Active Google Redirects/MBAM Error - run several tools with no effect.

Paladoris · 2009/07/10

[Active] Google Redirects/MBAM Error - run several tools with no effect.

I have run MBAM and other Spyware removal tools but it still redirects and my MBAM protection will not run as I get the 2 and 1073 errors. In addition, when I try to click and link it treats it as a popup to which it blocks it. Please help me out with this. The 2 logs are attached.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-06-26.01)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 4/16/2008 8:27:26 AM
System Uptime: 7/10/2009 7:45:21 PM (1 hours ago)

Motherboard: Dell Inc. | | 0KU184
Processor: Intel(R) Core(TM)2 Duo CPU T7250 @ 2.00GHz | Microprocessor | 1994/200mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 74 GiB total, 25.879 GiB free.
D: is CDROM (CDFS)

==== Disabled Device Manager Items =============

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Broadcom NetXtreme 57xx Gigabit Controller
Device ID: PCI\VEN_14E4&DEV_1673&SUBSYS_01F91028&REV_02\4&1E93A591&0&00E5
Manufacturer: Broadcom
Name: Broadcom NetXtreme 57xx Gigabit Controller
PNP Device ID: PCI\VEN_14E4&DEV_1673&SUBSYS_01F91028&REV_02\4&1E93A591&0&00E5
Service: b57w2k

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: 1394 Net Adapter
Device ID: V1394\NIC1394\398685C1344FC000
Manufacturer: Microsoft
Name: 1394 Net Adapter
PNP Device ID: V1394\NIC1394\398685C1344FC000
Service: NIC1394

==== System Restore Points ===================

RP327: 6/12/2009 8:50:00 PM - System Checkpoint
RP328: 6/12/2009 8:50:01 PM - System Checkpoint
RP329: 6/12/2009 8:50:02 PM - Removed Java(TM) 6 Update 11
RP330: 6/12/2009 8:50:04 PM - Installed Java(TM) 6 Update 12
RP331: 6/12/2009 8:50:06 PM - System Checkpoint
RP332: 6/12/2009 8:50:09 PM - System Checkpoint
RP333: 6/12/2009 8:50:10 PM - System Checkpoint
RP334: 6/12/2009 8:50:11 PM - System Checkpoint
RP335: 6/12/2009 8:50:12 PM - System Checkpoint
RP336: 6/12/2009 8:50:14 PM - System Checkpoint
RP337: 6/12/2009 8:50:15 PM - System Checkpoint
RP338: 6/12/2009 8:50:17 PM - System Checkpoint
RP339: 6/12/2009 8:50:18 PM - Installed SalesLogix Client.
RP340: 6/12/2009 8:50:19 PM - System Checkpoint
RP341: 6/12/2009 8:50:20 PM - System Checkpoint
RP342: 6/12/2009 8:50:20 PM - System Checkpoint
RP343: 6/12/2009 8:50:21 PM - System Checkpoint
RP344: 6/12/2009 8:50:21 PM - System Checkpoint
RP345: 6/12/2009 8:50:21 PM - System Checkpoint
RP346: 6/12/2009 8:50:24 PM - System Checkpoint
RP347: 6/12/2009 8:50:24 PM - System Checkpoint
RP348: 6/12/2009 8:50:24 PM - System Checkpoint
RP349: 6/12/2009 8:50:25 PM - System Checkpoint
RP350: 6/12/2009 8:50:25 PM - System Checkpoint
RP351: 6/12/2009 8:50:25 PM - System Checkpoint
RP352: 6/12/2009 8:50:25 PM - System Checkpoint
RP353: 6/12/2009 8:50:25 PM - System Checkpoint
RP354: 6/12/2009 8:50:26 PM - System Checkpoint
RP355: 6/12/2009 8:50:26 PM - System Checkpoint
RP356: 6/12/2009 8:50:26 PM - System Checkpoint
RP357: 6/12/2009 8:50:26 PM - System Checkpoint
RP358: 6/12/2009 8:50:26 PM - System Checkpoint
RP359: 6/12/2009 8:50:27 PM - System Checkpoint
RP360: 6/12/2009 8:50:27 PM - System Checkpoint
RP361: 6/12/2009 8:50:28 PM - System Checkpoint
RP362: 6/12/2009 8:50:29 PM - System Checkpoint
RP363: 6/12/2009 8:50:30 PM - System Checkpoint
RP364: 6/12/2009 8:50:30 PM - System Checkpoint
RP365: 6/12/2009 8:50:32 PM - System Checkpoint
RP366: 6/12/2009 8:50:32 PM - System Checkpoint
RP367: 6/12/2009 8:50:33 PM - System Checkpoint
RP368: 6/12/2009 8:50:33 PM - System Checkpoint
RP369: 6/12/2009 8:50:33 PM - System Checkpoint
RP370: 6/12/2009 8:50:33 PM - System Checkpoint
RP371: 6/12/2009 8:50:34 PM - System Checkpoint
RP372: 6/12/2009 8:50:34 PM - System Checkpoint
RP373: 6/12/2009 8:50:34 PM - System Checkpoint
RP374: 6/12/2009 8:50:34 PM - System Checkpoint
RP375: 6/12/2009 8:50:34 PM - System Checkpoint
RP376: 6/12/2009 8:50:35 PM - System Checkpoint
RP377: 6/12/2009 8:50:35 PM - System Checkpoint
RP378: 6/12/2009 8:50:35 PM - System Checkpoint
RP379: 6/12/2009 8:50:35 PM - System Checkpoint
RP380: 6/12/2009 8:50:35 PM - System Checkpoint
RP381: 6/12/2009 8:50:36 PM - System Checkpoint
RP382: 6/12/2009 8:50:36 PM - System Checkpoint
RP383: 6/12/2009 8:50:36 PM - System Checkpoint
RP384: 6/12/2009 8:50:36 PM - System Checkpoint
RP385: 6/12/2009 8:50:37 PM - System Checkpoint
RP386: 6/12/2009 8:50:37 PM - System Checkpoint
RP387: 6/12/2009 8:50:37 PM - System Checkpoint
RP388: 6/12/2009 8:50:37 PM - System Checkpoint
RP389: 6/12/2009 8:50:38 PM - System Checkpoint
RP390: 6/12/2009 8:50:38 PM - System Checkpoint
RP391: 6/12/2009 8:50:38 PM - System Checkpoint
RP392: 6/12/2009 8:50:38 PM - System Checkpoint
RP393: 6/12/2009 8:50:38 PM - System Checkpoint
RP394: 6/12/2009 8:50:39 PM - Installed iTunes
RP395: 6/12/2009 8:50:39 PM - System Checkpoint
RP396: 6/12/2009 8:50:40 PM - System Checkpoint
RP397: 6/12/2009 8:50:40 PM - System Checkpoint
RP398: 6/12/2009 8:50:40 PM - System Checkpoint
RP399: 6/12/2009 8:50:41 PM - System Checkpoint
RP400: 6/12/2009 8:50:41 PM - System Checkpoint
RP401: 6/12/2009 8:50:41 PM - System Checkpoint
RP402: 6/12/2009 8:50:41 PM - System Checkpoint
RP403: 6/12/2009 8:50:42 PM - System Checkpoint
RP404: 6/12/2009 9:27:12 PM - Removed AGEIA PhysX v7.11.13
RP405: 6/20/2009 1:13:50 PM - System Checkpoint
RP406: 6/26/2009 7:35:22 PM - System Checkpoint

==== Installed Programs ======================

Ad-Aware
Adobe Acrobat 8 Standard - English, FranÃ§ais, Deutsch
Adobe Acrobat 8.1.2 Standard
Adobe Flash Player 10 ActiveX
Adobe Flash Player Plugin
Adobe Shockwave Player
Apple Mobile Device Support
Apple Software Update
Applian FLV Player
AuthenTec Fingerprint Sensor Minimum Install
AutoUpdate
AVS Video Converter 6
biolsp patch
BitTorrent
BlackBerry Desktop Software 4.3
Bonjour
Broadcom ASF Management Applications
Broadcom Management Programs
Browser Address Error Redirector
Business Contact Manager for Outlook 2007 SP1
Compact Contact Center
Conexant HDA D330 MDC V.92 Modem
Creative WebCam Center
Creative WebCam Notebook Driver (1.04.01.0322)
Dell Drivers MSI
Dell Embassy Trust Suite by Wave Systems
Dell Touchpad
Digital Line Detect
DivX Converter
DivX Player
DivX Web Player
DNA
Document Manager Lite
Dracula Origin
EMBASSY Security Center
EMBASSY Security Setup
EMBASSY Trust Suite by Wave Systems
ESC Home Page Plugin
GDR 3068 for SQL Server Database Services 2005 ENU (KB948109)
Gemalto
GemSafe Standard Edition 5.1
Google Desktop
Google Earth
Google Updater
GoToMeeting 4.0.0.320
High Definition Audio Driver Package - KB835221
Hotfix for Microsoft .NET Framework 2.0 (KB922981)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB952287)
hppscan3390
iHance Outlook Plugin
Intel(R) Graphics Media Accelerator Driver
Intel(R) PROSet/Wireless Software
IntelliSonic Speech Enhancement
iTunes
Java(TM) 6 Update 14
Malwarebytes' Anti-Malware
Malwarebytes' RogueRemover
McAfee Agent
McAfee AntiSpyware Enterprise Module
McAfee VirusScan Enterprise
mCore
mDrWiFi
MFCLOC
mHlpDell
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office 2003 Web Components
Microsoft Office 2007 Primary Interop Assemblies
Microsoft Office Excel MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Small Business 2007
Microsoft Office Small Business Connectivity Components
Microsoft Office Standard 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Software Update for Web Folders (English) 12
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
Microsoft SQL Server Native Client
Microsoft SQL Server Setup Support Files (English)
Microsoft SQL Server VSS Writer
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
mIWA
MLB.TV NexDef Plug-in
mLogView
mMHouse
MobileMe Control Panel
Modem Diagnostic Tool
Move Networks Media Player for Internet Explorer
mPfMgr
mPfWiz
mProSafe
mSCfg
mSSO
MSXML 4.0 SP2 (KB936181)
MSXML 6.0 Parser (KB933579)
mWlsSafe
mWMI
mZConfig
NetWaiting
NTRU TCG Software Stack
Numara Track-It! 9 Agent
Octoshape add-in for Adobe Flash Player
Outcry
OverDrive Media Console
PokerStars.net
PowerDVD
Preboot Manager
Private Information Manager
QuickSet
QuickTime
RegCure 1.5.1.3
Registry Mechanic 8.0
Roxio Media Manager
SalesLogix Client
Scan
SearchAssist
Secure Update
Security Update for 2007 Microsoft Office System (KB951944)
Security Update for 2007 Microsoft Office System (KB955936)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 2.0 (KB928365)
Security Update for Microsoft Office Excel 2007 (KB955470)
Security Update for Microsoft Office PowerPoint 2007 (KB951338)
Security Update for Microsoft Office Publisher 2007 (KB950114)
Security Update for Microsoft Office system 2007 (KB951808)
Security Update for Microsoft Office system 2007 (KB954326)
Security Update for Microsoft Office Word 2007 (KB950113)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for the 2007 Microsoft Office System (KB936960)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows Media Player 9 (KB936782)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB958644)
Security Wizards
Sherlock Holmes Nemesis
SmartDraw 2008
SnagIt 9
Sonic Activation Module
SopCast 3.0.3
Sportsbook.com
SpyHunter
The Mystery of the Mummy
TOM Live Player
Trusted Drive Manager
tsp patch
TurboTax Deluxe Deduction Maximizer 2006
TurboTax ItsDeductible 2006
TVAnts 1.0
TVUPlayer 2.4.5.1
Update for Microsoft Office Outlook 2007 (KB952142)
Update for Office 2007 (KB932080)
Update for Office 2007 (KB934391)
Update for Office 2007 (KB946691)
Update for Outlook 2007 Junk Email Filter (kb957258)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951618-v2)
upekmsi
VC80CRTRedist - 8.0.50727.762
Veetle TV 0.9.14
VideoLAN VLC media player 0.8.6i
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
Wave Infrastructure Installer
Wave Support Software
WebEx
WebFldrs XP
WexTech AnswerWorks
Windows Genuine Advantage Validation Tool (KB892130)
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Live installer
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3

==== Event Viewer Messages From Past Week ========

7/5/2009 12:04:46 PM, error: System Error [1003] - Error code 100000d1, parameter1 e2136000, parameter2 00000002, parameter3 00000000, parameter4 a8cf1e85.
7/5/2009 12:01:56 PM, error: NETLOGON [5719] - No Domain Controller is available for domain SSV due to the following: There are currently no logon servers available to service the logon request. . Make sure that the computer is connected to the network and try again. If the problem persists, please contact your domain administrator.

==== End Of File ===========================

DDS (Ver_09-06-26.01) - NTFSx86
Run by ccummings at 20:32:43.79 on Fri 07/10/2009
Internet Explorer: 7.0.5730.13
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2038.1126 [GMT -6:00]

AV: VirusScan Enterprise + AntiSpyware Enterprise *On-access scanning disabled* (Updated) {918A2B0B-2C60-4016-A4AB-E868DEABF7F0}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
svchost.exe
svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe
C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\McAfee\VirusScan Enterprise\EngineServer.exe
C:\Program Files\McAfee\Common Framework\FrameworkService.exe
C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
C:\WINDOWS\system32\mfevtps.exe
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\SalesLogix\SLXSystem.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\StacSV.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Apoint\Apoint.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Apoint\ApMsgFwd.exe
C:\Program Files\Apoint\HidFind.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Wave Systems Corp\SecureUpgrade.exe
C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe
C:\WINDOWS\system32\KADxMain.exe
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\McAfee\Common Framework\udaterui.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\McAfee\Common Framework\McTray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\Creative\Shared Files\CamTray.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Registry Mechanic\RegMech.exe
C:\Program Files\AVAYA\IP Office\CCC\User Access\cccuseraccess.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Documents and Settings\CCUMMINGS\Local Settings\Application Data\Autobahn\mlb-nexdef-autobahn.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\CCUMMINGS\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = www.espn.com
uSearch Page = hxxp://www.google.com
uDefault_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=3080412
uSearch Bar = hxxp://www.google.com/ie
uDefault_Search_URL = hxxp://www.google.com/
uSearchMigratedDefaultURL = hxxp://www.google.com/
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchURL = hxxp://www.google.com/
mSearchAssistant = hxxp://www.google.com/hws/sb/dell-usuk-rel/en/side.html?channel=us
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\mcafee\virusscan enterprise\scriptsn.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
TB: {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File
EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
EB: SpeedRunner Bar: {cafb2180-ba09-11dc-95ff-0800200c9a66} - %SystemRoot%\system32\shdocvw.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [ISUSPM] "c:\program files\common files\installshield\updateservice\ISUSPM.exe" -scheduler
uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe
uRun: [Creative WebCam Tray] c:\program files\creative\shared files\CamTray.exe
uRun: [BitTorrent DNA] "c:\program files\dna\btdna.exe "
uRun: [RegistryMechanic] c:\program files\registry mechanic\RegMech.exe /H
mRun: [Apoint] c:\program files\apoint\Apoint.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [Dell QuickSet] c:\program files\dell\quickset\quickset.exe
mRun: [IntelZeroConfig] "c:\program files\intel\wireless\bin\ZCfgSvc.exe "
mRun: [IntelWireless] "c:\program files\intel\wireless\bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
mRun: [WavXMgr] c:\program files\wave systems corp\services manager\docmgr\bin\WavXDocMgr.exe
mRun: [SecureUpgrade] c:\program files\wave systems corp\SecureUpgrade.exe
mRun: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\stsystra.exe
mRun: [KADxMain] c:\windows\system32\KADxMain.exe
mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [PDVDDXSrv] "c:\program files\cyberlink\powerdvd dx\PDVDDXSrv.exe "
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
mRun: [McAfeeUpdaterUI] "c:\program files\mcafee\common framework\udaterui.exe" /StartedFromRunKey
mRun: [<NO NAME>]
mRun: [Acrobat Assistant 8.0] "c:\program files\adobe\acrobat 8.0\acrobat\Acrotray.exe "
mRun: [Ã‹Ã‘ºÃ¼²ÃŠµÃ§ÃÃ¸Ã’³°Ã¦] c:\program files\sohutv_web\systrayicon.exe "c:\program files\sohutv_web" "414a2dfb34d70b8153eb18b7877d0216" "1.0.0.10" " "
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\bin\AppleSyncNotifier.exe
mRun: [Ad-Watch] c:\program files\lavasoft\ad-aware\AAWTray.exe
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [ShStatEXE] "c:\program files\mcafee\virusscan enterprise\SHSTAT.EXE" /STANDALONE
mRun: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe "
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe "
dRunOnce: [FlashPlayerUpdate] c:\windows\system32\macromed\flash\FlashUtil10a.exe
StartupFolder: c:\docume~1\ccummi~1\startm~1\programs\startup\mlbtvn~1.lnk - c:\documents and settings\ccummings\local settings\application data\autobahn\mlb-nexdef-autobahn.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\cccuse~1.lnk - c:\program files\avaya\ip office\ccc\user access\cccuseraccess.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpzrcv01.lnk - c:\program files\hp\temp\{b94428f6-e93c-4d1d-8580-46d70fa07a9d}\setup\hpzstub.exe
mPolicies-explorer: NoWelcomeScreen = 1 (0x1)
mPolicies-system: RunLogonScriptSync = 0 (0x0)
mPolicies-system: HideStartupScripts = 1 (0x1)
IE: Append to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - c:\program files\pokerstars.net\PokerStarsUpdate.exe
Trusted Zone: adobe.com\www
Trusted Zone: ninjavideo.net\www
Trusted Zone: turbotax.com
DPF: {05C1004E-2596-48E5-8E26-39362985EEB9} - hxxp://p3p.sogou.com/new_MMCShell.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/swdir8d204.cab
DPF: {2DEF4530-8CE6-41C9-84B6-A54536C90213} - hxxp://192.168.24.22/Reporting/ReportView/activexviewer.cab
DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} - hxxp://dl.tvunetworks.com/TVUAx.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1230756807421
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1230756798890
DPF: {7E3C8EE9-0EA1-4ACA-A8A2-87B76A3A6BC4} - hxxp://afocx.17funtv.com:9091/AFC_TW/OpenTV_17FunTV.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {9CA74596-B5BB-4634-971C-F0224115A15F} - hxxp://nba.tom.com/video/tcastV1.cab
DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://evault.webex.com/client/T26L/sales/ieatgpc.cab
AppInit_DLLs: c:\progra~1\google\google~2\goec62~1.dll c:\windows\system32\yeyivufu.dll c:\windows\system32\tuludave.dll c:\windows\system32\juzeziwi.dll c:\windows\system32\mokinepa.dll pvdbwo.dll gtymzu.dll ,
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
LSA: Authentication Packages = msv1_0 wvauth
LSA: Notification Packages = scecli c:\windows\system32\yeyivufu.dll c:\windows\system32\tuludave.dll c:\windows\system32\juzeziwi.dll c:\windows\system32\mokinepa.dll

============= SERVICES / DRIVERS ===============

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-5-21 64160]
R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2008-6-2 342640]
R2 ASFIPmon;Broadcom ASF IP and SMBIOS Mailbox Monitor;c:\program files\broadcom\asfipmon\AsfIpMon.exe [2006-12-19 79432]
R2 BcmSqlStartupSvc;Business Contact Manager SQL Server Startup Service;c:\program files\microsoft small business\business contact manager\BcmSqlStartupSvc.exe [2008-1-11 30312]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2009-3-9 1003344]
R2 McAfeeEngineService;McAfee Engine Service;c:\program files\mcafee\virusscan enterprise\EngineServer.exe [2009-4-29 21256]
R2 McAfeeFramework;McAfee Framework Service;c:\program files\mcafee\common framework\FrameworkService.exe [2009-3-10 103744]
R2 McTaskManager;McAfee Task Manager;c:\program files\mcafee\virusscan enterprise\VsTskMgr.exe [2009-4-29 62800]
R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2009-6-2 70216]
R2 pzhg;pzhg;c:\windows\system32\drivers\suhi.sys [2009-4-28 8336]
R2 SalesLogix System;SalesLogix System Service;c:\program files\saleslogix\SLXSystem.exe [2008-9-13 394520]
R2 Wave UCSPlus;Wave UCSPlus;c:\windows\system32\dllhost.exe [2004-8-11 5120]
R3 DXEC01;DXEC01;c:\windows\system32\drivers\dxec01.sys [2006-11-2 97536]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2009-6-18 19096]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2009-6-18 38160]
RUnknown thjwsbi;thjwsbi; [x]
S1 mferkdk;VSCore mferkdk;\??\c:\program files\mcafee\virusscan enterprise\mferkdk.sys --> c:\program files\mcafee\virusscan enterprise\mferkdk.sys [?]
S2 agtqnlg;agtqnlg;\??\c:\windows\system32\drivers\luogxppdyrzlku.sys --> c:\windows\system32\drivers\luogxppdyrzlku.sys [?]
S2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2009-6-18 195856]
S2 McShield;McAfee McShield;c:\program files\mcafee\virusscan enterprise\Mcshield.exe [2009-5-19 144888]
S3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245;c:\program files\google\google desktop search\GoogleDesktop.exe [2008-4-11 29744]
S3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2008-6-2 91640]
S3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2008-6-2 43288]
S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2009-6-2 65224]
S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ);c:\program files\microsoft sql server\mssql.1\mssql\binn\sqlservr.exe [2008-2-26 29183504]
S3 OnePointDomainAdminService;Active Directory Migration Agent;c:\windows\onepointdomainagent\DCTAgentService.exe [2008-5-15 39424]
S3 P1171VID;Creative WebCam Notebook #2;c:\windows\system32\drivers\P1171Vid.sys [2008-8-3 91392]

=============== Created Last 30 ================

2009-07-09 16:47 3,615 a------- c:\windows\system32\SiteList.xml
2009-07-01 16:57 22,452 a------- c:\windows\system32\AAWService_2009_07_01_16_57_38.dmp
2009-06-30 02:46 73,728 a------- c:\windows\system32\javacpl.cpl
2009-06-26 19:35 <DIR> --d----- c:\program files\Focus
2009-06-25 08:16 24,597 a------- c:\windows\system32\ijw
2009-06-19 13:05 107,368 a------- c:\windows\system32\GEARAspi.dll
2009-06-19 13:04 <DIR> --d----- c:\program files\iPod
2009-06-19 13:04 <DIR> --d----- c:\program files\iTunes
2009-06-18 23:55 38,160 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-06-18 23:55 19,096 a------- c:\windows\system32\drivers\mbam.sys
2009-06-18 23:55 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
2009-06-15 16:42 <DIR> --d-h--- C:\_rpcs
2009-06-13 14:20 <DIR> --d----- c:\docume~1\alluse~1\applic~1\91415616
2009-06-13 14:20 <DIR> --d----- c:\docume~1\alluse~1\applic~1\11405624
2009-06-12 21:29 8,212 a------- c:\windows\mfebcdata

==================== Find3M ====================

2009-07-04 07:46 1,984 a------- c:\windows\system32\d3d9caps.dat
2009-07-01 15:41 94,208 a------- c:\windows\TIRHService.exe
2009-06-30 02:46 410,984 a------- c:\windows\system32\deploytk.dll
2009-06-04 20:12 15,688 a------- c:\windows\system32\lsdelete.exe
2009-05-29 13:36 2,060,288 a------- c:\windows\system32\usbaaplrc.dll
2009-05-29 13:36 39,424 a------- c:\windows\system32\drivers\usbaapl.sys
2009-05-21 20:11 64,160 a------- c:\windows\system32\drivers\Lbd.sys
2009-05-19 20:07 342,640 a------- c:\windows\system32\drivers\mfehidk.sys
2009-05-19 20:07 91,640 a------- c:\windows\system32\drivers\mfeavfk.sys
2009-05-19 20:07 75,704 a------- c:\windows\system32\drivers\mfeapfk.sys
2009-05-19 20:07 70,216 a------- c:\windows\system32\mfevtps.exe
2009-05-19 20:07 65,224 a------- c:\windows\system32\drivers\mferkdet.sys
2009-05-19 20:07 63,728 a------- c:\windows\system32\drivers\mfetdik.sys
2009-05-19 20:07 43,288 a------- c:\windows\system32\drivers\mfebopk.sys
2009-05-04 20:24 964,608 a------- c:\windows\system32\mfc70u.dll
2009-04-29 20:07 20,768 a------- c:\windows\system32\MFEOtlk.dll
2008-10-18 18:45 694 a------- c:\program files\TVUPlayer.lnk
2008-09-23 15:19 1,754 a------- c:\program files\Adobe Acrobat 8 Standard.lnk
2008-09-15 23:49 706 a------- c:\program files\BitTorrent.lnk
2008-09-15 17:48 897 a------- c:\program files\AVS Video Converter 6.lnk
2008-07-22 11:00 729 a------- c:\program files\SmartDraw 2008.lnk
2008-01-04 16:09 61,224 a------- c:\documents and settings\ccummings\GoToAssistDownloadHelper.exe
2008-09-15 13:02 0 ac-sh--- c:\windows\system32\buvatolo.dll
2008-12-15 12:53 64,572 a--sh--- c:\windows\system32\fisutohi.dll
2008-12-31 01:40 2,713 a--sh--- c:\windows\system32\palodide.exe
2008-09-15 13:02 0 ac-sh--- c:\windows\system32\yorijijo.dll
2008-09-15 13:02 0 ac-sh--- c:\windows\system32\zerejuhu.dll
2008-12-31 15:47 32,768 ac-sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008123120090101\index.dat
2009-02-28 15:52 32,768 a--sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012009022820090301\index.dat

============= FINISH: 20:35:50.73 ===============

Geri · 2009/07/10

Hi Paladoris
Welcome to WindowsBBS.

I see you have P2P software ( Limewire, BitTorrent uTorrent etcâ€¦ ) installed on your machine. We are not here to pass judgment on file-sharing as a concept. However, we will warn you that engaging in this activity and having this kind of software installed on your machine will always make you more susceptible to re-infections. It may be contributing to your current situation. This page will give you further information.

Please note: Even if you are using a "safe" P2P program, it is only the program that is safe. You will be sharing files from uncertified sources, and these are often infected. The bad guys use P2P filesharing as a major conduit to spread their wares and their infections.

References for the risk of these programs are here, and here.

I would strongly recommend that you uninstall them,

Note: Please be advised that continued use of these programs after being warned of the danger of infections from them, may result in the discontinued help of future cleaning of your system here at WindowsBBS Malware and Virus removal.

Please do this.

Download ComboFix from Here to your Desktop.

It's best to disable realtime protection applications as they sometimes interfere with the tool.
Check this link for any applicable programs you may have.

Close all open programs and windows

Double click combofix.exe and follow the prompts.

Vista users right click Combofix.exe and select Run As Administrator.

When finished, it shall produce a log for you. Post the Combofix log

Note: Do not mouse click combofix's window while its running. That may cause it to stall

If you are prompted to install the Recovery Console, Please do so.

**NOTE - Allow ComboFix to update if prompted.

Thanks
Geri

Log in or Sign up

Active Google Redirects/MBAM Error - run several tools with no effect.

Paladoris Inactive Thread Starter

Geri Inactive Alumni

Share This Page

Log in or Sign up

Active Google Redirects/MBAM Error - run several tools with no effect.

Paladoris Inactive Thread Starter

Geri Inactive Alumni

Share This Page

Useful Searches