Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Windows update error - redirected from web search links

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Windows update error - redirected from web search links

Unread postby psanchez65 » August 14th, 2010, 12:13 pm

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:07:28 PM, on 8/14/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18928)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Zune\ZuneLauncher.exe
C:\Program Files\Verizon\VSP\VerizonServicepoint.exe
C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
C:\Program Files\Microsoft Security Essentials\msseces.exe
C:\Windows\OEM05Mon.exe
C:\Program Files\Verizon\McciTrayApp.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Common Files\microsoft shared\Virtualization Handler\CVH.EXE
C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\MagicDisc\MagicDisc.exe
C:\Program Files\XPSMiniViewGadget\XPSMiniViewGadget.exe
C:\Windows\ehome\ehmsas.exe
Q:\140062.enu\Office14\MSOSYNC.EXE
C:\Program Files\Dell Support Center\gs_agent\dsc.exe
C:\Program Files\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe
C:\Program Files\Verizon\VSP\VerizonServicepointComHandler.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://login.live.com/login.srf?wa=wsig ... &mkt=en-US
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Verizon Broadband Toolbar - {A057A204-BACC-4D26-8398-26FADCF27386} - C:\PROGRA~1\VERIZO~1\VERIZO~1.DLL
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: TBBho Class - {F8EA6827-1B82-494a-ACAC-A582A714DCA8} - C:\Windows\sbsHOHo.dll
O3 - Toolbar: Verizon Broadband Toolbar - {A057A204-BACC-4D26-8398-26FADCF27386} - C:\PROGRA~1\VERIZO~1\VERIZO~1.DLL
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [ECenter] C:\Dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [Zune Launcher] "c:\Program Files\Zune\ZuneLauncher.exe"
O4 - HKLM\..\Run: [VerizonServicepoint.exe] "C:\Program Files\Verizon\VSP\VerizonServicepoint.exe" /AUTORUN
O4 - HKLM\..\Run: [SigmatelSysTrayApp] C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe
O4 - HKLM\..\Run: [MSSE] "c:\Program Files\Microsoft Security Essentials\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [OEM05Mon.exe] C:\Windows\OEM05Mon.exe
O4 - HKLM\..\Run: [Verizon_McciTrayApp] "C:\Program Files\Verizon\McciTrayApp.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVH.EXE" /quietlaunch "MSOSYNC 9014006204090000"
O4 - HKCU\..\Run: [DW6] "C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\Windows\System32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1103472 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; Trident/4.0; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; .NET CLR 1.1.4322; InfoPath.2; OfficeLiveConnector.1.2; Zune 3.0; .NET CLR 3.5.30729; .NET CLR 3.0.30618)" -"http://www.shockwave.com/contentPlay/shockwave.jsp?dwin=1&id=jigsawpuzzles"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'Default user')
O4 - Startup: MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: PDFill PDF Editor - {FB858B22-55E2-413f-87F5-30ADC5552151} - C:\Program Files\PlotSoft\PDFill\DownloadPDF.exe
O13 - Gopher Prefix:
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - https://activatemyfios.verizon.net/sdcC ... taller.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/pr01/ph ... den-us.cab
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Creative Labs Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\Windows\system32\CTsvcCDA.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LiveShare P2P Server 10 (RoxLiveShare10) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe
O23 - Service: RoxMediaDB10 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
O23 - Service: Roxio Hard Drive Watcher 10 (RoxWatch10) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe
O23 - Service: ServicepointService - Radialpoint Inc. - C:\Program Files\Verizon\VSP\ServicepointService.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Windows\system32\STacSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

--
End of file - 10559 bytes
psanchez65
Regular Member
 
Posts: 19
Joined: August 14th, 2010, 11:54 am
Advertisement
Register to Remove

Re: Windows update error - redirected from web search links

Unread postby Cypher » August 17th, 2010, 6:39 am

Hi and welcome to Malware Removal Forum.
My name is Cypher, and I will be helping you with your malware problems.
If you no longer require help i would be grateful if you would let me know.

Before we start please note the following important guidelines.
  • The instructions being given are for YOUR computer and system only!.
    Using these instructions on a different computer, can damage that computer and possibly make it inoperable!
  • If you don't know or understand something, please don't hesitate to ask.
  • Only post your problem at One help site. Applying fixes from multiple help sites can cause problems.
  • Only reply to this thread do not start another, Please continue responding until I give you the "All Clean"
    Absence of symptoms does not mean that everything is clear.
  • Please DO NOT run any other tools or scans whilst I am helping you.
  • Please DO NOT install any other software (or hardware) during the cleaning process.
  • Print each set of instructions... if possible...your Internet connection will not be available during some fix processes.
  • Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
  • The logs from the tools we use can take some time to research so please be patient.

Note: If you haven't done so already, please read this topic ALL USERS OF THIS FORUM MUST READ THIS FIRST where the conditions for receiving help here are explained.
Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start.
Read Backup Made Easy

Vista Advice:
  • All applications I ask to be used will require to be run in Administrator mode. IE: Right click on and select Run as Administrator.
  • The Operating System(Vista aka Windows 6) in use comes with a inbuilt utility called User Access Control(UAC).
  • When prompted by this with anything I ask you to do carry out please select the option Allow.

Please post an Uninstall list.

  • Open HijackThis.
  • Click on the Open the Misc Tools section button.
  • Look under System tools.
  • Click on the Open Uninstall Manager... button.
  • Click on the Save list... button.
  • It will prompt you to save. Save this log in a convenient location. By default it's named uninstall_list.txt.
  • Notepad will open. Please post this log in your next reply.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 15148
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns

Re: Windows update error - redirected from web search links

Unread postby psanchez65 » August 17th, 2010, 8:31 am

Hi Cypher I am very pleased to meet you and thank you very much for your reply and help with by problem/s.

When clicking on the link you provided Backup Made Easy I got a blank page I also tried windows vista back up wizard and it did not respond. Should I copy my folders and files manually on to my external hard drive?


Acrobat.com
Acrobat.com
Adobe AIR
Adobe AIR
Adobe Anchor Service CS3
Adobe Asset Services CS3
Adobe Bridge CS3
Adobe Bridge Start Meeting
Adobe Camera Raw 4.0
Adobe CMaps
Adobe Color - Photoshop Specific
Adobe Color Common Settings
Adobe Color EU Extra Settings
Adobe Color JA Extra Settings
Adobe Color NA Recommended Settings
Adobe Default Language CS3
Adobe Device Central CS3
Adobe Download Manager
Adobe ExtendScript Toolkit 2
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Fonts All
Adobe Help Viewer CS3
Adobe Linguistics CS3
Adobe PDF Library Files
Adobe Photoshop CS3
Adobe Photoshop CS3
Adobe Reader 9.1
Adobe Setup
Adobe Shockwave Player
Adobe Stock Photos CS3
Adobe Type Support
Adobe Update Manager CS3
Adobe Version Cue CS3 Client
Adobe WinSoft Linguistics Plugin
Adobe XMP Panels CS3
Advanced Audio FX Engine
Advanced Video FX Engine
Age of Empires III - The Asian Dynasties Trial
Alt.Binz 0.25.0
ATI Catalyst Control Center
AVS Video Converter 6
AVS4YOU Software Navigator 1.3
Banctec Service Agreement
Browser Address Error Redirector
Call of Duty(R) - World at War(TM)
Creative MediaSource 5
Crysis WARHEAD(R)
Crysis WARHEAD(R)
Crysis Wars(R)
Crysis Wars(R)
Dell DataSafe Online
Dell Getting Started Guide
Dell Support Center (Support Software)
Dell Webcam Center
Dell Webcam Manager
DirectXInstallService
Disney Toontown Online
DivX Converter
DivX Plus DirectShow Filters
DivX Setup
DVD Shrink 3.2
EA Download Manager
EDocs
EPSON Copy Utility 3
EPSON Printer Software
EPSON Scan
EPSON Smart Panel
Forté Agent
GameSpy Arcade
Google Update Helper
GoToAssist 8.0.0.514
GPL Ghostscript 8.64
Haali Media Splitter
Highlight Viewer (Windows Live Toolbar)
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Image Plugin
Intel(R) Matrix Storage Manager
Intel(R) PRO Network Connections 12.1.12.4
Intel(R) PRO Network Connections 12.1.12.4
Java(TM) 6 Update 7
Jewel Quest
Junk Mail filter update
Live! Cam Avatar Creator
Live! Cam Avatar v1.0
Magic ISO Maker v5.5 (build 0272)
MagicDisc 2.7.105
Map Button (Windows Live Toolbar)
Medieval II Total War
Medieval II Total War : Kingdoms : Americas
Medieval II Total War : Kingdoms : Britannia
Medieval II Total War : Kingdoms : Crusades
Medieval II Total War : Kingdoms : Teutonic
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Client Profile
Microsoft Antimalware
Microsoft Choice Guard
Microsoft Expression Web
Microsoft Expression Web
Microsoft Expression Web MUI (English)
Microsoft Expression Web Service Pack 1 (SP1)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Click-to-Run 2010
Microsoft Office Click-to-Run 2010
Microsoft Office Excel MUI (English) 2007
Microsoft Office Home and Business 2010 - English
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional 2007
Microsoft Office Professional 2007 Trial
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2)
Microsoft Office Word MUI (English) 2007
Microsoft Search Enhancement Pack
Microsoft Security Essentials
Microsoft Security Essentials
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual J# .NET Redistributable Package 1.1
Microsoft Works
mkv2vob
Monitor Webcam (SP2208WFP) Driver (1.00.08.0720)
Mozilla Firefox (3.6.8)
MSVCRT
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
Music Transfer
Music, Photos & Videos Launcher
MySpaceIM
OGA Notifier 2.0.0048.0
PDF Settings
PDFill PDF Editor with FREE Writer and Free Tools
Perfect Attorney Platinum
Product Documentation Launcher
Punch! Professional Home Design
PX Engine
QuickPar 0.9
Roxio Activation Module
Roxio CinePlayer Decoder Pack
Roxio Creator Audio
Roxio Creator Copy
Roxio Creator Data
Roxio Creator Premier
Roxio Creator Premier
Roxio Creator Premier 10
Roxio Creator Tools
Roxio Express Labeler
Roxio Update Manager
ScanToWeb
Security Update for 2007 Microsoft Office System (KB951550)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for 2007 Microsoft Office System (KB982312)
Security Update for 2007 Microsoft Office System (KB982312)
Security Update for 2007 Microsoft Office System (KB982331)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB982308)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office Outlook 2007 (KB980376)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office Publisher 2007 (KB982124)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB982135)
Smart Menus (Windows Live Toolbar)
Sony Picture Utility
Sound Blaster Audigy ADVANCED MB
Spelling Dictionaries Support For Adobe Reader 9
SVCD2DVD 2.5
Tetris
TetrisZone
The Weather Channel Desktop 6
Uniblue RegistryBooster 2010
Update for 2007 Microsoft Office System (KB967642)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 (KB974631)
Update for Microsoft Office Word 2007 (KB974631)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (kb2202131)
VC80CRTRedist - 8.0.50727.4053
Verizon Broadband Toolbar (IE only)
Verizon Broadband Toolbar Firefox only
Verizon Help and Support Tool
Verizon Servicepoint 3.5.10
Vz In Home Agent
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Essentials
Windows Live Favorites for Windows Live Toolbar
Windows Live ID Sign-in Assistant
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Gallery
Windows Live Sync
Windows Live Toolbar
Windows Live Toolbar Extension (Windows Live Toolbar)
Windows Live Upload Tool
Windows Live Writer
WinRAR archiver
World of Warcraft
XPS MiniView Gadget
Zuma Deluxe
Zune
Zune
Zune Language Pack (DE)
Zune Language Pack (ES)
Zune Language Pack (FR)
Zune Language Pack (IT)
psanchez65
Regular Member
 
Posts: 19
Joined: August 14th, 2010, 11:54 am

Re: Windows update error - redirected from web search links

Unread postby Cypher » August 17th, 2010, 11:26 am

Hi psanchez65.
thank you very much for your reply and help with by problem/s.

You're welcome.
Should I copy my folders and files manually on to my external hard drive?

Create/Transfer Backups:

  • Anything you wish to move to the external Hard-Drive, we can employ a specific methodology as follows to lesson the chance of anything infection wise being crossed over.
  • Create a folder on the root of your computer's Hard-Drive, for example call it MyBackup, transfer all the documents, files and pictures etc you wish to keep to this new folder.
  • Check for any updates with your presently installed Anti-Virus application xxxxx and Malwarebytes' Anti-Malware, install them etc.
    Now right click on the backup folder created and select scan with xxxxx , then when completed the same with Malwarebytes' Anti-Malware.

Next.

Flash_Disinfector:

  • Please download Flash_Disinfector and save it to your desktop.
  • Double click to run it.
  • You will be prompted to plug in your flash drive. <-- In this scenario it will be your External Hard-Drive.
  • Flash_Disinfector will start disinfecting your flash and hard drives. This takes a few seconds. Your desktop will disappear in the meantime.
  • When done, a message box will appear. Click OK. Your desktop should now appear. If it doesn't, press Ctrl + Shift + Esc to open Task Manager.
  • Click on File > New Task (Run...). Type in explorer.exe and press Enter. Your desktop should now appear.

Note: Flash_Disinfector will create a hidden folder named autorun.inf in each partition and every USB drive plugged in when you ran it. Don't delete this folder...it will help protect your drives from future infection.

Next.

Transfer your backup folder to the External Hard-Drive. Then safely disconnect it from your computer.

------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Next.

  • Please download this tool from Microsoft.
  • Right click on MGADiag.exe and select Run As Administrator to run it.
  • Click Continue.
  • The program will run. It takes a while to finish the diagnosis, please be patient.
  • Once done, click on Copy.
  • Open Notepad and paste the contents in the window.
  • Save this file and copy/paste it in your next reply.

Next.

Run CKScanner

  • Please download CKScanner from Here
  • Important: - Save it to your desktop.
  • Right-click CKScanner.exe > select " Run as administrator " then click Search For Files.
  • After a very short time, when the cursor hourglass disappears, click Save List To File.
  • A message box will verify the file saved.
  • Double-click the CKFiles.txt icon on your desktop and copy/paste the contents in your next reply.

Logs/Information to Post in your Next Reply

  • MGADiag log.
  • CKFiles.txt log.
  • Please give me an update on your computers performance.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 15148
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns

Re: Windows update error - redirected from web search links

Unread postby Cypher » August 17th, 2010, 11:29 am

Edit double post.
Last edited by Cypher on August 18th, 2010, 12:11 pm, edited 1 time in total.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 15148
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns

Re: Windows update error - redirected from web search links

Unread postby psanchez65 » August 18th, 2010, 11:52 am

I have backed up my files and folders, thank you.

When running MGADiag.exe as administrator I get a window msg "This service can not control messages at this time".

Since this step has not been completed I did not continue to the next step waiting on your instructions.

My computer is still the same I did not mention on my original post that the infection is an Alureon.H I could not get rid off, causing web search links to rederct to other web sites and also not allowing windows updates.
psanchez65
Regular Member
 
Posts: 19
Joined: August 14th, 2010, 11:54 am

Re: Windows update error - redirected from web search links

Unread postby Cypher » August 18th, 2010, 12:14 pm

Hi.
Run the below in place of MGADiag.exe.

Scan with WVCheck:

Please download WVCheck and save it to the desktop.

  • Right click on WVCheck.exe select " Run as administrator " and follow the prompts.
  • The scan may take some time depending on the Hard-Drive size.
  • Please post the contents of the notepad file WVCheck_1436_dd-mm-yyyy that can be located on the desktop.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 15148
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns

Re: Windows update error - redirected from web search links

Unread postby psanchez65 » August 18th, 2010, 12:38 pm

Hi thanks for the quick reply.

I got the same msg "the service cannot accept control messages at this time".
psanchez65
Regular Member
 
Posts: 19
Joined: August 14th, 2010, 11:54 am

Re: Windows update error - redirected from web search links

Unread postby Cypher » August 18th, 2010, 12:45 pm

Can you post a CKScanner log?
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 15148
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns

Re: Windows update error - redirected from web search links

Unread postby psanchez65 » August 18th, 2010, 12:55 pm

No, just tried it and I got the same msg as the other two.
psanchez65
Regular Member
 
Posts: 19
Joined: August 14th, 2010, 11:54 am

Re: Windows update error - redirected from web search links

Unread postby Cypher » August 18th, 2010, 1:03 pm

Ok change of plan lets try the following.

Download/run Rkill:

Please download Rkill from one of the following links and save to your Desktop:

One, Two,Three or Four

  • Right-click on Rkill And select " Run as administrator " to run it.
  • A command window will open then disappear upon completion, this is normal.
  • When finished, Notepad will open with a log called, "rkill.log".
  • Please copy and paste the contents of the rkill.log in your next reply.
  • The file is automatically saved... located at C:\rkill.log.
  • Please leave Rkill on the Desktop until otherwise advised.

Note: If your security software warns about Rkill, please ignore and allow the download to continue.

Next.

Malwarebytes' Anti-Malware

Please download Malwarebytes' Anti-Malware and save to your desktop.

  • Right-click mbam-setup.exe And select " Run as administrator " then follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to:
    Update Malwarebytes' Anti-Malware
    Launch Malwarebytes' Anti-Malware
  • Then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform Quick Scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Check all items except items in the C:\System Volume Information folder... and click Remove Selected.
    Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.
  • When completed, a log will open in Notepad. Please copy and paste the log back into your next reply
  • The log can also be found here:
    C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt

If successful post the Malwarebytes log in you're next reply.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 15148
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns

Re: Windows update error - redirected from web search links

Unread postby psanchez65 » August 19th, 2010, 10:47 am

Okay here are the two logs.

This log file is located at C:\rkill.log.
Please post this only if requested to by the person helping you.
Otherwise you can close this log when you wish.
Ran as Panfilo on 08/18/2010 at 23:04:48.


Processes terminated by Rkill or while it was running:


C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Panfilo\Desktop\rkill.exe


Rkill completed on 08/18/2010 at 23:04:53.




Malwarebytes' Anti-Malware 1.46
http://www.malwarebytes.org

Database version: 4449

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18928

8/19/2010 10:30:59 AM
mbam-log-2010-08-19 (10-30-59).txt

Scan type: Quick scan
Objects scanned: 144682
Time elapsed: 48 minute(s), 10 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 26
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\Interface\{cf54be1c-9359-4395-8533-1657cf209cfe} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{d518921a-4a03-425e-9873-b9a71756821e} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf6-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f8ea6827-1b82-494a-acac-a582a714dca8} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{f8ea6827-1b82-494a-acac-a582a714dca8} (Trojan.BHO) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Windows\sbsHOHo.dll (Trojan.BHO) -> Delete on reboot.
psanchez65
Regular Member
 
Posts: 19
Joined: August 14th, 2010, 11:54 am

Re: Windows update error - redirected from web search links

Unread postby Cypher » August 19th, 2010, 11:26 am

Hi psanchez65.
Try running MGADiag.exe and CKScanner now, if successful post the logs from the scans.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 15148
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns

Re: Windows update error - redirected from web search links

Unread postby psanchez65 » August 19th, 2010, 12:24 pm

Hi Cypher I appriciate your help, thanks...

Her are the MGADiag and CKScanner Logs.

Diagnostic Report (1.9.0027.0):
-----------------------------------------
Windows Validation Data-->
Validation Status: Genuine
Validation Code: 0
Cached Online Validation Code: 0x0
Windows Product Key: *****-*****-F4GJK-KG77H-B9HD2
Windows Product Key Hash: iJAth4TbScMi8HdcPurlASXdEkw=
Windows Product ID: 89578-OEM-7332157-00204
Windows Product ID Type: 2
Windows License Type: OEM SLP
Windows OS version: 6.0.6002.2.00010300.2.0.003
ID: {16689DE3-9227-4F1F-BB04-35825E9E4AA5}(1)
Is Admin: Yes
TestCab: 0x0
LegitcheckControl ActiveX: Registered, 1.9.42.0
Signed By: Microsoft
Product Name: Windows Vista (TM) Home Premium
Architecture: 0x00000000
Build lab: 6002.vistasp2_gdr.100218-0019
TTS Error:
Validation Diagnostic:
Resolution Status: N/A

Vista WgaER Data-->
ThreatID(s): N/A, hr = 0x80070002
Version: 6.0.6002.16398

Windows XP Notifications Data-->
Cached Result: N/A, hr = 0x80070002
File Exists: No
Version: N/A, hr = 0x80070002
WgaTray.exe Signed By: N/A, hr = 0x80070002
WgaLogon.dll Signed By: N/A, hr = 0x80070002

OGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
Version: 2.0.48.0
OGAExec.exe Signed By: Microsoft
OGAAddin.dll Signed By: Microsoft

OGA Data-->
Office Status: 102
Microsoft Office Professional 2007 - 100 Genuine
OGA Version: Registered, 2.0.48.0
Signed By: Microsoft
Office Diagnostics: 7E90FEE8-198-80004005_B4D0AA8B-604-645_B4D0AA8B-604-645_B4D0AA8B-604-645_025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3

Browser Data-->
Proxy settings: N/A
User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
Default Browser: C:\Program Files\Mozilla Firefox\firefox.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
Script ActiveX controls marked as safe for scripting: Allowed

File Scan Data-->

Other data-->
Office Details: <GenuineResults><MachineData><UGUID>{16689DE3-9227-4F1F-BB04-35825E9E4AA5}</UGUID><Version>1.9.0027.0</Version><OS>6.0.6002.2.00010300.2.0.003</OS><Architecture>x32</Architecture><PKey>*****-*****-*****-*****-B9HD2</PKey><PID>89578-OEM-7332157-00204</PID><PIDType>2</PIDType><SID>S-1-5-21-3972471545-778204691-3294514810</SID><SYSTEM><Manufacturer>Dell Inc.</Manufacturer><Model>Dell XPS420 </Model></SYSTEM><BIOS><Manufacturer>Dell Inc.</Manufacturer><Version>A06</Version><SMBIOSVersion major="2" minor="5"/><Date>20080623000000.000000+000</Date></BIOS><HWID>83323507018400F8</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Eastern Standard Time(GMT-05:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>DELL </OEMID><OEMTableID>B9K </OEMTableID></OEM><GANotification><File Name="OGAAddin.dll" Version="2.0.48.0"/></GANotification></MachineData><Software><Office><Result>102</Result><Products><Product GUID="{91120000-0014-0000-0000-0000000FF1CE}"><LegitResult>100</LegitResult><Name>Microsoft Office Professional 2007</Name><Ver>12</Ver><Val>430DF1B33DEABA</Val><Hash>84IEy/BQChuDQ50OxOyJ1b15ZCE=</Hash><Pid>81605-349-0601707-65118</Pid><PidType>10</PidType></Product></Products><Applications><App Id="15" Version="12" Result="100"/><App Id="16" Version="12" Result="100"/><App Id="18" Version="12" Result="100"/><App Id="19" Version="12" Result="100"/><App Id="1A" Version="12" Result="100"/><App Id="1B" Version="12" Result="100"/></Applications></Office></Software></GenuineResults>

Spsys.log Content: 0x80070002

Licensing Data-->
Software licensing service version: 6.0.6002.18005
Name: Windows(TM) Vista, HomePremium edition
Description: Windows Operating System - Vista, OEM_SLP channel
Activation ID: bffdc375-bbd5-499d-8ef1-4f37b61c895f
Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f
Extended PID: 89578-00146-321-500204-02-1033-6001.0000-2712008
Installation ID: 011656947496099444839896631043511953532995524251307084
Processor Certificate URL: http://go.microsoft.com/fwlink/?LinkID=43473
Machine Certificate URL: http://go.microsoft.com/fwlink/?LinkID=43474
Use License URL: http://go.microsoft.com/fwlink/?LinkID=43476
Product Key Certificate URL: http://go.microsoft.com/fwlink/?LinkID=43475
Partial Product Key: B9HD2
License Status: Licensed

Windows Activation Technologies-->
N/A

HWID Data-->
HWID Hash Current: NgAAAAIAAAABAAEAAwADAAAAAgABAAEA6GFIFwK/FT/gTQQQLDby9Hf2GuysHewWshOsVkxY

OEM Activation 1.0 Data-->
N/A

OEM Activation 2.0 Data-->
BIOS valid for OA 2.0: yes
Windows marker version: 0x20000
OEMID and OEMTableID Consistent: yes
BIOS Information:
ACPI Table Name OEMID Value OEMTableID Value
APIC DELL B9K
FACP DELL B9K
HPET DELL B9K
BOOT DELL B9K
MCFG DELL B9K
SSDT DELL st_ex
OSFR DELL B9K
SLIC DELL B9K


CKScanner - Additional Security Risks - These are not necessarily bad
c:\program files\adobe\adobe photoshop cs3\_crack_\read.txt
c:\program files\adobe\adobe photoshop cs3\_crack_\ssg.nfo
c:\program files\gamersfirst\war rock\texture\fmx01\d_crackwall01.dds
c:\program files\msn games\jewel quest\audio\st_win3_crackle.ogg
c:\users\panfilo\adobe\lightroom 2.3\keygen.exe
c:\users\panfilo\desktop\modio vip cracked.rar
c:\users\panfilo\desktop\modio\crack.exe
c:\users\panfilo\desktop\modio\readme!!! (modio vip - truly cracked by jester).txt
c:\users\panfilo\downloads\adobe photoshop cs3 plugins pack\alien skin - multi-key generator\keygen.rar
c:\users\panfilo\downloads\adobe photoshop cs3 plugins pack\depth of field generator pro v3.0.74\key generator\keygen.exe
c:\users\panfilo\downloads\adobe_photoshop_cs3_extended_v10__(with_crack_full_version)\adobe_photoshop_cs3_extended_v10__(with_crack_full_version).zip
c:\users\panfilo\downloads\adobe_photoshop_cs3_extended_v10__(with_crack_full_version)\adobe cs3\deployment.xml
c:\users\panfilo\downloads\adobe_photoshop_cs3_extended_v10__(with_crack_full_version)\adobe cs3\versioninfo.xml
c:\users\panfilo\downloads\adobe_photoshop_cs3_extended_v10__(with_crack_full_version)\adobe cs3\winbootstrapper1.cab
c:\users\panfilo\downloads\adobe_photoshop_cs3_extended_v10__(with_crack_full_version)\adobe cs3\payloads\setup.xml
c:\users\panfilo\downloads\adobe_photoshop_cs3_extended_v10__(with_crack_full_version)\adobe cs3\payloads\adobealmanchorserviceall\adobealmanchorserviceall.boot.xml
c:\users\panfilo\downloads\adobe_photoshop_cs3_extended_v10__(with_crack_full_version)\adobe cs3\payloads\adobealmanchorserviceall\adobealmanchorserviceall.proxy.xml
c:\users\panfilo\downloads\adobe_photoshop_cs3_extended_v10__(with_crack_full_version)\adobe cs3\payloads\adobealmanchorserviceall\adobealmanchorserviceall1.cab
c:\users\panfilo\downloads\adobe_photoshop_cs3_extended_v10__(with_crack_full_version)\adobe cs3\payloads\adobeassetservices3all\adobeassetservices3all.boot.xml
c:\users\panfilo\downloads\adobe_photoshop_cs3_extended_v10__(with_crack_full_version)\adobe cs3\payloads\adobeassetservices3all\adobeassetservices3all.proxy.xml
c:\users\panfilo\downloads\adobe_photoshop_cs3_extended_v10__(with_crack_full_version)\adobe cs3\payloads\adobeassetservices3all\adobeassetservices3all1.cab
c:\users\panfilo\downloads\adobe_photoshop_cs3_extended_v10__(with_crack_full_version)\adobe cs3\payloads\adobeaum5.1all\adobeaum5.1all.boot.xml
c:\users\panfilo\downloads\adobe_photoshop_cs3_extended_v10__(with_crack_full_version)\adobe cs3\payloads\adobeaum5.1all\adobeaum5.1all.proxy.xml
c:\users\panfilo\downloads\adobe_photoshop_cs3_extended_v10__(with_crack_full_version)\adobe cs3\payloads\adobeaum5.1all\adobeaum5.1all1.cab
c:\users\panfilo\downloads\adobe_photoshop_cs3_extended_v10__(with_crack_full_version)\adobe cs3\payloads\adobebridge2all\adobebridge2all.boot.xml
c:\users\panfilo\downloads\adobe_photoshop_cs3_extended_v10__(with_crack_full_version)\adobe cs3\payloads\adobebridge2all\adobebridge2all.proxy.xml
c:\users\panfilo\downloads\adobe_photoshop_cs3_extended_v10__(with_crack_full_version)\adobe cs3\payloads\adobebridge2all\adobebridge2all1.cab
c:\users\panfilo\downloads\adobe_photoshop_cs3_extended_v10__(with_crack_full_version)\adobe cs3\payloads\adobecameraraw4.0all\adobecameraraw4.0all.boot.xml
c:\users\panfilo\downloads\adobe_photoshop_cs3_extended_v10__(with_crack_full_version)\adobe cs3\payloads\adobecameraraw4.0all\adobecameraraw4.0all.proxy.xml
c:\users\panfilo\downloads\adobe_photoshop_cs3_extended_v10__(with_crack_full_version)\adobe cs3\payloads\adobecameraraw4.0all\adobecameraraw4.0all1.cab
c:\users\panfilo\downloads\adobe_photoshop_cs3_extended_v10__(with_crack_full_version)\adobe cs3\payloads\adobecmapsall\adobecmapsall.boot.xml
c:\users\panfilo\downloads\adobe_photoshop_cs3_extended_v10__(with_crack_full_version)\adobe cs3\payloads\adobecmapsall\adobecmapsall.proxy.xml
c:\users\panfilo\downloads\adobe_photoshop_cs3_extended_v10__(with_crack_full_version)\adobe cs3\payloads\adobecmapsall\adobecmapsall1.cab
c:\users\panfilo\downloads\adobe_photoshop_cs3_extended_v10__(with_crack_full_version)\adobe cs3\payloads\adobecolorcommonsetall\adobecolorcommonsetall.boot.xml
c:\users\panfilo\downloads\adobe_photoshop_cs3_extended_v10__(with_crack_full_version)\adobe cs3\payloads\adobecolorcommonsetall\adobecolorcommonsetall.proxy.xml
c:\users\panfilo\downloads\adobe_photoshop_cs3_extended_v10__(with_crack_full_version)\adobe cs3\payloads\adobecolorcommonsetall\adobecolorcommonsetall1.cab
c:\users\panfilo\downloads\adobe_photoshop_cs3_extended_v10__(with_crack_full_version)\adobe cs3\payloads\adobecoloreu_extrasettingsall\adobecoloreu_extrasettingsall.boot.xml
c:\users\panfilo\downloads\adobe_photoshop_cs3_extended_v10__(with_crack_full_version)\adobe cs3\payloads\adobecoloreu_extrasettingsall\adobecoloreu_extrasettingsall.proxy.xml
c:\users\panfilo\downloads\adobe_photoshop_cs3_extended_v10__(with_crack_full_version)\adobe cs3\payloads\adobecoloreu_extrasettingsall\adobecoloreu_extrasettingsall1.cab
c:\users\panfilo\downloads\adobe_photoshop_cs3_extended_v10__(with_crack_full_version)\adobe cs3\payloads\adobecolorja_extrasettingsall\adobecolorja_extrasettingsall.boot.xml
c:\users\panfilo\downloads\adobe_photoshop_cs3_extended_v10__(with_crack_full_version)\adobe cs3\payloads\adobecolorja_extrasettingsall\adobecolorja_extrasettingsall.proxy.xml
c:\users\panfilo\downloads\adobe_photoshop_cs3_extended_v10__(with_crack_full_version)\adobe cs3\payloads\adobecolorja_extrasettingsall\adobecolorja_extrasettingsall1.cab
c:\users\panfilo\downloads\adobe_photoshop_cs3_extended_v10__(with_crack_full_version)\adobe cs3\payloads\adobecolorna_recommendedall\adobecolorna_recommendedall.boot.xml
c:\users\panfilo\downloads\adobe_photoshop_cs3_extended_v10__(with_crack_full_version)\adobe cs3\payloads\adobecolorna_recommendedall\adobecolorna_recommendedall.proxy.xml
c:\users\panfilo\downloads\adobe_photoshop_cs3_extended_v10__(with_crack_full_version)\adobe cs3\payloads\adobecolorna_recommendedall\adobecolorna_recommendedall1.cab
c:\users\panfilo\downloads\adobe_photoshop_cs3_extended_v10__(with_crack_full_version)\adobe cs3\payloads\adobecolorphotoshopall\adobecolorphotoshopall.boot.xml
c:\users\panfilo\downloads\adobe_photoshop_cs3_extended_v10__(with_crack_full_version)\adobe cs3\payloads\adobecolorphotoshopall\adobecolorphotoshopall.proxy.xml
c:\users\panfilo\downloads\adobe_photoshop_cs3_extended_v10__(with_crack_full_version)\adobe cs3\payloads\adobecolorphotoshopall\adobecolorphotoshopall1.cab
c:\users\panfilo\downloads\adobe_photoshop_cs3_extended_v10__(with_crack_full_version)\adobe cs3\payloads\adobedefaultlanguagecs3all\adobedefaultlanguagecs3all.boot.xml
c:\users\panfilo\downloads\adobe_photoshop_cs3_extended_v10__(with_crack_full_version)\adobe cs3\payloads\adobedefaultlanguagecs3all\adobedefaultlanguagecs3all.proxy.xml
c:\users\panfilo\downloads\adobe_photoshop_cs3_extended_v10__(with_crack_full_version)\adobe cs3\payloads\adobedefaultlanguagecs3all\adobedefaultlanguagecs3all1.cab
c:\users\panfilo\downloads\adobe_photoshop_cs3_extended_v10__(with_crack_full_version)\adobe cs3\payloads\adobedevicecentralall\adobedevicecentralall.boot.xml
c:\users\panfilo\downloads\adobe_photoshop_cs3_extended_v10__(with_crack_full_version)\adobe cs3\payloads\adobedevicecentralall\adobedevicecentralall.proxy.xml
c:\users\panfilo\downloads\adobe_photoshop_cs3_extended_v10__(with_crack_full_version)\adobe cs3\payloads\adobedevicecentralall\adobedevicecentralall1.cab
c:\users\panfilo\downloads\adobe_photoshop_cs3_extended_v10__(with_crack_full_version)\adobe cs3\payloads\adobedevicecentralall\oem\adobe device central cs3\device central cs3 bitte lesen.html
c:\users\panfilo\downloads\adobe_photoshop_cs3_extended_v10__(with_crack_full_version)\adobe cs3\payloads\adobedevicecentralall\oem\adobe device central cs3\device central cs3 ilgeobogi.html
c:\users\panfilo\downloads\adobe_photoshop_cs3_extended_v10__(with_crack_full_version)\adobe cs3\payloads\adobedevicecentralall\oem\adobe device central cs3\device central cs3 lees mij.html
c:\users\panfilo\downloads\adobe_photoshop_cs3_extended_v10__(with_crack_full_version)\adobe cs3\payloads\adobedevicecentralall\oem\adobe device central cs3\device central cs3 leggimi.html
c:\users\panfilo\downloads\adobe_photoshop_cs3_extended_v10__(with_crack_full_version)\adobe cs3\payloads\adobedevicecentralall\oem\adobe device central cs3\device central cs3 lisez-moi.html
c:\users\panfilo\downloads\adobe_photoshop_cs3_extended_v10__(with_crack_full_version)\adobe cs3\payloads\adobedevicecentralall\oem\adobe device central cs3\device central cs3 léame.html
c:\users\panfilo\downloads\adobe_photoshop_cs3_extended_v10__(with_crack_full_version)\adobe cs3\payloads\adobedevicecentralall\oem\adobe device central cs3\device central cs3 oyomikudasai.html
c:\users\panfilo\downloads\adobe_photoshop_cs3_extended_v10__(with_crack_full_version)\adobe cs3\payloads\adobedevicecentralall\oem\adobe device central cs3\device central cs3 read me.html
c:\users\panfilo\downloads\adobe_photoshop_cs3_extended_v10__(with_crack_full_version)\adobe cs3\payloads\adobedevicecentralall\oem\adobe device central cs3\device central cs3 tu wo tang an.html
c:\users\panfilo\downloads\adobe_photoshop_cs3_extended_v10__(with_crack_full_version)\adobe cs3\payloads\adobedevicecentralall\oem\adobe device central cs3\device central cs3 viktigt.html
c:\users\panfilo\downloads\adobe_photoshop_cs3_extended_v10__(with_crack_full_version)\adobe cs3\payloads\adobedevicecentralall\oem\adobe device central cs3\device central cs3 zishu.html
c:\users\panfilo\downloads\adobe_photoshop_cs3_extended_v10__(with_crack_full_version)\adobe cs3\payloads\adobeextendscripttoolkitall\adobeextendscripttoolkitall.boot.xml
c:\users\panfilo\downloads\adobe_photoshop_cs3_extended_v10__(with_crack_full_version)\adobe cs3\payloads\adobeextendscripttoolkitall\adobeextendscripttoolkitall.proxy.xml
c:\users\panfilo\downloads\adobe_photoshop_cs3_extended_v10__(with_crack_full_version)\_crack_\read.txt
c:\users\panfilo\downloads\games\aoe3_complete\aoe3_asian\crack\age3y.exe
c:\users\panfilo\downloads\games\aoe3_complete\aoe3_asian\crack\bat-a3ad.7z
c:\users\panfilo\downloads\games\aoe3_complete\aoe3_asian\crack\battery.nfo
c:\users\panfilo\downloads\games\aoe3_complete\aoe3_asian\crack\orientaldyn101-ch.zip
c:\users\panfilo\downloads\games\aoe3_complete\aoe3_orig\crack\age3.exe
c:\users\panfilo\downloads\games\aoe3_complete\aoe3_orig\crack\pwz.nfo
c:\users\panfilo\downloads\games\aoe3_complete\aoe3_orig\crack\trainer\age of empires 3 promo trainer.exe
c:\users\panfilo\downloads\games\aoe3_complete\aoe3_orig\crack\trainer\age of empires 3 promo trainer.txt
c:\users\panfilo\downloads\games\aoe3_complete\aoe3_warchief\crack\age3x.exe
c:\users\panfilo\downloads\games\aoe3_complete\aoe3_warchief\crack\pwz.nfo
c:\users\panfilo\downloads\games\aoe3_complete\aoe3_warchief\crack\unlocker\tnt.nfo
c:\users\panfilo\downloads\games\aoe3_complete\aoe3_warchief\crack\unlocker\my games\age of empires 3\users2\lastprofile2.dat
c:\users\panfilo\downloads\games\aoe3_complete\aoe3_warchief\crack\unlocker\my games\age of empires 3\users2\tnt.xml
c:\users\panfilo\downloads\magix music maker 15\crack\musicmaker.exe
scanner sequence 3.ZZ.11
----- EOF -----
psanchez65
Regular Member
 
Posts: 19
Joined: August 14th, 2010, 11:54 am

Re: Windows update error - redirected from web search links

Unread postby Cypher » August 19th, 2010, 12:33 pm

Hi psanchez65.
I appriciate your help, thanks...

You're welcome.

Cracked/Keygen related software detected!!!

While going through your logs I found out that you have downloaded various keygen/cracked software and that you are actively using it.
Adobe Photoshop CS3
aoe3_complete

Our forum policy Here says we will not help people who use cracked or pirated software.
You likely got infected by using cracked software or visiting crack sites.
Hence, i would like you to remove all the crack/keygen applications that are present on your system

NOTE: If you give me advice that the software/Keygens have been removed & I find it has not (the tools we use can & will detect it) then I will have no choice but to have this thread closed.
If you would like me to continue helping you remove all the cracked software on you're PC then post a new CKScanner log.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 15148
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns
Advertisement
Register to Remove

Next

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 623 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware