Inappropriate Links Inserted Into Web Sites

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

HowdeeDoodee

Thread Starter
Joined
Aug 26, 2004
Messages
615
Using Firefox, I see hyperlinks inserted into my web site I did not put into the site. I see similar occurrences in other sites I visit. These hyperlinks are advertisements put into the text of an article by someone. Is there any way of preventing these hyperlinks from being inserted?

Thank you in advance for your reply.
 

Ent

Josiah
Trusted Advisor
Joined
Apr 11, 2009
Messages
5,467
Does this happen to all (or the majority of) sites you visit?
Which is your own site?
 

HowdeeDoodee

Thread Starter
Joined
Aug 26, 2004
Messages
615
I see this happening on many sites I visit. The weird thing is I can visit the same page in FF and the same page in IE and the FF page is the only page showing the advertising hyperlinks.
 

Ent

Josiah
Trusted Advisor
Joined
Apr 11, 2009
Messages
5,467
That's what I suspected.
The good news is that your site is probably not being hacked or infected with anything. (Though it's worth checking).
The bad news is that your computer probably is.

A lot of malware writers come up with the <sarcasm>bright new idea</sarcasm> of putting adverts in their victims' web browsing and claiming their cut. In fact the more reputable advert companies realize what's going on and refuse to hand over the cash, but that doesn't help you very much.

I'd suggest following the instructions in this thread and waiting for assistance from a malware removal expert.
http://forums.techguy.org/virus-other-malware-removal/943214-everyone-must-read-before-posting.html
I'll ask for this thread to be moved to the appropriate section of the site.
 

HowdeeDoodee

Thread Starter
Joined
Aug 26, 2004
Messages
615
Thank you. I had malware, which has been removed.

Thank you again. I will mark solved.
 

HowdeeDoodee

Thread Starter
Joined
Aug 26, 2004
Messages
615
The old issue referred to in the OP has come back. Two new issues have appeared.

New issue 1: System restore will not restore the computer to an earlier date. Restore points are visible but after the restore activity I get a message saying the system cannot be restored to the selected date.

New issue 2: GMER was run but would not complete the run. I get a notice (web screen) referring to the blue screen. I did not have a blue screen.

Here are the attach, dds, and hijackthis files.

Thank you in advance for any help.


ATTACH ATTACH ATTACH ATTACH

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume3
Install Date: 1/4/2012 1:02:58 PM
System Uptime: 1/8/2013 6:29:45 AM (14 hours ago)
.
Motherboard: XFX | | MG-63MI-7059
Processor: Intel(R) Pentium(R) D CPU 3.20GHz | CPU 1 | 3200/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 298 GiB total, 240.029 GiB free.
D: is FIXED (NTFS) - 298 GiB total, 189.552 GiB free.
E: is CDROM ()
F: is FIXED (NTFS) - 932 GiB total, 555.733 GiB free.
G: is FIXED (NTFS) - 932 GiB total, 305.801 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA}
Description: USB Receiver
Device ID: USB\VID_046D&PID_C505&MI_01\7&109B7ECE&0&0001
Manufacturer: Logitech
Name: USB Receiver
PNP Device ID: USB\VID_046D&PID_C505&MI_01\7&109B7ECE&0&0001
Service:
.
==== System Restore Points ===================
.
RP377: 12/2/2012 12:38:32 PM - Installed AVG 2013
RP378: 12/3/2012 3:35:31 PM - System Checkpoint
RP379: 12/4/2012 8:42:16 AM - Installed USB Mass Storage Toolbox
RP380: 12/5/2012 10:30:05 AM - System Checkpoint
RP381: 12/6/2012 11:14:22 AM - System Checkpoint
RP382: 12/7/2012 12:18:38 PM - System Checkpoint
RP383: 12/8/2012 1:24:17 PM - System Checkpoint
RP384: 12/9/2012 1:25:09 PM - System Checkpoint
RP385: 12/10/2012 2:56:59 PM - System Checkpoint
RP386: 12/11/2012 3:24:00 PM - System Checkpoint
RP387: 12/12/2012 4:23:50 PM - System Checkpoint
RP388: 12/13/2012 3:00:34 AM - Software Distribution Service 3.0
RP389: 12/14/2012 5:47:41 AM - System Checkpoint
RP390: 12/14/2012 11:45:04 AM - Installed Driver Manager.
RP391: 12/14/2012 12:07:31 PM - Removed Driver Manager.
RP392: 12/15/2012 1:09:22 PM - System Checkpoint
RP393: 12/16/2012 1:32:45 PM - System Checkpoint
RP394: 12/17/2012 2:49:18 PM - System Checkpoint
RP395: 12/18/2012 2:57:10 PM - System Checkpoint
RP396: 12/19/2012 3:32:32 PM - System Checkpoint
RP397: 12/20/2012 4:04:48 PM - System Checkpoint
RP398: 12/21/2012 4:46:24 PM - System Checkpoint
RP399: 12/22/2012 3:00:19 AM - Software Distribution Service 3.0
RP400: 12/23/2012 7:16:11 AM - System Checkpoint
RP401: 12/24/2012 7:58:27 AM - System Checkpoint
RP402: 12/24/2012 10:15:18 AM - Installed HiJackThis
RP403: 12/24/2012 4:26:39 PM - Removed Adobe Reader X (10.1.4).
RP404: 12/25/2012 1:55:24 PM - Installed Nero - Burning Rom
RP405: 12/25/2012 2:14:51 PM - Removed Nero - Burning Rom
RP406: 12/26/2012 3:40:03 PM - System Checkpoint
RP407: 12/27/2012 4:06:40 PM - System Checkpoint
RP408: 12/28/2012 4:54:01 PM - System Checkpoint
RP409: 12/29/2012 5:31:13 PM - System Checkpoint
RP410: 12/30/2012 6:17:27 PM - System Checkpoint
RP411: 12/31/2012 7:11:00 PM - System Checkpoint
RP412: 1/1/2013 9:52:08 PM - System Checkpoint
RP413: 1/2/2013 11:23:52 PM - System Checkpoint
RP414: 1/4/2013 2:42:46 AM - System Checkpoint
RP415: 1/5/2013 12:08:55 AM - Software Distribution Service 3.0
RP416: 1/6/2013 2:32:48 AM - System Checkpoint
RP417: 1/6/2013 11:15:28 AM - Installed calibre
RP418: 1/6/2013 11:48:42 AM - Removed calibre
RP419: 1/6/2013 4:56:26 PM - Printer Driver Send to Kindle Installed
RP420: 1/6/2013 5:09:29 PM - Printer Driver Send to Kindle Installed
RP421: 1/7/2013 6:50:57 PM - System Checkpoint
RP422: 1/8/2013 7:29:58 PM - Software Distribution Service 3.0
.
==== Installed Programs ======================
.
A.F.9 Replace some bytes 1.2
Acronis*True*Image*Home
Ad-Aware Antivirus
Ad-Aware Browsing Protection
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader XI
Advanced DVD Player
Agent Ransack 2010
Amazon Kindle
Amazon Send to Kindle
Apple Application Support
Apple Software Update
ASAP Utilities
Audacity 2.0.2
AVG 2013
AVG Security Toolbar
Bulk Rename Utility 2.7.1.2
Canon Easy-PhotoPrint EX
Canon Easy-WebPrint EX
Canon MP Navigator EX 4.0
Canon MP280 series MP Drivers
Canon MP280 series User Registration
Canon My Printer
Canon Solution Menu EX
CCleaner
CodeStuff Starter
Compatibility Pack for the 2007 Office system
Copy File Name 2.0.0.11
CPUID CPU-Z 1.61.3
Creative MediaSource 5
Creative Software AutoUpdate
Creative WaveStudio 7
Data Lifeguard Diagnostic for Windows 1.24
DocFetcher
File Renamer - Basic
File Splitter and Joiner (FFSJ v3.3)
FileZilla Client 3.6.0.2
Foxit Reader 5.1
Free Download Manager 3.9
Free Sound Recorder v9.3.1
Free Window Registry Repair
FreeSoundRecorder Toolbar
FrostWire 5.5.1
HiJackThis
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB2756822)
Hotfix for Windows XP (KB2779562)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
HTTPWeazel Version 1.09
InfraRecorder
Java 7 Update 9
Java Auto Updater
jZip
Karen's Directory Printer
Kiwix 0.9 rc1
LinkChecker 7.4
Logitech iTouch Software
Logitech MouseWare 9.71
Logitech Resource Center
Malwarebytes Anti-Malware version 1.70.0.1100
MatSpoon FileSearch 0.3.1
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft FrontPage 2000 SR-1
Microsoft Image Composer 1.5
Microsoft Office File Validation Add-In
Microsoft Office Professional Edition 2003
Microsoft Publisher 2000
Microsoft Silverlight
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Mozilla Firefox 17.0.1 (x86 en-US)
Mozilla Maintenance Service
Notepad++
NoteTab Light 7 (Remove only)
NVIDIA Drivers
NVIDIA nTune
OutFront Web Template
PC Wizard 2010.1.96
QuickTime
RealDownloader
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealNetworks - Microsoft Visual C++ 2010 Runtime
Realtek High Definition Audio Driver
RealUpgrade 1.1
Repair PDF File Free 1.0
Revo Uninstaller 1.94
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft Windows (KB2564958)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB2647516)
Security Update for Windows Internet Explorer 8 (KB2675157)
Security Update for Windows Internet Explorer 8 (KB2699988)
Security Update for Windows Internet Explorer 8 (KB2722913)
Security Update for Windows Internet Explorer 8 (KB2744842)
Security Update for Windows Internet Explorer 8 (KB2761465)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2510581)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2544521)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618444)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2621440)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB2641653)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2647518)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2655992)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2660465)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2685939)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2691442)
Security Update for Windows XP (KB2695962)
Security Update for Windows XP (KB2698365)
Security Update for Windows XP (KB2705219)
Security Update for Windows XP (KB2707511)
Security Update for Windows XP (KB2709162)
Security Update for Windows XP (KB2712808)
Security Update for Windows XP (KB2718523)
Security Update for Windows XP (KB2719985)
Security Update for Windows XP (KB2723135)
Security Update for Windows XP (KB2724197)
Security Update for Windows XP (KB2727528)
Security Update for Windows XP (KB2731847)
Security Update for Windows XP (KB2753842-v2)
Security Update for Windows XP (KB2753842)
Security Update for Windows XP (KB2757638)
Security Update for Windows XP (KB2758857)
Security Update for Windows XP (KB2761226)
Security Update for Windows XP (KB2770660)
Security Update for Windows XP (KB2779030)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982665)
SelectionLinks
Simple HTML To Text Converter 1.2
SUPERAntiSpyware
The Guide
TSR Copy Changed Files software version 1.7.0.1
TXTcollector
UltraExplorer 2.0.3.1
UltraSearch V1.6.1
Unlocker 1.9.1
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB2598845)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2641690)
Update for Windows XP (KB2661254-v2)
Update for Windows XP (KB2718704)
Update for Windows XP (KB2736233)
Update for Windows XP (KB2749655)
Update for Windows XP (KB898461)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Url Extractor Ver 1.0
USB Mass Storage Toolbox
VC 9.0 Runtime
Visual C++ 8.0 CRT (x86) WinSXS MSM
Visual C++ 8.0 CRT.Policy (x86) WinSXS MSM
VLC media player 2.0.5
WebFldrs XP
Windows Genuine Advantage Notifications (KB905474)
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Media Player 11
WinHTTrack Website Copier 3.46-1
WinMerge 2.12.4
Yahoo! Detect
ZoneAlarm Firewall
ZoneAlarm Free
ZoneAlarm Security
.
==== Event Viewer Messages From Past Week ========
.
1/8/2013 8:05:17 PM, error: Service Control Manager [7016] - The SmartLinkService service has reported an invalid current state 0.
1/4/2013 1:02:46 PM, error: Print [6161] - The document Microsoft Word - Confidentiality Agreement Prospective Licensee_Roth.doc owned by Patrick failed to print on printer Canon MP280 series Printer. Data type: NT EMF 1.008. Size of the spool file in bytes: 327680. Number of bytes printed: 12908. Total number of pages in the document: 2. Number of pages printed: 0. Client machine: \\PATRICK-E596960. Win32 error code returned by the print processor: 13 (0xd).
1/1/2013 9:30:31 AM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the avgwd service.
1/1/2013 9:03:29 PM, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.
1/1/2013 2:20:17 PM, error: atapi [9] - The device, \Device\Ide\IdePort2, did not respond within the timeout period.
1/1/2013 2:20:17 PM, error: atapi [11] - The driver detected a controller error on \Device\Ide\IdePort2.
1/1/2013 10:16:39 AM, error: Service Control Manager [7024] - The TrueVector Internet Monitor service terminated with service-specific error 0 (0x0).
.
==== End Of File ===========================

DDS DDS DDS DDS DDS DDS

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.9.2
Run by Patrick at 20:05:13 on 2013-01-08
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1919.1028 [GMT -7:00]
.
AV: AVG Anti-Virus Free Edition 2013 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: Lavasoft Ad-Aware *Disabled/Updated* {964FCE60-0B18-4D30-ADD6-EB178909041C}
FW: Lavasoft Ad-Aware *Disabled*
FW: ZoneAlarm Free Firewall *Enabled*
.
============== Running Processes ================
.
C:\WINDOWS\Explorer.EXE
C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Real\RealPlayer\update\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.exe
C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe
C:\PROGRA~1\AD-AWA~1\AdAware.exe
C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\AVG Secure Search\vprot.exe
C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
C:\WINDOWS\notepad.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
\\?\C:\WINDOWS\system32\WBEM\WMIADAP.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.findthepower.com/
uURLSearchHooks: FreeSoundRecorder Toolbar: {32b29df0-2237-4370-9a29-37cebb730e9b} - c:\documents and settings\patrick\local settings\application data\ct2704262\ldrtbFree.dll
uURLSearchHooks: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - <orphaned>
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: SelectionLinksBHO Class: {300BEC06-B743-4D19-86B9-11DC711D7FFB} -
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\ie\rndlbrowserrecordplugin.dll
BHO: FreeSoundRecorder Toolbar: {32b29df0-2237-4370-9a29-37cebb730e9b} - c:\documents and settings\patrick\local settings\application data\ct2704262\ldrtbFree.dll
BHO: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - c:\program files\canon\easy-webprint ex\ewpexbho.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: ZoneAlarm Security Engine Registrar: {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - c:\program files\checkpoint\zaforcefield\trustchecker\bin\TrustCheckerIEPlugin.dll
BHO: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg secure search\13.2.0.5\AVG Secure Search_toolbar.dll
BHO: Free Download Manager: {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - c:\program files\free download manager\iefdm2.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: ZoneAlarm Security Engine: {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - c:\program files\checkpoint\zaforcefield\trustchecker\bin\TrustCheckerIEPlugin.dll
TB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file>
TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - c:\program files\canon\easy-webprint ex\ewpexhlp.dll
TB: FreeSoundRecorder Toolbar: {32B29DF0-2237-4370-9A29-37CEBB730E9B} - c:\documents and settings\patrick\local settings\application data\ct2704262\ldrtbFree.dll
TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - c:\program files\canon\easy-webprint ex\ewpexhlp.dll
TB: ZoneAlarm Security Engine: {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - c:\program files\checkpoint\zaforcefield\trustchecker\bin\TrustCheckerIEPlugin.dll
TB: FreeSoundRecorder Toolbar: {32b29df0-2237-4370-9a29-37cebb730e9b} - c:\documents and settings\patrick\local settings\application data\ct2704262\ldrtbFree.dll
TB: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg secure search\13.2.0.5\AVG Secure Search_toolbar.dll
EB: Canon Easy-WebPrint EX: {21347690-EC41-4F9A-8887-1F4AEE672439} - c:\program files\canon\easy-webprint ex\ewpexhlp.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRunOnce: [adawarebp] reg.exe delete "HKCU\Software\AppDataLow\Software\adawarebp" /f
uRunOnce: [adawarebp_XP] reg.exe delete "HKCU\Software\adawarebp" /f
mRun: [ZoneAlarm] "c:\program files\checkpoint\zonealarm\zatray.exe"
mRun: [AVG_UI] "c:\program files\avg\avg2013\avgui.exe" /TRAYONLY
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [ISW] c:\program files\checkpoint\zaforcefield\ForceField.exe /icon="hidden"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
mRun: [Ad-Aware Browsing Protection] "c:\documents and settings\all users\application data\ad-aware browsing protection\adawarebp.exe"
mRun: [Ad-Aware Antivirus] "c:\program files\ad-aware antivirus\AdAwareLauncher" --windows-run
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoDriveAutoRun = dword:-1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: Download all with Free Download Manager - c:\program files\free download manager\dlall.htm
IE: Download selected with Free Download Manager - c:\program files\free download manager\dlselected.htm
IE: Download video with Free Download Manager - c:\program files\free download manager\dlfvideo.htm
IE: Download with Free Download Manager - c:\program files\free download manager\dllink.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1346066840812
DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab
TCP: NameServer = 192.168.0.1 205.171.3.25
TCP: Interfaces\{DC4CDC52-944F-44EC-831F-C6E5626C23FF} : DHCPNameServer = 192.168.0.1 205.171.3.25
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - <orphaned>
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\13.2.0\ViProtocol.dll
AppInit_DLLs= ??Ÿ
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\superantispyware\SASSEH.DLL
LSA: Authentication Packages = msv1_0 relog_ap
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\patrick\application data\mozilla\firefox\profiles\8al7z3nv.default\
FF - prefs.js: browser.startup.homepage - hxxp://drudgereport.com/
FF - plugin: c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlchromebrowserrecordext.dll
FF - plugin: c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlhtml5videoshim.dll
FF - plugin: c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlpepperflashvideoshim.dll
FF - plugin: c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\npdlplugin.dll
FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\canon\easy-photoprint ex\NPEZFFPI.DLL
FF - plugin: c:\program files\checkpoint\zaforcefield\trustchecker\bin\npFFApi.dll
FF - plugin: c:\program files\common files\avg secure search\sitesafetyinstaller\13.2.0\npsitesafety.dll
FF - plugin: c:\program files\foxit software\foxit reader\plugins\npFoxitReaderPlugin.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: c:\program files\real\realplayer\netscape6\nprpplugin.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_5_502_135.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - plugin: c:\windows\system32\npptools.dll
FF - ExtSQL: 2012-12-01 19:01; [email protected]; c:\documents and settings\all users\application data\avg secure search\firefoxext\13.2.0.5
FF - ExtSQL: 2012-12-23 03:35; {34712C68-7391-4c47-94F3-8F88D49AD632}; c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\firefox\Ext
FF - ExtSQL: 2012-12-26 04:44; [email protected]; c:\documents and settings\patrick\application data\mozilla\firefox\profiles\8al7z3nv.default\extensions\[email protected]
FF - ExtSQL: 2013-01-08 12:43; [email protected]; c:\documents and settings\patrick\application data\mozilla\firefox\profiles\8al7z3nv.default\extensions\[email protected]
.
---- FIREFOX POLICIES ----
user_pref('extensions.autoDisableScopes', 0);user_pref('security.csp.enable', false);user_pref('security.OCSP.enabled', 0);
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-10-15 55776]
R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2012-9-21 177376]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2012-10-5 93536]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2012-9-14 35552]
R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2012-10-22 179936]
R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2012-9-21 19936]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2012-10-2 159712]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2012-9-21 164832]
R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2012-12-1 26984]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
R1 Vsdatant;vsdatant;c:\windows\system32\vsdatant.sys [2012-3-19 525840]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCORE.EXE [2011-8-11 116608]
R2 Ad-Aware Service;Ad-Aware Service;c:\program files\ad-aware antivirus\AdAwareService.exe [2012-12-14 1236968]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2013\avgidsagent.exe [2012-11-6 5814392]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2013\avgwdsvc.exe [2012-10-22 196664]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
R2 ISWKL;ZoneAlarm LTD Toolbar ISWKL;c:\program files\checkpoint\zaforcefield\ISWKL.sys [2011-11-3 27016]
R2 IswSvc;ZoneAlarm LTD Toolbar IswSvc;c:\program files\checkpoint\zaforcefield\ISWSVC.exe [2011-11-3 497280]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files\realnetworks\realdownloader\rndlresolversvc.exe [2012-11-29 38608]
R2 SBAMSvc;Ad-Aware;c:\program files\ad-aware antivirus\SBAMSvc.exe [2012-9-20 3677000]
R2 vsmon;TrueVector Internet Monitor;c:\program files\checkpoint\zonealarm\vsmon.exe -service --> c:\program files\checkpoint\zonealarm\vsmon.exe -service [?]
R2 vToolbarUpdater13.2.0;vToolbarUpdater13.2.0;c:\program files\common files\avg secure search\vtoolbarupdater\13.2.0\ToolbarUpdater.exe [2012-12-1 711112]
S0 gfibto;gfibto;c:\windows\system32\drivers\gfibto.sys [2013-1-8 13560]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2012-9-21 1691480]
S3 cpuz134;cpuz134;c:\program files\cpuid\pc wizard 2010\pcwiz_x32.sys [2012-1-5 20328]
S3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys [2012-1-16 16472]
S3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys [2012-1-16 11104]
S3 sbusb;Sound Blaster USB Audio Driver;c:\windows\system32\drivers\sbusb.sys [2012-1-5 1694592]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2013-01-09 02:26:40 -------- d-----w- c:\program files\Click Search Click Removal Tool
2013-01-09 00:19:42 -------- d-----w- c:\documents and settings\all users\application data\Ad-Aware Antivirus
2013-01-09 00:19:27 -------- d-----w- c:\documents and settings\patrick\application data\LavasoftStatistics
2013-01-08 19:47:06 -------- d-----w- c:\program files\Ad-Aware Antivirus
2013-01-08 19:45:29 -------- d-----w- c:\documents and settings\patrick\local settings\application data\Downloaded Installations
2013-01-08 19:45:18 44424 ----a-w- c:\windows\system32\sbbd.exe
2013-01-08 19:45:18 13560 ----a-w- c:\windows\system32\drivers\gfibto.sys
2013-01-08 19:43:22 -------- d-----w- c:\documents and settings\patrick\local settings\application data\adawarebp
2013-01-08 19:43:22 -------- d-----w- c:\documents and settings\all users\application data\blekko toolbars
2013-01-08 19:43:20 -------- d-----w- c:\documents and settings\all users\application data\Ad-Aware Browsing Protection
2013-01-08 19:43:16 -------- d-----w- c:\program files\adawaretb
2013-01-08 19:43:16 -------- d-----w- c:\documents and settings\patrick\application data\adawaretb
2013-01-08 19:43:15 -------- d-----w- c:\program files\Toolbar Cleaner
2013-01-08 19:42:16 -------- d-----w- c:\documents and settings\patrick\application data\Ad-Aware Antivirus
2013-01-06 23:55:42 83760 ----a-w- c:\windows\system32\stkMonitor.dll
2013-01-06 18:16:30 -------- d-----w- c:\documents and settings\patrick\application data\calibre
2013-01-02 04:17:38 -------- d-----w- c:\program files\VideoLAN
2013-01-02 03:34:20 -------- d-----w- c:\program files\VS Revo Group
2013-01-02 02:53:32 -------- d-----w- c:\program files\AdvancedDVDPlayer
2013-01-02 02:40:15 -------- d-----w- c:\documents and settings\patrick\application data\AVS4YOU
2013-01-02 02:38:44 -------- d-----w- c:\documents and settings\all users\application data\AVS4YOU
2013-01-02 02:37:20 974848 ----a-w- c:\windows\system32\mfc70.dll
2013-01-02 02:37:20 487424 ----a-w- c:\windows\system32\msvcp70.dll
2013-01-02 02:37:20 24576 ----a-w- c:\windows\system32\msxml3a.dll
2013-01-02 02:37:20 1700352 ----a-w- c:\windows\system32\GdiPlus.dll
2013-01-02 02:37:13 -------- d-----w- c:\program files\common files\AVSMedia
2013-01-02 02:37:12 -------- d-----w- c:\program files\AVS4YOU
2012-12-27 02:11:51 -------- d-----w- c:\documents and settings\patrick\application data\NoteTab Light
2012-12-27 02:11:45 -------- d-----w- c:\program files\NoteTab Light
2012-12-26 11:44:24 -------- d-----w- c:\documents and settings\patrick\local settings\application data\Wajam
2012-12-26 03:22:02 -------- d-----w- c:\documents and settings\patrick\application data\InfraRecorder
2012-12-26 03:20:20 -------- d-----w- c:\program files\InfraRecorder
2012-12-25 22:13:48 40960 ----a-w- c:\windows\system32\SSubTmr6.dll
2012-12-25 22:13:48 32768 ----a-w- c:\windows\system32\CMDLGFR.DLL
2012-12-25 22:13:48 15360 ----a-w- c:\windows\system32\inetfr.DLL
2012-12-25 22:13:48 141312 ----a-w- c:\windows\system32\MSCMCFR.DLL
2012-12-25 22:13:48 119568 ----a-w- c:\windows\system32\VB6FR.DLL
2012-12-25 22:13:48 115920 ----a-w- c:\windows\system32\msinet.OCX
2012-12-25 22:13:48 101888 ----a-w- c:\windows\system32\VB6STKIT.DLL
2012-12-25 22:13:47 -------- d-----w- c:\program files\Free Easy CD DVD Burner
2012-12-25 22:13:47 -------- d-----w- c:\documents and settings\patrick\application data\FreeBurner
2012-12-24 20:36:00 23040 -c--a-w- c:\windows\system32\dllcache\xrxwbtmp.dll
2012-12-24 20:36:00 116224 -c--a-w- c:\windows\system32\dllcache\xrxwiadr.dll
2012-12-24 20:35:59 27648 -c--a-w- c:\windows\system32\dllcache\xrxftplt.exe
2012-12-24 20:35:59 18944 -c--a-w- c:\windows\system32\dllcache\xrxscnui.dll
2012-12-24 20:35:58 4608 -c--a-w- c:\windows\system32\dllcache\xrxflnch.exe
2012-12-24 20:35:11 99865 -c--a-w- c:\windows\system32\dllcache\xlog.exe
2012-12-24 20:35:09 16970 -c--a-w- c:\windows\system32\dllcache\xem336n5.sys
2012-12-24 20:35:07 19455 -c--a-w- c:\windows\system32\dllcache\wvchntxx.sys
2012-12-24 20:35:01 19200 -c--a-w- c:\windows\system32\dllcache\wstcodec.sys
2012-12-24 20:35:00 12063 -c--a-w- c:\windows\system32\dllcache\wsiintxx.sys
2012-12-24 20:34:59 8192 -c--a-w- c:\windows\system32\dllcache\wshirda.dll
2012-12-24 20:34:20 154624 -c--a-w- c:\windows\system32\dllcache\wlluc48.sys
2012-12-24 20:34:19 34890 -c--a-w- c:\windows\system32\dllcache\wlandrv2.sys
2012-12-24 20:34:09 771581 -c--a-w- c:\windows\system32\dllcache\winacisa.sys
2012-12-24 20:34:05 53760 -c--a-w- c:\windows\system32\dllcache\wiamsmud.dll
2012-12-24 20:34:04 87040 -c--a-w- c:\windows\system32\dllcache\wiafbdrv.dll
2012-12-24 20:32:59 50688 -c--a-w- c:\windows\system32\dllcache\umaxscan.dll
2012-12-24 20:31:54 48736 -c--a-w- c:\windows\system32\dllcache\srwlnd5.sys
2012-12-24 20:30:47 161568 -c--a-w- c:\windows\system32\dllcache\sgsmusb.sys
2012-12-24 20:29:59 79104 -c--a-w- c:\windows\system32\dllcache\rocket.sys
2012-12-24 20:28:59 28032 -c--a-w- c:\windows\system32\dllcache\perm3.sys
2012-12-24 20:27:58 87040 -c--a-w- c:\windows\system32\dllcache\nm6wdm.sys
2012-12-24 20:26:55 2944 -c--a-w- c:\windows\system32\dllcache\msmpu401.sys
2012-12-24 20:26:53 22016 -c--a-w- c:\windows\system32\dllcache\msircomm.sys
2012-12-24 20:26:34 35200 -c--a-w- c:\windows\system32\dllcache\msgame.sys
2012-12-24 20:26:32 6016 -c--a-w- c:\windows\system32\dllcache\msfsio.sys
2012-12-24 20:26:31 51200 -c--a-w- c:\windows\system32\dllcache\msdv.sys
2012-12-24 20:26:22 17280 -c--a-w- c:\windows\system32\dllcache\mraid35x.sys
2012-12-24 20:26:13 15232 -c--a-w- c:\windows\system32\dllcache\mpe.sys
2012-12-24 20:26:00 6528 -c--a-w- c:\windows\system32\dllcache\miniqic.sys
2012-12-24 20:25:32 320384 -c--a-w- c:\windows\system32\dllcache\mgaum.sys
2012-12-24 20:25:31 235648 -c--a-w- c:\windows\system32\dllcache\mgaud.dll
2012-12-24 20:23:41 85504 -c--a-w- c:\windows\system32\dllcache\metada51.dll
2012-12-24 20:23:28 47616 -c--a-w- c:\windows\system32\dllcache\memgrp.dll
2012-12-24 20:23:28 26112 -c--a-w- c:\windows\system32\dllcache\memstpci.sys
2012-12-24 20:23:27 8320 -c--a-w- c:\windows\system32\dllcache\memcard.sys
2012-12-24 20:23:06 26624 -c--a-w- c:\windows\system32\dllcache\mdsync.dll
2012-12-24 20:21:59 26442 -c--a-w- c:\windows\system32\dllcache\lanepic5.sys
2012-12-24 20:20:56 45632 -c--a-w- c:\windows\system32\dllcache\ip5515.sys
2012-12-24 20:19:14 1041536 -c--a-w- c:\windows\system32\dllcache\hsfdpsp2.sys
2012-12-24 20:18:59 31232 -c--a-w- c:\windows\system32\dllcache\hpgt42tk.dll
2012-12-24 20:17:59 71680 -c--a-w- c:\windows\system32\dllcache\fnfilter.dll
2012-12-24 20:16:55 20192 -c--a-w- c:\windows\system32\dllcache\dpti2o.sys
2012-12-24 20:15:59 27648 -c--a-w- c:\windows\system32\dllcache\cyyports.dll
2012-12-24 20:14:56 7680 -c--a-w- c:\windows\system32\dllcache\cd20xrnt.sys
2012-12-24 20:13:59 9728 -c--a-w- c:\windows\system32\dllcache\brcoinst.dll
2012-12-24 20:12:59 26367 -c--a-w- c:\windows\system32\dllcache\ati1snxx.sys
2012-12-24 20:11:59 23552 -c--a-w- c:\windows\system32\dllcache\abp480n5.sys
2012-12-24 20:11:59 231552 -c--a-w- c:\windows\system32\dllcache\ac97ali.sys
2012-12-24 20:11:58 462848 -c--a-w- c:\windows\system32\dllcache\a3dapi.dll
2012-12-24 20:11:57 38400 -c--a-w- c:\windows\system32\dllcache\8514a.dll
2012-12-24 20:11:56 48128 -c--a-w- c:\windows\system32\dllcache\61883.sys
2012-12-24 20:11:55 148352 -c--a-w- c:\windows\system32\dllcache\3dfxvsm.sys
2012-12-24 20:11:55 12288 -c--a-w- c:\windows\system32\dllcache\4mmdat.sys
2012-12-24 20:11:54 689216 -c--a-w- c:\windows\system32\dllcache\3dfxvs.dll
2012-12-24 20:11:53 762780 -c--a-w- c:\windows\system32\dllcache\3cwmcru.sys
2012-12-24 20:11:53 11264 -c--a-w- c:\windows\system32\dllcache\1394vdbg.sys
2012-12-24 20:11:50 53376 -c--a-w- c:\windows\system32\dllcache\1394bus.sys
2012-12-24 20:10:55 66048 -c--a-w- c:\windows\system32\dllcache\s3legacy.dll
2012-12-24 17:15:20 388096 ----a-r- c:\documents and settings\patrick\application data\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2012-12-24 17:15:19 -------- d-----w- c:\program files\Trend Micro
2012-12-23 10:36:48 -------- d-----w- c:\documents and settings\patrick\application data\RealNetworks
2012-12-23 10:35:45 -------- d-----w- c:\program files\RealNetworks
2012-12-23 10:35:40 -------- d-----w- c:\documents and settings\all users\application data\RealNetworks
2012-12-23 10:35:07 -------- d-----w- c:\program files\common files\xing shared
2012-12-19 16:44:55 -------- d-----w- c:\documents and settings\patrick\local settings\application data\Karen's Power Tools
2012-12-19 16:44:38 -------- d-----w- c:\program files\Karen's Power Tools
2012-12-19 16:44:21 -------- d-----w- c:\documents and settings\all users\application data\Karen's Power Tools
2012-12-14 18:46:47 -------- d-----w- c:\documents and settings\patrick\local settings\application data\PC_Drivers_Headquarters
2012-12-13 08:08:35 -------- d-----w- c:\program files\Simple HTML To Text Converter 1.2
2012-12-12 11:50:12 -------- d-----w- C:\OutFrontWebs
.
==================== Find3M ====================
.
2012-12-16 12:23:59 290560 ----a-w- c:\windows\system32\atmfd.dll
2012-12-14 23:49:28 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-12-12 10:41:49 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-12-12 10:41:49 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-12-02 02:00:56 26984 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
2012-11-17 02:44:01 123964 ----a-w- c:\windows\File Renamer - Basic Uninstaller.exe
2012-11-13 01:25:12 1866368 ----a-w- c:\windows\system32\win32k.sys
2012-11-06 02:01:39 1371648 ----a-w- c:\windows\system32\msxml6.dll
2012-11-02 02:02:42 375296 ----a-w- c:\windows\system32\dpnet.dll
2012-11-01 12:17:54 916992 ----a-w- c:\windows\system32\wininet.dll
2012-11-01 12:17:54 43520 ------w- c:\windows\system32\licmgr10.dll
2012-11-01 12:17:54 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-11-01 00:35:34 385024 ------w- c:\windows\system32\html.iec
2012-10-25 10:12:26 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2012-10-25 10:12:26 69632 ----a-w- c:\windows\system32\QuickTime.qts
2012-10-22 20:02:46 179936 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
2012-10-17 08:47:04 794906 ----a-w- c:\windows\unins000.exe
2012-10-15 10:48:52 55776 ----a-w- c:\windows\system32\drivers\avgidshx.sys
.
============= FINISH: 20:11:47.82 ===============

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:59:57 PM, on 1/8/2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\PROGRA~1\AVG\AVG2013\avgrsx.exe
C:\Program Files\AVG\AVG2013\avgcsrvx.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files\AVG\AVG2013\avgidsagent.exe
C:\Program Files\AVG\AVG2013\avgwdsvc.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\AVG\AVG2013\avgnsx.exe
C:\Program Files\AVG\AVG2013\avgemcx.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe
C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe
C:\Program Files\AVG\AVG2013\avgui.exe
C:\Program Files\Real\RealPlayer\update\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.exe
C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe
C:\PROGRA~1\AD-AWA~1\AdAware.exe
C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\wuauclt.exe
\?\C:\WINDOWS\system32\WBEM\WMIADAP.EXE
C:\Program Files\AVG Secure Search\vprot.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
C:\WINDOWS\SoftwareDistribution\Download\Install\NDP20SP2-KB2742596-x86.exe
f:\aac09d1e1c94aa1f4a413b\HotFixInstaller.exe
C:\WINDOWS\system32\MsiExec.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.findthepower.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - URLSearchHook: FreeSoundRecorder Toolbar - {32b29df0-2237-4370-9a29-37cebb730e9b} - C:\Documents and Settings\Patrick\Local Settings\Application Data\CT2704262\ldrtbFree.dll
R3 - URLSearchHook: (no name) - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SelectionLinksBHO - {300BEC06-B743-4D19-86B9-11DC711D7FFB} - C:\Program Files\OApps\SelectionLinks.dll (file missing)
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: FreeSoundRecorder Toolbar - {32b29df0-2237-4370-9a29-37cebb730e9b} - C:\Documents and Settings\Patrick\Local Settings\Application Data\CT2704262\ldrtbFree.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll
O2 - BHO: Free Download Manager - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll
O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O3 - Toolbar: FreeSoundRecorder Toolbar - {32b29df0-2237-4370-9a29-37cebb730e9b} - C:\Documents and Settings\Patrick\Local Settings\Application Data\CT2704262\ldrtbFree.dll
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll
O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2013\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe /icon="hidden"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [Ad-Aware Browsing Protection] "C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.exe"
O4 - HKLM\..\Run: [Ad-Aware Antivirus] "C:\Program Files\Ad-Aware Antivirus\AdAwareLauncher" --windows-run
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\RunOnce: [adawarebp] reg.exe delete "HKCU\Software\AppDataLow\Software\adawarebp" /f
O4 - HKCU\..\RunOnce: [adawarebp_XP] reg.exe delete "HKCU\Software\adawarebp" /f
O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download video with Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1346066840812
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} (Creative Software AutoUpdate 2) - http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dll
O20 - AppInit_DLLs: ??Ÿ
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Ad-Aware Service - Lavasoft Limited - C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgwdsvc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: ZoneAlarm LTD Toolbar IswSvc (IswSvc) - Check Point Software Technologies - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: Ad-Aware (SBAMSvc) - GFI Software - C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe
O23 - Service: vToolbarUpdater13.2.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe

--
End of file - 11650 bytes
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Top