Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

redirect II

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

redirect II

Unread postby saithdire » September 16th, 2012, 3:17 pm

Thank you for your prompt and patient reply. I really want to be as thorough as possible for you.

Sorry I'm so clueless. It appears to me that conflicting information is provided on what to do - one place I saw to zip the txt files and attach them, and another place it said to post them within the message. Here is my original message, followed by a paste of the two txt files. I hope this is the correct process.

In further attempts to figure out this situation, it appears that the redirection leads me to Scour.com When I check the properties for that I get http://scour.com So this does not tell me what to delete on my system so it does not redirect. Windows Task Manager Applications shows that 'Scour Search - Windows Internet Explorer' is Running. There is nothing with that name showing in Task Manager's Processes.

A rundll error I get regularly is shown in one of the txt files, tho I can't find it now. If it doesn't jump out at you, I'll just keep clicking thru it. Sorry I am incomplete in this description.
****************************

As a search in Google, I typed in Vaylord Cox. The appropriate screen appeared. When I select an item on the results screen, the tab briefly shows "redirect" and then gives me the following screen, in large font, in blue, rather than the item I selected:
----------------------------------------------------------------------------
You searched for: vaylord cox Sponsored Results Cox Cable Deals

Your Area's Fasted High Speed Available For Under $19.99/mo. Act Now

coxauthorizedoffers.com
Save Big with Cox Deals

Don't Delay! Call 8558604979 For Hot Deals On TV, Phone & Internet

coxbundledeals.com
Cox Communications Deals

Cox Cable TV & Internet Start At Just $89.99/mo. Order Cox Cable Today!
[/color]www.connecttocox.com/specials
Cox Cable Internet Deals

Get Cox high speed Internet $19.95/mo for 3 months and a free modem.

http://www.getcableoffers.com
We Found Vaylord cox

InstantAddress, Phone, Age & More. Search for Vaylord cox Now!

http://www.intelius.com
Explore Other Topics
------------------------------------------------------------

There is not even a pretense of giving me what I requested.

Sometimes I get the address 63.209.107. After that, sometimes I get a Microsoft warning that that is a dangerous site. Sometimes I've received 'Babylon', which I have uninstalled and deleted. But even without that I still get some other malware interference.

Can you help me? I'm not much of a techie but I'm quick to learn.

Thanks.


UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume1
Install Date: 7/1/2006 12:39:33 PM
System Uptime: 9/14/2012 3:12:58 PM (45 hours ago)
.
Motherboard: ASUSTeK Computer INC. | | Onyx2
Processor: Intel(R) Celeron(R) M processor 1.70GHz | CPU 1 | 1697/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 143 GiB total, 99.48 GiB free.
D: is FIXED (FAT32) - 6 GiB total, 0.414 GiB free.
E: is CDROM ()
F: is Removable
G: is Removable
H: is Removable
I: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {6BDD1FC6-810F-11D0-BEC7-08002BE2092F}
Description: Photosmart Plus B209a-m
Device ID: ROOT\IMAGE\0000
Manufacturer: HP
Name: Plus B209a-m,192.168.1.4
PNP Device ID: ROOT\IMAGE\0000
Service: StillCam
.
Class GUID: {4D36E971-E325-11CE-BFC1-08002BE10318}
Description: Photosmart Plus B209a-m
Device ID: ROOT\MULTIFUNCTION\0000
Manufacturer: HP
Name: Photosmart Plus B209a-m
PNP Device ID: ROOT\MULTIFUNCTION\0000
Service:
.
Class GUID: {4D36E971-E325-11CE-BFC1-08002BE10318}
Description: Photosmart Prem C410 series
Device ID: ROOT\MULTIFUNCTION\0001
Manufacturer: HP
Name: Photosmart Prem C410 series
PNP Device ID: ROOT\MULTIFUNCTION\0001
Service:
.
==== System Restore Points ===================
.
RP2154: 6/18/2012 2:50:17 PM - ARO 2012 - Before Installation
RP2155: 6/18/2012 2:50:45 PM - ARO 2012 - FIRST RUN
RP2156: 6/18/2012 2:58:04 PM - ARO 2012 Mon, Jun 18, 12 14:57
RP2157: 6/19/2012 2:13:40 AM - Software Distribution Service 3.0
RP2158: 6/19/2012 5:43:00 PM - Installed Windows XP -- Software Updates KB952011.
RP2159: 6/20/2012 6:40:10 PM - System Checkpoint
RP2160: 6/21/2012 7:40:01 PM - System Checkpoint
RP2161: 6/22/2012 2:13:22 AM - Software Distribution Service 3.0
RP2162: 6/25/2012 1:36:02 PM - System Checkpoint
RP2163: 6/26/2012 1:34:37 AM - Software Distribution Service 3.0
RP2164: 6/27/2012 2:08:48 AM - System Checkpoint
RP2165: 6/28/2012 3:08:45 AM - System Checkpoint
RP2166: 6/29/2012 1:34:25 AM - Software Distribution Service 3.0
RP2167: 6/30/2012 2:08:47 AM - System Checkpoint
RP2168: 7/1/2012 3:08:45 AM - System Checkpoint
RP2169: 7/2/2012 4:07:27 AM - System Checkpoint
RP2170: 7/2/2012 3:13:51 PM - Windows Defender Checkpoint
RP2171: 7/2/2012 11:51:08 PM - Software Distribution Service 3.0
RP2172: 7/4/2012 12:08:21 AM - System Checkpoint
RP2173: 7/5/2012 12:49:04 AM - System Checkpoint
RP2174: 7/6/2012 1:36:35 AM - Software Distribution Service 3.0
RP2175: 7/7/2012 1:52:39 AM - System Checkpoint
RP2176: 7/8/2012 2:05:07 AM - System Checkpoint
RP2177: 7/9/2012 2:37:59 AM - System Checkpoint
RP2178: 7/10/2012 2:13:02 AM - Software Distribution Service 3.0
RP2179: 7/11/2012 3:00:20 AM - Software Distribution Service 3.0
RP2180: 7/12/2012 2:12:18 AM - Software Distribution Service 3.0
RP2181: 7/13/2012 1:48:32 AM - Software Distribution Service 3.0
RP2182: 7/14/2012 2:42:17 AM - System Checkpoint
RP2183: 7/15/2012 3:42:20 AM - System Checkpoint
RP2184: 7/16/2012 4:41:33 AM - System Checkpoint
RP2185: 7/17/2012 4:45:29 AM - System Checkpoint
RP2186: 7/18/2012 5:42:21 AM - System Checkpoint
RP2187: 7/19/2012 9:02:45 AM - System Checkpoint
RP2188: 7/20/2012 2:47:04 PM - Removed Ask Toolbar.
RP2189: 7/23/2012 7:25:24 AM - System Checkpoint
RP2190: 7/23/2012 8:37:49 AM - Installed %1 %2.
RP2191: 7/23/2012 10:15:22 AM - Restore Operation
RP2192: 7/23/2012 10:49:36 AM - Installed HiJackThis
RP2193: 7/23/2012 10:53:24 AM - Installed %1 %2.
RP2194: 7/23/2012 3:29:56 PM - Before uninstall Norton Security Suite
RP2195: 7/23/2012 3:35:18 PM - Before uninstall HiJackThis
RP2196: 7/23/2012 3:35:22 PM - Removed HiJackThis
RP2197: 7/25/2012 4:37:45 PM - System Checkpoint
RP2198: 8/1/2012 11:31:18 AM - System Checkpoint
RP2199: 8/2/2012 2:57:46 PM - System Checkpoint
RP2200: 8/3/2012 2:58:42 PM - System Checkpoint
RP2201: 8/4/2012 3:02:36 PM - System Checkpoint
RP2202: 8/5/2012 3:23:12 PM - System Checkpoint
RP2203: 8/6/2012 5:14:03 PM - System Checkpoint
RP2204: 8/7/2012 6:57:52 PM - System Checkpoint
RP2205: 8/8/2012 7:47:58 PM - System Checkpoint
RP2206: 8/9/2012 9:01:09 PM - System Checkpoint
RP2207: 8/10/2012 10:45:14 PM - System Checkpoint
RP2208: 8/12/2012 12:33:05 AM - System Checkpoint
RP2209: 8/13/2012 1:38:45 AM - System Checkpoint
RP2210: 8/14/2012 2:58:26 AM - System Checkpoint
RP2211: 8/15/2012 10:16:17 AM - System Checkpoint
RP2212: 8/16/2012 3:00:14 AM - Software Distribution Service 3.0
RP2213: 8/17/2012 7:39:00 AM - System Checkpoint
RP2214: 8/18/2012 9:10:03 AM - System Checkpoint
RP2215: 8/19/2012 9:58:03 AM - System Checkpoint
RP2216: 8/20/2012 10:58:02 AM - System Checkpoint
RP2217: 8/21/2012 11:10:27 AM - System Checkpoint
RP2218: 8/22/2012 12:41:57 PM - System Checkpoint
RP2219: 8/23/2012 1:10:12 PM - System Checkpoint
RP2220: 8/24/2012 2:47:21 PM - System Checkpoint
RP2221: 8/25/2012 3:10:42 PM - System Checkpoint
RP2222: 8/26/2012 4:10:15 PM - System Checkpoint
RP2223: 8/27/2012 5:00:50 PM - System Checkpoint
RP2224: 8/28/2012 6:00:49 PM - System Checkpoint
RP2225: 8/29/2012 7:00:31 PM - System Checkpoint
RP2226: 8/30/2012 8:00:30 PM - System Checkpoint
RP2227: 8/31/2012 9:00:31 PM - System Checkpoint
RP2228: 9/1/2012 10:00:31 PM - System Checkpoint
RP2229: 9/2/2012 10:42:00 PM - System Checkpoint
RP2230: 9/3/2012 11:41:59 PM - System Checkpoint
RP2231: 9/5/2012 12:42:00 AM - System Checkpoint
RP2232: 9/5/2012 11:45:23 AM - Installed PKZIP for Windows 12.40.0016.
RP2233: 9/6/2012 12:19:20 PM - System Checkpoint
RP2234: 9/7/2012 1:27:10 PM - System Checkpoint
RP2235: 9/8/2012 2:19:20 PM - System Checkpoint
RP2236: 9/9/2012 3:19:20 PM - System Checkpoint
RP2237: 9/9/2012 6:14:44 PM - Installed TurboTax 2011 wcoiper
RP2238: 9/10/2012 6:19:20 PM - System Checkpoint
RP2239: 9/11/2012 6:19:29 PM - System Checkpoint
RP2240: 9/12/2012 6:25:16 PM - System Checkpoint
RP2241: 9/13/2012 3:00:14 AM - Software Distribution Service 3.0
RP2242: 9/14/2012 10:02:29 AM - System Checkpoint
RP2243: 9/15/2012 10:17:06 AM - System Checkpoint
RP2244: 9/15/2012 2:38:37 PM - Removed BabylonObjectInstaller
.
==== Installed Programs ======================
.
.
1600
1600_Help
1600Trb
32 Bit HP CIO Components Installer
5 Clicks
7-Zip 9.20
Acrobat.com
Adobe AIR
Adobe Download Manager 2.0 (Remove Only)
Adobe Flash Player 11 ActiveX
Adobe Reader X (10.1.3)
Adobe Shockwave Player 11.6
Adobe® Photoshop® Album Starter Edition 3.2
Agere Systems PCI-SV92PP Soft Modem
AiO_Scan
AiO_Scan_CDA
AiOSoftware
AiOSoftwareNPI
AnswerWorks 5.0 English Runtime
ArcSoft Software Suite
ARO 2012
Auslogics Disk Defrag
B209a-m
Big Kahuna Reef
Blackhawk Striker 2
Blasterball 2 Remix
Blasterball 2 Revolution
Bookworm Deluxe
Bounce Symphony
BufferChm
C410
CameraDrivers
CameraUserGuides
CCleaner
Chuzzle Deluxe
Comcast High-Speed Internet Install Wizard
Coupon Printer for Windows
CP_AtenaShokunin1Config
CP_CalendarTemplates1
cp_OnlineProjectsConfig
CP_Package_Basic1
CP_Package_Variety1
CP_Package_Variety2
CP_Package_Variety3
CP_Panorama1Config
cp_PosterPrintConfig
Critical Update for Windows Media Player 11 (KB959772)
CueTour
Customer Experience Enhancement
Deals Plugin
DeductionPro 2006
DesignPro 5.0 Limited Edition
Destinations
DeviceDiscovery
Diner Dash
DocProc
Docudesk GPL Ghostscript 8.15
DocumentViewer
Fairies
Family Feud
FATE
Fax
Fax_CDA
File Extractor
Flip Words
FullDPAppQFolder
Funmoods Web Search
GdiplusUpgrade
getPlus(R)_ocx
GIMP 2.4.7
Glary Utilities 2.47.0.1539
Google Chrome
Google Earth
Google Update Helper
Google Updater
GPBaseService2
Graboid Video 1.73
H&R Block Colorado 2010
H&R Block Premium + Efile + State 2010
High Definition Audio Driver Package - KB888111
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
HP Boot Optimizer
HP Customer Participation Program 14.0
HP Deskjet Printer Preload
HP Document Viewer 6.1
HP DVD Play 2.1
HP Game Console
HP Imaging Device Functions 14.0
HP Organize
HP Photo Creations
HP Photosmart 330,380,420,470,7800,8000,8200 Series
HP Photosmart Cameras 6.0
HP Photosmart Plus B209a-m All-in-One Driver Software 14.0 Rel. 6
HP Photosmart Prem C410 All-In-One Driver Software 14.0 Rel. 7
HP Photosmart Premier Software 6.1
HP PSC & OfficeJet 5.3.B
HP PSC & OfficeJet 6.1.A
HP Rhapsody
HP Smart Web Printing 4.60
HP Solution Center 14.0
HP Support Overview
HP Web Helper
HPAppStudio
hpiCamDrvQFolder
HPProductAssistant
HpSdpAppCoreApp
HPSSupply
Insaniquarium Deluxe
InstallMgr
InstantShareDevices
Intel(R) Graphics Media Accelerator Driver
Intel(R) PRO Network Connections Drivers
Internet Explorer (Enable DEP)
J2SE Runtime Environment 5.0 Update 5
Java Auto Updater
Java(TM) 6 Update 24
Java(TM) 6 Update 3
Java(TM) 6 Update 7
Jewel Quest
KODAK Gallery Upload Software
LUMIX Simple Viewer
Malwarebytes Anti-Malware version 1.62.0.1300
MarketResearch
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Automated Troubleshooting Services Shim
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Default Manager
Microsoft Fix it Center
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft National Language Support Downlevel APIs
Microsoft Office Basic Edition 2003
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Word Viewer 2003
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
MSN
MSN Toolbar
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MyHeritage Family Tree Builder
Mystery Case Files
Network
NewCopy
NewCopy_CDA
OCR Software by I.R.I.S. 14.0
PanoStandAlone
PC-Doctor 5 for Windows
PC Suite for Nokia 6600
Pdf995 (installed by TaxCut)
PdfEdit995 (installed by TaxCut)
PHOTOfunSTUDIO -viewer-
PhotoGallery
Picasa 3
Pidgin
PKZIP for Windows 12.40.0016
Polar Bowler
ProductContext
PS_AIO_06_B209a-m_SW_Min
PS_AIO_07_C410_SW_Min
PSPrinters08
PSTAPlugin
Python 2.2.3
QFolder
Quicken 2006
QuickTransfer
RandMap
Readme
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
Realtek High Definition Audio Driver
RealUpgrade 1.1
Rhapsody Player Engine
Ricochet Lost Worlds
SaveTheChildren Reminder by We-Care.com v4.0.18.4
Scan
ScannerCopy
SCRABBLE
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft Windows (KB2564958)
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2530548)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB2647516)
Security Update for Windows Internet Explorer 8 (KB2675157)
Security Update for Windows Internet Explorer 8 (KB2699988)
Security Update for Windows Internet Explorer 8 (KB2722913)
Security Update for Windows Internet Explorer 8 (KB969897)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2491683)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2621440)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB2641653)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2647518)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2655992)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2660465)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2685939)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2691442)
Security Update for Windows XP (KB2695962)
Security Update for Windows XP (KB2698365)
Security Update for Windows XP (KB2705219)
Security Update for Windows XP (KB2707511)
Security Update for Windows XP (KB2709162)
Security Update for Windows XP (KB2712808)
Security Update for Windows XP (KB2718523)
Security Update for Windows XP (KB2719985)
Security Update for Windows XP (KB2723135)
Security Update for Windows XP (KB2731847)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Shop for HP Supplies
SkinsHP1
Slingo Deluxe
SmartWebPrinting
SolutionCenter
Sonic Express Labeler
Sonic RecordNow Audio
Sonic RecordNow Copy
Sonic RecordNow Data
Sonic Update Manager
Sonic_PrimoSDK
Spybot - Search & Destroy
Status
SUPERAntiSpyware
swMSM
Symantec Technical Support Web Controls
TaxCut Colorado 2007
TaxCut Premium + State 2007
TaxCut Premium 2006
Tennis Titans
Toolbox
Tradewinds
TrayApp
TurboTax 2008
TurboTax 2008 wcoiper
TurboTax 2008 WinPerFedFormset
TurboTax 2008 WinPerProgramHelp
TurboTax 2008 WinPerReleaseEngine
TurboTax 2008 WinPerTaxSupport
TurboTax 2008 WinPerUserEducation
TurboTax 2008 wrapper
TurboTax 2011
TurboTax 2011 wcoiper
TurboTax 2011 WinPerFedFormset
TurboTax 2011 WinPerReleaseEngine
TurboTax 2011 WinPerTaxSupport
TurboTax 2011 wrapper
Unload
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB971180)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2607712)
Update for Windows XP (KB2616676)
Update for Windows XP (KB2641690)
Update for Windows XP (KB2718704)
Update for Windows XP (KB2736233)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Updates from HP (remove only)
ViewSonic Monitor Drivers
VLC media player 1.0.1
Web Assistant 2.0.0.459
WebFldrs XP
WebReg
WildTangent Web Driver
Windows Defender
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Media Player 11
Windows PowerShell(TM) 1.0
Windows XP Service Pack 3
Your Uninstaller! Version 6.3
.
==== Event Viewer Messages From Past Week ========
.
9/15/2012 2:38:38 PM, error: Service Control Manager [7023] - The Application Management service terminated with the following error: The specified module could not be found.
9/14/2012 3:14:58 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: ftsata2
9/14/2012 3:14:58 PM, error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service.
9/13/2012 4:32:06 PM, error: SideBySide [59] - Resolve Partial Assembly failed for Microsoft.VC90.CRT. Reference error message: The referenced assembly is not installed on your system. .
9/13/2012 4:32:06 PM, error: SideBySide [59] - Generate Activation Context failed for C:\Program Files\Norton Security Suite\Engine\4.3.0.5\buShell.dll. Reference error message: The operation completed successfully. .
9/13/2012 4:32:06 PM, error: SideBySide [32] - Dependent Assembly Microsoft.VC90.CRT could not be found and Last Error was The referenced assembly is not installed on your system.
.
==== End Of File ===========================
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702
Run by HP_Owner at 12:40:16 on 2012-09-16
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2039.1394 [GMT -6:00]
.
AV: Norton Security Suite *Enabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Worm Protection *Disabled*
FW: Norton Security Suite *Enabled*
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\WINDOWS\ALCMTR.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\rundll32.exe
svchost.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\WINDOWS\system32\svchost.exe -k hpdevmgmt
C:\WINDOWS\system32\svchost.exe -k HPService
C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Web Assistant\ExtensionUpdaterService.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Internet Explorer\iexplore.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uSearch Page = hxxp://www.google.com
uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktop
uDefault_Search_URL = hxxp://www.google.com/ie
uSearch Bar = hxxp://www.google.com/ie
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
mStart Page = hxxp://start.funmoods.com/?f=1&a=afterd ... 1540794714
mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktop
uInternet Connection Wizard,ShellNext = hxxp://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktop
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/ie
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: Deals Plugin: {11111111-1111-1111-1111-110011461137} - c:\program files\deals plugin\Deals Plugin.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: Web Assistant: {336d0c35-8a85-403a-b9d2-65c292c39087} - c:\program files\web assistant\Extension32.dll
BHO: Funmoods Helper Object: {75ebb0aa-4214-4cb4-90ec-e3e07ecd04f7} - c:\progra~1\funmoods\1.5.23.22\bh\escort.dll
BHO: Wajam: {a7a6995d-6ee1-4fd1-a258-49395d5bf99c} - c:\program files\wajam\ie\priam_bho.dll
BHO: hpWebHelper Class: {aaae832a-5fff-4661-9c8f-369692d1dcb9} - c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\plugin\webhelper.dll
BHO: MSN Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\msn\toolbar\3.0.1125.0\msneshellx.dll
BHO: WeCareReminder Class: {d824f0de-3d60-4f57-9eb1-66033ecd8abb} - c:\documents and settings\all users\application data\wecarereminder\IEHelperv2.5.0.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: MSN Toolbar: {1e61ed7c-7cb8-49d6-b9e9-ab4c880c8414} - c:\program files\msn\toolbar\3.0.1125.0\msneshellx.dll
TB: Funmoods Toolbar: {a4c272ec-ed9e-4ace-a6f2-9558c7f29ef3} - c:\progra~1\funmoods\1.5.23.22\escorTlbr.dll
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
TB: &Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
uRun: [DVDPlay] rundll32.exe "c:\documents and settings\hp_owner\local settings\application data\google\dvdplay\rmbsvjwt.dll",DllRegisterServerW
mRun: [High Definition Audio Property Page Shortcut] HDAShCut.exe
mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe
mRun: [igfxpers] c:\windows\system32\igfxpers.exe
mRun: [SoundMan] SOUNDMAN.EXE
mRun: [AlcWzrd] ALCWZRD.EXE
mRun: [Alcmtr] ALCMTR.EXE
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
dRun: [DVDPlay] rundll32.exe "c:\documents and settings\hp_owner\local settings\application data\google\dvdplay\rmbsvjwt.dll",DllRegisterServerW
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\pkzipa~1.lnk - c:\program files\pkware\pkzipm\12.40.0016\PKTray.exe
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
LSP: mswsock.dll
Trusted Zone: internet
Trusted Zone: intuit.com\ttlc
Trusted Zone: mcafee.com
DPF: {08D390AE-5101-4701-A89F-6C6DADCCC402} - hxxp://photos.msn.com/resources/neutral ... 10,0,910,0
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://fpdownload.macromedia.com/pub/sh ... tor/sw.cab
DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} - hxxp://office.microsoft.com/officeupdat ... /opuc3.cab
DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} - hxxps://h20436.www2.hp.com/ediags/dex/s ... DEXAXO.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shoc ... wflash.cab
DPF: {FE5B9F54-7764-4C01-89F0-4862601EE954} - hxxp://photos.msn.com/resources/neutral ... 10,0,910,0
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{80443072-5384-4D29-A197-604ECE8884D8} : DhcpNameServer = 16.92.3.242 16.92.3.243 16.81.3.243 16.118.3.243
TCP: Interfaces\{FD399990-68CD-4300-8B71-5F24FD14F834} : DhcpNameServer = 192.168.1.1
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - c:\progra~1\wifd1f~1\MpShHook.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
.
============= SERVICES / DRIVERS ===============
.
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\n360\0500000.07d\SymDS.sys [2011-11-1 340016]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\n360\0500000.07d\SymEFA.sys [2011-11-1 652336]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\n360\0500000.07d\Ironx86.sys [2011-11-1 136312]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2011-8-11 116608]
R2 IntuitUpdateServiceV4;Intuit Update Service v4;c:\program files\common files\intuit\update service v4\IntuitUpdateService.exe [2012-2-6 13672]
R2 Web Assistant Updater;Web Assistant Updater;c:\program files\web assistant\ExtensionUpdaterService.exe [2012-8-8 185856]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-1-13 136176]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-7-23 250056]
S3 BHDrvx86;BHDrvx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_4.0.0.127\definitions\bashdefs\20111027.001\BHDrvx86.sys [2011-11-1 818808]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-1-13 136176]
S3 hitmanpro36;Hitman Pro 3.5 Support Driver;c:\windows\system32\drivers\hitmanpro36.sys [2012-7-20 27424]
S3 IDSxpx86;IDSxpx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_4.0.0.127\definitions\ipsdefs\20111109.030\IDSXpx86.sys [2011-11-9 356280]
S3 MatSvc;Microsoft Automated Troubleshooting Service;c:\program files\microsoft fix it center\Matsvc.exe [2011-6-13 267568]
S3 NAVENG;NAVENG;\??\c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_4.0.0.127\definitions\virusdefs\20111110.002\naveng.sys --> c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_4.0.0.127\definitions\virusdefs\20111110.002\NAVENG.SYS [?]
S3 NAVEX15;NAVEX15;\??\c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_4.0.0.127\definitions\virusdefs\20111110.002\navex15.sys --> c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_4.0.0.127\definitions\virusdefs\20111110.002\NAVEX15.SYS [?]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2012-09-05 17:53:04 -------- d-----w- c:\documents and settings\hp_owner\application data\Funmoods
2012-09-05 17:53:04 -------- d-----w- c:\documents and settings\all users\application data\Babylon
2012-09-05 17:53:03 -------- d-----w- c:\documents and settings\hp_owner\application data\Babylon
2012-09-05 17:52:57 -------- d-----w- c:\documents and settings\hp_owner\local settings\application data\Wajam
2012-09-05 17:52:56 -------- d-----w- c:\documents and settings\all users\application data\WeCareReminder
2012-09-05 17:49:04 -------- d-----w- c:\documents and settings\hp_owner\local settings\application data\Deals Plugin
2012-09-05 17:49:03 -------- d-----w- c:\program files\Deals Plugin
2012-09-05 17:49:00 -------- d-----w- c:\program files\Funmoods
2012-09-05 17:48:55 -------- d-----w- c:\program files\Tweaks
2012-09-05 17:45:24 -------- d-----w- c:\program files\PKWARE
2012-09-05 17:45:24 -------- d-----w- c:\program files\common files\PKWARE
.
==================== Find3M ====================
.
2012-08-18 17:16:22 81920 ----a-w- c:\windows\ALCFDRTM.VER
2012-07-23 16:41:07 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-07-23 16:41:07 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-07-20 21:49:29 27424 ----a-w- c:\windows\system32\drivers\hitmanpro36.sys
2012-07-06 13:58:51 78336 ----a-w- c:\windows\system32\browser.dll
2012-07-04 14:05:18 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-07-03 19:46:44 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-07-03 13:40:15 1866112 ----a-w- c:\windows\system32\win32k.sys
2012-07-02 17:49:33 916992 ----a-w- c:\windows\system32\wininet.dll
2012-07-02 17:49:32 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-07-02 17:49:32 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-07-02 12:05:43 385024 ----a-w- c:\windows\system32\html.iec
2011-03-31 14:18:14 461 ----a-w- c:\program files\033120118181450.bat
2007-10-23 00:42:05 3888264 ----a-w- c:\program files\downloadable_install_wizard.exe
2007-05-15 22:16:34 15714552 ----a-w- c:\program files\Google_Earth_BZXV.exe
2006-08-24 23:30:55 533704 ----a-w- c:\program files\AdbeRdr708_DLM_en_US.exe
.
============= FINISH: 12:41:06.10 ===============
saithdire
Active Member
 
Posts: 2
Joined: September 15th, 2012, 6:32 pm
Advertisement
Register to Remove

Re: redirect II

Unread postby Gary R » September 19th, 2012, 9:25 am

Your logs show signs of a Remote Access Infection on your computer.

LSP: mswsock.dll


These indicate you are infected with ....



Please take time to carefully read THIS topic, then let me know how you want to proceed.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: redirect II

Unread postby Gary R » September 22nd, 2012, 3:22 pm

Due to lack of response, this topic is now closed.

If you still require help, please open a new thread in the Infected? Virus, malware, adware, ransomware, oh my! forum, include a fresh FRST log, and wait for a new helper.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire


Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 140 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware