google redirect virus

April 19, 2010 at 18:38:58
Specs: Windows XP
I've seen this question asked a lot, but I realize the
solution is basically to the person asking the question,
so I'm going to ask again so I can post my scan
information when asked.
Can someone help me out on how to get this virus off?
I've had it before and removed it with a few programs
but none is working now. I have BitDefender 2010 and
it's not picking anything up, I think I have "Malware"..
everytime I search in google it redirects me to a
different page.

See More: google redirect virus

Report •

#1
April 19, 2010 at 19:05:59
Download DDS and save it to your desktop.
DDS.scr


Disable any script blocker if your Anti-Virus/Anti-Malware has it.
Once downloaded you can disconnect from the Internet and disable your Ant-Virus temporarily if needed.
Then double click dds.scr to run the tool.
When done, the DDS.txt will open.
Click Yes at the next prompt for Optional Scan.

When done, DDS will open two (2) logs:
1. DDS.txt
2. Attach.txt (do not zip just copy/paste)

Save both reports to your desktop then post them please.You may need to post in segments to get all the info to us as the logs may be to large to fit in one post.

Download TDSSKiller to your Desktop from the following link.

TDSSKiller

1. Extract the contents of TDSSKiller.zip to your Desktop.

2. Double click on TDSSKiller.exe to run it.

3. If it finds something and asks you what to do, follow the instructions to type in "delete".

4. When done, a log file should be created on your C: drive called TDSSKiller.txt(with time+date appended) please post this log in your next reply.

Please download Malwarebytes' Anti-Malware from one of these sites:

MalwareBytes1

MalwareBytes2

Rename the setup file, mbam-setup.exe, before you download it. To do that once the "enter name of file to save to" box appears as the download begins in the filename box rename mbam-setup.exe to tool.exe> click save.

1. Double Click tool.exe to install the application.
2. Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
3. If an update is found, it will download and install the latest version.
4. Once the program has loaded, select "Perform Quick Scan", then click Scan. The scan may take some time to finish,so please be patient.
5. When the scan is complete, click OK, then Show Results to view the results.
6. Make sure that everything found is checked, and click Remove Selected.
7. When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.
8. The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
9. Copy&Paste the entire report in your next reply.


Report •

#2
April 19, 2010 at 19:25:46
DDS.TXT reads..


DDS (Ver_10-03-17.01) - NTFSx86
Run by Chelz at 22:10:17.43 on Mon 04/19/2010
Internet Explorer: 7.0.5730.13
Microsoft Windows XP Home Edition
5.1.2600.3.1252.1.1033.18.1014.446 [GMT -4:00]

AV: BitDefender Antivirus *On-access scanning disabled*
(Updated) {6C4BB89C-B0ED-4F41-A29C-4373888923BB}
FW: BitDefender Firewall *disabled* {4055920F-2E99-48A8-
A270-4243D2B8F242}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\Common Files\BitDefender\BitDefender
Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device
Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe -k hpdevmgmt
C:\Program Files\Intel\Intel Matrix Storage
Manager\IAANTMon.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\Program Files\Acer\Acer VCM\RS_Service.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program
Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\PROGRA~1\COMMON~1\Stardock\SDMCP.exe
C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe
C:\Program Files\BitDefender\BitDefender
2010\seccenter.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Stardock\Object
Desktop\ObjectBar\ObjectBar.exe
C:\Program Files\Common Files\stardock\TrayServer.exe
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Safari\Safari.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Chelz\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/
mStart Page = hxxp://www.yahoo.com
uInternet Connection Wizard,ShellNext =
hxxp://homepage.acer.com/rdr.aspx?
b=ACAW&l=0409&s=0&o=xph&d=0210&m=aspire_one
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-
892f-0090271d4f88} - c:\program
files\yahoo!\companion\installs\cpn0\yt.dll
mWinlogon: UIHost=c:\windows\system32\logonuiX.exe
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-
7695eca05670} - c:\program
files\yahoo!\companion\installs\cpn0\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-
fa578c2ebdc3} - c:\program files\common
files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No
File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-
8ecc-5164760863c6} - c:\program files\common
files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-
bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-
bc86-eabfe594f69c} - c:\program
files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: OToolbarHelper Class: {ead3a971-6a23-4246-8691-
c9244e858967} - c:\program files\paypal\paypal plug-
in\PayPalHelper.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-
86f7ac245081} - c:\program
files\yahoo!\companion\installs\cpn0\YTSingleInstance.dll
TB: StylerToolBar: {d2f8f919-690b-4ea2-9fa7-a203d1e04f75} -
c:\program files\styler\tb\StylerTB.dll
TB: BitDefender Toolbar: {381ffde8-2394-4f90-b10d-
fc6124a40f8c} - c:\program files\bitdefender\bitdefender
2010\IEToolbar.dll
TB: PayPal Plug-In: {dc0f2f93-27fa-4f84-acaa-9416f90b9511}
- c:\program files\paypal\paypal plug-in\OToolbar.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88}
- c:\program files\yahoo!\companion\installs\cpn0\yt.dll
uRun: [uTorrent] "c:\program files\utorrent\uTorrent.exe"
uRun: [H/PC Connection Agent] "c:\program files\microsoft
activesync\wcescomm.exe"
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [1A:Stardock TrayMonitor] "c:\program files\common
files\stardock\TrayServer.exe"
mRun: [IAAnotif] c:\program files\intel\intel matrix storage
manager\iaanotif.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [AzMixerSel] c:\program
files\realtek\audio\drivers\AzMixerSel.exe
mRun: [SynTPEnh] c:\program
files\synaptics\syntp\SynTPEnh.exe
mRun: [LManager] c:\progra~1\launch~1\LManager.exe
mRun: [Adobe Reader Speed Launcher] "c:\program
files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [IMJPMIG8.1]
"c:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef
/Migration32
mRun: [MSPY2002]
c:\windows\system32\ime\pintlgnt\ImScInst.exe /SYNC
mRun: [PHIME2002ASync]
c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNC
mRun: [PHIME2002A]
c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMEName
mRun: [HP Software Update] c:\program files\hp\hp software
update\HPWuSchd2.exe
mRun: [BDAgent] "c:\program files\bitdefender\bitdefender
2010\bdagent.exe"
mRun: [BitDefender Antiphishing Helper] "c:\program
files\bitdefender\bitdefender 2010\IEShow.exe"
mRun: [AdobeCS4ServiceManager] "c:\program
files\common
files\adobe\cs4servicemanager\CS4ServiceManager.exe" -
launchedbylogin
mRun: [SunJavaUpdateSched] "c:\program files\common
files\java\java update\jusched.exe"
mRun: [LogonStudio] "c:\program
files\wincustomize\logonstudio\logonstudio.exe" /RANDOM
mRun: [QuickTime Task] "c:\program
files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program
files\itunes\iTunesHelper.exe"
StartupFolder:
c:\docume~1\chelz\startm~1\programs\startup\onenot~1.lnk
- c:\program files\microsoft office\office12\ONENOTEM.EXE
StartupFolder:
c:\docume~1\chelz\startm~1\programs\startup\roller~1.lnk -
c:\documents and settings\chelz\local
settings\temp\{57c4db74-a186-41f3-a629-
9777f84a1c9c}\{907b4640-266b-4a21-92fb-
cd1a86cd0f63}\ATR1.exe
StartupFolder:
c:\docume~1\chelz\startm~1\programs\startup\roller~2.lnk -
c:\documents and settings\chelz\local
settings\temp\{9cbed835-5dd3-4c02-9760-
c76fe56a0892}\{45653847-497f-47bb-a878-
46fbde34a3e0}\ATR1.exe
StartupFolder:
c:\docume~1\chelz\startm~1\programs\startup\stardo~2.lnk -
c:\program files\stardock\object
desktop\objectbar\ObjectBar.exe
StartupFolder:
c:\docume~1\chelz\startm~1\programs\startup\stardo~1.lnk -
c:\program files\stardock\objectdock\ObjectDock.exe
StartupFolder:
c:\docume~1\chelz\startm~1\programs\startup\styler.lnk -
c:\docume~1\chelz\applic~1\microsoft\installer\{e9ecf354-
2422-4fdb-9abf-d8adac0ef941}\_585b207a.exe
StartupFolder:
c:\docume~1\chelz\startm~1\programs\startup\yahoo!~1.lnk
- c:\program files\yahoo!\widgets\YahooWidgets.exe
StartupFolder:
c:\docume~1\alluse~1\startm~1\programs\startup\acervc~1.l
nk - c:\program files\acer\acer vcm\AcerVCM.exe
StartupFolder:
c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.l
nk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
IE: E&xport to Microsoft Excel -
c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} -
%windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} -
c:\program files\messenger\msmsgs.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} -
{5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program
files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-
E1D6-4330-914C-F5F514E3486C} -
c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} -
{2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} -
c:\progra~1\mi3aa1~1\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} -
{2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} -
c:\progra~1\mi3aa1~1\INetRepl.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} -
{FF059E31-CC5A-4E2E-BF3B-96E929D65503} -
c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {17492023-C23A-453E-A040-C7C580BBF700} -
hxxp://download.microsoft.com/download/E/5/6/E5611B10-
0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program
files\yahoo!\common\Yinsthelper.dll
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} -
hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} -
hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-
i586.cab
DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} -
hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-
i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} -
hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-
i586.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-
1830C7DD7F5D} - c:\program files\acer\acer
vcm\Skype4COM.dll
Notify: !SASWinLogon - c:\program
files\superantispyware\SASWINLO.dll
Notify: igfxcui - igfxdev.dll
Notify: MCPClient -
c:\progra~1\common~1\stardock\mcpstub.dll
SSODL: 0aMCPClient - {F5DF91F9-15E9-416B-A7C3-
7519B11ECBFC} -
c:\progra~1\common~1\stardock\MCPCore.dll
SSODL: IconPackager Repair - {1799460C-0BC8-4865-
B9DF-4A36CD703FF0} - c:\program files\stardock\object
desktop\iconpackager\iprepair.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-
94D524869DB5} -
c:\windows\system32\WPDShServiceObj.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-
853a-ebb7f4a000da} - c:\program
files\superantispyware\SASSEH.DLL

============= SERVICES / DRIVERS
===============

R1 SASDIFSV;SASDIFSV;c:\program
files\superantispyware\sasdifsv.sys [2010-2-17 12872]
R1 SASKUTIL;SASKUTIL;c:\program
files\superantispyware\SASKUTIL.SYS [2010-2-17 66632]
R2 BDVEDISK;BDVEDISK;c:\program
files\bitdefender\bitdefender 2010\bdvedisk.sys [2009-4-1
83208]
R2 RS_Service;Raw Socket Service;c:\program
files\acer\acer vcm\RS_Service.exe [2009-3-12 237568]
R3 bdfm;BDFM;c:\windows\system32\drivers\bdfm.sys
[2009-6-29 153448]
R3 Bdfndisf;BitDefender Firewall NDIS Filter
Service;c:\windows\system32\drivers\bdfndisf.sys [2009-8-6
110984]
R3 L1c;NDIS Miniport Driver for Atheros AR8131/AR8132
PCI-E Ethernet
Controller;c:\windows\system32\drivers\l1c51x86.sys [2009-
3-3 38912]
R3 M3000Srv;USB2.0 UVC WebCam
Driver;c:\windows\system32\drivers\M3000KNT.sys [2010-2-
16 145408]
S2 McShield;McAfee Real-time
Scanner;c:\progra~1\mcafee\viruss~1\mcshield.exe -->
c:\progra~1\mcafee\viruss~1\mcshield.exe [?]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys
[2009-3-12 1684736]
S3 Arrakis3;BitDefender Arrakis Server;c:\program
files\common files\bitdefender\bitdefender arrakis
server\bin\arrakis3.exe [2009-6-25 183880]
S3 McSysmon;McAfee
SystemGuards;c:\progra~1\mcafee\viruss~1\mcsysmon.exe
--> c:\progra~1\mcafee\viruss~1\mcsysmon.exe [?]
S3 PTSimBus;PenTablet Bus
Enumerator;c:\windows\system32\drivers\ptsimbus.sys -->
c:\windows\system32\drivers\PTSimBus.sys [?]
S3 PTSimHid;PenTablet Simulated HID
MiniDriver;c:\windows\system32\drivers\ptsimhid.sys -->
c:\windows\system32\drivers\PTSimHid.sys [?]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card
Reader;c:\windows\system32\drivers\RtsUStor.sys [2009-3-
12 162816]
S3 Rts516xIR;Realtek IR
Driver;c:\windows\system32\drivers\rts516xir.sys -->
c:\windows\system32\drivers\Rts516xIR.sys [?]
S3 SASENUM;SASENUM;c:\program
files\superantispyware\SASENUM.SYS [2010-2-17 12872]

=============== Created Last 30 ================

2010-04-20 01:20:49 0 d-s---w- C:\ComboFix
2010-04-19 20:48:32 0 d-----w- c:\program
files\common files\Scanner
2010-04-18 08:34:10 0 d-----w-
c:\docume~1\alluse~1\applic~1\Scrabble2009
2010-04-18 04:39:21 0 d-----w-
c:\docume~1\chelz\applic~1\Pogo
2010-04-18 04:39:21 0 d-----w-
c:\docume~1\alluse~1\applic~1\Pogo
2010-04-18 04:38:31 0 d-----w-
c:\docume~1\alluse~1\applic~1\Oberon Media
2010-04-18 04:37:34 0 d-----w- c:\program
files\Oberon Media
2010-04-18 03:49:19 0 d-----w-
c:\docume~1\alluse~1\applic~1\SUPERAntiSpyware.com
2010-04-18 03:49:01 0 d-----w- c:\program
files\SUPERAntiSpyware
2010-04-18 03:49:01 0 d-----w-
c:\docume~1\chelz\applic~1\SUPERAntiSpyware.com
2010-04-18 02:48:02 38224 ----a-w-
c:\windows\system32\drivers\mbamswissarmy.sys
2010-04-18 02:47:56 20824 ----a-w-
c:\windows\system32\drivers\mbam.sys
2010-04-16 01:01:37 39424 ----a-w-
c:\windows\zipinst.exe
2010-04-15 07:04:52 221184 ----a-w-
c:\windows\system32\wmpns.dll
2010-04-14 06:22:27 0 d-----w- c:\program files\iPod
2010-04-14 06:22:01 0 d-----w- c:\program
files\iTunes
2010-04-14 06:22:01 0 d-----w-
c:\docume~1\alluse~1\applic~1\{429CAD59-35B1-4DBC-
BB6D-1DB246563521}
2010-04-14 05:58:20 0 d-----w- c:\program
files\Bonjour
2010-04-13 04:50:53 0 d-----w- c:\program files\EA
SPORTS
2010-04-10 05:42:59 0 d-----w- c:\program
files\common files\Software Update Utility
2010-04-09 06:28:04 303 ----a-w-
c:\windows\ST6UNST.005
2010-04-09 06:25:49 303 ----a-w-
c:\windows\ST6UNST.004
2010-04-09 06:25:27 303 ----a-w-
c:\windows\ST6UNST.003
2010-04-09 06:25:21 303 ----a-w-
c:\windows\ST6UNST.002
2010-04-09 06:20:14 303 ----a-w-
c:\windows\ST6UNST.001
2010-04-09 06:20:01 3600 ----a-w-
c:\windows\SETUP.LST
2010-04-09 06:20:01 303 ----a-w-
c:\windows\ST6UNST.000
2010-04-07 09:17:12 0 d-----w-
c:\docume~1\chelz\applic~1\Mobipocket
2010-04-06 01:10:22 0 d-----w-
c:\docume~1\chelz\applic~1\Lionhead Studios
2010-04-05 22:56:16 0 d-----w- c:\program
files\Lionhead Studios Ltd
2010-04-05 22:56:16 0 d-----w-
c:\docume~1\alluse~1\applic~1\Lionhead Studios
2010-04-05 21:31:13 0 d-----w- c:\program
files\Lionhead Studios
2010-03-29 04:46:30 4354048 ----a-w- c:\documents
and settings\chelz\ntuser.tmp
2010-03-27 02:43:58 0 d-----w-
c:\docume~1\chelz\applic~1\Final Draft
2010-03-27 02:40:38 4169728 ----a-r-
c:\windows\system32\cdintf400.dll
2010-03-27 02:40:09 0 d-----w- c:\program files\Final
Draft Tagger
2010-03-27 02:39:59 0 d-----w-
c:\docume~1\alluse~1\applic~1\Final Draft
2010-03-27 02:39:34 0 d-----w- c:\program files\Final
Draft 8
2010-03-27 02:38:42 0 d-----w- c:\program
files\common files\Wise Installation Wizard

==================== Find3M
====================

2010-04-20 01:24:40 0 ----a-w-
c:\windows\system32\drivers\asc3350p.sys
2010-04-17 00:27:06 59072 ---ha-w-
c:\windows\system32\mlfcache.dat
2010-04-01 14:04:50 110984 ----a-w-
c:\windows\system32\drivers\bdfndisf.sys
2010-04-01 14:04:41 291352 ----a-w-
c:\windows\system32\drivers\bdfsfltr.sys
2010-03-16 19:00:44 4585472 ----a-w-
c:\windows\system32\logonuiX.exe
2010-03-12 22:02:38 261632 ----a-w-
c:\windows\PEV.exe
2010-03-11 12:38:54 832512 ----a-w-
c:\windows\system32\wininet.dll
2010-03-11 12:38:52 78336 ----a-w-
c:\windows\system32\ieencode.dll
2010-03-11 12:38:51 17408 ----a-w-
c:\windows\system32\corpol.dll
2010-03-09 11:09:18 430080 ----a-w-
c:\windows\system32\vbscript.dll
2010-03-03 10:00:44 153448 ----a-w-
c:\windows\system32\drivers\bdfm.sys
2010-03-03 10:00:44 106464 ----a-w-
c:\windows\system32\drivers\bdhv.sys
2010-03-03 02:07:15 312344 ----a-w-
c:\windows\system32\drivers\iaStor.sys
2010-03-02 23:36:19 411368 ----a-w-
c:\windows\system32\deploytk.dll
2010-03-02 08:03:37 5642 --sha-w-
c:\docume~1\alluse~1\applic~1\KGyGaAvL.sys
2010-03-01 13:55:20 9464 ------w-
c:\windows\system32\drivers\cdralw2k.sys
2010-03-01 13:55:20 9336 ------w-
c:\windows\system32\drivers\cdr4_xp.sys
2010-02-27 03:21:16 98304 ----a-w-
c:\windows\system32\CmdLineExt.dll
2010-02-26 04:44:57 88 --sh--r-
c:\docume~1\alluse~1\applic~1\A9DBC5FE27.sys
2010-02-24 13:11:07 455680 ----a-w-
c:\windows\system32\drivers\mrxsmb.sys
2010-02-20 21:42:00 139619 ----a-w-
c:\windows\hpoins15.dat
2010-02-16 14:08:49 2146304 ------w-
c:\windows\system32\ntoskrnl.exe
2010-02-16 13:25:04 2024448 ------w-
c:\windows\system32\ntkrnlpa.exe
2010-02-16 07:12:47 2575 ----a-w-
c:\windows\CLEANUP.CMD
2010-02-16 05:58:47 218624 ----a-w-
c:\windows\system32\uxtheme.dll
2010-02-12 15:46:14 91424 ----a-w-
c:\windows\system32\dnssd.dll
2010-02-12 15:46:14 107808 ----a-w-
c:\windows\system32\dns-sd.exe
2010-02-12 04:33:11 100864 ----a-w-
c:\windows\system32\6to4svc.dll
2009-03-12 05:16:13 32768 --sha-w-
c:\windows\system32\config\systemprofile\local
settings\application data\microsoft\feeds cache\index.dat

============= FINISH: 22:12:04.79 ===============


ATTATCH.txt reads

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-03-17.01)

Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume2
Install Date: 2/16/2010 2:08:47 AM
System Uptime: 4/19/2010 8:27:05 PM (2 hours ago)

Motherboard: Acer | | Aspire one
Processor: Intel(R) Atom(TM) CPU N270 @ 1.60GHz | CPU | 1595/533mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 142 GiB total, 82.755 GiB free.
D: is CDROM ()

==== Disabled Device Manager Items =============

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Atheros AR5007EG Wireless Network Adapter
Device ID: PCI\VEN_168C&DEV_001C&SUBSYS_E00D105B&REV_01\4&192AC53F&0&00E0
Manufacturer: Atheros
Name: Atheros AR5007EG Wireless Network Adapter
PNP Device ID: PCI\VEN_168C&DEV_001C&SUBSYS_E00D105B&REV_01\4&192AC53F&0&00E0
Service: AR5416

==== System Restore Points ===================

RP71: 3/3/2010 3:03:52 AM - System Checkpoint
RP72: 3/4/2010 3:00:27 AM - Software Distribution Service 3.0
RP73: 3/5/2010 5:36:16 AM - System Checkpoint
RP74: 3/6/2010 5:43:46 AM - System Checkpoint
RP75: 3/7/2010 6:48:30 AM - System Checkpoint
RP76: 3/8/2010 7:06:28 AM - System Checkpoint
RP78: 3/10/2010 1:25:33 PM - System Checkpoint
RP79: 3/11/2010 3:00:19 AM - Software Distribution Service 3.0
RP80: 3/11/2010 5:23:56 PM - Installed Autodesk SketchBookPro 2010 R1
RP81: 3/12/2010 5:42:58 PM - System Checkpoint
RP82: 3/13/2010 6:10:40 PM - System Checkpoint
RP83: 3/14/2010 1:21:16 PM - Installed 3D Home Architect Design Suite Deluxe 8
RP84: 3/14/2010 4:35:08 PM - Installed Project64 1.6
RP85: 3/15/2010 6:56:00 PM - System Checkpoint
RP88: 3/18/2010 10:19:20 AM - Configured PowerDirector
RP94: 3/20/2010 12:06:38 PM - System Checkpoint
RP95: 3/21/2010 6:44:40 PM - System Checkpoint
RP96: 3/22/2010 9:30:02 PM - System Checkpoint
RP97: 3/24/2010 1:41:22 AM - Installed DirectX
RP98: 3/25/2010 1:50:48 AM - System Checkpoint
RP99: 3/26/2010 4:03:31 AM - System Checkpoint
RP102: 3/26/2010 10:39:31 PM - Installed Final Draft
RP103: 3/26/2010 10:40:53 PM - Printer Driver Amyuni Document Converter 400 Installed
RP104: 3/27/2010 11:12:11 PM - System Checkpoint
RP105: 3/29/2010 4:22:08 AM - System Checkpoint
RP106: 3/30/2010 4:52:02 AM - System Checkpoint
RP107: 3/31/2010 6:32:07 AM - Software Distribution Service 3.0
RP108: 4/1/2010 6:37:11 AM - System Checkpoint
RP109: 4/2/2010 7:37:20 AM - System Checkpoint
RP110: 4/3/2010 8:00:00 AM - System Checkpoint
RP111: 4/4/2010 8:59:58 AM - System Checkpoint
RP112: 4/5/2010 9:59:58 AM - System Checkpoint
RP119: 4/8/2010 6:39:05 AM - System Checkpoint
RP125: 4/10/2010 7:06:09 PM - System Checkpoint
RP126: 4/11/2010 8:07:52 PM - System Checkpoint
RP127: 4/12/2010 11:05:14 PM - System Checkpoint
RP129: 4/14/2010 2:48:59 AM - System Checkpoint
RP130: 4/15/2010 3:00:38 AM - Software Distribution Service 3.0
RP133: 4/16/2010 6:27:19 PM - System Checkpoint
RP134: 4/17/2010 11:48:59 PM - Installed SUPERAntiSpyware Professional
RP135: 4/18/2010 2:04:29 AM - Installed DirectX
RP136: 4/19/2010 3:03:37 AM - System Checkpoint

==== Installed Programs ======================

2007 Microsoft Office Suite Service Pack 1 (SP1)
32 Bit HP CIO Components Installer
3D Home Architect Design Suite Deluxe 8
AAC Decoder
AC3Filter (remove only)
Acer ScreenSaver
Acer VCM
Acrobat.com
Adobe AIR
Adobe Anchor Service CS4
Adobe Bridge CS4
Adobe CMaps CS4
Adobe Color - Photoshop Specific CS4
Adobe Color EU Extra Settings CS4
Adobe Color JA Extra Settings CS4
Adobe Color NA Recommended Settings CS4
Adobe Color Video Profiles CS CS4
Adobe CSI CS4
Adobe Default Language CS4
Adobe Device Central CS4
Adobe Drive CS4
Adobe ExtendScript Toolkit CS4
Adobe Extension Manager CS4
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Fonts All
Adobe Illustrator CS4
Adobe InDesign CS4
Adobe InDesign CS4 Application Feature Set Files (Roman)
Adobe InDesign CS4 Common Base Files
Adobe InDesign CS4 Icon Handler
Adobe Linguistics CS4
Adobe Media Player
Adobe Output Module
Adobe PDF Library Files CS4
Adobe Photoshop CS4
Adobe Photoshop CS4 Support
Adobe Reader 9
Adobe Search for Help
Adobe Service Manager Extension
Adobe Setup
Adobe SGM CS4
Adobe SING CS4
Adobe Type Support CS4
Adobe Update Manager CS4
Adobe WinSoft Linguistics Plugin
Adobe XMP Panels CS4
AdobeColorCommonSetCMYK
AdobeColorCommonSetRGB
AIO_Scan
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Ares 2.1.5
Atheros Driver Installation Program
AutoUpdate
BitDefender Internet Security 2010
Bonjour
BufferChm
C4200
C4200_doccd
c4200_Help
Choice Guard
Compatibility Pack for the 2007 Office system
Connect
Copy
Destination Component
DeviceDiscovery
DeviceManagementQFolder
DivX Codec
DivX Converter
DivX Player
DivX Plus DirectShow Filters
DivX Plus Web Player
DivX Version Checker
DocProc
DocProcQFolder
Download Updater (AOL LLC)
Facebook Plug-In
Final Draft
H.264 Decoder
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows XP (KB932716-v2)
Hotfix for Windows XP (KB949764)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB954708)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
HP Imaging Device Functions 9.0
HP OCR Software 9.0
HP Photosmart All-In-One Software 9.0
HP Photosmart Essential 2.01
HP Photosmart Essential2.01
HP Update
HPSSupply
IconPackager
Intel(R) Graphics Media Accelerator Driver
IntelĀ® Matrix Storage Manager
iTunes
Jasc Paint Shop Pro 9
Java Auto Updater
Java(TM) 6 Update 18
Junk Mail filter update
Launch Manager
Malwarebytes' Anti-Malware
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft ActiveSync
Microsoft Application Error Reporting
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft National Language Support Downlevel APIs
Microsoft Office Excel MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office Home and Student 2007 Trial
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Suite Activation Assistant
Microsoft Office Word MUI (English) 2007
Microsoft Software Update for Web Folders (English) 12
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Works
MKV Splitter
Mozilla Thunderbird (3.0.4)
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
ObjectBar
ObjectDock Plus
PDF Settings CS4
PS_AIO_ProductContext
PS_AIO_Software
PS_AIO_Software_min
PSSWCORE
QuickTime
Realtek High Definition Audio Driver
Safari
Scan
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB978207)
Security Update for Windows Media Encoder (KB954156)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB979402)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB981349)
Segoe UI
SmartSound Common Data
SmartSound Quicktracks 5
Status
Styler
Suite Shared Configuration CS4
SUPERAntiSpyware Professional
Synaptics Pointing Device Driver
Toolbox
TrayApp
Trillian
UnloadSupport
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Office 2007 (KB946691)
Update for Windows Internet Explorer 7 (KB980182)
Update for Windows XP (KB898461)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
USB2.0 Card Reader Software
VC80CRTRedist - 8.0.50727.4053
VideoToolkit01
WebCam
WebFldrs XP
WebReg
Windows Internet Explorer 7
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
Windows Live Writer
Windows Media Encoder 9 Series
Windows Media Format 11 runtime
WinRAR archiver
Yahoo! Anti-Spy
Yahoo! Install Manager
Yahoo! Messenger
Yahoo! Software Update
Yahoo! Toolbar
Yahoo! Widgets

==== Event Viewer Messages From Past Week ========

4/19/2010 7:29:10 AM, error: Service Control Manager [7034] - The BitDefender Virus Shield service terminated unexpectedly. It has done this 1 time(s).
4/19/2010 5:33:58 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: bdfsfltr Fips intelppm SASDIFSV SASKUTIL
4/19/2010 5:33:55 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
4/19/2010 5:33:16 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
4/19/2010 5:33:10 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
4/15/2010 4:41:33 AM, error: Service Control Manager [7023] - The Application Management service terminated with the following error: The specified module could not be found.
4/15/2010 4:16:12 PM, error: Service Control Manager [7000] - The McAfee Real-time Scanner service failed to start due to the following error: The system cannot find the path specified.

==== End Of File ===========================


Report •
Related Solutions


Ask Question