1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Inappropriate Links Inserted Into Web Sites

Discussion in 'Virus & Other Malware Removal' started by HowdeeDoodee, Jan 2, 2013.

Thread Status:
Not open for further replies.
Advertisement
  1. HowdeeDoodee

    HowdeeDoodee Thread Starter

    Joined:
    Aug 26, 2004
    Messages:
    614
    Using Firefox, I see hyperlinks inserted into my web site I did not put into the site. I see similar occurrences in other sites I visit. These hyperlinks are advertisements put into the text of an article by someone. Is there any way of preventing these hyperlinks from being inserted?

    Thank you in advance for your reply.
     
  2. Ent

    Ent Trusted Advisor

    Joined:
    Apr 11, 2009
    Messages:
    5,467
    First Name:
    Josiah
    Does this happen to all (or the majority of) sites you visit?
    Which is your own site?
     
  3. HowdeeDoodee

    HowdeeDoodee Thread Starter

    Joined:
    Aug 26, 2004
    Messages:
    614
    I see this happening on many sites I visit. The weird thing is I can visit the same page in FF and the same page in IE and the FF page is the only page showing the advertising hyperlinks.
     
  4. Ent

    Ent Trusted Advisor

    Joined:
    Apr 11, 2009
    Messages:
    5,467
    First Name:
    Josiah
    That's what I suspected.
    The good news is that your site is probably not being hacked or infected with anything. (Though it's worth checking).
    The bad news is that your computer probably is.

    A lot of malware writers come up with the <sarcasm>bright new idea</sarcasm> of putting adverts in their victims' web browsing and claiming their cut. In fact the more reputable advert companies realize what's going on and refuse to hand over the cash, but that doesn't help you very much.

    I'd suggest following the instructions in this thread and waiting for assistance from a malware removal expert.
    http://forums.techguy.org/virus-other-malware-removal/943214-everyone-must-read-before-posting.html
    I'll ask for this thread to be moved to the appropriate section of the site.
     
  5. HowdeeDoodee

    HowdeeDoodee Thread Starter

    Joined:
    Aug 26, 2004
    Messages:
    614
    Thank you. I had malware, which has been removed.

    Thank you again. I will mark solved.
     
  6. HowdeeDoodee

    HowdeeDoodee Thread Starter

    Joined:
    Aug 26, 2004
    Messages:
    614
    The old issue referred to in the OP has come back. Two new issues have appeared.

    New issue 1: System restore will not restore the computer to an earlier date. Restore points are visible but after the restore activity I get a message saying the system cannot be restored to the selected date.

    New issue 2: GMER was run but would not complete the run. I get a notice (web screen) referring to the blue screen. I did not have a blue screen.

    Here are the attach, dds, and hijackthis files.

    Thank you in advance for any help.


    ATTACH ATTACH ATTACH ATTACH

    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2012-11-20.01)
    .
    Microsoft Windows XP Professional
    Boot Device: \Device\HarddiskVolume3
    Install Date: 1/4/2012 1:02:58 PM
    System Uptime: 1/8/2013 6:29:45 AM (14 hours ago)
    .
    Motherboard: XFX | | MG-63MI-7059
    Processor: Intel(R) Pentium(R) D CPU 3.20GHz | CPU 1 | 3200/200mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 298 GiB total, 240.029 GiB free.
    D: is FIXED (NTFS) - 298 GiB total, 189.552 GiB free.
    E: is CDROM ()
    F: is FIXED (NTFS) - 932 GiB total, 555.733 GiB free.
    G: is FIXED (NTFS) - 932 GiB total, 305.801 GiB free.
    .
    ==== Disabled Device Manager Items =============
    .
    Class GUID: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA}
    Description: USB Receiver
    Device ID: USB\VID_046D&PID_C505&MI_01\7&109B7ECE&0&0001
    Manufacturer: Logitech
    Name: USB Receiver
    PNP Device ID: USB\VID_046D&PID_C505&MI_01\7&109B7ECE&0&0001
    Service:
    .
    ==== System Restore Points ===================
    .
    RP377: 12/2/2012 12:38:32 PM - Installed AVG 2013
    RP378: 12/3/2012 3:35:31 PM - System Checkpoint
    RP379: 12/4/2012 8:42:16 AM - Installed USB Mass Storage Toolbox
    RP380: 12/5/2012 10:30:05 AM - System Checkpoint
    RP381: 12/6/2012 11:14:22 AM - System Checkpoint
    RP382: 12/7/2012 12:18:38 PM - System Checkpoint
    RP383: 12/8/2012 1:24:17 PM - System Checkpoint
    RP384: 12/9/2012 1:25:09 PM - System Checkpoint
    RP385: 12/10/2012 2:56:59 PM - System Checkpoint
    RP386: 12/11/2012 3:24:00 PM - System Checkpoint
    RP387: 12/12/2012 4:23:50 PM - System Checkpoint
    RP388: 12/13/2012 3:00:34 AM - Software Distribution Service 3.0
    RP389: 12/14/2012 5:47:41 AM - System Checkpoint
    RP390: 12/14/2012 11:45:04 AM - Installed Driver Manager.
    RP391: 12/14/2012 12:07:31 PM - Removed Driver Manager.
    RP392: 12/15/2012 1:09:22 PM - System Checkpoint
    RP393: 12/16/2012 1:32:45 PM - System Checkpoint
    RP394: 12/17/2012 2:49:18 PM - System Checkpoint
    RP395: 12/18/2012 2:57:10 PM - System Checkpoint
    RP396: 12/19/2012 3:32:32 PM - System Checkpoint
    RP397: 12/20/2012 4:04:48 PM - System Checkpoint
    RP398: 12/21/2012 4:46:24 PM - System Checkpoint
    RP399: 12/22/2012 3:00:19 AM - Software Distribution Service 3.0
    RP400: 12/23/2012 7:16:11 AM - System Checkpoint
    RP401: 12/24/2012 7:58:27 AM - System Checkpoint
    RP402: 12/24/2012 10:15:18 AM - Installed HiJackThis
    RP403: 12/24/2012 4:26:39 PM - Removed Adobe Reader X (10.1.4).
    RP404: 12/25/2012 1:55:24 PM - Installed Nero - Burning Rom
    RP405: 12/25/2012 2:14:51 PM - Removed Nero - Burning Rom
    RP406: 12/26/2012 3:40:03 PM - System Checkpoint
    RP407: 12/27/2012 4:06:40 PM - System Checkpoint
    RP408: 12/28/2012 4:54:01 PM - System Checkpoint
    RP409: 12/29/2012 5:31:13 PM - System Checkpoint
    RP410: 12/30/2012 6:17:27 PM - System Checkpoint
    RP411: 12/31/2012 7:11:00 PM - System Checkpoint
    RP412: 1/1/2013 9:52:08 PM - System Checkpoint
    RP413: 1/2/2013 11:23:52 PM - System Checkpoint
    RP414: 1/4/2013 2:42:46 AM - System Checkpoint
    RP415: 1/5/2013 12:08:55 AM - Software Distribution Service 3.0
    RP416: 1/6/2013 2:32:48 AM - System Checkpoint
    RP417: 1/6/2013 11:15:28 AM - Installed calibre
    RP418: 1/6/2013 11:48:42 AM - Removed calibre
    RP419: 1/6/2013 4:56:26 PM - Printer Driver Send to Kindle Installed
    RP420: 1/6/2013 5:09:29 PM - Printer Driver Send to Kindle Installed
    RP421: 1/7/2013 6:50:57 PM - System Checkpoint
    RP422: 1/8/2013 7:29:58 PM - Software Distribution Service 3.0
    .
    ==== Installed Programs ======================
    .
    A.F.9 Replace some bytes 1.2
    Acronis*True*Image*Home
    Ad-Aware Antivirus
    Ad-Aware Browsing Protection
    Adobe AIR
    Adobe Flash Player 11 ActiveX
    Adobe Flash Player 11 Plugin
    Adobe Reader XI
    Advanced DVD Player
    Agent Ransack 2010
    Amazon Kindle
    Amazon Send to Kindle
    Apple Application Support
    Apple Software Update
    ASAP Utilities
    Audacity 2.0.2
    AVG 2013
    AVG Security Toolbar
    Bulk Rename Utility 2.7.1.2
    Canon Easy-PhotoPrint EX
    Canon Easy-WebPrint EX
    Canon MP Navigator EX 4.0
    Canon MP280 series MP Drivers
    Canon MP280 series User Registration
    Canon My Printer
    Canon Solution Menu EX
    CCleaner
    CodeStuff Starter
    Compatibility Pack for the 2007 Office system
    Copy File Name 2.0.0.11
    CPUID CPU-Z 1.61.3
    Creative MediaSource 5
    Creative Software AutoUpdate
    Creative WaveStudio 7
    Data Lifeguard Diagnostic for Windows 1.24
    DocFetcher
    File Renamer - Basic
    File Splitter and Joiner (FFSJ v3.3)
    FileZilla Client 3.6.0.2
    Foxit Reader 5.1
    Free Download Manager 3.9
    Free Sound Recorder v9.3.1
    Free Window Registry Repair
    FreeSoundRecorder Toolbar
    FrostWire 5.5.1
    HiJackThis
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    Hotfix for Windows Media Format 11 SDK (KB929399)
    Hotfix for Windows Media Player 11 (KB939683)
    Hotfix for Windows XP (KB2633952)
    Hotfix for Windows XP (KB2756822)
    Hotfix for Windows XP (KB2779562)
    Hotfix for Windows XP (KB952287)
    Hotfix for Windows XP (KB954550-v5)
    Hotfix for Windows XP (KB961118)
    HTTPWeazel Version 1.09
    InfraRecorder
    Java 7 Update 9
    Java Auto Updater
    jZip
    Karen's Directory Printer
    Kiwix 0.9 rc1
    LinkChecker 7.4
    Logitech iTouch Software
    Logitech MouseWare 9.71
    Logitech Resource Center
    Malwarebytes Anti-Malware version 1.70.0.1100
    MatSpoon FileSearch 0.3.1
    Microsoft .NET Framework 2.0 Service Pack 2
    Microsoft .NET Framework 3.0 Service Pack 2
    Microsoft .NET Framework 3.5 SP1
    Microsoft .NET Framework 4 Client Profile
    Microsoft .NET Framework 4 Extended
    Microsoft Compression Client Pack 1.0 for Windows XP
    Microsoft FrontPage 2000 SR-1
    Microsoft Image Composer 1.5
    Microsoft Office File Validation Add-In
    Microsoft Office Professional Edition 2003
    Microsoft Publisher 2000
    Microsoft Silverlight
    Microsoft User-Mode Driver Framework Feature Pack 1.0
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
    Mozilla Firefox 17.0.1 (x86 en-US)
    Mozilla Maintenance Service
    Notepad++
    NoteTab Light 7 (Remove only)
    NVIDIA Drivers
    NVIDIA nTune
    OutFront Web Template
    PC Wizard 2010.1.96
    QuickTime
    RealDownloader
    RealNetworks - Microsoft Visual C++ 2008 Runtime
    RealNetworks - Microsoft Visual C++ 2010 Runtime
    Realtek High Definition Audio Driver
    RealUpgrade 1.1
    Repair PDF File Free 1.0
    Revo Uninstaller 1.94
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
    Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
    Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
    Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
    Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
    Security Update for Microsoft Windows (KB2564958)
    Security Update for Windows Internet Explorer 8 (KB2510531)
    Security Update for Windows Internet Explorer 8 (KB2544521)
    Security Update for Windows Internet Explorer 8 (KB2618444)
    Security Update for Windows Internet Explorer 8 (KB2647516)
    Security Update for Windows Internet Explorer 8 (KB2675157)
    Security Update for Windows Internet Explorer 8 (KB2699988)
    Security Update for Windows Internet Explorer 8 (KB2722913)
    Security Update for Windows Internet Explorer 8 (KB2744842)
    Security Update for Windows Internet Explorer 8 (KB2761465)
    Security Update for Windows Internet Explorer 8 (KB982381)
    Security Update for Windows Media Player (KB2378111)
    Security Update for Windows Media Player (KB952069)
    Security Update for Windows Media Player (KB954155)
    Security Update for Windows Media Player (KB973540)
    Security Update for Windows Media Player (KB975558)
    Security Update for Windows Media Player (KB978695)
    Security Update for Windows Media Player 11 (KB954154)
    Security Update for Windows XP (KB2079403)
    Security Update for Windows XP (KB2115168)
    Security Update for Windows XP (KB2229593)
    Security Update for Windows XP (KB2296011)
    Security Update for Windows XP (KB2347290)
    Security Update for Windows XP (KB2360937)
    Security Update for Windows XP (KB2387149)
    Security Update for Windows XP (KB2393802)
    Security Update for Windows XP (KB2412687)
    Security Update for Windows XP (KB2419632)
    Security Update for Windows XP (KB2423089)
    Security Update for Windows XP (KB2440591)
    Security Update for Windows XP (KB2443105)
    Security Update for Windows XP (KB2476490)
    Security Update for Windows XP (KB2478960)
    Security Update for Windows XP (KB2478971)
    Security Update for Windows XP (KB2479943)
    Security Update for Windows XP (KB2481109)
    Security Update for Windows XP (KB2483185)
    Security Update for Windows XP (KB2485663)
    Security Update for Windows XP (KB2506212)
    Security Update for Windows XP (KB2507618)
    Security Update for Windows XP (KB2507938)
    Security Update for Windows XP (KB2508429)
    Security Update for Windows XP (KB2509553)
    Security Update for Windows XP (KB2510581)
    Security Update for Windows XP (KB2535512)
    Security Update for Windows XP (KB2536276-v2)
    Security Update for Windows XP (KB2544521)
    Security Update for Windows XP (KB2544893-v2)
    Security Update for Windows XP (KB2566454)
    Security Update for Windows XP (KB2567680)
    Security Update for Windows XP (KB2570222)
    Security Update for Windows XP (KB2570947)
    Security Update for Windows XP (KB2584146)
    Security Update for Windows XP (KB2585542)
    Security Update for Windows XP (KB2592799)
    Security Update for Windows XP (KB2598479)
    Security Update for Windows XP (KB2603381)
    Security Update for Windows XP (KB2618444)
    Security Update for Windows XP (KB2618451)
    Security Update for Windows XP (KB2619339)
    Security Update for Windows XP (KB2620712)
    Security Update for Windows XP (KB2621440)
    Security Update for Windows XP (KB2624667)
    Security Update for Windows XP (KB2631813)
    Security Update for Windows XP (KB2633171)
    Security Update for Windows XP (KB2639417)
    Security Update for Windows XP (KB2641653)
    Security Update for Windows XP (KB2646524)
    Security Update for Windows XP (KB2647518)
    Security Update for Windows XP (KB2653956)
    Security Update for Windows XP (KB2655992)
    Security Update for Windows XP (KB2659262)
    Security Update for Windows XP (KB2660465)
    Security Update for Windows XP (KB2661637)
    Security Update for Windows XP (KB2676562)
    Security Update for Windows XP (KB2685939)
    Security Update for Windows XP (KB2686509)
    Security Update for Windows XP (KB2691442)
    Security Update for Windows XP (KB2695962)
    Security Update for Windows XP (KB2698365)
    Security Update for Windows XP (KB2705219)
    Security Update for Windows XP (KB2707511)
    Security Update for Windows XP (KB2709162)
    Security Update for Windows XP (KB2712808)
    Security Update for Windows XP (KB2718523)
    Security Update for Windows XP (KB2719985)
    Security Update for Windows XP (KB2723135)
    Security Update for Windows XP (KB2724197)
    Security Update for Windows XP (KB2727528)
    Security Update for Windows XP (KB2731847)
    Security Update for Windows XP (KB2753842-v2)
    Security Update for Windows XP (KB2753842)
    Security Update for Windows XP (KB2757638)
    Security Update for Windows XP (KB2758857)
    Security Update for Windows XP (KB2761226)
    Security Update for Windows XP (KB2770660)
    Security Update for Windows XP (KB2779030)
    Security Update for Windows XP (KB923561)
    Security Update for Windows XP (KB923789)
    Security Update for Windows XP (KB941569)
    Security Update for Windows XP (KB946648)
    Security Update for Windows XP (KB950762)
    Security Update for Windows XP (KB950974)
    Security Update for Windows XP (KB951376-v2)
    Security Update for Windows XP (KB952004)
    Security Update for Windows XP (KB952954)
    Security Update for Windows XP (KB954459)
    Security Update for Windows XP (KB956572)
    Security Update for Windows XP (KB956744)
    Security Update for Windows XP (KB956802)
    Security Update for Windows XP (KB956844)
    Security Update for Windows XP (KB958644)
    Security Update for Windows XP (KB959426)
    Security Update for Windows XP (KB960803)
    Security Update for Windows XP (KB960859)
    Security Update for Windows XP (KB961501)
    Security Update for Windows XP (KB969059)
    Security Update for Windows XP (KB970430)
    Security Update for Windows XP (KB971657)
    Security Update for Windows XP (KB972270)
    Security Update for Windows XP (KB973507)
    Security Update for Windows XP (KB973869)
    Security Update for Windows XP (KB973904)
    Security Update for Windows XP (KB974112)
    Security Update for Windows XP (KB974318)
    Security Update for Windows XP (KB974392)
    Security Update for Windows XP (KB974571)
    Security Update for Windows XP (KB975025)
    Security Update for Windows XP (KB975467)
    Security Update for Windows XP (KB975560)
    Security Update for Windows XP (KB975562)
    Security Update for Windows XP (KB975713)
    Security Update for Windows XP (KB977816)
    Security Update for Windows XP (KB977914)
    Security Update for Windows XP (KB978338)
    Security Update for Windows XP (KB978542)
    Security Update for Windows XP (KB978601)
    Security Update for Windows XP (KB978706)
    Security Update for Windows XP (KB979309)
    Security Update for Windows XP (KB979482)
    Security Update for Windows XP (KB979687)
    Security Update for Windows XP (KB980436)
    Security Update for Windows XP (KB981322)
    Security Update for Windows XP (KB981997)
    Security Update for Windows XP (KB982132)
    Security Update for Windows XP (KB982665)
    SelectionLinks
    Simple HTML To Text Converter 1.2
    SUPERAntiSpyware
    The Guide
    TSR Copy Changed Files software version 1.7.0.1
    TXTcollector
    UltraExplorer 2.0.3.1
    UltraSearch V1.6.1
    Unlocker 1.9.1
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    Update for Windows Internet Explorer 8 (KB2598845)
    Update for Windows XP (KB2345886)
    Update for Windows XP (KB2467659)
    Update for Windows XP (KB2541763)
    Update for Windows XP (KB2641690)
    Update for Windows XP (KB2661254-v2)
    Update for Windows XP (KB2718704)
    Update for Windows XP (KB2736233)
    Update for Windows XP (KB2749655)
    Update for Windows XP (KB898461)
    Update for Windows XP (KB951978)
    Update for Windows XP (KB955759)
    Update for Windows XP (KB968389)
    Update for Windows XP (KB971029)
    Update for Windows XP (KB971737)
    Update for Windows XP (KB973687)
    Update for Windows XP (KB973815)
    Url Extractor Ver 1.0
    USB Mass Storage Toolbox
    VC 9.0 Runtime
    Visual C++ 8.0 CRT (x86) WinSXS MSM
    Visual C++ 8.0 CRT.Policy (x86) WinSXS MSM
    VLC media player 2.0.5
    WebFldrs XP
    Windows Genuine Advantage Notifications (KB905474)
    Windows Internet Explorer 8
    Windows Media Format 11 runtime
    Windows Media Player 11
    WinHTTrack Website Copier 3.46-1
    WinMerge 2.12.4
    Yahoo! Detect
    ZoneAlarm Firewall
    ZoneAlarm Free
    ZoneAlarm Security
    .
    ==== Event Viewer Messages From Past Week ========
    .
    1/8/2013 8:05:17 PM, error: Service Control Manager [7016] - The SmartLinkService service has reported an invalid current state 0.
    1/4/2013 1:02:46 PM, error: Print [6161] - The document Microsoft Word - Confidentiality Agreement Prospective Licensee_Roth.doc owned by Patrick failed to print on printer Canon MP280 series Printer. Data type: NT EMF 1.008. Size of the spool file in bytes: 327680. Number of bytes printed: 12908. Total number of pages in the document: 2. Number of pages printed: 0. Client machine: \\PATRICK-E596960. Win32 error code returned by the print processor: 13 (0xd).
    1/1/2013 9:30:31 AM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the avgwd service.
    1/1/2013 9:03:29 PM, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.
    1/1/2013 2:20:17 PM, error: atapi [9] - The device, \Device\Ide\IdePort2, did not respond within the timeout period.
    1/1/2013 2:20:17 PM, error: atapi [11] - The driver detected a controller error on \Device\Ide\IdePort2.
    1/1/2013 10:16:39 AM, error: Service Control Manager [7024] - The TrueVector Internet Monitor service terminated with service-specific error 0 (0x0).
    .
    ==== End Of File ===========================

    DDS DDS DDS DDS DDS DDS

    DDS (Ver_2012-11-20.01) - NTFS_x86
    Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.9.2
    Run by Patrick at 20:05:13 on 2013-01-08
    Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1919.1028 [GMT -7:00]
    .
    AV: AVG Anti-Virus Free Edition 2013 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
    AV: Lavasoft Ad-Aware *Disabled/Updated* {964FCE60-0B18-4D30-ADD6-EB178909041C}
    FW: Lavasoft Ad-Aware *Disabled*
    FW: ZoneAlarm Free Firewall *Enabled*
    .
    ============== Running Processes ================
    .
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
    C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
    C:\WINDOWS\system32\CTsvcCDA.exe
    C:\Program Files\Java\jre7\bin\jqs.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
    C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
    C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe
    C:\WINDOWS\System32\alg.exe
    C:\Program Files\Real\RealPlayer\update\realsched.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.exe
    C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe
    C:\PROGRA~1\AD-AWA~1\AdAware.exe
    C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe
    C:\Program Files\Mozilla Firefox\plugin-container.exe
    C:\WINDOWS\system32\msiexec.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\AVG Secure Search\vprot.exe
    C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
    C:\WINDOWS\notepad.exe
    C:\WINDOWS\system32\notepad.exe
    C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    \\?\C:\WINDOWS\system32\WBEM\WMIADAP.EXE
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    C:\WINDOWS\system32\svchost.exe -k NetworkService
    C:\WINDOWS\system32\svchost.exe -k LocalService
    C:\WINDOWS\system32\svchost.exe -k LocalService
    C:\WINDOWS\system32\svchost.exe -k imgsvc
    C:\WINDOWS\System32\svchost.exe -k HTTPFilter
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.findthepower.com/
    uURLSearchHooks: FreeSoundRecorder Toolbar: {32b29df0-2237-4370-9a29-37cebb730e9b} - c:\documents and settings\patrick\local settings\application data\ct2704262\ldrtbFree.dll
    uURLSearchHooks: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - <orphaned>
    BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: SelectionLinksBHO Class: {300BEC06-B743-4D19-86B9-11DC711D7FFB} -
    BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\ie\rndlbrowserrecordplugin.dll
    BHO: FreeSoundRecorder Toolbar: {32b29df0-2237-4370-9a29-37cebb730e9b} - c:\documents and settings\patrick\local settings\application data\ct2704262\ldrtbFree.dll
    BHO: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - c:\program files\canon\easy-webprint ex\ewpexbho.dll
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
    BHO: ZoneAlarm Security Engine Registrar: {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - c:\program files\checkpoint\zaforcefield\trustchecker\bin\TrustCheckerIEPlugin.dll
    BHO: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg secure search\13.2.0.5\AVG Secure Search_toolbar.dll
    BHO: Free Download Manager: {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - c:\program files\free download manager\iefdm2.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
    TB: ZoneAlarm Security Engine: {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - c:\program files\checkpoint\zaforcefield\trustchecker\bin\TrustCheckerIEPlugin.dll
    TB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file>
    TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - c:\program files\canon\easy-webprint ex\ewpexhlp.dll
    TB: FreeSoundRecorder Toolbar: {32B29DF0-2237-4370-9A29-37CEBB730E9B} - c:\documents and settings\patrick\local settings\application data\ct2704262\ldrtbFree.dll
    TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - c:\program files\canon\easy-webprint ex\ewpexhlp.dll
    TB: ZoneAlarm Security Engine: {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - c:\program files\checkpoint\zaforcefield\trustchecker\bin\TrustCheckerIEPlugin.dll
    TB: FreeSoundRecorder Toolbar: {32b29df0-2237-4370-9a29-37cebb730e9b} - c:\documents and settings\patrick\local settings\application data\ct2704262\ldrtbFree.dll
    TB: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg secure search\13.2.0.5\AVG Secure Search_toolbar.dll
    EB: Canon Easy-WebPrint EX: {21347690-EC41-4F9A-8887-1F4AEE672439} - c:\program files\canon\easy-webprint ex\ewpexhlp.dll
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    uRunOnce: [adawarebp] reg.exe delete "HKCU\Software\AppDataLow\Software\adawarebp" /f
    uRunOnce: [adawarebp_XP] reg.exe delete "HKCU\Software\adawarebp" /f
    mRun: [ZoneAlarm] "c:\program files\checkpoint\zonealarm\zatray.exe"
    mRun: [AVG_UI] "c:\program files\avg\avg2013\avgui.exe" /TRAYONLY
    mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
    mRun: [ISW] c:\program files\checkpoint\zaforcefield\ForceField.exe /icon="hidden"
    mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
    mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
    mRun: [Ad-Aware Browsing Protection] "c:\documents and settings\all users\application data\ad-aware browsing protection\adawarebp.exe"
    mRun: [Ad-Aware Antivirus] "c:\program files\ad-aware antivirus\AdAwareLauncher" --windows-run
    uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
    uPolicies-Explorer: NoDriveAutoRun = dword:-1
    mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
    IE: Download all with Free Download Manager - c:\program files\free download manager\dlall.htm
    IE: Download selected with Free Download Manager - c:\program files\free download manager\dlselected.htm
    IE: Download video with Free Download Manager - c:\program files\free download manager\dlfvideo.htm
    IE: Download with Free Download Manager - c:\program files\free download manager\dllink.htm
    IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1346066840812
    DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
    DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
    DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab
    TCP: NameServer = 192.168.0.1 205.171.3.25
    TCP: Interfaces\{DC4CDC52-944F-44EC-831F-C6E5626C23FF} : DHCPNameServer = 192.168.0.1 205.171.3.25
    Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - <orphaned>
    Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\13.2.0\ViProtocol.dll
    AppInit_DLLs= ??Ÿ
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
    SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\superantispyware\SASSEH.DLL
    LSA: Authentication Packages = msv1_0 relog_ap
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - c:\documents and settings\patrick\application data\mozilla\firefox\profiles\8al7z3nv.default\
    FF - prefs.js: browser.startup.homepage - hxxp://drudgereport.com/
    FF - plugin: c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlchromebrowserrecordext.dll
    FF - plugin: c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlhtml5videoshim.dll
    FF - plugin: c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlpepperflashvideoshim.dll
    FF - plugin: c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\npdlplugin.dll
    FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll
    FF - plugin: c:\program files\canon\easy-photoprint ex\NPEZFFPI.DLL
    FF - plugin: c:\program files\checkpoint\zaforcefield\trustchecker\bin\npFFApi.dll
    FF - plugin: c:\program files\common files\avg secure search\sitesafetyinstaller\13.2.0\npsitesafety.dll
    FF - plugin: c:\program files\foxit software\foxit reader\plugins\npFoxitReaderPlugin.dll
    FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
    FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll
    FF - plugin: c:\program files\real\realplayer\netscape6\nprpplugin.dll
    FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_5_502_135.dll
    FF - plugin: c:\windows\system32\npDeployJava1.dll
    FF - plugin: c:\windows\system32\npptools.dll
    FF - ExtSQL: 2012-12-01 19:01; [email protected]; c:\documents and settings\all users\application data\avg secure search\firefoxext\13.2.0.5
    FF - ExtSQL: 2012-12-23 03:35; {34712C68-7391-4c47-94F3-8F88D49AD632}; c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\firefox\Ext
    FF - ExtSQL: 2012-12-26 04:44; [email protected]; c:\documents and settings\patrick\application data\mozilla\firefox\profiles\8al7z3nv.default\extensions\[email protected]
    FF - ExtSQL: 2013-01-08 12:43; [email protected]; c:\documents and settings\patrick\application data\mozilla\firefox\profiles\8al7z3nv.default\extensions\[email protected]
    .
    ---- FIREFOX POLICIES ----
    user_pref('extensions.autoDisableScopes', 0);user_pref('security.csp.enable', false);user_pref('security.OCSP.enabled', 0);
    ============= SERVICES / DRIVERS ===============
    .
    R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-10-15 55776]
    R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2012-9-21 177376]
    R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2012-10-5 93536]
    R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2012-9-14 35552]
    R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2012-10-22 179936]
    R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2012-9-21 19936]
    R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2012-10-2 159712]
    R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2012-9-21 164832]
    R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2012-12-1 26984]
    R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
    R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
    R1 Vsdatant;vsdatant;c:\windows\system32\vsdatant.sys [2012-3-19 525840]
    R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCORE.EXE [2011-8-11 116608]
    R2 Ad-Aware Service;Ad-Aware Service;c:\program files\ad-aware antivirus\AdAwareService.exe [2012-12-14 1236968]
    R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2013\avgidsagent.exe [2012-11-6 5814392]
    R2 avgwd;AVG WatchDog;c:\program files\avg\avg2013\avgwdsvc.exe [2012-10-22 196664]
    R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    R2 ISWKL;ZoneAlarm LTD Toolbar ISWKL;c:\program files\checkpoint\zaforcefield\ISWKL.sys [2011-11-3 27016]
    R2 IswSvc;ZoneAlarm LTD Toolbar IswSvc;c:\program files\checkpoint\zaforcefield\ISWSVC.exe [2011-11-3 497280]
    R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files\realnetworks\realdownloader\rndlresolversvc.exe [2012-11-29 38608]
    R2 SBAMSvc;Ad-Aware;c:\program files\ad-aware antivirus\SBAMSvc.exe [2012-9-20 3677000]
    R2 vsmon;TrueVector Internet Monitor;c:\program files\checkpoint\zonealarm\vsmon.exe -service --> c:\program files\checkpoint\zonealarm\vsmon.exe -service [?]
    R2 vToolbarUpdater13.2.0;vToolbarUpdater13.2.0;c:\program files\common files\avg secure search\vtoolbarupdater\13.2.0\ToolbarUpdater.exe [2012-12-1 711112]
    S0 gfibto;gfibto;c:\windows\system32\drivers\gfibto.sys [2013-1-8 13560]
    S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2012-9-21 1691480]
    S3 cpuz134;cpuz134;c:\program files\cpuid\pc wizard 2010\pcwiz_x32.sys [2012-1-5 20328]
    S3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys [2012-1-16 16472]
    S3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys [2012-1-16 11104]
    S3 sbusb;Sound Blaster USB Audio Driver;c:\windows\system32\drivers\sbusb.sys [2012-1-5 1694592]
    S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
    .
    =============== Created Last 30 ================
    .
    2013-01-09 02:26:40 -------- d-----w- c:\program files\Click Search Click Removal Tool
    2013-01-09 00:19:42 -------- d-----w- c:\documents and settings\all users\application data\Ad-Aware Antivirus
    2013-01-09 00:19:27 -------- d-----w- c:\documents and settings\patrick\application data\LavasoftStatistics
    2013-01-08 19:47:06 -------- d-----w- c:\program files\Ad-Aware Antivirus
    2013-01-08 19:45:29 -------- d-----w- c:\documents and settings\patrick\local settings\application data\Downloaded Installations
    2013-01-08 19:45:18 44424 ----a-w- c:\windows\system32\sbbd.exe
    2013-01-08 19:45:18 13560 ----a-w- c:\windows\system32\drivers\gfibto.sys
    2013-01-08 19:43:22 -------- d-----w- c:\documents and settings\patrick\local settings\application data\adawarebp
    2013-01-08 19:43:22 -------- d-----w- c:\documents and settings\all users\application data\blekko toolbars
    2013-01-08 19:43:20 -------- d-----w- c:\documents and settings\all users\application data\Ad-Aware Browsing Protection
    2013-01-08 19:43:16 -------- d-----w- c:\program files\adawaretb
    2013-01-08 19:43:16 -------- d-----w- c:\documents and settings\patrick\application data\adawaretb
    2013-01-08 19:43:15 -------- d-----w- c:\program files\Toolbar Cleaner
    2013-01-08 19:42:16 -------- d-----w- c:\documents and settings\patrick\application data\Ad-Aware Antivirus
    2013-01-06 23:55:42 83760 ----a-w- c:\windows\system32\stkMonitor.dll
    2013-01-06 18:16:30 -------- d-----w- c:\documents and settings\patrick\application data\calibre
    2013-01-02 04:17:38 -------- d-----w- c:\program files\VideoLAN
    2013-01-02 03:34:20 -------- d-----w- c:\program files\VS Revo Group
    2013-01-02 02:53:32 -------- d-----w- c:\program files\AdvancedDVDPlayer
    2013-01-02 02:40:15 -------- d-----w- c:\documents and settings\patrick\application data\AVS4YOU
    2013-01-02 02:38:44 -------- d-----w- c:\documents and settings\all users\application data\AVS4YOU
    2013-01-02 02:37:20 974848 ----a-w- c:\windows\system32\mfc70.dll
    2013-01-02 02:37:20 487424 ----a-w- c:\windows\system32\msvcp70.dll
    2013-01-02 02:37:20 24576 ----a-w- c:\windows\system32\msxml3a.dll
    2013-01-02 02:37:20 1700352 ----a-w- c:\windows\system32\GdiPlus.dll
    2013-01-02 02:37:13 -------- d-----w- c:\program files\common files\AVSMedia
    2013-01-02 02:37:12 -------- d-----w- c:\program files\AVS4YOU
    2012-12-27 02:11:51 -------- d-----w- c:\documents and settings\patrick\application data\NoteTab Light
    2012-12-27 02:11:45 -------- d-----w- c:\program files\NoteTab Light
    2012-12-26 11:44:24 -------- d-----w- c:\documents and settings\patrick\local settings\application data\Wajam
    2012-12-26 03:22:02 -------- d-----w- c:\documents and settings\patrick\application data\InfraRecorder
    2012-12-26 03:20:20 -------- d-----w- c:\program files\InfraRecorder
    2012-12-25 22:13:48 40960 ----a-w- c:\windows\system32\SSubTmr6.dll
    2012-12-25 22:13:48 32768 ----a-w- c:\windows\system32\CMDLGFR.DLL
    2012-12-25 22:13:48 15360 ----a-w- c:\windows\system32\inetfr.DLL
    2012-12-25 22:13:48 141312 ----a-w- c:\windows\system32\MSCMCFR.DLL
    2012-12-25 22:13:48 119568 ----a-w- c:\windows\system32\VB6FR.DLL
    2012-12-25 22:13:48 115920 ----a-w- c:\windows\system32\msinet.OCX
    2012-12-25 22:13:48 101888 ----a-w- c:\windows\system32\VB6STKIT.DLL
    2012-12-25 22:13:47 -------- d-----w- c:\program files\Free Easy CD DVD Burner
    2012-12-25 22:13:47 -------- d-----w- c:\documents and settings\patrick\application data\FreeBurner
    2012-12-24 20:36:00 23040 -c--a-w- c:\windows\system32\dllcache\xrxwbtmp.dll
    2012-12-24 20:36:00 116224 -c--a-w- c:\windows\system32\dllcache\xrxwiadr.dll
    2012-12-24 20:35:59 27648 -c--a-w- c:\windows\system32\dllcache\xrxftplt.exe
    2012-12-24 20:35:59 18944 -c--a-w- c:\windows\system32\dllcache\xrxscnui.dll
    2012-12-24 20:35:58 4608 -c--a-w- c:\windows\system32\dllcache\xrxflnch.exe
    2012-12-24 20:35:11 99865 -c--a-w- c:\windows\system32\dllcache\xlog.exe
    2012-12-24 20:35:09 16970 -c--a-w- c:\windows\system32\dllcache\xem336n5.sys
    2012-12-24 20:35:07 19455 -c--a-w- c:\windows\system32\dllcache\wvchntxx.sys
    2012-12-24 20:35:01 19200 -c--a-w- c:\windows\system32\dllcache\wstcodec.sys
    2012-12-24 20:35:00 12063 -c--a-w- c:\windows\system32\dllcache\wsiintxx.sys
    2012-12-24 20:34:59 8192 -c--a-w- c:\windows\system32\dllcache\wshirda.dll
    2012-12-24 20:34:20 154624 -c--a-w- c:\windows\system32\dllcache\wlluc48.sys
    2012-12-24 20:34:19 34890 -c--a-w- c:\windows\system32\dllcache\wlandrv2.sys
    2012-12-24 20:34:09 771581 -c--a-w- c:\windows\system32\dllcache\winacisa.sys
    2012-12-24 20:34:05 53760 -c--a-w- c:\windows\system32\dllcache\wiamsmud.dll
    2012-12-24 20:34:04 87040 -c--a-w- c:\windows\system32\dllcache\wiafbdrv.dll
    2012-12-24 20:32:59 50688 -c--a-w- c:\windows\system32\dllcache\umaxscan.dll
    2012-12-24 20:31:54 48736 -c--a-w- c:\windows\system32\dllcache\srwlnd5.sys
    2012-12-24 20:30:47 161568 -c--a-w- c:\windows\system32\dllcache\sgsmusb.sys
    2012-12-24 20:29:59 79104 -c--a-w- c:\windows\system32\dllcache\rocket.sys
    2012-12-24 20:28:59 28032 -c--a-w- c:\windows\system32\dllcache\perm3.sys
    2012-12-24 20:27:58 87040 -c--a-w- c:\windows\system32\dllcache\nm6wdm.sys
    2012-12-24 20:26:55 2944 -c--a-w- c:\windows\system32\dllcache\msmpu401.sys
    2012-12-24 20:26:53 22016 -c--a-w- c:\windows\system32\dllcache\msircomm.sys
    2012-12-24 20:26:34 35200 -c--a-w- c:\windows\system32\dllcache\msgame.sys
    2012-12-24 20:26:32 6016 -c--a-w- c:\windows\system32\dllcache\msfsio.sys
    2012-12-24 20:26:31 51200 -c--a-w- c:\windows\system32\dllcache\msdv.sys
    2012-12-24 20:26:22 17280 -c--a-w- c:\windows\system32\dllcache\mraid35x.sys
    2012-12-24 20:26:13 15232 -c--a-w- c:\windows\system32\dllcache\mpe.sys
    2012-12-24 20:26:00 6528 -c--a-w- c:\windows\system32\dllcache\miniqic.sys
    2012-12-24 20:25:32 320384 -c--a-w- c:\windows\system32\dllcache\mgaum.sys
    2012-12-24 20:25:31 235648 -c--a-w- c:\windows\system32\dllcache\mgaud.dll
    2012-12-24 20:23:41 85504 -c--a-w- c:\windows\system32\dllcache\metada51.dll
    2012-12-24 20:23:28 47616 -c--a-w- c:\windows\system32\dllcache\memgrp.dll
    2012-12-24 20:23:28 26112 -c--a-w- c:\windows\system32\dllcache\memstpci.sys
    2012-12-24 20:23:27 8320 -c--a-w- c:\windows\system32\dllcache\memcard.sys
    2012-12-24 20:23:06 26624 -c--a-w- c:\windows\system32\dllcache\mdsync.dll
    2012-12-24 20:21:59 26442 -c--a-w- c:\windows\system32\dllcache\lanepic5.sys
    2012-12-24 20:20:56 45632 -c--a-w- c:\windows\system32\dllcache\ip5515.sys
    2012-12-24 20:19:14 1041536 -c--a-w- c:\windows\system32\dllcache\hsfdpsp2.sys
    2012-12-24 20:18:59 31232 -c--a-w- c:\windows\system32\dllcache\hpgt42tk.dll
    2012-12-24 20:17:59 71680 -c--a-w- c:\windows\system32\dllcache\fnfilter.dll
    2012-12-24 20:16:55 20192 -c--a-w- c:\windows\system32\dllcache\dpti2o.sys
    2012-12-24 20:15:59 27648 -c--a-w- c:\windows\system32\dllcache\cyyports.dll
    2012-12-24 20:14:56 7680 -c--a-w- c:\windows\system32\dllcache\cd20xrnt.sys
    2012-12-24 20:13:59 9728 -c--a-w- c:\windows\system32\dllcache\brcoinst.dll
    2012-12-24 20:12:59 26367 -c--a-w- c:\windows\system32\dllcache\ati1snxx.sys
    2012-12-24 20:11:59 23552 -c--a-w- c:\windows\system32\dllcache\abp480n5.sys
    2012-12-24 20:11:59 231552 -c--a-w- c:\windows\system32\dllcache\ac97ali.sys
    2012-12-24 20:11:58 462848 -c--a-w- c:\windows\system32\dllcache\a3dapi.dll
    2012-12-24 20:11:57 38400 -c--a-w- c:\windows\system32\dllcache\8514a.dll
    2012-12-24 20:11:56 48128 -c--a-w- c:\windows\system32\dllcache\61883.sys
    2012-12-24 20:11:55 148352 -c--a-w- c:\windows\system32\dllcache\3dfxvsm.sys
    2012-12-24 20:11:55 12288 -c--a-w- c:\windows\system32\dllcache\4mmdat.sys
    2012-12-24 20:11:54 689216 -c--a-w- c:\windows\system32\dllcache\3dfxvs.dll
    2012-12-24 20:11:53 762780 -c--a-w- c:\windows\system32\dllcache\3cwmcru.sys
    2012-12-24 20:11:53 11264 -c--a-w- c:\windows\system32\dllcache\1394vdbg.sys
    2012-12-24 20:11:50 53376 -c--a-w- c:\windows\system32\dllcache\1394bus.sys
    2012-12-24 20:10:55 66048 -c--a-w- c:\windows\system32\dllcache\s3legacy.dll
    2012-12-24 17:15:20 388096 ----a-r- c:\documents and settings\patrick\application data\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
    2012-12-24 17:15:19 -------- d-----w- c:\program files\Trend Micro
    2012-12-23 10:36:48 -------- d-----w- c:\documents and settings\patrick\application data\RealNetworks
    2012-12-23 10:35:45 -------- d-----w- c:\program files\RealNetworks
    2012-12-23 10:35:40 -------- d-----w- c:\documents and settings\all users\application data\RealNetworks
    2012-12-23 10:35:07 -------- d-----w- c:\program files\common files\xing shared
    2012-12-19 16:44:55 -------- d-----w- c:\documents and settings\patrick\local settings\application data\Karen's Power Tools
    2012-12-19 16:44:38 -------- d-----w- c:\program files\Karen's Power Tools
    2012-12-19 16:44:21 -------- d-----w- c:\documents and settings\all users\application data\Karen's Power Tools
    2012-12-14 18:46:47 -------- d-----w- c:\documents and settings\patrick\local settings\application data\PC_Drivers_Headquarters
    2012-12-13 08:08:35 -------- d-----w- c:\program files\Simple HTML To Text Converter 1.2
    2012-12-12 11:50:12 -------- d-----w- C:\OutFrontWebs
    .
    ==================== Find3M ====================
    .
    2012-12-16 12:23:59 290560 ----a-w- c:\windows\system32\atmfd.dll
    2012-12-14 23:49:28 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
    2012-12-12 10:41:49 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2012-12-12 10:41:49 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe
    2012-12-02 02:00:56 26984 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
    2012-11-17 02:44:01 123964 ----a-w- c:\windows\File Renamer - Basic Uninstaller.exe
    2012-11-13 01:25:12 1866368 ----a-w- c:\windows\system32\win32k.sys
    2012-11-06 02:01:39 1371648 ----a-w- c:\windows\system32\msxml6.dll
    2012-11-02 02:02:42 375296 ----a-w- c:\windows\system32\dpnet.dll
    2012-11-01 12:17:54 916992 ----a-w- c:\windows\system32\wininet.dll
    2012-11-01 12:17:54 43520 ------w- c:\windows\system32\licmgr10.dll
    2012-11-01 12:17:54 1469440 ------w- c:\windows\system32\inetcpl.cpl
    2012-11-01 00:35:34 385024 ------w- c:\windows\system32\html.iec
    2012-10-25 10:12:26 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
    2012-10-25 10:12:26 69632 ----a-w- c:\windows\system32\QuickTime.qts
    2012-10-22 20:02:46 179936 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
    2012-10-17 08:47:04 794906 ----a-w- c:\windows\unins000.exe
    2012-10-15 10:48:52 55776 ----a-w- c:\windows\system32\drivers\avgidshx.sys
    .
    ============= FINISH: 20:11:47.82 ===============

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 7:59:57 PM, on 1/8/2013
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\PROGRA~1\AVG\AVG2013\avgrsx.exe
    C:\Program Files\AVG\AVG2013\avgcsrvx.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
    C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
    C:\Program Files\AVG\AVG2013\avgidsagent.exe
    C:\Program Files\AVG\AVG2013\avgwdsvc.exe
    C:\WINDOWS\system32\CTsvcCDA.exe
    C:\Program Files\Java\jre7\bin\jqs.exe
    C:\Program Files\AVG\AVG2013\avgnsx.exe
    C:\Program Files\AVG\AVG2013\avgemcx.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
    C:\WINDOWS\system32\slserv.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
    C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe
    C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe
    C:\Program Files\AVG\AVG2013\avgui.exe
    C:\Program Files\Real\RealPlayer\update\realsched.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.exe
    C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe
    C:\PROGRA~1\AD-AWA~1\AdAware.exe
    C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe
    C:\Program Files\Mozilla Firefox\plugin-container.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\system32\msiexec.exe
    C:\WINDOWS\system32\wuauclt.exe
    \?\C:\WINDOWS\system32\WBEM\WMIADAP.EXE
    C:\Program Files\AVG Secure Search\vprot.exe
    C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
    C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
    C:\WINDOWS\SoftwareDistribution\Download\Install\NDP20SP2-KB2742596-x86.exe
    f:\aac09d1e1c94aa1f4a413b\HotFixInstaller.exe
    C:\WINDOWS\system32\MsiExec.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.findthepower.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R3 - URLSearchHook: FreeSoundRecorder Toolbar - {32b29df0-2237-4370-9a29-37cebb730e9b} - C:\Documents and Settings\Patrick\Local Settings\Application Data\CT2704262\ldrtbFree.dll
    R3 - URLSearchHook: (no name) - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - (no file)
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: SelectionLinksBHO - {300BEC06-B743-4D19-86B9-11DC711D7FFB} - C:\Program Files\OApps\SelectionLinks.dll (file missing)
    O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
    O2 - BHO: FreeSoundRecorder Toolbar - {32b29df0-2237-4370-9a29-37cebb730e9b} - C:\Documents and Settings\Patrick\Local Settings\Application Data\CT2704262\ldrtbFree.dll
    O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
    O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
    O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll
    O2 - BHO: Free Download Manager - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
    O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll
    O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
    O3 - Toolbar: FreeSoundRecorder Toolbar - {32b29df0-2237-4370-9a29-37cebb730e9b} - C:\Documents and Settings\Patrick\Local Settings\Application Data\CT2704262\ldrtbFree.dll
    O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll
    O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe"
    O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2013\avgui.exe" /TRAYONLY
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe /icon="hidden"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
    O4 - HKLM\..\Run: [Ad-Aware Browsing Protection] "C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.exe"
    O4 - HKLM\..\Run: [Ad-Aware Antivirus] "C:\Program Files\Ad-Aware Antivirus\AdAwareLauncher" --windows-run
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\RunOnce: [adawarebp] reg.exe delete "HKCU\Software\AppDataLow\Software\adawarebp" /f
    O4 - HKCU\..\RunOnce: [adawarebp_XP] reg.exe delete "HKCU\Software\adawarebp" /f
    O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
    O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
    O8 - Extra context menu item: Download video with Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
    O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1346066840812
    O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
    O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} (Creative Software AutoUpdate 2) - http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
    O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
    O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dll
    O20 - AppInit_DLLs: ??Ÿ
    O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
    O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
    O23 - Service: Ad-Aware Service - Lavasoft Limited - C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgidsagent.exe
    O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgwdsvc.exe
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
    O23 - Service: ZoneAlarm LTD Toolbar IswSvc (IswSvc) - Check Point Software Technologies - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
    O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
    O23 - Service: Ad-Aware (SBAMSvc) - GFI Software - C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe
    O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
    O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe
    O23 - Service: vToolbarUpdater13.2.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe

    --
    End of file - 11650 bytes
     
  7. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1083487

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice