Lupindathird

Hello everyone, I have a problem with my Internet Explorer and Safari, and I suspect that it is due to a virus. A few days ago, I opened up Internet Explorer 8 and googled something. I noticed that the Google website was different than usual, because the font was slightly larger than normal. When I went to click on the link, it brought to me to an advertising website and it on the tab was "windowsclick.com/gp.php?u(random numbers here). I closed Internet Explorer and all my applications, and through my headphones, audio from an advertisement came through, but no video was on my screen. I decided to check if this was the case with Safari, and Google worked fine. I closed Safari, and a couple minutes later, I could hear an advertisement coming through my headphones again, but it was different than the last time. I tried to scan my computer using Malwarebytes but it would not open, even after uninstalling and installing it, so I tried to scan in safe mode but that wouldn't even work. Please help :*)
--------------------------------------------------------------------------------------
DDS (Ver_09-05-14.01) - NTFSx86
Run by Owner at 22:43:41.53 on Tue 06/23/2009
Internet Explorer: 7.0.5730.11
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1918.1248 [GMT -7:00]


============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
svchost.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe -k imgsvc
c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
C:\WINDOWS\system32\TODDSrv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Toshiba\Windows Utilities\Hotkey.exe
C:\WINDOWS\system32\TPSMain.exe
C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ltmoh\Ltmoh.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\RAMASST.exe
C:\Program Files\WiFiConnector\NintendoWFCReg.exe
c:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\Safari\Safari.exe
C:\Program Files\Internet Explorer\Iexplore.exe
C:\Documents and Settings\Owner\Desktop\dds.pif

============== Pseudo HJT Report ===============

uSearch Bar = hxxp://www.google.com/ie
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Settings,ProxyOverride = <local>
uInternet Settings,ProxyServer = http=localhost:7171
mWinlogon: Userinit=c:\windows\system32\Userinit.exe
BHO: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - No File
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_07\bin\ssv.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.1.1309.3572\swg.dll
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_219B3E1547538286.dll
TB: &Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar.dll
TB: {A057A204-BACC-4D26-C39E-35F1D2A32EC8} - No File
uRun: [TOSCDSPD] c:\program files\toshiba\toscdspd\toscdspd.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe
uRun: [CurseClient] c:\program files\curse\CurseClient.exe -silent
uRun: [Steam] "c:\program files\steam\steam.exe" -silent
mRun: [ATIPTA] "c:\program files\ati technologies\ati control panel\atiptaxx.exe"
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [Toshiba Hotkey Utility] "c:\program files\toshiba\windows utilities\Hotkey.exe" /lang en
mRun: [TPSMain] TPSMain.exe
mRun: [PadTouch] c:\program files\toshiba\touch and launch\PadExe.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [SkyTel] SkyTel.EXE
mRun: [Alcmtr] ALCMTR.EXE
mRun: [LtMoh] c:\program files\ltmoh\Ltmoh.exe
mRun: [AGRSMMSG] AGRSMMSG.exe
mRun: [IntelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe"
mRun: [itype] "c:\program files\microsoft intellitype pro\itype.exe"
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\bin\AppleSyncNotifier.exe
mRun: [MSKDetectorExe] c:\program files\mcafee\spamkiller\MSKDetct.exe /uninstall
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [Windows Defender] "c:\program files\windows defender\MSASCui.exe" -hide
mRun: [SunJavaUpdateSched] "c:\program files\java\jre1.6.0_07\bin\jusched.exe"
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\ramasst.lnk - c:\windows\system32\RAMASST.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\runreg~1.lnk - c:\program files\wificonnector\NintendoWFCReg.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_07\bin\ssv.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} - hxxp://www.musicnotes.com/download/mnviewer.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab
DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase5483.cab
DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} - hxxp://play.battlefield-heroes.com/static/updater/BFHUpdater_4.0.14.0.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} - hxxp://www.yougamers.com/systeminfo/FMSI.cab
Notify: AtiExtEvent - Ati2evxx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - c:\progra~1\wifd1f~1\MpShHook.dll

============= SERVICES / DRIVERS ===============

R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
R2 tdudf;TOSHIBA UDF File System Driver;c:\windows\system32\drivers\tdudf.sys [2006-6-28 98816]
R2 WinDefend;Windows Defender;c:\program files\windows defender\MsMpEng.exe [2006-11-3 13592]
S3 cpuz130;cpuz130;\??\c:\docume~1\owner\locals~1\temp\cpuz130\cpuz_x32.sys --> c:\docume~1\owner\locals~1\temp\cpuz130\cpuz_x32.sys [?]
S3 utexmtm2;AVZ Kernel Driver;c:\windows\system32\drivers\utexmtm2.sys [2009-6-22 7168]

=============== Created Last 30 ================

2009-06-23 00:11 <DIR> --d----- c:\program files\Spybot - Search & Destroy
2009-06-23 00:11 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
2009-06-22 23:53 7,168 a------- c:\windows\system32\drivers\utexmtm2.sys
2009-06-21 15:05 55,640 a------- c:\windows\system32\drivers\avgntflt.sys
2009-06-18 23:20 <DIR> --d----- c:\windows\system32\wbem\Repository
2009-06-18 23:19 <DIR> --d----- c:\program files\iPod
2009-06-18 23:19 <DIR> --d----- c:\program files\iTunes
2009-06-18 22:32 <DIR> --d----- c:\program files\driver
2009-06-18 22:32 2 a------- c:\windows\010112010146118114.dat
2009-06-17 10:27 <DIR> --d----- c:\program files\iPod(2)
2009-06-17 10:27 <DIR> --d----- c:\program files\iTunes(2)
2009-06-17 10:25 <DIR> --d----- c:\program files\Bonjour
2009-06-17 10:25 <DIR> --d----- c:\program files\QuickTime(2)
2009-06-14 19:20 <DIR> --d----- C:\Recount
2009-06-10 21:14 246,272 -c------ c:\windows\system32\dllcache\ieproxy.dll
2009-06-10 21:14 12,800 -c------ c:\windows\system32\dllcache\xpshims.dll
2009-06-05 22:16 1 a------- c:\windows\9g2234wesdf3dfgjf23
2009-06-05 22:15 2 ----h--- c:\windows\ro122730.dat
2009-05-30 22:32 73,728 a------- c:\windows\system32\javacpl.cpl
2009-05-26 17:18 90,112 a------- c:\windows\system32\QuickTimeVR.qtx
2009-05-26 17:18 57,344 a------- c:\windows\system32\QuickTime.qts
2009-05-25 01:46 <DIR> --d----- c:\windows\system32\xlive
2009-05-25 01:41 <DIR> --d----- c:\program files\Microsoft XNA
2009-05-25 01:33 <DIR> --d----- c:\program files\ATI
2009-05-25 01:29 <DIR> --d----- c:\program files\Microsoft SQL Server
2009-05-25 01:29 <DIR> --d----- c:\program files\Microsoft Synchronization Services
2009-05-25 01:29 <DIR> --d----- c:\program files\Microsoft SQL Server Compact Edition
2009-05-25 01:08 <DIR> --d----- c:\program files\MSECache
2009-05-25 01:04 <DIR> --d-h--- c:\windows\msdownld.tmp
2009-05-25 00:43 <DIR> --dsh--- c:\documents and settings\owner\IECompatCache
2009-05-25 00:42 <DIR> --dsh--- c:\documents and settings\owner\PrivacIE
2009-05-25 00:41 <DIR> --dsh--- c:\documents and settings\owner\IETldCache
2009-05-25 00:39 <DIR> --d----- c:\windows\ie8updates
2009-05-25 00:38 102,400 -c------ c:\windows\system32\dllcache\iecompat.dll
2009-05-25 00:36 78,336 ac------ c:\windows\system32\dllcache\ieencode.dll
2009-05-25 00:36 78,336 a------- c:\windows\system32\ieencode.dll

==================== Find3M ====================

2009-06-21 13:14 60,772 a---h--- c:\windows\system32\mlfcache.dat
2009-06-09 12:29 13,052 a------- c:\docume~1\owner\applic~1\wklnhst.dat
2009-05-07 08:32 345,600 a------- c:\windows\system32\localspl.dll
2009-04-28 21:56 827,392 a------- c:\windows\system32\wininet.dll
2009-04-17 05:26 1,847,168 a------- c:\windows\system32\win32k.sys
2009-04-15 07:51 585,216 a------- c:\windows\system32\rpcrt4.dll
2009-03-21 13:22 34 a------- c:\documents and settings\owner\jagex_runescape_preferences.dat
2008-11-02 01:52 32,768 a--sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008102020081027\index.dat
2008-11-02 01:52 32,768 a--sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008110220081103\index.dat

============= FINISH: 22:45:28.35 ===============

I double clicked gmer but it wouldn't open.

Attached Files

Attach.zip (2.3 KB, 1 views)

Lupindathird

Update-

I put my laptop in standby mode, and at about 6:30 AM, I heard an ad about the new pizza hut pizzones coming through my speakers :O. Internet was closed and everything, and then I heard another ad, but a lady was singing :0

Lupindathird

bump ;3