Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

I'm sick, please help

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

I'm sick, please help

Unread postby GHEENEE1 » June 7th, 2011, 2:02 pm

My laptop is redirected after I search and click on a result. I also have random pop ups. Please look at my logs.
.
DDS (Ver_2011-06-03.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_25
Run by MIKE at 13:52:15 on 2011-06-07
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3838.2093 [GMT -4:00]
.
AV: Trend Micro AntiVirus *Enabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902}
SP: Trend Micro AntiVirus *Enabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
C:\Windows\system32\svchost.exe -k HsfXAudioService
C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Acer\Acer Updater\UpdaterService.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Trend Micro\Internet Security\TmProxy.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\PLFSetI.exe
C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Trend Micro\BM\TMBMSRV.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\PLFSetI.exe
C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.yahoo.com/
mDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACA ... 5t4881y738
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACA ... 5t4881y738
mWinlogon: Userinit=userinit.exe,
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: {9D425283-D487-4337-BAB6-AB8354A81457} - No File
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: {9D425283-D487-4337-BAB6-AB8354A81457} - No File
mRun: [Microsoft Works Update Detection] C:\Program Files (x86)\Microsoft Works\WkDetect.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/ ... ontrol.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{94F837FC-E677-49B3-9E6F-55B5C4226DD5} : DhcpNameServer = 192.168.1.1
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO-X64: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: {9D425283-D487-4337-BAB6-AB8354A81457} - No File
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: {9D425283-D487-4337-BAB6-AB8354A81457} - No File
mRun-x64: [Microsoft Works Update Detection] C:\Program Files (x86)\Microsoft Works\WkDetect.exe
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
Hosts: 127.0.0.1 http://www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\MIKE\AppData\Roaming\Mozilla\Firefox\Profiles\y6exvil2.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
FF - prefs.js: keyword.URL - hxxp://www.questscan.com/?tmp=nemo_resu ... &keywords=
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\2.0.40115.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
============= SERVICES / DRIVERS ===============
.
R1 mwlPSDFilter;mwlPSDFilter;C:\Windows\system32\DRIVERS\mwlPSDFilter.sys --> C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [?]
R1 mwlPSDNServ;mwlPSDNServ;C:\Windows\system32\DRIVERS\mwlPSDNServ.sys --> C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [?]
R1 mwlPSDVDisk;mwlPSDVDisk;C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys --> C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 aksdf;aksdf;C:\Windows\system32\DRIVERS\aksdf.sys --> C:\Windows\system32\DRIVERS\aksdf.sys [?]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 ePowerSvc;Acer ePower Service;C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2011-5-28 844320]
R2 Greg_Service;GRegService;C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [2009-6-4 1150496]
R2 HsfXAudioService;HsfXAudioService;C:\Windows\system32\svchost.exe -k HsfXAudioService [2009-7-13 20992]
R2 MWLService;MyWinLocker Service;C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe [2009-8-7 311592]
R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2009-8-20 62720]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-6-17 144640]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2011-5-28 1153368]
R2 tmpreflt;tmpreflt;C:\Windows\system32\DRIVERS\tmpreflt.sys --> C:\Windows\system32\DRIVERS\tmpreflt.sys [?]
R2 Updater Service;Updater Service;C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2009-8-22 240160]
R3 CAXHWAZL;CAXHWAZL;C:\Windows\system32\DRIVERS\CAXHWAZL.sys --> C:\Windows\system32\DRIVERS\CAXHWAZL.sys [?]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\k57nd60a.sys --> C:\Windows\system32\DRIVERS\k57nd60a.sys [?]
R3 TmProxy;Trend Micro Proxy Service;C:\Program Files\Trend Micro\Internet Security\TmProxy.exe [2011-5-28 917768]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\system32\DRIVERS\usbfilter.sys --> C:\Windows\system32\DRIVERS\usbfilter.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 NTIBackupSvc;NTI Backup Now 5 Backup Service;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-6-17 50432]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUStor.sys --> C:\Windows\system32\Drivers\RtsUStor.sys [?]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VSTAZL6.SYS --> C:\Windows\system32\DRIVERS\VSTAZL6.SYS [?]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VSTDPV6.SYS --> C:\Windows\system32\DRIVERS\VSTDPV6.SYS [?]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVERS\VSTCNXT6.SYS --> C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [?]
.
=============== Created Last 30 ================
.
2011-06-07 17:05:33 8718160 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2011-06-07 17:05:25 8718160 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E6DA6E57-38B5-4BC9-B067-28BF8499E122}\mpengine.dll
2011-06-06 21:09:53 -------- d-----w- C:\FONTZ
2011-06-05 12:49:28 55816 ----a-w- C:\Windows\CompGenCompGen2-uninstall.exe
2011-06-04 13:25:35 952 --sha-w- C:\Windows\SysWow64\KGyGaAvL.sys
2011-06-04 13:24:41 60423 ----a-w- C:\Windows\TCompGenTCompGen-uninstall.exe
2011-06-03 13:21:26 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2011-06-02 19:54:40 388096 ----a-r- C:\Users\MIKE\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-06-02 19:54:40 -------- d-----w- C:\Program Files (x86)\Trend Micro
2011-05-31 18:26:30 -------- d-----w- C:\Program Files (x86)\GCC
2011-05-31 14:24:49 28944 ----a-w- C:\Windows\SysWow64\msrecr40.dll
2011-05-30 21:01:24 -------- d-----w- C:\Users\MIKE\AppData\Roaming\FreeFixer
2011-05-30 21:01:24 -------- d-----w- C:\Users\MIKE\AppData\Local\FreeFixer
2011-05-30 21:01:17 -------- d-----w- C:\Program Files\FreeFixer
2011-05-30 13:05:46 -------- d-----w- C:\ProgramData\STOPzilla!
2011-05-30 11:01:54 99176 ----a-w- C:\Windows\SysWow64\PresentationHostProxy.dll
2011-05-30 11:01:53 49472 ----a-w- C:\Windows\SysWow64\netfxperf.dll
2011-05-30 11:01:53 48960 ----a-w- C:\Windows\System32\netfxperf.dll
2011-05-30 11:01:53 444752 ----a-w- C:\Windows\System32\mscoree.dll
2011-05-30 11:01:53 320352 ----a-w- C:\Windows\System32\PresentationHost.exe
2011-05-30 11:01:53 297808 ----a-w- C:\Windows\SysWow64\mscoree.dll
2011-05-30 11:01:53 295264 ----a-w- C:\Windows\SysWow64\PresentationHost.exe
2011-05-30 11:01:53 1130824 ----a-w- C:\Windows\SysWow64\dfshim.dll
2011-05-30 11:01:53 109912 ----a-w- C:\Windows\System32\PresentationHostProxy.dll
2011-05-30 11:01:52 1942856 ----a-w- C:\Windows\System32\dfshim.dll
2011-05-29 12:54:12 -------- d-----w- C:\Windows\pss
2011-05-28 19:46:31 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2011-05-28 19:46:31 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
2011-05-28 19:07:42 -------- d-----w- C:\Users\MIKE\AppData\Roaming\Malwarebytes
2011-05-28 19:07:30 38224 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
2011-05-28 19:07:30 -------- d-----w- C:\ProgramData\Malwarebytes
2011-05-28 19:07:27 24152 ----a-w- C:\Windows\System32\drivers\mbam.sys
2011-05-28 19:07:27 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-05-28 17:26:37 982912 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2011-05-28 17:20:14 -------- d-----w- C:\Users\MIKE\AppData\Local\ElevatedDiagnostics
2011-05-28 15:13:50 -------- d-----w- C:\Windows\Lan
2011-05-28 15:13:11 431104 ----a-w- C:\Windows\WisMvImg.exe
2011-05-28 15:13:11 249856 ----a-w- C:\Windows\Wisi2Bat.exe
2011-05-28 15:13:11 159744 ----a-w- C:\Windows\PatchFul.exe
2011-05-28 15:13:10 382976 ----a-w- C:\Windows\WisGAPasx64.exe
2011-05-28 15:13:10 335872 ----a-w- C:\Windows\ParseModule_X64.exe
2011-05-28 15:13:09 322048 ----a-w- C:\Windows\WisGAPas.exe
2011-05-28 15:13:09 225280 ----a-w- C:\Windows\ParseModule_X86.exe
2011-05-28 14:56:12 404640 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-05-28 14:28:21 -------- d-----w- C:\Users\MIKE\AppData\Local\Adobe
2011-05-28 14:24:05 -------- d-----w- C:\Program Files\CONEXANT
2011-05-28 14:07:33 -------- d-----w- C:\Users\MIKE\AppData\Roaming\EUROSYSTEMS
2011-05-28 14:07:02 191488 ----a-w- C:\Windows\SysWow64\hlvdd.dll
2011-05-28 14:06:56 314368 ----a-w- C:\Windows\System32\drivers\hardlock.sys
2011-05-28 14:06:47 69632 ----a-w- C:\Windows\SysWow64\hasp_inst_help1.dll
2011-05-28 14:06:47 671112 ----a-w- C:\Windows\SysWow64\hdinst_windows.dll
2011-05-28 14:06:47 65024 ----a-w- C:\Windows\System32\drivers\aksdf.sys
2011-05-28 14:06:47 28672 ----a-w- C:\Windows\SysWow64\hlduinst.exe
2011-05-28 14:06:46 3066968 ----a-w- C:\Windows\SysWow64\hinstd.dll
2011-05-28 14:06:46 2511360 ----a-w- C:\Windows\SysWow64\haspds_windows.dll
2011-05-28 14:06:46 153088 ----a-w- C:\Windows\SysWow64\UNWISE.EXE
2011-05-28 14:06:32 47104 ----a-w- C:\Windows\SysWow64\D2htls32.dll
2011-05-28 14:06:32 28976 ----a-w- C:\Windows\SysWow64\D2HTOOLS.DLL
2011-05-28 14:02:47 -------- d-----w- C:\Windows\Cache
2011-05-28 13:54:23 72192 ----a-w- C:\Windows\SysWow64\GC33_c30UI.dll
2011-05-28 13:54:23 60928 ----a-w- C:\Windows\SysWow64\GC33_c30.dll
2011-05-28 13:54:23 153088 ----a-w- C:\Program Files (x86)\UNWISE.EXE
2011-05-28 13:53:52 -------- d-----w- C:\Windows\SysWow64\gcctemp
2011-05-28 13:29:17 -------- d-----w- C:\ProgramData\QuestScan
2011-05-28 13:29:17 -------- d-----w- C:\Program Files (x86)\QuestScan
2011-05-28 13:23:40 65536 ----a-r- C:\Users\MIKE\AppData\Roaming\Microsoft\Installer\{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}\Shortcut0.C3A146F5_4B48_11D5_A819_00B0D0428C0C.exe
2011-05-28 13:20:29 -------- d-----w- C:\Program Files (x86)\Corel
2011-05-28 13:20:29 -------- d-----w- C:\Program Files (x86)\Common Files\Corel
2011-05-28 13:06:52 309840 ----a-w- C:\Windows\System32\drivers\tmxpflt.sys
2011-05-28 13:06:52 1988176 ----a-w- C:\Windows\System32\drivers\vsapint.sys
2011-05-28 13:06:51 42576 ----a-w- C:\Windows\System32\drivers\tmpreflt.sys
2011-05-28 13:05:09 434670 ----a-w- C:\Windows\System32\drivers\etc\tmvsthfud.bin
2011-05-28 13:05:09 434670 ----a-w- C:\Windows\System32\drivers\etc\tmvsthfss.bin
2011-05-28 13:03:06 -------- d-----w- C:\ProgramData\Trend Micro
2011-05-28 13:01:11 -------- d-----w- C:\Program Files\Trend Micro
2011-05-28 12:54:28 270720 ------w- C:\Windows\System32\MpSigStub.exe
2011-05-28 12:47:40 -------- d-----w- C:\ProgramData\NetZero
2011-05-28 12:23:25 -------- d-----w- C:\Users\MIKE\AppData\Roaming\Acer
2011-05-28 12:17:20 220672 ----a-w- C:\Windows\System32\wintrust.dll
2011-05-28 12:17:20 172032 ----a-w- C:\Windows\SysWow64\wintrust.dll
2011-05-28 12:17:17 139264 ----a-w- C:\Windows\System32\cabview.dll
2011-05-28 12:17:17 132608 ----a-w- C:\Windows\SysWow64\cabview.dll
2011-05-28 12:12:47 -------- d-----w- C:\ProgramData\OEM_E471269A730D
2011-05-28 11:56:34 4398360 ----a-w- C:\Windows\System32\d3dx9_32.dll
2011-05-28 11:56:34 3426072 ----a-w- C:\Windows\SysWow64\d3dx9_32.dll
2011-05-28 11:56:10 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2011-05-28 11:56:02 -------- d-----w- C:\Users\MIKE\AppData\Local\Diagnostics
2011-05-28 11:55:21 -------- d-----w- C:\Program Files (x86)\Microsoft
2011-05-28 11:55:04 -------- d-----w- C:\Program Files (x86)\Windows Live SkyDrive
2011-05-28 11:54:18 74520 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\f9a7e7661cc1d2d\DSETUP.dll
2011-05-28 11:54:18 484632 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\f9a7e7661cc1d2d\DXSETUP.exe
2011-05-28 11:54:18 1670936 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\f9a7e7661cc1d2d\dsetup32.dll
2011-05-28 11:53:50 140066664 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\wlc6A37.tmp
2011-05-28 11:53:42 -------- d-----w- C:\Program Files (x86)\Common Files\Windows Live
2011-05-28 11:53:24 -------- d-----w- C:\BOOK
2011-05-28 11:52:47 82432 ----a-w- C:\Windows\SysWow64\msxml4r.dll
2011-05-28 11:52:47 44544 ----a-w- C:\Windows\SysWow64\msxml4a.dll
2011-05-28 11:52:47 1233920 ----a-w- C:\Windows\SysWow64\msxml4.dll
2011-05-28 11:52:44 -------- d-----w- C:\Users\MIKE\AppData\Local\Google
2011-05-28 11:51:50 77824 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2011-05-28 11:51:50 32768 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2011-05-28 11:51:50 225280 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\IScript\iscript.dll
2011-05-28 11:51:50 176128 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2011-05-28 11:51:49 610436 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe
2011-05-28 11:48:12 -------- d-----w- C:\Users\MIKE\AppData\Local\ATI
2011-05-28 11:39:09 -------- d-----w- C:\Program Files (x86)\Launch Manager
2011-05-28 11:38:54 8362 ----a-w- C:\Windows\Suyin.reg
2011-05-28 11:38:54 626688 ----a-w- C:\Windows\Image.dll
2011-05-28 11:38:54 20480 ----a-w- C:\Windows\USB_VIDEO_REG.exe
2011-05-28 11:38:54 200704 ----a-w- C:\Windows\PLFSetI.exe
2011-05-28 11:38:54 1658880 ----a-w- C:\Windows\Acer Crystal Eye webcam.EXE
2011-05-28 11:38:15 -------- d-----w- C:\Program Files\Synaptics
2011-05-28 11:35:41 -------- d-----w- C:\Program Files\Common Files\ATI Technologies
2011-05-28 11:34:52 -------- d-----w- C:\Program Files\ATI
2011-05-28 11:34:49 -------- d-----w- C:\Program Files (x86)\ATI Technologies
2011-05-28 11:33:31 -------- d-----w- C:\Users\MIKE\AppData\Local\EgisTec
2011-05-28 11:33:31 -------- d-----w- C:\ProgramData\EgisTec
.
==================== Find3M ====================
.
2011-05-28 17:26:37 902656 ----a-w- C:\Windows\System32\d2d1.dll
.
============= FINISH: 13:53:15.00 ===============
You do not have the required permissions to view the files attached to this post.
GHEENEE1
Active Member
 
Posts: 3
Joined: June 2nd, 2011, 4:10 pm
Advertisement
Register to Remove

Re: I'm sick, please help

Unread postby Alander » June 9th, 2011, 8:45 am

Hello, I Am Alander :)

Welcome to the Malware Removal forums.

I would be glad to take a look at your log and help you with solving any malware problems.

DDS logs can take a while to research so please be patient while I work on your log and I will post back here with any recommendations.

As I am still training, everything that I post to you, must be checked by an Admin or Moderator.

Thus, there may be a tiny bit of a delay between posts. While it shouldn't be too long, you can be assured you will get the best possible advice.


  • I will working be on your Malware issues, this may or may not, solve other issues you have with your machine.
  • The fixes are specific to your problem and should only be used for this issue on this machine.
  • Please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear.
  • It's often worth reading through these instructions and printing them for ease of reference.
  • If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
  • Please reply to this thread. Do not start a new topic.
User avatar
Alander
Regular Member
 
Posts: 1603
Joined: September 15th, 2007, 2:04 pm
Location: Singapore

Re: I'm sick, please help

Unread postby Cypher » June 13th, 2011, 6:53 am

You are already receiving help with this problem at another forum .....

http://forums.spybot.info/showthread.php?t=62954

May I draw your attention to THIS topic, which you should have read before posting for help, and THIS where we tell you why this is not a good idea.

This topic is now closed
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 15148
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns


Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 286 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware