We'd like to remind Forumites to please avoid political debate on the Forum... Read More »
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
plusnetwork.com
Options
Lleucu
Posts: 334 Forumite
in Techie Stuff
Help, my browser (IE or Google Crome) keeps redirecting itself to this browser, quick look online it seems bad news cant get rid of it!
Currently have Windows 7, IE, Avast Free and do weekly checks with Spybot,Malwarebytes and CC Cleaner and only use very limited number of websites so why??
Any thoughts on how to get rid of it?
Currently have Windows 7, IE, Avast Free and do weekly checks with Spybot,Malwarebytes and CC Cleaner and only use very limited number of websites so why??
Any thoughts on how to get rid of it?
0
Comments
-
Use CCLeaner to remove the program0
-
Thanks/diolch, have run it so will see if the horrible thing goes away.:T0
-
You've possibly picked up some malware. Download DDS from the link below and save it to your desktop:
Link
After you've downloaded it and saved it to your desktop:- Double click DDS to run it.
- When it's finished, DDS will open two logs:
- DDS.txt
- Attach.txt
Copy & paste the contents of just DDS.txt for now and post it here (you may need to split the log over separate posts)0 -
Thanks, here it is:
vast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\windows\system32\wininit.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\windows\system32\WLANExt.exe
C:\windows\system32\conhost.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\taskhost.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\windows\system32\igfxsrvc.exe
C:\Program Files\Conexant\SAII\SmartAudio.exe
C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
C:\Program Files (x86)\Ask.com\Updater\Updater.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\ProgramData\bProtector\bProtect.exe
C:\ProgramData\bProtector\bProtect.exe
C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files (x86)\BBC iPlayer Desktop\BBC iPlayer Desktop.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\system32\SearchIndexer.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\windows\System32\svchost.exe -k secsvcs
C:\windows\system32\DllHost.exe
C:\windows\splwow64.exe
C:\windows\SysWOW64\Macromed\Flash\FlashUtil11e_ActiveX.exe
C:\windows\system32\taskeng.exe
C:\windows\system32\taskeng.exe
C:\windows\system32\taskeng.exe
C:\windows\system32\wuauclt.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\windows\system32\taskhost.exe
C:\windows\SysWOW64\cmd.exe
C:\windows\system32\conhost.exe
C:\windows\SysWOW64\cscript.exe
C:\windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.bbc.co.uk/
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
uURLSearchHooks: H - No File
uURLSearchHooks: H - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll
BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - No File
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB: {F897EB0E-A3A4-46C3-80EB-2729699D8892} - No File
uRun: [SpybotSD TeaTimer] "C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe"
uRun: [Google Update] "C:\Users\adarynefoedd\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [EPSON6A2DAB (Epson Stylus SX525WD)] "C:\windows\system32\spool\DRIVERS\x64\3\E_IATIGAE.EXE" /FU "C:\windows\TEMP\E_S9894.tmp" /EF "HKCU"
uRun: [Epson Stylus SX525WD(Network)] C:\windows\system32\spool\DRIVERS\x64\3\E_IATIGAE.EXE /FU "C:\windows\TEMP\E_S8CE5.tmp" /EF "HKCU"
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [EPSON SX525WD Series] C:\windows\system32\spool\DRIVERS\x64\3\E_IATIGAE.EXE /FU "C:\windows\TEMP\E_S71D5.tmp" /EF "HKCU"
mRun: [VeriFaceManager] "C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe"
mRun: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
mRun: [RIMBBLaunchAgent.exe] "C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
mRun: [<NO NAME>]
mRun: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
dRunOnce: [WLStart] "C:\Program Files (x86)\Windows Live\Installer\wlstart.exe" /nosearch /nohomepage
StartupFolder: C:\Users\ADARYN~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\BBCIPL~1.LNK - C:\Program Files (x86)\BBC iPlayer Desktop\BBC iPlayer Desktop.exe
StartupFolder: C:\Users\ADARYN~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MICROS~1.LNK - C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE
uPolicies-explorer: NoViewOnDrive = 0 (0x0)
uPolicies-explorer: NoDevMgrUpdate = 0 (0x0)
uPolicies-explorer: NoWindowsUpdate = 0 (0x0)
uPolicies-system: NoDispAppearancePage = 0 (0x0)
uPolicies-system: NoDispSettingsPage = 0 (0x0)
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoViewOnDrive = 0 (0x0)
mPolicies-explorer: NoDevMgrUpdate = 0 (0x0)
mPolicies-explorer: NoWindowsUpdate = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: NoDispAppearancePage = 0 (0x0)
mPolicies-system: NoDispSettingsPage = 0 (0x0)
dPolicies-explorer: NoViewOnDrive = 0 (0x0)
dPolicies-explorer: NoDevMgrUpdate = 0 (0x0)
dPolicies-explorer: NoWindowsUpdate = 0 (0x0)
dPolicies-system: NoDispAppearancePage = 0 (0x0)
dPolicies-system: NoDispSettingsPage = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{404539EF-4DDF-4642-904B-149E6E72EEDB} : DhcpNameServer = 192.168.1.254
TCP: Interfaces\{404539EF-4DDF-4642-904B-149E6E72EEDB}\0756E62786F637F6574746F6F627 : DhcpNameServer = 192.168.2.245
TCP: Interfaces\{404539EF-4DDF-4642-904B-149E6E72EEDB}\244564F4E4 : DhcpNameServer = 192.168.22.22 192.168.22.23
TCP: Interfaces\{404539EF-4DDF-4642-904B-149E6E72EEDB}\244584F6D656845726D214231393 : DhcpNameServer = 192.168.1.254
TCP: Interfaces\{404539EF-4DDF-4642-904B-149E6E72EEDB}\2445F40756E6A7F6E656 : DhcpNameServer = 192.168.22.22 192.168.22.23
TCP: Interfaces\{404539EF-4DDF-4642-904B-149E6E72EEDB}\2456C6B696E6F5239373433324 : DhcpNameServer = 192.168.2.1
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\microsoft shared\Web Folders\PKMCDO.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs: protector.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
BHO-X64: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
BHO-X64: Search Helper - No File
BHO-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll
BHO-X64: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - No File
TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
TB-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB-X64: {F897EB0E-A3A4-46C3-80EB-2729699D8892} - No File
mRun-x64: [VeriFaceManager] "C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe"
mRun-x64: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
mRun-x64: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
mRun-x64: [RIMBBLaunchAgent.exe] "C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
mRun-x64: [(Default)]
mRun-x64: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
mRun-x64: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
AppInit_DLLs-X64: protector.dll
.
============= SERVICES / DRIVERS ===============
.
R1 aswSnx;aswSnx;C:\windows\system32\drivers\aswSnx.sys --> C:\windows\system32\drivers\aswSnx.sys [?]
R1 aswSP;aswSP;C:\windows\system32\drivers\aswSP.sys --> C:\windows\system32\drivers\aswSP.sys [?]
R1 funfrm;funfrm;C:\windows\system32\drivers\funfrm.sys --> C:\windows\system32\drivers\funfrm.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\windows\system32\DRIVERS\vwififlt.sys --> C:\windows\system32\DRIVERS\vwififlt.sys [?]
R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-5-14 759048]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 64952]
R2 aswFsBlk;aswFsBlk;C:\windows\system32\drivers\aswFsBlk.sys --> C:\windows\system32\drivers\aswFsBlk.sys [?]
R2 aswMonFlt;aswMonFlt;\??\C:\windows\system32\drivers\aswMonFlt.sys --> C:\windows\system32\drivers\aswMonFlt.sys [?]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-1-1 44768]
R2 bProtector;bProtector;C:\ProgramData\bProtector\bProtect.exe [2012-1-2 803328]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2010-10-20 821664]
R2 EPSON_EB_RPCV4_04;EPSON V5 Service4(04);C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE [2011-12-6 166400]
R2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04);C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [2011-12-6 128512]
R2 IGRS;IGRS;C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe [2009-7-14 38152]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-2-11 652360]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2011-10-23 1153368]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2010-9-14 508264]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver;C:\windows\system32\DRIVERS\AcpiVpc.sys --> C:\windows\system32\DRIVERS\AcpiVpc.sys [?]
R3 MBAMProtector;MBAMProtector;\??\C:\windows\system32\drivers\mbam.sys --> C:\windows\system32\drivers\mbam.sys [?]
R3 Sftfs;Sftfs;C:\windows\system32\DRIVERS\Sftfslh.sys --> C:\windows\system32\DRIVERS\Sftfslh.sys [?]
R3 Sftplay;Sftplay;C:\windows\system32\DRIVERS\Sftplaylh.sys --> C:\windows\system32\DRIVERS\Sftplaylh.sys [?]
R3 Sftredir;Sftredir;C:\windows\system32\DRIVERS\Sftredirlh.sys --> C:\windows\system32\DRIVERS\Sftredirlh.sys [?]
R3 Sftvol;Sftvol;C:\windows\system32\DRIVERS\Sftvollh.sys --> C:\windows\system32\DRIVERS\Sftvollh.sys [?]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2010-9-14 219496]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\windows\system32\DRIVERS\vwifimp.sys --> C:\windows\system32\DRIVERS\vwifimp.sys [?]
R3 wdmirror;wdmirror;C:\windows\system32\DRIVERS\WDMirror.sys --> C:\windows\system32\DRIVERS\WDMirror.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-2-12 136176]
S2 ReadyComm.DirectRouter;ReadyComm.DirectRouter;C:\windows\System32\IgrsSvcs.exe -k IgrsSvcs --> C:\windows\System32\IgrsSvcs.exe -k IgrsSvcs [?]
S3 Bridge0;Bridge0;C:\windows\system32\drivers\WDBridge.sys --> C:\windows\system32\drivers\WDBridge.sys [?]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-2-12 136176]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;C:\windows\system32\DRIVERS\k57nd60a.sys --> C:\windows\system32\DRIVERS\k57nd60a.sys [?]
S3 Lenovo ReadyComm AppSvc;Lenovo ReadyComm AppSvc;C:\Program Files\Lenovo\ReadyComm\AppSvc.exe [2010-5-30 509192]
S3 Lenovo ReadyComm ConnSvc;Lenovo ReadyComm ConnSvc;C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe [2010-5-30 579400]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\windows\system32\DRIVERS\netw5v64.sys --> C:\windows\system32\DRIVERS\netw5v64.sys [?]
S3 osppsvc;Office Software Protection Platform;"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE" --> C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [?]
S3 PS_MDP;ReadyComm Presentation Space Helper Service;C:\windows\System32\IgrsSvcs.exe -k IgrsSvcs --> C:\windows\System32\IgrsSvcs.exe -k IgrsSvcs [?]
S3 TsUsbFlt;TsUsbFlt;C:\windows\system32\drivers\tsusbflt.sys --> C:\windows\system32\drivers\tsusbflt.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\system32\Wat\WatAdminSvc.exe --> C:\windows\system32\Wat\WatAdminSvc.exe [?]
S3 WSDPrintDevice;WSD Print Support via UMB;C:\windows\system32\DRIVERS\WSDPrint.sys --> C:\windows\system32\DRIVERS\WSDPrint.sys [?]
S3 WSDScan;WSD Scan Support via UMB;C:\windows\system32\DRIVERS\WSDScan.sys --> C:\windows\system32\DRIVERS\WSDScan.sys [?]
S3 wsvd;wsvd;C:\windows\system32\DRIVERS\wsvd.sys --> C:\windows\system32\DRIVERS\wsvd.sys [?]
.
=============== File Associations ===============
.
inffile=%SystemRoot%\SysWow64\NOTEPAD.EXE %1
inifile=%SystemRoot%\SysWow64\NOTEPAD.EXE %1
JSEFile="%SystemRoot%\System32\WScript.exe" "%1" %*
txtfile=%SystemRoot%\SysWow64\NOTEPAD.EXE %1
.
=============== Created Last 30 ================
.
2012-02-17 18:49:46 8602168 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C4F211E4-CC3E-44D8-8F1A-91B368F154EC}\mpengine.dll
2012-01-26 05:14:54 340992 ----a-w- C:\windows\System32\schannel.dll
.
==================== Find3M ====================
.
2012-01-27 00:52:58 279656
w- C:\windows\System32\MpSigStub.exe
2012-01-14 04:06:27 3145728 ----a-w- C:\windows\System32\win32k.sys
2012-01-04 10:44:20 509952 ----a-w- C:\windows\System32\ntshrui.dll
2012-01-04 08:58:41 442880 ----a-w- C:\windows\SysWow64\ntshrui.dll
2012-01-02 12:04:53 748544 ----a-w- C:\windows\SysWow64\protector.dll
2012-01-02 09:26:41 748544 ----a-w- C:\windows\SysWow64\protector.dll.tmp
2011-12-30 06:26:08 515584 ----a-w- C:\windows\System32\timedate.cpl
2011-12-30 05:27:56 478720 ----a-w- C:\windows\SysWow64\timedate.cpl
2011-12-29 20:18:40 138471 ----a-w- C:\InformationalData.tmp
2011-12-29 20:18:39 9587 ----a-w- C:\DetectionData.tmp
2011-12-28 03:59:24 498688 ----a-w- C:\windows\System32\drivers\afd.sys
2011-12-16 08:47:38 1188864 ----a-w- C:\windows\System32\wininet.dll
2011-12-16 08:46:06 634880 ----a-w- C:\windows\System32\msvcrt.dll
2011-12-16 07:54:22 981504 ----a-w- C:\windows\SysWow64\wininet.dll
2011-12-16 07:52:58 690688 ----a-w- C:\windows\SysWow64\msvcrt.dll
2011-12-16 06:44:38 1638912 ----a-w- C:\windows\System32\mshtml.tlb
2011-12-16 06:09:17 1638912 ----a-w- C:\windows\SysWow64\mshtml.tlb
2011-12-10 15:24:08 23152 ----a-w- C:\windows\System32\drivers\mbam.sys
2011-12-04 22:34:37 414368 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-12-02 18:04:24 19000 ----a-w- C:\windows\System32\roboot64.exe
2011-11-28 18:01:25 41184 ----a-w- C:\windows\avastSS.scr
2011-11-28 17:54:06 591192 ----a-w- C:\windows\System32\drivers\aswSnx.sys
2011-11-28 17:52:11 66904 ----a-w- C:\windows\System32\drivers\aswMonFlt.sys
.
============= FINISH: 22:48:08.70 ===============0 -
download this and save it to your desktop.
http://public.avast.com/~gmerek/aswMBR.exe
When you've downloaded it...- Double click aswMBR.exe to run it (XP), or right click & choose "Run as Administrator" (Vista, Win7)
- With the AVscan set to Quick Scan, click the Scan button.
- When the scan reports "Scan finished successfully", click Save log & save the log to your desktop.
- Click OK when prompted. aswMBR.txt & MBR.dat will be appear on your desktop.
- Click EXIT.
- Copy & paste the contents of aswMBR.txt & post it here.
0 -
aswMBR version 0.9.9.1618 Copyright(c) 2011 AVAST Software
Run date: 2012-02-20 23:09:40
23:09:40.389 OS Version: Windows x64 6.1.7601 Service Pack 1
23:09:40.389 Number of processors: 2 586 0x170A
23:09:40.391 ComputerName: ADARYNEFOEDD-PC UserName: adarynefoedd
23:09:41.379 Initialze error C000010E - driver not loaded
23:09:41.494 AVAST engine defs: 12022001
23:09:59.489 Service scanning
23:10:34.667 Modules scanning
23:10:34.672 Disk 0 trace - called modules:
23:10:34.677
23:10:35.772 AVAST engine scan C:\windows
23:10:37.997 AVAST engine scan C:\windows\system32
23:13:03.207 AVAST engine scan C:\windows\system32\drivers
23:13:14.375 AVAST engine scan C:\Users\adarynefoedd
23:14:52.200 The log file has been saved successfully to "C:\Users\adarynefoedd\Desktop\aswMBR.txt"
aswMBR version 0.9.9.1618 Copyright(c) 2011 AVAST Software
Run date: 2012-02-20 23:09:40
23:09:40.389 OS Version: Windows x64 6.1.7601 Service Pack 1
23:09:40.389 Number of processors: 2 586 0x170A
23:09:40.391 ComputerName: ADARYNEFOEDD-PC UserName: adarynefoedd
23:09:41.379 Initialze error C000010E - driver not loaded
23:09:41.494 AVAST engine defs: 12022001
23:09:59.489 Service scanning
23:10:34.667 Modules scanning
23:10:34.672 Disk 0 trace - called modules:
23:10:34.677
23:10:35.772 AVAST engine scan C:\windows
23:10:37.997 AVAST engine scan C:\windows\system32
23:13:03.207 AVAST engine scan C:\windows\system32\drivers
23:13:14.375 AVAST engine scan C:\Users\adarynefoedd
23:14:52.200 The log file has been saved successfully to "C:\Users\adarynefoedd\Desktop\aswMBR.txt"
23:17:11.652 AVAST engine scan C:\ProgramData
23:18:36.654 Scan finished successfully
23:19:29.965 The log file has been saved successfully to "C:\Users\adarynefoedd\Desktop\aswMBR.txt"0 -
Are you running it in Avast's sandbox?
Try it again, the driver needs to load - you should see: Initialize successaswMBR version 0.9.9.1618 Copyright(c) 2011 AVAST Software
Run date: 2012-02-20 23:09:40
23:09:40.389 OS Version: Windows x64 6.1.7601 Service Pack 1
23:09:40.389 Number of processors: 2 586 0x170A
23:09:40.391 ComputerName: ADARYNEFOEDD-PC UserName: adarynefoedd
23:09:41.379 Initialze error C000010E - driver not loaded
23:09:41.494 AVAST engine defs: 12022001
.
0 -
thanks .. retried it all ways including disabling the sandbox but still comes out the same0
-
Try something else - I take it you are still being redirected?
Download Roguekiller & save it your desktop.
http://tigzy.geekstogo.com/Tools/RogueKiller.exe- Right click RogueKiller.exe & choose Run as administrator
- In the status box, wait for the pre scan to finish, then click scan under options
- When you see scan finished in the status box, click report under options
- Notepad will open, post that report
0 -
Thanks a lot, no I am not still being redirected but ran it anyway:
¤¤¤ Registry Entries: 2 ¤¤¤
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
¤¤¤ Particular Files / Folders: ¤¤¤
¤¤¤ Driver: [NOT LOADED] ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: WDC WD5000BEVT-24A0RT0 +++++
--- User ---
[MBR] 7045c26488ae1e5a7b505ede18c0ded5
[BSP] d8d17b4816a923bed68e68dc7c256477 : Windows 7 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 200 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 411648 | Size: 430657 Mo
2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 882397568 | Size: 30973 Mo
3 - [XXXXXX] COMPAQ (0x12) [VISIBLE] Offset (sectors): 945830272 | Size: 15108 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Finished : << RKreport[1].txt >>
RKreport[1].txt0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 351.1K Banking & Borrowing
- 253.2K Reduce Debt & Boost Income
- 453.6K Spending & Discounts
- 244.1K Work, Benefits & Business
- 599.1K Mortgages, Homes & Bills
- 177K Life & Family
- 257.4K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.1K Discuss & Feedback
- 37.6K Read-Only Boards