Jump to content

Redirect of search results..


Recommended Posts

I keep getting redirected when I run a google search, and am mainly using Firefox. It doesn't happen 100% of the time, but often. I'm also getting messages from malwarebytes saying that it successfully stopped an outgoing process to different IP addresses.

DDS...

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_26

Run by Owner at 12:02:56 on 2012-03-21

Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.8191.6132 [GMT -4:00]

.

AV: Lavasoft Ad-Watch Live! Anti-Virus *Enabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}

AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}

SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Lavasoft Ad-Watch Live! *Enabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}

.

============== Running Processes ===============

.

C:\PROGRA~2\AVG\AVG2012\avgrsa.exe

C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe

C:\Program Files (x86)\Bonjour\mDNSResponder.exe

C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe

C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe

C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe

C:\Program Files (x86)\AVG\AVG2012\avgemca.exe

C:\Program Files (x86)\Kodak\AiO\Center\ekdiscovery.exe

c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

C:\Program Files (x86)\PDF Complete\pdfsvc.exe

C:\Windows\SysWOW64\PnkBstrA.exe

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\WUDFHost.exe

C:\Windows\system32\atieclxx.exe

C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\Temp\_ex-68.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe

C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe

C:\Windows\System32\spool\drivers\x64\3\EKIJ5000MUI.exe

C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe

C:\Windows\system32\wuauclt.exe

C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe

C:\Program Files (x86)\AVG\AVG2012\avgtray.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Program Files (x86)\SteelSeries\World of Warcraft MMO Gaming Mouse\WoWMHID.exe

C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe

C:\Program Files (x86)\Razer\Anansi\RazerAnansiSysTray.exe

C:\Program Files (x86)\Plantronics\PlantronicsURE\PlantronicsURE.exe

C:\Program Files (x86)\Plantronics\PlantronicsURE\PlantronicsBatteryStatus.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files (x86)\SteelSeries\World of Warcraft MMO Gaming Mouse\WoWMTray.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe

C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

C:\Windows\system32\svchost.exe -k SDRSVC

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\Windows\System32\svchost.exe -k swprv

C:\Windows\system32\msiexec.exe

C:\Windows\system32\vssvc.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.charter.net/

uSearch Page = hxxp://www.charter.net/google/index.php?q=

uWindow Title = Powered by Charter Communications

mWinlogon: Userinit=userinit.exe

BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll

BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

BHO: Ad-Aware Security Toolbar: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

TB: Ad-Aware Security Toolbar: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll

uRun: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe

uRun: [Google Update] "C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe" /c

mRun: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe

mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe

mRun: [<NO NAME>]

mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"

mRun: [Conime] %windir%\system32\conime.exe

mRun: [EKIJ5000StatusMonitor] C:\Windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [steelSeries World of Warcraft MMO Gaming Mouse] "C:\Program Files (x86)\SteelSeries\World of Warcraft MMO Gaming Mouse\WoWMHID.exe"

mRun: [Ad-Aware Browsing Protection] "C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe"

mRun: [Razer Anansi Driver] C:\Program Files (x86)\Razer\Anansi\RazerAnansiSysTray.exe

mRun: [PlantronicsURE.exe] C:\Program Files (x86)\Plantronics\PlantronicsURE\PlantronicsURE.exe

mRun: [PlantronicsBatteryStatus.exe] C:\Program Files (x86)\Plantronics\PlantronicsURE\PlantronicsBatteryStatus.exe

mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

mRun: [dplaysvr] C:\Windows\system32\config\systemprofile\AppData\Local\dplaysvr.exe

mRun: [MozillaAgent] C:\Windows\Temp\_ex-68.exe

dRun: [dplaysvr] C:\Windows\system32\config\systemprofile\AppData\Local\dplaysvr.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SNAPFI~1.LNK - C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {7F9DB11C-E358-4ca6-A83D-ACC663939424} - {9999A076-A9E2-4C99-8A2B-632FC9429223} - C:\Program Files (x86)\Bonjour\ExplorerPlugin.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

TCP: DhcpNameServer = 68.115.71.53 68.113.206.10 66.189.0.100

TCP: Interfaces\{19BCE357-FCC4-4BBA-BF0C-007C39743E8C} : DhcpNameServer = 68.115.71.53 68.113.206.10 66.189.0.100

TCP: Interfaces\{7F30B669-D53D-460F-9BF6-43D090FBDBB9} : DhcpNameServer = 168.94.0.15 168.94.0.14

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll

BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File

BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

BHO-X64: Ad-Aware Security Toolbar: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll

BHO-X64: Ad-Aware Security Toolbar - No File

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO-X64: SkypeIEPluginBHO - No File

BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

TB-X64: Ad-Aware Security Toolbar: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll

mRun-x64: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe

mRun-x64: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun-x64: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe

mRun-x64: [(Default)]

mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"

mRun-x64: [Conime] %windir%\system32\conime.exe

mRun-x64: [EKIJ5000StatusMonitor] C:\Windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe

mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun-x64: [steelSeries World of Warcraft MMO Gaming Mouse] "C:\Program Files (x86)\SteelSeries\World of Warcraft MMO Gaming Mouse\WoWMHID.exe"

mRun-x64: [Ad-Aware Browsing Protection] "C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe"

mRun-x64: [Razer Anansi Driver] C:\Program Files (x86)\Razer\Anansi\RazerAnansiSysTray.exe

mRun-x64: [PlantronicsURE.exe] C:\Program Files (x86)\Plantronics\PlantronicsURE\PlantronicsURE.exe

mRun-x64: [PlantronicsBatteryStatus.exe] C:\Program Files (x86)\Plantronics\PlantronicsURE\PlantronicsBatteryStatus.exe

mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

mRun-x64: [dplaysvr] C:\Windows\system32\config\systemprofile\AppData\Local\dplaysvr.exe

mRun-x64: [MozillaAgent] C:\Windows\Temp\_ex-68.exe

Hosts: 149.5.18.172 www.google-analytics.com.

Hosts: 149.5.18.172 ad-emea.doubleclick.net.

Hosts: 149.5.18.172 www.statcounter.com.

Hosts: 108.163.215.51 www.google-analytics.com.

Hosts: 108.163.215.51 ad-emea.doubleclick.net.

.

Note: multiple HOSTS entries found. Please refer to Attach.txt

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\rkvae70x.default\

FF - component: C:\Program Files (x86)\AVG\AVG10\Firefox\components\avgssff.dll

FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\Users\Owner\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

.

============= SERVICES / DRIVERS ===============

.

R0 AVGIDSEH;AVGIDSEH;C:\Windows\system32\DRIVERS\AVGIDSEH.Sys --> C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [?]

R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?]

R0 Lbd;Lbd;C:\Windows\system32\DRIVERS\Lbd.sys --> C:\Windows\system32\DRIVERS\Lbd.sys [?]

R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?]

R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?]

R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?]

R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]

R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]

R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]

R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-8-2 192776]

R2 CinemaNow Service;CinemaNow Service;C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe [2010-6-12 400368]

R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]

R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-9-9 86072]

R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-3-28 94264]

R2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;C:\Program Files (x86)\Kodak\AiO\Center\ekdiscovery.exe [2009-8-5 284016]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-3-21 652360]

R2 pdfcDispatcher;PDF Document Manager;C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2010-8-18 635416]

R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]

R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]

R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]

R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys --> C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [?]

R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys --> C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [?]

R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]

R3 Mo3Fltr;MMO Mouse;C:\Windows\system32\drivers\Mo3Fltr.sys --> C:\Windows\system32\drivers\Mo3Fltr.sys [?]

R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\system32\DRIVERS\netr28x.sys --> C:\Windows\system32\DRIVERS\netr28x.sys [?]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]

R3 RzSynapse;Razer Driver;C:\Windows\system32\DRIVERS\RzSynapse.sys --> C:\Windows\system32\DRIVERS\RzSynapse.sys [?]

R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]

R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]

R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]

R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]

R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]

R3 usbfilter;AMD USB Filter Driver;C:\Windows\system32\DRIVERS\usbfilter.sys --> C:\Windows\system32\DRIVERS\usbfilter.sys [?]

S2 CLKMSVC10_C6F09094;CyberLink Product - 2010/08/18 00:50:43;C:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\HDDVD\NavFilter\kmsvc.exe [2010-8-18 245232]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2011-11-3 2152152]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-2-15 158856]

S3 Lavasoft Kernexplorer;Lavasoft helper driver;C:\Program Files (x86)\Lavasoft\Ad-Aware\kernexplorer64.sys [2011-10-6 17152]

S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]

.

=============== Created Last 30 ================

.

2012-03-21 15:39:11 -------- d-----w- C:\Program Files (x86)\MALWAREBYTES ANTI-MALWARE

2012-03-21 08:40:03 862208 ----a-w- C:\ProgramData\isecurity.exe

2012-03-21 04:29:48 -------- d-----w- C:\Users\Owner\AppData\Roaming\Malwarebytes

2012-03-21 04:29:41 23152 ----a-w- C:\Windows\System32\drivers\mbam.sys

2012-03-21 04:29:41 -------- d-----w- C:\ProgramData\Malwarebytes

2012-03-21 04:29:41 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2012-03-20 05:10:44 20480 ----a-w- C:\Windows\svchost.exe

2012-03-20 02:52:41 -------- d-----w- C:\sh4ldr

2012-03-20 02:52:41 -------- d-----w- C:\Program Files\Enigma Software Group

2012-03-20 01:58:27 5120 ----a-w- C:\ProgramData\Microsoft\Windows\DRM\A4AE.tmp

2012-03-20 01:58:27 5120 ----a-w- C:\ProgramData\Microsoft\Windows\DRM\A49E.tmp

2012-03-14 07:02:04 5504880 ----a-w- C:\Windows\System32\ntoskrnl.exe

2012-03-14 07:02:04 3957616 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe

2012-03-14 07:02:03 3902320 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe

.

==================== Find3M ====================

.

2012-03-14 01:27:41 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2012-02-15 06:27:54 1031680 ----a-w- C:\Windows\System32\rdpcore.dll

2012-02-15 05:44:57 826368 ----a-w- C:\Windows\SysWow64\rdpcore.dll

2012-02-15 04:47:21 204800 ----a-w- C:\Windows\System32\drivers\rdpwd.sys

2012-02-15 04:46:59 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys

2012-02-10 06:18:10 1541120 ----a-w- C:\Windows\System32\DWrite.dll

2012-02-10 06:17:55 1837568 ----a-w- C:\Windows\System32\d3d10warp.dll

2012-02-10 06:17:54 902656 ----a-w- C:\Windows\System32\d2d1.dll

2012-02-10 06:17:54 320512 ----a-w- C:\Windows\System32\d3d10_1core.dll

2012-02-10 06:17:54 197120 ----a-w- C:\Windows\System32\d3d10_1.dll

2012-02-10 05:41:38 1074176 ----a-w- C:\Windows\SysWow64\DWrite.dll

2012-02-10 05:41:20 218624 ----a-w- C:\Windows\SysWow64\d3d10_1core.dll

2012-02-10 05:41:20 161792 ----a-w- C:\Windows\SysWow64\d3d10_1.dll

2012-02-10 05:41:20 1170944 ----a-w- C:\Windows\SysWow64\d3d10warp.dll

2012-02-10 05:41:19 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll

2012-02-03 04:16:03 3143168 ----a-w- C:\Windows\System32\win32k.sys

2012-01-25 06:27:11 76288 ----a-w- C:\Windows\System32\rdpwsx.dll

2012-01-25 06:27:11 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll

2012-01-25 06:20:59 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe

2012-01-04 09:58:13 509952 ----a-w- C:\Windows\System32\ntshrui.dll

2012-01-04 09:03:07 442880 ----a-w- C:\Windows\SysWow64\ntshrui.dll

2012-01-03 06:24:52 515584 ----a-w- C:\Windows\System32\timedate.cpl

2012-01-03 05:44:24 478208 ----a-w- C:\Windows\SysWow64\timedate.cpl

2011-12-28 03:59:11 499200 ----a-w- C:\Windows\System32\drivers\afd.sys

.

============= FINISH: 12:04:07.29 ===============

And Attach..

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume1

Install Date: 9/26/2010 8:52:54 AM

System Uptime: 3/21/2012 3:41:09 AM (9 hours ago)

.

Motherboard: FOXCONN | | 2AB1

Processor: AMD Phenom II X6 1045T Processor | CPU 1 | 2700/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 919 GiB total, 835.459 GiB free.

D: is FIXED (NTFS) - 12 GiB total, 1.48 GiB free.

E: is CDROM ()

F: is Removable

G: is Removable

H: is Removable

I: is Removable

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP131: 3/18/2012 7:00:04 PM - Windows Backup

RP132: 3/19/2012 10:51:51 PM - Installed SpyHunter

RP133: 3/19/2012 11:16:07 PM - Removed SpyHunter

RP134: 3/19/2012 11:21:50 PM - Removed SpyHunter

RP135: 3/19/2012 11:24:10 PM - Removed SpyHunter

RP136: 3/19/2012 11:27:01 PM - Removed SpyHunter

RP137: 3/19/2012 11:53:33 PM - Restore Operation

RP138: 3/20/2012 12:03:15 AM - Windows Update

RP139: 3/20/2012 1:01:53 AM - Restore Operation

RP140: 3/20/2012 1:20:02 AM - Windows Backup

RP141: 3/21/2012 3:00:13 AM - Windows Update

RP142: 3/21/2012 11:58:03 AM - PC Decrapifier Restore Point

RP143: 3/21/2012 12:01:53 PM - Removed Zinio Reader 4

.

==== Hosts File Hijack ======================

.

Hosts: 149.5.18.172 www.google-analytics.com.

Hosts: 149.5.18.172 ad-emea.doubleclick.net.

Hosts: 149.5.18.172 www.statcounter.com.

Hosts: 108.163.215.51 www.google-analytics.com.

Hosts: 108.163.215.51 ad-emea.doubleclick.net.

Hosts: 108.163.215.51 www.statcounter.com.

.

==== Installed Programs ======================

.

Ad-Aware

Ad-Aware Security Toolbar

Adobe AIR

Adobe Flash Player 10 ActiveX

aiofw

aioscnnr

Catalyst Control Center - Branding

Catalyst Control Center Graphics Previews Common

Catalyst Control Center Graphics Previews Vista

Catalyst Control Center InstallProxy

Catalyst Control Center Localization All

ccc-core-static

CCC Help Chinese Standard

CCC Help Chinese Traditional

CCC Help Czech

CCC Help Danish

CCC Help Dutch

CCC Help English

CCC Help Finnish

CCC Help French

CCC Help German

CCC Help Greek

CCC Help Hungarian

CCC Help Italian

CCC Help Japanese

CCC Help Korean

CCC Help Norwegian

CCC Help Polish

CCC Help Portuguese

CCC Help Russian

CCC Help Spanish

CCC Help Swedish

CCC Help Thai

CCC Help Turkish

center

Charter Browser Updater

CinemaNow Media Manager

CyberLink DVD Suite Deluxe

DVD Menu Pack for HP MediaSmart Video

Google Chrome

Hewlett-Packard ACLM.NET v1.1.2.0

HP Advisor

HP Customer Experience Enhancements

HP MediaSmart CinemaNow 2.0

HP MediaSmart DVD

HP MediaSmart Music

HP MediaSmart Photo

HP MediaSmart Video

HP MediaSmart/TouchSmart Netflix

HP Odometer

HP Setup

HP Support Assistant

HP Support Information

HP Update

HydraVision

Java Auto Updater

Java 6 Update 26

Junk Mail filter update

Kobo

KODAK AiO Home Center

ksDIP

LabelPrint

LightScribe System Software

Malwarebytes Anti-Malware version 1.60.1.1000

Microsoft Choice Guard

Microsoft Office 2010

Microsoft Office Click-to-Run 2010

Microsoft Office Starter 2010 - English

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft WSE 3.0 Runtime

Movie Theme Pack for HP MediaSmart Video

Mozilla Firefox 10.0.2 (x86 en-US)

MSVCRT

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

PDF Complete Special Edition

PhotoNow!

PictureMover

Plantronics Spokes Software

Power2Go

PowerDirector

PreReq

PressReader

Ralink RT2860 Wireless LAN Card

Razer Anansi

Realtek High Definition Audio Driver

Recovery Manager

Roxio CinemaNow 2.0

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Skype Click to Call

Skype™ 5.8

System Requirements Lab

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Ventrilo Client

Visual C++ 2008 x86 Runtime - (v9.0.30729)

Visual C++ 2008 x86 Runtime - v9.0.30729.01

Visual Studio 2008 x64 Redistributables

Windows Live Call

Windows Live Communications Platform

Windows Live Essentials

Windows Live Mail

Windows Live Messenger

Windows Live Movie Maker

Windows Live Photo Gallery

Windows Live Sync

Windows Live Upload Tool

Windows Live Writer

World of Warcraft

World of Warcraft MMO Gaming Mouse

.

==== Event Viewer Messages From Past Week ========

.

3/21/2012 3:20:55 AM, Error: Service Control Manager [7034] - The Lavasoft Ad-Aware Service service terminated unexpectedly. It has done this 1 time(s).

3/21/2012 3:20:33 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the hpqwmiex service to connect.

3/21/2012 3:20:33 AM, Error: Service Control Manager [7000] - The hpqwmiex service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

3/19/2012 11:25:09 PM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.

3/19/2012 11:20:44 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Presentation Foundation Font Cache 3.0.0.0 service to connect.

3/19/2012 11:20:44 PM, Error: Service Control Manager [7000] - The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

3/17/2012 6:02:28 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the lmhosts service.

.

==== End Of File ===========================

Thanks in advance. I posted yesterday, but frankly I screwed that post up so badly I thought it best start over hehe.

Link to post
Share on other sites

Hello and Welcome to the forum.

Looks like you're running 2 anti-virus programs.

AV: Lavasoft Ad-Watch Live! Anti-Virus *Enabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}

AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}

Never install more than one Antivirus and Firewall! Rather than giving you extra protection, it will decrease the reliability of it seriously!

The reason for this is that if both products have their automatic (Real-Time) protection switched on, your system may lock up due to both software products attempting to access the same file at the same time.

Also because more than one Antivirus and Firewall installed are not compatible with each other, it can cause system performance problems and a serious system slowdown.

Please do not delete anything unless instructed to.

1.Click Start > Settings > Control Panel.

2.Next, open Add/Remove Programs and remove either:

Lavasoft

AVG

Next:

post-32477-1261866970.gif

Logs will be closed if you haven't replied within 3 days

Please don't attach the scans / logs for these tools, use "copy/paste".

DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision.

Doing so could make your pc inoperatible and could require a full reinstall of your OS, losing all your programs and data.

Please run a new MBAM scan being sure to update before scanning.

Post the scan results

Also please describe how your computer behaves at the moment.

Please don't attach the scans / logs, use "copy/paste".

Link to post
Share on other sites

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.