Uncontrollable popups... HELP

CPD123 · 01-04-2009, 12:49 AM

OK, I think I've done all the steps and attached the files. Sorry, I'm not able to zip the .txt files.

Please help!

Thanks!!!

Mike

DDS (Version 1.1.0) - NTFSx86
Run by Michael Heineman at 2:11:13.54 on Sun 01/04/2009
Internet Explorer: 7.0.5730.11
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.503.157 [GMT -5:00]

AV: PC Tools AntiVirus 5.0.0.22 *On-access scanning enabled* (Updated)
AV: CA Anti-Virus *On-access scanning enabled* (Updated)

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
C:\WINDOWS\system32\svchost -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\SCardSvr.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\PC Tools AntiVirus\PCTAVSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\PC Tools AntiVirus\PCTAV.exe
C:\Program Files\NetWaiting\netWaiting.exe
C:\PROGRA~1\MESSEN~1\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\GetModule\GetModule32.exe
C:\Program Files\GetPack\GetPack26.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Michael Heineman\Local Settings\Temporary Internet Files\Content.IE5\KG83WR2U\dds[1].scr
C:\WINDOWS\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.yahoo.com/
uSearch Page = hxxp://us.rd.yahoo.com/customize/ie/defaults/sp/msgr7/*http://www.yahoo.com
uSearch Bar = hxxp://www.yahoo.com/search/ie.html
uDefault_Page_URL = hxxp://www.google.com/ig/dell?hl=en
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr7/*http://www.yahoo.com/ext/search/search.html
uInternet Settings,ProxyOverride = localhost
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr7/*http://www.yahoo.com
mSearchAssistant = hxxp://www.google.com/hws/sb/dell/en/side.html
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn1\yt.dll
BHO: Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn1\yt.dll
BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: Yahoo! IE Services Button: {5bab4b5b-68bc-4b02-94d6-2fc0de4a7897} - c:\program files\yahoo!\common\yiesrvc.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\googletoolbar2.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\4.1.805.4472\swg.dll
BHO: Browser Helper Object: {afd4ad01-58c1-47db-a404-fbe00a6c5486} - c:\program files\common\helper.dll
BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\googleafe\GoogleAE.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn1\yt.dll
TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar2.dll
TB: {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - No File
EB: &Yahoo! Messenger: {4528bbe0-4e08-11d5-ad55-00010333d0ad} - c:\progra~1\yahoo!\common\yhexbmesus.dll
uRun: [ModemOnHold] c:\program files\netwaiting\netWaiting.exe
uRun: [MSMSGS] "c:\progra~1\messen~1\msmsgs.exe" /background
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe
uRun: [DellSupport] "c:\program files\dellsupport\DSAgnt.exe" /startup
uRun: [GetModule32] c:\program files\getmodule\GetModule32.exe
uRun: [GetPack26] "c:\program files\getpack\GetPack26.exe"
mRun: [PCTAVApp] "c:\program files\pc tools antivirus\PCTAV.exe" /MONITORSCAN
IE: &Search - http://edits.mywebsearch.com/toolbar...rch.jhtml?p=ZS
IE: &Yahoo! Search - file:///c:\program files\yahoo!\Common/ycsrch.htm
IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office11\EXCEL.EXE/3000
IE: Yahoo! &Dictionary - file:///c:\program files\yahoo!\Common/ycdict.htm
IE: Yahoo! &Maps - file:///c:\program files\yahoo!\Common/ycmap.htm
IE: Yahoo! &SMS - file:///c:\program files\yahoo!\Common/ycsms.htm
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - c:\program files\yahoo!\common\yiesrvc.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mi1933~1\office11\REFIEBAR.DLL
LSP: c:\program files\common files\pc tools\lsp\PCTLsp.dll
LSP: vlsp.dll
LSP: c:\windows\system32\VetRedir.dll
TCP: {5DEE28E2-50B6-4F2C-ACFC-82C93D427B6C} = 207.14.188.36,204.117.214.10
Filter: text/html - {74d07de4-6718-4117-9841-b7419c98fd08} - c:\windows\system32\mst122.dll
Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - c:\program files\hp\hpcoretech\comp\hpuiprot.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: igfxcui - igfxdev.dll
Notify: WRNotifier - WRLogonNTF.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SecurityProviders: msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, digeste.dll

============= SERVICES / DRIVERS ===============

R1 VET-FILT;VET File System Filter;c:\windows\system32\drivers\vet-filt.sys [2007-1-24 26640]
R1 VET-REC;VET File System Recognizer;c:\windows\system32\drivers\vet-rec.sys [2007-1-24 21392]
R1 VETEFILE;VET File Scan Engine;c:\windows\system32\drivers\vetefile.sys [2007-5-3 630464]
R1 VETFDDNT;VET Floppy Boot Sector Monitor;c:\windows\system32\drivers\vetfddnt.sys [2007-1-24 21648]
R1 VETMONNT;VET File Monitor;c:\windows\system32\drivers\vetmonnt.sys [2007-1-24 32528]
R3 AVHook;AVHook;c:\windows\system32\drivers\AVHook.sys [2009-1-4 28568]
R3 VETEBOOT;VET Boot Scan Engine;c:\windows\system32\drivers\veteboot.sys [2007-5-3 108656]
R4 AVFilter;AVFilter;c:\windows\system32\drivers\AVFilter.sys [2009-1-4 21904]
R4 PCTAVSvc;PC Tools AntiVirus Engine;c:\program files\pc tools antivirus\PCTAVSvc.exe [2009-1-4 995520]
S3 SCR33X USB Smart Card Reader;SCR33X USB Smart Card Reader;c:\windows\system32\drivers\SCR33X2K.sys [2006-7-27 64088]
S4 CAISafe;CAISafe;c:\program files\ca\ca internet security suite\ca anti-virus\isafe.exe [2007-1-24 140816]
S4 VETMSGNT;VET Message Service;c:\program files\ca\ca internet security suite\ca anti-virus\vetmsg.exe [2007-1-24 247312]

=============== Created Last 30 ================

2009-01-04 00:12 <DIR> --d----- c:\docume~1\michae~1\applic~1\PC Tools
2009-01-04 00:09 <DIR> --d----- c:\program files\common files\PC Tools
2009-01-04 00:09 28,568 a------- c:\windows\system32\drivers\AVHook.sys
2009-01-04 00:09 21,912 a------- c:\windows\system32\drivers\AVRec.sys
2009-01-04 00:09 21,904 a------- c:\windows\system32\drivers\AVFilter.sys
2009-01-04 00:09 <DIR> --d----- c:\program files\PC Tools AntiVirus
2009-01-04 00:09 <DIR> --d----- c:\docume~1\alluse~1\applic~1\PC Tools
2009-01-03 23:47 <DIR> --d----- c:\program files\GetPack
2009-01-03 23:46 <DIR> --d----- c:\docume~1\michae~1\applic~1\GetModule
2009-01-03 23:43 34,816 a------- c:\windows\system32\nnnkKCrr.dll
2009-01-03 23:41 <DIR> --d----- c:\program files\GetModule
2009-01-03 23:41 <DIR> --d----- c:\program files\iCheck
2009-01-03 23:40 198,716 a------- c:\windows\system32\wpv011229907565.cpx
2009-01-03 23:40 38,476 a------- c:\windows\system32\wpv381230995856.cpx
2009-01-03 23:40 45,056 a------- c:\windows\system32\wpv101230995769.cpx
2009-01-03 23:39 22,016 a------- c:\windows\system32\digeste.dll
2008-12-14 00:13 <DIR> --d----- c:\program files\Common

==================== Find3M ====================

2008-12-13 01:40 3,593,216 a------- c:\windows\system32\dllcache\mshtml.dll
2008-10-24 06:10 453,632 -------- c:\windows\system32\dllcache\mrxsmb.sys
2008-10-23 08:01 283,648 a------- c:\windows\system32\gdi32.dll
2008-10-23 08:01 283,648 -------- c:\windows\system32\dllcache\gdi32.dll
2008-10-16 14:13 1,809,944 a------- c:\windows\system32\dllcache\wuaueng.dll
2008-10-16 14:13 202,776 a------- c:\windows\system32\dllcache\wuweb.dll
2008-10-16 14:12 323,608 a------- c:\windows\system32\dllcache\wucltui.dll
2008-10-16 14:12 561,688 a------- c:\windows\system32\dllcache\wuapi.dll
2008-10-16 14:09 92,696 a------- c:\windows\system32\dllcache\cdm.dll
2008-10-16 14:09 51,224 a------- c:\windows\system32\dllcache\wuauclt.exe
2008-10-16 14:08 34,328 a------- c:\windows\system32\dllcache\wups.dll
2008-10-16 14:06 268,648 a------- c:\windows\system32\mucltui.dll
2008-10-16 14:06 208,744 a------- c:\windows\system32\muweb.dll
2008-10-16 08:11 70,656 -------- c:\windows\system32\dllcache\ie4uinit.exe
2008-10-16 08:11 13,824 -------- c:\windows\system32\dllcache\ieudinit.exe
2008-10-15 11:57 332,800 -------- c:\windows\system32\dllcache\netapi32.dll
2008-10-15 02:06 633,632 -------- c:\windows\system32\dllcache\iexplore.exe
2008-10-15 02:04 161,792 -------- c:\windows\system32\dllcache\ieakui.dll
2006-11-04 15:53 284 ac------ c:\docume~1\michae~1\applic~1\ViewerApp.dat
2006-01-31 09:08 56 ---shr-- c:\windows\system32\FE35F9304B.sys
2006-01-31 09:08 3,506 a--sh--- c:\windows\system32\KGyGaAvL.sys

============= FINISH: 2:13:42.93 ===============