📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!

plusnetwork.com

Options
Help, my browser (IE or Google Crome) keeps redirecting itself to this browser, quick look online it seems bad news cant get rid of it!

Currently have Windows 7, IE, Avast Free and do weekly checks with Spybot,Malwarebytes and CC Cleaner and only use very limited number of websites so why??

Any thoughts on how to get rid of it?
«1

Comments

  • m5rcc
    m5rcc Posts: 1,544 Forumite
    Part of the Furniture 1,000 Posts Combo Breaker
    Use CCLeaner to remove the program
  • Lleucu
    Lleucu Posts: 334 Forumite
    I've been Money Tipped!
    Thanks/diolch, have run it so will see if the horrible thing goes away.:T
  • waddler_8
    waddler_8 Posts: 3,588 Forumite
    You've possibly picked up some malware. Download DDS from the link below and save it to your desktop:

    Link

    After you've downloaded it and saved it to your desktop:
    • Double click DDS to run it.
    • When it's finished, DDS will open two logs:
    1. DDS.txt
    2. Attach.txt
    Save both reports to your desktop.

    Copy & paste the contents of just DDS.txt for now and post it here (you may need to split the log over separate posts)
  • Lleucu
    Lleucu Posts: 334 Forumite
    I've been Money Tipped!
    Thanks, here it is:

    vast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
    SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    ============== Running Processes ===============
    .
    C:\windows\system32\wininit.exe
    C:\windows\system32\lsm.exe
    C:\windows\system32\svchost.exe -k DcomLaunch
    C:\windows\system32\svchost.exe -k RPCSS
    C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\windows\system32\svchost.exe -k netsvcs
    C:\windows\system32\svchost.exe -k LocalService
    C:\windows\system32\svchost.exe -k NetworkService
    C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    C:\windows\system32\WLANExt.exe
    C:\windows\system32\conhost.exe
    C:\windows\System32\spoolsv.exe
    C:\windows\system32\taskhost.exe
    C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
    C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
    C:\windows\system32\Dwm.exe
    C:\windows\Explorer.EXE
    C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    C:\Windows\System32\igfxtray.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\igfxpers.exe
    C:\windows\system32\igfxsrvc.exe
    C:\Program Files\Conexant\SAII\SmartAudio.exe
    C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
    C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
    C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
    C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
    C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
    C:\Program Files (x86)\Ask.com\Updater\Updater.exe
    C:\Program Files\AVAST Software\Avast\AvastUI.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\ProgramData\bProtector\bProtect.exe
    C:\ProgramData\bProtector\bProtect.exe
    C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
    C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
    C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe
    C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files (x86)\BBC iPlayer Desktop\BBC iPlayer Desktop.exe
    C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
    C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\windows\system32\wbem\wmiprvse.exe
    C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
    C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
    C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    C:\windows\system32\svchost.exe -k imgsvc
    C:\windows\system32\SearchIndexer.exe
    C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    C:\windows\System32\svchost.exe -k secsvcs
    C:\windows\system32\DllHost.exe
    C:\windows\splwow64.exe
    C:\windows\SysWOW64\Macromed\Flash\FlashUtil11e_ActiveX.exe
    C:\windows\system32\taskeng.exe
    C:\windows\system32\taskeng.exe
    C:\windows\system32\taskeng.exe
    C:\windows\system32\wuauclt.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\windows\system32\taskhost.exe
    C:\windows\SysWOW64\cmd.exe
    C:\windows\system32\conhost.exe
    C:\windows\SysWOW64\cscript.exe
    C:\windows\system32\wbem\wmiprvse.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.bbc.co.uk/
    uSearch Page = hxxp://www.google.com
    uSearch Bar = hxxp://www.google.com/ie
    uDefault_Search_URL = hxxp://www.google.com/ie
    uSearchAssistant = hxxp://www.google.com/ie
    uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
    uURLSearchHooks: H - No File
    uURLSearchHooks: H - No File
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
    BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
    BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll
    BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - No File
    TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
    TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
    TB: {F897EB0E-A3A4-46C3-80EB-2729699D8892} - No File
    uRun: [SpybotSD TeaTimer] "C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe"
    uRun: [Google Update] "C:\Users\adarynefoedd\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    uRun: [EPSON6A2DAB (Epson Stylus SX525WD)] "C:\windows\system32\spool\DRIVERS\x64\3\E_IATIGAE.EXE" /FU "C:\windows\TEMP\E_S9894.tmp" /EF "HKCU"
    uRun: [Epson Stylus SX525WD(Network)] C:\windows\system32\spool\DRIVERS\x64\3\E_IATIGAE.EXE /FU "C:\windows\TEMP\E_S8CE5.tmp" /EF "HKCU"
    uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    uRun: [EPSON SX525WD Series] C:\windows\system32\spool\DRIVERS\x64\3\E_IATIGAE.EXE /FU "C:\windows\TEMP\E_S71D5.tmp" /EF "HKCU"
    mRun: [VeriFaceManager] "C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe"
    mRun: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
    mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
    mRun: [RIMBBLaunchAgent.exe] "C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe"
    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
    mRun: [<NO NAME>]
    mRun: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
    mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
    mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
    dRunOnce: [WLStart] "C:\Program Files (x86)\Windows Live\Installer\wlstart.exe" /nosearch /nohomepage
    StartupFolder: C:\Users\ADARYN~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\BBCIPL~1.LNK - C:\Program Files (x86)\BBC iPlayer Desktop\BBC iPlayer Desktop.exe
    StartupFolder: C:\Users\ADARYN~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MICROS~1.LNK - C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE
    uPolicies-explorer: NoViewOnDrive = 0 (0x0)
    uPolicies-explorer: NoDevMgrUpdate = 0 (0x0)
    uPolicies-explorer: NoWindowsUpdate = 0 (0x0)
    uPolicies-system: NoDispAppearancePage = 0 (0x0)
    uPolicies-system: NoDispSettingsPage = 0 (0x0)
    mPolicies-explorer: NoActiveDesktop = 1 (0x1)
    mPolicies-explorer: NoViewOnDrive = 0 (0x0)
    mPolicies-explorer: NoDevMgrUpdate = 0 (0x0)
    mPolicies-explorer: NoWindowsUpdate = 0 (0x0)
    mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    mPolicies-system: NoDispAppearancePage = 0 (0x0)
    mPolicies-system: NoDispSettingsPage = 0 (0x0)
    dPolicies-explorer: NoViewOnDrive = 0 (0x0)
    dPolicies-explorer: NoDevMgrUpdate = 0 (0x0)
    dPolicies-explorer: NoWindowsUpdate = 0 (0x0)
    dPolicies-system: NoDispAppearancePage = 0 (0x0)
    dPolicies-system: NoDispSettingsPage = 0 (0x0)
    IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
    IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
    DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab
    DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    TCP: DhcpNameServer = 192.168.1.254
    TCP: Interfaces\{404539EF-4DDF-4642-904B-149E6E72EEDB} : DhcpNameServer = 192.168.1.254
    TCP: Interfaces\{404539EF-4DDF-4642-904B-149E6E72EEDB}\0756E62786F637F6574746F6F627 : DhcpNameServer = 192.168.2.245
    TCP: Interfaces\{404539EF-4DDF-4642-904B-149E6E72EEDB}\244564F4E4 : DhcpNameServer = 192.168.22.22 192.168.22.23
    TCP: Interfaces\{404539EF-4DDF-4642-904B-149E6E72EEDB}\244584F6D656845726D214231393 : DhcpNameServer = 192.168.1.254
    TCP: Interfaces\{404539EF-4DDF-4642-904B-149E6E72EEDB}\2445F40756E6A7F6E656 : DhcpNameServer = 192.168.22.22 192.168.22.23
    TCP: Interfaces\{404539EF-4DDF-4642-904B-149E6E72EEDB}\2456C6B696E6F5239373433324 : DhcpNameServer = 192.168.2.1
    Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\microsoft shared\Web Folders\PKMCDO.DLL
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    AppInit_DLLs: protector.dll
    BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO-X64: AcroIEHelperStub - No File
    BHO-X64: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
    BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
    BHO-X64: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    BHO-X64: Search Helper - No File
    BHO-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll
    BHO-X64: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - No File
    TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
    TB-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
    TB-X64: {F897EB0E-A3A4-46C3-80EB-2729699D8892} - No File
    mRun-x64: [VeriFaceManager] "C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe"
    mRun-x64: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
    mRun-x64: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
    mRun-x64: [RIMBBLaunchAgent.exe] "C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe"
    mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun-x64: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
    mRun-x64: [(Default)]
    mRun-x64: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
    mRun-x64: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
    mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
    AppInit_DLLs-X64: protector.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R1 aswSnx;aswSnx;C:\windows\system32\drivers\aswSnx.sys --> C:\windows\system32\drivers\aswSnx.sys [?]
    R1 aswSP;aswSP;C:\windows\system32\drivers\aswSP.sys --> C:\windows\system32\drivers\aswSP.sys [?]
    R1 funfrm;funfrm;C:\windows\system32\drivers\funfrm.sys --> C:\windows\system32\drivers\funfrm.sys [?]
    R1 vwififlt;Virtual WiFi Filter Driver;C:\windows\system32\DRIVERS\vwififlt.sys --> C:\windows\system32\DRIVERS\vwififlt.sys [?]
    R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-5-14 759048]
    R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 64952]
    R2 aswFsBlk;aswFsBlk;C:\windows\system32\drivers\aswFsBlk.sys --> C:\windows\system32\drivers\aswFsBlk.sys [?]
    R2 aswMonFlt;aswMonFlt;\??\C:\windows\system32\drivers\aswMonFlt.sys --> C:\windows\system32\drivers\aswMonFlt.sys [?]
    R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-1-1 44768]
    R2 bProtector;bProtector;C:\ProgramData\bProtector\bProtect.exe [2012-1-2 803328]
    R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2010-10-20 821664]
    R2 EPSON_EB_RPCV4_04;EPSON V5 Service4(04);C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE [2011-12-6 166400]
    R2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04);C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [2011-12-6 128512]
    R2 IGRS;IGRS;C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe [2009-7-14 38152]
    R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-2-11 652360]
    R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2011-10-23 1153368]
    R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2010-9-14 508264]
    R3 ACPIVPC;Lenovo Virtual Power Controller Driver;C:\windows\system32\DRIVERS\AcpiVpc.sys --> C:\windows\system32\DRIVERS\AcpiVpc.sys [?]
    R3 MBAMProtector;MBAMProtector;\??\C:\windows\system32\drivers\mbam.sys --> C:\windows\system32\drivers\mbam.sys [?]
    R3 Sftfs;Sftfs;C:\windows\system32\DRIVERS\Sftfslh.sys --> C:\windows\system32\DRIVERS\Sftfslh.sys [?]
    R3 Sftplay;Sftplay;C:\windows\system32\DRIVERS\Sftplaylh.sys --> C:\windows\system32\DRIVERS\Sftplaylh.sys [?]
    R3 Sftredir;Sftredir;C:\windows\system32\DRIVERS\Sftredirlh.sys --> C:\windows\system32\DRIVERS\Sftredirlh.sys [?]
    R3 Sftvol;Sftvol;C:\windows\system32\DRIVERS\Sftvollh.sys --> C:\windows\system32\DRIVERS\Sftvollh.sys [?]
    R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2010-9-14 219496]
    R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\windows\system32\DRIVERS\vwifimp.sys --> C:\windows\system32\DRIVERS\vwifimp.sys [?]
    R3 wdmirror;wdmirror;C:\windows\system32\DRIVERS\WDMirror.sys --> C:\windows\system32\DRIVERS\WDMirror.sys [?]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-2-12 136176]
    S2 ReadyComm.DirectRouter;ReadyComm.DirectRouter;C:\windows\System32\IgrsSvcs.exe -k IgrsSvcs --> C:\windows\System32\IgrsSvcs.exe -k IgrsSvcs [?]
    S3 Bridge0;Bridge0;C:\windows\system32\drivers\WDBridge.sys --> C:\windows\system32\drivers\WDBridge.sys [?]
    S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-2-12 136176]
    S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;C:\windows\system32\DRIVERS\k57nd60a.sys --> C:\windows\system32\DRIVERS\k57nd60a.sys [?]
    S3 Lenovo ReadyComm AppSvc;Lenovo ReadyComm AppSvc;C:\Program Files\Lenovo\ReadyComm\AppSvc.exe [2010-5-30 509192]
    S3 Lenovo ReadyComm ConnSvc;Lenovo ReadyComm ConnSvc;C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe [2010-5-30 579400]
    S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\windows\system32\DRIVERS\netw5v64.sys --> C:\windows\system32\DRIVERS\netw5v64.sys [?]
    S3 osppsvc;Office Software Protection Platform;"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE" --> C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [?]
    S3 PS_MDP;ReadyComm Presentation Space Helper Service;C:\windows\System32\IgrsSvcs.exe -k IgrsSvcs --> C:\windows\System32\IgrsSvcs.exe -k IgrsSvcs [?]
    S3 TsUsbFlt;TsUsbFlt;C:\windows\system32\drivers\tsusbflt.sys --> C:\windows\system32\drivers\tsusbflt.sys [?]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\system32\Wat\WatAdminSvc.exe --> C:\windows\system32\Wat\WatAdminSvc.exe [?]
    S3 WSDPrintDevice;WSD Print Support via UMB;C:\windows\system32\DRIVERS\WSDPrint.sys --> C:\windows\system32\DRIVERS\WSDPrint.sys [?]
    S3 WSDScan;WSD Scan Support via UMB;C:\windows\system32\DRIVERS\WSDScan.sys --> C:\windows\system32\DRIVERS\WSDScan.sys [?]
    S3 wsvd;wsvd;C:\windows\system32\DRIVERS\wsvd.sys --> C:\windows\system32\DRIVERS\wsvd.sys [?]
    .
    =============== File Associations ===============
    .
    inffile=%SystemRoot%\SysWow64\NOTEPAD.EXE %1
    inifile=%SystemRoot%\SysWow64\NOTEPAD.EXE %1
    JSEFile="%SystemRoot%\System32\WScript.exe" "%1" %*
    txtfile=%SystemRoot%\SysWow64\NOTEPAD.EXE %1
    .
    =============== Created Last 30 ================
    .
    2012-02-17 18:49:46 8602168 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C4F211E4-CC3E-44D8-8F1A-91B368F154EC}\mpengine.dll
    2012-01-26 05:14:54 340992 ----a-w- C:\windows\System32\schannel.dll
    .
    ==================== Find3M ====================
    .
    2012-01-27 00:52:58 279656
    w- C:\windows\System32\MpSigStub.exe
    2012-01-14 04:06:27 3145728 ----a-w- C:\windows\System32\win32k.sys
    2012-01-04 10:44:20 509952 ----a-w- C:\windows\System32\ntshrui.dll
    2012-01-04 08:58:41 442880 ----a-w- C:\windows\SysWow64\ntshrui.dll
    2012-01-02 12:04:53 748544 ----a-w- C:\windows\SysWow64\protector.dll
    2012-01-02 09:26:41 748544 ----a-w- C:\windows\SysWow64\protector.dll.tmp
    2011-12-30 06:26:08 515584 ----a-w- C:\windows\System32\timedate.cpl
    2011-12-30 05:27:56 478720 ----a-w- C:\windows\SysWow64\timedate.cpl
    2011-12-29 20:18:40 138471 ----a-w- C:\InformationalData.tmp
    2011-12-29 20:18:39 9587 ----a-w- C:\DetectionData.tmp
    2011-12-28 03:59:24 498688 ----a-w- C:\windows\System32\drivers\afd.sys
    2011-12-16 08:47:38 1188864 ----a-w- C:\windows\System32\wininet.dll
    2011-12-16 08:46:06 634880 ----a-w- C:\windows\System32\msvcrt.dll
    2011-12-16 07:54:22 981504 ----a-w- C:\windows\SysWow64\wininet.dll
    2011-12-16 07:52:58 690688 ----a-w- C:\windows\SysWow64\msvcrt.dll
    2011-12-16 06:44:38 1638912 ----a-w- C:\windows\System32\mshtml.tlb
    2011-12-16 06:09:17 1638912 ----a-w- C:\windows\SysWow64\mshtml.tlb
    2011-12-10 15:24:08 23152 ----a-w- C:\windows\System32\drivers\mbam.sys
    2011-12-04 22:34:37 414368 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2011-12-02 18:04:24 19000 ----a-w- C:\windows\System32\roboot64.exe
    2011-11-28 18:01:25 41184 ----a-w- C:\windows\avastSS.scr
    2011-11-28 17:54:06 591192 ----a-w- C:\windows\System32\drivers\aswSnx.sys
    2011-11-28 17:52:11 66904 ----a-w- C:\windows\System32\drivers\aswMonFlt.sys
    .
    ============= FINISH: 22:48:08.70 ===============
  • waddler_8
    waddler_8 Posts: 3,588 Forumite
    download this and save it to your desktop.

    http://public.avast.com/~gmerek/aswMBR.exe

    When you've downloaded it...
    • Double click aswMBR.exe to run it (XP), or right click & choose "Run as Administrator" (Vista, Win7)
    • With the AVscan set to Quick Scan, click the Scan button.

    • When the scan reports "Scan finished successfully", click Save log & save the log to your desktop.
    • Click OK when prompted. aswMBR.txt & MBR.dat will be appear on your desktop.
    • Click EXIT.
    • Copy & paste the contents of aswMBR.txt & post it here.
    Don't click to fix anything yet, just post the log.
  • Lleucu
    Lleucu Posts: 334 Forumite
    I've been Money Tipped!
    aswMBR version 0.9.9.1618 Copyright(c) 2011 AVAST Software
    Run date: 2012-02-20 23:09:40
    23:09:40.389 OS Version: Windows x64 6.1.7601 Service Pack 1
    23:09:40.389 Number of processors: 2 586 0x170A
    23:09:40.391 ComputerName: ADARYNEFOEDD-PC UserName: adarynefoedd
    23:09:41.379 Initialze error C000010E - driver not loaded
    23:09:41.494 AVAST engine defs: 12022001
    23:09:59.489 Service scanning
    23:10:34.667 Modules scanning
    23:10:34.672 Disk 0 trace - called modules:
    23:10:34.677
    23:10:35.772 AVAST engine scan C:\windows
    23:10:37.997 AVAST engine scan C:\windows\system32
    23:13:03.207 AVAST engine scan C:\windows\system32\drivers
    23:13:14.375 AVAST engine scan C:\Users\adarynefoedd
    23:14:52.200 The log file has been saved successfully to "C:\Users\adarynefoedd\Desktop\aswMBR.txt"

    aswMBR version 0.9.9.1618 Copyright(c) 2011 AVAST Software
    Run date: 2012-02-20 23:09:40
    23:09:40.389 OS Version: Windows x64 6.1.7601 Service Pack 1
    23:09:40.389 Number of processors: 2 586 0x170A
    23:09:40.391 ComputerName: ADARYNEFOEDD-PC UserName: adarynefoedd
    23:09:41.379 Initialze error C000010E - driver not loaded
    23:09:41.494 AVAST engine defs: 12022001
    23:09:59.489 Service scanning
    23:10:34.667 Modules scanning
    23:10:34.672 Disk 0 trace - called modules:
    23:10:34.677
    23:10:35.772 AVAST engine scan C:\windows
    23:10:37.997 AVAST engine scan C:\windows\system32
    23:13:03.207 AVAST engine scan C:\windows\system32\drivers
    23:13:14.375 AVAST engine scan C:\Users\adarynefoedd
    23:14:52.200 The log file has been saved successfully to "C:\Users\adarynefoedd\Desktop\aswMBR.txt"
    23:17:11.652 AVAST engine scan C:\ProgramData
    23:18:36.654 Scan finished successfully
    23:19:29.965 The log file has been saved successfully to "C:\Users\adarynefoedd\Desktop\aswMBR.txt"
  • waddler_8
    waddler_8 Posts: 3,588 Forumite
    edited 21 February 2012 at 12:39AM
    Are you running it in Avast's sandbox?
    aswMBR version 0.9.9.1618 Copyright(c) 2011 AVAST Software
    Run date: 2012-02-20 23:09:40
    23:09:40.389 OS Version: Windows x64 6.1.7601 Service Pack 1
    23:09:40.389 Number of processors: 2 586 0x170A
    23:09:40.391 ComputerName: ADARYNEFOEDD-PC UserName: adarynefoedd
    23:09:41.379 Initialze error C000010E - driver not loaded
    23:09:41.494 AVAST engine defs: 12022001
    Try it again, the driver needs to load - you should see: Initialize success

    .
  • Lleucu
    Lleucu Posts: 334 Forumite
    I've been Money Tipped!
    thanks .. retried it all ways including disabling the sandbox but still comes out the same
  • waddler_8
    waddler_8 Posts: 3,588 Forumite
    Try something else - I take it you are still being redirected?

    Download Roguekiller & save it your desktop.

    http://tigzy.geekstogo.com/Tools/RogueKiller.exe

    • Right click RogueKiller.exe & choose Run as administrator
    • In the status box, wait for the pre scan to finish, then click scan under options
    • When you see scan finished in the status box, click report under options
    • Notepad will open, post that report
  • Lleucu
    Lleucu Posts: 334 Forumite
    I've been Money Tipped!
    Thanks a lot, no I am not still being redirected but ran it anyway:

    ¤¤¤ Registry Entries: 2 ¤¤¤
    [HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
    [HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
    ¤¤¤ Particular Files / Folders: ¤¤¤
    ¤¤¤ Driver: [NOT LOADED] ¤¤¤
    ¤¤¤ Infection : ¤¤¤
    ¤¤¤ HOSTS File: ¤¤¤

    ¤¤¤ MBR Check: ¤¤¤
    +++++ PhysicalDrive0: WDC WD5000BEVT-24A0RT0 +++++
    --- User ---
    [MBR] 7045c26488ae1e5a7b505ede18c0ded5
    [BSP] d8d17b4816a923bed68e68dc7c256477 : Windows 7 MBR Code
    Partition table:
    0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 200 Mo
    1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 411648 | Size: 430657 Mo
    2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 882397568 | Size: 30973 Mo
    3 - [XXXXXX] COMPAQ (0x12) [VISIBLE] Offset (sectors): 945830272 | Size: 15108 Mo
    User = LL1 ... OK!
    User = LL2 ... OK!
    Finished : << RKreport[1].txt >>
    RKreport[1].txt
This discussion has been closed.
Meet your Ambassadors

🚀 Getting Started

Hi new member!

Our Getting Started Guide will help you get the most out of the Forum

Categories

  • All Categories
  • 351.1K Banking & Borrowing
  • 253.2K Reduce Debt & Boost Income
  • 453.6K Spending & Discounts
  • 244.1K Work, Benefits & Business
  • 599.1K Mortgages, Homes & Bills
  • 177K Life & Family
  • 257.4K Travel & Transport
  • 1.5M Hobbies & Leisure
  • 16.1K Discuss & Feedback
  • 37.6K Read-Only Boards

Is this how you want to be seen?

We see you are using a default avatar. It takes only a few seconds to pick a picture.