[GreyTalon]

Hey all I'm Talon and I have the google Redirect problem. I looked at some of the others on this site complaining of the same thing so I downloaded OTL,Combo-Fix, and reinstalled HijackThis! so thank you for your help and I will post and do all you ask to help me fix my computer Thanks a lot!

-----Combo-Fix-----
ComboFix 09-07-23.01 - customer 07/23/2009 13:17.8.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.511.281 [GMT -4:00]
Running from: c:\documents and settings\customer\Desktop\Combo-Fix.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\Installer\WMEncoder.msi
c:\windows\system32\drivers\geyekrvmtnbobr.sys
c:\windows\system32\geyekrabwwbjes.dat
c:\windows\system32\geyekrpiwnrwri.dll
c:\windows\system32\geyekrqoiqrsip.dat
c:\windows\system32\geyekrxquwkknb.dll
c:\windows\system32\tmp.reg

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_geyekrwbnyrekx


((((((((((((((((((((((((( Files Created from 2009-06-23 to 2009-07-23 )))))))))))))))))))))))))))))))
.

2009-07-23 16:59 . 2009-07-23 17:06 -------- d-----w- C:\ComboFix
2009-07-23 16:03 . 2009-07-23 16:03 -------- d-----w- c:\documents and settings\customer\Application Data\PCToolsFirewallPlus
2009-07-23 15:48 . 2009-07-23 15:51 -------- d-----w- c:\program files\WinClamAVShield
2009-07-23 15:37 . 2009-07-23 15:37 -------- d-----w- c:\program files\Crawler
2009-07-23 15:37 . 2009-07-13 17:36 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-07-23 15:37 . 2009-07-23 17:04 -------- d-----w- c:\documents and settings\customer\Application Data\Spyware Terminator
2009-07-23 15:37 . 2009-07-23 15:37 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-07-23 15:37 . 2009-07-23 15:37 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2009-07-23 15:37 . 2009-07-13 17:36 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-07-23 15:37 . 2009-07-23 16:24 -------- d-----w- c:\docume~1\ALLUSE~1\APPLIC~1\Spyware Terminator
2009-07-23 15:37 . 2009-07-23 17:04 -------- d-----w- c:\program files\Spyware Terminator
2009-07-23 05:12 . 2009-07-23 05:12 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Google
2009-07-23 04:58 . 2009-07-23 04:58 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Google
2009-07-23 04:58 . 2009-07-23 04:58 -------- d-----w- c:\program files\Common Files\DivX Shared
2009-07-23 03:04 . 2003-03-18 20:20 1060864 ----a-w- c:\windows\system32\MFC71.dll
2009-07-23 03:04 . 2009-07-23 03:04 -------- d-----w- c:\program files\Alwil Software
2009-07-19 19:34 . 2009-07-19 19:34 -------- d-----w- c:\documents and settings\customer\Local Settings\Application Data\Conduit
2009-07-19 19:34 . 2009-07-19 19:34 -------- d-----w- c:\program files\Conduit
2009-07-19 19:34 . 2009-07-23 14:38 -------- d-----w- c:\documents and settings\customer\Local Settings\Application Data\free-downloads.net
2009-07-19 19:34 . 2009-07-22 14:14 -------- d-----w- c:\program files\free-downloads.net
2009-07-06 00:56 . 2009-07-06 00:56 -------- d-----w- c:\program files\Stardock
2009-06-29 02:14 . 2009-07-10 03:36 -------- d-----w- c:\program files\Battle for Wesnoth 1.6.3
2009-06-28 20:42 . 2009-06-28 22:47 -------- d-----w- c:\documents and settings\customer\Application Data\IObit
2009-06-28 20:41 . 2009-07-23 14:57 -------- d-----w- c:\program files\IObit
2009-06-28 13:35 . 2009-06-28 13:35 -------- d-sh--w- c:\documents and settings\Administrator\IETldCache
2009-06-26 05:31 . 2009-06-26 05:31 -------- d-sh--w- c:\documents and settings\customer\IECompatCache
2009-06-23 19:28 . 2009-06-23 19:28 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache
2009-06-23 19:19 . 2009-06-23 19:19 -------- d-sh--w- c:\documents and settings\customer\PrivacIE
2009-06-23 19:09 . 2009-06-23 19:09 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2009-06-23 18:56 . 2009-06-23 18:56 -------- d-sh--w- c:\documents and settings\customer\IETldCache
2009-06-23 18:40 . 2009-06-02 10:12 102912 -c----w- c:\windows\system32\dllcache\iecompat.dll
2009-06-23 18:38 . 2009-06-23 18:40 -------- d-----w- c:\windows\ie8updates
2009-06-23 18:36 . 2009-04-30 21:22 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2009-06-23 18:36 . 2009-04-30 21:22 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2009-06-23 18:29 . 2009-06-23 18:36 -------- dc-h--w- c:\windows\ie8

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-23 16:17 . 2007-06-28 18:34 -------- d---a-w- c:\docume~1\ALLUSE~1\APPLIC~1\TEMP
2009-07-23 15:25 . 2007-05-11 19:54 -------- d-----w- c:\docume~1\ALLUSE~1\APPLIC~1\McAfee
2009-07-23 15:25 . 2007-11-25 01:47 -------- d-----w- c:\program files\McAfee
2009-07-23 14:56 . 2007-12-02 14:08 -------- d-----w- c:\program files\Sun
2009-07-23 14:56 . 2009-06-09 21:35 -------- d-----w- c:\program files\Myth II
2009-07-23 14:55 . 2007-05-11 20:14 -------- d-----w- c:\program files\Google
2009-07-23 14:43 . 2009-01-31 02:43 0 ----a-w- c:\documents and settings\customer\Local Settings\Application Data\prvlcl.dat
2009-07-23 04:58 . 2007-05-31 22:51 -------- d-----w- c:\program files\DivX
2009-07-22 14:07 . 2009-01-03 17:03 -------- d-----w- c:\program files\BaldursGateTutu
2009-07-22 14:07 . 2008-10-05 17:16 -------- d-----w- c:\program files\AIM Music Link
2009-07-22 14:07 . 2007-07-02 04:46 -------- d-----w- c:\documents and settings\customer\Application Data\IMVU
2009-07-22 14:07 . 2007-06-23 01:40 -------- d-----w- c:\program files\Starcraft
2009-07-22 14:07 . 2007-05-15 21:30 -------- d-----w- c:\program files\Warcraft III
2009-07-19 20:15 . 2008-05-20 22:49 -------- d-----w- c:\documents and settings\customer\Application Data\Petroglyph
2009-07-19 19:59 . 2008-12-23 04:17 -------- d-----w- c:\program files\LucasArts
2009-07-19 19:59 . 2006-09-20 17:23 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-07-19 18:58 . 2008-08-05 22:06 -------- d-----w- c:\documents and settings\customer\Application Data\DAEMON Tools
2009-07-12 19:49 . 2008-04-15 23:52 -------- d-----w- c:\documents and settings\customer\Application Data\Intuit
2009-07-12 19:49 . 2007-11-24 18:11 -------- d-----w- c:\documents and settings\customer\Application Data\Ventrilo
2009-07-12 19:49 . 2007-05-25 21:17 -------- d-----w- c:\docume~1\ALLUSE~1\APPLIC~1\ATI MMC
2009-07-12 19:49 . 2007-11-24 18:11 -------- d-----w- c:\program files\VentSrv
2009-07-12 19:49 . 2009-06-07 21:15 -------- d-----w- c:\program files\Myth_TFL
2009-07-12 19:49 . 2009-03-14 14:32 -------- d-----w- c:\program files\MagicISO
2009-07-12 19:49 . 2007-05-25 21:14 -------- d-----w- c:\program files\ATI Multimedia
2009-07-12 19:49 . 2007-05-12 03:57 -------- d-----w- c:\program files\AOL 9.0
2009-07-12 19:49 . 2008-12-05 21:24 -------- d-----w- c:\program files\GameSpy Arcade
2009-06-28 18:27 . 2008-03-07 00:52 -------- d-----w- c:\documents and settings\customer\Application Data\IGN_DLM
2009-06-28 18:26 . 2009-06-14 02:57 -------- d-----w- c:\program files\EV Nova
2009-06-16 14:36 . 2002-08-29 12:00 81920 ----a-w- c:\windows\system32\fontsub.dll
2009-06-16 14:36 . 2002-08-29 12:00 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-06-12 23:19 . 2007-05-15 21:34 78315 -c--a-w- c:\windows\War3Unin.dat
2009-06-11 19:08 . 2009-06-11 19:08 -------- d-----w- c:\program files\Lionhead Studios
2009-06-11 19:00 . 2009-06-11 19:00 -------- d-----w- c:\program files\Phantombility
2009-06-03 19:09 . 2005-08-30 04:02 1291264 ----a-w- c:\windows\system32\quartz.dll
2009-06-02 02:15 . 2007-07-03 21:25 -------- d-----w- c:\program files\Diablo II
2009-05-31 01:00 . 2009-01-30 01:58 -------- d-----w- c:\documents and settings\customer\Application Data\AVGTOOLBAR
2009-05-13 05:15 . 2006-06-23 16:33 915456 ----a-w- c:\windows\system32\wininet.dll
2009-05-07 15:32 . 2002-08-29 12:00 345600 ----a-w- c:\windows\system32\localspl.dll
2009-05-02 21:40 . 2008-08-05 22:07 721904 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-07-23 01:45 . 2008-12-21 20:09 134648 ----a-w- c:\program files\mozilla firefox\components\brwsrcmp.dll
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{ecdee021-0d17-467f-a1ff-c7a115230949}"= "c:\program files\free-downloads.net\tbfre1.dll" [2009-07-22 2215960]

[HKEY_CLASSES_ROOT\clsid\{ecdee021-0d17-467f-a1ff-c7a115230949}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ecdee021-0d17-467f-a1ff-c7a115230949}]
2009-07-22 14:14 2215960 ----a-w- c:\program files\free-downloads.net\tbfre1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{ecdee021-0d17-467f-a1ff-c7a115230949}"= "c:\program files\free-downloads.net\tbfre1.dll" [2009-07-22 2215960]

[HKEY_CLASSES_ROOT\clsid\{ecdee021-0d17-467f-a1ff-c7a115230949}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{ECDEE021-0D17-467F-A1FF-C7A115230949}"= "c:\program files\free-downloads.net\tbfre1.dll" [2009-07-22 2215960]

[HKEY_CLASSES_ROOT\clsid\{ecdee021-0d17-467f-a1ff-c7a115230949}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATI Launchpad"="c:\program files\ATI Multimedia\main\launchpd.exe" [2003-09-02 106574]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"Advanced SystemCare 3"="c:\program files\IObit\Advanced SystemCare 3\AWC.exe" [2009-06-25 2328712]
"AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 120\axcmd.exe" [2009-04-24 203928]
"SpywareTerminatorUpdate"="c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe" [2009-07-23 3055616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DrvLsnr"="c:\program files\Analog Devices\SoundMAX\DrvLsnr.exe" [2003-05-08 69632]
"IgfxTray"="c:\windows\System32\igfxtray.exe" [2005-06-21 155648]
"HotKeysCmds"="c:\windows\System32\hkcmd.exe" [2005-06-21 126976]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-01-21 335872]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-02-01 385024]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"SpywareTerminator"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2009-07-23 2173440]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"SpybotSD TeaTimer"=c:\program files\Spybot - Search & Destroy\TeaTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Common Files\\AOL\\TopSpeed\\3.0\\aoltpsd3.exe"=
"c:\\Program Files\\Common Files\\AOL\\acs\\AOLDial.exe"=
"c:\\Program Files\\Common Files\\AOL\\acs\\AOLacsd.exe"=
"c:\\Program Files\\Common Files\\AOL\\1178913210\\ee\\aolsoftware.exe"=
"c:\\Program Files\\AOL 9.0\\waol.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\Common Files\\AOL\\System Information\\sinf.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Starcraft\\StarCraft.exe"=
"c:\\Program Files\\Lexmark 1300 Series\\lxdcamon.exe"=
"c:\\Program Files\\Lexmark 1300 Series\\App4R.exe"=
"c:\\WINDOWS\\system32\\lxdccoms.exe"=
"c:\\Documents and Settings\\All Users\\Application Data\\NexonUS\\NGM\\NGM.exe"=
"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxdctime.exe"=
"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxdcpswx.exe"=
"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxdcjswx.exe"=
"c:\\Documents and Settings\\Guest\\Application Data\\MySpace\\IM\\bin\\MySpaceIM.exe"=
"c:\\Program Files\\LucasArts\\Star Wars Empire at War\\GameData\\sweaw.exe"=
"c:\\Program Files\\LucasArts\\Star Wars Empire at War Forces of Corruption\\swfoc.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"135:TCP"= 135:TCP:TCP Port 135
"5000:TCP"= 5000:TCP:TCP Port 5000
"5001:TCP"= 5001:TCP:TCP Port 5001
"5002:TCP"= 5002:TCP:TCP Port 5002
"5003:TCP"= 5003:TCP:TCP Port 5003
"5004:TCP"= 5004:TCP:TCP Port 5004
"5005:TCP"= 5005:TCP:TCP Port 5005
"5006:TCP"= 5006:TCP:TCP Port 5006
"5007:TCP"= 5007:TCP:TCP Port 5007
"5008:TCP"= 5008:TCP:TCP Port 5008
"5009:TCP"= 5009:TCP:TCP Port 5009
"5010:TCP"= 5010:TCP:TCP Port 5010
"5011:TCP"= 5011:TCP:TCP Port 5011
"5012:TCP"= 5012:TCP:TCP Port 5012
"5013:TCP"= 5013:TCP:TCP Port 5013
"5014:TCP"= 5014:TCP:TCP Port 5014
"5015:TCP"= 5015:TCP:TCP Port 5015
"5016:TCP"= 5016:TCP:TCP Port 5016
"5017:TCP"= 5017:TCP:TCP Port 5017
"5018:TCP"= 5018:TCP:TCP Port 5018
"5019:TCP"= 5019:TCP:TCP Port 5019
"5020:TCP"= 5020:TCP:TCP Port 5020
"9842:TCP"= 9842:TCP:*:Disabled:SolidNetworkManager
"9842:UDP"= 9842:UDP:*:Disabled:SolidNetworkManager
"37900:TCP"= 37900:TCP:*:Disabled:SolidNetworkManager
"37900:UDP"= 37900:UDP:*:Disabled:SolidNetworkManager
"8020:TCP"= 8020:TCP:*:Disabled:SolidNetworkManager
"8020:UDP"= 8020:UDP:*:Disabled:SolidNetworkManager
"27242:TCP"= 27242:TCP:*:Disabled:SolidNetworkManager
"27242:UDP"= 27242:UDP:*:Disabled:SolidNetworkManager

R0 phmcd;phmcd;c:\windows\system32\drivers\phmcd.sys [4/8/2008 02:41 PM 44696]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [7/23/2009 11:37 AM 142592]
R2 lxdc_device;lxdc_device;c:\windows\system32\lxdccoms.exe -service --> c:\windows\system32\lxdccoms.exe -service [?]
R2 lxdcCATSCustConnectService;lxdcCATSCustConnectService;c:\windows\system32\spool\drivers\w32x86\3\lxdcserv.exe [10/1/2007 08:19 PM 99248]
S2 gupdate1ca0b5232bdbe00;Google Update Service (gupdate1ca0b5232bdbe00);c:\program files\Google\Update\GoogleUpdate.exe [7/23/2009 12:58 AM 133104]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
- - - - ORPHANS REMOVED - - - -

Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)


.
------- Supplementary Scan -------
.
IE: Crawler Search - tbr:iemenu
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\Crawler\Toolbar\ctbr.dll
DPF: DirectAnimation Java Classes
DPF: Microsoft XML Parser for Java
FF - ProfilePath - c:\docume~1\customer\APPLIC~1\Mozilla\Firefox\Profiles\koao2iec.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-msgr&p=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.ask.com/
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-msgr&p=
FF - component: c:\program files\Crawler\Toolbar\firefox\components\xcomm.dll
FF - component: c:\program files\Crawler\Toolbar\firefox\components\xshared.dll
FF - component: c:\program files\Crawler\Toolbar\firefox\components\xsupport.dll
FF - component: c:\program files\Crawler\Toolbar\firefox\components\xwsg.dll
FF - plugin: c:\documents and settings\All Users\Application Data\NexonUS\NGM\npNxGameUS.dll
FF - plugin: c:\program files\Google\Update\1.2.183.7\npGoogleOneClick8.dll
FF - HiddenExtension: XUL Cache: {ADE1A1D1-45B8-45BF-AD03-9E615BDF38C0} - c:\documents and settings\customer\Local Settings\Application Data\{ADE1A1D1-45B8-45BF-AD03-9E615BDF38C0}\
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-07-23 13:24
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-1659004503-1715567821-839522115-1004\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:62,cd,ed,35,0f,ec,66,6b,b2,9f,0c,cf,d9,16,18,06,de,81,2a,31,cd,33,2c,
ff,45,d5,3a,96,df,71,9b,83,9b,6c,88,30,08,df,7d,07,1d,08,bc,3f,37,b6,9a,d7,\
"??"=hex:69,6f,5c,46,6a,89,f9,ee,2d,48,e0,10,87,42,1e,12

[HKEY_USERS\S-1-5-21-1659004503-1715567821-839522115-1004\Software\SecuROM\License information*]
"datasecu"=hex:c5,fb,de,2e,d7,52,04,58,47,c2,2d,1a,7e,51,6a,f3,99,4e,7c,0f,75,
dd,48,76,03,f0,a1,54,d7,00,cb,28,c7,a7,52,c4,ed,c1,a8,d5,22,75,c2,3d,a8,b7,\
"rkeysecu"=hex:97,e6,3e,d8,d7,66,44,7b,0e,a2,31,14,67,66,b2,66

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B58C2440-A1A3-11d1-B024-006097C9A284}\LocalServer32]
@DACL=(02 0000)
@="c:\\Program Files\\Microsoft Office\\Office\\1033\\msohelp.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B58C2440-A1A3-11d1-B024-006097C9A284}\ProgID]
@DACL=(02 0000)
@="MsoHelpKeyDlg.1"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B58C2440-A1A3-11d1-B024-006097C9A284}\VersionIndependentProgID]
@DACL=(02 0000)
@="MsoHelpKeyDlg"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B58C2441-A1A3-11d1-B024-006097C9A284}\LocalServer32]
@DACL=(02 0000)
@="c:\\Program Files\\Microsoft Office\\Office\\1033\\msohelp.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B58C2441-A1A3-11d1-B024-006097C9A284}\ProgID]
@DACL=(02 0000)
@="MsoHelpAWDlg.1"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B58C2441-A1A3-11d1-B024-006097C9A284}\VersionIndependentProgID]
@DACL=(02 0000)
@="MsoHelpAWDlg"

[HKEY_LOCAL_MACHINE\software\Disney\Disney Online]
@DACL=(02 0000)

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Services\MediaGuide]
@DACL=(02 0000)
"FriendlyName"="Media Guide"
"ColorPlayer"="#0063B0"
"ImageLargeURL"="http://images.metase...er11_30x30.png"
"ImageMenuURL"="http://images.metase..._rgb_15x15.png"
"Task1ButtonText"="Media Guide"
"Task1ButtonTip"="Media Guide"
"Type"=dword:00000002

[HKEY_LOCAL_MACHINE\software\WinKernelTimeServiceIWN\{17333768-0154-0324-7263-42450F0FF0GS}]
@DACL=(02 0000)
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(740)
c:\windows\system32\Ati2evxx.dll
.
Completion time: 2009-07-23 13:27
ComboFix-quarantined-files.txt 2009-07-23 17:27

Pre-Run: 42,549,989,376 bytes free
Post-Run: 42,711,937,024 bytes free

285 --- E O F --- 2009-07-16 13:55


*edit* weird it looks like its fixed now if you dont mind taking a look and telling me if it really is *edit*

Edited by GreyTalon, 23 July 2009 - 01:08 PM.

[Advertisements]

The issue is apparently resolved and this topic can be closed at your earliest convenience.

[GreyTalon]

The issue is apparently resolved and this topic can be closed at your earliest convenience.