Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Some type of adware

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Some type of adware

Unread postby iowabucks » August 28th, 2012, 5:26 pm

Hey everyone, i just got my new computer built and it's only 3 weeks old and i have been seeing something strange that has to be some type of adware.

First i'll say i'm using Win7 and IE9. Occationally when i'm surfing i will hit the back arrow button and my browser doesn't seem to go anywhere unless it hit it many times. If you right click on the back arrow you will see a supposed history of the last pages you have been to. This history will always show a bunch of pages that i did not visit. Doesn't really do anything other than get in the way occationally.

I tried Super Adblocker but it didn't seem to have anywhere that i could type in or add sites i wanted to block. So i uninstalled it.
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.6.2
Run by Jerry at 16:19:32 on 2012-08-28
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.16332.14259 [GMT -5:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
C:\Program Files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.02\AsusFanControlService.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Windows\system32\IProsetMonitor.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_4_402_265_ActiveX.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\taskeng.exe
c:\Program Files\Microsoft Security Client\MpCmdRun.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.archerytalk.com/vb
mWinlogon: Userinit=userinit.exe,
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: Yontoo: {fd72061e-9fde-484d-a58a-0bab4151cad8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll
uRun: [DriverMax_RESTART]
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/s ... wflash.cab
DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - hxxp://ccfiles.creative.com/Web/softwar ... PIDPDE.cab
DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} - hxxp://ccfiles.creative.com/Web/softwar ... TSUEng.cab
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwar ... /CTPID.cab
TCP: DhcpNameServer = 66.207.0.3 66.207.0.2
TCP: Interfaces\{D34FC8C3-7FD1-4BA6-AFA5-F6EE5BF4709D} : DhcpNameServer = 66.207.0.3 66.207.0.2
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO-X64: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO-X64: Yontoo: {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll
BHO-X64: Yontoo Layers - No File
.
============= SERVICES / DRIVERS ===============
.
R0 asahci64;asahci64;C:\Windows\system32\DRIVERS\asahci64.sys --> C:\Windows\system32\DRIVERS\asahci64.sys [?]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\Windows\system32\DRIVERS\iusb3hcs.sys --> C:\Windows\system32\DRIVERS\iusb3hcs.sys [?]
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-4-4 63928]
R2 asComSvc;ASUS Com Service;C:\Program Files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe [2012-8-20 918448]
R2 asHmComSvc;ASUS HM Com Service;C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [2012-8-20 951936]
R2 AsSysCtrlService;ASUS System Control Service;C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [2012-8-20 149120]
R2 AsusFanControlService;AsusFanControlService;C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.02\AsusFanControlService.exe [2012-8-20 1470592]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-8-12 13592]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-1-10 627936]
R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;C:\Windows\system32\IProsetMonitor.exe --> C:\Windows\system32\IProsetMonitor.exe [?]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2012-8-12 161560]
R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-8-12 1262400]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-8-2 382312]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-8-12 363800]
R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\system32\DRIVERS\asmthub3.sys --> C:\Windows\system32\DRIVERS\asmthub3.sys [?]
R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\system32\DRIVERS\asmtxhci.sys --> C:\Windows\system32\DRIVERS\asmtxhci.sys [?]
R3 CT20XUT.SYS;CT20XUT.SYS;C:\Windows\system32\drivers\CT20XUT.SYS --> C:\Windows\system32\drivers\CT20XUT.SYS [?]
R3 CTEXFIFX.SYS;CTEXFIFX.SYS;C:\Windows\system32\drivers\CTEXFIFX.SYS --> C:\Windows\system32\drivers\CTEXFIFX.SYS [?]
R3 CTHWIUT.SYS;CTHWIUT.SYS;C:\Windows\system32\drivers\CTHWIUT.SYS --> C:\Windows\system32\drivers\CTHWIUT.SYS [?]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C;C:\Windows\system32\DRIVERS\e1c62x64.sys --> C:\Windows\system32\DRIVERS\e1c62x64.sys [?]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\iusb3hub.sys --> C:\Windows\system32\DRIVERS\iusb3hub.sys [?]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\Windows\system32\DRIVERS\iusb3xhc.sys --> C:\Windows\system32\DRIVERS\iusb3xhc.sys [?]
R3 MEIx64;Intel(R) Management Engine Interface ;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-8-13 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-8-13 250568]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2012-8-13 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2012-8-13 79360]
S3 CT20XUT;CT20XUT;C:\Windows\system32\drivers\CT20XUT.SYS --> C:\Windows\system32\drivers\CT20XUT.SYS [?]
S3 CTEXFIFX;CTEXFIFX;C:\Windows\system32\drivers\CTEXFIFX.SYS --> C:\Windows\system32\drivers\CTEXFIFX.SYS [?]
S3 CTHWIUT;CTHWIUT;C:\Windows\system32\drivers\CTHWIUT.SYS --> C:\Windows\system32\drivers\CTHWIUT.SYS [?]
S3 dmvsc;dmvsc;C:\Windows\system32\drivers\dmvsc.sys --> C:\Windows\system32\drivers\dmvsc.sys [?]
S3 DrvAgent64;DrvAgent64;C:\Windows\SysWOW64\drivers\DrvAgent64.SYS [2012-8-20 21712]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-8-13 116648]
S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]
S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-3-26 291696]
S3 SandraAgentSrv;SiSoftware Deployment Agent Service;C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011\RpcAgentSrv.exe [2012-8-16 93848]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2012-08-28 21:19:01 69000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2420B90C-82DC-4C12-9E10-7E8B5812D54A}\offreg.dll
2012-08-28 14:19:18 -------- d-----w- C:\Windows\System32\appmgmt
2012-08-28 12:13:45 -------- d-----w- C:\Users\Jerry\AppData\Roaming\SuperAdBlocker.com
2012-08-28 12:13:35 -------- d-----w- C:\Windows\SysWow64\URTTemp
2012-08-28 12:13:34 -------- d-----w- C:\Program Files (x86)\SuperAdBlocker.com
2012-08-28 12:12:43 -------- d-----w- C:\ProgramData\Tarma Installer
2012-08-28 12:12:43 -------- d-----w- C:\Program Files (x86)\Yontoo
2012-08-27 20:54:14 9309624 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2420B90C-82DC-4C12-9E10-7E8B5812D54A}\mpengine.dll
2012-08-26 20:13:15 9309624 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-08-26 16:31:56 -------- d-----w- C:\Users\Jerry\AppData\Local\Adobe
2012-08-25 13:48:39 -------- d-----w- C:\Users\Jerry\AppData\Local\Brice_Lambson
2012-08-25 13:47:28 -------- d-----w- C:\ProgramData\Package Cache
2012-08-25 13:47:28 -------- d-----w- C:\Program Files\Image Resizer for Windows
2012-08-25 13:47:28 -------- d-----w- C:\Program Files (x86)\Image Resizer for Windows
2012-08-24 01:42:02 -------- d-----w- C:\Users\Jerry\AppData\Roaming\PandoraRecovery
2012-08-21 01:34:44 -------- d-----w- C:\ProgramData\FanXpert2
2012-08-21 01:31:37 184320 ----a-w- C:\Windows\SysWow64\drivers\UpdateHelper.dll
2012-08-21 01:31:29 77824 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2012-08-21 01:31:29 614532 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe
2012-08-21 01:31:29 32768 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2012-08-21 01:31:29 225280 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\IScript\iscript.dll
2012-08-21 01:31:29 176128 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2012-08-21 01:31:04 -------- d-----w- C:\ProgramData\ASUS
2012-08-21 01:31:01 28672 ----a-w- C:\Windows\SysWow64\AsIO.dll
2012-08-21 01:31:01 13440 ----a-w- C:\Windows\SysWow64\drivers\AsIO.sys
2012-08-21 01:31:01 11832 ------w- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
2012-08-21 01:31:01 10216 ------w- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
2012-08-21 01:31:01 -------- d-----w- C:\Program Files (x86)\ASUS
2012-08-20 18:33:45 21712 ----a-w- C:\Windows\SysWow64\drivers\DrvAgent64.SYS
2012-08-20 18:33:45 -------- d-----w- C:\Users\Jerry\AppData\Local\eSupport.com
2012-08-18 14:32:05 -------- d-----w- C:\Users\Jerry\AppData\Local\Microsoft Corporation
2012-08-18 14:31:35 -------- d-----w- C:\Program Files (x86)\Microsoft Windows 7 Upgrade Advisor
2012-08-18 08:20:19 0 ----a-w- C:\ProgramData\xmlA990.tmp
2012-08-18 08:20:19 0 ----a-w- C:\ProgramData\xmlA7FA.tmp
2012-08-17 14:22:06 2561896 ----a-w- C:\Windows\System32\nvsvcr.dll
2012-08-17 14:21:57 -------- d-----w- C:\temp
2012-08-17 14:10:26 0 ----a-w- C:\ProgramData\xml9BB9.tmp
2012-08-17 14:10:26 0 ----a-w- C:\ProgramData\xml9A80.tmp
2012-08-17 13:33:15 0 ----a-w- C:\ProgramData\xml9128.tmp
2012-08-17 13:33:15 0 ----a-w- C:\ProgramData\xml8F05.tmp
2012-08-17 13:24:18 281872 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2012-08-17 13:10:38 -------- d-----w- C:\Users\Jerry\AppData\Roaming\NVIDIA
2012-08-17 13:10:31 -------- d-----w- C:\Program Files (x86)\GPU-Z
2012-08-17 02:17:32 0 ----a-w- C:\ProgramData\xml59AA.tmp
2012-08-17 02:17:32 0 ----a-w- C:\ProgramData\xml5881.tmp
2012-08-17 02:02:09 0 ----a-w- C:\ProgramData\xml42C0.tmp
2012-08-17 02:02:09 0 ----a-w- C:\ProgramData\xml4197.tmp
2012-08-17 02:01:47 95208 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2012-08-17 01:06:30 0 ----a-w- C:\ProgramData\xml4F2A.tmp
2012-08-17 01:06:29 13494 ----a-w- C:\ProgramData\xml4BBE.tmp
2012-08-17 01:06:29 10721 ----a-w- C:\ProgramData\xml4A28.tmp
2012-08-17 01:06:29 0 ----a-w- C:\ProgramData\xml4DA3.tmp
2012-08-17 01:03:17 -------- d-----w- C:\Program Files\CPUID
2012-08-16 14:05:16 0 ----a-w- C:\ProgramData\xmlF04C.tmp
2012-08-16 14:05:16 0 ----a-w- C:\ProgramData\xmlEE77.tmp
2012-08-16 14:05:15 13494 ----a-w- C:\ProgramData\xmlED2E.tmp
2012-08-16 14:05:15 10721 ----a-w- C:\ProgramData\xmlE9C4.tmp
2012-08-16 14:02:51 -------- d--h--w- C:\Windows\msdownld.tmp
2012-08-16 14:02:46 -------- d-----w- C:\Windows\SysWow64\directx
2012-08-16 14:02:42 -------- d-----w- C:\Program Files\SiSoftware
2012-08-15 11:49:10 -------- d-----w- C:\Users\Jerry\AppData\Local\Ideazon,_Inc
2012-08-15 11:49:07 -------- d-----w- C:\Users\Jerry\AppData\Roaming\Ideazon
2012-08-15 11:45:59 -------- d-----w- C:\Program Files (x86)\Ideazon
2012-08-15 11:26:47 -------- d-----w- C:\Users\Jerry\AppData\Local\PunkBuster
2012-08-15 11:26:23 -------- d-----w- C:\Users\Jerry\AppData\Local\Activision
2012-08-15 10:22:13 281872 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2012-08-15 10:22:13 111928 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2012-08-15 10:22:12 76888 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe
2012-08-15 10:22:12 682280 ----a-w- C:\Windows\SysWow64\pbsvc.exe
2012-08-15 10:12:23 -------- d-----w- C:\Program Files (x86)\Activision
2012-08-15 02:03:07 -------- d-----w- C:\Users\Jerry\AppData\Roaming\TS3Client
2012-08-14 13:42:45 -------- d-----w- C:\Program Files\CCleaner
2012-08-14 13:35:59 -------- d-----w- C:\Program Files (x86)\TeamSpeak 3 Client
2012-08-14 13:25:18 -------- d-----w- C:\Users\Jerry\AppData\Roaming\Xfire
2012-08-14 13:25:17 -------- d-----w- C:\ProgramData\Xfire
2012-08-14 13:25:17 -------- d-----w- C:\Program Files (x86)\Xfire
2012-08-14 13:07:02 -------- d-----w- C:\Users\Jerry\AppData\Local\Innovative Solutions
2012-08-14 13:07:00 -------- d-----w- C:\Program Files (x86)\Innovative Solutions
2012-08-14 12:57:48 -------- d-----w- C:\Program Files (x86)\Pandora Recovery
2012-08-14 12:55:28 -------- d-----w- C:\Program Files (x86)\Photo-grapher
2012-08-14 12:32:38 4398360 ----a-w- C:\Windows\System32\d3dx9_32.dll
2012-08-14 12:32:38 3426072 ----a-w- C:\Windows\SysWow64\d3dx9_32.dll
2012-08-14 12:32:33 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2012-08-14 12:32:23 -------- d-----w- C:\Program Files (x86)\Microsoft
2012-08-14 12:32:07 -------- d-----w- C:\Program Files (x86)\Windows Live SkyDrive
2012-08-14 12:31:49 -------- d-----w- C:\Windows\PCHEALTH
2012-08-14 12:31:02 74520 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\aa7a7d451cd7a18\DSETUP.dll
2012-08-14 12:31:02 484632 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\aa7a7d451cd7a18\DXSETUP.exe
2012-08-14 12:31:02 1670936 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\aa7a7d451cd7a18\dsetup32.dll
2012-08-14 12:25:51 -------- d-----w- C:\Program Files (x86)\Common Files\Windows Live
2012-08-14 12:07:06 737072 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll
2012-08-14 12:06:54 4283672 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2012-08-14 12:06:39 42776 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2012-08-14 12:06:31 539984 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2012-08-14 01:01:59 99840 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\HPZPPLHN.DLL
2012-08-13 09:56:53 647872 ------w- C:\Windows\SysWow64\Mscomct2.ocx
2012-08-13 09:56:53 53248 ------w- C:\Windows\Ctregrun.exe
2012-08-13 09:52:25 -------- d-----w- C:\ProgramData\Creative Labs
2012-08-13 09:37:51 12288 ----a-w- C:\Windows\System32\INRES.DLL
2012-08-13 08:44:04 -------- d-----w- C:\Users\Jerry\AppData\Local\Diagnostics
2012-08-13 08:07:45 -------- d-----w- C:\Users\Jerry\AppData\Local\Google
2012-08-13 08:05:05 991232 ----a-w- C:\Windows\SysWow64\imageviewer2.ocx
2012-08-13 08:05:05 608448 ----a-w- C:\Windows\SysWow64\comctl32.ocx
2012-08-13 08:05:05 224016 ----a-w- C:\Windows\SysWow64\tabctl32.ocx
2012-08-13 08:05:05 200704 ----a-w- C:\Windows\SysWow64\threed32.ocx
2012-08-13 08:05:05 1703936 ----a-w- C:\Windows\SysWow64\gdiplus.dll
2012-08-13 08:05:05 164144 ----a-w- C:\Windows\SysWow64\comct232.ocx
2012-08-13 08:05:05 151552 ----a-w- C:\Windows\SysWow64\ccrpfd6.ocx
2012-08-13 08:05:05 110592 ----a-w- C:\Windows\SysWow64\ccrpbds6.dll
2012-08-13 08:05:05 106496 ----a-w- C:\Windows\SysWow64\mbprgbar.ocx
2012-08-13 08:05:05 -------- d-----w- C:\Program Files (x86)\PIXresizer
2012-08-13 07:48:57 -------- d-----w- C:\Program Files (x86)\Oracle
2012-08-13 07:48:51 821736 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2012-08-13 07:48:51 746984 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-08-13 06:11:54 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll
2012-08-13 06:11:54 366592 ----a-w- C:\Windows\System32\qdvd.dll
2012-08-13 06:05:47 -------- d-----w- C:\Windows\SysWow64\Wat
2012-08-13 06:05:47 -------- d-----w- C:\Windows\System32\Wat
2012-08-13 05:52:06 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2012-08-13 05:52:05 81408 ----a-w- C:\Windows\System32\imagehlp.dll
2012-08-13 05:52:05 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
2012-08-13 05:52:05 5120 ----a-w- C:\Windows\System32\wmi.dll
2012-08-13 05:52:05 220672 ----a-w- C:\Windows\System32\wintrust.dll
2012-08-13 05:52:05 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll
2012-08-13 05:52:05 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2012-08-13 05:49:59 75776 ----a-w- C:\Windows\SysWow64\psisrndr.ax
2012-08-13 05:48:42 1731920 ----a-w- C:\Windows\System32\ntdll.dll
2012-08-13 05:47:24 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2012-08-13 05:47:24 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2012-08-13 05:47:24 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
2012-08-13 05:43:36 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2012-08-13 05:43:35 99840 ----a-w- C:\Windows\System32\wudriver.dll
2012-08-13 05:43:34 186752 ----a-w- C:\Windows\System32\wuwebv.dll
2012-08-13 05:43:33 36864 ----a-w- C:\Windows\System32\wuapp.exe
2012-08-13 05:41:34 73416 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-08-13 05:41:34 696520 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-08-13 05:36:17 927800 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FF6BC3DA-B124-4C79-AA0C-C320550DAE2B}\gapaengine.dll
2012-08-12 18:20:11 -------- d-----w- C:\Windows\Panther
2012-08-12 16:55:48 -------- d-----w- C:\Program Files\NVIDIA Corporation
2012-08-12 16:55:37 -------- d-----w- C:\NVIDIA
2012-08-12 16:36:52 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client
2012-08-12 16:36:46 -------- d-----w- C:\Program Files\Microsoft Security Client
2012-08-12 16:36:07 -------- d-----w- C:\Users\Jerry\AppData\Roaming\Malwarebytes
2012-08-12 16:35:51 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-08-12 16:35:51 -------- d-----w- C:\ProgramData\Malwarebytes
2012-08-12 16:35:51 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-08-12 16:26:01 -------- d-----w- C:\Program Files (x86)\Common Files\Intel Corporation
2012-08-12 16:24:01 -------- d-----w- C:\Users\Jerry\AppData\Roaming\Intel Corporation
2012-08-12 16:22:14 568600 ----a-w- C:\Windows\System32\drivers\iaStor.sys
2012-08-12 16:21:48 178344 ----a-w- C:\Windows\System32\IPROSetMonitor.exe
2012-08-12 16:21:42 355016 ----a-r- C:\Windows\System32\PROUnstl.exe
2012-08-12 16:21:09 68264 ----a-w- C:\Windows\System32\e1cmsg.dll
2012-08-12 16:21:09 36472 ----a-w- C:\Windows\System32\NicCo36.dll
2012-08-12 16:21:09 342704 ----a-w- C:\Windows\System32\drivers\e1c62x64.sys
2012-08-12 16:21:08 98496 ----a-w- C:\Windows\System32\NicInstC.dll
2012-08-12 16:18:50 -------- d-----w- C:\Program Files (x86)\ASM104xUSB3
2012-08-12 16:13:44 16152 ----a-w- C:\Windows\System32\drivers\iusb3hcs.sys
2012-08-12 16:13:38 355096 ----a-w- C:\Windows\System32\drivers\iusb3hub.sys
2012-08-12 16:13:37 786200 ----a-w- C:\Windows\System32\drivers\iusb3xhc.sys
2012-08-12 16:09:49 -------- d-----w- C:\Program Files (x86)\ASM106xSATA
2012-08-12 16:07:03 15128 ----a-w- C:\Windows\System32\drivers\IntelMEFWVer.dll
2012-08-12 16:06:51 -------- d-sh--w- C:\Windows\Installer
2012-08-12 16:06:48 -------- d-----w- C:\Program Files (x86)\Common Files\postureAgent
2012-08-12 16:01:08 60184 ----a-w- C:\Windows\System32\drivers\HECIx64.sys
2012-08-12 15:55:41 53248 ----a-r- C:\Windows\SysWow64\CSVer.dll
2012-08-12 15:51:31 -------- d-----w- C:\Intel
2012-08-12 15:49:51 -------- d-----w- C:\Windows\AsDmiHtm
2012-08-12 15:49:14 -------- d-----w- C:\Windows\Chipset
2012-08-12 15:49:12 16896 ----a-w- C:\Windows\AsTaskSched.dll
2012-08-12 15:49:10 296320 ----a-w- C:\Windows\System32\drivers\volsnap.sys
2012-08-12 15:45:19 -------- d-----w- C:\Users\Jerry\AppData\Local\ElevatedDiagnostics
2012-08-02 10:22:46 428904 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
.
==================== Find3M ====================
.
2012-08-13 09:38:01 466520 ----a-w- C:\Windows\System32\wrap_oal.dll
2012-08-13 09:38:01 445016 ----a-w- C:\Windows\SysWow64\wrap_oal.dll
2012-08-13 09:38:01 123480 ----a-w- C:\Windows\System32\OpenAL32.dll
2012-08-13 09:38:01 109144 ----a-w- C:\Windows\SysWow64\OpenAL32.dll
2012-08-02 13:49:00 9663848 ----a-w- C:\Windows\System32\nvcuda.dll
2012-08-02 12:07:43 3485076 ----a-w- C:\Windows\System32\nvcoproc.bin
2012-08-02 12:07:09 3266408 ----a-w- C:\Windows\System32\nvsvc64.dll
2012-08-02 12:06:52 6193000 ----a-w- C:\Windows\System32\nvcpl.dll
2012-08-02 12:05:44 891240 ----a-w- C:\Windows\System32\nvvsvc.exe
2012-08-02 12:05:44 63336 ----a-w- C:\Windows\System32\nvshext.dll
2012-08-02 12:05:43 118120 ----a-w- C:\Windows\System32\nvmctray.dll
2012-07-25 22:51:44 42440 ----a-w- C:\Windows\SysWow64\xfcodec.dll
2012-07-25 22:51:44 28104 ----a-w- C:\Windows\System32\xfcodec64.dll
2012-07-18 18:15:06 3148800 ----a-w- C:\Windows\System32\win32k.sys
2012-07-04 22:13:27 59392 ----a-w- C:\Windows\System32\browcli.dll
2012-07-04 22:13:27 136704 ----a-w- C:\Windows\System32\browser.dll
2012-07-04 21:14:34 41984 ----a-w- C:\Windows\SysWow64\browcli.dll
2012-06-29 03:56:34 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2012-06-29 03:49:11 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-06-29 03:48:07 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-06-29 03:43:49 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-06-29 03:39:48 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-06-29 00:16:58 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-06-29 00:09:01 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-06-29 00:08:59 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-06-29 00:04:43 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-06-29 00:00:45 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-06-06 06:06:16 2004480 ----a-w- C:\Windows\System32\msxml6.dll
2012-06-06 06:06:16 1881600 ----a-w- C:\Windows\System32\msxml3.dll
2012-06-06 06:02:54 1133568 ----a-w- C:\Windows\System32\cdosys.dll
2012-06-06 05:05:52 1390080 ----a-w- C:\Windows\SysWow64\msxml6.dll
2012-06-06 05:05:52 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll
2012-06-06 05:03:06 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll
2012-06-02 05:50:10 458704 ----a-w- C:\Windows\System32\drivers\cng.sys
2012-06-02 05:48:16 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2012-06-02 05:48:16 151920 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2012-06-02 05:45:31 340992 ----a-w- C:\Windows\System32\schannel.dll
2012-06-02 05:44:21 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2012-06-02 04:40:42 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2012-06-02 04:40:39 225280 ----a-w- C:\Windows\SysWow64\schannel.dll
2012-06-02 04:39:10 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2012-06-02 04:34:09 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
.
============= FINISH: 16:19:43.10 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 8/12/2012 10:41:53 AM
System Uptime: 8/28/2012 12:19:07 PM (4 hours ago)
.
Motherboard: ASUSTeK COMPUTER INC. | | P8Z77-V PRO
Processor: Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz | LGA1155 | 3301/103mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 477 GiB total, 406.812 GiB free.
D: is CDROM (UDF)
E: is Removable
F: is Removable
G: is Removable
H: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP31: 8/15/2012 10:57:03 PM - Windows Update
RP32: 8/16/2012 8:57:08 AM - SiSoftware Sandra Lite
RP33: 8/16/2012 9:04:33 AM - Installed DirectX
RP34: 8/16/2012 9:01:38 PM - Installed Java 7 Update 6
RP35: 8/17/2012 9:20:21 AM - Device Driver Package Install: NVIDIA Display adapters
RP36: 8/18/2012 9:31:31 AM - Installed Windows 7 Upgrade Advisor
RP37: 8/20/2012 7:54:32 AM - Windows Update
RP38: 8/20/2012 8:31:30 PM - Installed AI Suite II
RP39: 8/20/2012 8:31:38 PM - Installed FAN Xpert 2
RP40: 8/23/2012 8:08:42 AM - Windows Update
RP41: 8/25/2012 8:47:24 AM - Image Resizer for Windows
RP42: 8/26/2012 3:13:11 PM - Windows Update
RP43: 8/28/2012 7:13:30 AM - Installed Super Ad Blocker
RP44: 8/28/2012 9:18:11 AM - Removed Super Ad Blocker
RP45: 8/28/2012 9:19:34 AM - Removed Super Ad Blocker
RP46: 8/28/2012 9:19:52 AM - Removed Super Ad Blocker
RP47: 8/28/2012 9:20:05 AM - Removed Super Ad Blocker
.
==== Installed Programs ======================
.
Adobe Flash Player 11 ActiveX
Adobe Reader X (10.1.3)
AI Suite II
Asmedia ASM104x USB 3.0 Host Controller Driver
Asmedia ASM106x SATA Host Controller Driver
Call of Duty(R) - World at War(TM)
Call of Duty(R) - World at War(TM) 1.2 Patch
Call of Duty(R) - World at War(TM) 1.4 Patch
Call of Duty(R) - World at War(TM) 1.5 Patch
Call of Duty(R) - World at War(TM) 1.6 Patch
Call of Duty(R) - World at War(TM) 1.7 Patch
Creative ALchemy
Creative Audio Control Panel
Creative Console Launcher
Creative MediaSource 5
Creative Software AutoUpdate
Creative Sound Blaster Properties x64 Edition
Creative WaveStudio 7
DriverMax 6
Google Earth
Google Update Helper
Image Resizer for Windows
Intel(R) Management Engine Components
Intel(R) Rapid Storage Technology
Intel(R) USB 3.0 eXtensible Host Controller Driver
Internet TV for Windows Media Center
Java 7 Update 6
Java Auto Updater
JavaFX 2.1.1
Junk Mail filter update
Malwarebytes Anti-Malware version 1.62.0.1300
Microsoft Choice Guard
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
MSVCRT
NVIDIA PhysX
NVIDIA Stereoscopic 3D Driver
OpenAL
PandoraRecovery (Remove Only)
Photo-grapher 1
PIXresizer
PunkBuster Services
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
TeamSpeak 3 Client
TechPowerUp GPU-Z
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Windows 7 Upgrade Advisor
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
Windows Media Center Add-in for Flash
Xfire (remove only)
Z Engine
.
==== Event Viewer Messages From Past Week ========
.
8/28/2012 7:13:48 AM, Error: Service Control Manager [7000] - The SABProcEnum service failed to start due to the following error: This driver has been blocked from loading
8/28/2012 7:13:48 AM, Error: Application Popup [1060] - \??\C:\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\ has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
8/28/2012 7:13:47 AM, Error: Service Control Manager [7000] - The SABKUTIL service failed to start due to the following error: This driver has been blocked from loading
8/28/2012 7:13:47 AM, Error: Service Control Manager [7000] - The SABDIFSV service failed to start due to the following error: This driver has been blocked from loading
8/28/2012 11:39:24 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: SABKUTIL
.
==== End Of File ===========================
iowabucks
Regular Member
 
Posts: 50
Joined: January 5th, 2009, 1:07 am
Advertisement
Register to Remove

Re: Some type of adware

Unread postby deltalima » August 28th, 2012, 5:33 pm

User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 491 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware