Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

view.atdmt virus. IE9 back button doesn't work at times!!

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

view.atdmt virus. IE9 back button doesn't work at times!!

Unread postby cappi » July 6th, 2012, 5:53 pm

Hi, two weeks ago, when using my IE 9, my back button stopped working sometimes. I click on it, and nothing happens. So I right-clicked on it, and it showed me http://view.atdmt.CNT/####### (bunch of numbers). Instead of seeing what websites I recently went to, this site flooded the box. This happens every 1/5 of the time I click the back button. I'm currently using FireFox -which doesn't have this problem-, but I read in many articles that it is recommended to remove this spyware as soon as possible because it tracks down things, and destroys registries.

I have tried Malwarebytes, search n destroy, and AVG. I also blocked the site using internet options. I tried deleting atlassolutions and atdmt.com folders when it shows up in Regedit. I do not have the CBrowsers thing in my addon. Nothing works! :(

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by lucy at 16:42:18 on 2012-07-06
Microsoft Windows 7 Home Premium 6.1.7601.1.936.86.1033.18.3838.2202 [GMT -5:00]
.
AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG2012\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\atieclxx.exe
C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe
C:\Program Files (x86)\Gateway\Registration\GregHSRW.exe
C:\Windows\system32\svchost.exe -k HsfXAudioService
C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe
C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2012\avgemca.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe
C:\Program Files\Web Assistant\ExtensionUpdaterService.exe
C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Windows\PLFSetI.exe
C:\Program Files\Gateway\Gateway Power Management\ePowerTray.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Apoint2K\HidFind.exe
C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManagerTray.exe
C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe
C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpWareSE4.exe
C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Gateway\Gateway Power Management\ePowerEvent.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_262.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_262.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uSearch Bar = Preserve
mDefault_Page_URL = hxxp://homepage.gateway.com/rdr.aspx?b= ... 5a44i1x56p
mURLSearchHooks: H - No File
mWinlogon: Userinit=userinit.exe,
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Web Assistant: {336d0c35-8a85-403a-b9d2-65c292c39087} - C:\Program Files\Web Assistant\Extension32.dll
BHO: BitComet Helper: {39f7e362-828a-4b5a-bcaf-5b79bfdfea60} - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
BHO: YouTube Downloader Toolbar: {f3fee66e-e034-436a-86e4-9690573bee8a} - C:\Program Files (x86)\YouTube Downloader Toolbar\IE\4.7\youtubedownloaderToolbarIE.dll
TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
TB: {338B4DFE-2E2C-4338-9E41-E176D497299E} - No File
TB: YouTube Downloader Toolbar: {f3fee66e-e034-436a-86e4-9690573bee8a} - C:\Program Files (x86)\YouTube Downloader Toolbar\IE\4.7\youtubedownloaderToolbarIE.dll
TB: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
{e7df6bff-55a5-4eb7-a673-4ed3e9456d39}
uRun: [AdobeBridge]
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [Google Update] "C:\Users\lucy\AppData\Local\Google\Update\GoogleUpdate.exe" /c
mRun: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManagerTray.exe" -h -k
mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
mRun: [VideoWebCamera] "C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe" -a
mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
mRun: [RemoteControl8] "c:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe"
mRun: [PDVD8LanguageShortcut] "c:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe"
mRun: [SSBkgdUpdate] "C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
mRun: [OpwareSE4] "C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpwareSE4.exe"
mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
mRun: [<NO NAME>]
mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun: [ROC_roc_dec12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MICROS~1.LNK - C:\Program Files (x86)\Microsoft Office\Office\OSA9.EXE
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: &D&ownload &with BitComet - C:\Program Files (x86)\BitComet\BitComet.exe/AddLink.htm
IE: &D&ownload all with BitComet - C:\Program Files (x86)\BitComet\BitComet.exe/AddAllLink.htm
IE: {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll/206
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net ... plugin.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{0B838A96-1D6A-40C2-9C43-59E72AEAF931} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{0B838A96-1D6A-40C2-9C43-59E72AEAF931}\2456C6B696E6F5E4F575962756C6563737F5735354147344 : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{0B838A96-1D6A-40C2-9C43-59E72AEAF931}\7427569786F657E64675962756C6563737 : DhcpNameServer = 10.0.0.1 10.0.0.1
TCP: Interfaces\{0B838A96-1D6A-40C2-9C43-59E72AEAF931}\7427569786F657E64675966496F563436303 : DhcpNameServer = 10.0.0.1 10.0.0.1
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.1.0\ViProtocol.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Web Assistant: {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension32.dll
BHO-X64: Web Assistant Helper - No File
BHO-X64: BitComet Helper: {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll
BHO-X64: BitComet ClickCapture - No File
BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File
BHO-X64: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
BHO-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO-X64: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll
BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
BHO-X64: YouTube Downloader Toolbar: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YouTube Downloader Toolbar\IE\4.7\youtubedownloaderToolbarIE.dll
TB-X64: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
TB-X64: {338B4DFE-2E2C-4338-9E41-E176D497299E} - No File
TB-X64: YouTube Downloader Toolbar: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YouTube Downloader Toolbar\IE\4.7\youtubedownloaderToolbarIE.dll
TB-X64: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll
TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
mRun-x64: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManagerTray.exe" -h -k
mRun-x64: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
mRun-x64: [VideoWebCamera] "C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe" -a
mRun-x64: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
mRun-x64: [RemoteControl8] "c:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe"
mRun-x64: [PDVD8LanguageShortcut] "c:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe"
mRun-x64: [SSBkgdUpdate] "C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
mRun-x64: [OpwareSE4] "C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpwareSE4.exe"
mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
mRun-x64: [(Default)]
mRun-x64: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun-x64: [ROC_roc_dec12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
IE-X64: {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll/206
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\lucy\AppData\Roaming\Mozilla\Firefox\Profiles\gj3xyivi.default\
FF - prefs.js: browser.startup.homepage - http://www.google.com
FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7Be9 ... &sap=ku&q=
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.1.0\npsitesafety.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll
FF - plugin: C:\Users\lucy\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: C:\Users\lucy\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\lucy\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSEH;AVGIDSEH;C:\Windows\system32\DRIVERS\AVGIDSEH.Sys --> C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [?]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?]
R0 Lbd;Lbd;C:\Windows\system32\DRIVERS\Lbd.sys --> C:\Windows\system32\DRIVERS\Lbd.sys [?]
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?]
R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?]
R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-4-4 63928]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 AODDriver4.1;AODDriver4.1;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-3-5 53888]
R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?]
R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-7-6 44808]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-8-2 192776]
R2 ePowerSvc;Acer ePower Service;C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe [2010-1-24 844320]
R2 Greg_Service;GRegService;C:\Program Files (x86)\Gateway\Registration\GregHSRW.exe [2009-8-28 1150496]
R2 HsfXAudioService;HsfXAudioService;C:\Windows\system32\svchost.exe -k HsfXAudioService [2009-7-13 20992]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2011-8-18 2152152]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-1-7 654408]
R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe [2009-9-24 62720]
R2 Updater Service;Updater Service;C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe [2009-10-29 240160]
R2 vToolbarUpdater11.1.0;vToolbarUpdater11.1.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe [2012-6-11 935480]
R2 Web Assistant Updater;Web Assistant Updater;C:\Program Files\Web Assistant\ExtensionUpdaterService.exe [2012-6-10 185856]
R3 amdiox64;AMD IO Driver;C:\Windows\system32\DRIVERS\amdiox64.sys --> C:\Windows\system32\DRIVERS\amdiox64.sys [?]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?]
R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys --> C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [?]
R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys --> C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [?]
R3 CAXHWAZL;CAXHWAZL;C:\Windows\system32\DRIVERS\CAXHWAZL.sys --> C:\Windows\system32\DRIVERS\CAXHWAZL.sys [?]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\k57nd60a.sys --> C:\Windows\system32\DRIVERS\k57nd60a.sys [?]
R3 Lavasoft Kernexplorer;Lavasoft helper driver;C:\Program Files (x86)\Lavasoft\Ad-Aware\kernexplorer64.sys [2011-11-8 17152]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\system32\DRIVERS\usbfilter.sys --> C:\Windows\system32\DRIVERS\usbfilter.sys [?]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-4-5 361984]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-3-24 135664]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-6-28 257696]
S3 BITCOMET_HELPER_SERVICE;BitComet Disk Boost Service;C:\Program Files (x86)\BitComet\tools\BitCometService.exe -service --> C:\Program Files (x86)\BitComet\tools\BitCometService.exe -service [?]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-3-24 135664]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-6-28 113120]
S3 netr28x;Ralink 802.11n Wireless Driver for Windows Vista;C:\Windows\system32\DRIVERS\netr28x.sys --> C:\Windows\system32\DRIVERS\netr28x.sys [?]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2009-10-29 225280]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VSTAZL6.SYS --> C:\Windows\system32\DRIVERS\VSTAZL6.SYS [?]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VSTDPV6.SYS --> C:\Windows\system32\DRIVERS\VSTDPV6.SYS [?]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVERS\VSTCNXT6.SYS --> C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2012-07-06 20:11:04 -------- d-----w- C:\Users\lucy\AppData\Roaming\DriverCure
2012-07-06 20:11:03 -------- d-----w- C:\Users\lucy\AppData\Roaming\SpeedyPC Software
2012-07-06 20:05:38 -------- d-----w- C:\ProgramData\SpeedyPC Software
2012-06-30 20:00:39 -------- d-----w- C:\Program Files (x86)\CleanUp!
2012-06-30 18:19:33 54072 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2012-06-30 18:19:28 958400 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2012-06-30 18:19:20 71064 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2012-06-30 18:18:38 41224 ----a-w- C:\Windows\avastSS.scr
2012-06-30 18:18:23 -------- d-----w- C:\ProgramData\AVAST Software
2012-06-30 18:18:23 -------- d-----w- C:\Program Files\AVAST Software
2012-06-30 18:15:17 -------- d-----w- C:\Program Files\CCleaner
2012-06-29 05:53:08 -------- d-----w- C:\Program Files (x86)\Eclipse 1.4
2012-06-29 01:33:59 -------- d-----w- C:\Users\lucy\jagexcache
2012-06-29 00:57:22 -------- d-----w- C:\Users\lucy\AppData\Local\ElevatedDiagnostics
2012-06-29 00:55:23 -------- d-----w- C:\MATS
2012-06-29 00:19:10 -------- d-----w- C:\Program Files (x86)\Oracle
2012-06-28 22:33:35 -------- d-----w- C:\Program Files (x86)\AMD APP
2012-06-28 22:32:17 -------- d-----w- C:\ProgramData\AMD
2012-06-28 22:32:11 46136 ----a-w- C:\Windows\System32\drivers\amdiox64.sys
2012-06-28 22:32:06 -------- d-----w- C:\Program Files (x86)\ATI Technologies
2012-06-28 22:30:04 -------- d-----w- C:\Program Files\ATI Technologies
2012-06-28 22:28:34 -------- d-----w- C:\AMD
2012-06-28 21:29:08 -------- d-----w- C:\Windows\System32\SPReview
2012-06-28 21:27:50 -------- d-----w- C:\Windows\System32\EventProviders
2012-06-28 19:54:58 839096 ----a-w- C:\Windows\System32\deployJava1.dll
2012-06-28 19:54:57 955840 ----a-w- C:\Windows\System32\npDeployJava1.dll
2012-06-28 19:28:07 772504 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2012-06-28 19:26:14 -------- d-----w- C:\Users\lucy\AppData\Local\Macromedia
2012-06-28 19:25:49 419488 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-06-28 18:19:20 -------- d-----w- C:\Users\lucy\AppData\Local\Mozilla
2012-06-28 17:37:37 -------- d-----w- C:\Users\lucy\AppData\Roaming\IObit
2012-06-28 04:33:27 -------- d-----w- C:\ProgramData\blekko toolbars
2012-06-28 04:31:34 -------- d-----w- C:\Users\lucy\AppData\Local\blekkotb_031
2012-06-28 03:08:08 57976 ----a-r- C:\Windows\System32\drivers\SBREDrv.sys.2922.aawbak
2012-06-28 03:08:08 55384 ----a-w- C:\Windows\System32\drivers\SBREDrv.sys
2012-06-27 03:45:14 -------- d-----w- C:\Users\lucy\Tracing
2012-06-27 03:14:07 -------- d-----w- C:\Users\lucy\AppData\Roaming\abelhadigital.com
2012-06-27 03:14:07 -------- d-----w- C:\ProgramData\abelhadigital.com
2012-06-26 03:23:27 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2012-06-24 04:36:00 -------- d-----w- C:\Users\lucy\AppData\Local\JollyBear
2012-06-24 04:36:00 -------- d-----w- C:\ProgramData\JollyBear
2012-06-24 04:30:21 -------- d-----w- C:\Program Files (x86)\HP Games
2012-06-24 04:14:43 -------- d-----w- C:\ProgramData\WildTangent
2012-06-24 04:14:12 -------- d-----w- C:\Users\lucy\AppData\Roaming\WildTangent
2012-06-24 03:42:23 -------- d-----w- C:\Users\lucy\AppData\Local\HP
2012-06-24 03:41:07 -------- d-----w- C:\Program Files (x86)\HP
2012-06-24 03:40:41 -------- d-----w- C:\Program Files\HP
2012-06-21 03:34:18 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2012-06-21 03:33:36 99840 ----a-w- C:\Windows\System32\wudriver.dll
2012-06-21 03:32:47 36864 ----a-w- C:\Windows\System32\wuapp.exe
2012-06-21 03:32:47 186752 ----a-w- C:\Windows\System32\wuwebv.dll
2012-06-14 04:56:13 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-06-14 04:56:11 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-06-14 04:56:11 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-06-14 04:56:08 77312 ----a-w- C:\Windows\System32\rdpwsx.dll
2012-06-14 04:56:08 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll
2012-06-14 04:56:07 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe
2012-06-14 04:56:04 3146752 ----a-w- C:\Windows\System32\win32k.sys
2012-06-14 04:56:03 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2012-06-12 13:34:35 -------- d-----w- C:\Users\lucy\AppData\Local\AVG Secure Search
2012-06-12 03:25:46 -------- d-----w- C:\Program Files (x86)\RPG Maker VX Ace
2012-06-11 04:31:17 -------- d-----w- C:\Users\lucy\AppData\Roaming\Enterbrain
2012-06-11 03:54:10 -------- d-----w- C:\Program Files\Web Assistant
.
==================== Find3M ====================
.
2012-06-28 21:41:08 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll
2012-06-28 21:41:07 175616 ----a-w- C:\Windows\System32\msclmd.dll
2012-06-28 20:11:19 70304 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-05-18 02:06:48 2311680 ----a-w- C:\Windows\System32\jscript9.dll
2012-05-18 01:59:14 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-05-18 01:58:39 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-05-18 01:55:22 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-05-18 01:51:30 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-05-17 22:45:37 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-05-17 22:35:47 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-05-17 22:35:39 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-05-17 22:29:45 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-05-17 22:24:45 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-05-05 00:29:16 687504 ----a-w- C:\Windows\SysWow64\deployJava1.dll
.
============= FINISH: 16:49:36.26 ===============










.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 3/21/2010 2:11:10 AM
System Uptime: 7/6/2012 4:34:44 PM (0 hours ago)
.
Motherboard: Gateway | | SJV50TR
Processor: AMD Athlon(tm) II Dual-Core M300 | Socket S1G3 | 2000/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 454 GiB total, 384.624 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP100: 6/28/2012 4:29:00 PM - Windows 7 Service Pack 1
RP101: 6/28/2012 6:51:43 PM - Installed Java(TM) 6 Update 32 (64-bit)
RP102: 6/28/2012 6:53:31 PM - Removed Java(TM) 7 Update 5 (64-bit)
RP103: 6/28/2012 7:02:41 PM - Removed Java(TM) 7 Update 5
RP104: 6/28/2012 7:05:40 PM - Removed JavaFX 2.1.1
RP105: 6/28/2012 7:07:48 PM - Removed Java(TM) 6 Update 32 (64-bit)
RP106: 6/28/2012 7:13:38 PM - Removed Java(TM) 6 Update 32 (64-bit)
RP107: 6/28/2012 7:17:27 PM - Installed Java(TM) 7 Update 5
RP108: 6/28/2012 7:18:20 PM - Installed JavaFX 2.1.1
RP109: 6/28/2012 7:39:06 PM - Removed Java(TM) 6 Update 32 (64-bit)
RP110: 6/28/2012 7:51:28 PM - Removed Java(TM) 6 Update 32 (64-bit)
RP112: 6/28/2012 7:55:13 PM - Restore Point before Java(TM) 6 Update 32 (64-bit) was removed using Program Install and Uninstall troubleshooter
RP114: 6/28/2012 7:56:22 PM - Java(TM) 6 Update 32 (64-bit)
RP115: 6/28/2012 8:22:39 PM - Removed Java(TM) 7 Update 5
RP116: 6/28/2012 8:32:18 PM - Installed Java(TM) 6 Update 32
RP117: 6/29/2012 5:17:17 PM - Windows Update
RP118: 6/30/2012 1:18:03 PM - avast! Free Antivirus Setup
RP119: 7/5/2012 10:14:19 PM - Removed Adobe Community Help
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
Acrobat.com
Ad-Aware
Adobe AIR
Adobe Download Assistant
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.3)
Advanced Sound Recorder v6.0
Aleks 3.16
Always Remember Me
AMD USB Filter Driver
AMD VISION Engine Control Center
Audio Recorder for FREE v9.4
avast! Internet Security
AVG Security Toolbar
Backup Manager Basic
Best Buy Software Installer
BitComet 1.28
Canon MP Navigator EX 1.0
Canon MP210 series User Registration
Canon Utilities Easy-PhotoPrint EX
Canon Utilities Solution Menu
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
CEP (Color Enable Package) v.9.2 (beta)
CleanUp!
Compatibility Pack for the 2007 Office system
CyberLink PowerDVD 8
Eclipse 1.4
Fantapper Player
Gateway InfoCentre
Gateway MyBackup
Gateway Power Management
Gateway Recovery Management
Gateway Registration
Gateway ScreenSaver
Gateway Updater
Google Talk Plugin
Google Toolbar for Internet Explorer
Google Update Helper
HP Games
HyperCam 2
Identity Card
Java Auto Updater
Java(TM) 6 Update 32
JavaFX 2.1.1
Launch Manager
Malwarebytes Anti-Malware version 1.61.0.1400
Microsoft Office 2000 SR-1 Professional
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Suite Activation Assistant
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Works
Microsoft_VC80_ATL_x86
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
Microsoft_VC90_MFCLOC_x86
Mozilla Firefox 13.0.1 (x86 en-US)
Mozilla Maintenance Service
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nexon Game Manager
Pando Media Booster
RE: Alistair++ 1
Realtek USB 2.0 Card Reader
Roxio Burn
Roxio Update Manager
RPG Maker VX
RPG MAKER VX Ace RTP
RPG Maker VX RTP
ScanSoft OmniPage SE 4
Security Update for CAPICOM (KB931906)
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition
Sims2Pack Clean Installer
The Sims 2
The Sims 2 Nightlife
The Sims 2 University
The Sims? 2 Seasons
Update for 2007 Microsoft Office System (KB967642)
Video Web Camera
Visual Studio 2008 x64 Redistributables
Welcome Center
Windows Live Sync
Windows Live Upload Tool
Windows Movie Maker 6.0.6000.16386
WinZip 15.5
Wizard101
YouTube Downloader 3.4
YouTube Downloader Toolbar v4.7
.
==== Event Viewer Messages From Past Week ========
.
7/6/2012 4:36:45 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the AMD FUEL Service service to connect.
7/6/2012 4:36:45 PM, Error: Service Control Manager [7000] - The AMD FUEL Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
7/6/2012 4:35:38 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000019 (0x0000000000000020, 0xfffff8a00fcf8110, 0xfffff8a00fcf8130, 0x0000000005020411). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 070612-50871-01.
7/6/2012 4:35:23 PM, Error: atikmdag [52236] - CPLIB :: General - Invalid Parameter
7/6/2012 4:35:23 PM, Error: atikmdag [43029] - Display is not active
7/6/2012 2:09:25 PM, Error: Service Control Manager [7000] - The Fantapper Player Update Service service failed to start due to the following error: The system cannot find the file specified.
6/30/2012 6:23:55 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Web Assistant Updater service to connect.
6/30/2012 3:30:59 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the eventlog service.
6/30/2012 3:12:19 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Dnscache service.
6/30/2012 10:33:05 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the NTI IScheduleSvc service to connect.
6/30/2012 10:33:05 PM, Error: Service Control Manager [7000] - The NTI IScheduleSvc service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
.
==== End Of File ===========================
cappi
Regular Member
 
Posts: 22
Joined: July 6th, 2012, 5:26 pm
Advertisement
Register to Remove

Re: view.atdmt virus. IE9 back button doesn't work at times!

Unread postby melboy » July 6th, 2012, 7:41 pm

Hi
Hi and welcome to the MR forums. :)

I'm melboy and I am going to try to help you with your problem. Please take note of the following:

  1. I will be working on your Malware issues this may or may not solve other issues you have with your machine.
  2. The fixes are specific to your problem and should only be used for this issue on this machine.
  3. If you don't know or understand something, please don't hesitate to ask.
  4. Please refrain from making any further changes to your computer (Install/Uninstall programs, delete files, edit the registry, etc...)
  5. Please DO NOT run any other tools or scans whilst I am helping you.
  6. It is important that you reply to this thread. Do not start a new topic.
  7. DO NOT attach logs unless requested to. Please copy/paste all requested logs into your replies.
  8. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
  9. Absence of symptoms does not mean that everything is clear.


NOTE: Please take time to read the Malware Removal Forum Guidelines and Rules where the conditions for receiving help at this forum are explained.


IMPORTANT: Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start.



No Reply Within 3 Days Will Result In Your Topic Being Closed!! If you need more time, please inform me.


==================================


Your logs suggest you may have installed a custom hosts file recently (With Hostsman) - Is that correct?
User avatar
melboy
MRU Expert
MRU Expert
 
Posts: 3670
Joined: July 25th, 2008, 4:25 pm
Location: UK

Re: view.atdmt virus. IE9 back button doesn't work at times!

Unread postby cappi » July 6th, 2012, 8:00 pm

Yes, I do remember installing something like that, because one of the articles instructed to download Hostman, or something such as that. I'm a newbie when it comes to computers. Sorry in advance about that! :)
cappi
Regular Member
 
Posts: 22
Joined: July 6th, 2012, 5:26 pm

Re: view.atdmt virus. IE9 back button doesn't work at times!

Unread postby melboy » July 6th, 2012, 8:27 pm

The behaviour you are seeing is normal/expected when you have a hosts file installed.

Here is a wealth of information about Hosts files, including an explanation as to why your browsers back button exhibits this behaviour.

http://winhelp2002.mvps.org/hostsfaq.htm#Button

Strange behavior in the Back Button

Sometimes when you click the Back button in Internet Explorer to return to the previous page it appears that nothing happens. What usually occurs is that the HOSTS file has blocked one or more (<IFrame>) ad pages that are embedded into the web page you are viewing. These "IFrame" are actually a separate connection, thus the browser reads it as a visited page ...


The connection to view.atdmt.com (an ad/tracking server) is actually being blocked by your hosts file.

There's more reading about hosts files here too: viewtopic.php?f=4&t=22187


If you would like further help with your computer, I must stress that BitComet 1.28 will have to be removed before we can help further. I strongly recommend you uninstall it.

Please see this topic: viewtopic.php?p=491394#p491394
User avatar
melboy
MRU Expert
MRU Expert
 
Posts: 3670
Joined: July 25th, 2008, 4:25 pm
Location: UK

Re: view.atdmt virus. IE9 back button doesn't work at times!

Unread postby cappi » July 7th, 2012, 3:02 pm

Ah, so those Ad servers are actually being blocked. I have just uninstalled my BitComet.

Here's my new DDS

DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by lucy at 13:57:42 on 2012-07-07
Microsoft Windows 7 Home Premium 6.1.7601.1.936.86.1033.18.3838.2226 [GMT -5:00]
.
AV: Lavasoft Ad-Watch Live! Anti-Virus *Enabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Lavasoft Ad-Watch Live! *Enabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG2012\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\atieclxx.exe
C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
C:\Windows\system32\Dwm.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Windows\PLFSetI.exe
C:\Program Files\Gateway\Gateway Power Management\ePowerTray.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManagerTray.exe
C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe
C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe
C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe
C:\Program Files (x86)\Gateway\Registration\GregHSRW.exe
C:\Windows\system32\svchost.exe -k HsfXAudioService
C:\Program Files (x86)\AVG\AVG2012\avgemca.exe
C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe
C:\Program Files\Web Assistant\ExtensionUpdaterService.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Gateway\Gateway Power Management\ePowerEvent.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Apoint2K\HidFind.exe
C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpWareSE4.exe
C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uSearch Bar = Preserve
mDefault_Page_URL = hxxp://homepage.gateway.com/rdr.aspx?b= ... 5a44i1x56p
mURLSearchHooks: H - No File
mWinlogon: Userinit=userinit.exe,
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Web Assistant: {336d0c35-8a85-403a-b9d2-65c292c39087} - C:\Program Files\Web Assistant\Extension32.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
BHO: YouTube Downloader Toolbar: {f3fee66e-e034-436a-86e4-9690573bee8a} - C:\Program Files (x86)\YouTube Downloader Toolbar\IE\4.7\youtubedownloaderToolbarIE.dll
TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
TB: {338B4DFE-2E2C-4338-9E41-E176D497299E} - No File
TB: YouTube Downloader Toolbar: {f3fee66e-e034-436a-86e4-9690573bee8a} - C:\Program Files (x86)\YouTube Downloader Toolbar\IE\4.7\youtubedownloaderToolbarIE.dll
TB: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
{e7df6bff-55a5-4eb7-a673-4ed3e9456d39}
uRun: [AdobeBridge]
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [Google Update] "C:\Users\lucy\AppData\Local\Google\Update\GoogleUpdate.exe" /c
mRun: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManagerTray.exe" -h -k
mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
mRun: [VideoWebCamera] "C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe" -a
mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
mRun: [RemoteControl8] "c:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe"
mRun: [PDVD8LanguageShortcut] "c:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe"
mRun: [SSBkgdUpdate] "C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
mRun: [OpwareSE4] "C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpwareSE4.exe"
mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
mRun: [<NO NAME>]
mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun: [ROC_roc_dec12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MICROS~1.LNK - C:\Program Files (x86)\Microsoft Office\Office\OSA9.EXE
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net ... plugin.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{0B838A96-1D6A-40C2-9C43-59E72AEAF931} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{0B838A96-1D6A-40C2-9C43-59E72AEAF931}\2456C6B696E6F5E4F575962756C6563737F5735354147344 : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{0B838A96-1D6A-40C2-9C43-59E72AEAF931}\7427569786F657E64675962756C6563737 : DhcpNameServer = 10.0.0.1 10.0.0.1
TCP: Interfaces\{0B838A96-1D6A-40C2-9C43-59E72AEAF931}\7427569786F657E64675966496F563436303 : DhcpNameServer = 10.0.0.1 10.0.0.1
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.1.0\ViProtocol.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Web Assistant: {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension32.dll
BHO-X64: Web Assistant Helper - No File
BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File
BHO-X64: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
BHO-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO-X64: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll
BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
BHO-X64: YouTube Downloader Toolbar: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YouTube Downloader Toolbar\IE\4.7\youtubedownloaderToolbarIE.dll
TB-X64: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
TB-X64: {338B4DFE-2E2C-4338-9E41-E176D497299E} - No File
TB-X64: YouTube Downloader Toolbar: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YouTube Downloader Toolbar\IE\4.7\youtubedownloaderToolbarIE.dll
TB-X64: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll
TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
mRun-x64: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManagerTray.exe" -h -k
mRun-x64: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
mRun-x64: [VideoWebCamera] "C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe" -a
mRun-x64: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
mRun-x64: [RemoteControl8] "c:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe"
mRun-x64: [PDVD8LanguageShortcut] "c:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe"
mRun-x64: [SSBkgdUpdate] "C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
mRun-x64: [OpwareSE4] "C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpwareSE4.exe"
mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
mRun-x64: [(Default)]
mRun-x64: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun-x64: [ROC_roc_dec12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\lucy\AppData\Roaming\Mozilla\Firefox\Profiles\gj3xyivi.default\
FF - prefs.js: browser.startup.homepage - www.google.com
FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7Be9 ... &sap=ku&q=
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.1.0\npsitesafety.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll
FF - plugin: C:\Users\lucy\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: C:\Users\lucy\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\lucy\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSEH;AVGIDSEH;C:\Windows\system32\DRIVERS\AVGIDSEH.Sys --> C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [?]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?]
R0 Lbd;Lbd;C:\Windows\system32\DRIVERS\Lbd.sys --> C:\Windows\system32\DRIVERS\Lbd.sys [?]
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?]
R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?]
R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-4-4 63928]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 AODDriver4.1;AODDriver4.1;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-3-5 53888]
R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?]
R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-7-6 44808]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-8-2 192776]
R2 ePowerSvc;Acer ePower Service;C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe [2010-1-24 844320]
R2 Greg_Service;GRegService;C:\Program Files (x86)\Gateway\Registration\GregHSRW.exe [2009-8-28 1150496]
R2 HsfXAudioService;HsfXAudioService;C:\Windows\system32\svchost.exe -k HsfXAudioService [2009-7-13 20992]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2011-8-18 2152152]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-1-7 654408]
R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe [2009-9-24 62720]
R2 Updater Service;Updater Service;C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe [2009-10-29 240160]
R2 vToolbarUpdater11.1.0;vToolbarUpdater11.1.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe [2012-6-11 935480]
R2 Web Assistant Updater;Web Assistant Updater;C:\Program Files\Web Assistant\ExtensionUpdaterService.exe [2012-6-10 185856]
R3 amdiox64;AMD IO Driver;C:\Windows\system32\DRIVERS\amdiox64.sys --> C:\Windows\system32\DRIVERS\amdiox64.sys [?]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?]
R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys --> C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [?]
R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys --> C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [?]
R3 CAXHWAZL;CAXHWAZL;C:\Windows\system32\DRIVERS\CAXHWAZL.sys --> C:\Windows\system32\DRIVERS\CAXHWAZL.sys [?]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\k57nd60a.sys --> C:\Windows\system32\DRIVERS\k57nd60a.sys [?]
R3 Lavasoft Kernexplorer;Lavasoft helper driver;C:\Program Files (x86)\Lavasoft\Ad-Aware\kernexplorer64.sys [2011-11-8 17152]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\system32\DRIVERS\usbfilter.sys --> C:\Windows\system32\DRIVERS\usbfilter.sys [?]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-4-5 361984]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-3-24 135664]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-6-28 257696]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-3-24 135664]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-6-28 113120]
S3 netr28x;Ralink 802.11n Wireless Driver for Windows Vista;C:\Windows\system32\DRIVERS\netr28x.sys --> C:\Windows\system32\DRIVERS\netr28x.sys [?]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2009-10-29 225280]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VSTAZL6.SYS --> C:\Windows\system32\DRIVERS\VSTAZL6.SYS [?]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VSTDPV6.SYS --> C:\Windows\system32\DRIVERS\VSTDPV6.SYS [?]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVERS\VSTCNXT6.SYS --> C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2012-07-06 20:11:04 -------- d-----w- C:\Users\lucy\AppData\Roaming\DriverCure
2012-07-06 20:11:03 -------- d-----w- C:\Users\lucy\AppData\Roaming\SpeedyPC Software
2012-07-06 20:05:38 -------- d-----w- C:\ProgramData\SpeedyPC Software
2012-06-30 20:00:39 -------- d-----w- C:\Program Files (x86)\CleanUp!
2012-06-30 18:19:33 54072 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2012-06-30 18:19:28 958400 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2012-06-30 18:19:20 71064 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2012-06-30 18:18:38 41224 ----a-w- C:\Windows\avastSS.scr
2012-06-30 18:18:23 -------- d-----w- C:\ProgramData\AVAST Software
2012-06-30 18:18:23 -------- d-----w- C:\Program Files\AVAST Software
2012-06-30 18:15:17 -------- d-----w- C:\Program Files\CCleaner
2012-06-29 05:53:08 -------- d-----w- C:\Program Files (x86)\Eclipse 1.4
2012-06-29 01:33:59 -------- d-----w- C:\Users\lucy\jagexcache
2012-06-29 00:57:22 -------- d-----w- C:\Users\lucy\AppData\Local\ElevatedDiagnostics
2012-06-29 00:55:23 -------- d-----w- C:\MATS
2012-06-29 00:19:10 -------- d-----w- C:\Program Files (x86)\Oracle
2012-06-28 22:33:35 -------- d-----w- C:\Program Files (x86)\AMD APP
2012-06-28 22:32:17 -------- d-----w- C:\ProgramData\AMD
2012-06-28 22:32:11 46136 ----a-w- C:\Windows\System32\drivers\amdiox64.sys
2012-06-28 22:32:06 -------- d-----w- C:\Program Files (x86)\ATI Technologies
2012-06-28 22:30:04 -------- d-----w- C:\Program Files\ATI Technologies
2012-06-28 22:28:34 -------- d-----w- C:\AMD
2012-06-28 21:29:08 -------- d-----w- C:\Windows\System32\SPReview
2012-06-28 21:27:50 -------- d-----w- C:\Windows\System32\EventProviders
2012-06-28 19:54:58 839096 ----a-w- C:\Windows\System32\deployJava1.dll
2012-06-28 19:54:57 955840 ----a-w- C:\Windows\System32\npDeployJava1.dll
2012-06-28 19:28:07 772504 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2012-06-28 19:26:14 -------- d-----w- C:\Users\lucy\AppData\Local\Macromedia
2012-06-28 19:25:49 419488 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-06-28 18:19:20 -------- d-----w- C:\Users\lucy\AppData\Local\Mozilla
2012-06-28 17:37:37 -------- d-----w- C:\Users\lucy\AppData\Roaming\IObit
2012-06-28 04:33:27 -------- d-----w- C:\ProgramData\blekko toolbars
2012-06-28 04:31:34 -------- d-----w- C:\Users\lucy\AppData\Local\blekkotb_031
2012-06-28 03:08:08 57976 ----a-r- C:\Windows\System32\drivers\SBREDrv.sys.2922.aawbak
2012-06-28 03:08:08 55384 ----a-w- C:\Windows\System32\drivers\SBREDrv.sys
2012-06-27 03:45:14 -------- d-----w- C:\Users\lucy\Tracing
2012-06-27 03:14:07 -------- d-----w- C:\Users\lucy\AppData\Roaming\abelhadigital.com
2012-06-27 03:14:07 -------- d-----w- C:\ProgramData\abelhadigital.com
2012-06-26 03:23:27 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2012-06-24 04:36:00 -------- d-----w- C:\Users\lucy\AppData\Local\JollyBear
2012-06-24 04:36:00 -------- d-----w- C:\ProgramData\JollyBear
2012-06-24 04:30:21 -------- d-----w- C:\Program Files (x86)\HP Games
2012-06-24 04:14:43 -------- d-----w- C:\ProgramData\WildTangent
2012-06-24 04:14:12 -------- d-----w- C:\Users\lucy\AppData\Roaming\WildTangent
2012-06-24 03:42:23 -------- d-----w- C:\Users\lucy\AppData\Local\HP
2012-06-24 03:41:07 -------- d-----w- C:\Program Files (x86)\HP
2012-06-24 03:40:41 -------- d-----w- C:\Program Files\HP
2012-06-21 03:34:18 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2012-06-21 03:33:36 99840 ----a-w- C:\Windows\System32\wudriver.dll
2012-06-21 03:32:47 36864 ----a-w- C:\Windows\System32\wuapp.exe
2012-06-21 03:32:47 186752 ----a-w- C:\Windows\System32\wuwebv.dll
2012-06-14 04:56:13 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-06-14 04:56:11 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-06-14 04:56:11 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-06-14 04:56:08 77312 ----a-w- C:\Windows\System32\rdpwsx.dll
2012-06-14 04:56:08 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll
2012-06-14 04:56:07 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe
2012-06-14 04:56:04 3146752 ----a-w- C:\Windows\System32\win32k.sys
2012-06-14 04:56:03 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2012-06-12 13:34:35 -------- d-----w- C:\Users\lucy\AppData\Local\AVG Secure Search
2012-06-12 03:25:46 -------- d-----w- C:\Program Files (x86)\RPG Maker VX Ace
2012-06-11 04:31:17 -------- d-----w- C:\Users\lucy\AppData\Roaming\Enterbrain
2012-06-11 03:54:10 -------- d-----w- C:\Program Files\Web Assistant
.
==================== Find3M ====================
.
2012-06-28 21:41:08 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll
2012-06-28 21:41:07 175616 ----a-w- C:\Windows\System32\msclmd.dll
2012-06-28 20:11:19 70304 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-05-18 02:06:48 2311680 ----a-w- C:\Windows\System32\jscript9.dll
2012-05-18 01:59:14 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-05-18 01:58:39 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-05-18 01:55:22 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-05-18 01:51:30 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-05-17 22:45:37 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-05-17 22:35:47 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-05-17 22:35:39 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-05-17 22:29:45 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-05-17 22:24:45 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-05-05 00:29:16 687504 ----a-w- C:\Windows\SysWow64\deployJava1.dll
.
============= FINISH: 13:59:17.45 ===============






UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 3/21/2010 2:11:10 AM
System Uptime: 7/7/2012 1:23:32 PM (0 hours ago)
.
Motherboard: Gateway | | SJV50TR
Processor: AMD Athlon(tm) II Dual-Core M300 | Socket S1G3 | 2000/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 454 GiB total, 379.412 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP100: 6/28/2012 4:29:00 PM - Windows 7 Service Pack 1
RP101: 6/28/2012 6:51:43 PM - Installed Java(TM) 6 Update 32 (64-bit)
RP102: 6/28/2012 6:53:31 PM - Removed Java(TM) 7 Update 5 (64-bit)
RP103: 6/28/2012 7:02:41 PM - Removed Java(TM) 7 Update 5
RP104: 6/28/2012 7:05:40 PM - Removed JavaFX 2.1.1
RP105: 6/28/2012 7:07:48 PM - Removed Java(TM) 6 Update 32 (64-bit)
RP106: 6/28/2012 7:13:38 PM - Removed Java(TM) 6 Update 32 (64-bit)
RP107: 6/28/2012 7:17:27 PM - Installed Java(TM) 7 Update 5
RP108: 6/28/2012 7:18:20 PM - Installed JavaFX 2.1.1
RP109: 6/28/2012 7:39:06 PM - Removed Java(TM) 6 Update 32 (64-bit)
RP110: 6/28/2012 7:51:28 PM - Removed Java(TM) 6 Update 32 (64-bit)
RP112: 6/28/2012 7:55:13 PM - Restore Point before Java(TM) 6 Update 32 (64-bit) was removed using Program Install and Uninstall troubleshooter
RP114: 6/28/2012 7:56:22 PM - Java(TM) 6 Update 32 (64-bit)
RP115: 6/28/2012 8:22:39 PM - Removed Java(TM) 7 Update 5
RP116: 6/28/2012 8:32:18 PM - Installed Java(TM) 6 Update 32
RP117: 6/29/2012 5:17:17 PM - Windows Update
RP118: 6/30/2012 1:18:03 PM - avast! Free Antivirus Setup
RP119: 7/5/2012 10:14:19 PM - Removed Adobe Community Help
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
Acrobat.com
Ad-Aware
Adobe AIR
Adobe Download Assistant
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.3)
Advanced Sound Recorder v6.0
Aleks 3.16
Always Remember Me
AMD USB Filter Driver
AMD VISION Engine Control Center
Audio Recorder for FREE v9.4
avast! Internet Security
AVG Security Toolbar
Backup Manager Basic
Best Buy Software Installer
Canon MP Navigator EX 1.0
Canon MP210 series User Registration
Canon Utilities Easy-PhotoPrint EX
Canon Utilities Solution Menu
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
CEP (Color Enable Package) v.9.2 (beta)
CleanUp!
Compatibility Pack for the 2007 Office system
CyberLink PowerDVD 8
Eclipse 1.4
Fantapper Player
Gateway InfoCentre
Gateway MyBackup
Gateway Power Management
Gateway Recovery Management
Gateway Registration
Gateway ScreenSaver
Gateway Updater
Google Talk Plugin
Google Toolbar for Internet Explorer
Google Update Helper
HP Games
HyperCam 2
Identity Card
Java Auto Updater
Java(TM) 6 Update 32
JavaFX 2.1.1
Launch Manager
Malwarebytes Anti-Malware version 1.61.0.1400
Microsoft Office 2000 SR-1 Professional
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Suite Activation Assistant
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Works
Microsoft_VC80_ATL_x86
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
Microsoft_VC90_MFCLOC_x86
Mozilla Firefox 13.0.1 (x86 en-US)
Mozilla Maintenance Service
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nexon Game Manager
Pando Media Booster
RE: Alistair++ 1
Realtek USB 2.0 Card Reader
Roxio Burn
Roxio Update Manager
RPG Maker VX
RPG MAKER VX Ace RTP
RPG Maker VX RTP
ScanSoft OmniPage SE 4
Security Update for CAPICOM (KB931906)
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition
Sims2Pack Clean Installer
The Sims 2
The Sims 2 Nightlife
The Sims 2 University
The Sims? 2 Seasons
Update for 2007 Microsoft Office System (KB967642)
Video Web Camera
Visual Studio 2008 x64 Redistributables
Welcome Center
Windows Live Sync
Windows Live Upload Tool
Windows Movie Maker 6.0.6000.16386
WinZip 15.5
Wizard101
YouTube Downloader 3.4
YouTube Downloader Toolbar v4.7
.
==== Event Viewer Messages From Past Week ========
.
7/7/2012 1:25:11 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the AMD FUEL Service service to connect.
7/7/2012 1:25:11 PM, Error: Service Control Manager [7000] - The AMD FUEL Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
7/7/2012 1:23:59 PM, Error: atikmdag [52236] - CPLIB :: General - Invalid Parameter
7/7/2012 1:23:59 PM, Error: atikmdag [43029] - Display is not active
7/6/2012 4:35:38 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000019 (0x0000000000000020, 0xfffff8a00fcf8110, 0xfffff8a00fcf8130, 0x0000000005020411). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 070612-50871-01.
7/6/2012 2:09:25 PM, Error: Service Control Manager [7000] - The Fantapper Player Update Service service failed to start due to the following error: The system cannot find the file specified.
7/6/2012 11:44:07 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the NTI IScheduleSvc service to connect.
7/6/2012 11:44:07 PM, Error: Service Control Manager [7000] - The NTI IScheduleSvc service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
6/30/2012 6:23:55 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Web Assistant Updater service to connect.
6/30/2012 3:30:59 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the eventlog service.
6/30/2012 3:12:19 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Dnscache service.
.
==== End Of File ===========================
cappi
Regular Member
 
Posts: 22
Joined: July 6th, 2012, 5:26 pm

Re: view.atdmt virus. IE9 back button doesn't work at times!

Unread postby melboy » July 7th, 2012, 3:19 pm

You have both AVG & Avast installed (as well as Ad-aware). Was Avast installed in compatibility mode?
User avatar
melboy
MRU Expert
MRU Expert
 
Posts: 3670
Joined: July 25th, 2008, 4:25 pm
Location: UK

Re: view.atdmt virus. IE9 back button doesn't work at times!

Unread postby cappi » July 7th, 2012, 4:48 pm

I do not think so, because when I right-clicked "properties"--> Compatibility tab, the box for "Run this program in compatibility mode" is unchecked.
cappi
Regular Member
 
Posts: 22
Joined: July 6th, 2012, 5:26 pm

Re: view.atdmt virus. IE9 back button doesn't work at times!

Unread postby melboy » July 7th, 2012, 4:56 pm

Multiple Anti Virus programs.

You are operating multiple Anti Virus programs on your computer:

    • Lavasoft Ad-aware
    • avast! Antivirus
    • AVG Anti-Virus

It is NOT safe to have more than one anti-virus installed on a system, and that doing so not only does not provide better protection, it will actually cause additional problems. Anti-virus programs patch into the system kernel. Having more than one anti-virus patching into the system kernel will not only destabilize a system, it can corrupt system files and it WILL cause crashes! You MUST remove all but one anti-virus program.

  • Click Start
  • Go to Control Panel
  • Go to Add/Remove Programs
  • Find and click Remove for the following (if present):

    Ad-Aware
    avast! Internet Security



Update Java Runtime

You are using an old version of Java. Oracle's Java (Was Sun Java) is sometimes updated in order to eliminate the exploitation of vulnerabilities in an existing version. For this reason, it's extremely important that you keep the program up to date, and also remove the older more vulnerable versions from your system.
The most current version of Oracle Java is: Java Runtime Environment Version 7 Update 5.

  • Go to Oracle Java
  • Scroll down to where it says "Java Platform, Standard Edition. Java SE 7 Update 5"
  • Click the Download JRE button to the right.
  • Check the box to Accept License Agreement
  • In the list of files, Look to Windows x86 Offline & click on the link to the right which says "jre-7u5-windows-i586.exe" and save the downloaded file to your desktop.
  • Uninstall all old versions of Java via Start > Control Panel > Add/Remove Programs:
    Java(TM) 6 Update 32
  • Install the new version by running the newly-downloaded file with the java icon which will be at your desktop, and follow the on-screen instructions.
  • Reboot your computer



Temporarily disable Malwarebytes' Anti-malware (mbam)

We need to temporarily disable mbam's realtime protection so it doesn't interfere with any fixes.

  • Right click the mbam system tray icon
  • Uncheck Start with windows
  • Uncheck Enable protection & click Yes to the prompt
  • Reboot your computer for the changes to take effect.



TFC

  • Please download TFC by Old Timer to your desktop,
  • Save any unsaved work. TFC will close all open application windows.
  • Right click on TFC.exe and select "Run as Administrator"
  • Click the Start button in the bottom left of TFC
  • If prompted, click "Yes" to reboot.

Note: Save your work. TFC will automatically close any open programs, let it run uninterrupted. It should not take longer than a couple of minutes , and may only take a few seconds. Only if needed will you be prompted to reboot.



Malwarebytes' Anti-Malware (MBAM)

As you have Malwarebytes' Anti-Malware installed on your computer. Could you please do a scan using these settings:

  • Open Malwarebytes' Anti-Malware
  • Select the Update tab
  • Click Check for Updates
  • After the update have been completed, Select the Scanner tab.
  • Select Perform Quick scan, then click on Scan
  • When done, you will be prompted. Click OK. If Items are found, then click on Show Results
  • Check all items then click on Remove Selected
  • After it has removed the items, Notepad will open. Please post this log in your next reply.

    The log can also be found here:
    1. C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
    2. Or via the Logs tab when the application is started.

Note: MBAM may ask to reboot your computer so it can continue with the removal process, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.
User avatar
melboy
MRU Expert
MRU Expert
 
Posts: 3670
Joined: July 25th, 2008, 4:25 pm
Location: UK

Re: view.atdmt virus. IE9 back button doesn't work at times!

Unread postby cappi » July 7th, 2012, 5:51 pm

Malwarebytes Anti-Malware (Trial) 1.61.0.1400
www.malwarebytes.org

Database version: v2012.07.07.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
lucy :: LUCY-PC [administrator]

Protection: Disabled

7/7/2012 4:43:09 PM
mbam-log-2012-07-07 (16-43-09).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 208394
Time elapsed: 4 minute(s), 18 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
cappi
Regular Member
 
Posts: 22
Joined: July 6th, 2012, 5:26 pm

Re: view.atdmt virus. IE9 back button doesn't work at times!

Unread postby melboy » July 7th, 2012, 5:56 pm

How are things running now - any problems?
User avatar
melboy
MRU Expert
MRU Expert
 
Posts: 3670
Joined: July 25th, 2008, 4:25 pm
Location: UK

Re: view.atdmt virus. IE9 back button doesn't work at times!

Unread postby cappi » July 7th, 2012, 6:31 pm

It is still there after surfing through the internet for a while. The full name is http://view.atdmt.com/COM/iview/3885193.

https://googleads.g.doubleclick.net/page shows up sometimes too.. This site acts the same way the atdmt's does. :shock:
cappi
Regular Member
 
Posts: 22
Joined: July 6th, 2012, 5:26 pm

Re: view.atdmt virus. IE9 back button doesn't work at times!

Unread postby melboy » July 7th, 2012, 6:49 pm

As I explained earlier, they are ad/tracking domains. Your hosts file is blocking the connection despite it showing in your history.

Have a more thorough read of the site I linked you to earlier. http://winhelp2002.mvps.org/hosts.htm

Atdmt in particular is related to Microsoft, doubleclick to Google. You will encounter these sites and others almost wherever you go on the internet. ;)
User avatar
melboy
MRU Expert
MRU Expert
 
Posts: 3670
Joined: July 25th, 2008, 4:25 pm
Location: UK

Re: view.atdmt virus. IE9 back button doesn't work at times!

Unread postby cappi » July 7th, 2012, 6:56 pm

Does it mean atdmt won't track everything I do (so it's just blocked, so it's ineffective of tracking) ? I'm paranoid about getting keylogged, because I enter sensitive info sometimes. I heard that it's a spyware - should be eliminated immediately - and that scare the heck out of me. This never happened until two weeks ago, so I'm a bit concern. :bounce:

I'm a newbie when it comes to these technical stuffs, so I don't know whether something is critical or just poo-poos. :D
cappi
Regular Member
 
Posts: 22
Joined: July 6th, 2012, 5:26 pm

Re: view.atdmt virus. IE9 back button doesn't work at times!

Unread postby melboy » July 8th, 2012, 8:12 am

Hi cappi :)

When you visit a website & you see adverts, banners etc, these can be loading from a server other than the one that is serving the webpage you are visiting. What a custom hosts file can do is block connections to the servers that display the adverts.

Websites can ask your browser to store cookies. Cookies are harmless text files used to store information specific to the website you are visiting - preferences, log-in details etc.

What some ad/tracking servers may do is store a cookie on your computer that details what adverts were shown to you, if you click through them etc so when you visit other affiliated webpages that can read the cookies, you may be shown adverts that are deemed relevant to you based on what they know about your browsing habits. Again, a custom hosts file can do is block connections to the servers that set these cookies.

Some people view this as an invasion of their privacy - others accept it as part & parcel of surfing the internet.

I heard that it's a spyware - should be eliminated immediately
Don't believe everything you read on the internet. Cookies, including tracking cookies are not malicious or harmfull.

This site acts the same way the atdmt's does

Just so I'm not misunderstanding you, clarify what you mean by that
Last edited by melboy on July 8th, 2012, 8:14 am, edited 1 time in total.
User avatar
melboy
MRU Expert
MRU Expert
 
Posts: 3670
Joined: July 25th, 2008, 4:25 pm
Location: UK

Re: view.atdmt virus. IE9 back button doesn't work at times!

Unread postby cappi » July 8th, 2012, 6:49 pm

This site acts the same way the atdmt's does

Just so I'm not misunderstanding you, clarify what you mean by that[/quote]


What I mean is that when it is not view.atdmt.com showing up in the box, it is https://googleads.g.doubleclick.net/page. The back button didn't work, so when I right-clicked on it, the latter site also shows up in the box. From what you said, I think it's no big deal also.
cappi
Regular Member
 
Posts: 22
Joined: July 6th, 2012, 5:26 pm
Advertisement
Register to Remove

Next

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 13 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware