 www.google.ht
Hosts: 64.86.17.56 www.google.ie
Hosts: 64.86.17.56 www.google.im
Hosts: 64.86.17.56 www.google.in
Hosts: 64.86.17.56 www.google.it
Hosts: 64.86.17.56 www.google.ki
Hosts: 64.86.17.56 www.google.la
Hosts: 64.86.17.56 www.google.li
Hosts: 64.86.17.56 www.google.lv
Hosts: 64.86.17.56 www.google.ma
Hosts: 64.86.17.56 www.google.ms
Hosts: 64.86.17.56 www.google.mu
Hosts: 64.86.17.56 www.google.mw
Hosts: 64.86.17.56 www.google.nl
Hosts: 64.86.17.56 www.google.no
Hosts: 64.86.17.56 www.google.nr
Hosts: 64.86.17.56 www.google.nu
Hosts: 64.86.17.56 www.google.pl
Hosts: 64.86.17.56 www.google.pn
Hosts: 64.86.17.56 www.google.pt
Hosts: 64.86.17.56 www.google.ro
Hosts: 64.86.17.56 www.google.rw
Hosts: 64.86.17.56 www.google.sc
Hosts: 64.86.17.56 www.google.se
Hosts: 64.86.17.56 www.google.sh
Hosts: 64.86.17.56 www.google.si
Hosts: 64.86.17.56 www.google.sm
Hosts: 64.86.17.56 www.google.sn
Hosts: 64.86.17.56 www.google.st
Hosts: 64.86.17.56 www.google.tl
Hosts: 64.86.17.56 www.google.tm
Hosts: 64.86.17.56 www.google.tt
Hosts: 64.86.17.56 www.google.us
Hosts: 64.86.17.56 www.google.vu
Hosts: 64.86.17.56 www.google.ws
Hosts: 64.86.17.56 www.google.co.ck
Hosts: 64.86.17.56 www.google.co.id
Hosts: 64.86.17.56 www.google.co.il
Hosts: 64.86.17.56 www.google.co.in
Hosts: 64.86.17.56 www.google.co.jp
Hosts: 64.86.17.56 www.google.co.kr
Hosts: 64.86.17.56 www.google.co.ls
Hosts: 64.86.17.56 www.google.co.ma
Hosts: 64.86.17.56 www.google.co.nz
Hosts: 64.86.17.56 www.google.co.tz
Hosts: 64.86.17.56 www.google.co.ug
Hosts: 64.86.17.56 www.google.co.za
Hosts: 64.86.17.56 www.google.co.zm
Hosts: 64.86.17.56 www.google.com.af
Hosts: 64.86.17.56 www.google.com.ag
Hosts: 64.86.17.56 www.google.com.ar
Hosts: 64.86.17.56 www.google.com.au
Hosts: 64.86.17.56 www.google.com.bn
Hosts: 64.86.17.56 www.google.com.br
Hosts: 64.86.17.56 www.google.com.by
Hosts: 64.86.17.56 www.google.com.bz
Hosts: 64.86.17.56 www.google.com.cu
Hosts: 64.86.17.56 www.google.com.ec
Hosts: 64.86.17.56 www.google.com.fj
Hosts: 64.86.17.56 google.com
Hosts: 64.86.17.56 bing.com
Hosts: 64.86.17.56 www.bing.com
Hosts: 64.86.17.56 search.yahoo.com
Hosts: 64.86.17.56 www.search.yahoo.com
Hosts: 64.86.17.56 search.live.com
Hosts: 64.86.17.56 search.msn.com
Hosts: 64.86.17.56 googleads.g.doubleclick.net
Hosts: 64.86.17.56 www.googleads.g.doubleclick.net
Hosts: 64.86.17.56 pubads.g.doubleclick.net
Hosts: 64.86.17.56 www.pubads.g.doubleclick.net
Hosts: 64.86.17.56 partner.googleadservices.com
Hosts: 64.86.17.56 www.partner.googleadservices.com
Hosts: 64.86.17.56 www.partner.googleadservices.com
==== Installed Programs ======================
32 Bit HP CIO Components Installer
Acrobat.com
Ad-Aware
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.4.1
Adobe Shockwave Player 11
Apple Application Support
Apple Mobile Device Support
Apple Software Update
AudioLabel
Bonjour
BufferChm
Canon Camera Access Library
Canon Camera Support Core Library
Canon Camera Window DC_DV 5 for ZoomBrowser EX
Canon Camera Window DC_DV 6 for ZoomBrowser EX
Canon Camera Window MC 6 for ZoomBrowser EX
Canon RAW Image Task for ZoomBrowser EX
Canon RemoteCapture Task for ZoomBrowser EX
Canon Utilities Digital Photo Professional 2.1
Canon Utilities EOS Utility
Canon Utilities PhotoStitch
Canon Utilities ZoomBrowser EX
Color Efex Pro 3.0 Corel Sampler
Compatibility Pack for the 2007 Office system
Copy
Copy Utility
Corel MediaOne
Corel Paint Shop Pro Photo X2
Corel Painter Photo Essentials 4
D3DX10
Dell Dock
Dell Support Center (Support Software)
DELL0604
Destinations
DeviceDiscovery
Digital Concepts Image Manager
DJ_AIO_05_F4400_Software_Min
EDocs
EOS USB WIA Driver
F4400
Family Tree Maker 2010
ffdshow [rev 2527] [2008-12-19]
Google Toolbar for Internet Explorer
Google Update Helper
GPBaseService2
Greeting Card Factory Photo Card Maker 2.0
Haali Media Splitter
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Customer Participation Program 13.0
HP Deskjet F4400 Printer Driver Software 13.0 Rel .5
HP Imaging Device Functions 13.0
HP Print Projects 1.0
HP Smart Web Printing 4.5
HP Solution Center 13.0
HP Update
HPPhotoGadget
hpPrintProjects
HPProductAssistant
hpWLPGInstaller
ImageSkill Background Remover 3
Intel(R) Graphics Media Accelerator Driver
Intel(R) PRO Network Connections 12.1.11.0
Java Auto Updater
Java(TM) 6 Update 22
Java(TM) 6 Update 7
Junk Mail filter update
KODAK Share Button App
LeapFrog Connect
LeapFrog My Pals Plugin
LeapFrog Tag Plugin
LizardTech DjVu Control
Lizardtech Express View Browser Plug-in
Malwarebytes' Anti-Malware
MarketResearch
McAfee Internet Security
McAfee Virtual Technician
Mesh Runtime
Messenger Companion
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Live Add-in 1.5
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Primary Interoperability Assemblies 2005
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
Microsoft Works
Microsoft WSE 3.0
MSVCRT
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
OGA Notifier 2.0.0048.0
PHOTORECOVERY LE
PMB
QuickTime
REACTOR
Realtek High Definition Audio Driver
Roxio Creator Audio
Roxio Creator Copy
Roxio Creator Data
Roxio Creator DE
Roxio Creator Tools
Roxio Express Labeler 3
Roxio Update Manager
SA3020 Device Manager
SA30xx Media Converter
Scan
ScanToWeb
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2289158)
Security Update for 2007 Microsoft Office System (KB2344875)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2345035)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office PowerPoint Viewer (KB2413381)
Security Update for Microsoft Office Publisher 2007 (KB2284697)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Security Update for Windows Media Encoder (KB2447961)
Security Update for Windows Media Encoder (KB979332)
Segoe UI
SmartWebPrinting
SolutionCenter
Spelling Dictionaries Support For Adobe Reader 9
Status
TC Web Conferencing
TomTom HOME 2.7.3.1894
TomTom HOME Visual Studio Merge Modules
Toolbox
TrayApp
Ulead Photo Explorer 8.0 SE
Uninstall Dual Mode Camera (ST606)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2412171)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (KB2466076)
Use the entry named LeapFrog Connect to uninstall (LeapFrog My Pals Plugin)
Use the entry named LeapFrog Connect to uninstall (LeapFrog Tag Plugin)
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
Visual C++ 8.0 CRT (x86) WinSXS MSM
WebReg
Windows Driver Package - Eastman Kodak KODAK Digital Camera (01/29/2010 1.4.1.0)
Windows Driver Package - LeapFrog (FlyUsb) USB (11/05/2008 1.1.1.0)
Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012)
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Media Encoder 9 Series
Zynga Toolbar
==== End Of File ===========================
-------------------------------------------------------------------------
Please help. This problem started after my girls started playing an online game on Facebook. But my son also got online to check some football stuff.
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Database version: 5500
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18999
1/10/2011 8:09:43 PM
mbam-log-2011-01-10 (20-09-43).txt
Scan type: Quick scan
Objects scanned: 146240
Time elapsed: 8 minute(s), 0 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
------------------------------------------
GMER 1.0.15.15530 - http://www.gmer.net
Rootkit quick scan 2011-01-10 22:15:35
Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 WDC_WD3200AAKS-75L9A0 rev.01.03E01
Running: d7jcdixw.exe; Driver: C:\Users\Susan\AppData\Local\Temp\pglcypow.sys
---- System - GMER 1.0.15 ----
Code \SystemRoot\system32\drivers\mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwMapViewOfSection [0x82E3F0B8]
Code \SystemRoot\system32\drivers\mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwTerminateProcess [0x82E3F0E2]
Code \SystemRoot\system32\drivers\mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwUnmapViewOfSection [0x82E3F0CE]
Code \SystemRoot\system32\drivers\mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwYieldExecution [0x82E3F0A4]
Code \SystemRoot\system32\drivers\mfehidk.sys (McAfee Link Driver/McAfee, Inc.) NtMapViewOfSection
---- Devices - GMER 1.0.15 ----
Device Ntfs.sys (NT File System Driver/Microsoft Corporation)
Device fastfat.SYS (Fast FAT File System Driver/Microsoft Corporation)
AttachedDevice fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \Driver\tdx \Device\Tcp mfewfpk.sys (Anti-Virus Mini-Firewall Driver/McAfee, Inc.)
AttachedDevice \Driver\tdx \Device\Udp mfewfpk.sys (Anti-Virus Mini-Firewall Driver/McAfee, Inc.)
---- EOF - GMER 1.0.15 ----
----------------------------------------------
DDS (Ver_10-12-12.02) - NTFSx86
Run by Susan at 22:16:52.51 on Mon 01/10/2011
Internet Explorer: 8.0.6001.18999
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.1.1033.18.2036.1069 [GMT -6:00]
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {61CDFD9D-3CAC-9270-C6FC-52325ACB795B}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
============== Running Processes ===============
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Dell\DellDock\DockLogin.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\AERTSrv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k hpdevmgmt
C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\PSIService.exe
C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Kodak\KODAK Share Button App\Listener.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\Java\Java Update\jusched .exe
C:\Program Files\Sony\PMB\PMBVolumeWatcher .exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
C:\Users\Susan\Desktop\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe
============== Pseudo HJT Report ===============
uSearch Page =
uWindow Title = Internet Explorer provided by Dell
uStart Page = hxxp://www.google.com/
uSearch Bar =
mSearch Bar = hxxp://www.google.com
uSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%s
mURLSearchHooks: Zynga Toolbar: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - c:\program files\zynga\tbZyng.dll
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Zynga Toolbar: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - c:\program files\zynga\tbZyng.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\common files\mcafee\systemcore\ScriptSn.20101104055059.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Search Toolbar: {9d425283-d487-4337-bab6-ab8354a81457} - c:\program files\search toolbar\SearchToolbar.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - c:\program files\windows live\companion\companioncore.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5805.1910\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - No File
TB: Zynga Toolbar: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - c:\program files\zynga\tbZyng.dll
TB: {0C8413C1-FAD1-446C-8584-BE50576F863E} - No File
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Search Toolbar: {9d425283-d487-4337-bab6-ab8354a81457} - c:\program files\search toolbar\SearchToolbar.dll
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRunOnce: [Shockwave Updater] c:\windows\system32\adobe\shockw~1\SWHELP~1.EXE -Update -1103472 -"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0; Trident/4.0; FBSMTWB; GTB6.6; JobsSearchToolbar 1.2; SLCC1; .NET CLR 2.0.50727; MDDC; .NET CLR 3.5.30729; .NET CLR 3.0.30729; OfficeLiveConnector.1.5; OfficeLivePatch.1.3; .NET4.0C)" -"http://www.southparkstudios.com/games/cc/playset/playset2.html"
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [dellsupportcenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P dellsupportcenter
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [Monitor] "c:\program files\leapfrog\leapfrog connect\Monitor.exe"
mRun: [ReminderApp] c:\program files\nova development\greeting card factory photo card maker 2.0\ReminderApp.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [<NO NAME>]
mRun: [mcui_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask .exe" -atboottime
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [PMBVolumeWatcher] c:\program files\sony\pmb\PMBVolumeWatcher.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-explorer: NoAutoUpdate = 1 (0x1)
mPolicies-explorer: NoWindowsUpdate = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 2 (0x2)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
Trusted Zone: internet
Trusted Zone: mcafee.com
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: jpip - {B92DD248-E3D5-4A92-B311-C9B841681455} - c:\program files\lizardtech\express view\expressview.dll
Handler: sidlet - {B92DD248-E3D5-4A92-B311-C9B841681455} - c:\program files\lizardtech\express view\expressview.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
Notify: igfxcui - igfxdev.dll
IFEO: image file execution options - svchost.exe
Hosts: 64.86.17.56 google.ae
Hosts: 64.86.17.56 google.as
Hosts: 64.86.17.56 google.at
Hosts: 64.86.17.56 google.az
Hosts: 64.86.17.56 google.ba
Note: multiple HOSTS entries found. Please refer to Attach.txt
============= SERVICES / DRIVERS ===============
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-9-25 64160]
R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2009-3-25 386840]
R1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\drivers\mfenlfk.sys [2010-7-10 64304]
R1 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2010-7-10 164840]
R2 AERTFilters;Andrea RT Filters Service;c:\windows\system32\AERTSrv.exe [2007-12-5 77824]
R2 DockLoginService;Dock Login Service;c:\program files\dell\delldock\DockLogin.exe [2008-9-23 155648]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2009-7-3 1029456]
R2 McMPFSvc;McAfee Personal Firewall Service;"c:\program files\common files\mcafee\mcsvchost\McSvHost.exe" /McCoreSvc [2010-7-10 271480]
R2 McNaiAnn;McAfee VirusScan Announcer;"c:\program files\common files\mcafee\mcsvchost\McSvHost.exe" /McCoreSvc [2010-7-10 271480]
R2 McProxy;McAfee Proxy Service;"c:\program files\common files\mcafee\mcsvchost\McSvHost.exe" /McCoreSvc [2010-7-10 271480]
R2 McShield;McShield;c:\program files\common files\mcafee\systemcore\mcshield.exe [2010-7-10 171168]
R2 mfefire;McAfee Firewall Core Service;c:\program files\common files\mcafee\systemcore\mfefire.exe [2010-7-10 188136]
R2 mfevtp;McAfee Validation Trust Protection Service;c:\program files\common files\mcafee\systemcore\mfevtps.exe [2010-7-10 141792]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files\sony\pmb\PMBDeviceInfoProvider.exe [2009-10-24 360224]
R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2010-7-10 55840]
R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2010-7-10 152960]
R3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2010-7-10 52104]
R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2010-7-10 313288]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-2-19 135664]
S3 FlyUsb;FLY Fusion;c:\windows\system32\drivers\FlyUsb.sys [2009-7-30 19456]
S3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2010-10-29 39272]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-9-22 1493352]
S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2010-7-10 84264]
S3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2010-7-10 34248]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S4 TomTomHOMEService;TomTomHOMEService;c:\program files\tomtom home 2\TomTomHOMEService.exe [2009-11-13 92008]
S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-22 51040]
=============== Created Last 30 ================
2011-01-11 02:30:54 94848 ----a-w- C:\pglcypow.sys
2011-01-11 02:00:38 79362 ----a-w- c:\progra~2\o4lniqBY.exe
2011-01-11 01:13:50 -------- d-----w- c:\progra~2\MFAData
2011-01-03 05:44:09 -------- d-----w- c:\program files\VS Revo Group
2010-12-31 07:47:58 6273872 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\{3db25efd-7536-4ed6-be42-6e1cb4cd338a}\mpengine.dll
2010-12-26 17:03:57 -------- d-----w- c:\program files\common files\Kodak
2010-12-26 17:03:55 -------- d-----w- c:\program files\Kodak
2010-12-26 17:01:18 -------- d-----w- c:\progra~2\{49FC035F-4D1B-4459-B8B7-1EF5D11C6BAC}
2010-12-15 23:45:57 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat
==================== Find3M ====================
2011-01-03 05:18:26 848 --sha-w- c:\progra~2\KGyGaAvL.sys
2010-11-04 18:56:07 345600 ----a-w- c:\windows\system32\wmicmiplugin.dll
2010-11-04 18:55:38 352768 ----a-w- c:\windows\system32\taskschd.dll
2010-11-04 18:55:38 270336 ----a-w- c:\windows\system32\taskcomp.dll
2010-11-04 18:55:12 601600 ----a-w- c:\windows\system32\schedsvc.dll
2010-11-04 16:34:06 171520 ----a-w- c:\windows\system32\taskeng.exe
2010-11-02 06:01:54 916480 ----a-w- c:\windows\system32\wininet.dll
2010-11-02 05:57:41 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-11-02 05:57:27 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2010-11-02 05:57:11 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-11-02 05:57:11 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-11-02 05:01:31 385024 ----a-w- c:\windows\system32\html.iec
2010-11-02 04:26:10 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2010-11-02 04:24:44 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2010-10-28 15:44:56 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-10-28 13:27:47 292352 ----a-w- c:\windows\system32\atmfd.dll
2010-10-28 13:20:12 2048 ----a-w- c:\windows\system32\tzres.dll
2010-10-19 16:41:44 222080 ------w- c:\windows\system32\MpSigStub.exe
2010-10-18 13:37:35 81920 ----a-w- c:\windows\system32\consent.exe
2010-10-18 13:31:24 2038272 ----a-w- c:\windows\system32\win32k.sys
============= FINISH: 22:17:59.57 ===============
-------------------------------------------------------------------
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
DDS (Ver_10-12-12.02)
Microsoft® Windows Vista™ Home Basic
Boot Device: \Device\HarddiskVolume3
Install Date: 2/5/2009 8:44:13 PM
System Uptime: 1/10/2011 10:06:40 PM (0 hours ago)
Motherboard: Dell Inc. | | 0G679R
Processor: Intel(R) Celeron(R) CPU 450 @ 2.20GHz | Socket 775 | 2194/200mhz
==== Disk Partitions =========================
C: is FIXED (NTFS) - 283 GiB total, 209.075 GiB free.
D: is FIXED (NTFS) - 15 GiB total, 9.347 GiB free.
E: is CDROM ()
==== Disabled Device Manager Items =============
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft Tun Miniport Adapter
Device ID: ROOT\*TUNMP\0001
Manufacturer: Microsoft
Name: Teredo Tunneling Pseudo-Interface
PNP Device ID: ROOT\*TUNMP\0001
Service: tunmp
==== System Restore Points ===================
==== Hosts File Hijack ======================
Hosts: 64.86.17.56 google.ae
Hosts: 64.86.17.56 google.as
Hosts: 64.86.17.56 google.at
Hosts: 64.86.17.56 google.az
Hosts: 64.86.17.56 google.ba
Hosts: 64.86.17.56 google.be
Hosts: 64.86.17.56 google.bg
Hosts: 64.86.17.56 google.bs
Hosts: 64.86.17.56 google.ca
Hosts: 64.86.17.56 google.cd
Hosts: 64.86.17.56 google.com.gh
Hosts: 64.86.17.56 google.com.hk
Hosts: 64.86.17.56 google.com.jm
Hosts: 64.86.17.56 google.com.mx
Hosts: 64.86.17.56 google.com.my
Hosts: 64.86.17.56 google.com.na
Hosts: 64.86.17.56 google.com.nf
Hosts: 64.86.17.56 google.com.ng
Hosts: 64.86.17.56 google.ch
Hosts: 64.86.17.56 google.com.np
Hosts: 64.86.17.56 google.com.pr
Hosts: 64.86.17.56 google.com.qa
Hosts: 64.86.17.56 google.com.sg
Hosts: 64.86.17.56 google.com.tj
Hosts: 64.86.17.56 google.com.tw
Hosts: 64.86.17.56 google.dj
Hosts: 64.86.17.56 google.de
Hosts: 64.86.17.56 google.dk
Hosts: 64.86.17.56 google.dm
Hosts: 64.86.17.56 google.ee
Hosts: 64.86.17.56 google.fi
Hosts: 64.86.17.56 google.fm
Hosts: 64.86.17.56 google.fr
Hosts: 64.86.17.56 google.ge
Hosts: 64.86.17.56 google.gg
Hosts: 64.86.17.56 google.gm
Hosts: 64.86.17.56 google.gr
Hosts: 64.86.17.56 google.ht
Hosts: 64.86.17.56 google.ie
Hosts: 64.86.17.56 google.im
Hosts: 64.86.17.56 google.in
Hosts: 64.86.17.56 google.it
Hosts: 64.86.17.56 google.ki
Hosts: 64.86.17.56 google.la
Hosts: 64.86.17.56 google.li
Hosts: 64.86.17.56 google.lv
Hosts: 64.86.17.56 google.ma
Hosts: 64.86.17.56 google.ms
Hosts: 64.86.17.56 google.mu
Hosts: 64.86.17.56 google.mw
Hosts: 64.86.17.56 google.nl
Hosts: 64.86.17.56 google.no
Hosts: 64.86.17.56 google.nr
Hosts: 64.86.17.56 google.nu
Hosts: 64.86.17.56 google.pl
Hosts: 64.86.17.56 google.pn
Hosts: 64.86.17.56 google.pt
Hosts: 64.86.17.56 google.ro
Hosts: 64.86.17.56 google.ru
Hosts: 64.86.17.56 google.rw
Hosts: 64.86.17.56 google.sc
Hosts: 64.86.17.56 google.se
Hosts: 64.86.17.56 google.sh
Hosts: 64.86.17.56 google.si
Hosts: 64.86.17.56 google.sm
Hosts: 64.86.17.56 google.sn
Hosts: 64.86.17.56 google.st
Hosts: 64.86.17.56 google.tl
Hosts: 64.86.17.56 google.tm
Hosts: 64.86.17.56 google.tt
Hosts: 64.86.17.56 google.us
Hosts: 64.86.17.56 google.vu
Hosts: 64.86.17.56 google.ws
Hosts: 64.86.17.56 google.co.ck
Hosts: 64.86.17.56 google.co.id
Hosts: 64.86.17.56 google.co.il
Hosts: 64.86.17.56 google.co.in
Hosts: 64.86.17.56 google.co.jp
Hosts: 64.86.17.56 google.co.kr
Hosts: 64.86.17.56 google.co.ls
Hosts: 64.86.17.56 google.co.ma
Hosts: 64.86.17.56 google.co.nz
Hosts: 64.86.17.56 google.co.tz
Hosts: 64.86.17.56 google.co.ug
Hosts: 64.86.17.56 google.co.uk
Hosts: 64.86.17.56 google.co.za
Hosts: 64.86.17.56 google.co.zm
Hosts: 64.86.17.56 google.com
Hosts: 64.86.17.56 google.com.af
Hosts: 64.86.17.56 google.com.ag
Hosts: 64.86.17.56 google.com.ar
Hosts: 64.86.17.56 google.com.au
Hosts: 64.86.17.56 google.com.bn
Hosts: 64.86.17.56 google.com.br
Hosts: 64.86.17.56 google.com.by
Hosts: 64.86.17.56 google.com.bz
Hosts: 64.86.17.56 google.com.cu
Hosts: 64.86.17.56 google.com.ec
Hosts: 64.86.17.56 google.com.fj
Hosts: 64.86.17.56 www.google.ae
Hosts: 64.86.17.56 www.google.as
Hosts: 64.86.17.56 www.google.at
Hosts: 64.86.17.56 www.google.az
Hosts: 64.86.17.56 www.google.ba
Hosts: 64.86.17.56 www.google.be
Hosts: 64.86.17.56 www.google.bg
Hosts: 64.86.17.56 www.google.bs
Hosts: 64.86.17.56 www.google.ca
Hosts: 64.86.17.56 www.google.cd
Hosts: 64.86.17.56 www.google.com.gh
Hosts: 64.86.17.56 www.google.com.hk
Hosts: 64.86.17.56 www.google.com.jm
Hosts: 64.86.17.56 www.google.com.mx
Hosts: 64.86.17.56 www.google.com.my
Hosts: 64.86.17.56 www.google.com.na
Hosts: 64.86.17.56 www.google.com.nf
Hosts: 64.86.17.56 www.google.com.ng
Hosts: 64.86.17.56 www.google.ch
Hosts: 64.86.17.56 www.google.com.np
Hosts: 64.86.17.56 www.google.com.pr
Hosts: 64.86.17.56 www.google.com.qa
Hosts: 64.86.17.56 www.google.com.sg
Hosts: 64.86.17.56 www.google.com.tj
Hosts: 64.86.17.56 www.google.com.tw
Hosts: 64.86.17.56 www.google.dj
Hosts: 64.86.17.56 www.google.de
Hosts: 64.86.17.56 www.google.dk
Hosts: 64.86.17.56 www.google.dm
Hosts: 64.86.17.56 www.google.ee
Hosts: 64.86.17.56 www.google.fi
Hosts: 64.86.17.56 www.google.fm
Hosts: 64.86.17.56 www.google.fr
Hosts: 64.86.17.56 www.google.ge
Hosts: 64.86.17.56 www.google.gg
Hosts: 64.86.17.56 www.google.gm
Hosts: 64.86.17.56 www.google.gr
Hosts: 64.86.17.56 www.google.ht
Hosts: 64.86.17.56 www.google.ie
Hosts: 64.86.17.56 www.google.im
Hosts: 64.86.17.56 www.google.in
Hosts: 64.86.17.56 www.google.it
Hosts: 64.86.17.56 www.google.ki
Hosts: 64.86.17.56 www.google.la
Hosts: 64.86.17.56 www.google.li
Hosts: 64.86.17.56 www.google.lv
Hosts: 64.86.17.56 www.google.ma
Hosts: 64.86.17.56 www.google.ms
Hosts: 64.86.17.56 www.google.mu
Hosts: 64.86.17.56 www.google.mw
Hosts: 64.86.17.56 www.google.nl
Hosts: 64.86.17.56 www.google.no
Hosts: 64.86.17.56 www.google.nr
Hosts: 64.86.17.56 www.google.nu
Hosts: 64.86.17.56 www.google.pl
Hosts: 64.86.17.56 www.google.pn
Hosts: 64.86.17.56 www.google.pt
Hosts: 64.86.17.56 www.google.ro
Hosts: 64.86.17.56 www.google.rw
Hosts: 64.86.17.56 www.google.sc
Hosts: 64.86.17.56 www.google.se
Hosts: 64.86.17.56 www.google.sh
Hosts: 64.86.17.56 www.google.si
Hosts: 64.86.17.56 www.google.sm
Hosts: 64.86.17.56 www.google.sn
Hosts: 64.86.17.56 www.google.st
Hosts: 64.86.17.56 www.google.tl
Hosts: 64.86.17.56 www.google.tm
Hosts: 64.86.17.56 www.google.tt
Hosts: 64.86.17.56 www.google.us
Hosts: 64.86.17.56 www.google.vu
Hosts: 64.86.17.56 www.google.ws
Hosts: 64.86.17.56 www.google.co.ck
Hosts: 64.86.17.56 www.google.co.id
Hosts: 64.86.17.56 www.google.co.il
Hosts: 64.86.17.56 www.google.co.in
Hosts: 64.86.17.56 www.google.co.jp
Hosts: 64.86.17.56 www.google.co.kr
Hosts: 64.86.17.56 www.google.co.ls
Hosts: 64.86.17.56 www.google.co.ma
Hosts: 64.86.17.56 www.google.co.nz
Hosts: 64.86.17.56 www.google.co.tz
Hosts: 64.86.17.56 www.google.co.ug
Hosts: 64.86.17.56 www.google.co.za
Hosts: 64.86.17.56 www.google.co.zm
Hosts: 64.86.17.56 www.google.com.af
Hosts: 64.86.17.56 www.google.com.ag
Hosts: 64.86.17.56 www.google.com.ar
Hosts: 64.86.17.56 www.google.com.au
Hosts: 64.86.17.56 www.google.com.bn
Hosts: 64.86.17.56 www.google.com.br
Hosts: 64.86.17.56 www.google.com.by
Hosts: 64.86.17.56 www.google.com.bz
Hosts: 64.86.17.56 www.google.com.cu
Hosts: 64.86.17.56 www.google.com.ec
Hosts: 64.86.17.56 www.google.com.fj
Hosts: 64.86.17.56 google.com
Hosts: 64.86.17.56 bing.com
Hosts: 64.86.17.56 www.bing.com
Hosts: 64.86.17.56 search.yahoo.com
Hosts: 64.86.17.56 www.search.yahoo.com
Hosts: 64.86.17.56 search.live.com
Hosts: 64.86.17.56 search.msn.com
Hosts: 64.86.17.56 googleads.g.doubleclick.net
Hosts: 64.86.17.56 www.googleads.g.doubleclick.net
Hosts: 64.86.17.56 pubads.g.doubleclick.net
Hosts: 64.86.17.56 www.pubads.g.doubleclick.net
Hosts: 64.86.17.56 partner.googleadservices.com
Hosts: 64.86.17.56 www.partner.googleadservices.com
Hosts: 64.86.17.56 www.partner.googleadservices.com
==== Installed Programs ======================
32 Bit HP CIO Components Installer
Acrobat.com
Ad-Aware
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.4.1
Adobe Shockwave Player 11
Apple Application Support
Apple Mobile Device Support
Apple Software Update
AudioLabel
Bonjour
BufferChm
Canon Camera Access Library
Canon Camera Support Core Library
Canon Camera Window DC_DV 5 for ZoomBrowser EX
Canon Camera Window DC_DV 6 for ZoomBrowser EX
Canon Camera Window MC 6 for ZoomBrowser EX
Canon RAW Image Task for ZoomBrowser EX
Canon RemoteCapture Task for ZoomBrowser EX
Canon Utilities Digital Photo Professional 2.1
Canon Utilities EOS Utility
Canon Utilities PhotoStitch
Canon Utilities ZoomBrowser EX
Color Efex Pro 3.0 Corel Sampler
Compatibility Pack for the 2007 Office system
Copy
Copy Utility
Corel MediaOne
Corel Paint Shop Pro Photo X2
Corel Painter Photo Essentials 4
D3DX10
Dell Dock
Dell Support Center (Support Software)
DELL0604
Destinations
DeviceDiscovery
Digital Concepts Image Manager
DJ_AIO_05_F4400_Software_Min
EDocs
EOS USB WIA Driver
F4400
Family Tree Maker 2010
ffdshow [rev 2527] [2008-12-19]
Google Toolbar for Internet Explorer
Google Update Helper
GPBaseService2
Greeting Card Factory Photo Card Maker 2.0
Haali Media Splitter
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Customer Participation Program 13.0
HP Deskjet F4400 Printer Driver Software 13.0 Rel .5
HP Imaging Device Functions 13.0
HP Print Projects 1.0
HP Smart Web Printing 4.5
HP Solution Center 13.0
HP Update
HPPhotoGadget
hpPrintProjects
HPProductAssistant
hpWLPGInstaller
ImageSkill Background Remover 3
Intel(R) Graphics Media Accelerator Driver
Intel(R) PRO Network Connections 12.1.11.0
Java Auto Updater
Java(TM) 6 Update 22
Java(TM) 6 Update 7
Junk Mail filter update
KODAK Share Button App
LeapFrog Connect
LeapFrog My Pals Plugin
LeapFrog Tag Plugin
LizardTech DjVu Control
Lizardtech Express View Browser Plug-in
Malwarebytes' Anti-Malware
MarketResearch
McAfee Internet Security
McAfee Virtual Technician
Mesh Runtime
Messenger Companion
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Live Add-in 1.5
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Primary Interoperability Assemblies 2005
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
Microsoft Works
Microsoft WSE 3.0
MSVCRT
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
OGA Notifier 2.0.0048.0
PHOTORECOVERY LE
PMB
QuickTime
REACTOR
Realtek High Definition Audio Driver
Roxio Creator Audio
Roxio Creator Copy
Roxio Creator Data
Roxio Creator DE
Roxio Creator Tools
Roxio Express Labeler 3
Roxio Update Manager
SA3020 Device Manager
SA30xx Media Converter
Scan
ScanToWeb
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2289158)
Security Update for 2007 Microsoft Office System (KB2344875)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2345035)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office PowerPoint Viewer (KB2413381)
Security Update for Microsoft Office Publisher 2007 (KB2284697)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Security Update for Windows Media Encoder (KB2447961)
Security Update for Windows Media Encoder (KB979332)
Segoe UI
SmartWebPrinting
SolutionCenter
Spelling Dictionaries Support For Adobe Reader 9
Status
TC Web Conferencing
TomTom HOME 2.7.3.1894
TomTom HOME Visual Studio Merge Modules
Toolbox
TrayApp
Ulead Photo Explorer 8.0 SE
Uninstall Dual Mode Camera (ST606)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2412171)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (KB2466076)
Use the entry named LeapFrog Connect to uninstall (LeapFrog My Pals Plugin)
Use the entry named LeapFrog Connect to uninstall (LeapFrog Tag Plugin)
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
Visual C++ 8.0 CRT (x86) WinSXS MSM
WebReg
Windows Driver Package - Eastman Kodak KODAK Digital Camera (01/29/2010 1.4.1.0)
Windows Driver Package - LeapFrog (FlyUsb) USB (11/05/2008 1.1.1.0)
Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012)
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Media Encoder 9 Series
Zynga Toolbar
==== End Of File ===========================
-------------------------------------------------------------------------
Please help. This problem started after my girls started playing an online game on Facebook. But my son also got online to check some football stuff.