Free Malware Removal Forum

[PBZPartyballzPBZ]

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:40:44 AM, on 1/28/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\bgsvcgen.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
C:\Program Files\Digidesign\Drivers\MMERefresh.exe
C:\Program Files\Juniper Networks\Common Files\dsNcService.exe
C:\Program Files\Nero\Nero8\InCD\InCDsrv.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Nero\Nero8\InCD\NBHRegInCDSrv.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
C:\Program Files\Dantz\Retrospect\retrorun.exe
C:\WINDOWS\system32\carpserv.exe
C:\WINDOWS\System32\sistray.EXE
C:\WINDOWS\System32\khooker.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
C:\WINDOWS\MXOALDR.EXE
C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
C:\Program Files\Creative\SBLive 24-Bit External\Surround Mixer\CTSysVol.exe
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\system32\MAFWTray.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Nero\Nero8\InCD\NBHGui.exe
C:\Program Files\Nero\Nero8\InCD\InCD.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Creative\SBLive 24-Bit External\Entertainment Center\EAXLoadr.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Documents and Settings\Behrang Khoie\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Behrang Khoie\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://news.google.com/news?ned=us
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: Synapse UrlSearchHook Class - {3D31A26E-04D4-4B45-AFD4-DA4E1AE4AF1B} - C:\Program Files\Fuji Medical System\Synapse\Workstation\FujiFld.dll
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll
O2 - BHO: Synapse BHO - {33414365-E6C7-460d-880A-A163BD69E84D} - C:\Program Files\Fuji Medical System\Synapse\Workstation\FujiFld.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [srmclean] C:\Cpqs\Scom\srmclean.exe
O4 - HKLM\..\Run: [SiS Tray] C:\WINDOWS\System32\sistray.EXE
O4 - HKLM\..\Run: [SiS KHooker] C:\WINDOWS\System32\khooker.exe
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
O4 - HKLM\..\Run: [MXO Auto Loader] C:\WINDOWS\MXOALDR.EXE
O4 - HKLM\..\Run: [RCSystem] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" RCSystem * -Startup
O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBLive 24-Bit External\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [SbUsb AudCtrl] RunDll32 sbusbdll.dll,RCMonitor
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [PPort11reminder] "C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\Documents and Settings\All Users\Application Data\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini
O4 - HKLM\..\Run: [MAFWTaskbarApp] C:\WINDOWS\system32\MAFWTray.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SecurDisc] C:\Program Files\Nero\Nero8\InCD\NBHGui.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Nero\Nero8\InCD\InCD.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Behrang Khoie\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O8 - Extra context menu item: &ieSpell Options - res://C:\Program Files\ieSpell\iespell.dll/SPELLOPTION.HTM
O8 - Extra context menu item: Check &Spelling - res://C:\Program Files\ieSpell\iespell.dll/SPELLCHECK.HTM
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O8 - Extra context menu item: Lookup on Merriam Webster - file://C:\Program Files\ieSpell\Merriam Webster.HTM
O8 - Extra context menu item: Lookup on Wikipedia - file://C:\Program Files\ieSpell\wikipedia.HTM
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra 'Tools' menuitem: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra button: (no name) - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra 'Tools' menuitem: ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: 55963676-2F5E-4BAF-AC28-CF26AA587566 - vpnweb.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... oader5.cab
O16 - DPF: {106E49CF-797A-11D2-81A2-00E02C015623} (AlternaTIFF ActiveX) - http://www.alternatiff.com/install/00/alttiff.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1FBD11EF-1260-11D1-87A7-444553540001} (Synapse) - http://pacsweb/osd/SynapseWorkstationInf.cab
O16 - DPF: {2A0B9B82-D5C8-4D3D-8338-AD55B23662B1} (F5 Networks CacheCleaner) - https://remoteaccess.ulh.org/vdesk/cach ... ,0514,2338
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/Shar ... vSniff.cab
O16 - DPF: {2BCDB465-81F9-41CB-832C-8037A4064446} (F5 Networks VPN Manager) - https://remoteaccess.ulh.org/vdesk/term ... ,0514,2345
O16 - DPF: {41EF3CD2-D8CC-4438-84B1-280BB4E77C8E} (F5 Networks Dynamic Application Tunnel Control) - https://remoteaccess.ulh.org/vdesk/term ... ,0514,2343
O16 - DPF: {45B69029-F3AB-4204-92DE-D5140C3E8E74} (F5 Networks Auto Update) - https://remoteaccess.ulh.org/vdesk/term ... ,0514,2345
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {4B536A4F-D1BB-498C-B6B1-65D37ED772D9} - http://172.18.255.10/hrs/download/Setup.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/Shar ... /cabsa.cab
O16 - DPF: {6C275925-A1ED-4DD2-9CEE-9823F5FDAA10} (F5 Networks SSLTunnel) - https://remoteaccess.ulh.org/vdesk/term ... ,0514,2337
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 3993313649
O16 - DPF: {7584C670-2274-4EFB-B00B-D6AABA6D3850} (Microsoft RDP Client Control (redist)) - https://ts.unr.edu/tsaccess/msrdp.cab
O16 - DPF: {7E73BE8F-FD87-44EC-8E22-023D5FF960FF} (F5 Virtual Sandbox Class) - https://remoteaccess.ulh.org/vdesk/term ... ,0514,2342
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl.sun.com/webapps/download/ ... leId=23100
O16 - DPF: {9554D93D-C653-4AFD-854C-AF61F7BF7F42} (Synapse Workstation Class) - http://pacsweb/osd/synapseWorkstationInf.cab
O16 - DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader2.cab
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.crucial.com/controls/cpcScanner.cab
O16 - DPF: {CC85ACDF-B277-486F-8C70-2C9B2ED2A4E7} (F5 Networks SuperHost Class) - https://remoteaccess.ulh.org/vdesk/term ... ,0514,2341
O16 - DPF: {E0FF21FA-B857-45C5-8621-F120A0C17FF2} (F5 Networks Host Control) - https://remoteaccess.ulh.org/vdesk/term ... ,0514,2340
O16 - DPF: {EE986640-0821-4482-B4A3-C41EB8A18597} (WebLocator Class) - https://netaccess.smshealthconx.net/NTA ... xtlets.cab
O16 - DPF: {F88E6FA9-579E-4AE9-8DDA-C48BB36B0A32} (SynapseInstallHelper Class) - http://pacsweb/osd/x86/win95/FujiInst.cab
O16 - DPF: {F88F142A-96AE-40CC-B562-4C91B5E5A5CD} (IkmControlDownloader Control) - http://l0dydocumentmanagement.asp.sieme ... loader.cab
O16 - DPF: {FFA315A3-20D3-11CF-8FDD-943611C10000} (Ter Control) - https://netaccess.smshealthconx.net/NTA ... bPrint.cab
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: US Department of Veterans Affairs VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: DefWatch - Symantec Corporation - C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
O23 - Service: Digidesign MME Refresh Service (DigiRefresh) - Digidesign, A Division of Avid Technology, Inc. - C:\Program Files\Digidesign\Drivers\MMERefresh.exe
O23 - Service: digiSPTIService - Digidesign, A Division of Avid Technology, Inc. - C:\Program Files\Digidesign\Pro Tools\digiSPTIService.exe
O23 - Service: Juniper Network Connect Service (dsNcService) - Juniper Networks - C:\Program Files\Juniper Networks\Common Files\dsNcService.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero8\InCD\InCDsrv.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Nero Registry InCD Service (NeroRegInCDSrv) - Nero AG - C:\Program Files\Nero\Nero8\InCD\NBHRegInCDSrv.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: Symantec AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
O23 - Service: Retrospect Launcher (RetroLauncher) - Dantz Development Corporation - C:\Program Files\Dantz\Retrospect\retrorun.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: Cisco AnyConnect VPN Agent (vpnagent) - Cisco Systems, Inc. - C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

--
End of file - 14662 bytes

[MWR 3 day Mod]

Hi,

We are sorry to see your topic is over three days old and no one has yet been able to respond and offer help.

If you still require assistance, please post a link to your topic in our Waiting for help with malware removal? forum, and our staff will make an effort to assist you as promptly as possible. Only post a LINK to this topic, DO NOT post your DDS log!

Please do not reply to this topic.

If you haven't posted within two days in the "Waiting for help with malware removal?" forum, we will assume you have been able to get assistance in other ways and this topic will be closed.

[xixo_12]

Hello and Welcome to Malware Removal Forums.

• My name is xixo_12 and I will guide you to encounter the problem that you have now.
• We will work together and I need your attention to read all those instruction carefully.
• Refrain from running self fixes as this will hinder the malware removal process.
• You may wish to print them off or copy the instruction into Notepad.
• If you have any question please don't hesitate to ask.
• The instructions that I will give to you are specific to your current problem and shouldn't be used on other systems.
• If you are receiving help or have received help on this problem elsewhere, please let us know.
• Please post your replies to this thread only and keep interact with me until your computer is clean.

Everything I post to you will be review by MRU Teacher. This process will impact my response time to you. Be patient.
Please! If you need more time to do all the instructions, let me know before 72hours is done. Otherwise, your thread will be closed

Please make sure you have done your reading on this topic : How to get help at this forum

Next,
Uninstall List.

• Run the HiJack This.
• Click on Open the Misc Tools section button.
• Click on Misc Tools tab.
• Under the System tools, click on Open Uninstall Manager button.
• Find the Save list… button and save to the Desktop
• Copy the content and paste the uninstall list here.

Next,
Checklist.
Please post.

• Content of uninstall list.
• Description of your problems.

[PBZPartyballzPBZ]

Hello,

Here is my uninstall list:

Ad-Aware
Ad-Aware
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)
Adobe AIR
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Photoshop Album 2.0 Starter Edition
Adobe Reader 8.1.2
AIM 6
Amazon MP3 Downloader 1.0.3
America Online
AnswerWorks 4.0 Runtime - English
AOL Instant Messenger
Archimedes (Palm) v 7.0.48 by Skyscape
AusLogics Disk Defrag
Avanquest update
AvantGo Client
BeatportDownloader
BeatportDownloader
Brother MFL-Pro Suite
CCleaner (remove only)
CCScore
Cisco AnyConnect VPN Client
Citrix ICA Web Client
Comcast High-Speed Internet Install Wizard
Compatibility Pack for the 2007 Office system
Creative MediaSource 5
Creative System Information
Critical Update for Windows Media Player 11 (KB959772)
DesignPro 5.0 Limited Edition
Diagnosaurus
Digidesign Pro Tools M-Powered Demo 7.3
Digidesign Shared Plug-Ins 7.3
Direct WAV MP3 Splitter 2.4
Documents To Go
Dorland's Electronic Medical Speller
DriverMax 4
Easy CD Creator 5 Basic
Epocrates Essentials
ESSBrwr
ESSCDBK
ESScore
ESSgui
ESShelp
ESSini
ESSPCD
ESSPDock
ESSSONIC
ESSTOOLS
essvatgt
essvcpt
Firewire Family
FreeRIP v3.04b
FrostWire 4.18.1
Garmin Communicator Plugin
Google Toolbar for Internet Explorer
Google Toolbar for Internet Explorer
GroupWise
GSpot Codec Information Appliance
Hard Disk Low Level Format Tool 2.36 build 1181
HijackThis 2.0.2
HLPPDOCK
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
HP USB Disk Storage Format Tool
HRS 11 Distributed
ieSpell
ImageMixer EasyStepDVD
InterLok Driver Kit
InterVideo WinDVD
iTunes
J2SE Runtime Environment 5.0 Update 11
Java(TM) 6 Update 3
Java(TM) 6 Update 5
Java(TM) 6 Update 7
Juniper Networks Network Connect 5.5.0
Juniper Networks Secure Application Manager
kgcbase
Kodak EasyShare software
KSU
LightScribe System Software
LightScribe Template Labeler
Live 6.0.1
Live 7.0.16
LiveReg (Symantec Corporation)
LiveUpdate 1.80 (Symantec Corporation)
Magic ISO Maker v5.4 (build 0251)
Malwarebytes' Anti-Malware
Maxtor OneTouch
MedAlert (Palm) v 8.0.8 by Skyscape
MGI PhotoSuite 8.1 (Remove Only)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Money 2003
Microsoft Money 2003 System Pack
Microsoft National Language Support Downlevel APIs
Microsoft Office XP Professional
Microsoft Office XP Professional with FrontPage
Microsoft Outlook Web Access S/MIME
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Works 7.0
Motorola Driver Installation 3.7.0
Motorola E550-V600i-V535-V545-V547-V551 USB-Handset Manager
Motorola Phone Tools
Motorola Software Update
Mozilla Firefox (3.5.5)
MP3 Splitter & Joiner
Mp3Decode
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nero 8 Essentials
neroxml
NICI (Shared) U.S./Worldwide (128 bit) (2.6.8-2)
NMAS Client
Notifier
OfotoXMI
One-VA VPN Client 5.0.01.0600
OTtBP
OTtBPSDK
palmOne
PaperPort Image Printer
PDF Split-Merge v2.0
Power MP3 Cutter Joiner 1.11
QuickTime
RadRevMnl (Palm) v 7.0.14 by Skyscape
RadRevMnl (Palm) v 7.0.19 by Skyscape
RealPlayer
Realtek AC'97 Audio
Retrospect 6.0
ScanSoft PaperPort 11
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 7 (KB974455)
Security Update for Windows Internet Explorer 7 (KB976325)
Security Update for Windows Internet Explorer 7 (KB978207)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 9 (KB911565)
Security Update for Windows Media Player 9 (KB917734)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950759)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953838)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956390)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958215)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960714)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Serif PhotoPlus 5.5
SFR
SHASTA
SiS M650
SKIN0001
SKINXSDK
smARTupdate
SMSC IrCC V5.1.3600.3 SP1
SoftK56 Data Fax CARP
Sonic Update Manager
Sony Picture Utility
Sound Blaster Live! 24-Bit External
SpeedFan (remove only)
SpeedswitchXP V1.5
staticcr
Stedmans (Palm) v 5.0.184 by Skyscape
Stedman's Concise Medical Dictionary 2.0
Step3 CCS
SUPERAntiSpyware Free Edition
Symantec AntiVirus Client
Synapse Workstation
TurboTax Deluxe 2007
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 7 (KB976749)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
USB Storage Adapter FX (MXO)
VCRedistSetup
Viewpoint Media Player
Virtual DJ - Atomix Productions
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
VPRINTOL
Winamp (remove only)
Windows Genuine Advantage v1.3.0254.0
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player 11
Windows XP Service Pack 3
WIRELESS


The problem I have is that every time I do a search on my web browser (google Chrome), I am automatically redirected to random websites.

Thanks

[xixo_12]

Hi

Firstly
Discussion.
While research through your existing log, I have doubt on these installed programs.
Do you mind to elaborate the purpose of this computer based on the below quote? Is it personal PC/laptop or it has been used for business purpose?

Epocrates Essentials
NICI (Shared) U.S./Worldwide (128 bit) (2.6.8-2)
NMAS Client
smARTupdate
Stedmans (Palm) v 5.0.184 by Skyscape
Stedman's Concise Medical Dictionary 2.0
Synapse Workstation
TurboTax Deluxe 2007
GroupWise

Regards,
xixo_12

[PBZPartyballzPBZ]

Hi

Firstly
Discussion.
While research through your existing log, I have doubt on these installed programs.
Do you mind to elaborate the purpose of this computer based on the below quote? Is it personal PC/laptop or it has been used for business purpose?

Epocrates Essentials
NICI (Shared) U.S./Worldwide (128 bit) (2.6.8-2)
NMAS Client
smARTupdate
Stedmans (Palm) v 5.0.184 by Skyscape
Stedman's Concise Medical Dictionary 2.0
Synapse Workstation
TurboTax Deluxe 2007
GroupWise

Regards,
xixo_12

its a laptop for personal use but those programs you quoted are all non-malicious.

[xixo_12]

Hi PBZPartyballzPBZ ,

Discussion.

its a laptop for personal use but those programs you quoted are all non-malicious.

I think you have misunderstood my questions. We're not talk about non-malicious or malicious program.

There is a lot of medical related programs on your laptop. Some of the installed programmes are not normally associated with home/personal use.
Below quote is just for the reference.

Epocrates Essentials - http://www.epocrates.com/products/winmo ... tials.html
Synapse Workstation - http://www.fujimed.com/products-service ... =5&subid=0

There is two factors that concerning us a lot :

It is impossible for us to differentiate these from ones that have been made by an infection, so in removing what we think is an infection, we may compromise the business set up of your computer.

The scans we run often reveal information that most businesses would not want exposed in an open forum

Source : Posting for help for business machines

Based on the installed programs, there is a possibility this laptop belong to the business usage/profesional use.
I just want to hear your explanation before we can proceed further. Otherwise, there is no help until we can get better clarification from you.

Reminder : If you ask for help and unknown to us while it's involves a business computer, you need to understand that any damages resulting from our advices are YOUR RESPONSIBILITY.

Here is the question :
What's the purpose of medical related programs on your laptop? Do you work as medical practitioner?

Next,
Checklist.
Please post.

• Response to our discussion

[PBZPartyballzPBZ]

Sorry I misunderstood your question. Yes, I am a medical practicioner and those programs are for medical use.

[xixo_12]

Hi,

Information.
Thank you for clarification about the purpose of this laptop/PC.
If I could point you in the direction of our rules, which state under Posting for help for business machine:

This forum was set up specifically to help home users, our volunteer helpers choose not to work on business machines.

Computers used in a business environment often have policies and other modifications made to them. It is impossible for us to differentiate these from ones that have been made by an infection, so in removing what we think is an infection, we may compromise the business set up of your computer.

The scans we run often reveal information that most businesses would not want exposed in an open forum, and there are other legal constraints and ramifications involved with business machines that we are not equipped or trained to deal with.

We will close any topic where we believe the computer is one that is used in a business environment, irrespective of whether that business is a large company or a small one man enterprise.

Source : Posting for help for business machines

Options:

• If it is a corporate computer, it is suggested that you take this issue to your IT department.
• If this is a personal computer used for business (personal or corporate), it is suggested that you take this issue to your IT department, or your local PC repair store.
• Please let me know you have read this so that the topic can be closed. I am sorry I can not be of further assistance.

Thank you for your understanding.

[PBZPartyballzPBZ]

My computer is a personal computer. It is NOT corporate/business. I am a student.

[Dakeyras]

As this issue involves either a company owned machine or a machine that is used for business purposes, it falls outside the scope of this forum. Therefore, this topic is now closed.

You can help support this site from this link :
Donations For Malware Removal