Redirected seach engine

Dell / DIMENSION 3000
April 26, 2010 at 22:02:38
Specs: Microsoft Windows XP Home Edition, 2.793 GHz / 509 MB
I have been cleaning my computer from all malware, spyware, viruses, etc. The computer is working fine now everything back to normal. The only thing is the redirection on the search engine. Am stuck, don't know what to do next. Perfectly good computer, just that minor problem, I have a feeling im so close to getting rid of it. Could anyone help?

Have used spybot, spysweep, malwarebytes, mcafee, avg, superantispyware, hitman pro......well you get the picture.


See More: Redirected seach engine

Report •

#1
April 27, 2010 at 00:40:05
Download DDS and save it to your desktop.
DDS.scr


Disable any script blocker if your Anti-Virus/Anti-Malware has it.
Once downloaded you can disconnect from the Internet and disable your Ant-Virus temporarily if needed.
Then double click dds.scr to run the tool.
When done, the DDS.txt will open.
Click Yes at the next prompt for Optional Scan.

When done, DDS will open two (2) logs:
1. DDS.txt
2. Attach.txt (do not zip just copy/paste)

Save both reports to your desktop then post them please.You may need to post in segments to get all the info to us as the logs may be to large to fit in one post.

Download TDSSKiller to your Desktop from the following link.

TDSSKiller

1. Extract the contents of TDSSKiller.zip to your Desktop.

2. Double click on TDSSKiller.exe to run it.

3. If it finds something and asks you what to do, follow the instructions to type in "delete".

4. When done, a log file should be created on your C: drive called TDSSKiller.txt(with time+date appended) please post this log in your next reply.


Report •

#2
April 27, 2010 at 16:57:39
1st thing i want to do is disable any script blocker:

How would i do that? I have the following installed:

Unhackme
HijackThis
McAfee
Spybot
& Firefox as my search engine

Thanks.


Report •

#3
April 27, 2010 at 17:57:25
They probably will not work.

Click on This Link to see a list of programs that should be disabled. The list is not all inclusive but has many realtime antispyware and antivirus programs listed.


Report •

Related Solutions

#4
April 27, 2010 at 19:46:37
I ran DDS.SCR


DDS (Ver_10-03-17.01)

Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume2
Install Date: 3/17/2005 6:30:36 PM
System Uptime: 4/27/2010 7:33:19 PM (1 hours ago)

Motherboard: Dell Computer Corp. | | 0K8980
Processor: Intel(R) Pentium(R) 4 CPU 2.80GHz | Microprocessor | 2793/533mhz

==== Disk Partitions =========================

A: is Removable
C: is FIXED (NTFS) - 71 GiB total, 30.664 GiB free.
D: is CDROM ()
E: is CDROM ()

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP1689: 4/14/2010 7:45:47 PM - Restore Operation
RP1690: 4/14/2010 8:07:46 PM - Restore Operation
RP1691: 4/14/2010 9:32:31 PM - Restore Operation
RP1692: 4/15/2010 10:09:48 AM - Software Distribution Service 3.0
RP1693: 4/15/2010 10:46:11 AM - Removed Système-D
RP1694: 4/16/2010 7:28:03 AM - Software Distribution Service 3.0
RP1695: 4/16/2010 9:47:51 PM - Software Distribution Service 3.0
RP1696: 4/17/2010 3:00:45 AM - Software Distribution Service 3.0
RP1697: 4/18/2010 3:01:44 AM - Software Distribution Service 3.0
RP1698: 4/18/2010 5:58:16 PM - Software Distribution Service 3.0
RP1699: 4/18/2010 7:20:21 PM - Software Distribution Service 3.0
RP1700: 4/18/2010 7:35:02 PM - Removed Java(TM) 6 Update 18
RP1701: 4/18/2010 7:39:06 PM - Installed Java(TM) 6 Update 20
RP1702: 4/18/2010 9:45:06 PM - Removed Ad-Aware Email Scanner for Outlook
RP1703: 4/19/2010 8:43:21 AM - Software Distribution Service 3.0
RP1704: 4/19/2010 9:41:23 AM - Software Distribution Service 3.0
RP1705: 4/19/2010 5:49:14 PM - Software Distribution Service 3.0
RP1706: 4/19/2010 5:52:19 PM - Software Distribution Service 3.0
RP1707: 4/20/2010 5:50:21 AM - Software Distribution Service 3.0
RP1708: 4/21/2010 9:03:01 AM - Software Distribution Service 3.0
RP1709: 4/22/2010 8:29:48 AM - Software Distribution Service 3.0
RP1710: 4/23/2010 3:01:52 AM - Software Distribution Service 3.0
RP1711: 4/24/2010 9:21:57 AM - Software Distribution Service 3.0
RP1712: 4/24/2010 7:30:18 PM - Installed Windows Defender
RP1713: 4/24/2010 7:52:20 PM - Removed Windows Defender
RP1714: 4/24/2010 11:21:10 PM - Installed SUPERAntiSpyware Free Edition
RP1715: 4/25/2010 3:00:35 AM - Software Distribution Service 3.0
RP1716: 4/25/2010 12:12:11 PM - Restore Operation
RP1717: 4/25/2010 12:22:57 PM - Restore Operation
RP1718: 4/25/2010 12:39:42 PM - Restore Operation
RP1719: 4/26/2010 3:00:35 AM - Software Distribution Service 3.0
RP1720: 4/26/2010 7:41:42 AM - Removed SUPERAntiSpyware Free Edition
RP1721: 4/26/2010 11:22:07 PM - RegRun Virus Scan
RP1722: 4/26/2010 11:42:07 PM - RegRun Virus Scan
RP1723: 4/26/2010 11:45:52 PM - Installed HiJackThis
RP1724: 4/27/2010 4:38:22 PM - Software Distribution Service 3.0
RP1725: 4/27/2010 4:41:25 PM - RegRun Virus Scan

==== Installed Programs ======================

Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 7.0
Amazon MP3 Downloader 1.0.5
Anti-Spyware (PestPatrol)
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Authentium Web Install Helper
Bonjour
CCleaner
Client Intake Module
ColorDesk Photo
Critical Update for Windows Media Player 11 (KB959772)
Dell Digital Jukebox Driver
Dell Driver Reset Tool
Dell Media Experience
Dell Picture Studio v3.0
Dell System Restore
DellSupport
DING!
EarthLink setup files
First Step Guide
Garmin Communicator Plugin
Garmin USB Drivers
HiJackThis
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
HP Driver Diagnostics
hp officejet 6100 series
HP Photo and Imaging 2.0 - All-in-One
HP Photo and Imaging 2.0 - All-in-One Drivers
HP Photo and Imaging 2.0 - hp officejet 6100 series
Intel(R) 537EP V9x DF PCI Modem
Intel(R) Extreme Graphics 2 Driver
Intel(R) PRO Network Adapters and Drivers
Intel(R) PROSet for Wired Connections
Internet Explorer Default Page
iTunes
Jasc Paint Shop Photo Album 5
Java Auto Updater
Java(TM) 6 Update 20
McAfee SecurityCenter
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB886903)
Microsoft Application Error Reporting
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Plus! Photo Story 2 LE
Microsoft Silverlight
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Web Publishing Wizard 1.52
Microsoft WSE 2.0 SP3 Runtime
Modem Event Monitor
Modem Helper
Modem On Hold
Move Media Player
Mozilla Firefox (3.6.3)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
My Way Search Assistant
OpenOffice.org 3.2
Picture Package
Point
PowerDVD 5.3
PrintMaster 7.00
QuickTime
RegRun Reanimator
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB981349)
Spybot - Search & Destroy
TrueType Font Installer
UnHackMe 5.80 release
Update for Windows Internet Explorer 7 (KB980182)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Viewpoint Media Player
Virtual DJ - Atomix Productions
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
Watchtower Library 2009 - español
Watchtower Library 2009 - Français
Web Filtering (Base)
WebFldrs XP
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (03/08/2007 2.2.1.0)
Windows Genuine Advantage Notifications (KB905474)
Windows Installer Clean Up
Windows Internet Explorer 7
Windows Media Format 11 runtime
Windows Media Player 10
Windows Media Player 11
Windows System Scanner
Windows XP Service Pack 3
WordPerfect Office 12

==== Event Viewer Messages From Past Week ========

4/27/2010 7:10:49 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Fips intelppm
4/27/2010 4:36:21 PM, error: Dhcp [1002] - The IP address lease 72.223.5.135 for the Network Card with network address 001111E91B4D has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).
4/27/2010 4:22:52 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the stisvc service.
4/26/2010 9:37:47 PM, error: Service Control Manager [7000] - The Yahoo! Updater service failed to start due to the following error: The system cannot find the path specified.
4/26/2010 9:37:20 PM, error: Ftdisk [49] - Configuring the Page file for crash dump failed. Make sure there is a page file on the boot partition and that is large enough to contain all physical memory.
4/26/2010 9:37:20 PM, error: Ftdisk [45] - The system could not sucessfully load the crash dump driver.
4/26/2010 7:42:25 AM, error: Service Control Manager [7023] - The Application Management service terminated with the following error: The specified module could not be found.
4/26/2010 7:42:02 AM, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for Start with the following error: Illegal operation attempted on a registry key that has been marked for deletion.
4/26/2010 7:41:55 AM, error: Service Control Manager [7000] - The SASDIFSV service failed to start due to the following error: Cannot create a file when that file already exists.
4/26/2010 3:06:57 AM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Microsoft .NET Framework 1.1 Service Pack 1 Security Update for Windows 2000, Windows XP, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2 (KB953297).
4/26/2010 11:05:04 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD Fips intelppm IPSec mfehidk MPFP MRxSmb NetBIOS NetBT RasAcd Rdbss Tcpip
4/26/2010 10:48:22 PM, error: Service Control Manager [7034] - The Webroot Spy Sweeper Engine service terminated unexpectedly. It has done this 1 time(s).
4/26/2010 10:48:22 PM, error: PlugPlayManager [11] - The device Root\LEGACY_SSIDRV\0000 disappeared from the system without first being prepared for removal.
4/26/2010 10:48:22 PM, error: PlugPlayManager [11] - The device Root\LEGACY_SSHRMD\0000 disappeared from the system without first being prepared for removal.
4/26/2010 10:48:22 PM, error: PlugPlayManager [11] - The device Root\LEGACY_SSFS0BB9\0000 disappeared from the system without first being prepared for removal.
4/25/2010 4:33:18 AM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the mcmscsvc service.
4/25/2010 2:44:18 PM, error: Service Control Manager [7034] - The PC Tools Security Service service terminated unexpectedly. It has done this 1 time(s).
4/25/2010 2:01:41 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the PC Tools Security Service service to connect.
4/25/2010 2:01:41 PM, error: Service Control Manager [7000] - The PC Tools Security Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/25/2010 11:03:33 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Webroot Spy Sweeper Engine service to connect.
4/25/2010 11:03:33 PM, error: Service Control Manager [7000] - The Webroot Spy Sweeper Engine service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/25/2010 1:57:43 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
4/25/2010 1:57:26 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service McAfee SiteAdvisor Service with arguments "" in order to run the server: {5A90F5EE-16B8-4C2A-81B3-FD5329BA477C}
4/25/2010 1:55:26 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service McNASvc with arguments "" in order to run the server: {24F616A1-B755-4053-8018-C3425DC8B68A}
4/25/2010 1:54:59 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
4/25/2010 1:54:07 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD Fips intelppm IPSec mfehidk MPFP MRxSmb NetBIOS NetBT RasAcd Rdbss SASDIFSV SASKUTIL Tcpip WS2IFSL
4/25/2010 1:54:07 PM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.
4/25/2010 1:54:07 PM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
4/25/2010 1:54:07 PM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
4/25/2010 1:54:07 PM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
4/25/2010 1:54:07 PM, error: Service Control Manager [7001] - The Bonjour Service service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
4/25/2010 1:54:07 PM, error: Service Control Manager [7001] - The Apple Mobile Device service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
4/24/2010 10:33:54 PM, error: Service Control Manager [7031] - The McAfee Real-time Scanner service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

==== End Of File ===========================


Report •

#5
April 27, 2010 at 20:37:49
DDS (Ver_10-03-17.01) - NTFSx86
Run by Gaxiola's at 20:27:03.03 on Tue 04/27/2010
Internet Explorer: 7.0.5730.11 BrowserJavaVersion: 1.6.0_20
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.510.128 [GMT -7:00]

AV: McAfee VirusScan *On-access scanning disabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
AV: Cox Security Suite Anti-Virus *On-access scanning disabled* (Outdated) {2565CEEE-6BDB-4A6D-AD6D-F682F2695014}
FW: McAfee Personal Firewall *enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\WINDOWS\system32\ctfmon.exe
svchost.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposol08.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\WINDOWS\system32\wuauclt.exe
c:\PROGRA~1\mcafee\msc\mcshell.exe
C:\Documents and Settings\Gaxiola's\My Documents\Downloads\dds(4).scr

============== Pseudo HJT Report ===============

uLocal Page = \blank.htm
uStart Page = hxxp://www.google.com/
uDefault_Page_URL = hxxp://www.yahoo.com/?fr=fp-yie8
uWindow Title = Windows Internet Explorer provided by Yahoo!
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local;<local>
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn2\yt.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn2\yt.dll
BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: {3C7195F6-D788-4D50-BA72-2EE212EDAC78} - No File
BHO: {3e61cec3-0805-0eaf-0a66-5300beb38dcf} - c:\windows\system32\izm.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\mcafee\virusscan\scriptsn.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: {2C0A5F28-48D8-408B-9172-9C6121025BCE} - No File
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn2\yt.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
uRun: [DellSupport] "c:\program files\dellsupport\DSAgnt.exe" /startup
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Messenger (Yahoo!)] "c:\program files\yahoo!\messenger\YahooMessenger.exe" -quiet
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [mcagent_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
mRun: [RealTray] c:\program files\real\realplayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
mRun: [MMTray] "c:\program files\musicmatch\musicmatch jukebox\mm_tray.exe"
mRun: [MimBoot] c:\progra~1\musicm~1\musicm~3\mimboot.exe
mRun: [DVDLauncher] "c:\program files\cyberlink\powerdvd\DVDLauncher.exe"
mRun: [Ad-Watch] c:\program files\lavasoft\ad-aware 2007\Ad-Watch2007.exe
StartupFolder: c:\docume~1\gaxiol~1\startm~1\programs\startup\openof~1.lnk - c:\program files\openoffice.org 3\program\quickstart.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\forget~1.lnk - c:\program files\broderbund\ag creatacard\AGRemind.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpoddt~1.lnk - c:\program files\hewlett-packard\digital imaging\bin\hpotdd01.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\office~1.lnk - c:\program files\hewlett-packard\digital imaging\bin\hposol08.exe
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE}
IE: {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/open...
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {03A0F84E-3E69-4B3E-B4D3-019CB73B57B3} - hxxp://www3.authentium.com/cssrelease/bin/WizMain.exe
DPF: {1B4F9DD7-2D7C-44B5-9126-73206DA0AE75} - hxxp://www3.authentium.com/cssrelease/bin/wizard.exe
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\yinsthelper.dll
DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab
DPF: {4CCA4E6B-9259-11D9-AC6E-444553544200} - hxxp://h30155.www3.hp.com/ediags/dd/install/HPInstallMgr_v01.cab
DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} - hxxps://webdl.symantec.com/activex/symdlmgr.cab
DPF: {7584C670-2274-4EFB-B00B-D6AABA6D3850} - hxxp://ts.chasroberts.com/msrdp.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Notify: igfxcui - igfxdev.dll
Notify: jkkklig - jkkklig.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SecurityProviders: msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, ntoskrnl.dll
mASetup: {A509B1FF-37FF-4bFF-8CFF-4F3A747040FF} - c:\windows\system32\rundll32.exe c:\windows\system32\advpack.dll,launchinfsectionex c:\program files\internet explorer\clrtour.inf,DefaultInstall.ResetTour,,12

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\gaxiol~1\applic~1\mozilla\firefox\profiles\3yduft69.default\
FF - prefs.js: browser.startup.homepage - google.com
FF - component: c:\program files\mcafee\siteadvisor\components\McFFPlg.dll
FF - plugin: c:\documents and settings\gaxiola's\application data\move networks\plugins\npqmp071503000010.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\mozilla firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

============= SERVICES / DRIVERS ===============

R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2010-1-5 385536]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\mcafee\siteadvisor\McSACore.exe [2010-4-22 203280]
R2 McProxy;McAfee Proxy Service;c:\progra~1\common~1\mcafee\mcproxy\mcproxy.exe [2010-4-22 359952]
R2 McShield;McAfee Real-time Scanner;c:\progra~1\mcafee\viruss~1\mcshield.exe [2010-4-22 144704]
R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2010-4-22 79816]
R3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2010-4-22 35272]
S1 pcii;pcii;c:\windows\system32\drivers\pcii.sys --> c:\windows\system32\drivers\pcii.sys [?]
S3 Ad-Watch Connect Filter;Ad-Watch Connect Kernel Filter;\??\c:\windows\system32\drivers\nsdriver.sys --> c:\windows\system32\drivers\NSDriver.sys [?]
S3 Ad-Watch Real-Time Scanner;AW Real-Time Scanner;\??\c:\windows\system32\drivers\awrtpd.sys --> c:\windows\system32\drivers\AWRTPD.sys [?]
S3 Ad-Watch Registry Filter;Ad-Watch Registry Kernel Filter;\??\c:\windows\system32\drivers\awrtrd.sys --> c:\windows\system32\drivers\AWRTRD.sys [?]
S3 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.sys --> c:\windows\system32\drivers\mbamswissarmy.sys [?]
S3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2010-4-22 34248]
S3 mfesmfk;McAfee Inc. mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2010-4-22 40552]
S3 NPF;Netgroup Packet Filter;c:\windows\system32\drivers\npf.sys [2009-6-30 42512]
S3 RegGuard;RegGuard;c:\windows\system32\drivers\regguard.sys [2010-4-26 24416]
S4 McSysmon;McAfee SystemGuards;c:\progra~1\mcafee\viruss~1\mcsysmon.exe [2010-4-22 606736]

=============== Created Last 30 ================

2010-04-28 03:21:02 96512 ----a-w- c:\windows\system32\drivers\tsk62.tmp
2010-04-28 03:21:02 36488 ----a-w- c:\windows\system32\drivers\klmdb.sys
2010-04-28 00:35:21 0 dc----w- c:\docume~1\alluse~1\applic~1\avG
2010-04-27 06:45:55 0 d-----w- c:\program files\Trend Micro
2010-04-27 06:07:01 24416 ----a-w- c:\windows\system32\drivers\regguard.sys
2010-04-27 05:59:43 2 --shatr- c:\windows\winstart.bat
2010-04-27 05:58:41 12752 ----a-w- c:\windows\system32\drivers\UnHackMeDrv.sys
2010-04-27 05:58:34 0 d-----w- c:\program files\UnHackMe
2010-04-27 05:12:41 118784 ----a-w- c:\windows\system32\MSSTDFMT.DLL
2010-04-25 22:10:09 164 -c--a-w- C:\install.dat
2010-04-25 20:12:59 0 d--h--w- c:\windows\PIF
2010-04-25 19:29:08 0 dc----w- c:\docume~1\alluse~1\applic~1\SUPERAntiSpyware.com
2010-04-25 19:29:03 0 d-----w- c:\program files\Hitman Pro 3.5
2010-04-25 19:04:09 512000 ------w- c:\windows\system32\dllcache\jscript.dll
2010-04-25 06:21:12 0 dc----w- c:\docume~1\gaxiol~1\applic~1\SUPERAntiSpyware.com
2010-04-25 06:21:12 0 d-----w- c:\program files\SUPERAntiSpyware
2010-04-25 06:12:10 15944 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys
2010-04-25 06:11:37 0 dc----w- c:\docume~1\alluse~1\applic~1\Hitman Pro
2010-04-23 06:34:20 0 dc----w- c:\docume~1\gaxiol~1\applic~1\Malwarebytes
2010-04-23 06:33:47 0 dc----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
2010-04-23 01:33:05 10291 ----a-w- c:\windows\system32\Config.MPF
2010-04-23 01:08:21 79816 ----a-w- c:\windows\system32\drivers\mfeavfk.sys
2010-04-23 01:08:21 40552 ----a-w- c:\windows\system32\drivers\mfesmfk.sys
2010-04-23 01:08:21 35272 ----a-w- c:\windows\system32\drivers\mfebopk.sys
2010-04-23 01:07:54 120136 ----a-w- c:\windows\system32\drivers\Mpfp.sys
2010-04-23 01:06:49 0 d-----w- c:\program files\common files\McAfee
2010-04-23 01:06:48 0 d-----w- c:\program files\McAfee.com
2010-04-23 00:24:32 34248 ----a-w- c:\windows\system32\drivers\mferkdk.sys
2010-04-19 17:15:15 0 d-----w- c:\windows\system32\scripting
2010-04-19 17:15:14 0 d-----w- c:\windows\l2schemas
2010-04-19 17:15:13 0 d-----w- c:\windows\system32\en
2010-04-19 17:15:13 0 d-----w- c:\windows\system32\bits
2010-04-19 16:57:40 0 d-----w- c:\windows\EHome
2010-04-19 04:45:49 0 d-----w- c:\windows\SxsCaPendDel
2010-04-19 02:45:05 73728 ----a-w- c:\windows\system32\javacpl.cpl
2010-04-19 02:45:04 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-04-18 04:30:53 0 dc----w- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
2010-04-18 04:30:53 0 d-----w- c:\program files\Spybot - Search & Destroy
2010-04-15 18:08:54 0 d-----w- c:\docume~1\gaxiol~1\applic~1\Tific
2010-04-15 17:23:20 0 d-----w- c:\windows\LMI3F.tmp
2010-04-15 05:12:32 95024 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2010-04-15 04:58:45 0 d-----w- c:\docume~1\gaxiol~1\applic~1\Uniblue
2010-04-15 03:19:45 0 d-----w- c:\windows\system32\wbem\Repository
2010-04-15 03:14:32 0 d-----w- c:\docume~1\gaxiol~1\applic~1\Southwest Airlines(2)
2010-04-15 03:09:04 0 dc----w- c:\docume~1\alluse~1\applic~1\McAfee.com Personal Firewall
2010-04-14 04:54:29 12464 ----a-w- c:\windows\system32\avgrsstx(2).dll
2010-04-14 04:54:02 0 d-----w- c:\windows\system32\drivers\Avg(2)
2010-04-14 04:53:56 0 dc----w- c:\docume~1\alluse~1\applic~1\AVG Security Toolbar
2010-04-14 04:49:53 0 dc----w- c:\docume~1\alluse~1\applic~1\avg9
2010-04-14 04:20:53 0 d-----w- c:\windows\system32\drivers\NAV
2010-04-08 08:09:39 190 --s-a-w- c:\windows\system32\1672623149.dat

==================== Find3M ====================

2010-04-25 19:29:04 77568 ----a-w- c:\windows\system32\drivers\WudfPf.sys
2010-03-10 13:18:21 13824 ------w- c:\windows\system32\dllcache\ieudinit.exe
2010-03-10 13:18:20 70656 ----a-w- c:\windows\system32\dllcache\ie4uinit.exe
2010-03-09 11:09:18 430080 ----a-w- c:\windows\system32\vbscript.dll
2010-03-09 11:09:18 430080 ------w- c:\windows\system32\dllcache\vbscript.dll
2010-03-03 00:14:43 47700 ---ha-w- c:\windows\system32\mlfcache.dat
2010-02-25 06:24:37 12800 ------w- c:\windows\system32\dllcache\xpshims.dll
2010-02-25 06:24:35 247808 ------w- c:\windows\system32\dllcache\ieproxy.dll
2010-02-24 13:11:07 455680 ------w- c:\windows\system32\dllcache\mrxsmb.sys
2010-02-23 05:20:02 634648 ----a-w- c:\windows\system32\dllcache\iexplore.exe
2010-02-23 05:18:28 161792 ----a-w- c:\windows\system32\dllcache\ieakui.dll
2010-02-17 16:10:28 2189952 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-02-17 16:10:28 2189952 ------w- c:\windows\system32\dllcache\ntoskrnl.exe
2010-02-16 14:08:49 2146304 ------w- c:\windows\system32\dllcache\ntkrnlmp.exe
2010-02-16 13:25:04 2066816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-02-16 13:25:04 2066816 ------w- c:\windows\system32\dllcache\ntkrnlpa.exe
2010-02-16 13:25:04 2024448 ------w- c:\windows\system32\dllcache\ntkrpamp.exe
2010-02-12 04:33:11 100864 ----a-w- c:\windows\system32\6to4svc.dll
2010-02-12 04:33:11 100864 ------w- c:\windows\system32\dllcache\6to4svc.dll
2010-02-11 12:02:15 226880 ------w- c:\windows\system32\dllcache\tcpip6.sys
2007-07-04 04:14:36 774144 ----a-w- c:\program files\RngInterstitial.dll
2007-11-20 22:05:38 848 -csha-w- c:\windows\system32\KGyGaAvL.sys

============= FINISH: 20:28:55.89 ===============


Report •

#6
April 27, 2010 at 20:42:43
I ran the tdsskiller required me to reboot and it said that everything was cured...it mentioned press any key to continue. No log given. I still have it on my desktop just in case.

Report •

#7
April 29, 2010 at 12:02:37
Even though i ran the tdsskiller it is still evident that my computer is still infected. So the help is still needed. Thanks

Report •

#8
May 3, 2010 at 14:48:12
jabuck are you still there?

Report •

#9
May 3, 2010 at 20:44:39
Go to add/remove programs and uninstall these programs:


Anti-Spyware (PestPatrol)
My Way Search Assistant
Viewpoint Media Player

Please download Combofix with internet explorer instead of any other browser if possible.

Remember..your McAfee antivirus, Spybots TeaTimer, and Ad-Aware must be turned off or disabled before running ComboFix. The clickable link "This Link" in the ComboFix tutorial will help you get them disabled.

Please download ComboFix to the desktop from one of the following links:

ComboFix

Rename the setup file, combofix.exe, before you download it. To do that once the "enter name of file to save to" box appears as the download begins in the filename box rename combofix.exe to to Combo-Fix> click save.
Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved and renamed following this process directly to your desktop.
If you are using Firefox, make sure that your download settings are as follows:
Tools->Options->Main tab
Set to "Always ask me where to Save the files".

Please do not rename Combofix to other names, but only to the one indicated.
Close any open browsers.
Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
-----------------------------------------------------------
Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
Click on This Link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
-----------------------------------------------------------
Close any open browsers.
WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
-----------------------------------------------------------
Double click on Combo-Fix.exe & follow the prompts.
Install the recovery console when asked.
When finished, it will produce a report for you.
Please post the "C:\Combo-Fix.txt" .
Note: Do not mouseclick combo-fix's window while it's running. That may cause it to hang.


Note: ComboFix may reset a number of Internet Explorer's settings, including making it the default browser.
Note: Combofix prevents autorun of ALL CDs, floppies and USB devices to assist with malware removal & increase security.

Please do not install any new programs or update anything unless told to do so while we are fixing your problem.


Report •

#10
May 3, 2010 at 22:00:30
As far as the programs you asked me to remove, I only found the last one (viewpoint media player) on the add/remove programs list. I looked of the other 2 perhaps under different starting names and even ran a search but only appeared in the logs. Is there anywhere else I could look for them to get rid of them?

Anti-spyware pest patrol, could that be unhackme, reanimator, or hijackthis? Those are the ones I have besides spybot.

Thank-you for all of your help so far and your time. I really appreciate it.


Report •

#11
May 6, 2010 at 15:03:32
shall i go ahead with combofix even though i was not able to find the 2 other programs?

Report •

Ask Question