[Resolved] my windows defender says everything is fine

Welcome! Register for a free account (or login) > How does it work?

Quickly register. It will only take 60 seconds.
Start a new topic. Ask your question. Wait for an email reply.
Is your system infected? Begin reading the malware removal guide.

What the Tech > Spyware / Malware / Virus Removal > Infections Removal

[Resolved] my windows defender says everything is fine, Problems with internet

Options

HMH22 View Member Profile	Aug 7 2009, 07:21 PM Post #16
Authentic Member Group: Authentic Member Posts: 77 Joined: 19-September 08 Member No.: 81,600 Operating System: Windows Vista Home Basic	Hi, I am having problems with the internet. When I go to put something in the search engine it never goes to where I wanted it to go something will pop-up. I know this is a sign of spyware but, when my windows defender scans my computer it says everything is fine yet, im still having problems. My pop-up blocker is at medium and when i put it on high something still pops-up. I dont know what to do but i did a Hijackthis log and here is the results- P.S. thanks in advance Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 9:13:55 PM, on 8/7/2009 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18294) Boot mode: Normal Running processes: C:\Windows\System32\smss.exe C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\csrss.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\winlogon.exe C:\Windows\system32\svchost.exe C:\Windows\system32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\system32\svchost.exe C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe C:\Windows\system32\svchost.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe C:\Acer\Empowering Technology\ePerformance\MemCheck.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\svchost.exe C:\Windows\sySTEM32\SvchoSt.ExE C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.vista.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\FreezeScreenSaver.exe C:\Windows\system32\svchost.exe C:\Program Files\iolo\common\lib\ioloServiceManager.exe C:\Program Files\iolo\System Shield 3\IoloSGCtrl.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Windows\RtHDVCpl.exe C:\Windows\System32\SysMonitor.exe C:\Program Files\iWin Games\iWinTrusted.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Program Files\Norton PC Checkup\executables\mrHealthy\MrHealthy.exe C:\Program Files\iolo\System Shield 3\SystemGuardAlerter.exe C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwssvc.exe C:\Windows\system32\svchost.exe C:\Program Files\CyberLink\Shared Files\RichVideo.exe C:\Windows\system32\svchost.exe C:\Windows\system32\svchost.exe C:\Windows\System32\svchost.exe C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe C:\Program Files\MyWebSearch\bar\2.bin\M3SRCHMN.EXE C:\Program Files\Java\jre6\bin\jusched.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe C:\Windows\pp10.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\AWS\WeatherBug\Weather.exe C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe C:\Program Files\AIM6\aim6.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe C:\ProgramData\iWin Games\DesktopAlerts\DesktopAlerts.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Windows\system32\WUDFHost.exe C:\Users\Judy\Documents\RCA Detective\RCADetective.exe C:\Windows\system32\wbem\unsecapp.exe C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE C:\Windows\ehome\ehmsas.exe C:\Program Files\Common Files\AOL\Loader\aolload.exe C:\Program Files\iolo\System Shield 3\Personal Firewall\ioloFW.exe C:\Program Files\iolo\System Shield 3\AntiVirus\ioloAV.exe C:\Program Files\Internet Explorer\IEUser.exe C:\Program Files\AIM6\aolsoftware.exe C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe C:\Program Files\iolo\System Shield 3\AntiVirus\iAVEmailScanner.exe C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe C:\Windows\system32\taskeng.exe C:\Program Files\MSN\Toolbar\3.0.0988.2\msntask.exe c:\program files\aol\aim toolbar 5.0\AolTbServer.exe C:\Program Files\Microsoft Games\Solitaire\Solitaire.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Google\Google Toolbar\GoogleToolbarUser.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\Windows\system32\wbem\wmiprvse.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.yahoo.com/search/ie.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://en.us.acer.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://en.us.acer.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - EA756889-2338-43DB-8F07-D1CA6FB9C90D} - (no file) R3 - URLSearchHook: (no name) - EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) R3 - URLSearchHook: (no name) - 0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - (no file) R3 - URLSearchHook: (no name) - ce0c2586-da36-452b-acdb-320d9bcb19bf} - (no file) R3 - URLSearchHook: (no name) - 00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file) R3 - URLSearchHook: (no name) - CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file) R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\2.bin\MWSSRCAS.DLL (file missing) R3 - URLSearchHook: (no name) - {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll O2 - BHO: Ask Search Assistant BHO - {0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: PCCBHO.CPCCBHO - {22FC6CE8-7D47-479F-B74A-BFBB04ADB9AF} - C:\Program Files\Winferno\PC Confidential\PCCBHO.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing) O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll O2 - BHO: Accelerator Plugin - {656EC4B7-072B-4698-B504-2A414C1F0037} - C:\PROGRA~1\PEOPLE~1\PRPL_I~1.DLL (file missing) O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll O2 - BHO: IEHlprObj Class - {8CA5ED52-F3FB-4414-A105-2E3491156990} - C:\Program Files\iWin Games\iWinGamesHookIE.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O2 - BHO: iWin Toolbar - {ce0c2586-da36-452b-acdb-320d9bcb19bf} - C:\Program Files\iWin\tbiWi1.dll O2 - BHO: MSN Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.0988.2\msneshellx.dll O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL O3 - Toolbar: AIM Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll O3 - Toolbar: iWin Toolbar - {ce0c2586-da36-452b-acdb-320d9bcb19bf} - C:\Program Files\iWin\tbiWi1.dll O3 - Toolbar: (no name) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - (no file) O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll O3 - Toolbar: MSN Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.0988.2\msneshellx.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file) O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Windows\system32\SysMonitor.exe O4 - HKLM\..\Run: [Acer Product Registration] "C:\Program Files\Acer Registration\ACE1.exe" /startup O4 - HKLM\..\Run: [Acer Assist Launcher] C:\Program Files\Acer Assist\launcher.exe O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [SystemGuardAlerter] C:\Program Files\iolo\System Shield 3\SystemGuardAlerter.exe O4 - HKLM\..\Run: [iolo Startup] "C:\Program Files\iolo\Common\Lib\ioloLManager.exe" O4 - HKLM\..\Run: [iolo Personal Firewall] "C:\Program Files\iolo\System Shield 3\Personal Firewall\ioloFW.exe" rstrq O4 - HKLM\..\Run: [iolo AntiVirus] "C:\Program Files\iolo\System Shield 3\AntiVirus\ioloAV.exe" rstrq O4 - HKLM\..\Run: [MyWebSearch Plugin] rundll32 C:\PROGRA~1\MYWEBS~1\bar\2.bin\M3PLUGIN.DLL,UPF O4 - HKLM\..\Run: [YSearchProtection] "C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MYWEBS~1\bar\2.bin\m3SrchMn.exe" /m=2 /w /h O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [sysldtray] c:\windows\ld12.exe O4 - HKLM\..\Run: [pp] c:\windows\pp10.exe O4 - HKLM\..\Run: [sysfbtray] c:\windows\freddy56.exe O4 - HKLM\..\Run: [Sysmstray] c:\windows\mstre19.exe O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter O4 - HKCU\..\Run: [?????????] ??????????????e O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_0 O4 - HKCU\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup O4 - HKCU\..\Run: [RegPowerClean] "C:\Program Files\Winferno\RegistryPowerCleaner\RegPowerClean.exe" O4 - HKCU\..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe 1 O4 - HKCU\..\Run: [DW6] "C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe" O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet O4 - HKCU\..\Run: [Search Protection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe O4 - HKCU\..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\Windows\System32\Adobe\SHOCKW~1\SWHELP~3.EXE -Update -1103471 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; FunWebProducts; GTB6; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; PeoplePal 6.6; .NET CLR 1.1.4322; InfoPath.2; .NET CLR 3.5.30729; .NET CLR 3.0.30618)" -"http://edits.zwinky.com/zwinky-world/GamePlayer/play.jhtml?gameID=34" O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'Default user') O4 - Startup: IMVU.lnk = C:\Users\Judy\Desktop\IMVU\IMVUClient.exe O4 - Startup: iWin Desktop Alerts.lnk = C:\ProgramData\iWin Games\DesktopAlerts\DesktopAlerts.exe O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Startup: RCA Detective.lnk = C:\Users\Judy\Documents\RCA Detective\RCADetective.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Empowering Technology Launcher.lnk = ? O4 - Global Startup: Gamerlog.lnk = C:\Program Files\GamerLog\GamerLog.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe O8 - Extra context menu item: &AIM Search - c:\program files\aol\aim toolbar 5.0\resources\en-US\local\search.html O8 - Extra context menu item: &ieSpell Options - res://C:\Program Files\ieSpell\iespell.dll/SPELLOPTION.HTM O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/...?p=ZJxdm035YYUS O8 - Extra context menu item: Check &Spelling - res://C:\Program Files\ieSpell\iespell.dll/SPELLCHECK.HTM O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Lookup on Merriam Webster - file://C:\Program Files\ieSpell\Merriam Webster.HTM O8 - Extra context menu item: Lookup on Wikipedia - file://C:\Program Files\ieSpell\wikipedia.HTM O9 - Extra button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll O9 - Extra 'Tools' menuitem: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll O9 - Extra button: (no name) - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll O9 - Extra 'Tools' menuitem: ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: AIM Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll O9 - Extra button: SmartShopper - Compare product prices - {3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEBF} - C:\Program Files\SmartShopper\Bin\2.5.0\SmrtShpr.dll (file missing) O9 - Extra button: SmartShopper - Compare travel rates - {3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEC0} - C:\Program Files\SmartShopper\Bin\2.5.0\SmrtShpr.dll (file missing) O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - C:\Program Files\Winferno\PC Confidential\PCConfidential.exe O9 - Extra 'Tools' menuitem: PC Confidential - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - C:\Program Files\Winferno\PC Confidential\PCConfidential.exe O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: PC Confidential - {925DAB62-F9AC-4221-806A-057BFB1014AA} - C:\Program Files\Winferno\PC Confidential\PCConfidential.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Users\Judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk O9 - Extra button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\iavlsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\iavlsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\iavlsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\iavlsp.dll O10 - Unknown file in Winsock LSP: c:\program files\iolo\common\firewall\ifw_xfilter.dll O10 - Unknown file in Winsock LSP: c:\program files\iolo\common\firewall\ifw_xfilter.dll O10 - Unknown file in Winsock LSP: c:\program files\iolo\common\firewall\ifw_xfilter.dll O10 - Unknown file in Winsock LSP: c:\program files\iolo\common\firewall\ifw_xfilter.dll O10 - Unknown file in Winsock LSP: c:\program files\iolo\common\firewall\ifw_xfilter.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\iavlsp.dll O13 - Gopher Prefix: O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/binFrameWork/v10/StagingUI.cab55579.cab O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/f...etup1.0.1.1.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (MSN Games – Buddy Invite) - http://zone.msn.com/BinFrameWork/v10/ZBuddy.cab55579.cab O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/OnlineScanner.cab O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) - http://zone.msn.com/binframework/v10/ZPAChat.cab55579.cab O16 - DPF: {615F158E-D5CA-422F-A8E7-F6A5EED7063B} (Bejeweled Control) - http://www.worldwinner.com/games/v46/bejeweled/bejeweled.cab O16 - DPF: {809A6301-7B40-4436-A02C-87B8D3D7D9E3} (ZPA_DMNO Object) - http://zone.msn.com/bingame/zpagames/zpa_dmno.cab55579.cab O16 - DPF: {80B626D6-BC34-4BCF-B5A1-7149E4FD9CFA} (UnoCtrl Class) - http://zone.msn.com/bingame/zpagames/GAME_UNO1.cab60096.cab O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab O16 - DPF: {8C279F4E-917E-4CD2-8DF0-D9C73C0CE763} (ZPA_WheelOfFortune Object) - http://zone.msn.com/bingame/zpagames/zpa_wof.cab55579.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v10/...ro.cab56649.cab O16 - DPF: {C6E9F0B8-AFEA-46F3-831B-612E97381ABA} (imvustreamer Control) - http://www.imvu.com/activex/imvustreamer.cab O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/p...obat/nos/gp.cab O16 - DPF: {CF969D51-F764-4FBF-9E90-475248601C8A} (FamilyFeud Control) - http://www.worldwinner.com/games/v47/famil.../familyfeud.cab O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (MSN Games – Game Communicator) - http://zone.msn.com/binframework/v10/StProxy.cab55579.cab O16 - DPF: {FF3C5A9F-5A91-4930-80E8-4709194C2AD3} (CheckersZPA Object) - http://zone.msn.com/bingame/zpagames/Check...PA.cab55579.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: DvpApi (dvpapi) - Authentium, Inc. - C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.vista.exe O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe O23 - Service: FreezeScreenSaver - Unknown owner - C:\Windows\system32\FreezeScreenSaver.exe O23 - Service: getPlus® Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe O23 - Service: Google Update Service (gupdate1c9dd44c9cdecca) (gupdate1c9dd44c9cdecca) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: iolo DMV Service (ioloDMV) - Unknown owner - C:\Program Files\iolo\Common\Lib\ioloDMVSvc.exe O23 - Service: iolo FileInfoList Service (ioloFileInfoList) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe O23 - Service: iolo Product Update Service (ioloProductUpdate) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe O23 - Service: iolo System Service (ioloSystemService) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe O23 - Service: iolo System Guard (IOLO_SRV) - Unknown owner - C:\Program Files\iolo\System Shield 3\IoloSGCtrl.exe O23 - Service: iWinTrusted - iWin Inc. - C:\Program Files\iWin Games\iWinTrusted.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: MrHealthy (MrHealthyService) - Symantec Corporation - C:\Program Files\Norton PC Checkup\executables\mrHealthy\MrHealthy.exe O23 - Service: My Web Search Service (MyWebSearchService) - MyWebSearch.com - C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwssvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- End of file - 24013 bytes Hey, I dont know if this is the spyware but about an hour after i did a Hijackthis log a message came up saying that my computer was on high alert and it would not let me exit out of anything. The program that it said could fix it was Internet Antivirus Pro something (srry, I didnt right it down). I did not hit ok an I tried to cancel it but it would not let me so I just logged off and logged back on to my computer. I hope this helps.

Posts in this topic

HMH22 [Resolved] my windows defender says everything is fine Aug 7 2009, 07:21 PM

HMH22 Volume in drive C is ACER Volume Serial Number is... Aug 10 2009, 10:09 AM

CatByte Hi, Please do the following: Download ComboFix,... Aug 10 2009, 10:30 AM

HMH22 Hi, I have a question will it be alright for me to... Aug 10 2009, 11:07 AM

CatByte Yes, unhide every option that it will allow you to... Aug 10 2009, 11:31 AM

HMH22 ok i did the first part but I dont see the folder ... Aug 10 2009, 12:06 PM

CatByte This is the folder where it could be present C:... Aug 10 2009, 12:17 PM

HMH22 ok I did that it says access is denied when i trie... Aug 10 2009, 12:30 PM

CatByte Can you log in with the Administrators account - s... Aug 10 2009, 12:31 PM

HMH22 How do i do that? and do u if i do do u want me to... Aug 10 2009, 12:38 PM

CatByte Hi, while we are trying to clean your machine of ... Aug 10 2009, 12:43 PM

HMH22 Ok im on as administrator and when i restarted as ... Aug 10 2009, 01:26 PM

HMH22 I went under administrator opened up documents not... Aug 10 2009, 01:41 PM

CatByte rather than typing the folder into the search...ca... Aug 10 2009, 04:13 PM

HMH22 Hi, there was no documents and settings folder. Th... Aug 10 2009, 06:48 PM

CatByte Ok Are you still logged on in the Administors acc... Aug 10 2009, 06:52 PM

HMH22 Hi, ok I tried again and the fixme.reg was not on ... Aug 10 2009, 07:17 PM

CatByte Hi, when you saved the fies in notepad did you s... Aug 10 2009, 07:24 PM

HMH22 No they did not and I went and looked for the fold... Aug 10 2009, 08:15 PM

CatByte Hi, The malware on your system is preventing you ... Aug 10 2009, 08:24 PM

HMH22 I was not able to do the first link it closes it u... Aug 10 2009, 08:40 PM

Ried Hello HMH22, There does seem to be an issue with ... Aug 10 2009, 08:57 PM

HMH22 Hi, ok i renamed it and how do i save it to the C:... Aug 10 2009, 09:10 PM

Ried Look at the very top of the Save dialog box, where... Aug 10 2009, 09:16 PM

HMH22 Ok I saved it and it is in the C:\Drive Aug 10 2009, 09:37 PM

Ried Wonderful! Before we run Combo-Fix, we need ... Aug 10 2009, 09:47 PM

HMH22 Ok a disclamier came up on the warranty of the sof... Aug 10 2009, 10:06 PM

CatByte Yes, please do Aug 10 2009, 10:08 PM

HMH22 Ok I ran it how do I know its finished because rig... Aug 10 2009, 10:40 PM

Ried Can you please be more specific? In the command b... Aug 10 2009, 10:42 PM

HMH22 Hi, ok the last stage it was on was Deleting Files... Aug 10 2009, 10:58 PM

Ried Do you recall the error message? Do you see your ... Aug 10 2009, 11:00 PM

HMH22 No I dont recall it was something about the progra... Aug 10 2009, 11:25 PM

Ried Please reboot the machine into your usual account ... Aug 10 2009, 11:29 PM

HMH22 Ok i logged back on administrator and now its back... Aug 10 2009, 11:34 PM

CatByte Hi, Please do the following: Very Important... Aug 11 2009, 12:11 AM

HMH22 Question is script blocking the same as script deb... Aug 11 2009, 05:11 PM

CatByte No, it's different, but as long as your AV is ... Aug 11 2009, 05:22 PM

HMH22 OK when I draged it over and it was about a window... Aug 11 2009, 05:33 PM

CatByte did it run?...if it didn't run, try it again a... Aug 11 2009, 05:53 PM

HMH22 Ok when I did it this time there was an error mess... Aug 11 2009, 06:17 PM

CatByte call it combafix make sure you drag and drop the ... Aug 11 2009, 06:21 PM

HMH22 Hi, ok I tried to post the log but it said it was ... Aug 11 2009, 07:27 PM

CatByte you can attach it... use the upload feature on th... Aug 11 2009, 07:30 PM

HMH22 Ok i attached it Aug 11 2009, 07:34 PM

CatByte Hi, How is the computer running now? It should be... Aug 11 2009, 08:11 PM

HMH22 Yes it seems to be doing better than it was but, I... Aug 11 2009, 08:36 PM

CatByte Hi, All your other accounts should be fine. We n... Aug 11 2009, 08:41 PM

HMH22 Hi, yeah everything seems to be back to normal but... Aug 11 2009, 10:40 PM

CatByte Hi, Please do the following: Please download OTM... Aug 12 2009, 05:28 AM

HMH22 Hi, ok it still will not let me download that prog... Aug 12 2009, 05:38 AM

CatByte Hi, can you tell me what freezes up and what clos... Aug 12 2009, 05:47 AM

HMH22 When I click on OTM to download it opens up then i... Aug 12 2009, 06:59 AM

CatByte Hi, right click the icon and choose 'run as A... Aug 12 2009, 07:07 AM

HMH22 I'm on the administrator account when I right ... Aug 12 2009, 07:13 AM

CatByte Try deleting the copy you have. Download a fresh ... Aug 12 2009, 07:17 AM

HMH22 Ok, what copy and where would it be. I tried to do... Aug 12 2009, 07:30 AM

CatByte The copy of OTM did it save to your desktop? are... Aug 12 2009, 07:35 AM

CatByte Re-reading your post...are you saying that you can... Aug 12 2009, 07:57 AM

HMH22 Yes it will not download some programs will downlo... Aug 12 2009, 08:00 AM

CatByte sorry, I misunderstood, I thought it had downloade... Aug 12 2009, 08:01 AM

CatByte Hi, maybe your security settings are too high tr... Aug 12 2009, 08:05 AM

HMH22 I click on OTM the box comes up I click Run then i... Aug 12 2009, 08:09 AM

CatByte Don't run it ...save it to your desktop (if ... Aug 12 2009, 08:12 AM

HMH22 Ok here is the OTM log: All processes killed ====... Aug 12 2009, 08:45 AM

HMH22 Ok here is the Hijacklogthis: Logfile of Trend M... Aug 12 2009, 08:46 AM

HMH22 Here is the uninstall list: Logfile of Trend Micr... Aug 12 2009, 08:47 AM

CatByte Hi, just a couple more things to do, then we... Aug 12 2009, 09:11 AM

HMH22 Hi, ok which file do i need to download for Java S... Aug 12 2009, 07:48 PM

CatByte Hi Scroll down to the Java SE Runtime Environme... Aug 12 2009, 07:54 PM

HMH22 Ok I have downloaded Java program and i deleted th... Aug 12 2009, 08:20 PM

CatByte Hi, There are a couple of ways to access it: mos... Aug 12 2009, 08:38 PM

HMH22 I do not see folder options either way it doesn... Aug 12 2009, 08:56 PM

CatByte Hi, use the search box from the start menu. t... Aug 12 2009, 09:11 PM

HMH22 Ok I changed it do you want me to get off administ... Aug 12 2009, 09:22 PM

CatByte Clean everything up in the admin account...put in ... Aug 12 2009, 09:24 PM

HMH22 Ok I put it in combofix /u in and it says that win... Aug 12 2009, 10:31 PM

CatByte then it is already removed. If there are any l... Aug 12 2009, 10:47 PM

HMH22 Hi, ok im back on my usual account and i put in th... Aug 13 2009, 06:32 AM

CatByte To change your homepage: 1. First, open your Int... Aug 13 2009, 06:44 AM

HMH22 Hi ok the administrators account is not visable an... Aug 13 2009, 11:41 AM

CatByte Hi, If you really liked system shield, then stick... Aug 13 2009, 11:47 AM

CatByte Hi, I went back and tested that page again. it a... Aug 13 2009, 11:57 AM

HMH22 Thank you so much you were really patient with me ... Aug 13 2009, 12:02 PM

CatByte You are more than welcome, no need to apologize fo... Aug 13 2009, 12:04 PM

CatByte Since this issue appears to be resolved ... this T... Aug 14 2009, 09:32 AM

« Next Oldest · Infections Removal · Next Newest »

Topic Title	Replies	Topic Starter	Views	Last Action
Infections Removal Windows/Microsoft Pop-up virus notification	0	konagrrl	10	Today, 06:29 PM Last post by: konagrrl
Microsoft Windows™ Windows System Restore Issues	3	ErinMatthews	42	Today, 08:49 AM Last post by: paws
Infections Removal [Resolved] antivirus vista 2010 infection	15	tiancheng	466	Today, 06:46 AM Last post by: Blade81
Infections Removal [Resolved] Extremely Slow	15	Angel2121	487	Today, 05:46 AM Last post by: jpshortstuff