Random click noises, IE ad popups, and random sound loss

R

rpperin

New member
I have the exact same symptoms as another poster had on these forums.

Quoted from his thread:

"Recently my pc has been acting rather strangely. As stated in the thread title, I'm experiencing random sound losses, to fix it I have to click on the wave volume bar in system volume.

Also, when the volume is back on I often hear random clicking sounds, as if I clicked on a folder in explorer for example. Sometimes I hear an advertisement!

And lastly, I have the occasional ad popup in IE even though I never use IE, only Firefox."

Furthermore, I have left my computer in this state for about a week and a half. The randomly muted wave sound doesn't seem to be an issue anymore, but pop-ups are just as bad if not worse. And just recently I got a warning that my C: drive is running low on space (243 mb remaining) so I'm not sure if that's another symptom because I haven't done anything significant lately. I plan on exporting all important files to an external hard drive right now and hopefully you guys can help me get get this issue resolved soon! :) Thanks in advance for any help.

My DDS log is as follows:


DDS (Ver_10-03-17.01) - NTFSx86
Run by Ryan at 13:29:45.40 on Mon 08/02/2010
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_13
Microsoft Windows XP Professional 5.1.2600.2.1252.2.1033.18.2047.1227 [GMT -4:00]


============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
svchost.exe 4
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
svchost.exe 4
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\Explorer.EXE
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Java\jre6\bin\jusched.exe
F:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
F:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
F:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
F:\Program Files\Norton Utilities 14\nu.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
F:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Adobe Media Player\Adobe Media Player.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Java\jre6\bin\jucheck.exe
C:\WINDOWS\system32\spoolsv.exe
F:\Program Files\Norton Utilities 14\upgrade.exe
C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
F:\Program Files\Mozilla\firefox.exe
F:\Program Files\Mozilla\plugin-container.exe
C:\Documents and Settings\Ryan\Desktop\dds.com

============== Pseudo HJT Report ===============

uInternet Settings,ProxyOverride = *.local
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
uRun: [Steam] "g:\program files\steam\steam.exe" -silent
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [NortonUtilities] f:\program files\norton utilities 14\nu.exe /H
uRun: [MsnMsgr] "c:\program files\windows live\messenger\MsnMsgr.Exe" /background
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
mRun: [QuickFinder Scheduler] "f:\program files\wordperfect office 11\programs\QFSCHD110.EXE"
mRun: [HP Component Manager] "c:\program files\hp\hpcoretech\hpcmpmgr.exe"
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [IMJPMIG8.1] "c:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
mRun: [MSPY2002] c:\windows\system32\ime\pintlgnt\ImScInst.exe /SYNC
mRun: [PHIME2002ASync] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNC
mRun: [PHIME2002A] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMEName
mRun: [NeroCheck] c:\windows\system32\NeroCheck.exe
mRun: [DAEMON Tools] "f:\program files\daemon tools\daemon.exe" -lang 1033
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\bin\AppleSyncNotifier.exe
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [Smapp] c:\program files\analog devices\soundmax\SMTray.exe
mRun: [HP Software Update] f:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [<NO NAME>]
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "f:\program files\itunes\iTunesHelper.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
dRunOnce: [FlashPlayerUpdate] c:\windows\system32\macromed\flash\FlashUtil10e.exe
StartupFolder: c:\docume~1\ryan\startm~1\programs\startup\adobem~1.lnk - c:\program files\adobe media player\Adobe Media Player.exe
StartupFolder: c:\docume~1\ryan\startm~1\programs\startup\erunta~1.lnk - f:\program files\erunt\AUTOBACK.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - f:\program files\hp\digital imaging\bin\hpqtra08.exe
IE: E&xport to Microsoft Excel - f:\progra~1\micros~1\office11\EXCEL.EXE/3000
IE: {022C4009-5283-4365-97BF-144054B40E2E} - http://itv.mop.com
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - f:\progra~1\micros~1\office11\REFIEBAR.DLL
Trusted Zone: tessource.net\big
Trusted Zone: tessource.net\www
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab
DPF: {FEE1002D-90A5-4A5D-AABE-01803FFBCF7A} - hxxp://ps.itv.mop.com/dn/files/pCastCtl_1.0.0.80_20060123.cab
Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - c:\program files\hp\hpcoretech\comp\hpuiprot.dll
Notify: AtiExtEvent - Ati2evxx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\ryan\applic~1\mozilla\firefox\profiles\wdp37zzq.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://go.microsoft.com/fwlink/?LinkId=69157
FF - component: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordext.dll
FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: c:\documents and settings\ryan\application data\facebook\npfbplugin_1_0_3.dll
FF - plugin: c:\documents and settings\ryan\application data\mozilla\firefox\profiles\wdp37zzq.default\extensions\firefox@tvunetworks.com\plugins\npTVUAx.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: f:\program files\divx\divx content uploader\npUpload.dll
FF - plugin: f:\program files\divx\divx web player\npdivx32.dll
FF - plugin: f:\program files\itunes\mozilla plugins\npitunes.dll
FF - plugin: f:\program files\mozilla\plugins\npmozax.dll
FF - plugin: f:\program files\mozilla\plugins\nptgeqplugin.dll
FF - plugin: f:\program files\real\realplayer\netscape6\nppl3260.dll
FF - plugin: f:\program files\real\realplayer\netscape6\nprjplug.dll
FF - plugin: f:\program files\real\realplayer\netscape6\nprpjplug.dll
FF - plugin: f:\program files\veetle\player\npvlc.dll
FF - plugin: f:\program files\veetle\plugins\npVeetle.dll
FF - plugin: f:\program files\veetle\vlcbroadcast\npvbp.dll
FF - HiddenExtension: Java Console: No Registry Reference - f:\program files\mozilla\extensions\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - f:\program files\mozilla\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - f:\program files\mozilla\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
f:\program files\mozilla\greprefs\all.js - pref("ui.use_native_colors", true);
f:\program files\mozilla\greprefs\all.js - pref("ui.use_native_popup_windows", false);
f:\program files\mozilla\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
f:\program files\mozilla\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
f:\program files\mozilla\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
f:\program files\mozilla\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
f:\program files\mozilla\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
f:\program files\mozilla\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
f:\program files\mozilla\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
f:\program files\mozilla\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
f:\program files\mozilla\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
f:\program files\mozilla\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
f:\program files\mozilla\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
f:\program files\mozilla\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
f:\program files\mozilla\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
f:\program files\mozilla\greprefs\all.js - pref("network.proxy.type", 5);
f:\program files\mozilla\greprefs\all.js - pref("network.buffer.cache.count", 24);
f:\program files\mozilla\greprefs\all.js - pref("network.buffer.cache.size", 4096);
f:\program files\mozilla\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
f:\program files\mozilla\greprefs\all.js - pref("svg.smil.enabled", false);
f:\program files\mozilla\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
f:\program files\mozilla\greprefs\all.js - pref("browser.formfill.debug", false);
f:\program files\mozilla\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
f:\program files\mozilla\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
f:\program files\mozilla\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
f:\program files\mozilla\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
f:\program files\mozilla\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
f:\program files\mozilla\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
f:\program files\mozilla\greprefs\all.js - pref("accelerometer.enabled", true);
f:\program files\mozilla\greprefs\all.js - pref("html5.enable", false);
f:\program files\mozilla\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
f:\program files\mozilla\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
f:\program files\mozilla\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
f:\program files\mozilla\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
f:\program files\mozilla\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
f:\program files\mozilla\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
f:\program files\mozilla\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
f:\program files\mozilla\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
f:\program files\mozilla\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
f:\program files\mozilla\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
f:\program files\mozilla\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
f:\program files\mozilla\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
f:\program files\mozilla\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
f:\program files\mozilla\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
f:\program files\mozilla\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
f:\program files\mozilla\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
f:\program files\mozilla\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
f:\program files\mozilla\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
f:\program files\mozilla\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
f:\program files\mozilla\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
f:\program files\mozilla\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
f:\program files\mozilla\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
f:\program files\mozilla\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
f:\program files\mozilla\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
f:\program files\mozilla\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

============= SERVICES / DRIVERS ===============

S3 c344cc55-3bbe-4f83-a257-57b070db953b;c344cc55-3bbe-4f83-a257-57b070db953b;\??\d:\cds300\cds300.dll --> d:\cds300\cds300.dll [?]
S3 JL2001;Telemax WebCam WC-50;c:\windows\system32\drivers\videocap.sys [2002-1-10 173768]

============== File Associations ===============

scrfile="c:\program files\internet explorer\Iexplore.exe" %1

=============== Created Last 30 ================

2010-07-25 21:16:41 0 d-----w- c:\windows\pss
2010-07-25 19:44:42 664 ----a-w- c:\windows\system32\d3d9caps.dat

==================== Find3M ====================

2010-08-02 01:14:21 29133 ----a-w- c:\windows\hpoins03.dat
2010-07-01 20:07:10 51716 ----a-w- c:\windows\system32\pdf995mon.dll
2010-07-01 20:07:10 249856 ----a-w- c:\windows\system32\pdfmona.dll

============= FINISH: 13:29:58.87 ===============
 
Hi,

Please download MBRCheck to your desktop.

1. Double click MBRCheck.exe to run it (Right click and run as Administrator for Vista).
2. It will open a black window, please do not fix anything (if it gives you an option).
3. Exit that window and it will produce a log (MBRCheck_date_time).
4. Please post that log + fresh dds.txt log in your reply.
 
Mbr & dds

Hi, thanks for your response.

MBR log:
MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows XP Professional
Windows Information: Service Pack 2 (build 2600)
Logical Drives Mask: 0x000001fc

Kernel Drivers (total 124):
0x804D7000 \WINDOWS\system32\ntoskrnl.exe
0x806FD000 \WINDOWS\system32\hal.dll
0xF7987000 \WINDOWS\system32\KDCOM.DLL
0xF7897000 \WINDOWS\system32\BOOTVID.dll
0xF750E000 sptd.sys
0xF7989000 \WINDOWS\System32\Drivers\WMILIB.SYS
0xF74F6000 \WINDOWS\System32\Drivers\SPTDDRV1.SYS
0xF74C8000 ACPI.sys
0xF74B7000 pci.sys
0xF75F7000 isapnp.sys
0xF7A4F000 pciide.sys
0xF7707000 \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
0xF798B000 intelide.sys
0xF7607000 MountMgr.sys
0xF7878000 ftdisk.sys
0xF798D000 dmload.sys
0xF7852000 dmio.sys
0xF770F000 PartMgr.sys
0xF7617000 VolSnap.sys
0xF783A000 atapi.sys
0xF7627000 disk.sys
0xF7637000 \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
0xF7967000 fltMgr.sys
0xF7405000 sr.sys
0xF7950000 KSecDD.sys
0xF7B52000 Ntfs.sys
0xF7A22000 NDIS.sys
0xF7B37000 Mup.sys
0xF7647000 agp440.sys
0xF74A7000 \SystemRoot\system32\DRIVERS\intelppm.sys
0xB97D6000 \SystemRoot\system32\DRIVERS\ati2mtag.sys
0xB9421000 \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
0xF7787000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0xB93FE000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0xF778F000 \SystemRoot\system32\DRIVERS\usbehci.sys
0xBA780000 \SystemRoot\system32\DRIVERS\R8139n51.SYS
0xBA770000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0xF7797000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0xBA760000 \SystemRoot\system32\DRIVERS\serial.sys
0xBA62C000 \SystemRoot\system32\DRIVERS\serenum.sys
0xBA750000 \SystemRoot\system32\DRIVERS\cdrom.sys
0xBA720000 \SystemRoot\system32\DRIVERS\redbook.sys
0xB93DB000 \SystemRoot\system32\DRIVERS\ks.sys
0xF779F000 \SystemRoot\System32\Drivers\GEARAspiWDM.sys
0xBA740000 \SystemRoot\system32\DRIVERS\imapi.sys
0xB91BD000 \SystemRoot\system32\drivers\smwdm.sys
0xB9199000 \SystemRoot\system32\drivers\portcls.sys
0xBA730000 \SystemRoot\system32\drivers\drmk.sys
0xF79D9000 \SystemRoot\system32\drivers\aeaudio.sys
0xB897E000 \SystemRoot\System32\Drivers\aj6245sh.SYS
0xB8966000 \SystemRoot\System32\Drivers\SCSIPORT.SYS
0xBA7E0000 \SystemRoot\system32\DRIVERS\fsvga.sys
0xB9C80000 \SystemRoot\system32\DRIVERS\audstub.sys
0xB9D53000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0xBA7DC000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0xB85DA000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0xB9D43000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0xB9D33000 \SystemRoot\system32\DRIVERS\raspptp.sys
0xF7807000 \SystemRoot\system32\DRIVERS\TDI.SYS
0xB850F000 \SystemRoot\system32\DRIVERS\psched.sys
0xB9D23000 \SystemRoot\system32\DRIVERS\msgpc.sys
0xF7817000 \SystemRoot\system32\DRIVERS\ptilink.sys
0xF781F000 \SystemRoot\system32\DRIVERS\raspti.sys
0xF7757000 \SystemRoot\system32\DRIVERS\hamachi.sys
0xB84DE000 \SystemRoot\system32\DRIVERS\rdpdr.sys
0xB9D13000 \SystemRoot\system32\DRIVERS\termdd.sys
0xF776F000 \SystemRoot\system32\DRIVERS\mouclass.sys
0xF79E3000 \SystemRoot\system32\DRIVERS\swenum.sys
0xB8485000 \SystemRoot\system32\DRIVERS\update.sys
0xBA7BC000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0xB9CE3000 \SystemRoot\System32\Drivers\NDProxy.SYS
0xF76C7000 \SystemRoot\system32\DRIVERS\usbhub.sys
0xF79E9000 \SystemRoot\system32\DRIVERS\USBD.SYS
0xF7995000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0xB9B97000 \SystemRoot\System32\Drivers\Null.SYS
0xF7997000 \SystemRoot\System32\Drivers\Beep.SYS
0xB8CA6000 \SystemRoot\System32\drivers\vga.sys
0xF7999000 \SystemRoot\System32\Drivers\mnmdd.SYS
0xF799B000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0xB8C9E000 \SystemRoot\System32\Drivers\Msfs.SYS
0xF77AF000 \SystemRoot\System32\Drivers\Npfs.SYS
0xB85F1000 \SystemRoot\system32\DRIVERS\rasacd.sys
0xAFA37000 \SystemRoot\system32\DRIVERS\ipsec.sys
0xAF9DF000 \SystemRoot\system32\DRIVERS\tcpip.sys
0xAF9B7000 \SystemRoot\system32\DRIVERS\netbt.sys
0xAF996000 \SystemRoot\system32\DRIVERS\ipnat.sys
0xAF974000 \SystemRoot\System32\drivers\afd.sys
0xB8659000 \SystemRoot\system32\DRIVERS\wanarp.sys
0xB8649000 \SystemRoot\system32\DRIVERS\netbios.sys
0xB8639000 \SystemRoot\System32\drivers\sdcplh.sys
0xF77B7000 \SystemRoot\System32\Drivers\SCDEmu.SYS
0xAF949000 \SystemRoot\system32\DRIVERS\rdbss.sys
0xAF8DA000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xB8629000 \SystemRoot\System32\Drivers\Fips.SYS
0xAFB36000 \SystemRoot\system32\DRIVERS\hidusb.sys
0xB9D63000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0xF77CF000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0xAFB32000 \SystemRoot\system32\DRIVERS\mouhid.sys
0xAFE7A000 \SystemRoot\System32\Drivers\Cdfs.SYS
0xAF8A1000 \SystemRoot\System32\Drivers\Udfs.SYS
0xAF889000 \SystemRoot\System32\Drivers\dump_atapi.sys
0xF79AB000 \SystemRoot\System32\Drivers\dump_WMILIB.SYS
0xBF800000 \SystemRoot\System32\win32k.sys
0xBA630000 \SystemRoot\System32\drivers\Dxapi.sys
0xAFAAA000 \SystemRoot\System32\watchdog.sys
0xBF000000 \SystemRoot\System32\drivers\dxg.sys
0xB9F92000 \SystemRoot\System32\drivers\dxgthk.sys
0xBF012000 \SystemRoot\System32\ati2dvag.dll
0xBF065000 \SystemRoot\System32\ati2cqag.dll
0xBF0FE000 \SystemRoot\System32\atikvmag.dll
0xBF182000 \SystemRoot\System32\atiok3x2.dll
0xBF1CD000 \SystemRoot\System32\ati3duag.dll
0xBF572000 \SystemRoot\System32\ativvaxx.dll
0xAD815000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0xAD4DC000 \SystemRoot\system32\drivers\wdmaud.sys
0xAD671000 \SystemRoot\system32\drivers\sysaudio.sys
0xACEFD000 \SystemRoot\system32\DRIVERS\mrxdav.sys
0xACCAC000 \SystemRoot\System32\Drivers\HTTP.sys
0xACC32000 \SystemRoot\system32\DRIVERS\srv.sys
0xACB1A000 \SystemRoot\system32\DRIVERS\secdrv.sys
0xAC1B0000 \SystemRoot\system32\drivers\kmixer.sys
0xAFAB2000 \SystemRoot\system32\DRIVERS\USBSTOR.SYS
0xAC18D000 \SystemRoot\System32\Drivers\Fastfat.SYS
0x7C900000 \WINDOWS\system32\ntdll.dll

Processes (total 51):
0 System Idle Process
4 System
588 C:\WINDOWS\system32\smss.exe
636 csrss.exe
668 C:\WINDOWS\system32\winlogon.exe
712 C:\WINDOWS\system32\services.exe
724 C:\WINDOWS\system32\lsass.exe
896 C:\WINDOWS\system32\ati2evxx.exe
916 C:\WINDOWS\system32\svchost.exe
972 svchost.exe
1116 C:\WINDOWS\system32\svchost.exe
1220 svchost.exe
1308 svchost.exe
1456 C:\WINDOWS\system32\spoolsv.exe
1536 C:\WINDOWS\system32\ati2evxx.exe
1964 C:\WINDOWS\explorer.exe
228 C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
236 C:\Program Files\Java\jre6\bin\jusched.exe
304 F:\Program Files\DAEMON Tools\daemon.exe
336 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
376 C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
436 F:\Program Files\HP\HP Software Update\hpwuschd2.exe
472 C:\Program Files\QuickTime\QTTask.exe
508 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
488 F:\Program Files\iTunes\iTunesHelper.exe
688 C:\Program Files\Common Files\Real\Update_OB\realsched.exe
1024 C:\WINDOWS\system32\ctfmon.exe
1044 F:\Program Files\Norton Utilities 14\nu.exe
1080 C:\Program Files\Windows Live\Messenger\msnmsgr.exe
1192 C:\Program Files\Windows Media Player\wmpnscfg.exe
1400 F:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
1864 C:\WINDOWS\system32\svchost.exe
2012 svchost.exe
2076 C:\WINDOWS\system32\svchost.exe
2216 C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
2276 C:\Program Files\Bonjour\mDNSResponder.exe
2500 C:\WINDOWS\system32\svchost.exe
2592 C:\Program Files\Java\jre6\bin\jqs.exe
2640 C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
2940 C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
2964 C:\WINDOWS\system32\svchost.exe
3208 wmpnetwk.exe
3744 C:\Program Files\iPod\bin\iPodService.exe
1764 alg.exe
2896 C:\WINDOWS\system32\msiexec.exe
4000 C:\WINDOWS\system32\wuauclt.exe
1692 C:\Program Files\Java\jre6\bin\jucheck.exe
3004 C:\Program Files\Windows Live\Contacts\wlcomm.exe
772 C:\Program Files\Adobe Media Player\Adobe Media Player.exe
2572 F:\Program Files\Norton Utilities 14\Upgrade.exe
3420 C:\Documents and Settings\Ryan\Desktop\MBRCheck.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00007e00 (NTFS)
\\.\F: --> \\.\PhysicalDrive0 at offset 0x00000006`29aca200 (NTFS)
\\.\G: --> \\.\PhysicalDrive0 at offset 0x00000013`2d83ba00 (NTFS)

PhysicalDrive0 Model Number: WDCWD2500JD-00GBB0, Rev: 02.05D02

Size Device Name MBR Status
--------------------------------------------
232 GB \\.\PhysicalDrive0 Known-bad MBR code detected (Whistler / Black Internet)!
SHA1: E30F55669FDD6E12DEF37C92571A257579656269


Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:

Done!

DDS log:

DDS (Ver_10-03-17.01) - NTFSx86
Run by Ryan at 21:49:29.69 on Fri 08/06/2010
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_13
Microsoft Windows XP Professional 5.1.2600.2.1252.2.1033.18.2047.1441 [GMT -4:00]


============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Java\jre6\bin\jusched.exe
F:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
F:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
F:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
F:\Program Files\Norton Utilities 14\nu.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
F:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
svchost.exe 4
svchost.exe
svchost.exe 4
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Java\jre6\bin\jucheck.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
c:\program files\adobe media player\adobe media player.exe
F:\Program Files\Norton Utilities 14\upgrade.exe
C:\Documents and Settings\Ryan\Desktop\dds.com

============== Pseudo HJT Report ===============

uInternet Settings,ProxyOverride = *.local
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
uRun: [Steam] "g:\program files\steam\steam.exe" -silent
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [NortonUtilities] f:\program files\norton utilities 14\nu.exe /H
uRun: [MsnMsgr] "c:\program files\windows live\messenger\MsnMsgr.Exe" /background
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
mRun: [QuickFinder Scheduler] "f:\program files\wordperfect office 11\programs\QFSCHD110.EXE"
mRun: [HP Component Manager] "c:\program files\hp\hpcoretech\hpcmpmgr.exe"
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [IMJPMIG8.1] "c:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
mRun: [MSPY2002] c:\windows\system32\ime\pintlgnt\ImScInst.exe /SYNC
mRun: [PHIME2002ASync] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNC
mRun: [PHIME2002A] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMEName
mRun: [NeroCheck] c:\windows\system32\NeroCheck.exe
mRun: [DAEMON Tools] "f:\program files\daemon tools\daemon.exe" -lang 1033
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\bin\AppleSyncNotifier.exe
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [Smapp] c:\program files\analog devices\soundmax\SMTray.exe
mRun: [HP Software Update] f:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [<NO NAME>]
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "f:\program files\itunes\iTunesHelper.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
dRunOnce: [FlashPlayerUpdate] c:\windows\system32\macromed\flash\FlashUtil10e.exe
StartupFolder: c:\docume~1\ryan\startm~1\programs\startup\adobem~1.lnk - c:\program files\adobe media player\Adobe Media Player.exe
StartupFolder: c:\docume~1\ryan\startm~1\programs\startup\erunta~1.lnk - f:\program files\erunt\AUTOBACK.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - f:\program files\hp\digital imaging\bin\hpqtra08.exe
IE: E&xport to Microsoft Excel - f:\progra~1\micros~1\office11\EXCEL.EXE/3000
IE: {022C4009-5283-4365-97BF-144054B40E2E} - http://itv.mop.com
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - f:\progra~1\micros~1\office11\REFIEBAR.DLL
Trusted Zone: tessource.net\big
Trusted Zone: tessource.net\www
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab
DPF: {FEE1002D-90A5-4A5D-AABE-01803FFBCF7A} - hxxp://ps.itv.mop.com/dn/files/pCastCtl_1.0.0.80_20060123.cab
Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - c:\program files\hp\hpcoretech\comp\hpuiprot.dll
Notify: AtiExtEvent - Ati2evxx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\ryan\applic~1\mozilla\firefox\profiles\wdp37zzq.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://go.microsoft.com/fwlink/?LinkId=69157
FF - component: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordext.dll
FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: c:\documents and settings\ryan\application data\facebook\npfbplugin_1_0_3.dll
FF - plugin: c:\documents and settings\ryan\application data\mozilla\firefox\profiles\wdp37zzq.default\extensions\firefox@tvunetworks.com\plugins\npTVUAx.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: f:\program files\divx\divx content uploader\npUpload.dll
FF - plugin: f:\program files\divx\divx web player\npdivx32.dll
FF - plugin: f:\program files\itunes\mozilla plugins\npitunes.dll
FF - plugin: f:\program files\mozilla\plugins\npmozax.dll
FF - plugin: f:\program files\mozilla\plugins\nptgeqplugin.dll
FF - plugin: f:\program files\real\realplayer\netscape6\nppl3260.dll
FF - plugin: f:\program files\real\realplayer\netscape6\nprjplug.dll
FF - plugin: f:\program files\real\realplayer\netscape6\nprpjplug.dll
FF - plugin: f:\program files\veetle\player\npvlc.dll
FF - plugin: f:\program files\veetle\plugins\npVeetle.dll
FF - plugin: f:\program files\veetle\vlcbroadcast\npvbp.dll
FF - HiddenExtension: Java Console: No Registry Reference - f:\program files\mozilla\extensions\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - f:\program files\mozilla\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - f:\program files\mozilla\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
f:\program files\mozilla\greprefs\all.js - pref("ui.use_native_colors", true);
f:\program files\mozilla\greprefs\all.js - pref("ui.use_native_popup_windows", false);
f:\program files\mozilla\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
f:\program files\mozilla\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
f:\program files\mozilla\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
f:\program files\mozilla\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
f:\program files\mozilla\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
f:\program files\mozilla\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
f:\program files\mozilla\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
f:\program files\mozilla\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
f:\program files\mozilla\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
f:\program files\mozilla\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
f:\program files\mozilla\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
f:\program files\mozilla\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
f:\program files\mozilla\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
f:\program files\mozilla\greprefs\all.js - pref("network.proxy.type", 5);
f:\program files\mozilla\greprefs\all.js - pref("network.buffer.cache.count", 24);
f:\program files\mozilla\greprefs\all.js - pref("network.buffer.cache.size", 4096);
f:\program files\mozilla\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
f:\program files\mozilla\greprefs\all.js - pref("svg.smil.enabled", false);
f:\program files\mozilla\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
f:\program files\mozilla\greprefs\all.js - pref("browser.formfill.debug", false);
f:\program files\mozilla\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
f:\program files\mozilla\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
f:\program files\mozilla\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
f:\program files\mozilla\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
f:\program files\mozilla\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
f:\program files\mozilla\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
f:\program files\mozilla\greprefs\all.js - pref("accelerometer.enabled", true);
f:\program files\mozilla\greprefs\all.js - pref("html5.enable", false);
f:\program files\mozilla\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
f:\program files\mozilla\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
f:\program files\mozilla\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
f:\program files\mozilla\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
f:\program files\mozilla\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
f:\program files\mozilla\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
f:\program files\mozilla\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
f:\program files\mozilla\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
f:\program files\mozilla\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
f:\program files\mozilla\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
f:\program files\mozilla\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
f:\program files\mozilla\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
f:\program files\mozilla\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
f:\program files\mozilla\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
f:\program files\mozilla\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
f:\program files\mozilla\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
f:\program files\mozilla\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
f:\program files\mozilla\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
f:\program files\mozilla\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
f:\program files\mozilla\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
f:\program files\mozilla\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
f:\program files\mozilla\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
f:\program files\mozilla\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
f:\program files\mozilla\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
f:\program files\mozilla\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

============= SERVICES / DRIVERS ===============

S3 c344cc55-3bbe-4f83-a257-57b070db953b;c344cc55-3bbe-4f83-a257-57b070db953b;\??\d:\cds300\cds300.dll --> d:\cds300\cds300.dll [?]
S3 JL2001;Telemax WebCam WC-50;c:\windows\system32\drivers\videocap.sys [2002-1-10 173768]

============== File Associations ===============

scrfile="c:\program files\internet explorer\Iexplore.exe" %1

=============== Created Last 30 ================

2010-07-25 21:16:41 0 d-----w- c:\windows\pss
2010-07-25 19:44:42 664 ----a-w- c:\windows\system32\d3d9caps.dat

==================== Find3M ====================

2010-08-07 01:39:09 29133 ----a-w- c:\windows\hpoins03.dat
2010-07-01 20:07:10 51716 ----a-w- c:\windows\system32\pdf995mon.dll
2010-07-01 20:07:10 249856 ----a-w- c:\windows\system32\pdfmona.dll

============= FINISH: 21:50:02.89 ===============
 
Hi,

Please visit this webpage for download links, and instructions for running ComboFix tool:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Please ensure you read this guide carefully first.


Please continue as follows:

  1. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix, link
    Remember to re-enable them afterwards.

  2. Click Yes to allow ComboFix to continue scanning for malware.

When the tool is finished, it will produce a report for you.

Please include the following reports for further review, and so we may continue cleansing the system:

C:\ComboFix.txt
New dds & MBRCheck logs.

A word of warning: Neither I nor sUBs are responsible for any damage you may have caused your machine by running ComboFix. This tool is not a toy and not for everyday use.
 
Due to inactivity, this thread will now be closed.

Note:If it has been three days or more since your last post, and the helper assisting you posted a response to that post to which you did not reply, your topic will not be reopened. At that point, if you still require help, please start a new topic and include a fresh DDS log and a link to your previous thread. Please do not add any logs that might have been requested in the closed topic, you would be starting fresh.

If it has been less than three days since your last response and you need the thread re-opened, please send me or other MOD a private message (pm). A valid, working link to the closed topic is required.
 
You must log in or register to reply here.
Back
Top