Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Google redirects links to ?????

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Google redirects links to ?????

Unread postby rmkthandyman » February 19th, 2011, 1:10 am

Goodafternoon Ladies & Gentlemen,

When I click on links found in a Google search, I get redirected to irrelevant web sites. I'm guessing this is not a new issue.

I found my way here via a Google forum that suggested Combofix at Bleeping Computers whose instructions recommended your forum (among others)..

Look forward to hearing from you shortly.

Bob.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 2:19:16 PM, on 19/02/2011
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Wintab32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Spatial Freedom\Astroid\AstroidSvc.exe
C:\Documents and Settings\Bob Thompson\Application Data\HP SimpleSave Application\uUACTokenSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\RTHDCPL.EXE
J:\ScanSoft\PaperPort 12\PaperPort\PDFProFiltSrvPP.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
J:\ScanSoft\OmniPagePro14.0\Opware14.exe
J:\ScanSoft\PaperPort 12\PaperPort\pptd40nt.exe
J:\ScanSoft\PaperPort 12\PDFViewerPlus\pdfpro5hook.exe
L:\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\All Users\Application Data\FLEXnet\Connect\11\ISUSPM.exe
J:\activesync\WCESCOMM.EXE
H:\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\WinZip\WZQKPICK.EXE
J:\Microsoft Office\Office\1033\msoffice.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\system32\mqsvc.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\system32\wuauclt.exe
G:\Mozilla\Firefox\firefox.exe
G:\Mozilla\Firefox\plugin-container.exe
J:\ScanSoft\PaperPort 12\PaperPort\PaprPort.exe
J:\ScanSoft\PaperPort 12\PaperPort\PPLINKS.EXE
K:\My Documents\My PaperPort Documents\Computers\MalWare Elimination\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com/?o=15620&l=dis
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: (no name) - {472734EA-242A-422b-ADF8-83D1E48CC825} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - H:\SPYBOT~1\SDHelper.dll
O2 - BHO: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - J:\ScanSoft\PaperPort 12\PDFViewerPlus\Bin\PlusIEContextMenu.dll
O2 - BHO: Viewpoint Toolbar BHO - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:\Program Files\Viewpoint\Viewpoint Toolbar\3.9.0\ViewBarBHO.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: ZeonIEEventHelper Class - {DA986D7D-CCAF-47B2-84FE-BFA1549BEBF9} - J:\ScanSoft\PaperPort 12\PDFViewerPlus\Bin\ZeonIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\Program Files\Common Files\Viewpoint\Toolbar Runtime\3.9.0\IEViewBar.dll
O3 - Toolbar: Nuance PDF - {E3286BF1-E654-42FF-B4A6-5E111731DF6B} - J:\ScanSoft\PaperPort 12\PDFViewerPlus\Bin\ZeonIEFavClient.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Opware14] "J:\ScanSoft\OmniPagePro14.0\Opware14.exe"
O4 - HKLM\..\Run: [IndexSearch] "J:\ScanSoft\PaperPort 12\PaperPort\IndexSearch.exe"
O4 - HKLM\..\Run: [PaperPort PTD] "J:\ScanSoft\PaperPort 12\PaperPort\pptd40nt.exe"
O4 - HKLM\..\Run: [PPort12reminder] "J:\ScanSoft\PaperPort 12\PaperPort\Ereg\Ereg.exe" -r "C:\Documents and Settings\All Users\Application Data\ScanSoft\PaperPort\12\Config\Ereg\Ereg.ini"
O4 - HKLM\..\Run: [PDFHook] J:\ScanSoft\PaperPort 12\PDFViewerPlus\pdfpro5hook.exe
O4 - HKLM\..\Run: [PDF5 Registry Controller] J:\ScanSoft\PaperPort 12\PDFViewerPlus\RegistryController.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "L:\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "H:\Adobe\Reader\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ISTray] "h:\PC Tools Security\pctsGui.exe" /hideGUI
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ISUSPM] C:\Documents and Settings\All Users\Application Data\FLEXnet\Connect\11\ISUSPM.exe -scheduler
O4 - HKCU\..\Run: [H/PC Connection Agent] "J:\activesync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] H:\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: HP SimpleSave Monitor.lnk = C:\Documents and Settings\Bob Thompson\Application Data\HP SimpleSave Application\StartHelper.exe
O4 - Startup: Microsoft Office.lnk = J:\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: Append the content of the link to existing PDF file - res://J:\ScanSoft\PaperPort 12\PDFViewerPlus\Bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML
O8 - Extra context menu item: Append the content of the selected links to existing PDF file - res://J:\ScanSoft\PaperPort 12\PDFViewerPlus\Bin\ZeonIEFavClient.dll/ZeonIEAppendSelLinks.HTML
O8 - Extra context menu item: Append to existing PDF file - res://J:\ScanSoft\PaperPort 12\PDFViewerPlus\Bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML
O8 - Extra context menu item: Create PDF file - res://J:\ScanSoft\PaperPort 12\PDFViewerPlus\Bin\ZeonIEFavClient.dll/ZeonIECapture.HTML
O8 - Extra context menu item: Create PDF file from the content of the link - res://J:\ScanSoft\PaperPort 12\PDFViewerPlus\Bin\ZeonIEFavClient.dll/ZeonIECapture.HTML
O8 - Extra context menu item: Create PDF files from the selected links - res://J:\ScanSoft\PaperPort 12\PDFViewerPlus\Bin\ZeonIEFavClient.dll/ZeonIECaptureSelLinks.HTML
O8 - Extra context menu item: Open with PDF Viewer Plus - res://J:\ScanSoft\PaperPort 12\PDFViewerPlus\Bin\PlusIEContextMenu.dll/PlusIEContextMenu.htm
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - j:\ACTIVE~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - j:\ACTIVE~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - j:\ACTIVE~1\INetRepl.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - H:\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - H:\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Astroid - Spatial Freedom - C:\Program Files\Spatial Freedom\Astroid\AstroidSvc.exe
O23 - Service: BackupService - ArcSoft, Inc. - C:\Documents and Settings\Bob Thompson\Application Data\HP SimpleSave Application\uUACTokenSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PDFProFiltSrvPP - Nuance Communications, Inc. - J:\ScanSoft\PaperPort 12\PaperPort\PDFProFiltSrvPP.exe
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: Wintab32 - Unknown owner - C:\WINDOWS\system32\Wintab32.exe

--
End of file - 11122 bytes


Startup List

7-Zip 4.57
ACDSee for PENTAX 3.0
Ad-aware 6 Personal
Adobe Flash Player 10 Plugin
Adobe Flash Player ActiveX
Adobe Reader 9.3.3
Advanced Font Viewer 5.1
AML Free Registry Cleaner 4.21
AnswerWorks 5.0 English Runtime
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Astroid Add-In 1.4 for SolidWorks
Astroid Drivers 2.15
Bonjour
Canon Camera Access Library
Canon CanoScan Toolbox 4.9
Canon DIGITAL CAMERA Solution Disk Software Guide
Canon MOV Decoder
Canon MOV Encoder
Canon MovieEdit Task for ZoomBrowser EX
Canon Personal Printing Guide
Canon PhotoRecord
Canon PowerShot SX210 IS Camera User Guide
Canon ScanGear Starter
Canon Utilities CameraWindow
Canon Utilities CameraWindow DC 8
Canon Utilities Movie Uploader for YouTube
Canon Utilities MyCamera
Canon Utilities PhotoStitch
Canon Utilities RemoteCapture 1.2
Canon Utilities ZoomBrowser EX
Canon ZoomBrowser EX Memory Card Utility
Citrix Presentation Server Client - Web Only
Compatibility Pack for the 2007 Office system
Crystal Reports for .NET Framework 2.0 (x86)
DataCAD 12
designIT4
designIT4
Dragon NaturallySpeaking 10
DWGeditor
DWGeditor
eDrawings 2007
Free&Easy Font Viewer 2.0
FreeRIP v3.5
Google Earth Plug-in
Google Update Helper
Google Updater
Hardlock Device Drivers
Hitman Pro 3.5
Hotfix for Windows XP (KB981793)
Hubb Investor
IKEA Home Planner
iTunes
Java(TM) 6 Update 22
Lexmark Printer Software Uninstall
LiveReg (Symantec Corporation)
LiveUpdate 1.6 (Symantec Corporation)
Logitech Webcam Software
Logitech Webcam Software Driver Package
Manual CanoScan LiDE 500F
Microsoft .NET Framework 2.0
Microsoft .NET Framework 3.0
Microsoft .NET Framework 3.0
Microsoft ActiveSync 3.1
Microsoft Office 2000 Premium
Microsoft Office 2003 Web Components
Microsoft Reader
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual Studio 2005 Tools for Applications - ENU
Microsoft Visual Studio 2005 Tools for Applications - ENU
Mozilla Firefox (3.6.13)
Mozilla Thunderbird (3.1.7)
MSXML 4.0 SP3 Parser
MSXML 4.0 SP3 Parser (KB973685)
MSXML 6 Service Pack 2 (KB973686)
Nero Suite
NETGEAR ProSafe Firewall Router
Norton CleanSweep
Nuance PaperPort 12
Nuance PDF Viewer Plus
NVIDIA Drivers
PaperPort Image Printer
Password Agent 2.6.2
Quicken 2010
Quicken 2011
QuickTime
Realtek High Definition Audio Driver
ScanSoft OmniPage Pro 14.0
ScanSoft PDF Converter
ScanSoft PDF Printer
Security Update for CAPICOM (KB931906)
Security Update for CAPICOM (KB931906)
Security Update for Windows Media Player (KB978695)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB926247)
Security Update for Windows XP (KB939373)
Security Update for Windows XP (KB942830)
Security Update for Windows XP (KB942831)
Security Update for Windows XP (KB953155)
Security Update for Windows XP (KB970483)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB976323)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB982381)
Skype web features
Skype™ 4.1
SolidWorks 2010 SP0
SolidWorks 2010 SP0
SolidWorks eDrawings 2010
SolidWorks Explorer 2007 sp0
SolidWorks Installation Manager
Turbo Lister 2
UBD on Disk Brisbane
Viewpoint Manager (Remove Only)
Viewpoint Media Player
Viewpoint Toolbar
Visual C++ Runtime for Dragon NaturallySpeaking
What's my computer doing 1.xx
Windows Communication Foundation
Windows Media Format 11 runtime
Windows Media Player 11
Windows Presentation Foundation
Windows Workflow Foundation
Wintime USB Tablet Driver
WinZip
rmkthandyman
Active Member
 
Posts: 4
Joined: February 19th, 2011, 1:06 am
Advertisement
Register to Remove

Re: Google redirects links to ?????

Unread postby deltalima » February 22nd, 2011, 1:45 pm

Checking your log - back soon.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: Google redirects links to ?????

Unread postby deltalima » February 22nd, 2011, 1:53 pm

Hi rmkthandyman,

Welcome to the forum.

My nickname is deltalima and I will be helping you with your malware issue.

Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.


Please note the following:
  • I will be working on your Malware issues, this may or may not, solve other issues you have with your machine.
  • The fixes are specific to your problem and should only be used for this issue on this machine.
  • Please do not run any scans or make any changes to the system unless I ask you too.
  • Please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear.
  • If after 3 days you have not responded to this topic, it will be closed, and you will need to start a new one.
  • It's often worth reading through these instructions and printing them for ease of reference.
  • If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
  • Please reply to this thread. Do not start a new topic.

CKScanner

  • Please download CKScanner from here to your Desktop.
  • Make sure that CKScanner.exe is on the your Desktop before running the application!
  • Double-click on CKScanner.exe and click Search For Files.
  • After a very short time, when the cursor hourglass disappears, click Save List To File.
  • A message box will verify the file saved
  • Double-click on the CKFiles.txt icon on your Desktop and copy/paste the contents in your next reply.

Next

  • Please download this tool from Microsoft.
  • Double click on MGADiag.exe to run it.
  • Click Continue.
  • The program will run. It takes a while to finish the diagnosis, please be patient.
  • Once done, click on Copy.
  • Open Notepad and paste the contents in the window.
  • Save this file and copy/paste it in your next reply.

Please let me know if the computer is used for home or for business use.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: Google redirects links to ?????

Unread postby rmkthandyman » February 23rd, 2011, 3:55 am

Hi deltalima,

Thanks for your response. Information you require is below.

My system is for home use.

A question, why do you request saving programs to the desktop? I try to avoid doing this for security reasons. The only thing on my desktop are shortcuts.

Regards Bob.

CKScanner - Additional Security Risks - These are not necessarily bad
scanner sequence 3.RP.11
----- EOF -----

Diagnostic Report (1.9.0027.0):
-----------------------------------------
Windows Validation Data-->
Validation Status: Genuine
Validation Code: 0
Cached Validation Code: N/A
Windows Product Key: *****-*****-C497G-6KFR7-7B6F8
Windows Product Key Hash: Vvfy4db8KdcIcXJGtuBwJJBj6W4=
Windows Product ID: 76487-023-5270876-22625
Windows Product ID Type: 5
Windows License Type: Retail
Windows OS version: 5.1.2600.2.00010100.2.0.pro
ID: {0A953A8F-7998-4D3E-9D7B-CCFFD14D003E}(3)
Is Admin: Yes
TestCab: 0x0
LegitcheckControl ActiveX: Registered, 1.9.42.0
Signed By: Microsoft
Product Name: N/A
Architecture: N/A
Build lab: N/A
TTS Error: N/A
Validation Diagnostic: 025D1FF3-230-1
Resolution Status: N/A

Vista WgaER Data-->
ThreatID(s): N/A
Version: N/A

Windows XP Notifications Data-->
Cached Result: N/A, hr = 0x80070002
File Exists: No
Version: N/A, hr = 0x80070002
WgaTray.exe Signed By: N/A, hr = 0x80070002
WgaLogon.dll Signed By: N/A, hr = 0x80070002

OGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
OGAExec.exe Signed By: N/A, hr = 0x80070002
OGAAddin.dll Signed By: N/A, hr = 0x80070002

OGA Data-->
Office Status: 109 N/A
OGA Version: N/A, 0x80070002
Signed By: N/A, hr = 0x80070002
Office Diagnostics: 025D1FF3-230-1

Browser Data-->
Proxy settings: N/A
User Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)
Default Browser: G:\Mozilla\Firefox\firefox.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
Script ActiveX controls marked as safe for scripting: Allowed

File Scan Data-->

Other data-->
Office Details: <GenuineResults><MachineData><UGUID>{0A953A8F-7998-4D3E-9D7B-CCFFD14D003E}</UGUID><Version>1.9.0027.0</Version><OS>5.1.2600.2.00010100.2.0.pro</OS><Architecture>x32</Architecture><PKey>*****-*****-*****-*****-7B6F8</PKey><PID>76487-023-5270876-22625</PID><PIDType>5</PIDType><SID>S-1-5-21-823518204-1614895754-725345543</SID><SYSTEM><Manufacturer>System manufacturer</Manufacturer><Model>P5K-VM</Model></SYSTEM><BIOS><Manufacturer>American Megatrends Inc.</Manufacturer><Version>0704 </Version><SMBIOSVersion major="2" minor="4"/><Date>20080118000000.000000+000</Date></BIOS><HWID>040A39470184307B</HWID><UserLCID>0C09</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>E. Australia Standard Time(GMT+10:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM/><GANotification/></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults>

Licensing Data-->
N/A

Windows Activation Technologies-->
N/A

HWID Data-->
N/A

OEM Activation 1.0 Data-->
BIOS string matches: yes
Marker string from BIOS: 14250:ASUSTeK Computer Inc|15937:GENUINE C&C INC
Marker string from OEMBIOS.DAT: N/A, hr = 0x80004005

OEM Activation 2.0 Data-->
N/A
rmkthandyman
Active Member
 
Posts: 4
Joined: February 19th, 2011, 1:06 am

Re: Google redirects links to ?????

Unread postby deltalima » February 23rd, 2011, 6:16 am

Hi rmkthandyman,

A question, why do you request saving programs to the desktop? I try to avoid doing this for security reasons. The only thing on my desktop are shortcuts.


Some of our tools are designed to run from the desktop, there is no security risk in doing so. All tools will be removed once we are done.

Please let me know what antivirus program you are using, I see traces of PC Tools Security but it does not show in the uninstall list.

My system is for home use.


Do you work at home? SolidWorks 2010 SP0 is not something I would expect to see on a home computer.

Download DDS

Please download DDS by sUBs from the link below and save it to your desktop.

Link

Please disable any anti-malware program that will block scripts from running before running DDS.

  • Double-Click on dds.scr and a command window will appear. This is normal.
  • Shortly after two logs will appear:
    • DDS.txt
    • Attach.txt
  • A window will open instructing you save & post the logs
  • Save the logs to a convenient place such as your desktop
  • Copy the contents of both logs & post in your next reply

Please download GMER Rootkit Scanner from here.
  • Double click the .exe file. If asked to allow gmer.sys driver to load, please consent
  • If it gives you a warning at program start about rootkit activity and asks if you want to run a scan...click NO.
  • Run Gmer again and click on the Rootkit tab.
  • Look at the right hand side (under Files) and uncheck all drives with the exception of your C drive.
  • Make sure all other boxes on the right of the screen are checked, EXCEPT for "Show All".
  • Click on the "Scan" and wait for the scan to finish.
    Note: Before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while this scan completes. Also do not use your computer during the scan.
  • When completed, click on the Copy button and right-click on your Desktop, choose "New" > Text document. Once the file is created, open it and right-click again and choose Paste or Ctrl+V. Save the file as gmer.txt and copy the information in your next reply.
  • Note: If you have any problems, try running GMER in SAFE MODE
Important! Please do not select the "Show all" checkbox during the scan..

Please post the GMER log along with DDS.txt and Attach.txt from the DDS scan into your next reply.

Please let me know what Citrix Presentation Server Client - Web Only is used for.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: Google redirects links to ?????

Unread postby rmkthandyman » February 23rd, 2011, 7:14 am

G'Day deltalima,

Answers to questions.

I was running Microsoft's internet security suite (I can't remember the exact name) and I had a crash towards the end of last year. I reinstalled all of my data from backup but have not reinstalled all of the programs that I had. I guess there are bits left over.

I use Solidworks at my work. I have a copy here as a learning tool as there never seems to be enough time at work to find out new way of using the program.

The Citrix program allows me to log in to my company's system when necessary. Our manufacturing runs 24/7 and I occasionally have to do troubleshooting after hours.

Copies of logs below.

Regards
Bob

GMER 1.0.15.15530 - http://www.gmer.net
Rootkit quick scan 2011-02-23 20:51:47
Windows 5.1.2600 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4 WDC_WD1200JB-00GVA0 rev.08.02D08
Running: zhdggptu.exe; Driver: C:\DOCUME~1\BOBTHO~1\LOCALS~1\Temp\pxldypog.sys


---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Ntfs \Ntfs SiWinAcc.sys (Windows Accelerator Driver/Silicon Image, Inc.)
AttachedDevice \FileSystem\Fastfat \Fat fltMgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\Fastfat \Fat SiWinAcc.sys (Windows Accelerator Driver/Silicon Image, Inc.)

---- EOF - GMER 1.0.15 ----



DDS (Ver_10-12-12.02) - NTFSx86
Run by Bob Thompson at 20:47:39.34 on Wed 23/02/2011
Internet Explorer: 6.0.2900.2180 BrowserJavaVersion: 1.6.0_22
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.3327.2721 [GMT 10:00]


============== Running Processes ===============

C:\WINDOWS\system32\Wintab32.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Spatial Freedom\Astroid\AstroidSvc.exe
C:\Documents and Settings\Bob Thompson\Application Data\HP SimpleSave Application\uUACTokenSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\system32\nvsvc32.exe
J:\ScanSoft\PaperPort 12\PaperPort\PDFProFiltSrvPP.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\system32\mqsvc.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
J:\ScanSoft\PaperPort 12\PaperPort\pptd40nt.exe
J:\ScanSoft\PaperPort 12\PDFViewerPlus\pdfpro5hook.exe
L:\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\All Users\Application Data\FLEXnet\Connect\11\ISUSPM.exe
J:\activesync\WCESCOMM.EXE
C:\Program Files\WinZip\WZQKPICK.EXE
J:\Microsoft Office\Office\1033\msoffice.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
G:\Mozilla\Firefox\firefox.exe
G:\Download\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.ask.com/?o=15620&l=dis
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: H - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - h:\spybot~1\SDHelper.dll
BHO: PlusIEEventHelper Class: {551a852f-39a6-44a7-9c13-afbec9185a9d} - j:\scansoft\paperport 12\pdfviewerplus\bin\PlusIEContextMenu.dll
BHO: Viewpoint Toolbar BHO: {a7327c09-b521-4edb-8509-7d2660c9ec98} - c:\program files\viewpoint\viewpoint toolbar\3.9.0\ViewBarBHO.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.2.4204.1700\swg.dll
BHO: ZeonIEEventHelper Class: {da986d7d-ccaf-47b2-84fe-bfa1549bebf9} - j:\scansoft\paperport 12\pdfviewerplus\bin\ZeonIEFavClient.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
TB: Viewpoint Toolbar: {f8ad5aa5-d966-4667-9daf-2561d68b2012} - c:\program files\common files\viewpoint\toolbar runtime\3.9.0\IEViewBar.dll
TB: Nuance PDF: {e3286bf1-e654-42ff-b4a6-5e111731df6b} - j:\scansoft\paperport 12\pdfviewerplus\bin\ZeonIEFavClient.dll
TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} -
TB: {081230F8-EA50-42A9-983C-D22ABC2EED3B} - No File
uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
uRun: [ISUSPM] c:\documents and settings\all users\application data\flexnet\connect\11\ISUSPM.exe -scheduler
uRun: [H/PC Connection Agent] "j:\activesync\WCESCOMM.EXE"
uRun: [SpybotSD TeaTimer] h:\spybot - search & destroy\TeaTimer.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [Alcmtr] ALCMTR.EXE
mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe
mRun: [MsmqIntCert] regsvr32 /s mqrt.dll
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [Opware14] "j:\scansoft\omnipagepro14.0\Opware14.exe"
mRun: [IndexSearch] "j:\scansoft\paperport 12\paperport\IndexSearch.exe"
mRun: [PaperPort PTD] "j:\scansoft\paperport 12\paperport\pptd40nt.exe"
mRun: [PPort12reminder] "j:\scansoft\paperport 12\paperport\ereg\ereg.exe" -r "c:\documents and settings\all users\application data\scansoft\paperport\12\config\ereg\Ereg.ini"
mRun: [PDFHook] j:\scansoft\paperport 12\pdfviewerplus\pdfpro5hook.exe
mRun: [PDF5 Registry Controller] j:\scansoft\paperport 12\pdfviewerplus\RegistryController.exe
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "l:\itunes\iTunesHelper.exe"
mRun: [Adobe Reader Speed Launcher] "h:\adobe\reader\reader\Reader_sl.exe"
mRun: [ISTray] "h:\pc tools security\pctsGui.exe" /hideGUI
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\bobtho~1\startm~1\programs\startup\hpsimp~1.lnk - c:\documents and settings\bob thompson\application data\hp simplesave application\StartHelper.exe
StartupFolder: c:\docume~1\bobtho~1\startm~1\programs\startup\micros~1.lnk - j:\microsoft office\office\OSA9.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\winzip~1.lnk - c:\program files\winzip\WZQKPICK.EXE
IE: Append the content of the link to existing PDF file - j:\scansoft\paperport 12\pdfviewerplus\bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML
IE: Append the content of the selected links to existing PDF file - j:\scansoft\paperport 12\pdfviewerplus\bin\ZeonIEFavClient.dll/ZeonIEAppendSelLinks.HTML
IE: Append to existing PDF file - j:\scansoft\paperport 12\pdfviewerplus\bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML
IE: Create PDF file - j:\scansoft\paperport 12\pdfviewerplus\bin\ZeonIEFavClient.dll/ZeonIECapture.HTML
IE: Create PDF file from the content of the link - j:\scansoft\paperport 12\pdfviewerplus\bin\ZeonIEFavClient.dll/ZeonIECapture.HTML
IE: Create PDF files from the selected links - j:\scansoft\paperport 12\pdfviewerplus\bin\ZeonIEFavClient.dll/ZeonIECaptureSelLinks.HTML
IE: Open PDF in Word
IE: Open with PDF Viewer Plus - j:\scansoft\paperport 12\pdfviewerplus\bin\PlusIEContextMenu.dll/PlusIEContextMenu.htm
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - j:\active~1\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - j:\active~1\INetRepl.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - h:\spybot~1\SDHelper.dll
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
Handler: mctp - {d7b95390-b1c5-11d0-b111-0080c712fe82} - j:\activesync\aatp.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
WinCE Filter: image/bmp - {86F59FAE-FB3A-11D1-AA72-00C04FAE2D4B} - j:\active~1\CENetFlt.dll
WinCE Filter: image/gif - {86F59FAE-FB3A-11D1-AA72-00C04FAE2D4B} - j:\active~1\CENetFlt.dll
WinCE Filter: image/jpeg - {86F59FAE-FB3A-11D1-AA72-00C04FAE2D4B} - j:\active~1\CENetFlt.dll
WinCE Filter: image/xbm - {86F59FAE-FB3A-11D1-AA72-00C04FAE2D4B} - j:\active~1\CENetFlt.dll
WinCE Filter: text/asp - {6C5C3074-FFAB-11d1-8EC4-00C04F98D57A} - j:\active~1\CENetFlt.dll
WinCE Filter: text/html - {6C5C3074-FFAB-11d1-8EC4-00C04F98D57A} - j:\active~1\CENetFlt.dll
AppInit_DLLs: APITRAP.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
Hosts: 127.0.0.1 www.spywareinfo.com

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\bobtho~1\applic~1\mozilla\firefox\profiles\xvyipjmq.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com.au/
FF - plugin: c:\documents and settings\bob thompson\application data\mozilla\firefox\profiles\xvyipjmq.default\extensions\2020player@2020technologies.com\plugins\NP2020Player.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\google updater\2.4.1851.5542\npCIDetect14.dll
FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\viewpoint\viewpoint media player\npViewpoint.dll
FF - plugin: g:\mozilla\firefox\plugins\npicaN.dll
FF - plugin: h:\adobe\reader\reader\browser\nppdf32.dll
FF - plugin: l:\itunes\mozilla plugins\npitunes.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - g:\mozilla\firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - g:\mozilla\firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - g:\mozilla\firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: ReminderFox: {ada4b710-8346-4b82-8199-5de2b400a6ae} - %profile%\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}
FF - Ext: 20-20 3D Viewer: 2020Player@2020Technologies.com - %profile%\extensions\2020Player@2020Technologies.com
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff

============= SERVICES / DRIVERS ===============

R2 Astroid;Astroid;c:\program files\spatial freedom\astroid\AstroidSvc.exe [2009-9-8 131072]
R2 BackupService;BackupService;c:\documents and settings\bob thompson\application data\hp simplesave application\uUACTokenSvc.exe [2010-8-15 83512]
R2 PDFProFiltSrvPP;PDFProFiltSrvPP;j:\scansoft\paperport 12\paperport\PDFProFiltSrvPP.exe [2009-8-27 144672]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2010-3-28 24652]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-8-16 136176]
S3 CoordinatorServiceHost;SW Distributed TS Coordinator Service; [x]
S3 W2wtmhid;Wintime HID;c:\windows\system32\drivers\w2wtmhid.sys [2010-1-1 26624]
S4 msvsmon80;Visual Studio 2005 Remote Debugger;c:\program files\microsoft visual studio 8\common7\ide\remote debugger\x86\msvsmon.exe [2005-9-23 2799808]

=============== Created Last 30 ================

2011-02-16 11:37:34 16968 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys
2011-02-16 11:37:33 -------- d-----w- c:\program files\Hitman Pro 3.5
2011-02-16 11:37:04 -------- d-----w- c:\docume~1\alluse~1\applic~1\Hitman Pro
2011-02-05 01:17:32 -------- d-----w- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy

==================== Find3M ====================

2010-12-18 06:40:16 85504 --sha-r- c:\windows\system32\SCP32A.dll
2010-11-29 07:38:30 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-11-29 07:38:30 69632 ----a-w- c:\windows\system32\QuickTime.qts

============= FINISH: 20:48:00.84 ===============



UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-12-12.02)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 30/12/2009 7:49:50 PM
System Uptime: 23/02/2011 5:07:18 PM (3 hours ago)

Motherboard: ASUSTeK Computer INC. | | P5K-VM
Processor: Intel(R) Core(TM)2 Duo CPU E4700 @ 2.60GHz | LGA775 | 2600/200mhz
Processor: Intel(R) Core(TM)2 Duo CPU E4700 @ 2.60GHz | LGA775 | 2600/200mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 10 GiB total, 0.816 GiB free.
D: is FIXED (NTFS) - 20 GiB total, 6.525 GiB free.
E: is FIXED (NTFS) - 20 GiB total, 5.595 GiB free.
F: is FIXED (NTFS) - 29 GiB total, 16.272 GiB free.
G: is FIXED (NTFS) - 34 GiB total, 15.126 GiB free.
H: is FIXED (NTFS) - 29 GiB total, 27.592 GiB free.
I: is Removable
J: is FIXED (NTFS) - 29 GiB total, 24.626 GiB free.
K: is FIXED (NTFS) - 29 GiB total, 15.085 GiB free.
L: is FIXED (NTFS) - 29 GiB total, 22.114 GiB free.
M: is FIXED (NTFS) - 32 GiB total, 28.78 GiB free.
N: is Removable
O: is Removable
P: is Removable
X: is CDROM ()
Z: is CDROM ()

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP50: 18/02/2011 8:05:28 PM - System Checkpoint
RP51: 20/02/2011 8:46:32 AM - System Checkpoint
RP52: 23/02/2011 5:23:07 PM - System Checkpoint

==== Installed Programs ======================


7-Zip 4.57
ACDSee for PENTAX 3.0
Ad-aware 6 Personal
Adobe Audition 1.5
Adobe Flash Player 10 Plugin
Adobe Flash Player ActiveX
Adobe Reader 9.3.3
Advanced Font Viewer 5.1
AML Free Registry Cleaner 4.21
AnswerWorks 5.0 English Runtime
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Astroid Add-In 1.4 for SolidWorks
Astroid Drivers 2.15
Bonjour
Canon Camera Access Library
Canon CanoScan Toolbox 4.9
Canon DIGITAL CAMERA Solution Disk Software Guide
Canon MOV Decoder
Canon MOV Encoder
Canon MovieEdit Task for ZoomBrowser EX
Canon Personal Printing Guide
Canon PhotoRecord
Canon PowerShot SX210 IS Camera User Guide
Canon ScanGear Starter
Canon Utilities CameraWindow
Canon Utilities CameraWindow DC 8
Canon Utilities Movie Uploader for YouTube
Canon Utilities MyCamera
Canon Utilities PhotoStitch
Canon Utilities RemoteCapture 1.2
Canon Utilities ZoomBrowser EX
Canon ZoomBrowser EX Memory Card Utility
Citrix Presentation Server Client - Web Only
Compatibility Pack for the 2007 Office system
Crystal Reports for .NET Framework 2.0 (x86)
DataCAD 12
designIT4
Dragon NaturallySpeaking 10
DWGeditor
DYMO Label Software
eDrawings 2007
Engineering Power Tools - v1.9.8
Free&Easy Font Viewer 2.0
FreeRIP v3.5
Google Earth Plug-in
Google Update Helper
Google Updater
Hardlock Device Drivers
High Definition Audio Driver Package - KB888111
Hitman Pro 3.5
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB916089)
Hotfix for Windows XP (KB926239)
Hotfix for Windows XP (KB935448)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
Hubb Investor
IKEA Home Planner
iTunes
Java Auto Updater
Java(TM) 6 Update 22
Lexmark Printer Software Uninstall
LiveReg (Symantec Corporation)
LiveUpdate 1.6 (Symantec Corporation)
Logitech Webcam Software
Logitech Webcam Software Driver Package
Manual CanoScan LiDE 500F
Microsoft .NET Framework 2.0
Microsoft .NET Framework 3.0
Microsoft ActiveSync 3.1
Microsoft Application Error Reporting
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Office 2000 Premium
Microsoft Office 2003 Web Components
Microsoft Reader
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual Studio 2005 Tools for Applications - ENU
Mozilla Firefox (3.6.13)
Mozilla Thunderbird (3.1.7)
MSXML 4.0 SP3 Parser
MSXML 4.0 SP3 Parser (KB973685)
MSXML 6 Service Pack 2 (KB973686)
Nero Suite
NETGEAR ProSafe Firewall Router
Norton CleanSweep
Nuance PaperPort 12
Nuance PDF Viewer Plus
NVIDIA Drivers
PaperPort Image Printer
Password Agent 2.6.2
PenSurfer 2000
Quicken 2010
Quicken 2011
QuickTime
Realtek High Definition Audio Driver
ScanSoft OmniPage Pro 14.0
ScanSoft PDF Converter
ScanSoft PDF Printer
Scansoft PDF Professional
Security Update for CAPICOM (KB931906)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926247)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB932168)
Security Update for Windows XP (KB938127)
Security Update for Windows XP (KB939373)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB942830)
Security Update for Windows XP (KB942831)
Security Update for Windows XP (KB943055)
Security Update for Windows XP (KB944338-v2)
Security Update for Windows XP (KB944653)
Security Update for Windows XP (KB945553)
Security Update for Windows XP (KB946026)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950749)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953155)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956390)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB958470)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB970483)
Security Update for Windows XP (KB971032)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB976323)
Security Update for Windows XP (KB977165-v2)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB981350)
Security Update for Windows XP (KB982381)
Skype web features
Skype™ 4.1
SolidWorks 2010 SP0
SolidWorks eDrawings 2010
SolidWorks Explorer 2007 sp0
SolidWorks Installation Manager
Spybot - Search & Destroy
Spybot - Search & Destroy 1.2
Turbo Lister 2
UBD on Disk Brisbane
Update for Windows XP (KB894391)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB908531)
Update for Windows XP (KB910437)
Update for Windows XP (KB911164)
Update for Windows XP (KB911280)
Update for Windows XP (KB914882)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB927891)
Update for Windows XP (KB930916)
Update for Windows XP (KB932823-v3)
Update for Windows XP (KB936357)
Update for Windows XP (KB938828)
Update for Windows XP (KB955759)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Viewpoint Manager (Remove Only)
Viewpoint Media Player
Viewpoint Toolbar
Visual C++ Runtime for Dragon NaturallySpeaking
WebFldrs XP
What's my computer doing 1.xx
Windows Communication Foundation
Windows Imaging Component
Windows Installer 3.1 (KB893803)
Windows Media Format 11 runtime
Windows Media Player 11
Windows Presentation Foundation
Windows Workflow Foundation
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
Wintime USB Tablet Driver
WinZip
XML Paper Specification Shared Components Pack 1.0

==== Event Viewer Messages From Past Week ========

20/02/2011 2:38:16 PM, error: Dhcp [1002] - The IP address lease 211.31.1.232 for the Network Card with network address 001FC6210A9D has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).
20/02/2011 10:05:50 AM, error: Tcpip [4199] - The system detected an address conflict for IP address 192.168.0.3 with the system having network hardware address 4C:ED:DE:60:68:92. Network operations on this system may be disrupted as a result.
19/02/2011 10:23:18 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Application Layer Gateway Service service to connect.
19/02/2011 10:23:18 AM, error: Service Control Manager [7000] - The Application Layer Gateway Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
19/02/2011 10:13:47 AM, error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume J:.
19/02/2011 10:07:37 AM, error: Si3114r5 [9] - The device, \Device\Scsi\Si3114r51, did not respond within the timeout period.
16/02/2011 5:54:41 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the iPod Service service to connect.
16/02/2011 5:54:41 PM, error: Service Control Manager [7000] - The iPod Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
16/02/2011 5:54:03 PM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service iPod Service with arguments "" in order to run the server: {063D34A4-BF84-4B8D-B699-E8CA06504DDE}
16/02/2011 5:11:16 PM, error: Dhcp [1002] - The IP address lease 192.168.0.3 for the Network Card with network address 001FC6210A9D has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).

==== End Of File ===========================
rmkthandyman
Active Member
 
Posts: 4
Joined: February 19th, 2011, 1:06 am

Re: Google redirects links to ?????

Unread postby Cypher » February 23rd, 2011, 7:56 am

I see you are posting for help for a "Business" computer.

May I draw your attention to THIS topic, which you should have read before posting for help.

The section Posting for help for business machines explains why we do not offer help for such computers.

This topic is now closed
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 14959
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 62 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware