Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Google redirect malware

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Google redirect malware

Unread postby flashwaawoo » July 1st, 2011, 5:32 am

I get redirected to other websites after searching google using firefox and chrome. I keep getting indicating from AVG that I have viruses and trojans. AVG isn't able to remove them. I am not able to start Windows Security Essentials. I also am not able to turn Windows Security Center. The internet runs very slowly.
Thanks for the help in advance.

.
DDS (Ver_2011-06-23.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_26
Run by Laptop at 21:18:33 on 2011-07-01
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.64.1033.18.8106.5993 [GMT 12:00]
.
AV: AVG Internet Security *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Internet Security *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG10\avgchsva.exe
C:\PROGRA~2\AVG\AVG10\avgrsa.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
C:\Program Files (x86)\AVG\AVG10\avgfws.exe
C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\rundll32.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\AVG\AVG10\avgam.exe
C:\Program Files (x86)\AVG\AVG10\avgnsa.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
C:\Program Files\Cypress\TrackPad\CyCpIo.exe
C:\Program Files\Cypress\TrackPad\CyHidWin.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
C:\Program Files (x86)\Acronis\OnlineBackupStandalone\TrueImageMonitor.exe
C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files (x86)\AVG\AVG10\avgtray.exe
C:\Users\Laptop\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Roxio\OEM\Roxio Burn\Roxio Burn.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files (x86)\AVG\AVG10\avgcsrva.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\DllHost.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www1.ap.dell.com/content/default ... l=en&s=gen
uDefault_Page_URL = hxxp://www1.ap.dell.com/content/default ... l=en&s=gen
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll
BHO: PodcastBHO Class: {65134fdf-f8a5-4b3d-91d9-cdf273cfd578} - C:\Program Files (x86)\Common Files\doubleTwist\IEPodcastPlugin.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
uRun: [KiesHelper] C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe /s
uRun: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
uRun: [4ECYTQ9SIC] C:\Users\Laptop\AppData\Local\Temp\Jjg.exe
uRun: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun: [FAStartup]
mRun: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
mRun: [SAOB Monitor] C:\Program Files (x86)\Acronis\OnlineBackupStandalone\TrueImageMonitor.exe
mRun: [TrueImageMonitor.exe] "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun: [RAMDrive] "C:\Program Files (x86)\FarStone\VirtualDrive\VHD\RDTask.exe"
mRun: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe
StartupFolder: C:\Users\Laptop\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Laptop\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\Users\Laptop\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\GPADSE~1.LNK - C:\Program Files (x86)\gPadServer\gPadServer.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: EnableLinkedConnections = 1 (0x1)
IE: Add to Google Photos Screensa&ver - C:\Windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
TCP: DhcpNameServer = 10.0.1.1
TCP: Interfaces\{E28B210F-1E3D-45CB-B6F3-98DF8E6D5E05} : DhcpNameServer = 10.0.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll
BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File
BHO-X64: PodcastBHO Class: {65134FDF-F8A5-4B3D-91D9-CDF273CFD578} - C:\Program Files (x86)\Common Files\doubleTwist\IEPodcastPlugin.dll
BHO-X64: dTPodcastBHO - No File
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO-X64: SkypeIEPluginBHO - No File
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
BHO-X64: URLRedirectionBHO - No File
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun-x64: [FAStartup]
mRun-x64: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
mRun-x64: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
mRun-x64: [SAOB Monitor] C:\Program Files (x86)\Acronis\OnlineBackupStandalone\TrueImageMonitor.exe
mRun-x64: [TrueImageMonitor.exe] "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
mRun-x64: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun-x64: [RAMDrive] "C:\Program Files (x86)\FarStone\VirtualDrive\VHD\RDTask.exe"
mRun-x64: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Laptop\AppData\Roaming\Mozilla\Firefox\Profiles\cblbq9yv.default\
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Common Files\doubleTwist\NPPodcast.dll
FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSEH;AVGIDSEH;C:\Windows\system32\DRIVERS\AVGIDSEH.Sys --> C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [?]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?]
R0 nvpciflt;nvpciflt;C:\Windows\system32\DRIVERS\nvpciflt.sys --> C:\Windows\system32\DRIVERS\nvpciflt.sys [?]
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R0 stdcfltn;Disk Class Filter Driver for Accelerometer;C:\Windows\system32\DRIVERS\stdcfltn.sys --> C:\Windows\system32\DRIVERS\stdcfltn.sys [?]
R0 tdrpman273;Acronis Try&Decide and Restore Points filter (build 273);C:\Windows\system32\DRIVERS\tdrpm273.sys --> C:\Windows\system32\DRIVERS\tdrpm273.sys [?]
R1 Avgfwfd;AVG network filter service;C:\Windows\system32\DRIVERS\avgfwd6a.sys --> C:\Windows\system32\DRIVERS\avgfwd6a.sys [?]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?]
R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys --> C:\Windows\system32\DRIVERS\dtsoftbus01.sys [?]
R1 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2011-6-11 98208]
R2 afcdpsrv;Acronis Nonstop Backup service;C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2011-6-24 3975088]
R2 avgfws;AVG Firewall;C:\Program Files (x86)\AVG\AVG10\avgfws.exe [2011-3-9 2708024]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2011-4-18 7398752]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe [2011-2-8 269520]
R2 iPodDrv;iPodDrv;\??\C:\Windows\system32\drivers\iPodDrv.sys --> C:\Windows\system32\drivers\iPodDrv.sys [?]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-12-24 378984]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\system32\DRIVERS\TurboB.sys --> C:\Windows\system32\DRIVERS\TurboB.sys [?]
R3 Acceler;Accelerometer Service;C:\Windows\system32\DRIVERS\Accelern.sys --> C:\Windows\system32\DRIVERS\Accelern.sys [?]
R3 afcdp;afcdp;C:\Windows\system32\DRIVERS\afcdp.sys --> C:\Windows\system32\DRIVERS\afcdp.sys [?]
R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys --> C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [?]
R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys --> C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [?]
R3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\system32\DRIVERS\btmaux.sys --> C:\Windows\system32\DRIVERS\btmaux.sys [?]
R3 btmhsf;btmhsf;C:\Windows\system32\DRIVERS\btmhsf.sys --> C:\Windows\system32\DRIVERS\btmhsf.sys [?]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\system32\DRIVERS\CtClsFlt.sys --> C:\Windows\system32\DRIVERS\CtClsFlt.sys [?]
R3 cyhid;Cypress Input Device;C:\Windows\system32\DRIVERS\cyhid.sys --> C:\Windows\system32\DRIVERS\cyhid.sys [?]
R3 cykbfltrService;Cypress Keyboard Filter Driver;C:\Windows\system32\DRIVERS\cykbfltr.sys --> C:\Windows\system32\DRIVERS\cykbfltr.sys [?]
R3 cymfltrService;Cypress Trackpad Filter Driver;C:\Windows\system32\DRIVERS\cymfltr.sys --> C:\Windows\system32\DRIVERS\cymfltr.sys [?]
R3 iBtFltCoex;iBtFltCoex;C:\Windows\system32\DRIVERS\iBtFltCoex.sys --> C:\Windows\system32\DRIVERS\iBtFltCoex.sys [?]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\system32\DRIVERS\L1C62x64.sys --> C:\Windows\system32\DRIVERS\L1C62x64.sys [?]
R3 MEIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETwNs64.sys --> C:\Windows\system32\DRIVERS\NETwNs64.sys [?]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\nusb3hub.sys --> C:\Windows\system32\DRIVERS\nusb3hub.sys [?]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\nusb3xhc.sys --> C:\Windows\system32\DRIVERS\nusb3xhc.sys [?]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
R3 wdkmd;Intel WiDi KMD;C:\Windows\system32\DRIVERS\WDKMD.sys --> C:\Windows\system32\DRIVERS\WDKMD.sys [?]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;"C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe" --> C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-19 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-19 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-6-24 136176]
S2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-6-11 1997416]
S2 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]
S2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-6-11 2656280]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;C:\Windows\system32\Drivers\ssadadb.sys --> C:\Windows\system32\Drivers\ssadadb.sys [?]
S3 FACAP;facap, FastAccess Video Capture;C:\Windows\system32\DRIVERS\facap.sys --> C:\Windows\system32\DRIVERS\facap.sys [?]
S3 Impcd;Impcd;C:\Windows\system32\drivers\Impcd.sys --> C:\Windows\system32\drivers\Impcd.sys [?]
S3 MEMSWEEP2;MEMSWEEP2;\??\C:\Windows\system32\9AAA.tmp --> C:\Windows\system32\9AAA.tmp [?]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-3-25 30969208]
S3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\system32\DRIVERS\MpNWMon.sys --> C:\Windows\system32\DRIVERS\MpNWMon.sys [?]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2010-12-18 340240]
S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]
S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-4-27 288272]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 RoxMediaDB12OEM;RoxMediaDB12OEM;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\Windows\system32\DRIVERS\ssadbus.sys --> C:\Windows\system32\DRIVERS\ssadbus.sys [?]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\Windows\system32\DRIVERS\ssadmdfl.sys --> C:\Windows\system32\DRIVERS\ssadmdfl.sys [?]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\Windows\system32\DRIVERS\ssadmdm.sys --> C:\Windows\system32\DRIVERS\ssadmdm.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]
S3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-30 149504]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2011-07-01 08:54:47 6144 ------w- C:\Windows\System32\9AAA.tmp
2011-07-01 08:53:58 6144 ------w- C:\Windows\System32\DBFC.tmp
2011-07-01 08:53:50 -------- d-----w- C:\Program Files (x86)\Sophos
2011-07-01 08:42:44 -------- d-----w- C:\Users\Laptop\AppData\Roaming\AVG10
2011-07-01 08:41:41 -------- d-----w- C:\Windows\System32\drivers\AVG
2011-07-01 08:41:41 -------- d-----w- C:\ProgramData\AVG10
2011-07-01 08:26:08 -------- d-----w- C:\Users\Laptop\AppData\Local\Diagnostics
2011-07-01 08:21:11 -------- d-----w- C:\Users\Laptop\AppData\Roaming\Malwarebytes
2011-07-01 08:21:05 39984 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
2011-07-01 08:21:05 -------- d-----w- C:\ProgramData\Malwarebytes
2011-07-01 08:21:02 25912 ----a-w- C:\Windows\System32\drivers\mbam.sys
2011-07-01 08:21:02 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-07-01 07:44:19 -------- d-----w- C:\ProgramData\MFAData
2011-07-01 07:39:27 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client
2011-07-01 07:39:02 -------- d-----w- C:\Program Files\Microsoft Security Client
2011-06-26 04:15:50 2784600 ----a-w- C:\Windows\System32\auto_reactivate.exe
2011-06-26 04:00:09 -------- d-----w- C:\Users\Laptop\AppData\Roaming\Reallusion
2011-06-26 03:44:36 272448 ----a-w- C:\Windows\System32\drivers\dtsoftbus01.sys
2011-06-26 03:44:32 -------- d-----w- C:\Program Files (x86)\DAEMON Tools Pro
2011-06-26 03:38:50 -------- d-----w- C:\Users\Laptop\AppData\Local\{DCE6C8D1-FC3B-4B74-B613-891B0D6D2B5E}
2011-06-26 03:19:45 133120 ----a-w- C:\Windows\Jlasea.exe
2011-06-26 03:19:36 106496 --sha-r- C:\Windows\SysWow64\dxgiz.dll
2011-06-26 02:54:57 -------- d-----w- C:\Users\Laptop\AppData\Roaming\DAEMON Tools Pro
2011-06-26 02:54:57 -------- d-----w- C:\ProgramData\DAEMON Tools Pro
2011-06-26 01:24:07 -------- d-----w- C:\Program Files\Dameon
2011-06-26 01:00:38 -------- d-----w- C:\Users\Laptop\AppData\Roaming\PCDr
2011-06-26 01:00:04 -------- d-----w- C:\ProgramData\PCDr
2011-06-26 00:37:13 -------- d-----w- C:\Program Files (x86)\Microsoft Games
2011-06-26 00:29:14 867064 ----a-w- C:\Windows\System32\drivers\sptd.sys
2011-06-26 00:25:27 91568 ----a-w- C:\Windows\System32\drivers\scdemu.sys
2011-06-26 00:25:27 -------- d-----w- C:\Program Files (x86)\PowerISO
2011-06-26 00:15:13 255552 ----a-w- C:\Windows\System32\drivers\mcdbus.sys
2011-06-26 00:08:16 -------- d-----w- C:\Program Files (x86)\MagicISO
2011-06-26 00:03:34 -------- d-----w- C:\ProgramData\farstone
2011-06-26 00:02:41 -------- d-----w- C:\Users\Laptop\AppData\Roaming\FarStone
2011-06-26 00:00:03 254224 ----a-w- C:\Windows\SysWow64\drmclien.dll
2011-06-25 23:58:15 81920 ----a-w- C:\Windows\VPLAY801.EXE
2011-06-25 23:58:13 81424 ----a-w- C:\Windows\System32\drivers\FVXSCSI.SYS
2011-06-25 23:58:10 21784 ----a-w- C:\Windows\System32\drivers\FCDABUS.SYS
2011-06-25 23:57:12 36864 ------w- C:\Windows\SysWow64\unVHDDrvExe.exe
2011-06-25 23:57:12 32768 ------w- C:\Windows\SysWow64\inVHDDrvExe.exe
2011-06-25 02:13:47 -------- d--h--w- C:\ProgramData\Common Files
2011-06-25 01:01:14 -------- d-----w- C:\Users\Laptop\AppData\Roaming\SPORE
2011-06-25 00:34:44 1240 ----a-w- C:\Windows\SysWow64\ealregsnapshot1.reg
2011-06-25 00:23:43 -------- d-----w- C:\Users\Laptop\AppData\Local\Adobe
2011-06-25 00:18:37 -------- d-----w- C:\Users\Laptop\AppData\Roaming\Roxio Burn
2011-06-25 00:11:53 967 ----a-w- C:\Windows\ScUnin.pif
2011-06-25 00:11:52 68096 ----a-w- C:\Windows\ScUnin.exe
2011-06-25 00:10:06 -------- d-----w- C:\Program Files\Starcraft
2011-06-25 00:08:49 -------- d-----w- C:\Users\Laptop\AppData\Roaming\Macrovision
2011-06-25 00:07:05 8199504 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2011-06-25 00:07:04 8873296 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{0759AC3A-AEFC-4FC4-8AF2-5B1B709BE266}\mpengine.dll
2011-06-24 23:33:35 -------- d-----w- C:\Windows\SysWow64\drivers\avg
2011-06-24 13:27:56 -------- d-----w- C:\Windows\SysWow64\Wat
2011-06-24 13:27:56 -------- d-----w- C:\Windows\System32\Wat
2011-06-24 12:46:46 -------- d-----w- C:\Program Files (x86)\Microsoft Synchronization Services
2011-06-24 12:45:25 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 8
2011-06-24 10:24:18 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services
2011-06-24 10:23:38 -------- d-----w- C:\Users\Laptop\AppData\Local\Microsoft Help
2011-06-24 10:01:05 -------- d-----w- C:\Users\Laptop\AppData\Local\Microsoft Games
2011-06-24 09:33:01 36328 ----a-w- C:\Windows\System32\drivers\ssadadb.sys
2011-06-24 09:33:01 1917416 ----a-w- C:\Windows\System32\WdfCoInstaller01005.dll
2011-06-24 09:33:01 1917416 ----a-w- C:\Windows\System32\drivers\WdfCoInstaller01005.dll
2011-06-24 09:33:01 177128 ----a-w- C:\Windows\System32\drivers\ssadmdm.sys
2011-06-24 09:33:01 16872 ----a-w- C:\Windows\System32\drivers\ssadmdfl.sys
2011-06-24 09:33:01 157160 ----a-w- C:\Windows\System32\drivers\ssadbus.sys
2011-06-24 09:33:01 13800 ----a-w- C:\Windows\System32\drivers\ssadwhnt.sys
2011-06-24 09:33:01 13800 ----a-w- C:\Windows\System32\drivers\ssadwh.sys
2011-06-24 09:33:01 13288 ----a-w- C:\Windows\System32\drivers\ssadcmnt.sys
2011-06-24 09:33:01 13288 ----a-w- C:\Windows\System32\drivers\ssadcm.sys
2011-06-24 09:31:22 -------- d-----w- C:\Users\Laptop\AppData\Local\Downloaded Installations
2011-06-24 09:17:17 279136 ----a-w- C:\Windows\System32\drivers\afcdp.sys
2011-06-24 09:17:16 1263200 ----a-w- C:\Windows\System32\drivers\tdrpm273.sys
2011-06-24 09:17:15 970336 ----a-w- C:\Windows\System32\drivers\timntr.sys
2011-06-24 09:17:13 277088 ----a-w- C:\Windows\System32\drivers\snapman.sys
2011-06-24 08:22:21 -------- d-----w- C:\Users\Laptop\AppData\Roaming\ODIN
2011-06-24 07:48:53 -------- d-----w- C:\Users\Laptop\AppData\Local\doubleTwist Corporation
2011-06-24 07:48:47 -------- d-----w- C:\Program Files (x86)\Common Files\doubleTwist
2011-06-24 07:48:46 57344 ----a-w- C:\Windows\SysWow64\ff_vfw.dll
2011-06-24 07:48:45 60273 ----a-w- C:\Windows\SysWow64\pthreadGC2.dll
2011-06-24 07:48:45 -------- d-----w- C:\Program Files (x86)\ffdshow
2011-06-24 07:46:29 142336 ----a-w- C:\Windows\System32\poqexec.exe
2011-06-24 07:46:29 123904 ----a-w- C:\Windows\SysWow64\poqexec.exe
2011-06-24 07:44:32 31232 ----a-w- C:\Windows\SysWow64\prevhost.exe
2011-06-24 07:44:32 31232 ----a-w- C:\Windows\System32\prevhost.exe
2011-06-24 07:41:23 90624 ----a-w- C:\Windows\System32\drivers\bowser.sys
2011-06-24 07:38:50 -------- d-----w- C:\Program Files (x86)\doubleTwist 2.0
2011-06-24 07:38:26 -------- d-----w- C:\Program Files (x86)\gPadServer
2011-06-24 07:15:16 -------- d--h--w- C:\$AVG
2011-06-24 07:15:07 -------- d-----w- C:\Program Files (x86)\AVG
2011-06-24 07:15:06 -------- d-----w- C:\ProgramData\avg9
2011-06-24 07:07:25 -------- d-----w- C:\Users\Laptop\AppData\Local\Google
2011-06-24 07:04:09 -------- d-----w- C:\Program Files (x86)\VideoLAN
2011-06-24 06:54:11 404640 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-06-24 06:46:29 48648 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2011-06-24 06:37:32 -------- d-----w- C:\Users\Laptop\AppData\Roaming\Dropbox
2011-06-24 06:36:29 -------- d-----w- C:\Users\Laptop\AppData\Local\Intel Wireless Display
2011-06-24 06:32:55 -------- d-----w- C:\Program Files (x86)\uTorrent
2011-06-24 06:32:20 -------- d-----w- C:\Users\Laptop\AppData\Local\uTorrent
2011-06-24 06:32:19 -------- d-----w- C:\Users\Laptop\AppData\Roaming\uTorrent
2011-06-24 06:26:36 -------- d-----w- C:\Program Files (x86)\Dell Touch Software Suite
2011-06-24 06:26:36 -------- d-----w- C:\FIND_EULA_PATH
2011-06-24 06:25:15 -------- d-----w- C:\Users\Laptop\AppData\Local\Dell
2011-06-24 06:24:40 -------- d-----w- C:\Users\Laptop\AppData\Roaming\Dell
2011-06-24 06:24:35 -------- d-----w- C:\Users\Laptop\AppData\Roaming\Dell Touch Zone
2011-06-24 06:24:04 -------- d-----w- C:\Users\Laptop\AppData\Local\VirtualStore
2011-06-24 06:23:54 -------- d-----w- C:\Users\Laptop\AppData\Local\SoftThinks
2011-06-11 03:47:08 -------- d-----w- C:\Windows\System32\SRSLabs
2011-06-11 03:46:51 -------- d-----w- C:\Program Files\Realtek
2011-06-11 03:46:50 -------- d-----w- C:\Windows\SysWow64\RTCOM
2011-06-11 03:46:30 -------- d-----w- C:\ProgramData\NVIDIA Corporation
2011-06-11 03:46:27 -------- d-----w- C:\Program Files\NVIDIA Corporation
2011-06-11 03:46:27 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation
2011-06-11 03:46:21 -------- d-----w- C:\Intel
2011-06-11 03:46:11 21616 ----a-w- C:\Windows\System32\drivers\stdcfltn.sys
2011-06-11 03:43:26 7680 ----a-r- C:\Windows\System32\CyTpCo1.dll
2011-06-11 03:43:26 62464 ----a-r- C:\Windows\System32\drivers\cymfltr.sys
2011-06-11 03:43:22 13312 ----a-r- C:\Windows\System32\drivers\cykbfltr.sys
2011-06-11 03:43:22 -------- d-----w- C:\Program Files\Cypress
2011-06-11 03:43:06 -------- d-----w- C:\Program Files\STMicroelectronics
2011-06-11 03:32:18 -------- d-----w- C:\apps
2011-06-11 03:30:47 317440 ----a-w- C:\Windows\System32\drivers\IntcDAud.sys
2011-06-11 03:29:47 995328 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll
2011-06-11 03:28:58 -------- d-----w- C:\Windows\System32\oem
2011-06-11 03:28:56 -------- d-----w- C:\Drivers
2011-06-11 02:23:06 -------- d-----w- C:\Program Files\dell stage
2011-06-11 02:21:42 -------- d-----w- C:\Program Files (x86)\Microsoft
2011-06-11 02:21:12 -------- d-----w- C:\ProgramData\Uninstall
2011-06-11 02:20:45 -------- d-----w- C:\Program Files (x86)\Common Files\SureThing Shared
2011-06-11 02:20:38 -------- d-----w- C:\ProgramData\PhotoShow Shared Assets
2011-06-11 02:20:37 -------- d-----w- C:\Program Files\Roxio
2011-06-11 02:20:03 55856 ------w- C:\Windows\System32\drivers\PxHlpa64.sys
2011-06-11 02:20:03 10224 ------w- C:\Windows\System32\drivers\cdralw2k.sys
2011-06-11 02:20:03 10224 ------w- C:\Windows\System32\drivers\cdr4_xp.sys
2011-06-11 02:16:39 -------- d-----w- C:\Program Files (x86)\Common Files\mcafee
2011-06-11 02:16:26 -------- d-----w- C:\Program Files\Dell Support Center
2011-06-11 02:15:24 -------- d-----w- C:\Windows\en
2011-06-11 02:15:04 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2011-06-11 02:14:19 -------- d-----w- C:\Windows\PCHEALTH
2011-06-11 02:13:48 69464 ----a-w- C:\Windows\SysWow64\XAPOFX1_3.dll
2011-06-11 02:13:48 515416 ----a-w- C:\Windows\SysWow64\XAudio2_5.dll
2011-06-11 02:13:38 523088 ----a-w- C:\Windows\System32\d3dx10_42.dll
2011-06-11 02:13:23 453456 ----a-w- C:\Windows\SysWow64\d3dx10_42.dll
2011-06-11 02:12:24 4398360 ----a-w- C:\Windows\System32\d3dx9_32.dll
2011-06-11 02:12:24 3426072 ----a-w- C:\Windows\SysWow64\d3dx9_32.dll
2011-06-11 02:10:25 94040 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\b9dab84f1cc27dc04\DSETUP.dll
2011-06-11 02:10:25 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\b9dab84f1cc27dc04\DXSETUP.exe
2011-06-11 02:10:25 1691480 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\b9dab84f1cc27dc04\dsetup32.dll
2011-06-11 02:10:24 94040 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\b963b3821cc27dc02\DSETUP.dll
2011-06-11 02:10:24 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\b963b3821cc27dc02\DXSETUP.exe
2011-06-11 02:10:24 1691480 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\b963b3821cc27dc02\dsetup32.dll
2011-06-11 02:10:24 15712 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\b99811c81cc27dc03\MeshBetaRemover.exe
2011-06-11 02:10:23 6260088 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\b8c1d5ef1cc27dc01\Silverlight.4.0.exe
2011-06-11 02:10:22 -------- d-----w- C:\Program Files (x86)\Common Files\Windows Live
2011-06-11 02:08:39 -------- d-----w- C:\Program Files (x86)\Creative
2011-06-11 02:08:20 -------- d-----w- C:\Program Files (x86)\Dell Webcam
2011-06-11 02:08:19 224768 ----a-w- C:\Windows\System32\drivers\CtAudDrv.sys
2011-06-11 02:08:19 176096 ----a-w- C:\Windows\System32\drivers\CtClsFlt.sys
2011-06-11 02:08:16 -------- d-----w- C:\Program Files (x86)\Creative Live! Cam
2011-06-11 02:08:06 729088 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iKernel.dll
2011-06-11 02:08:06 69715 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\ctor.dll
2011-06-11 02:08:06 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\DotNetInstaller.exe
2011-06-11 02:08:06 311428 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\setup.dll
2011-06-11 02:08:06 266240 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iscript.dll
2011-06-11 02:08:06 192512 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iuser.dll
2011-06-11 02:08:06 188548 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iGdi.dll
2011-06-11 02:07:26 -------- d-----w- C:\Program Files (x86)\Sensible Vision
2011-06-11 02:04:33 -------- d-----r- C:\Program Files (x86)\Skype
2011-06-11 02:03:22 151656 ----a-w- C:\Windows\System32\drivers\WimFltr.sys
2011-06-11 02:03:00 32768 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\Objectps.dll
2011-06-11 02:02:04 -------- d-----w- C:\Program Files\Dell
2011-06-11 02:01:19 -------- d-----w- C:\Program Files (x86)\Intel Corporation
2011-06-11 02:01:19 -------- d-----w- C:\Program Files (x86)\Common Files\Intel Corporation
2011-06-11 01:59:37 -------- d-----w- C:\ProgramData\Roaming
2011-06-11 01:59:09 -------- d-----w- C:\Program Files (x86)\Cisco
2011-06-11 01:57:17 -------- d-----w- C:\Program Files (x86)\STMicroelectronics
2011-06-11 01:57:05 104960 ----a-w- C:\Windows\System32\drivers\cyhid.sys
2011-06-11 01:54:53 29288 ----a-w- C:\Windows\System32\nvhdap64.dll
2011-06-11 01:54:53 155752 ----a-w- C:\Windows\System32\drivers\nvhda64v.sys
2011-06-11 01:54:53 1359976 ----a-w- C:\Windows\System32\nvgenco64hda.dll
2011-06-11 01:52:12 -------- d-----w- C:\Program Files\Dell Inc
2011-06-11 01:49:13 -------- d-----w- C:\Windows\SysWow64\NV
2011-06-11 01:49:13 -------- d-----w- C:\Windows\System32\NV
.
==================== Find3M ====================
.
2011-06-11 03:29:47 91648 ----a-w- C:\Windows\System32\SetIEInstalledDate.exe
2011-06-11 01:53:17 521448 ----a-w- C:\Windows\System32\deployJava1.dll
2011-05-28 03:06:58 3135488 ----a-w- C:\Windows\System32\win32k.sys
2011-05-24 07:14:10 270720 ------w- C:\Windows\System32\MpSigStub.exe
2011-05-03 16:52:22 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2011-05-03 05:29:29 976896 ----a-w- C:\Windows\System32\inetcomm.dll
2011-05-03 04:30:02 741376 ----a-w- C:\Windows\SysWow64\inetcomm.dll
2011-04-29 03:06:10 467456 ----a-w- C:\Windows\System32\drivers\srv.sys
2011-04-29 03:05:49 410112 ----a-w- C:\Windows\System32\drivers\srv2.sys
2011-04-29 03:05:37 168448 ----a-w- C:\Windows\System32\drivers\srvnet.sys
2011-04-27 03:25:24 84864 ----a-w- C:\Windows\System32\drivers\NisDrvWFP.sys
2011-04-27 02:40:40 158208 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys
2011-04-27 02:39:40 289280 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
2011-04-27 02:39:37 128000 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys
2011-04-25 05:33:51 1923968 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2011-04-25 02:34:03 499200 ----a-w- C:\Windows\System32\drivers\afd.sys
2011-04-23 01:29:25 2303488 ----a-w- C:\Windows\System32\jscript9.dll
2011-04-23 01:19:19 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2011-04-22 23:35:56 1797632 ----a-w- C:\Windows\SysWow64\jscript9.dll
2011-04-22 23:25:54 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2011-04-22 22:15:29 27520 ----a-w- C:\Windows\System32\drivers\Diskdump.sys
2011-04-18 01:18:50 40832 ----a-w- C:\Windows\System32\drivers\MpNWMon.sys
2011-04-18 01:18:50 189440 ----a-w- C:\Windows\System32\drivers\MpFilter.sys
2011-04-14 09:28:24 118864 ----a-w- C:\Windows\System32\drivers\AVGIDSDriver.sys
2011-04-13 22:40:10 4284416 ----a-w- C:\Windows\SysWow64\GPhotos.scr
2011-04-09 07:02:55 5562240 ----a-w- C:\Windows\System32\ntoskrnl.exe
2011-04-09 06:02:25 3967872 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2011-04-09 06:02:25 3912576 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2011-04-04 12:59:54 377936 ----a-w- C:\Windows\System32\drivers\avgtdia.sys
.
============= FINISH: 21:19:23.32 ===============


.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-06-23.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 24/06/2011 18:44:43
System Uptime: 1/07/2011 21:16:18 (0 hours ago)
.
Motherboard: Dell Inc. | | 060G42
Processor: Intel(R) Core(TM) i7-2620M CPU @ 2.70GHz | CPU | 2701/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 684 GiB total, 451.192 GiB free.
D: is CDROM (UDF)
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP32: 26/06/2011 11:24:24 - Removed Dell DataSafe Local Backup
RP33: 26/06/2011 11:25:00 - Removed Dell DataSafe Online
RP34: 26/06/2011 11:25:28 - Removed Dell Getting Started Guide.
RP35: 26/06/2011 11:25:47 - Removed Dell MusicStage
RP36: 26/06/2011 11:26:11 - Removed Dell PhotoStage.
RP37: 26/06/2011 11:26:44 - Removed Dell Stage
RP38: 26/06/2011 11:27:34 - Configured VideoStage
RP39: 26/06/2011 11:29:55 - Removed Quickset64.
RP40: 26/06/2011 11:31:31 - Windows Live Essentials
RP41: 26/06/2011 11:31:47 - WLSetup
RP42: 26/06/2011 11:57:38 - Installed VirtualDrive Pro
RP43: 26/06/2011 12:15:20 - Device Driver Package Install: MagicISO, Inc. Storage controllers
RP44: 26/06/2011 12:20:51 - Removed VirtualDrive Pro
RP46: 26/06/2011 12:29:07 - SPTD setup V1.50
RP47: 26/06/2011 12:33:32 - Installed Age of Empires III
RP49: 26/06/2011 13:10:15 - SPTD setup V1.50
RP51: 26/06/2011 13:15:52 - SPTD setup V1.50
RP53: 26/06/2011 13:19:35 - SPTD setup V1.50
RP54: 26/06/2011 13:26:45 - Installed Java(TM) 6 Update 26
RP55: 26/06/2011 14:56:42 - Device Driver Package Install: DT Soft Ltd System devices
RP56: 26/06/2011 15:15:19 - Device Driver Package Install: DT Soft Ltd System devices
.
==== Installed Programs ======================
.
AccelerometerP11
Acronis True Image Home 2011
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader X MUI
Advanced Audio FX Engine
Age of Empires III
µTorrent
D3DX10
DAEMON Tools Pro
Definition update for Microsoft Office 2010 (KB982726)
Dell Webcam Central
DirectX 9 Runtime
doubleTwist
Dropbox
ffdshow [rev 2527] [2008-12-19]
Google Chrome
Google Update Helper
gPad Server 2.0 2.0.0
Intel(R) Control Center
Intel(R) Management Engine Components
Intel(R) Processor Graphics
Intel(R) Wireless Display
Java(TM) 6 Update 26
Malwarebytes' Anti-Malware version 1.51.0.1200
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (English) 2010
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Mozilla Firefox 5.0 (x86 en-GB)
MSVCRT
NVIDIA Stereoscopic 3D Driver
PhotoShowExpress
Picasa 3
PowerISO
Realtek High Definition Audio Driver
Roxio Activation Module
Roxio BackOnTrack
Roxio Burn
Roxio Creator Starter
Roxio Express Labeler 3
Samsung Kies
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft Excel 2010 (KB2523021)
Security Update for Microsoft InfoPath 2010 (KB2510065)
Security Update for Microsoft Office 2010 (KB2289078)
Security Update for Microsoft Office 2010 (KB2289161)
Security Update for Microsoft PowerPoint 2010 (KB2519975)
Security Update for Microsoft Publisher 2010 (KB2409055)
Security Update for Microsoft Word 2010 (KB2345000)
Skype Toolbars
Skype™ 4.2
Sonic CinePlayer Decoder Pack
Sophos Anti-Rootkit 1.5.4
SPORE™
Starcraft
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft Office 2010 (KB2202188)
Update for Microsoft Office 2010 (KB2413186)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2523113)
Update for Microsoft OneNote 2010 (KB2493983)
Update for Microsoft Outlook Social Connector (KB2441641)
Visual C++ 8.0 Runtime Setup Package (x64)
Visual Studio 2008 x64 Redistributables
VLC media player 1.1.10
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
WinZip 15.5
.
==== Event Viewer Messages From Past Week ========
.
26/06/2011 11:22:50, Error: Service Control Manager [7034] - The SoftThinks Agent Service service terminated unexpectedly. It has done this 1 time(s).
26/06/2011 11:14:03, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
25/06/2011 14:14:08, Error: VDS Basic Provider [1] - Unexpected failure. Error code: D@01010004
25/06/2011 11:26:06, Error: Service Control Manager [7000] - The Bluetooth OBEX Service service failed to start due to the following error: Access is denied.
24/06/2011 21:38:12, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR2.
24/06/2011 18:58:07, Error: Service Control Manager [7000] - The AVG AVI Loader Driver x64 service failed to start due to the following error: This driver has been blocked from loading
24/06/2011 18:58:07, Error: Application Popup [875] - Driver avgldx64.sys has been blocked from loading.
24/06/2011 18:44:08, Error: Microsoft-Windows-WMPNSS-Service [14332] - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
24/06/2011 18:42:41, Error: Microsoft-Windows-WER-SystemErrorReporting [1005] - Unable to produce a minidump file from the full dump file.
24/06/2011 18:42:41, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000024 (0x00000000001904fb, 0xfffff88008c8bf78, 0xfffff88008c8b7d0, 0xfffff80002d26537). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: .
1/07/2011 21:17:25, Error: Service Control Manager [7000] - The Bluetooth Device Monitor service failed to start due to the following error: The system cannot find the file specified.
1/07/2011 21:17:25, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "2" attempting to start the service Bluetooth Device Monitor with arguments "" in order to run the server: {DABF28BE-F6B4-4E40-8F40-C4FB26F3116C}
1/07/2011 21:17:24, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: sptd
1/07/2011 21:16:19, Error: sptd [4] - Driver detected an internal error in its data structures for .
1/07/2011 20:54:47, Error: Service Control Manager [7000] - The MEMSWEEP2 service failed to start due to the following error: This driver has been blocked from loading
1/07/2011 20:54:47, Error: Application Popup [1060] - \??\C:\Windows\system32\9AAA.tmp has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
1/07/2011 20:53:58, Error: Application Popup [1060] - \??\C:\Windows\system32\DBFC.tmp has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
1/07/2011 20:44:29, Error: Service Control Manager [7034] - The Bluetooth Media Service service terminated unexpectedly. It has done this 1 time(s).
1/07/2011 20:44:21, Error: Service Control Manager [7034] - The Bluetooth OBEX Service service terminated unexpectedly. It has done this 1 time(s).
1/07/2011 20:30:27, Error: Service Control Manager [7034] - The Acronis Nonstop Backup service service terminated unexpectedly. It has done this 1 time(s).
1/07/2011 19:41:17, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft Visual C++ 2008 Service Pack 1 Redistributable Package (KB2538243).
.
==== End Of File ===========================
flashwaawoo
Active Member
 
Posts: 12
Joined: July 1st, 2011, 5:21 am
Advertisement
Register to Remove

Re: Google redirect malware

Unread postby Cypher » July 1st, 2011, 6:58 am

This is a duplicate post and has therefore been closed
viewtopic.php?f=11&t=57293
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 14959
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 41 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware