Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Webpage redirecting (?)

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Webpage redirecting (?)

Unread postby Eshang » February 11th, 2012, 4:10 pm

Hi, My name is Eric and recently I've begun to notice a few changes in my laptop that may indicate it may be infected with malware. Besides the change in laptops speed, I've noticed that many times when I'm surfing the web, I'll be automatically redirected to a "Windows 7 Antivirus" website which is obviously fake. I was wondering if this could be indication of malware? I would appreciate any help to fix the problem (if there is one). Thank you!

DDS LOG:


.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_20
Run by EricShang at 13:06:11 on 2012-02-11
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6069.2646 [GMT -5:00]
.
AV: Kaspersky Anti-Virus *Enabled/Updated* {56547CC9-C9B2-849D-8FEF-A496150D6A06}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Kaspersky Anti-Virus *Enabled/Updated* {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\FBAgent.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files (x86)\Citrix\ICA Client\ssonsvr.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files\P4G\BatteryLife.exe
C:\Windows\Explorer.EXE
C:\Windows\SysWOW64\ACEngSvr.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\rundll32.exe
C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Origin\Origin.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Creative\SB Audigy\Volume Panel\VolPanlu.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe
C:\Program Files (x86)\Razer\Imperator\RazerImperatorTray.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\iPod\bin\iPodService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe
C:\Windows\system32\DllHost.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Windows\system32\taskmgr.exe
C:\Users\EricShang\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\EricShang\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\EricShang\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\EricShang\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\EricShang\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\EricShang\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\EricShang\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\EricShang\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\EricShang\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\EricShang\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\iTunes\iTunes.exe
C:\Users\EricShang\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\RO\DreamerRO's\exe.exe
C:\Program Files (x86)\RO\DreamerRO's\exe.exe
C:\Program Files (x86)\AutoHotkey\AutoHotkey.exe
C:\Users\EricShang\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\EricShang\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\EricShang\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\msiexec.exe
C:\Users\EricShang\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uDefault_Page_URL = hxxp://asus.msn.com
mWinlogon: Userinit=userinit.exe
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\ievkbd.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: FilterBHO Class: {e33cf602-d945-461a-83f0-819f76a199f8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [Google Update] "C:\Users\EricShang\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
uRun: [winupdate] C:\Windows\system32\install\winupdt.exe
uRun: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet
mRun: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
mRun: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
mRun: [VolPanel] "C:\Program Files (x86)\Creative\SB Audigy\Volume Panel\VolPanlu.exe" /r
mRun: [UpdReg] C:\Windows\UpdReg.EXE
mRun: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [<NO NAME>]
mRun: [Razer Imperator Driver] C:\Program Files (x86)\Razer\Imperator\RazerImperatorTray.exe
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{05BDF0D1-9718-447B-9539-4FFA1E2CE07F} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{05BDF0D1-9718-447B-9539-4FFA1E2CE07F}\4556E62556E64556164596D656 : DhcpNameServer = 68.87.73.246 68.87.71.230
TCP: Interfaces\{05BDF0D1-9718-447B-9539-4FFA1E2CE07F}\86F6D656 : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{05BDF0D1-9718-447B-9539-4FFA1E2CE07F}\A49616E676E4564777F627B6 : DhcpNameServer = 192.168.1.1 71.252.0.12
TCP: Interfaces\{05BDF0D1-9718-447B-9539-4FFA1E2CE07F}\C696E6B6379737 : DhcpNameServer = 68.87.73.246 68.87.71.230
TCP: Interfaces\{93422096-8B22-4798-A1C3-B195BD476D83} : DhcpNameServer = 128.8.74.2 128.8.76.2
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs: C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll,C:\ProgramData\dxmasf32.dll
BHO-X64: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll
BHO-X64: 0x1 - No File
BHO-X64: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO-X64: HP Print Enhancer - No File
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO-X64: Increase performance and video formats for your HTML5 <video> - No File
BHO-X64: IEVkbdBHO Class: {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\ievkbd.dll
BHO-X64: IEVkbdBHO - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO-X64: SkypeIEPluginBHO - No File
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
BHO-X64: URLRedirectionBHO - No File
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO-X64: FilterBHO Class: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll
BHO-X64: link filter bho - No File
BHO-X64: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
BHO-X64: HP Smart BHO Class - No File
TB-X64: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll
TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File
mRun-x64: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
mRun-x64: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
mRun-x64: [VolPanel] "C:\Program Files (x86)\Creative\SB Audigy\Volume Panel\VolPanlu.exe" /r
mRun-x64: [UpdReg] C:\Windows\UpdReg.EXE
mRun-x64: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe"
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [(Default)]
mRun-x64: [Razer Imperator Driver] C:\Program Files (x86)\Razer\Imperator\RazerImperatorTray.exe
mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
AppInit_DLLs-X64: C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll,C:\ProgramData\dxmasf32.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\EricShang\AppData\Roaming\Mozilla\Firefox\Profiles\5ecazms3.default\
FF - component: C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}\components\SkypeFfComponent.dll
FF - component: C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru\components\kavlinkfilter.dll
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\1.110.0\npesnlaunch.dll
FF - plugin: C:\Program Files (x86)\BF3 Alpha Trial Web Plugins\npesnlaunch.dll
FF - plugin: C:\Program Files (x86)\BF3 Alpha Trial Web Plugins\Sonar\npesnsonar.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npicaN.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\EricShang\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll
.
---- FIREFOX POLICIES ----
FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(yahoo.ytff.general.dontshowhpoffer, true
============= SERVICES / DRIVERS ===============
.
R1 kl2;kl2;C:\Windows\system32\DRIVERS\kl2.sys --> C:\Windows\system32\DRIVERS\kl2.sys [?]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\system32\DRIVERS\klim6.sys --> C:\Windows\system32\DRIVERS\klim6.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AFBAgent;AFBAgent;"C:\Windows\system32\FBAgent.exe" --> C:\Windows\system32\FBAgent.exe [?]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-2 15416]
R2 AVP;Kaspersky Anti-Virus Service;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe [2010-7-1 352976]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2010-10-20 821664]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2010-9-14 508264]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\system32\DRIVERS\TurboB.sys --> C:\Windows\system32\DRIVERS\TurboB.sys [?]
R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-7-7 2314240]
R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\system32\DRIVERS\klmouflt.sys --> C:\Windows\system32\DRIVERS\klmouflt.sys [?]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller (NDIS 6.20);C:\Windows\system32\DRIVERS\L1C62x64.sys --> C:\Windows\system32\DRIVERS\L1C62x64.sys [?]
R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]
R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]
R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]
R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2010-9-14 219496]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2010-7-7 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2010-7-7 79360]
S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2011-5-13 1492840]
S3 ivusb;Initio Driver for USB Default Controller;C:\Windows\system32\DRIVERS\ivusb.sys --> C:\Windows\system32\DRIVERS\ivusb.sys [?]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 SaiU0CCB;SaiU0CCB;C:\Windows\system32\DRIVERS\SaiU0CCB.sys --> C:\Windows\system32\DRIVERS\SaiU0CCB.sys [?]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\system32\DRIVERS\SiSG664.sys --> C:\Windows\system32\DRIVERS\SiSG664.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TurboBoost;TurboBoost;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2009-8-6 118672]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\system32\DRIVERS\wdcsam64.sys --> C:\Windows\system32\DRIVERS\wdcsam64.sys [?]
S4 Dyyno Launcher;Dyyno Service;C:\Program Files (x86)\Dyyno\Dyyno Broadcaster\launcherd.exe [2011-5-18 415072]
.
=============== Created Last 30 ================
.
2012-02-11 17:10:56 -------- d-----w- C:\Users\EricShang\AppData\Local\{91F9149A-5A1E-4E80-B8AC-2E2722E8227C}
2012-02-11 17:10:46 -------- d-----w- C:\Users\EricShang\AppData\Local\{0D811AFE-FBEA-43A4-B02E-ED46A1103B4D}
2012-02-11 01:41:03 -------- d-----w- C:\Users\EricShang\AppData\Local\{AB26BF26-E024-4E0D-8CB8-A39E7F16A134}
2012-02-11 01:40:42 -------- d-----w- C:\Users\EricShang\AppData\Local\{CF640CFF-24B5-4DF6-8879-F172A60611D9}
2012-02-10 13:40:19 -------- d-----w- C:\Users\EricShang\AppData\Local\{91F0354A-C61F-428C-8EFA-137A7388C6B0}
2012-02-10 13:40:09 -------- d-----w- C:\Users\EricShang\AppData\Local\{3925F8C6-91EE-4B47-9D60-8DE7AFBCE3BF}
2012-02-09 20:26:02 -------- d-----w- C:\Users\EricShang\AppData\Local\{87108E38-81BE-4EE3-B9DD-6D1D6A3815BB}
2012-02-09 20:25:52 -------- d-----w- C:\Users\EricShang\AppData\Local\{0D03904D-53E0-4AB7-8EEC-1301E5A3F648}
2012-02-09 02:18:05 -------- d-----w- C:\Users\EricShang\AppData\Local\{39B65EE8-256D-4EFE-B8C6-C6228472193A}
2012-02-08 14:17:58 -------- d-----w- C:\Users\EricShang\AppData\Local\{A39DB288-D095-4ED6-8B7B-808CE3BBAAD9}
2012-02-07 23:24:58 -------- d-----w- C:\Users\EricShang\AppData\Local\{2052FF16-6DC3-4E95-9974-1AECF81CB6CD}
2012-02-07 23:24:48 -------- d-----w- C:\Users\EricShang\AppData\Local\{DD5BD411-D96A-454D-BBBE-27D62AD490FD}
2012-02-07 07:19:50 -------- d-----w- C:\Users\EricShang\AppData\Local\{D558D81E-48D7-4909-88F6-DE61418B1525}
2012-02-06 19:19:29 -------- d-----w- C:\Users\EricShang\AppData\Local\{A5E9E886-51E3-406A-B5DF-FCA7B6FB2A1E}
2012-02-06 19:19:19 -------- d-----w- C:\Users\EricShang\AppData\Local\{61DDCB24-7BC7-45A0-84E8-BB8645ECD4F2}
2012-02-06 06:35:54 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-02-06 06:34:14 -------- d-----w- C:\Program Files (x86)\Yahoo!
2012-02-06 00:12:27 -------- d-----w- C:\Users\EricShang\AppData\Local\{886D528A-6EF6-457D-A691-27B10ECBB934}
2012-02-06 00:12:17 -------- d-----w- C:\Users\EricShang\AppData\Local\{2B978538-ECA2-4B5C-8864-27FFAECB71E6}
2012-02-05 19:18:12 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services
2012-02-05 19:17:41 -------- d-----w- C:\Users\EricShang\AppData\Local\Microsoft Help
2012-02-05 12:12:06 -------- d-----w- C:\Users\EricShang\AppData\Local\{B769F768-A08A-4963-8A06-968736123FDE}
2012-02-05 12:11:56 -------- d-----w- C:\Users\EricShang\AppData\Local\{20D46C26-4C3E-4386-83E8-FA95F0B0A51C}
2012-02-05 00:11:33 -------- d-----w- C:\Users\EricShang\AppData\Local\{EE998366-23B3-48AA-AABC-E702373842FA}
2012-02-05 00:11:22 -------- d-----w- C:\Users\EricShang\AppData\Local\{CEB9BAEF-DE20-464F-ADE4-6FECAB0374CF}
2012-02-04 12:10:59 -------- d-----w- C:\Users\EricShang\AppData\Local\{F7ACE8E2-6700-4034-B342-5E6AE76A23E3}
2012-02-04 00:10:35 -------- d-----w- C:\Users\EricShang\AppData\Local\{DBC37D10-11AB-49BF-AC3E-58101EBE620E}
2012-02-03 12:10:12 -------- d-----w- C:\Users\EricShang\AppData\Local\{C0FC6C3A-DE2E-4E44-B0D9-1922CD4F4978}
2012-02-03 00:09:49 -------- d-----w- C:\Users\EricShang\AppData\Local\{724FF88A-2B98-40FD-842B-3C492054AA11}
2012-02-02 12:09:28 -------- d-----w- C:\Users\EricShang\AppData\Local\{23D70725-DEED-42B7-9E34-F1F05EE7B630}
2012-02-02 00:09:05 -------- d-----w- C:\Users\EricShang\AppData\Local\{1B3C6937-574F-4C39-9BA2-40011BD3A98A}
2012-02-02 00:08:55 -------- d-----w- C:\Users\EricShang\AppData\Local\{38A37A4F-F3D4-4485-9EF1-7B3702F4C184}
2012-01-31 20:30:02 -------- d-----w- C:\Users\EricShang\AppData\Local\{7D077D53-AA60-44CB-8E7F-1CC5F5C275D2}
2012-01-31 20:29:52 -------- d-----w- C:\Users\EricShang\AppData\Local\{C82806EF-909A-4B32-92AE-29E79723DC2F}
2012-01-31 08:29:39 -------- d-----w- C:\Users\EricShang\AppData\Local\{1C0CE312-94D3-44CB-9E1E-905B697BB1D6}
2012-01-31 08:29:29 -------- d-----w- C:\Users\EricShang\AppData\Local\{3C4A4D91-1AF3-45F3-ACDB-37472029AA85}
2012-01-31 05:47:50 -------- d-----w- C:\Users\EricShang\AppData\Local\DDMSettings
2012-01-30 20:29:16 -------- d-----w- C:\Users\EricShang\AppData\Local\{BB8D5108-FA93-43E2-8B6D-2E2CFC2E1EA2}
2012-01-30 20:29:06 -------- d-----w- C:\Users\EricShang\AppData\Local\{05D0F715-382E-4749-90D4-5EB3762006AF}
2012-01-29 20:11:13 -------- d-----w- C:\Users\EricShang\AppData\Local\{17920AA1-D070-486A-8FD3-CCB474F982FA}
2012-01-29 20:11:02 -------- d-----w- C:\Users\EricShang\AppData\Local\{50927458-5420-4E41-96E8-A08049B1D668}
2012-01-28 19:55:09 -------- d-----w- C:\Users\EricShang\AppData\Local\{F094A0B3-6D03-4DDF-88B9-9A8767743F99}
2012-01-28 19:55:00 -------- d-----w- C:\Users\EricShang\AppData\Local\{3B0C632F-7F0A-4A3E-BB71-9A765777479E}
2012-01-28 04:16:18 -------- d-----w- C:\Users\EricShang\AppData\Local\{A305177B-1C82-4A4E-9E81-26ED3DF292A2}
2012-01-28 04:16:08 -------- d-----w- C:\Users\EricShang\AppData\Local\{48A72B3D-0E55-4079-89A5-6D05FA561449}
2012-01-27 16:15:56 -------- d-----w- C:\Users\EricShang\AppData\Local\{1A0795CB-93DD-4786-94D2-D201B7E7F70C}
2012-01-27 04:15:32 -------- d-----w- C:\Users\EricShang\AppData\Local\{5DD78A36-FBEE-4208-8F95-CD3A74714063}
2012-01-26 16:15:09 -------- d-----w- C:\Users\EricShang\AppData\Local\{C9D9DD04-8793-4F43-A508-0D53A2BE2E84}
2012-01-26 04:15:03 -------- d-----w- C:\Users\EricShang\AppData\Local\{37A0C866-B53E-4733-8EA6-A24D58193EC8}
2012-01-26 03:49:58 -------- d-----w- C:\Users\EricShang\AppData\Local\{CCD93393-AF14-4529-A64A-0601C3147A9C}
2012-01-26 02:08:52 -------- d-----w- C:\Users\EricShang\AppData\Local\{DA87D8EA-D65E-4C6F-B145-5107B311DCA6}
2012-01-24 10:18:19 -------- d-----w- C:\Users\EricShang\AppData\Local\{CC45B6CB-7D3E-4274-848F-40196F6D8C95}
2012-01-24 10:17:57 -------- d-----w- C:\Users\EricShang\AppData\Local\{A21C40BC-A946-406C-B491-4F1B1AF6C66B}
2012-01-23 22:17:44 -------- d-----w- C:\Users\EricShang\AppData\Local\{766B385F-BF2C-458B-A12E-E4BED2CD709C}
2012-01-23 22:17:23 -------- d-----w- C:\Users\EricShang\AppData\Local\{79FD2759-A2A5-41F8-A53D-E942B6F62AE4}
2012-01-23 09:26:11 -------- d-----w- C:\Users\EricShang\AppData\Local\{305AE450-031A-4D6B-8C4F-88847875EC36}
2012-01-23 09:25:50 -------- d-----w- C:\Users\EricShang\AppData\Local\{031F0FB4-1C9E-48FA-837C-EFD2CEEEB04B}
2012-01-22 21:25:39 -------- d-----w- C:\Users\EricShang\AppData\Local\{BEE36CB6-6699-4A3C-9400-F5E84D731C9C}
2012-01-22 21:25:18 -------- d-----w- C:\Users\EricShang\AppData\Local\{67C092D2-629C-41C2-84ED-A61ABFEECAD6}
2012-01-22 09:25:07 -------- d-----w- C:\Users\EricShang\AppData\Local\{825A4C68-A9F6-43B5-9550-27D6184EBFCA}
2012-01-22 09:24:46 -------- d-----w- C:\Users\EricShang\AppData\Local\{B28A5506-6CD6-4F75-B4FE-9C2FE2124840}
2012-01-21 21:24:21 -------- d-----w- C:\Users\EricShang\AppData\Local\{32B6C2F4-98F1-44FF-BA9D-AF9F412157C6}
2012-01-21 21:24:12 -------- d-----w- C:\Users\EricShang\AppData\Local\{9A52037F-8E24-45B9-8D09-24E56346E3D1}
2012-01-21 06:36:45 -------- d-----w- C:\Users\EricShang\AppData\Local\{46489FF7-788A-4F0E-89A2-1B5785EC0777}
2012-01-21 06:36:31 -------- d-----w- C:\Users\EricShang\AppData\Local\{4958F794-559B-45D5-AF56-0EE477B9E1D4}
2012-01-20 07:59:07 626688 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcr80.dll
2012-01-20 07:59:07 548864 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcp80.dll
2012-01-20 07:59:07 479232 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcm80.dll
2012-01-20 07:59:07 43992 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozutils.dll
2012-01-20 03:08:25 -------- d-----w- C:\Users\EricShang\AppData\Local\{786ECF03-6977-4F00-9E80-169726D6023A}
2012-01-20 03:08:03 -------- d-----w- C:\Users\EricShang\AppData\Local\{8EAB585C-3010-4229-89B2-E30313B72B71}
2012-01-19 15:07:39 -------- d-----w- C:\Users\EricShang\AppData\Local\{BE66571A-8A81-43C1-AA0E-4133C1B13441}
2012-01-19 15:07:18 -------- d-----w- C:\Users\EricShang\AppData\Local\{73BAA9C3-E0E8-451A-9E7F-AC422F5B22ED}
2012-01-19 03:07:03 -------- d-----w- C:\Users\EricShang\AppData\Local\{F36E9FF6-46CA-469B-B656-A115BEDB1C05}
2012-01-19 03:06:53 -------- d-----w- C:\Users\EricShang\AppData\Local\{6803ADD0-2894-42ED-965D-78B9E749D7A7}
2012-01-17 21:00:15 -------- d-----w- C:\Users\EricShang\AppData\Local\{C0BE7011-4229-4F8A-B387-351748C8C6EB}
2012-01-17 20:59:55 -------- d-----w- C:\Users\EricShang\AppData\Local\{BC94B914-D75F-44FB-BE00-1267B2B35913}
2012-01-17 08:59:41 -------- d-----w- C:\Users\EricShang\AppData\Local\{2455A088-7E28-4947-85D0-BD1C2EA1F929}
2012-01-17 08:59:20 -------- d-----w- C:\Users\EricShang\AppData\Local\{2D2BB4C5-2CAC-4C1E-AD58-690BD5A78C01}
2012-01-16 20:58:52 -------- d-----w- C:\Users\EricShang\AppData\Local\{513E051F-B69D-499E-AD23-AB62976A3280}
2012-01-16 20:58:42 -------- d-----w- C:\Users\EricShang\AppData\Local\{4DE81B41-A394-4087-9E2A-AFBAD51F1CB6}
2012-01-16 01:24:56 -------- d-----w- C:\Users\EricShang\AppData\Local\{F7A345BB-E8A5-4439-981F-9D410A1C8E33}
2012-01-16 01:24:43 -------- d-----w- C:\Users\EricShang\AppData\Local\{6DFD34A4-272D-4215-8204-1A0218A09970}
2012-01-15 09:57:30 -------- d-----w- C:\Users\EricShang\AppData\Local\{EE832A73-CE76-4058-9AEC-371A9FC7C58E}
2012-01-14 21:56:45 -------- d-----w- C:\Users\EricShang\AppData\Local\{BCC68B3A-6D2F-4027-8EB1-04730F4FAB04}
2012-01-14 21:56:33 -------- d-----w- C:\Users\EricShang\AppData\Local\{5B4C7EEF-6E15-4911-9845-F70746C936F8}
2012-01-13 18:52:00 -------- d-----w- C:\Users\EricShang\AppData\Local\{95AE4399-7EFD-4504-B80F-78AA21330CBF}
2012-01-13 18:51:48 -------- d-----w- C:\Users\EricShang\AppData\Local\{F14F8C88-50B7-4974-8EAA-7BC6FF19B27B}
2012-01-13 00:31:07 -------- d-----w- C:\Users\EricShang\AppData\Local\{D1F8D15F-6299-4CC7-8615-5027834F3032}
2012-01-13 00:30:45 -------- d-----w- C:\Users\EricShang\AppData\Local\{C91B37CE-C422-40A1-942C-1D4085D1B82D}
.
==================== Find3M ====================
.
2012-02-11 17:10:35 45056 ----a-w- C:\Windows\System32\acovcnt.exe
2012-02-10 19:50:38 282864 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2012-02-10 19:50:38 282864 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2012-02-10 19:50:23 280904 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2012-01-04 00:48:42 354176 ----a-w- C:\Windows\SysWow64\DivXControlPanelApplet.cpl
2012-01-03 06:14:58 76888 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe
2011-11-24 04:52:09 3145216 ----a-w- C:\Windows\System32\win32k.sys
2011-11-20 03:57:01 0 ----a-w- C:\Windows\SysWow64\sho368.tmp
2011-11-19 14:58:00 77312 ----a-w- C:\Windows\System32\packager.dll
2011-11-19 14:01:00 67072 ----a-w- C:\Windows\SysWow64\packager.dll
2011-11-17 06:49:14 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2011-11-17 06:49:14 152432 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2011-11-17 06:44:43 459232 ----a-w- C:\Windows\System32\drivers\cng.sys
2011-11-17 06:41:18 1731920 ----a-w- C:\Windows\System32\ntdll.dll
2011-11-17 06:35:28 395776 ----a-w- C:\Windows\System32\webio.dll
2011-11-17 06:35:26 29184 ----a-w- C:\Windows\System32\sspisrv.dll
2011-11-17 06:35:26 136192 ----a-w- C:\Windows\System32\sspicli.dll
2011-11-17 06:35:25 340992 ----a-w- C:\Windows\System32\schannel.dll
2011-11-17 06:35:25 28160 ----a-w- C:\Windows\System32\secur32.dll
2011-11-17 06:35:19 1447936 ----a-w- C:\Windows\System32\lsasrv.dll
2011-11-17 06:33:55 31232 ----a-w- C:\Windows\System32\lsass.exe
2011-11-17 05:38:39 1292080 ----a-w- C:\Windows\SysWow64\ntdll.dll
2011-11-17 05:35:02 314880 ----a-w- C:\Windows\SysWow64\webio.dll
2011-11-17 05:34:52 224768 ----a-w- C:\Windows\SysWow64\schannel.dll
2011-11-17 05:34:52 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2011-11-17 05:28:48 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
.
============= FINISH: 13:08:45.05 ===============
Eshang
Regular Member
 
Posts: 17
Joined: February 11th, 2012, 2:04 pm
Advertisement
Register to Remove

Re: Webpage redirecting (?)

Unread postby deltalima » February 11th, 2012, 4:34 pm

User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 328 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware