Search Redirection,Random Tabs Opening and Host Process Crashes

[CarbonX]

I've never posted to a site like this before but I'm at my wits end. Usually I can do some research on Google and find a fix when something happens to my computer but this one has me stumped. I have noticed though that i am not the only one that this is happening to though. A few days ago I was searching for a subtitle file on google and on this day I got a pop up from one of those dreaded fake malware removal programs which automatically installed itself. I immediately used Perfect Uninstaller and uninstalled it and did scans with all my protection programs. Malwarebytes cleaned a few things and messed something up where I had to restore my PC to an earlier date. So after I restored my PC everything seemed fine but I started getting my search results redirected and tabs started opening by themselves. And then suddenly a "host process" or something started crashing and the bottom part of Firefox and my windows explorer windows would grey out and look like it's in safe mode. I've tried the goored.exe fix ran Hijackthis.exe and have downloaded, but not installed, several other programs like combofix, rkunhooker, defogger and gmer, but to no avail I'm still at a loss. Please help!

I do have logs from both hijackthis and goored I can paste.

[Allan]

Please follow the instructions in the following link and post your logs:
http://www.computerhope.com/forum/index.php/topic,46313.0.html

[CarbonX]

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 1:32:26 AM, on 10/29/2010
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v8.00 (8.00.6001.18904)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\SOUNDMAN.EXE
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\CZX\Links\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://pegasus2.pearsoned.com/Pegasus/frmLogin.aspx?s=3
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AoboBlocker] C:\Program Files\AoboBlocker\AoboBlocker.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agrsmsvc.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\Alwil Software\Avast5\afwServ.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: lxba_device - - C:\Windows\system32\lxbacoms.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe


G o o r e d F i x b y j p s h o r t s t u f f ( 0 3 . 0 7 . 1 0 . 1 )

L o g c r e a t e d a t 1 0 : 0 7 o n 2 9 / 1 0 / 2 0 1 0 ( C Z X )

F i r e f o x v e r s i o n 3 . 0 . 1 5 ( e n - U S )



= = = = = = = = = = G o o r e d S c a n = = = = = = = = = =



( n o n e )



= = = = = = = = = = G o o r e d L o g = = = = = = = = = =



C : \ P r o g r a m F i l e s \ M o z i l l a F i r e f o x \ e x t e n s i o n s \

s t a g e d - x p i s [ 0 4 : 5 0 1 6 / 1 2 / 2 0 0 9 ]

{ 9 7 2 c e 4 c 6 - 7 e 0 8 - 4 4 7 4 - a 2 8 5 - 3 2 0 8 1 9 8 c e 6 f d } [ 2 0 : 5 2 1 5 / 1 2 / 2 0 0 9 ]

{ C A F E E F A C - 0 0 1 6 - 0 0 0 0 - 0 0 0 7 - A B C D E F F E D C B A } [ 0 4 : 5 0 1 6 / 1 2 / 2 0 0 9 ]

{ C A F E E F A C - 0 0 1 6 - 0 0 0 0 - 0 0 1 5 - A B C D E F F E D C B A } [ 1 6 : 1 8 1 6 / 1 2 / 2 0 0 9 ]

{ C A F E E F A C - 0 0 1 6 - 0 0 0 0 - 0 0 1 7 - A B C D E F F E D C B A } [ 0 4 : 2 4 1 7 / 1 2 / 2 0 0 9 ]



C : \ U s e r s \ C Z X \ A p p l i c a t i o n D a t a \ M o z i l l a \ F i r e f o x \ P r o f i l e s \ j i 8 8 z o l h . d e f a u l t \ e x t e n s i o n s \

( n o n e )



C : \ U s e r s \ C Z X \ A p p l i c a t i o n D a t a \ M o z i l l a \ F i r e f o x \ P r o f i l e s \ n e a k 0 n n i . d e f a u l t \ e x t e n s i o n s \

a n a n d c s i n g h @ g m a i l . c o m [ 2 3 : 5 3 1 2 / 0 6 / 2 0 1 0 ]

a r c t i c g l o w - f f 3 - 3 0 @ g l o w p l u g . b i t a s y l u m . n e t [ 0 4 : 5 9 1 6 / 1 2 / 2 0 0 9 ]

b o s s k n b @ t t t - j l . b l o g s p o t . c o m [ 0 4 : 3 2 1 1 / 0 2 / 2 0 1 0 ]

c h a c h a g u i d e b a r @ c h a c h a . c o m [ 0 4 : 5 9 1 6 / 1 2 / 2 0 0 9 ]

d j z i g g y @ g m a i l . c o m [ 0 4 : 2 9 1 1 / 0 2 / 2 0 1 0 ]

e x p a n d u r l @ v o i z l e . c o m [ 2 2 : 2 7 1 8 / 0 7 / 2 0 1 0 ]

f o x f i l t e r @ i n s p i r e d e f f e c t . n e t [ 1 6 : 1 1 1 6 / 0 9 / 2 0 1 0 ]

g l a z e _ b l a c k @ w w w . t h e m e - o a s i s . o r g [ 0 4 : 2 5 1 1 / 0 2 / 2 0 1 0 ]

m a r t i n @ h o e r a n d l . c o m [ 0 4 : 5 9 1 6 / 1 2 / 2 0 0 9 ]

O f f i c e 2 0 0 7 B l a c k @ J B B S [ 0 4 : 2 3 1 1 / 0 2 / 2 0 1 0 ]

o p t o u t @ d u b f i r e . n e t [ 0 4 : 5 9 1 6 / 1 2 / 2 0 0 9 ]

p e r s o n a s @ c h r i s t o p h e r . b e a r d [ 0 1 : 4 6 2 1 / 0 7 / 2 0 1 0 ]

r s D o w n l o a d H e l p e r @ y e v g e n y a n d r o v . n e t [ 2 3 : 5 7 1 2 / 0 6 / 2 0 1 0 ]

S k i p S c r e e n @ S k i p S c r e e n [ 2 2 : 4 7 1 1 / 0 8 / 2 0 1 0 ]

T h e M e s s a g e B i b l e V e r s e T o o l b a r @ 2 b e l i e v e . n e t [ 0 4 : 5 9 1 6 / 1 2 / 2 0 0 9 ]

{ 0 b 4 5 7 c A A - 6 0 2 d - 4 8 4 a - 8 f e 7 - c 1 d 8 9 4 a 0 1 1 b a } [ 0 4 : 5 9 1 6 / 1 2 / 2 0 0 9 ]

{ 1 3 9 a 1 2 0 b - c 2 e a - 4 1 d 2 - b f 7 0 - 5 4 2 d 9 f 0 6 3 d f d } [ 2 3 : 5 2 1 2 / 0 6 / 2 0 1 0 ]

{ 2 4 1 a a e 7 0 - 0 0 2 2 - 1 1 d e - 8 7 a f - 0 8 0 0 2 0 0 c 9 a 6 6 } [ 0 4 : 2 9 1 1 / 0 2 / 2 0 1 0 ]

{ 3 e 0 e 7 d 2 a - 0 7 0 f - 4 a 4 7 - b 0 1 9 - 9 1 f e 5 3 8 5 b a 7 9 } [ 1 8 : 5 6 0 6 / 0 9 / 2 0 1 0 ]

{ 4 6 3 F 6 C A 5 - E E 3 C - 4 b e 1 - B 7 E 6 - 7 F E E 1 1 9 5 3 3 7 4 } [ 0 4 : 5 9 1 6 / 1 2 / 2 0 0 9 ]

{ 5 0 9 3 1 6 1 0 - 3 d 8 e - 1 1 d d - a e 1 6 - 0 8 0 0 2 0 0 c 9 a 6 6 } [ 0 4 : 5 9 1 6 / 1 2 / 2 0 0 9 ]

{ 7 6 9 4 c 4 9 c - 9 f b d - 1 1 d c - 8 3 1 4 - 0 8 0 0 2 0 0 c 9 a 6 6 } [ 0 4 : 5 9 1 6 / 1 2 / 2 0 0 9 ]

{ 9 8 9 e 9 3 8 2 - d 5 4 0 - 4 1 8 9 - 8 8 d 1 - f c 5 4 a 9 4 9 a 3 8 7 } [ 0 4 : 2 8 1 1 / 0 2 / 2 0 1 0 ]

{ 9 A 7 5 2 7 8 2 - D 7 0 6 - 4 7 9 b - 9 8 F 8 - 3 F 6 6 B F 9 2 1 6 9 2 } [ 0 4 : 5 9 1 6 / 1 2 / 2 0 0 9 ]

{ b 9 d b 1 6 a 4 - 6 e d c - 4 7 e c - a 1 f 4 - b 8 6 2 9 2 e d 2 1 1 d } [ 0 4 : 5 9 1 6 / 1 2 / 2 0 0 9 ]

{ c d 6 1 7 3 7 5 - 6 7 4 3 - 4 e e 8 - b a c 4 - f b f 1 0 f 3 5 7 2 9 e } [ 2 2 : 5 9 2 5 / 0 9 / 2 0 1 0 ]

{ d 1 0 d 0 b f 8 - f 5 b 5 - c 8 b 4 - a 8 b 2 - 2 b 9 8 7 9 e 0 8 c 5 d } [ 2 3 : 3 8 0 8 / 0 1 / 2 0 1 0 ]

{ d 4 0 f 5 e 7 b - d 2 c f - 4 8 5 6 - b 4 4 1 - c c 6 1 3 e e f f b e 3 } [ 0 4 : 5 9 1 6 / 1 2 / 2 0 0 9 ]

{ D 4 D D 6 3 F A - 0 1 E 4 - 4 6 a 7 - B 6 B 1 - E D A B 7 D 6 A D 3 8 9 } [ 2 2 : 5 9 2 5 / 0 9 / 2 0 1 0 ]

{ D D C 3 5 9 D 1 - 8 4 4 A - 4 2 a 7 - 9 A A 1 - 8 8 A 8 5 0 A 9 3 8 A 8 } [ 2 2 : 5 9 2 5 / 0 9 / 2 0 1 0 ]

{ e 2 c 5 8 1 5 0 - 9 d 7 2 - 1 1 d d - a d 8 b - 0 8 0 0 2 0 0 c 9 a 6 6 } [ 0 4 : 5 9 1 6 / 1 2 / 2 0 0 9 ]

{ F C A B 6 F D D - 5 5 8 5 - 4 2 5 b - 9 5 C 1 - 5 E D 8 5 6 F 3 F D 0 8 } [ 0 5 : 5 5 1 7 / 1 2 / 2 0 0 9 ]

{ f e 0 2 5 8 a b - 4 f 7 4 - 4 3 a 1 - 8 7 8 1 - b c d f 3 4 0 f 9 e e 9 } [ 1 3 : 3 4 2 9 / 1 0 / 2 0 1 0 ]



[ H K E Y _ L O C A L _ M A C H I N E \ S o f t w a r e \ M o z i l l a \ F i r e f o x \ E x t e n s i o n s ]

" { 2 0 a 8 2 6 4 5 - c 0 9 5 - 4 6 e d - 8 0 e 3 - 0 8 8 2 5 7 6 0 5 3 4 b } " = " C : \ W i n d o w s \ M i c r o s o f t . N E T \ F r a m e w o r k \ v 3 . 5 \ W i n d o w s P r e s e n t a t i o n F o u n d a t i o n \ D o t N e t A s s i s t a n t E x t e n s i o n \ " [ 2 1 : 4 2 1 5 / 1 2 / 2 0 0 9 ]


G o o r e d F i x b y j p s h o r t s t u f f ( 0 3 . 0 7 . 1 0 . 1 )

L o g c r e a t e d a t 1 0 : 0 7 o n 2 9 / 1 0 / 2 0 1 0 ( C Z X )

F i r e f o x v e r s i o n 3 . 0 . 1 5 ( e n - U S )



= = = = = = = = = = G o o r e d S c a n = = = = = = = = = =



( n o n e )



= = = = = = = = = = G o o r e d L o g = = = = = = = = = =



C : \ P r o g r a m F i l e s \ M o z i l l a F i r e f o x \ e x t e n s i o n s \

s t a g e d - x p i s [ 0 4 : 5 0 1 6 / 1 2 / 2 0 0 9 ]

{ 9 7 2 c e 4 c 6 - 7 e 0 8 - 4 4 7 4 - a 2 8 5 - 3 2 0 8 1 9 8 c e 6 f d } [ 2 0 : 5 2 1 5 / 1 2 / 2 0 0 9 ]

{ C A F E E F A C - 0 0 1 6 - 0 0 0 0 - 0 0 0 7 - A B C D E F F E D C B A } [ 0 4 : 5 0 1 6 / 1 2 / 2 0 0 9 ]

{ C A F E E F A C - 0 0 1 6 - 0 0 0 0 - 0 0 1 5 - A B C D E F F E D C B A } [ 1 6 : 1 8 1 6 / 1 2 / 2 0 0 9 ]

{ C A F E E F A C - 0 0 1 6 - 0 0 0 0 - 0 0 1 7 - A B C D E F F E D C B A } [ 0 4 : 2 4 1 7 / 1 2 / 2 0 0 9 ]



C : \ U s e r s \ C Z X \ A p p l i c a t i o n D a t a \ M o z i l l a \ F i r e f o x \ P r o f i l e s \ j i 8 8 z o l h . d e f a u l t \ e x t e n s i o n s \

( n o n e )



C : \ U s e r s \ C Z X \ A p p l i c a t i o n D a t a \ M o z i l l a \ F i r e f o x \ P r o f i l e s \ n e a k 0 n n i . d e f a u l t \ e x t e n s i o n s \

a n a n d c s i n g h @ g m a i l . c o m [ 2 3 : 5 3 1 2 / 0 6 / 2 0 1 0 ]

a r c t i c g l o w - f f 3 - 3 0 @ g l o w p l u g . b i t a s y l u m . n e t [ 0 4 : 5 9 1 6 / 1 2 / 2 0 0 9 ]

b o s s k n b @ t t t - j l . b l o g s p o t . c o m [ 0 4 : 3 2 1 1 / 0 2 / 2 0 1 0 ]

c h a c h a g u i d e b a r @ c h a c h a . c o m [ 0 4 : 5 9 1 6 / 1 2 / 2 0 0 9 ]

d j z i g g y @ g m a i l . c o m [ 0 4 : 2 9 1 1 / 0 2 / 2 0 1 0 ]

e x p a n d u r l @ v o i z l e . c o m [ 2 2 : 2 7 1 8 / 0 7 / 2 0 1 0 ]

f o x f i l t e r @ i n s p i r e d e f f e c t . n e t [ 1 6 : 1 1 1 6 / 0 9 / 2 0 1 0 ]

g l a z e _ b l a c k @ w w w . t h e m e - o a s i s . o r g [ 0 4 : 2 5 1 1 / 0 2 / 2 0 1 0 ]

m a r t i n @ h o e r a n d l . c o m [ 0 4 : 5 9 1 6 / 1 2 / 2 0 0 9 ]

O f f i c e 2 0 0 7 B l a c k @ J B B S [ 0 4 : 2 3 1 1 / 0 2 / 2 0 1 0 ]

o p t o u t @ d u b f i r e . n e t [ 0 4 : 5 9 1 6 / 1 2 / 2 0 0 9 ]

p e r s o n a s @ c h r i s t o p h e r . b e a r d [ 0 1 : 4 6 2 1 / 0 7 / 2 0 1 0 ]

r s D o w n l o a d H e l p e r @ y e v g e n y a n d r o v . n e t [ 2 3 : 5 7 1 2 / 0 6 / 2 0 1 0 ]

S k i p S c r e e n @ S k i p S c r e e n [ 2 2 : 4 7 1 1 / 0 8 / 2 0 1 0 ]

T h e M e s s a g e B i b l e V e r s e T o o l b a r @ 2 b e l i e v e . n e t [ 0 4 : 5 9 1 6 / 1 2 / 2 0 0 9 ]

{ 0 b 4 5 7 c A A - 6 0 2 d - 4 8 4 a - 8 f e 7 - c 1 d 8 9 4 a 0 1 1 b a } [ 0 4 : 5 9 1 6 / 1 2 / 2 0 0 9 ]

{ 1 3 9 a 1 2 0 b - c 2 e a - 4 1 d 2 - b f 7 0 - 5 4 2 d 9 f 0 6 3 d f d } [ 2 3 : 5 2 1 2 / 0 6 / 2 0 1 0 ]

{ 2 4 1 a a e 7 0 - 0 0 2 2 - 1 1 d e - 8 7 a f - 0 8 0 0 2 0 0 c 9 a 6 6 } [ 0 4 : 2 9 1 1 / 0 2 / 2 0 1 0 ]

{ 3 e 0 e 7 d 2 a - 0 7 0 f - 4 a 4 7 - b 0 1 9 - 9 1 f e 5 3 8 5 b a 7 9 } [ 1 8 : 5 6 0 6 / 0 9 / 2 0 1 0 ]

{ 4 6 3 F 6 C A 5 - E E 3 C - 4 b e 1 - B 7 E 6 - 7 F E E 1 1 9 5 3 3 7 4 } [ 0 4 : 5 9 1 6 / 1 2 / 2 0 0 9 ]

{ 5 0 9 3 1 6 1 0 - 3 d 8 e - 1 1 d d - a e 1 6 - 0 8 0 0 2 0 0 c 9 a 6 6 } [ 0 4 : 5 9 1 6 / 1 2 / 2 0 0 9 ]

{ 7 6 9 4 c 4 9 c - 9 f b d - 1 1 d c - 8 3 1 4 - 0 8 0 0 2 0 0 c 9 a 6 6 } [ 0 4 : 5 9 1 6 / 1 2 / 2 0 0 9 ]

{ 9 8 9 e 9 3 8 2 - d 5 4 0 - 4 1 8 9 - 8 8 d 1 - f c 5 4 a 9 4 9 a 3 8 7 } [ 0 4 : 2 8 1 1 / 0 2 / 2 0 1 0 ]

{ 9 A 7 5 2 7 8 2 - D 7 0 6 - 4 7 9 b - 9 8 F 8 - 3 F 6 6 B F 9 2 1 6 9 2 } [ 0 4 : 5 9 1 6 / 1 2 / 2 0 0 9 ]

{ b 9 d b 1 6 a 4 - 6 e d c - 4 7 e c - a 1 f 4 - b 8 6 2 9 2 e d 2 1 1 d } [ 0 4 : 5 9 1 6 / 1 2 / 2 0 0 9 ]

{ c d 6 1 7 3 7 5 - 6 7 4 3 - 4 e e 8 - b a c 4 - f b f 1 0 f 3 5 7 2 9 e } [ 2 2 : 5 9 2 5 / 0 9 / 2 0 1 0 ]

{ d 1 0 d 0 b f 8 - f 5 b 5 - c 8 b 4 - a 8 b 2 - 2 b 9 8 7 9 e 0 8 c 5 d } [ 2 3 : 3 8 0 8 / 0 1 / 2 0 1 0 ]

{ d 4 0 f 5 e 7 b - d 2 c f - 4 8 5 6 - b 4 4 1 - c c 6 1 3 e e f f b e 3 } [ 0 4 : 5 9 1 6 / 1 2 / 2 0 0 9 ]

{ D 4 D D 6 3 F A - 0 1 E 4 - 4 6 a 7 - B 6 B 1 - E D A B 7 D 6 A D 3 8 9 } [ 2 2 : 5 9 2 5 / 0 9 / 2 0 1 0 ]

{ D D C 3 5 9 D 1 - 8 4 4 A - 4 2 a 7 - 9 A A 1 - 8 8 A 8 5 0 A 9 3 8 A 8 } [ 2 2 : 5 9 2 5 / 0 9 / 2 0 1 0 ]

{ e 2 c 5 8 1 5 0 - 9 d 7 2 - 1 1 d d - a d 8 b - 0 8 0 0 2 0 0 c 9 a 6 6 } [ 0 4 : 5 9 1 6 / 1 2 / 2 0 0 9 ]

{ F C A B 6 F D D - 5 5 8 5 - 4 2 5 b - 9 5 C 1 - 5 E D 8 5 6 F 3 F D 0 8 } [ 0 5 : 5 5 1 7 / 1 2 / 2 0 0 9 ]

{ f e 0 2 5 8 a b - 4 f 7 4 - 4 3 a 1 - 8 7 8 1 - b c d f 3 4 0 f 9 e e 9 } [ 1 3 : 3 4 2 9 / 1 0 / 2 0 1 0 ]



[ H K E Y _ L O C A L _ M A C H I N E \ S o f t w a r e \ M o z i l l a \ F i r e f o x \ E x t e n s i o n s ]

" { 2 0 a 8 2 6 4 5 - c 0 9 5 - 4 6 e d - 8 0 e 3 - 0 8 8 2 5 7 6 0 5 3 4 b } " = " C : \ W i n d o w s \ M i c r o s o f t . N E T \ F r a m e w o r k \ v 3 . 5 \ W i n d o w s P r e s e n t a t i o n F o u n d a t i o n \ D o t N e t A s s i s t a n t E x t e n s i o n \ " [ 2 1 : 4 2 1 5 / 1 2 / 2 0 0 9 ]

[CarbonX]

Forgot to put this in my initial post up until a day or so ago I had Avast! Interner Security installed but unistalled it because it was making my computer creep along. I did however download avast! free and will install it today.

Oh and the program that installed itself was called AntiMalware Doctor

[Allan]

So you've been running without an anti virus utility? Okay, sometimes we get what we deserve.

Did you follow all steps in the link I provided in my first post above? If so, please wait for a malware specialist to step in. If not, please do so now.

[CarbonX]

No I have been using Windows Defender until last night when I installed Avast! free. I have Malware Bytes,Trojan Remover and CCleaner and have scanned with all three. Ive tried to update my Java but the installer just sits there when installing starts.