Below is contents of the dds.txt file after I ran the dds.com (couldnt get the first one to run right) Also, I didn't see any attach.txt file, only this. I was directed in a previous post not to run any combo fix on my own. Sorry to say I already had run it, but it didn't find any of the redirect virus. Sorry, I apologize, I know your time is freely given and has value. I ran it before I saw the warning not to. Dosen't seem to be any harm done. I appreciate you time and will cooperate with you. It instructed me not to uninstall combo until I was certain none of the saved or backup or quarantined files were needed. Also I have some kind of windows update disable virus telling me the automatic update is disable when it is set to update.
please help!
.
DDS (Ver_2011-06-11.01) - NTFSx86
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_18
Run by Danny at 12:05:30 on 2011-06-11
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3326.2877 [GMT -5:00]
.
.
============== Running Processes ===============
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ACDSYS~1\ACDSee\CAMDET~1.EXE
C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe -k hpdevmgmt
C:\WINDOWS\system32\svchost.exe -k HPService
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\system32\SAiDownloader.exe
C:\WINDOWS\system32\SAiLicSvr.exe
C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://yahoo.com/
uInternet Settings,ProxyOverride = *.local
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: {A057A204-BACC-4D26-9990-79A187E2698E} - No File
BHO: PDFCreator Toolbar Helper: {c451c08a-ec37-45df-aaad-18b51ab5e837} - c:\program files\pdfcreator toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: PDFCreator Toolbar: {31cf9ebe-5755-4a1d-ac25-2834d952d9b4} - c:\program files\pdfcreator toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File
uRun: [StartCCC] c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe
uRun: [NBJ] "c:\progra~1\ahead\neroba~1\NBJ.exe"
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [SkyTel] SkyTel.EXE
mRun: [Camera Detector] c:\progra~1\acdsys~1\acdsee\CAMDET~1.EXE
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\bin\AppleSyncNotifier.exe
mRun: [Nikon Transfer Monitor] c:\program files\common files\nikon\monitor\NkMonitor.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstall ... 0ItSkhGTkg"&"inst=NzctNTkzMTEwODM4LVQ1LVU4NSsxLUJBKzEtS1YzKzctRlA5KzYtU1QxKzItVEI5KzItRkwrOS1GMTBNKzUtUUlYMSs0LVgyMDEwKzItVklQMTArMS1GMTBNMTBEKzItTElDKzc3LVNQMSsxLVNQMVRCKzEtU1VEKzEtUzFJKzEtU1UzKzEtRkwxMCsx"&"prod=90"&"ver=10.0.1382
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/ ... ontrol.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windows ... 9824293578
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/s ... wflash.cab
TCP: DhcpNameServer = 68.115.71.53 68.113.206.10 66.189.0.100
TCP: Interfaces\{20997094-154B-4DDB-A335-8D7AEA2A121A} : NameServer = 93.188.165.180,93.188.160.240
TCP: Interfaces\{20997094-154B-4DDB-A335-8D7AEA2A121A} : DhcpNameServer = 68.115.71.53 68.113.206.10 66.189.0.100
Notify: AtiExtEvent - Ati2evxx.dll
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\danny\application data\mozilla\firefox\profiles\kwh7te1i.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://Internet Explorer
FF - plugin: c:\documents and settings\danny\application data\mozilla\firefox\profiles\kwh7te1i.default\extensions\support@ancestry.com\plugins\npImgCtl.dll
FF - plugin: c:\documents and settings\danny\local settings\application data\google\update\1.3.21.57\npGoogleUpdate3.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npCouponPrinter.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npMozCouponPrinter.dll
FF - plugin: c:\program files\my new downloads\mozilla plugins\npitunes.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff
FF - Ext: Ancestry.com Advanced Image Viewer: support@ancestry.com - %profile%\extensions\support@ancestry.com
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
.
============= SERVICES / DRIVERS ===============
.
R1 NmPar;MosChip PCI Parallel Port;c:\windows\system32\drivers\NmPar.sys [2008-1-8 76416]
R1 nmserial;MosChip PCI Serial Port;c:\windows\system32\drivers\NmSerial.sys [2008-1-8 62080]
R2 SAiDownloader;SAiDownloader;c:\windows\system32\SAiDownloader.exe [2009-4-16 438272]
R2 SAiLicSvr;SAiLicSvr;c:\windows\system32\SAiLicSvr.exe [2009-7-13 86016]
R2 SentinelKeysServer;Sentinel Keys Server;c:\program files\common files\safenet sentinel\sentinel keys server\sntlkeyssrvr.exe [2008-7-11 328992]
.
=============== Created Last 30 ================
.
2011-06-11 15:53:44 -------- d-sha-r- C:\cmdcons
2011-06-11 15:52:02 98816 ----a-w- c:\windows\sed.exe
2011-06-11 15:52:02 518144 ----a-w- c:\windows\SWREG.exe
2011-06-11 15:52:02 256512 ----a-w- c:\windows\PEV.exe
2011-06-11 15:52:02 208896 ----a-w- c:\windows\MBR.exe
2011-05-14 22:47:40 -------- d-----w- c:\documents and settings\all users\application data\SUPERAntiSpyware.com
2011-05-14 22:47:32 -------- d-----w- c:\program files\SUPERAntiSpyware
2011-05-14 22:47:32 -------- d-----w- c:\documents and settings\danny\application data\SUPERAntiSpyware.com
2011-05-14 22:12:06 -------- d-----w- c:\documents and settings\danny\application data\Malwarebytes
2011-05-14 22:12:01 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
2011-05-14 21:17:30 -------- d--h--w- c:\windows\system32\GroupPolicy
.
==================== Find3M ====================
.
2009-02-11 20:38:34 1431504 ----a-w- c:\program files\RegCureSetup_RW.exe
2009-02-09 22:07:08 34031720 ----a-w- c:\program files\GoogleSketchUpWEN.exe
2009-02-03 17:12:21 59981528 ----a-w- c:\program files\avg_free_stf_en_8_233a1415.exe
2008-07-22 14:00:53 48367896 ----a-w- c:\program files\avg_free_stf_en_8_138a1332.exe
2008-01-10 16:25:04 15895117 ----a-w- c:\program files\PDFCreator-0_9_5_setup.exe
.
============= FINISH: 12:06:07.29 ===============