Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Board index Malware Removal ForumsInfected? Virus, malware, adware, ransomware, oh my!

explorer re direct and cant download fix

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.
Topic locked

explorer re direct and cant download fix

Unread postby mwarren » September 15th, 2010, 8:58 pm

I hae been getting re directs for a week or so, AVG did find some and I thought it was fixed. I tried to update to explorer 9 beta today and it wont download any updates for windows 7. I tried to download some fix tools and i get the same message cant connect try back later. I chatted with an local it friend and he said to run combofix and get ahold of you folks so here it is

ComboFix 10-09-14.05 - Mike 09/15/2010 14:35:26.1.2 - x86
Microsoft Windows 7 Enterprise 6.1.7600.0.1252.1.1033.18.1983.1096 [GMT -6:00]
Running from: c:\users\Mike\Downloads\ComboFix.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\5.exe
c:\program files\FLV Direct Player
c:\program files\FLV Direct Player\downloading.swf
c:\program files\FLV Direct Player\FLVPlayer.exe
c:\program files\FLV Direct Player\player.swf
c:\program files\FLV Direct Player\preload.swf
c:\program files\FLV Direct Player\Skin\DirectFLV\Button.bmp
c:\program files\FLV Direct Player\Skin\DirectFLV\Logo.bmp
c:\program files\FLV Direct Player\Skin\DirectFLV\skin.xml
c:\program files\FLV Direct Player\Skin\DirectFLV\SysCloseButton.bmp
c:\program files\FLV Direct Player\Skin\DirectFLV\SysMaxButton.bmp
c:\program files\FLV Direct Player\Skin\DirectFLV\SysMinButton.bmp
c:\program files\FLV Direct Player\Skin\DirectFLV\Window.bmp
c:\program files\FLV Direct Player\uninstall.exe
c:\programdata\Microsoft\Windows\Start Menu\Programs\FLV Direct Player
c:\programdata\Microsoft\Windows\Start Menu\Programs\FLV Direct Player\FLV Direct Player.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\FLV Direct Player\Uninstall FLV Direct Player.lnk
c:\users\Mike\AppData\Local\Microsoft\Windows\Temporary Internet Files\{0903C2F2-7046-47EC-9DAD-25C847765109}.xps
c:\users\Mike\AppData\Local\Microsoft\Windows\Temporary Internet Files\{312D3179-0A4F-4CD2-9B24-F921EB5305CF}.xps
c:\users\Mike\AppData\Local\Microsoft\Windows\Temporary Internet Files\{4311404F-19B0-444B-BD85-B8970CEF09FC}.xps
c:\users\Mike\AppData\Local\Microsoft\Windows\Temporary Internet Files\{C88D332B-5D43-4772-AE42-269FB8AC2582}.xps
c:\users\Mike\AppData\Local\Microsoft\Windows\Temporary Internet Files\Qv_Tn-iraR7XUO
c:\users\Mike\AppData\Local\Microsoft\Windows\Temporary Internet Files\Y_YZzcgPTvC
c:\users\Mike\videos\QBRegCrack.exe
c:\windows\system32\config\systemprofile\AppData\Roaming\chrtmp
c:\windows\system32\drivers\etc\lmhosts
c:\windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job

.
((((((((((((((((((((((((( Files Created from 2010-08-15 to 2010-09-15 )))))))))))))))))))))))))))))))
.

2010-09-15 20:52 . 2010-09-15 20:52 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-09-15 18:38 . 2010-09-15 18:38 -------- d-----w- c:\program files\Feedback Tool
2010-09-15 15:43 . 2010-09-15 15:43 45056 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimwmp.dll
2010-09-15 15:43 . 2010-09-15 15:43 45056 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimswf.dll
2010-09-15 15:43 . 2010-09-15 15:43 49152 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Components\nprpffbrowserrecordext.dll
2010-09-15 15:43 . 2010-09-15 15:43 45056 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimrp.dll
2010-09-15 15:43 . 2010-09-15 15:43 45056 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimqt.dll
2010-09-15 15:43 . 2010-09-15 15:43 308808 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Common\rpmainbrowserrecordplugin.dll
2010-09-15 15:43 . 2010-09-15 15:43 40960 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchromebrowserrecordhelper.dll
2010-09-15 15:43 . 2010-09-15 15:43 14848 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
2010-09-15 15:43 . 2010-09-15 15:43 341600 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
2010-09-15 15:42 . 2010-09-15 15:42 -------- d-----w- c:\program files\Common Files\xing shared
2010-09-15 13:45 . 2010-09-15 13:45 -------- d-----w- c:\program files\Microsoft Office Outlook Connector
2010-09-13 06:52 . 1995-08-14 22:00 57328 ----a-w- c:\windows\system32\ole2conv.dll
2010-09-13 06:52 . 1995-08-14 22:00 51712 ----a-w- c:\windows\system32\ole2prox.dll
2010-09-13 06:52 . 1995-08-14 22:00 12976 ----a-w- c:\windows\system32\scp.dll
2010-09-13 06:52 . 1995-08-08 22:00 536048 ----a-w- c:\windows\system32\oc25.dll
2010-09-13 06:52 . 2010-09-13 06:52 -------- d-----w- c:\program files\Asymetrix
2010-09-13 06:52 . 2010-09-13 06:54 -------- d-----w- c:\program files\Tool book Computer test
2010-09-13 06:51 . 1996-10-16 00:01 298496 ----a-w- c:\windows\uninst.exe
2010-09-13 05:24 . 2010-09-13 05:24 -------- d-----w- c:\windows\system32\Adobe
2010-09-04 15:34 . 2010-09-04 15:34 509552 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtb52E0.tmp.exe
2010-09-04 01:16 . 2004-03-29 22:23 90112 ----a-w- c:\windows\unvise32.exe
2010-09-04 01:15 . 2010-09-04 01:17 -------- d-----w- c:\users\QBPOSDBSrvUser
2010-08-26 20:12 . 2010-08-26 20:12 -------- d-----w- c:\windows\system32\Spool\prtprocs\w32x86\1
2010-08-24 20:49 . 2010-08-24 20:49 -------- d-----w- c:\users\Mike\AppData\Roaming\Download Manager
2010-08-24 20:38 . 2010-09-15 15:51 -------- d-----w- c:\users\Mike\faxes
2010-08-24 15:18 . 2010-08-24 15:00 8192 ----a-w- c:\windows\system32\srvany.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-15 20:44 . 2010-01-15 05:13 -------- d-----w- c:\users\Mike\AppData\Roaming\DNA
2010-09-15 20:41 . 2010-01-15 06:01 -------- d-----w- c:\users\Mike\AppData\Roaming\BitTorrent
2010-09-15 15:43 . 2010-01-16 21:16 -------- d-----w- c:\program files\Common Files\Real
2010-09-15 15:42 . 2010-01-16 22:42 -------- d-----w- c:\program files\Real
2010-09-15 15:41 . 2010-01-16 22:43 499712 ----a-w- c:\windows\system32\msvcp71.dll
2010-09-15 15:41 . 2010-01-16 22:43 348160 ----a-w- c:\windows\system32\msvcr71.dll
2010-09-15 13:43 . 2010-01-28 02:24 -------- d-----w- c:\users\Mike\AppData\Roaming\vlc
2010-09-06 19:18 . 2010-01-15 06:01 -------- d-----w- c:\program files\BitTorrent
2010-08-10 17:39 . 2010-08-10 17:39 -------- d-----w- c:\program files\Common Files\Java
2010-08-10 17:38 . 2010-02-14 16:32 -------- d-----w- c:\program files\Java
2010-08-09 04:34 . 2010-08-02 14:09 766 ----a-r- c:\users\Mike\AppData\Roaming\Microsoft\Installer\{3CD3F0DE-D558-4D67-B0ED-406B2DCA1C36}\_B50F290EB6368D2000FA5A.exe
2010-08-09 04:34 . 2010-08-02 14:09 10134 ----a-r- c:\users\Mike\AppData\Roaming\Microsoft\Installer\{3CD3F0DE-D558-4D67-B0ED-406B2DCA1C36}\_E879BE198FB47E097A074A.exe
2010-08-09 04:34 . 2010-08-02 14:09 10134 ----a-r- c:\users\Mike\AppData\Roaming\Microsoft\Installer\{3CD3F0DE-D558-4D67-B0ED-406B2DCA1C36}\_4412AD15BAA5A28F632D85.exe
2010-08-07 18:25 . 2010-01-15 05:46 -------- d-----w- c:\programdata\Microsoft Help
2010-08-07 18:22 . 2010-01-15 16:28 -------- d-----w- c:\program files\Microsoft
2010-08-07 16:41 . 2010-08-07 16:37 -------- d-----w- c:\program files\Zune
2010-08-05 16:39 . 2010-08-05 16:38 -------- d-----w- c:\program files\esri
2010-08-05 04:23 . 2010-01-15 16:07 114776 ----a-w- c:\users\Mike\AppData\Local\GDIPFONTCACHEV1.DAT
2010-08-03 13:50 . 2010-08-03 13:50 7 ----a-w- c:\programdata\PM.dat
2010-08-02 14:10 . 2010-08-02 14:10 3310 ----a-r- c:\users\Mike\AppData\Roaming\Microsoft\Installer\{311B6629-7711-4937-9DD1-2172016B73FA}\_69525f90.exe
2010-08-02 14:10 . 2010-08-02 14:10 1078 ----a-r- c:\users\Mike\AppData\Roaming\Microsoft\Installer\{311B6629-7711-4937-9DD1-2172016B73FA}\_2cd672ae.exe
2010-08-02 14:10 . 2010-08-02 14:10 3310 ----a-r- c:\users\Mike\AppData\Roaming\Microsoft\Installer\{311B6629-7711-4937-9DD1-2172016B73FA}\_4ae13d6c.exe
2010-08-02 14:10 . 2010-08-02 14:10 3310 ----a-r- c:\users\Mike\AppData\Roaming\Microsoft\Installer\{311B6629-7711-4937-9DD1-2172016B73FA}\_294823.exe
2010-08-02 14:10 . 2010-08-02 14:10 3310 ----a-r- c:\users\Mike\AppData\Roaming\Microsoft\Installer\{311B6629-7711-4937-9DD1-2172016B73FA}\_18be6784.exe
2010-08-02 14:10 . 2010-08-02 14:10 -------- d-----w- c:\program files\FlamMap3
2010-07-29 17:30 . 2010-07-29 17:30 -------- d-----w- c:\users\Mike\AppData\Roaming\TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1
2010-07-29 06:30 . 2010-08-12 16:06 197632 ----a-w- c:\windows\system32\ir32_32.dll
2010-07-29 06:30 . 2010-08-12 16:06 82944 ----a-w- c:\windows\system32\iccvid.dll
2010-07-28 19:06 . 2010-07-28 19:06 -------- d-----w- c:\users\Mike\AppData\Roaming\G7PS
2010-07-28 18:48 . 2010-07-28 18:48 -------- d-----w- c:\programdata\G7PS
2010-07-28 18:46 . 2010-07-28 18:46 -------- d-----w- c:\program files\gs
2010-07-28 18:46 . 2010-07-28 18:46 -------- d-----w- c:\program files\Common Files\G7PS
2010-07-28 18:45 . 2010-07-28 18:45 -------- d-----w- c:\program files\G7PS
2010-07-28 18:43 . 2010-02-02 02:26 -------- d-----w- c:\program files\Common Files\InstallShield
2010-07-28 01:12 . 2010-07-28 01:12 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2010-07-20 14:27 . 2010-01-28 02:24 -------- d-----w- c:\users\Mike\AppData\Roaming\dvdcss
2010-07-17 11:00 . 2010-06-04 14:47 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-07-15 21:10 . 2010-01-15 15:46 243024 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-07-15 21:10 . 2010-07-15 21:10 12536 ----a-w- c:\windows\system32\avgrsstx.dll
2010-07-15 21:09 . 2010-01-15 15:45 216400 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-07-15 01:20 . 2010-07-15 01:20 331033 ----a-w- c:\users\Mike\AppData\Roaming\.cps\1.0\var\cache\jna\jnidispatch.dll
2010-07-01 04:57 . 2010-07-01 04:57 18944 ----a-r- c:\users\Mike\AppData\Roaming\Microsoft\Installer\{8F018A9E-56DE-4A79-A5EF-25F413F1D538}\IconBB6A16301.exe
2010-07-01 04:57 . 2010-07-01 04:57 11264 ----a-r- c:\users\Mike\AppData\Roaming\Microsoft\Installer\{8F018A9E-56DE-4A79-A5EF-25F413F1D538}\IconBB6A1630.exe
2010-06-30 06:25 . 2010-08-12 16:06 978432 ----a-w- c:\windows\system32\wininet.dll
2010-06-22 02:47 . 2010-08-12 16:06 310784 ----a-w- c:\windows\system32\drivers\srv.sys
2010-06-22 02:47 . 2010-08-12 16:06 307200 ----a-w- c:\windows\system32\drivers\srv2.sys
2010-06-22 02:47 . 2010-08-12 16:06 113664 ----a-w- c:\windows\system32\drivers\srvnet.sys
2010-06-19 06:33 . 2010-08-12 16:06 3955080 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-06-19 06:33 . 2010-08-12 16:06 3899784 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-06-19 06:23 . 2010-08-12 16:06 37376 ----a-w- c:\windows\system32\rtutils.dll
2010-06-19 04:07 . 2010-08-12 16:06 2326016 ----a-w- c:\windows\system32\win32k.sys
2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.

------- Sigcheck -------

[-] 2010-04-15 . 7BD7F45FF37FA0669CD32CA0EF46E22C . 811520 . . [6.1.7600.16385] . . c:\windows\System32\user32.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}]
2009-12-31 18:53 2349080 ----a-w- c:\program files\DVDVideoSoft\tbDVDV.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}"= "c:\program files\DVDVideoSoft\tbDVDV.dll" [2009-12-31 2349080]

[HKEY_CLASSES_ROOT\clsid\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{E9911EC6-1BCC-40B0-9993-E0EEA7F6953F}"= "c:\program files\DVDVideoSoft\tbDVDV.dll" [2009-12-31 2349080]

[HKEY_CLASSES_ROOT\clsid\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BitTorrent DNA"="c:\users\Mike\Program Files\DNA\btdna.exe" [2010-01-15 323392]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-01-15 39408]
"Access Remote PC 4.9"="c:\program files\Access Remote PC 4.9\rpcsetup.exe" [2006-04-15 2756608]
"BitTorrent"="c:\program files\BitTorrent\bittorrent.exe" [2010-09-02 689016]
"Weather"="c:\program files\AWS\WeatherBug\Weather.exe" [2010-04-29 1652736]
"RDPViewer"="c:\users\Mike\AppData\Local\RDPViewer\RDPViewer.dll" [2010-08-15 90112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2009-09-27 83312]
"AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2010-07-19 2065760]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-03-28 1045800]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-03-06 13605408]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-03-06 92704]
"Bing Bar"="c:\program files\MSN Toolbar\Platform\5.0.1051.0\mswinext.exe" [2009-11-14 243032]
"Microsoft Default Manager"="c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-07-17 288080]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]
"PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2007-08-07 200704]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2008-06-12 37232]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2008-06-12 640376]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-11 417792]
"LXBXCATS"="c:\windows\system32\spool\DRIVERS\W32X86\3\LXBXtime.dll" [2007-02-22 73728]
"lxbxmon.exe"="c:\program files\Lexmark 7100 Series\lxbxmon.exe" [2007-05-11 205744]
"EzPrint"="c:\program files\Lexmark 7100 Series\ezprint.exe" [2007-05-11 103344]
"Zune Launcher"="c:\program files\Zune\ZuneLauncher.exe" [2010-01-07 158448]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-09-15 202256]

c:\users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2010 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office14\ONENOTEM.EXE [2009-11-3 225680]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
WinZip Quick Pick.lnk - c:\program files\WinZip\WZQKPICK.EXE [2009-5-11 525640]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-01-22 135664]
R2 KMService;KMService;c:\windows\system32\srvany.exe [2010-08-24 8192]
R3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2008-08-15 284016]
R3 MRV6X32U;Marvell TOPDOG 802.11n WLAN Driver for Vista x86 (USB8x);c:\windows\system32\DRIVERS\MRVW24B.sys [2008-03-19 310016]
R3 PTDMBus;PANTECH USB Modem Composite Device Driver ;c:\windows\system32\DRIVERS\PTDMBus.sys [2009-11-03 55056]
R3 PTDMMdm;PANTECH USB Modem Drivers ;c:\windows\system32\DRIVERS\PTDMMdm.sys [2009-11-03 160912]
R3 PTDMVsp;PANTECH USB Modem Serial Port ;c:\windows\system32\DRIVERS\PTDMVsp.sys [2009-11-03 160912]
R3 PTDMWFLT;PTDMWWAN Filter Driver;c:\windows\system32\DRIVERS\PTDMWFLT.sys [2009-11-03 13456]
R3 PTDMWWAN;PANTECH USB Modem WWAN Driver;c:\windows\system32\DRIVERS\PTDMWWAN.sys [2009-11-03 118800]
R3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys [2009-12-22 16456]
R3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys [2009-12-22 11088]
R3 SMSIVZAM5;SMSIVZAM5 NDIS Protocol Driver;c:\progra~1\VERIZO~1\VZACCE~1\SMSIVZAM5.SYS [2009-05-25 32408]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
R3 WatAdminSvc;WatAdminSvc;c:\windows\system32\Wat\WatAdminSvc.exe [2010-02-27 1343400]
S0 AvgRkx86;avgrkx86.sys;c:\windows\System32\Drivers\avgrkx86.sys [2010-03-17 52872]
S1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\System32\Drivers\avgldx86.sys [2010-07-15 216400]
S1 AvgTdiX;AVG Network Redirector;c:\windows\System32\Drivers\avgtdix.sys [2010-07-15 243024]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 Access Remote PC Service 4.9;Access Remote PC Service 4.9;c:\program files\Access Remote PC 4.9\rpcsetup.exe [2006-04-15 2756608]
S2 avg9wd;AVG WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [2010-07-15 308136]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2009-09-26 4639136]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]

.
Contents of the 'Scheduled Tasks' folder

2010-09-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-22 23:44]

2010-09-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-22 23:44]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.bing.com/
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
DPF: {C49134CC-B5EF-458C-A442-E8DFE7B4645F} - hxxp://www.yoyogames.com/downloads/activex/YoYo.cab
FF - ProfilePath - c:\users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\1i9npuua.default\
FF - prefs.js: browser.search.selectedEngine - Bing
FF - prefs.js: browser.startup.homepage - hxxp://bing.zugo.com/?cfg=2-76-0-10bLW
FF - prefs.js: keyword.URL - hxxp://bing.zugotoolbar.com/s/?iesrc=IE ... te=Bing&q=
FF - component: c:\program files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\components\SEPsearchhelperff.dll
FF - component: c:\program files\MSN Toolbar\Platform\5.0.1051.0\Firefox\components\DomBridge.dll
FF - component: c:\users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\1i9npuua.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\WINNT_x86-msvc\components\ipc.dll
FF - plugin: c:\progra~1\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\MSN Toolbar\Platform\5.0.1051.0\npwinext.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: c:\users\Mike\Program Files\DNA\plugins\npbtdna.dll
.
- - - - ORPHANS REMOVED - - - -

BHO-{c1263f1a-a5d3-bdeb-a1b9-1fa6b2d8ae6d} - c:\windows\system32\2liLZ_S5xL6fp-.dll


.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-768325780-149051915-1212085013-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{CF6710A8-FC7B-7AD9-CFBC-9804A0607A0F}*]
"haocchdfdleooola"=hex:6a,61,61,6b,64,66,64,63,6c,6e,64,68,64,6e,66,6d,67,64,
61,61,00,00
"iaadkbidfociliapnl"=hex:6a,61,61,6b,64,66,64,63,6c,6e,64,68,64,6e,66,6d,67,64,
61,61,00,f3

[HKEY_USERS\S-1-5-21-768325780-149051915-1212085013-1001\Software\SuperWaba\appSettings\*´*`& ]
"Len"=dword:0000001b
"Value"=hex:31,30,2e,30,2e,31,2e,31,30,7c,34,30,39,36,7c,35,30,30,30,30,7c,38,
7c,37,7c,30,00

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2010-09-15 14:57:04
ComboFix-quarantined-files.txt 2010-09-15 20:57

Pre-Run: 40,310,018,048 bytes free
Post-Run: 42,629,308,416 bytes free

- - End Of File - - D4D62BE04C6DFA167495B0B9CE12EBC4
mwarren
Active Member
 
Posts: 4
Joined: September 15th, 2010, 8:06 pm
Top
Advertisement
Register to Remove

Re: explorer re direct and cant download fix

Unread postby NonSuch » September 16th, 2010, 12:48 am

ComboFix is not a tool that is intended to be used without the direct supervision of a qualified expert. To use ComboFix on your own is to court disaster for your computer. Please stop all attempts at self-fixes for your system's issues as that may only confuse the issue further and cause additional problems as well.

In order for us to help you it is necessary that you provide us with a HijackThis log. Please follow the guideline at the link below to start a new topic and post your HijackThis log. Also include your ComboFix log in the same post.

This topic is now closed. Please start a new topic by following the HijackThis Guideline posted here: >Guideline for posting your HijackThis log<
User avatar
NonSuch
Administrator
Administrator
 
Posts: 28747
Joined: February 23rd, 2005, 7:08 am
Location: California
Top
Topic locked
  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 543 guests

The teamDelete all board cookiesAll times are UTC - 5 hours [ DST ]

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware

Board index