Hello. I seem to have the same issue as a few others. When I use Yahoo to search, and attempt to click on a link that was returned, sometimes it will redirect me to a site not related at all to what I was looking for. If I hit "BACK", and keep trying, different sites pop-up, and sometimes it will actually get to the link I am attempting to get to. Below is the DDS report, and the zipped "attach" file as instructed. Please advise on how I should proceed.
Thank You,
Cory
DDS (Ver_10-03-17.01) - NTFSx86
Run by NEWXPOWNER at 16:27:42.15 on Sat 07/17/2010
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.502.120 [GMT -5:00]
AV: CA Anti-Virus *On-access scanning enabled* (Updated) {17CFD1EA-56CF-40B5-A06B-BD3A27397C93}
============== Running Processes ===============
C:\WINNT\system32\svchost -k DcomLaunch
svchost.exe
C:\WINNT\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINNT\Explorer.EXE
C:\WINNT\ehome\ehtray.exe
C:\WINNT\system32\igfxpers.exe
C:\WINNT\stsystra.exe
C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spam\QSP-5.1.18.0\QOELoader.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\WINNT\system32\ctfmon.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\CAPPActiveProtection.exe
C:\WINNT\system32\spoolsv.exe
svchost.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\ISafe.exe
C:\Program Files\CA\SharedComponents\PPRT\bin\ITMRTSVC.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
svchost.exe
C:\WINNT\system32\svchost.exe -k imgsvc
C:\Program Files\UPHClean\uphclean.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\PPCtlPriv.exe
C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Microsoft Office\Office10\WINWORD.EXE
C:\Documents and Settings\NEWXPOWNER\Desktop\Computer Fix\dds.com
============== Pseudo HJT Report ===============
uStart Page = hxxp://www.yahoo.com/
uSearch Bar =
uDefault_Page_URL =
uSearchAssistant =
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
uRun: [ctfmon.exe] c:\winnt\system32\ctfmon.exe
mRun: [ehTray] c:\winnt\ehome\ehtray.exe
mRun: [IgfxTray] c:\winnt\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\winnt\system32\hkcmd.exe
mRun: [Persistence] c:\winnt\system32\igfxpers.exe
mRun: [SigmatelSysTrayApp] stsystra.exe
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [cctray] "c:\program files\ca\ca internet security suite\cctray\cctray.exe"
mRun: [QOELOADER] "c:\program files\ca\ca internet security suite\ca anti-spam\qsp-5.1.18.0\QOELoader.exe"
mRun: [CAVRID] "c:\program files\ca\ca internet security suite\ca anti-virus\CAVRID.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [LXBSCATS] rundll32 c:\winnt\system32\spool\drivers\w32x86\3\LXBStime.dll,_RunDLLEntry@16
StartupFolder: c:\docume~1\alluse~1.win\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE
IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office10\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
LSP: c:\winnt\system32\VetRedir.dll
Trusted Zone: 511wi.gov
Trusted Zone: intuit.com\ttlc
Trusted Zone: turbotax.com
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll
Notify: igfxcui - igfxdev.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
============= SERVICES / DRIVERS ===============
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\SASDIFSV.SYS [2006-10-10 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2007-2-27 67656]
R1 VET-FILT;VET File System Filter;c:\winnt\system32\drivers\vet-filt.sys [2009-9-15 26352]
R1 VET-REC;VET File System Recognizer;c:\winnt\system32\drivers\vet-rec.sys [2009-9-15 21104]
R1 VETEFILE;VET File Scan Engine;c:\winnt\system32\drivers\vetefile.sys [2010-6-4 746216]
R1 VETFDDNT;VET Floppy Boot Sector Monitor;c:\winnt\system32\drivers\vetfddnt.sys [2009-9-15 21488]
R1 VETMONNT;VET File Monitor;c:\winnt\system32\drivers\vetmonnt.sys [2009-9-15 32240]
R2 aawservice;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\aawservice.exe [2008-9-10 611664]
R2 CAISafe;CAISafe;c:\program files\ca\ca internet security suite\ca anti-virus\isafe.exe [2009-9-15 144960]
R2 McrdSvc;Media Center Extender Service;c:\winnt\ehome\mcrdsvc.exe [2005-8-5 99328]
R2 VETMSGNT;VET Message Service;c:\program files\ca\ca internet security suite\ca anti-virus\vetmsg.exe [2009-9-15 238928]
R3 PPCtlPriv;PPCtlPriv;c:\program files\ca\ca internet security suite\ca anti-spyware\PPCtlPriv.exe [2007-8-16 189704]
R3 VETEBOOT;VET Boot Scan Engine;c:\winnt\system32\drivers\veteboot.sys [2010-6-4 130280]
S3 PRSUSB;Sony Reader;c:\winnt\system32\drivers\PRSUSB.sys [2006-8-16 18944]
S3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2006-2-16 12872]
============== File Associations ===============
.scr=AutoCADScriptFile
=============== Created Last 30 ================
2010-07-17 21:09:10 0 d-----w- c:\program files\ESET
2010-07-17 14:04:42 0 d-sh--w- c:\documents and settings\newxpowner\IECompatCache
2010-07-17 12:50:47 38224 ----a-w- c:\winnt\system32\drivers\mbamswissarmy.sys
2010-07-17 12:50:44 20952 ----a-w- c:\winnt\system32\drivers\mbam.sys
2010-07-17 12:50:44 0 d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-07-16 00:03:39 411368 ----a-w- c:\winnt\system32\deployJava1.dll
2010-07-15 22:30:44 0 d-----w- c:\winnt\system32\wbem\Repository
2010-07-15 22:10:45 150 ----a-w- C:\zrpt.xml
==================== Find3M ====================
2010-06-04 12:22:39 746216 ----a-w- c:\winnt\system32\drivers\vetefile.sys
2010-06-04 12:22:39 130280 ----a-w- c:\winnt\system32\drivers\veteboot.sys
2010-05-02 05:22:50 1851264 ----a-w- c:\winnt\system32\win32k.sys
2010-04-20 05:30:08 285696 ----a-w- c:\winnt\system32\atmfd.dll
2006-01-14 16:42:07 251 ----a-w- c:\program files\wt3d.ini
2007-07-08 23:57:38 848 --sha-w- c:\winnt\system32\KGyGaAvL.sys
2009-08-09 20:06:11 580640 --sha-w- c:\winnt\system32\drivers\fidbox.dat
2009-08-09 20:06:11 23328 --sha-w- c:\winnt\system32\drivers\fidbox2.dat
============= FINISH: 16:30:48.95 ===============