Jump to content

Majikail

Members
  • Posts

    11
  • Joined

  • Last visited

Reputation

0 Neutral
  1. . DDS (Ver_11-03-05.01) - NTFS_AMD64 Run by Majikail at 9:29:20.44 on Sat 04/09/2011 Internet Explorer: 8.0.7601.17514 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8116.6389 [GMT -7:00] . AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116} AV: Kaspersky Internet Security *Disabled/Updated* {56547CC9-C9B2-849D-8FEF-A496150D6A06} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Kaspersky Internet Security *Disabled/Updated* {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB} SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB} FW: Kaspersky Internet Security *Disabled* {6E6FFDEC-83DD-85C5-A4B0-0DA3EBDE2D7D} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\nvvsvc.exe C:\Windows\system32\FBAgent.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\taskhost.exe C:\Windows\system32\taskeng.exe C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Photodex\ProShowProducer\ScsiAccess.exe C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Intel\TurboBoost\TurboBoost.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe C:\Program Files\P4G\BatteryLife.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe C:\Program Files (x86)\ASUS\Splendid\ACMON.exe C:\Windows\SysWOW64\ACEngSvr.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\AsScrPro.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe C:\Windows\system32\svchost.exe -k bthsvcs C:\Windows\System32\rundll32.exe C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Windows\System32\rundll32.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files (x86)\SlySoft\AnyDVD\ADvdDiscHlp64.exe C:\Windows\system32\conhost.exe C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10n_ActiveX.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\klwtblfs.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Users\Majikail\Desktop\MBAM\dds.pif C:\Windows\system32\conhost.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.bing.com/?scope=web&mkt=en-US&FORM=ASUMHP uDefault_Page_URL = hxxp://asus.msn.com mWinlogon: Userinit=c:\windows\syswow64\userinit.exe, BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll BHO: VivoxVoiceOverlayBHO.VxBHO: {c8748f11-f4ad-47af-ab50-c7df5792096b} - mscoree.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll BHO: FilterBHO Class: {e33cf602-d945-461a-83f0-819f76a199f8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll uRun: [AnyDVD] "C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVD.exe" mRun: [updateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" mRun: [updateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" mRun: [boingo Wi-Fi] "C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk" mRun: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe mRun: [THX TruStudio NB Settings] "C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe" /r mRun: [updReg] C:\Windows\UpdReg.EXE mRun: [ASUS VIBE] C:\Program Files (x86)\ASUS\ASUS VIBE\ASUS VIBE.exe /S mRun: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe mRun: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe" mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe mRun: [<NO NAME>] mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - D:\programs\PokerStarsUpdate.exe IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/en-us/wlscctrl2.cab DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab DPF: {CB50428B-657F-47DF-9B32-671F82AA73F7} - hxxp://www.photodex.com/pxplay.cab AppInit_DLLs: C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll, C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll BHO-X64: Windows Live Family Safety Browser Helper Class: {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll BHO-X64: Windows Live Family Safety Browser Helper - No File BHO-X64: IEVkbdBHO Class: {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\ievkbd.dll BHO-X64: IEVkbdBHO - No File BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll BHO-X64: FilterBHO Class: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\klwtbbho.dll BHO-X64: link filter bho - No File TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File mRun-x64: [ASUS WebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe mRun-x64: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe mRun-x64: [intelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" mRun-x64: [THXCfg64] C:\Windows\system32\RunDLL32.exe C:\Windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64 mRun-x64: [setwallpaper] c:\programdata\SetWallpaper.cmd mRun-x64: [Logitech Download Assistant] C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch IE-X64: {1FBA04EE-3024-11d2-8F1F-0000F87ABD16} - C:\Users\Majikail\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Absolute Poker\Absolute Poker.lnk AppInit_DLLs-X64: C:\PROGRA~2\KASPER~1\KASPER~1\x64\kloehk.dll,C:\PROGRA~2\KASPER~1\KASPER~1\x64\sbhook64.dll . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Majikail\AppData\Roaming\Mozilla\Firefox\Profiles\x9d8ihls.default\ FF - component: C:\Program Files (x86)\Mozilla Firefox\extensions\KavAntiBanner@Kaspersky.ru\components\abhelperxpcom.dll FF - component: C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru\components\kavlinkfilter.dll FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.0.60129.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll FF - plugin: C:\Program Files (x86)\Photodex Presenter\npPxPlay.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll . ============= SERVICES / DRIVERS =============== . R0 Lbd;Lbd;C:\Windows\System32\drivers\Lbd.sys [2011-2-2 69152] R1 kl2;kl2;C:\Windows\System32\drivers\kl2.sys [2010-6-9 11864] R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\System32\drivers\klim6.sys [2010-4-22 27736] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-13 59904] R2 AFBAgent;AFBAgent;C:\Windows\System32\FBAgent.exe [2010-8-31 379520] R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-2 15416] R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2010-2-28 821664] R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2010-4-24 483688] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-7-27 235624] R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2010-4-16 13832] R2 TurboBoost;Intel® Turbo Boost Technology Monitor;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-4-16 134928] R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-8-31 2314240] R3 btusbflt;Bluetooth USB Filter;C:\Windows\System32\drivers\btusbflt.sys [2009-12-14 53800] R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2010-8-31 35104] R3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver;C:\Windows\System32\drivers\FLxHCIc.sys [2010-9-24 229376] R3 FLxHCIh;Fresco Logic xHCI (USB3) Hub Device Driver;C:\Windows\System32\drivers\FLxHCIh.sys [2010-9-24 69120] R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2010-8-31 56344] R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\System32\drivers\klmouflt.sys [2009-11-2 22544] R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1C62x64.sys [2010-4-21 76912] R3 MBfilt;MBfilt;C:\Windows\System32\drivers\MBfilt64.sys [2010-8-31 32344] R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\System32\drivers\nvhda64v.sys [2010-6-21 131688] R3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\drivers\RtsPStor.sys [2010-8-31 318056] R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2010-4-24 721768] R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2010-4-24 269672] R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2010-4-24 25960] R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2010-4-24 22376] R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2010-4-24 209768] R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\System32\drivers\vwifimp.sys [2009-7-13 17920] R3 WSDPrintDevice;WSD Print Support via UMB;C:\Windows\System32\drivers\WSDPrint.sys [2009-7-13 23040] S2 AVP;Kaspersky Anti-Virus Service;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe [2010-11-2 365336] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-8-31 135664] S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2010-12-3 1753048] S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2010-8-31 79360] S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2010-8-31 79360] S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2011-1-14 61792] S3 fsssvc;Windows Live Family Safety;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2008-12-8 533344] S3 hitmanpro35;Hitman Pro 3.5 Support Driver;C:\Windows\System32\drivers\hitmanpro35.sys [2011-4-6 19528] S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184] S3 PS3 Media Server;PS3 Media Server;C:\Program Files (x86)\PS3 Media Server\win32\service\wrapper.exe [2010-1-12 217088] S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\System32\drivers\SiSG664.sys [2009-6-10 56832] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-3-17 59392] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-1-18 1255736] . =============== Created Last 30 ================ . 2011-04-06 19:05:38 -------- d-----w- C:\Users\Majikail\AppData\Roaming\Malwarebytes 2011-04-06 19:05:33 38224 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys 2011-04-06 19:05:32 -------- d-----w- C:\PROGRA~3\Malwarebytes 2011-04-06 19:05:28 24152 ----a-w- C:\Windows\System32\drivers\mbam.sys 2011-04-06 19:05:28 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2011-04-06 16:49:40 19528 ----a-w- C:\Windows\System32\drivers\hitmanpro35.sys 2011-04-06 16:49:40 -------- d-----w- C:\Program Files\Hitman Pro 3.5 2011-04-06 16:48:58 -------- d-----w- C:\PROGRA~3\Hitman Pro 2011-03-28 04:44:31 781272 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozsqlite3.dll 2011-03-28 04:44:31 728024 ----a-w- C:\Program Files (x86)\Mozilla Firefox\libGLESv2.dll 2011-03-28 04:44:31 1975768 ----a-w- C:\Program Files (x86)\Mozilla Firefox\D3DCompiler_42.dll 2011-03-28 04:44:31 1893336 ----a-w- C:\Program Files (x86)\Mozilla Firefox\d3dx9_42.dll 2011-03-28 04:44:31 1874904 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll 2011-03-28 04:44:31 15832 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozalloc.dll 2011-03-28 04:44:31 142296 ----a-w- C:\Program Files (x86)\Mozilla Firefox\libEGL.dll 2011-03-28 04:44:31 142296 ----a-w- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll 2011-03-24 19:38:27 109240 ----a-w- C:\Program Files (x86)\Mozilla Firefox\extensions\KavAntiBanner@Kaspersky.ru\components\abhelperxpcom.dll 2011-03-24 19:38:26 150200 ----a-w- C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru\components\kavlinkfilter.dll 2011-03-21 07:14:26 -------- d-----w- C:\Program Files (x86)\ESET 2011-03-19 17:37:23 0 ----a-w- C:\Windows\SysWow64\sho5950.tmp 2011-03-18 03:56:21 -------- d-----w- C:\Windows\System32\SPReview 2011-03-18 03:53:59 582656 ----a-w- C:\Windows\System32\sxs.dll 2011-03-18 03:52:59 606208 ----a-w- C:\Windows\SysWow64\wbem\fastprox.dll 2011-03-18 03:52:59 363008 ----a-w- C:\Windows\SysWow64\wbemcomn.dll 2011-03-18 03:50:13 529408 ----a-w- C:\Windows\System32\wbemcomn.dll 2011-03-18 03:50:13 524288 ----a-w- C:\Windows\System32\wmicmiplugin.dll 2011-03-18 03:50:13 1225216 ----a-w- C:\Windows\System32\wbem\wbemcore.dll 2011-03-18 03:50:04 933376 ----a-w- C:\Windows\System32\SmiEngine.dll 2011-03-18 03:49:58 199168 ----a-w- C:\Windows\System32\PkgMgr.exe 2011-03-18 03:49:43 422912 ----a-w- C:\Windows\System32\drvstore.dll 2011-03-18 03:49:42 399872 ----a-w- C:\Windows\System32\dpx.dll 2011-03-18 01:18:30 -------- d-----w- C:\Windows\System32\EventProviders 2011-03-18 01:00:09 321024 ----a-w- C:\Windows\System32\d3d10_1core.dll 2011-03-18 01:00:09 219136 ----a-w- C:\Windows\SysWow64\d3d10_1core.dll 2011-03-18 01:00:09 197120 ----a-w- C:\Windows\System32\d3d10_1.dll 2011-03-18 01:00:09 161792 ----a-w- C:\Windows\SysWow64\d3d10_1.dll 2011-03-17 17:47:09 -------- d-----w- C:\Program Files (x86)\Vivox 2011-03-10 22:58:09 -------- d-----w- C:\Users\Majikail\AppData\Roaming\com.thepokertimer.thepokertimer.1F528D20B60A731E41E775947BD47BFBDE52269E.1 2011-03-10 22:50:31 249856 ------w- C:\Windows\Setup1.exe 2011-03-10 22:50:30 73216 ----a-w- C:\Windows\ST6UNST.EXE 2011-03-10 21:17:40 -------- d-----w- C:\Program Files (x86)\PokerDIY 2011-03-10 16:29:26 -------- d-----w- C:\PROGRA~3\STOPzilla! . ==================== Find3M ==================== . 2011-04-06 19:14:04 45056 ----a-w- C:\Windows\System32\acovcnt.exe 2011-03-18 03:59:50 175616 ----a-w- C:\Windows\System32\msclmd.dll 2011-03-18 03:59:50 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll 2011-03-07 02:08:13 93552 ----a-w- C:\Windows\SysWow64\ElbyCDIO.dll 2011-02-23 15:16:06 43680 ----a-w- C:\Windows\System32\drivers\lirsgt.sys 2011-02-23 15:16:06 314016 ----a-w- C:\Windows\System32\drivers\atksgt.sys 2011-02-22 16:34:53 0 ----a-w- C:\Windows\SysWow64\shoCA87.tmp 2011-02-19 12:05:15 1139200 ----a-w- C:\Windows\System32\FntCache.dll 2011-02-19 12:04:37 1544192 ----a-w- C:\Windows\System32\DWrite.dll 2011-02-19 12:04:17 902656 ----a-w- C:\Windows\System32\d2d1.dll 2011-02-19 06:30:51 1076736 ----a-w- C:\Windows\SysWow64\DWrite.dll 2011-02-19 06:30:50 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll 2011-02-03 06:02:40 49752 ----a-w- C:\Windows\System32\drivers\SBREDrv.sys 2011-02-03 06:02:32 15880 ----a-w- C:\Windows\System32\lsdelete.exe 2011-02-03 05:40:23 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2011-02-02 13:31:16 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll 2011-02-02 13:31:16 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll . ============= FINISH: 9:29:45.05 ===============
  2. Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Database version: 6319 Windows 6.1.7601 Service Pack 1 Internet Explorer 8.0.7601.17514 4/9/2011 8:52:50 AM mbam-log-2011-04-09 (08-52-50).txt Scan type: Quick scan Objects scanned: 163084 Time elapsed: 2 minute(s), 7 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) GMER 1.0.15.15570 - http://www.gmer.net Rootkit scan 2011-04-09 09:06:37 Windows 6.1.7601 Service Pack 1 Running: DDDqx6r22wm.exe ---- Registry - GMER 1.0.15 ---- Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\74f06da79772 Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\74f06da79772 (not active ControlSet) ---- EOF - GMER 1.0.15 ----
  3. OK sorry about the cut n paste Here is the zip as instructed.Attach.zip
  4. . DDS (Ver_11-03-05.01) - NTFS_AMD64 Run by Majikail at 12:25:59.54 on Wed 04/06/2011 Internet Explorer: 8.0.7601.17514 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8116.6199 [GMT -7:00] . AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116} AV: Kaspersky Internet Security *Disabled/Updated* {56547CC9-C9B2-849D-8FEF-A496150D6A06} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Kaspersky Internet Security *Disabled/Updated* {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB} SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB} FW: Kaspersky Internet Security *Disabled* {6E6FFDEC-83DD-85C5-A4B0-0DA3EBDE2D7D} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\nvvsvc.exe C:\Windows\system32\FBAgent.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\taskhost.exe C:\Windows\system32\taskeng.exe C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Photodex\ProShowProducer\ScsiAccess.exe C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Intel\TurboBoost\TurboBoost.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe C:\Program Files\P4G\BatteryLife.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe C:\Program Files (x86)\ASUS\Splendid\ACMON.exe C:\Windows\SysWOW64\ACEngSvr.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\AsScrPro.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe C:\Windows\system32\svchost.exe -k bthsvcs C:\Windows\System32\rundll32.exe C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Windows\System32\rundll32.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files (x86)\SlySoft\AnyDVD\ADvdDiscHlp64.exe C:\Windows\system32\conhost.exe C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\klwtblfs.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10n_ActiveX.exe C:\Windows\SysWOW64\notepad.exe C:\Windows\system32\vssvc.exe C:\Windows\System32\svchost.exe -k swprv C:\Windows\SysWOW64\notepad.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Users\Majikail\Desktop\MBAM\dds.pif C:\Windows\system32\conhost.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.bing.com/?scope=web&mkt=en-US&FORM=ASUMHP uDefault_Page_URL = hxxp://asus.msn.com mWinlogon: Userinit=c:\windows\syswow64\userinit.exe, BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll BHO: VivoxVoiceOverlayBHO.VxBHO: {c8748f11-f4ad-47af-ab50-c7df5792096b} - mscoree.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll BHO: FilterBHO Class: {e33cf602-d945-461a-83f0-819f76a199f8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll uRun: [AnyDVD] "C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVD.exe" mRun: [updateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" mRun: [updateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" mRun: [boingo Wi-Fi] "C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk" mRun: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe mRun: [THX TruStudio NB Settings] "C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe" /r mRun: [updReg] C:\Windows\UpdReg.EXE mRun: [ASUS VIBE] C:\Program Files (x86)\ASUS\ASUS VIBE\ASUS VIBE.exe /S mRun: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe mRun: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe" mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe mRun: [<NO NAME>] mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - D:\programs\PokerStarsUpdate.exe IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/en-us/wlscctrl2.cab DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab DPF: {CB50428B-657F-47DF-9B32-671F82AA73F7} - hxxp://www.photodex.com/pxplay.cab AppInit_DLLs: C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll, C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll BHO-X64: Windows Live Family Safety Browser Helper Class: {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll BHO-X64: Windows Live Family Safety Browser Helper - No File BHO-X64: IEVkbdBHO Class: {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\ievkbd.dll BHO-X64: IEVkbdBHO - No File BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll BHO-X64: FilterBHO Class: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\klwtbbho.dll BHO-X64: link filter bho - No File TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File mRun-x64: [ASUS WebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe mRun-x64: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe mRun-x64: [intelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" mRun-x64: [THXCfg64] C:\Windows\system32\RunDLL32.exe C:\Windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64 mRun-x64: [setwallpaper] c:\programdata\SetWallpaper.cmd mRun-x64: [Logitech Download Assistant] C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch IE-X64: {1FBA04EE-3024-11d2-8F1F-0000F87ABD16} - C:\Users\Majikail\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Absolute Poker\Absolute Poker.lnk AppInit_DLLs-X64: C:\PROGRA~2\KASPER~1\KASPER~1\x64\kloehk.dll,C:\PROGRA~2\KASPER~1\KASPER~1\x64\sbhook64.dll . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Majikail\AppData\Roaming\Mozilla\Firefox\Profiles\x9d8ihls.default\ FF - component: C:\Program Files (x86)\Mozilla Firefox\extensions\KavAntiBanner@Kaspersky.ru\components\abhelperxpcom.dll FF - component: C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru\components\kavlinkfilter.dll FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.0.60129.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll FF - plugin: C:\Program Files (x86)\Photodex Presenter\npPxPlay.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll . ============= SERVICES / DRIVERS =============== . R0 Lbd;Lbd;C:\Windows\System32\drivers\Lbd.sys [2011-2-2 69152] R1 kl2;kl2;C:\Windows\System32\drivers\kl2.sys [2010-6-9 11864] R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\System32\drivers\klim6.sys [2010-4-22 27736] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-13 59904] R2 AFBAgent;AFBAgent;C:\Windows\System32\FBAgent.exe [2010-8-31 379520] R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-2 15416] R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2010-2-28 821664] R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2010-4-24 483688] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-7-27 235624] R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2010-4-16 13832] R2 TurboBoost;Intel® Turbo Boost Technology Monitor;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-4-16 134928] R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-8-31 2314240] R3 btusbflt;Bluetooth USB Filter;C:\Windows\System32\drivers\btusbflt.sys [2009-12-14 53800] R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2010-8-31 35104] R3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver;C:\Windows\System32\drivers\FLxHCIc.sys [2010-9-24 229376] R3 FLxHCIh;Fresco Logic xHCI (USB3) Hub Device Driver;C:\Windows\System32\drivers\FLxHCIh.sys [2010-9-24 69120] R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2010-8-31 56344] R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\System32\drivers\klmouflt.sys [2009-11-2 22544] R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1C62x64.sys [2010-4-21 76912] R3 MBfilt;MBfilt;C:\Windows\System32\drivers\MBfilt64.sys [2010-8-31 32344] R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\System32\drivers\nvhda64v.sys [2010-6-21 131688] R3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\drivers\RtsPStor.sys [2010-8-31 318056] R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2010-4-24 721768] R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2010-4-24 269672] R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2010-4-24 25960] R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2010-4-24 22376] R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2010-4-24 209768] R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\System32\drivers\vwifimp.sys [2009-7-13 17920] R3 WSDPrintDevice;WSD Print Support via UMB;C:\Windows\System32\drivers\WSDPrint.sys [2009-7-13 23040] S2 AVP;Kaspersky Anti-Virus Service;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe [2010-11-2 365336] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-8-31 135664] S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2010-12-3 1405384] S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2010-8-31 79360] S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2010-8-31 79360] S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2011-1-14 61792] S3 fsssvc;Windows Live Family Safety;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2008-12-8 533344] S3 hitmanpro35;Hitman Pro 3.5 Support Driver;C:\Windows\System32\drivers\hitmanpro35.sys [2011-4-6 19528] S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184] S3 PS3 Media Server;PS3 Media Server;C:\Program Files (x86)\PS3 Media Server\win32\service\wrapper.exe [2010-1-12 217088] S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\System32\drivers\SiSG664.sys [2009-6-10 56832] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-3-17 59392] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-1-18 1255736] . =============== Created Last 30 ================ . 2011-04-06 19:05:38 -------- d-----w- C:\Users\Majikail\AppData\Roaming\Malwarebytes 2011-04-06 19:05:33 38224 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys 2011-04-06 19:05:32 -------- d-----w- C:\PROGRA~3\Malwarebytes 2011-04-06 19:05:28 24152 ----a-w- C:\Windows\System32\drivers\mbam.sys 2011-04-06 19:05:28 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2011-04-06 16:49:40 19528 ----a-w- C:\Windows\System32\drivers\hitmanpro35.sys 2011-04-06 16:49:40 -------- d-----w- C:\Program Files\Hitman Pro 3.5 2011-04-06 16:48:58 -------- d-----w- C:\PROGRA~3\Hitman Pro 2011-03-28 04:44:31 781272 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozsqlite3.dll 2011-03-28 04:44:31 728024 ----a-w- C:\Program Files (x86)\Mozilla Firefox\libGLESv2.dll 2011-03-28 04:44:31 1975768 ----a-w- C:\Program Files (x86)\Mozilla Firefox\D3DCompiler_42.dll 2011-03-28 04:44:31 1893336 ----a-w- C:\Program Files (x86)\Mozilla Firefox\d3dx9_42.dll 2011-03-28 04:44:31 1874904 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll 2011-03-28 04:44:31 15832 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozalloc.dll 2011-03-28 04:44:31 142296 ----a-w- C:\Program Files (x86)\Mozilla Firefox\libEGL.dll 2011-03-28 04:44:31 142296 ----a-w- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll 2011-03-24 19:38:27 109240 ----a-w- C:\Program Files (x86)\Mozilla Firefox\extensions\KavAntiBanner@Kaspersky.ru\components\abhelperxpcom.dll 2011-03-24 19:38:26 150200 ----a-w- C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru\components\kavlinkfilter.dll 2011-03-21 07:14:26 -------- d-----w- C:\Program Files (x86)\ESET 2011-03-19 17:37:23 0 ----a-w- C:\Windows\SysWow64\sho5950.tmp 2011-03-18 03:56:21 -------- d-----w- C:\Windows\System32\SPReview 2011-03-18 03:53:59 582656 ----a-w- C:\Windows\System32\sxs.dll 2011-03-18 03:52:59 606208 ----a-w- C:\Windows\SysWow64\wbem\fastprox.dll 2011-03-18 03:52:59 363008 ----a-w- C:\Windows\SysWow64\wbemcomn.dll 2011-03-18 03:50:13 529408 ----a-w- C:\Windows\System32\wbemcomn.dll 2011-03-18 03:50:13 524288 ----a-w- C:\Windows\System32\wmicmiplugin.dll 2011-03-18 03:50:13 1225216 ----a-w- C:\Windows\System32\wbem\wbemcore.dll 2011-03-18 03:50:04 933376 ----a-w- C:\Windows\System32\SmiEngine.dll 2011-03-18 03:49:58 199168 ----a-w- C:\Windows\System32\PkgMgr.exe 2011-03-18 03:49:43 422912 ----a-w- C:\Windows\System32\drvstore.dll 2011-03-18 03:49:42 399872 ----a-w- C:\Windows\System32\dpx.dll 2011-03-18 01:18:30 -------- d-----w- C:\Windows\System32\EventProviders 2011-03-18 01:00:09 321024 ----a-w- C:\Windows\System32\d3d10_1core.dll 2011-03-18 01:00:09 219136 ----a-w- C:\Windows\SysWow64\d3d10_1core.dll 2011-03-18 01:00:09 197120 ----a-w- C:\Windows\System32\d3d10_1.dll 2011-03-18 01:00:09 161792 ----a-w- C:\Windows\SysWow64\d3d10_1.dll 2011-03-17 17:47:09 -------- d-----w- C:\Program Files (x86)\Vivox 2011-03-10 22:58:09 -------- d-----w- C:\Users\Majikail\AppData\Roaming\com.thepokertimer.thepokertimer.1F528D20B60A731E41E775947BD47BFBDE52269E.1 2011-03-10 22:50:31 249856 ------w- C:\Windows\Setup1.exe 2011-03-10 22:50:30 73216 ----a-w- C:\Windows\ST6UNST.EXE 2011-03-10 21:17:40 -------- d-----w- C:\Program Files (x86)\PokerDIY 2011-03-10 16:29:26 -------- d-----w- C:\PROGRA~3\STOPzilla! . ==================== Find3M ==================== . 2011-04-06 19:14:04 45056 ----a-w- C:\Windows\System32\acovcnt.exe 2011-03-18 03:59:50 175616 ----a-w- C:\Windows\System32\msclmd.dll 2011-03-18 03:59:50 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll 2011-03-07 02:08:13 93552 ----a-w- C:\Windows\SysWow64\ElbyCDIO.dll 2011-02-23 15:16:06 43680 ----a-w- C:\Windows\System32\drivers\lirsgt.sys 2011-02-23 15:16:06 314016 ----a-w- C:\Windows\System32\drivers\atksgt.sys 2011-02-22 16:34:53 0 ----a-w- C:\Windows\SysWow64\shoCA87.tmp 2011-02-19 12:05:15 1139200 ----a-w- C:\Windows\System32\FntCache.dll 2011-02-19 12:04:37 1544192 ----a-w- C:\Windows\System32\DWrite.dll 2011-02-19 12:04:17 902656 ----a-w- C:\Windows\System32\d2d1.dll 2011-02-19 06:30:51 1076736 ----a-w- C:\Windows\SysWow64\DWrite.dll 2011-02-19 06:30:50 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll 2011-02-03 06:02:40 49752 ----a-w- C:\Windows\System32\drivers\SBREDrv.sys 2011-02-03 06:02:32 15880 ----a-w- C:\Windows\System32\lsdelete.exe 2011-02-03 05:40:23 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2011-02-02 13:31:16 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll 2011-02-02 13:31:16 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll 2011-01-07 12:17:52 475648 ----a-w- C:\Windows\System32\XpsGdiConverter.dll 2011-01-07 12:17:52 1465344 ----a-w- C:\Windows\System32\XpsPrint.dll 2011-01-07 12:14:11 46080 ----a-w- C:\Windows\System32\atmlib.dll 2011-01-07 09:51:01 1638912 ----a-w- C:\Windows\System32\mshtml.tlb 2011-01-07 09:20:44 366592 ----a-w- C:\Windows\System32\atmfd.dll 2011-01-07 07:46:34 870912 ----a-w- C:\Windows\SysWow64\XpsPrint.dll 2011-01-07 07:46:34 288256 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll 2011-01-07 07:45:57 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll 2011-01-07 06:01:22 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2011-01-07 05:43:36 294400 ----a-w- C:\Windows\SysWow64\atmfd.dll . ============= FINISH: 12:26:17.12 ===============
  5. . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_11-03-05.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume2 Install Date: 1/14/2011 2:01:21 PM System Uptime: 4/6/2011 12:13:36 PM (0 hours ago) . Motherboard: ASUSTeK Computer Inc. | | G73Jw Processor: Intel® Core i7 CPU Q 740 @ 1.73GHz | Socket 989 | 1734/133mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 116 GiB total, 30.103 GiB free. D: is FIXED (NTFS) - 330 GiB total, 273.244 GiB free. E: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP38: 3/17/2011 6:18:36 PM - Windows 7 Service Pack 1 RP39: 3/17/2011 8:55:52 PM - Windows Update RP40: 3/19/2011 1:15:31 PM - Removed The Poker Timer RP41: 3/24/2011 7:07:40 AM - Windows Update . ==== Installed Programs ====================== . Absolute Poker Acrobat.com Ad-Aware Adobe AIR Adobe Flash Player 10 ActiveX Adobe Flash Player 10 Plugin Adobe Reader 9.1 MUI Adobe Shockwave Player 11.5 Alice Greenfingers Amazon Kindle For PC v1.0 AnyDVD ASUS AI Recovery ASUS AP Bank ASUS Live Update ASUS MultiFrame ASUS SmartLogon ASUS Splendid Video Enhancement Technology ASUS VIBE ASUS Virtual Camera ASUS WebStorage Asus_G73_Screensaver ATK Package Boingo Wi-Fi Chicken Invaders 2 Choice Guard CloneDVD2 CyberLink LabelPrint CyberLink Power2Go Dream Day Wedding Married in Manhattan ebi.BookReader3J ESET Online Scanner v3 ExpressGate Cloud Game Park Console Google Chrome Google Toolbar for Internet Explorer Google Update Helper HP Deskjet 3050 J610 series Help HP Photo Creations HP Update Intel® Management Engine Components Internet TV for Windows Media Center Java Auto Updater Java 6 Update 24 Junk Mail filter update Kaspersky Internet Security 2011 Malwarebytes' Anti-Malware Microsoft Office 2010 Microsoft Office Click-to-Run 2010 Microsoft Office Starter 2010 - English Microsoft Search Enhancement Pack Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Sync Framework Runtime Native v1.0 (x86) Microsoft Sync Framework Services Native v1.0 (x86) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Mozilla Firefox 4.0 (x86 en-US) MSVCRT MSXML 4.0 SP3 Parser (KB973685) NB Probe NVIDIA Stereoscopic 3D Driver Photodex Presenter Piggly FREE PokerDIY Tourney Manager PokerStars ProShow Producer PS3 Media Server Realtek High Definition Audio Driver Realtek PCIE Card Reader Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) Smileyville FREE syncables desktop SE The Witcher Enhanced Edition THX TruStudio Times Reader Update for Microsoft .NET Framework 4 Client Profile (KB2473228) Visual C++ 2008 x86 Runtime - (v9.0.30729) Visual C++ 2008 x86 Runtime - v9.0.30729.01 vring! HD Windows Live Call Windows Live Communications Platform Windows Live Essentials Windows Live Mail Windows Live Messenger Windows Live OneCare safety scanner Windows Live Photo Gallery Windows Live Sign-in Assistant Windows Live Sync Windows Live Toolbar Windows Live Upload Tool Windows Live Writer Windows Media Center Add-in for Flash WinFlash Wireless Console 3 . ==== Event Viewer Messages From Past Week ======== . 4/6/2011 12:15:02 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. 4/6/2011 12:14:49 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: is3srv szkg5 4/6/2011 10:43:44 AM, Error: bowser [8003] - The master browser has received a server announcement from the computer FAERIEPONY that believes that it is the master browser for the domain on transport NetBT_Tcpip_{C3C45F2D-EAA3-498C-B020-F999C33FB93D}. The master browser is stopping or an election is being forced. 4/6/2011 10:05:24 AM, Error: Service Control Manager [7024] - The Hitman Pro 3.5 Crusader (Boot) service terminated with service-specific error The operation completed successfully.. 4/5/2011 7:25:38 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} and APPID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} to the user Majikail-PC\Majikail SID (S-1-5-21-3526087131-3201423616-2968771708-1001) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. 4/5/2011 2:57:31 AM, Error: bowser [8003] - The master browser has received a server announcement from the computer CROWLEY-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{C3C45F2D-EAA3-498C-B020-F999C33FB93D}. The master browser is stopping or an election is being forced. 4/5/2011 12:51:19 PM, Error: ACPI [10] - ACPI: ACPI BIOS is attempting to write to an illegal PCI Operation Region (0x4), Please contact your system vendor for technical assistance. 4/2/2011 8:37:24 PM, Error: NetBT [4321] - The name "FAEDOM :1d" could not be registered on the interface with IP address 192.168.1.10. The computer with the IP address 192.168.1.7 did not allow the name to be claimed by this computer. 4/2/2011 8:33:40 PM, Error: Service Control Manager [7023] - The Windows Error Reporting Service service terminated with the following error: The process cannot access the file because it is being used by another process. 4/1/2011 8:02:58 AM, Error: NetBT [4321] - The name "FAEDOM :1d" could not be registered on the interface with IP address 192.168.1.6. The computer with the IP address 192.168.1.62 did not allow the name to be claimed by this computer. . ==== End Of File ===========================
  6. Help!!! I have been fighting this for a month now and I am afraid I am going to have ask for help. You have heard all norms for it. it is a google redirect or it started that way anyway. If I am using any browser after a click on links in any web page after 4 or 5 clicks it will open up some odd page usually the of the same few, in a new page. All I have to do is close it. OK! thats not all. If I am using the search engines I always get a redirect on the first click, close page or back and it works fine second time. This bloody thing seems to have spread to other computers in the house. Now on one of the computers, I keep getting one of thos false anti virus programs pages. My wife has mistakenly installed it twice. Ugghh! I managed to uninstall it both times. But I am getting sic of this @%#*&^!!! Help!!!! I will do as you instruct and stay here all day.
  7. Malwarebytes' Anti-Malware 1.50 www.malwarebytes.org Database version: 5358 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 12/19/2010 2:46:38 PM mbam-log-2010-12-19 (14-46-38).txt Scan type: Quick scan Objects scanned: 152140 Time elapsed: 59 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected)
  8. DDS (Ver_10-12-12.02) - NTFS_AMD64 Run by Majikail at 14:35:31.72 on Sun 12/19/2010 Internet Explorer: 8.0.7600.16385 Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.8116.5909 [GMT -8:00] AV: Kaspersky Internet Security *Enabled/Updated* {56547CC9-C9B2-849D-8FEF-A496150D6A06} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Kaspersky Internet Security *Enabled/Updated* {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB} FW: Kaspersky Internet Security *Enabled* {6E6FFDEC-83DD-85C5-A4B0-0DA3EBDE2D7D} ============== Running Processes =============== C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\FBAgent.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Intel\TurboBoost\TurboBoost.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\svchost.exe -k bthsvcs C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\nvvsvc.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\ASUS\Splendid\ACMON.exe C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe C:\Program Files\P4G\BatteryLife.exe C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe C:\Windows\SysWOW64\ACEngSvr.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Windows\AsScrPro.exe C:\Windows\System32\rundll32.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files (x86)\syncables\syncables desktop\syncables.exe C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Program Files (x86)\uTorrent\uTorrent.exe C:\Program Files (x86)\ManyCam\Bin\ManyCam.exe C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files (x86)\ASUS\ASUS WebStorage\EeeStorageUploader.exe C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe C:\Program Files (x86)\SlySoft\AnyDVD\ADvdDiscHlp64.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe C:\Windows\system32\conhost.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\klwtblfs.exe C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10l_ActiveX.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\Majikail\Downloads\dds.scr C:\Windows\system32\conhost.exe ============== Pseudo HJT Report =============== uStart Page = hxxp://www.google.com/ uDefault_Page_URL = hxxp://asus.msn.com uURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll mURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll mWinlogon: Userinit=userinit.exe BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll BHO: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO: FilterBHO Class: {e33cf602-d945-461a-83f0-819f76a199f8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll TB: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll TB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun uRun: [syncables] C:\Program Files (x86)\syncables\syncables desktop\Syncables.exe uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background uRun: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" uRun: [ManyCam] "C:\Program Files (x86)\ManyCam\Bin\ManyCam.exe" /silent uRun: [AnyDVD] C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe mRun: [updateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" mRun: [updateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" mRun: [boingo Wi-Fi] "C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk" mRun: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe mRun: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe mRun: [THX TruStudio NB Settings] "C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe" /r mRun: [updReg] C:\Windows\UpdReg.EXE mRun: [sessionLogon] C:\ExpressGateUtil\SessionLogon.exe mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe" mRunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ASUSVI~1.LNK - C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlcdnet.asus.com/pub/ASUS/misc/dlm-activex-2.2.5.0.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll AppInit_DLLs: C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll BHO-X64: IEVkbdBHO Class: {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\ievkbd.dll BHO-X64: IEVkbdBHO - No File BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll BHO-X64: FilterBHO Class: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\klwtbbho.dll BHO-X64: link filter bho - No File TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File TB-X64: {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No File TB-X64: {30F9B915-B755-4826-820B-08FBA6BD249D} - No File mRun-x64: [ASUS WebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe mRun-x64: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe mRun-x64: [intelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" mRun-x64: [THXCfg64] C:\Windows\system32\RunDLL32.exe C:\Windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64 mRun-x64: [setwallpaper] c:\programdata\SetWallpaper.cmd mRun-x64: [Logitech Download Assistant] C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch IE-X64: {1FBA04EE-3024-11d2-8F1F-0000F87ABD16} - C:\Users\Majikail\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Absolute Poker\Absolute Poker.lnk AppInit_DLLs-X64: C:\PROGRA~2\KASPER~1\KASPER~1\x64\kloehk.dll,C:\PROGRA~2\KASPER~1\KASPER~1\x64\sbhook64.dll ================= FIREFOX =================== FF - ProfilePath - C:\Users\Majikail\AppData\Roaming\Mozilla\Firefox\Profiles\o16pqvan.default\ FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ============= SERVICES / DRIVERS =============== R1 kl2;kl2;C:\Windows\System32\drivers\kl2.sys [2010-6-9 11864] R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\System32\drivers\klim6.sys [2010-4-22 27736] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-13 59904] R2 AFBAgent;AFBAgent;C:\Windows\System32\FBAgent.exe [2010-8-31 379520] R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-2 15416] R2 AVP;Kaspersky Anti-Virus Service;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe [2010-7-1 352976] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-7-26 235624] R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2010-4-16 13832] R2 TurboBoost;Intel® Turbo Boost Technology Monitor;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-4-16 134928] R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-8-31 2314240] R3 btusbflt;Bluetooth USB Filter;C:\Windows\System32\drivers\btusbflt.sys [2009-12-14 53800] R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2010-8-31 35104] R3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver;C:\Windows\System32\drivers\FLxHCIc.sys [2010-6-27 206848] R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2010-8-31 56344] R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\System32\drivers\klmouflt.sys [2009-11-2 22544] R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1C62x64.sys [2010-4-20 76912] R3 MBfilt;MBfilt;C:\Windows\System32\drivers\MBfilt64.sys [2010-8-31 32344] R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\System32\drivers\nvhda64v.sys [2010-6-20 131688] R3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\drivers\RtsPStor.sys [2010-8-31 318056] R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\System32\drivers\vwifimp.sys [2009-7-13 17920] R3 WSDPrintDevice;WSD Print Support via UMB;C:\Windows\System32\drivers\WSDPrint.sys [2009-7-13 23040] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-8-31 135664] S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2010-8-31 79360] S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2010-8-31 79360] S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2010-11-17 48488] S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352] S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\System32\drivers\SiSG664.sys [2009-6-10 56832] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-11-17 1255736] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184] =============== Created Last 30 ================ 2010-12-19 21:59:03 388096 ----a-r- C:\Users\Majikail\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2010-12-19 21:59:03 -------- d-----w- C:\Program Files (x86)\Trend Micro 2010-12-19 19:13:59 -------- d-----w- C:\Users\Majikail\AppData\Roaming\Malwarebytes 2010-12-19 19:13:50 38224 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys 2010-12-19 19:13:50 -------- d-----w- C:\PROGRA~3\Malwarebytes 2010-12-19 19:13:46 24152 ----a-w- C:\Windows\System32\drivers\mbam.sys 2010-12-19 19:13:46 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2010-12-19 17:48:02 -------- d-----w- C:\Users\Majikail\AppData\Local\Mozilla 2010-12-15 05:50:41 2048 ----a-w- C:\Windows\SysWow64\tzres.dll 2010-12-10 03:12:20 539968 ----a-w- C:\PROGRA~3\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll 2010-12-07 05:40:19 -------- d-----w- C:\PROGRA~3\Elaborate Bytes 2010-12-07 05:39:07 -------- d-----w- C:\Program Files (x86)\Elaborate Bytes 2010-12-07 04:59:48 -------- d-----w- C:\Program Files (x86)\SlySoft 2010-12-07 03:18:18 -------- d-----w- C:\Program Files (x86)\Kaspersky Lab 2010-12-07 03:18:18 -------- d-----w- C:\PROGRA~3\Kaspersky Lab 2010-12-06 02:54:20 -------- d-----w- C:\PROGRA~3\Symantec 2010-12-06 02:54:20 -------- d-----w- C:\PROGRA~3\Norton 2010-12-06 02:54:19 -------- d-----w- C:\PROGRA~3\NortonInstaller 2010-12-06 02:18:30 -------- d-----w- C:\PROGRA~3\Kaspersky Lab Setup Files 2010-12-03 08:03:29 737072 ----a-w- C:\PROGRA~3\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll 2010-12-03 08:03:15 4277016 ----a-w- C:\PROGRA~3\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll 2010-12-03 08:03:00 42776 ----a-w- C:\PROGRA~3\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll 2010-12-03 08:02:56 588096 ----a-w- C:\PROGRA~3\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll 2010-12-02 16:44:54 230400 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\hpzppw71.dll 2010-12-02 07:36:37 -------- d-----w- C:\Users\Majikail\AppData\Roaming\Absolute Poker 2010-12-02 07:35:47 -------- d-----w- C:\Poker Application 2010-12-02 06:47:49 -------- d-----w- C:\Users\Majikail\AppData\Local\Diagnostics 2010-12-01 19:06:31 125512 ----a-w- C:\Windows\SysWow64\drivers\AnyDVD.sys 2010-12-01 19:06:31 125512 ----a-w- C:\Windows\System32\drivers\AnyDVD.sys 2010-11-30 20:43:40 41128 ------w- C:\Windows\System32\drivers\ElbyCDIO.sys 2010-11-28 01:31:57 -------- d-----w- C:\Users\Majikail\AppData\Local\The Witcher 2010-11-28 01:26:59 74576 ----a-w- C:\Windows\System32\XAPOFX1_2.dll 2010-11-28 01:25:45 -------- d-----w- C:\Windows\SysWow64\directx 2010-11-28 00:16:41 -------- d-----w- C:\Program Files (x86)\The Witcher Enhanced Edition 2010-11-25 18:29:05 89256 ------w- C:\Windows\SysWow64\ElbyCDIO.dll 2010-11-24 16:06:12 7680 ----a-w- C:\Program Files\Internet Explorer\iecompat.dll 2010-11-24 16:06:12 7680 ----a-w- C:\Program Files (x86)\Internet Explorer\iecompat.dll 2010-11-22 20:56:14 -------- d-----w- C:\Program Files (x86)\Conduit 2010-11-22 20:56:13 -------- d-----w- C:\Program Files (x86)\ConduitEngine 2010-11-22 20:56:11 -------- d-----w- C:\Program Files (x86)\uTorrentBar 2010-11-22 20:56:10 -------- d-----w- C:\extensions 2010-11-22 20:56:02 -------- d-----w- C:\Program Files (x86)\uTorrent 2010-11-22 20:55:14 -------- d-----w- C:\Users\Majikail\AppData\Roaming\uTorrent 2010-11-21 17:42:53 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2010-11-21 02:05:35 -------- d-----w- C:\Users\Majikail\AppData\Roaming\Windows Live Writer 2010-11-21 02:05:35 -------- d-----w- C:\Users\Majikail\AppData\Local\Windows Live Writer ==================== Find3M ==================== 2010-11-28 01:31:22 43680 ----a-w- C:\Windows\System32\drivers\lirsgt.sys 2010-11-28 01:31:22 314016 ----a-w- C:\Windows\System32\drivers\atksgt.sys 2010-11-18 00:37:42 45056 ----a-w- C:\Windows\System32\acovcnt.exe 2010-11-04 06:35:53 1194496 ----a-w- C:\Windows\System32\wininet.dll 2010-11-04 06:31:34 57856 ----a-w- C:\Windows\System32\licmgr10.dll 2010-11-04 05:52:17 978944 ----a-w- C:\Windows\SysWow64\wininet.dll 2010-11-04 05:50:28 1580368 ----a-w- C:\Windows\System32\LogiLDA.DLL 2010-11-04 05:48:36 44544 ----a-w- C:\Windows\SysWow64\licmgr10.dll 2010-11-04 05:16:14 482816 ----a-w- C:\Windows\System32\html.iec 2010-11-04 04:41:26 386048 ----a-w- C:\Windows\SysWow64\html.iec 2010-11-04 04:35:37 1638912 ----a-w- C:\Windows\System32\mshtml.tlb 2010-11-04 04:08:54 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2010-11-02 05:18:17 524288 ----a-w- C:\Windows\System32\wmicmiplugin.dll 2010-11-02 05:17:38 473600 ----a-w- C:\Windows\System32\taskcomp.dll 2010-11-02 05:17:38 1169408 ----a-w- C:\Windows\System32\taskschd.dll 2010-11-02 05:16:53 1114624 ----a-w- C:\Windows\System32\schedsvc.dll 2010-11-02 05:10:47 464384 ----a-w- C:\Windows\System32\taskeng.exe 2010-11-02 05:10:32 285696 ----a-w- C:\Windows\System32\schtasks.exe 2010-11-02 04:40:36 496128 ----a-w- C:\Windows\SysWow64\taskschd.dll 2010-11-02 04:40:36 305152 ----a-w- C:\Windows\SysWow64\taskcomp.dll 2010-11-02 04:34:44 192000 ----a-w- C:\Windows\SysWow64\taskeng.exe 2010-11-02 04:34:33 179712 ----a-w- C:\Windows\SysWow64\schtasks.exe 2010-10-27 05:06:22 2048 ----a-w- C:\Windows\System32\tzres.dll 2010-10-20 05:20:01 46080 ----a-w- C:\Windows\System32\atmlib.dll 2010-10-20 04:54:18 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll 2010-10-20 03:09:15 3124224 ----a-w- C:\Windows\System32\win32k.sys 2010-10-20 03:05:46 367104 ----a-w- C:\Windows\System32\atmfd.dll 2010-10-20 02:58:41 294400 ----a-w- C:\Windows\SysWow64\atmfd.dll 2010-10-16 05:23:13 112000 ----a-w- C:\Windows\System32\consent.exe 2010-10-16 05:19:41 395776 ----a-w- C:\Windows\System32\webio.dll 2010-10-16 04:36:10 314368 ----a-w- C:\Windows\SysWow64\webio.dll 2010-09-23 08:47:28 49016 ----a-w- C:\Windows\SysWow64\sirenacm.dll 2010-09-23 08:36:48 48488 ----a-w- C:\Windows\System32\drivers\fssfltr.sys 2010-09-23 08:32:56 301936 ----a-w- C:\Windows\WLXPGSS.SCR 2010-09-21 22:49:02 252800 ----a-w- C:\Windows\System32\LIVESSP.DLL 2010-09-21 22:03:14 208768 ----a-w- C:\Windows\SysWow64\LIVESSP.DLL ============= FINISH: 14:36:27.12 ===============
  9. Help I am having problem with google redirect. It is only in IE not in Firefox. My computer is not even a month old.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.