Jump to content

Internet Explorer Hijacked by Secured2.Lavasoft.com


Joey04

Recommended Posts

DS (Ver_2012-11-20.01) - NTFS_AMD64 

Internet Explorer: 11.0.9600.16428  BrowserJavaVersion: 10.45.2

Run by Laura at 22:20:12 on 2014-02-07

Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.3839.1912 [GMT -6:00]

.

AV: Trend Micro Titanium Internet Security *Disabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902}

AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}

SP: Trend Micro Titanium Internet Security *Disabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: IObit Malware Fighter *Enabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D}

SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

.

============== Running Processes ===============

.

C:\windows\system32\lsm.exe

C:\windows\system32\svchost.exe -k DcomLaunch

C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe

C:\windows\system32\svchost.exe -k RPCSS

C:\windows\system32\atiesrxx.exe

C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\windows\system32\svchost.exe -k LocalService

C:\windows\system32\svchost.exe -k netsvcs

C:\windows\system32\svchost.exe -k GPSvcGroup

C:\Program Files\HitmanPro\hmpsched.exe

C:\windows\system32\atieclxx.exe

C:\windows\system32\svchost.exe -k NetworkService

C:\Program Files\AVAST Software\Avast\AvastSvc.exe

C:\windows\System32\spoolsv.exe

C:\windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe

C:\Windows\SysWOW64\AsHookDevice.exe

C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\windows\System32\svchost.exe -k HPZ12

C:\windows\System32\svchost.exe -k HPZ12

C:\Program Files\Trend Micro\Titanium\TiMiniService.exe

C:\Program Files\Trend Micro\Titanium\TiResumeSrv.exe

C:\windows\system32\viakaraokesrv.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\windows\system32\wbem\wmiprvse.exe

C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\windows\System32\svchost.exe -k secsvcs

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\windows\system32\SearchIndexer.exe

C:\windows\system32\taskhost.exe

C:\windows\system32\Dwm.exe

C:\windows\Explorer.EXE

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\windows\system32\taskeng.exe

C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe

C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe

C:\Program Files (x86)\ASUS\AI Manager\AsShellApplication.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MMLoadDrv.exe

C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe

C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

C:\windows\System32\svchost.exe -k LocalServicePeerNet

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

C:\windows\servicing\TrustedInstaller.exe

C:\windows\system32\wbem\wmiprvse.exe

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

C:\windows\system32\taskeng.exe

C:\windows\system32\SearchProtocolHost.exe

C:\windows\system32\SearchFilterHost.exe

C:\Users\Laura\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Laura\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Laura\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Laura\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Laura\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Laura\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Laura\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Laura\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Laura\AppData\Local\Google\Chrome\Application\chrome.exe

C:\windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.


mWinlogon: Userinit = userinit.exe,

BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll

BHO: AccelerateTab: {48A789BF-F6D6-4930-9C8B-77855A63EDE1} - C:\Program Files (x86)\Secure Speed Dial\IE\SpeedDial.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO: Advanced SystemCare Browser Protection: {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll

BHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe32.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

BHO: Adblock: {EF5F59BA-B2AB-48D8-9747-54DF806C73B8} - C:\Program Files (x86)\Secure Speed Dial\IE\ADBlock\IE\Adblock.dll

TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

TB: avast! Online Security: {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

uRun: [Google Update] "C:\Users\Laura\AppData\Local\Google\Update\GoogleUpdate.exe" /c

mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r

mRun: [RunAIShell] C:\Program Files (x86)\ASUS\AI Manager\AsShellApplication.exe

mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.104.216\AsusWSPanel.exe /S

mRun: [F5D7050v3] C:\Program Files (x86)\Belkin\F5D7050v3\Belkinwcui.exe

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [iObit Malware Fighter] "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart

mRun: [Ad-Aware Browsing Protection] "C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe"

dRun: [Advanced SystemCare 7] "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ASUSVI~1.LNK - C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe

uPolicies-Explorer: NoDriveTypeAutoRun = dword:221

mPolicies-Explorer: NoActiveDesktop = dword:1

mPolicies-Explorer: NoActiveDesktopChanges = dword:1

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

.

INFO: HKCU has more than 50 listed domains.

If you wish to scan all of them, select the 'Force scan all domains' option.

.

TCP: NameServer = 192.168.1.254

TCP: Interfaces\{3CBDA608-F54A-48D0-BDB7-71A42DC4CA63} : DHCPNameServer = 192.168.1.254

TCP: Interfaces\{826B36AA-483A-4BB7-94F7-A0756095FE7F} : DHCPNameServer = 192.168.1.254

TCP: Interfaces\{826B36AA-483A-4BB7-94F7-A0756095FE7F}\2375942554330393 : DHCPNameServer = 192.168.1.254

TCP: Interfaces\{9D8BD964-9533-4BD2-8C94-A7A11F595B9B} : DHCPNameServer = 192.168.1.254

Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe32.dll

Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

SSODL: WebCheck - <orphaned>

x64-BHO: ExplorerWnd Helper: {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll

x64-BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg.dll

x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll

x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll

x64-BHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe64.dll

x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll

x64-TB: avast! Online Security: {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll

x64-Run: [VizorHtmlDialog.exe] "C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe" "DEF" "EULA" "C:\Program Files\Trend Micro\Titanium\UI\Installer.cmpt\resources\preinstall_01_welcome_trial.html" "DEF" "DEF" "DEF"

x64-Run: [Trend Micro Client Framework] "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe"

x64-Run: [Trend Micro Titanium] C:\Program Files\Trend Micro\Titanium\VizorShortCut.exe -ReFlush "none" "none"

x64-Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe64.dll

x64-Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg.dll

x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>

x64-SSODL: WebCheck - <orphaned>

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Laura\AppData\Roaming\Mozilla\Firefox\Profiles\mieio617.default\


FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Unity\WebPlayer\loader\npUnity3D32.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll

FF - plugin: C:\Users\Laura\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll

FF - plugin: C:\Users\Laura\AppData\Local\Roblox\Versions\version-037c042a4c1b49fd\NPRobloxProxy.dll

FF - plugin: C:\Users\Laura\Desktop\Joey music\npAmazonMP3DownloaderPlugin10171.dll

FF - plugin: C:\windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll

.

============= SERVICES / DRIVERS ===============

.

R0 amd_xata;amd_xata;C:\windows\System32\drivers\amd_xata.sys [2011-10-21 40064]

R0 aswRvrt;avast! Revert;C:\windows\System32\drivers\aswRvrt.sys [2013-8-2 65776]

R0 aswVmm;avast! VM Monitor;C:\windows\System32\drivers\aswVmm.sys [2013-8-2 207904]

R0 SmartDefragDriver;SmartDefragDriver;C:\windows\System32\drivers\SmartDefragDriver.sys [2014-1-2 21184]

R1 aswSnx;aswSnx;C:\windows\System32\drivers\aswSnx.sys [2013-8-2 1038072]

R1 aswSP;aswSP;C:\windows\System32\drivers\aswSP.sys [2013-8-2 421704]

R2 AdvancedSystemCareService7;Advanced SystemCare Service 7;C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [2014-1-18 881440]

R2 AMD External Events Utility;AMD External Events Utility;C:\windows\System32\atiesrxx.exe [2011-10-21 238080]

R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-6-29 365568]

R2 aswMonFlt;aswMonFlt;C:\windows\System32\drivers\aswMonFlt.sys [2013-8-2 78648]

R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-2-7 50344]

R2 Device Handle Service;Device Handle Service;C:\Windows\SysWOW64\AsHookDevice.exe [2011-10-21 203392]

R2 fssfltr;fssfltr;C:\windows\System32\drivers\fssfltr.sys [2012-7-7 48488]

R2 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840]

R2 HitmanProScheduler;HitmanPro Scheduler;C:\Program Files\HitmanPro\hmpsched.exe [2014-2-7 127752]

R2 IMFservice;IMF Service;C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2014-1-2 341824]

R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2014-2-7 418376]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2014-2-7 701512]

R2 TiMiniService;TiMiniService;C:\Program Files\Trend Micro\Titanium\TiMiniService.exe [2011-10-21 241488]

R2 tmevtmgr;tmevtmgr;C:\windows\System32\drivers\tmevtmgr.sys [2011-10-21 67664]

R2 VIAKaraokeService;VIA Karaoke digital mixer Service;C:\windows\System32\ViakaraokeSrv.exe [2014-2-6 27768]

R3 amdiox64;AMD IO Driver;C:\windows\System32\drivers\amdiox64.sys [2011-10-21 46136]

R3 aswStm;aswStm;C:\windows\System32\drivers\aswStm.sys [2014-2-7 80184]

R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\windows\System32\drivers\AtihdW76.sys [2011-10-21 231440]

R3 MBAMProtector;MBAMProtector;C:\windows\System32\drivers\mbam.sys [2014-2-7 25928]

R3 netr7364;Belkin Wireless 54G USB Network Adapter Driver;C:\windows\System32\drivers\netr7364.sys [2012-7-7 716800]

R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\System32\drivers\RtsUStor.sys [2014-2-6 266968]

R3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2014-2-6 888536]

R3 usbfilter;AMD USB Filter Driver;C:\windows\System32\drivers\usbfilter.sys [2011-10-21 38528]

R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\windows\System32\drivers\viahduaa.sys [2014-2-6 689840]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 LiveUpdateSvc;LiveUpdate;C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2014-1-18 2151200]

S2 SecureUpdateSvc;SecureUpdate;C:\Program Files (x86)\Secure Speed Dial\IE\SecureUpdate.exe [2013-9-6 2473296]

S3 ahcix64s;ahcix64s;C:\windows\System32\drivers\ahcix64s.sys [2011-10-21 280656]

S3 amd_sata;amd_sata;C:\windows\System32\drivers\amd_sata.sys [2011-10-21 79488]

S3 Amsp;Trend Micro Solution Platform;C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe [2011-10-21 267480]

S3 FileMonitor;FileMonitor;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2014-1-2 23048]

S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\windows\System32\ieetwcollector.exe [2013-12-11 111616]

S3 NMgamingmsFltr;USB Optical Mouse;C:\windows\System32\drivers\NMgamingms.sys [2009-7-24 11264]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\windows\System32\drivers\rdpvideominiport.sys [2013-8-3 19456]

S3 RegFilter;RegFilter;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys [2014-1-2 34848]

S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2013-8-3 57856]

S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2013-8-3 30208]

S3 UrlFilter;UrlFilter;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys [2014-1-2 23016]

S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\System32\drivers\usbaapl64.sys [2012-9-28 53760]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2012-7-7 1255736]

S3 WDC_SAM;WD SCSI Pass Thru driver;C:\windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]

S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]

.

=============== Created Last 30 ================

.

2014-02-08 01:08:48 -------- d-----w- C:\Program Files\HitmanPro

2014-02-08 01:06:43 -------- d-----w- C:\ProgramData\HitmanPro

2014-02-08 00:21:19 80184 ----a-w- C:\windows\System32\drivers\aswStm.sys

2014-02-07 22:47:15 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A2D34AA1-031D-4D2E-A96E-864B1E497E47}\offreg.dll

2014-02-07 22:16:59 10315576 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A2D34AA1-031D-4D2E-A96E-864B1E497E47}\mpengine.dll

2014-02-07 12:44:28 -------- d-----w- C:\Users\Laura\AppData\Roaming\Malwarebytes

2014-02-07 12:43:57 -------- d-----w- C:\ProgramData\Malwarebytes

2014-02-07 12:43:55 25928 ----a-w- C:\windows\System32\drivers\mbam.sys

2014-02-07 12:43:55 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2014-02-07 04:06:58 266968 ----a-w- C:\windows\System32\drivers\RtsUStor.sys

2014-02-07 04:06:24 888536 ----a-w- C:\windows\System32\drivers\Rt64win7.sys

2014-02-07 04:06:24 73800 ----a-w- C:\windows\System32\RtNicProp64.dll

2014-02-07 04:06:13 -------- d-----w- C:\Program Files\VIA

2014-02-07 04:06:12 -------- d-----w- C:\windows\System32\SRSLabs

2014-02-07 04:03:21 -------- d-----w- C:\Users\Laura\AppData\Local\{46296D15-3C62-4446-96B8-AEABEFE78653}

2014-02-07 04:03:07 -------- d-----w- C:\Users\Laura\AppData\Roaming\Windows Live Writer

2014-02-07 04:03:07 -------- d-----w- C:\Users\Laura\AppData\Local\Windows Live Writer

2014-02-07 03:34:45 -------- d-----w- C:\Users\Laura\AppData\Roaming\LavasoftStatistics

2014-02-07 03:33:39 -------- d-----w- C:\AdwCleaner

2014-02-07 03:19:26 -------- d-----w- C:\Users\Laura\AppData\Local\adawarebp

2014-02-07 03:19:21 -------- d-----w- C:\ProgramData\Ad-Aware Browsing Protection

2014-02-07 03:18:43 -------- d-----w- C:\Users\Laura\AppData\Roaming\SecureSearch

2014-02-07 03:18:20 -------- d-----w- C:\Program Files (x86)\Lavasoft

2014-01-18 23:46:48 34080 ----a-w- C:\windows\System32\SmartDefragBootTime.exe

2014-01-18 23:46:30 121856 ----a-w- C:\windows\System32\IObitSmartDefragExtension.dll20140118174647.dll

2014-01-18 23:46:30 121856 ----a-w- C:\windows\System32\IObitSmartDefragExtension.dll

2014-01-18 17:27:44 -------- d-----w- C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}

2014-01-18 17:27:43 -------- d-----w- C:\ProgramData\ProductData

2014-01-15 07:07:31 53248 ----a-w- C:\windows\System32\drivers\usbehci.sys

2014-01-15 07:07:31 325120 ----a-w- C:\windows\System32\drivers\usbport.sys

2014-01-15 07:07:30 99840 ----a-w- C:\windows\System32\drivers\usbccgp.sys

2014-01-15 07:07:30 343040 ----a-w- C:\windows\System32\drivers\usbhub.sys

2014-01-15 07:07:29 30720 ----a-w- C:\windows\System32\drivers\usbuhci.sys

2014-01-15 07:07:29 25600 ----a-w- C:\windows\System32\drivers\usbohci.sys

2014-01-15 07:07:28 7808 ----a-w- C:\windows\System32\drivers\usbd.sys

2014-01-15 07:07:24 3156480 ----a-w- C:\windows\System32\win32k.sys

2014-01-15 07:07:19 376768 ----a-w- C:\windows\System32\drivers\netio.sys

.

==================== Find3M  ====================

.

2014-02-08 00:21:09 207904 ----a-w- C:\windows\System32\drivers\aswVmm.sys

2014-02-08 00:21:09 1038072 ----a-w- C:\windows\System32\drivers\aswSnx.sys

2014-02-08 00:21:08 78648 ----a-w- C:\windows\System32\drivers\aswMonFlt.sys

2014-02-08 00:21:05 43152 ----a-w- C:\windows\avastSS.scr

2014-02-07 04:06:24 107552 ----a-w- C:\windows\System32\RTNUninst64.dll

2014-02-04 23:34:07 692616 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe

2014-02-04 23:34:06 71048 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl

2014-01-16 15:59:44 270496 ------w- C:\windows\System32\MpSigStub.exe

2014-01-02 18:38:02 9889352 ----a-w- C:\windows\SysWow64\RtsUStoricon.dll

2013-12-24 16:40:32 21184 ----a-w- C:\windows\System32\drivers\SmartDefragDriver.sys

2013-12-18 14:17:52 96168 ----a-w- C:\windows\SysWow64\WindowsAccessBridge-32.dll

2013-12-09 06:00:01 65776 ----a-w- C:\windows\System32\drivers\aswRvrt.sys

2013-12-09 06:00:00 92544 ----a-w- C:\windows\System32\drivers\aswRdr2.sys

2013-12-01 09:07:08 940032 ----a-w- C:\windows\System32\MsSpellCheckingFacility.exe

2013-12-01 09:07:08 194048 ----a-w- C:\windows\SysWow64\elshyph.dll

2013-11-26 10:19:07 2724864 ----a-w- C:\windows\System32\mshtml.tlb

2013-11-26 10:18:23 4096 ----a-w- C:\windows\System32\ieetwcollectorres.dll

2013-11-26 09:48:07 66048 ----a-w- C:\windows\System32\iesetup.dll

2013-11-26 09:46:25 48640 ----a-w- C:\windows\System32\ieetwproxystub.dll

2013-11-26 09:23:02 2724864 ----a-w- C:\windows\SysWow64\mshtml.tlb

2013-11-26 09:18:39 139264 ----a-w- C:\windows\System32\ieUnatt.exe

2013-11-26 09:18:09 111616 ----a-w- C:\windows\System32\ieetwcollector.exe

2013-11-26 09:16:57 708608 ----a-w- C:\windows\System32\jscript9diag.dll

2013-11-26 08:35:02 5769216 ----a-w- C:\windows\System32\jscript9.dll

2013-11-26 08:28:16 553472 ----a-w- C:\windows\SysWow64\jscript9diag.dll

2013-11-26 08:16:12 4243968 ----a-w- C:\windows\SysWow64\jscript9.dll

2013-11-26 08:02:16 1995264 ----a-w- C:\windows\System32\inetcpl.cpl

2013-11-26 07:32:06 1928192 ----a-w- C:\windows\SysWow64\inetcpl.cpl

2013-11-26 07:07:57 2334208 ----a-w- C:\windows\System32\wininet.dll

2013-11-26 06:33:33 1820160 ----a-w- C:\windows\SysWow64\wininet.dll

2013-11-23 18:26:20 417792 ----a-w- C:\windows\SysWow64\WMPhoto.dll

2013-11-23 17:47:34 465920 ----a-w- C:\windows\System32\WMPhoto.dll

2013-11-12 02:23:09 2048 ----a-w- C:\windows\System32\tzres.dll

2013-11-12 02:07:29 2048 ----a-w- C:\windows\SysWow64\tzres.dll

.

============= FINISH: 22:21:12.86 ===============

 


.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Home Premium 

Boot Device: \Device\HarddiskVolume1

Install Date: 7/4/2012 3:34:15 PM

System Uptime: 2/7/2014 10:10:26 PM (0 hours ago)

.

Motherboard: ASUSTeK Computer INC. |  | CM1730,CM1830

Processor: AMD Athlon II X2 220 Processor | AM3 | 784/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 689 GiB total, 633.209 GiB free.

D: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP189: 1/21/2014 12:55:02 AM - Windows Update

RP190: 1/24/2014 9:40:06 AM - Windows Update

RP191: 1/28/2014 1:18:09 PM - Windows Update

RP192: 2/4/2014 5:35:36 PM - avast! antivirus system restore point

RP193: 2/4/2014 5:47:53 PM - Windows Update

RP194: 2/6/2014 4:11:06 PM - Restore Operation

RP195: 2/6/2014 4:19:52 PM - avast! antivirus system restore point

RP196: 2/6/2014 4:30:50 PM - Windows Update

RP197: 2/6/2014 4:33:28 PM - Created by Wise Care 365

RP198: 2/6/2014 9:13:12 PM - AA11

RP199: 2/6/2014 10:05:11 PM - Driver Booster : VIA High Definition Audio

RP200: 2/7/2014 6:17:11 PM - avast! antivirus system restore point

RP201: 2/7/2014 7:00:58 PM - AA11

RP202: 2/7/2014 10:07:02 PM - AA11

.

==== Installed Programs ======================

.

64 Bit HP CIO Components Installer

AccelerateTab

Adobe Flash Player 12 ActiveX

Adobe Reader X (10.1.9) MUI

Adobe Shockwave Player 11.6

Advanced SystemCare 7

AI Manager

Amazon MP3 Downloader 1.0.17

AMD APP SDK Runtime

AMD Fuel

AMD VISION Engine Control Center

Apple Application Support

Apple Mobile Device Support

Apple Software Update

ASUS Backup Wizard

ASUS WebStorage

ASUSUpdate

AsusVibe2.0

ATI Catalyst Install Manager

avast! Free Antivirus

Belkin 54Mbps Wireless Network Adapter

Best Buy pc app

Bonjour

Bullzip PDF Printer 9.8.0.1599

Catalyst Control Center InstallProxy

Catalyst Control Center Localization All

Catalyst Control Center Profiles Mobile

ccc-utility64

CCC Help Chinese Standard

CCC Help Chinese Traditional

CCC Help Czech

CCC Help Danish

CCC Help Dutch

CCC Help English

CCC Help Finnish

CCC Help French

CCC Help German

CCC Help Greek

CCC Help Hungarian

CCC Help Italian

CCC Help Japanese

CCC Help Korean

CCC Help Norwegian

CCC Help Polish

CCC Help Portuguese

CCC Help Russian

CCC Help Spanish

CCC Help Swedish

CCC Help Thai

CCC Help Turkish

CCleaner

Cisco Unified Presenter Add-in 6x5

Compatibility Pack for the 2007 Office system

Contrôle ActiveX Windows Live Mesh pour connexions à distance

Control ActiveX de Windows Live Mesh para conexiones remotas

D3DX10

EPU-4 Engine

Galerie de photos Windows Live

Galería fotográfica de Windows Live

Google Chrome

Google Earth Plug-in

Google Toolbar for Internet Explorer

Google Update Helper

Heritage Sports 8.2

HitmanPro 3.7

IObit Apps Toolbar v8.2

IObit Malware Fighter

IObit Uninstaller

iTunes

Java 7 Update 45

Java Auto Updater

Junk Mail filter update

Malwarebytes Anti-Malware version 1.75.0.1300

Mesh Runtime

Microsoft .NET Framework 4 Client Profile

Microsoft Application Error Reporting

Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170)

Microsoft Office 2010

Microsoft Office File Validation Add-In

Microsoft Office Live Meeting 2007

Microsoft Office Professional Edition 2003

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2005 Redistributable (x64)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319

Mozilla Firefox 26.0 (x86 en-US)

Mozilla Maintenance Service

MSVCRT

MSVCRT_amd64

MSXML 4.0 SP2 (KB973688)

MSXML 4.0 SP3 Parser (KB2721691)

MSXML 4.0 SP3 Parser (KB2758694)

MSXML 4.0 SP3 Parser (KB973685)

Norton Security Scan

Platform

Realtek Ethernet Controller Driver

Roblox for Laura

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)

Smart Defrag 3

Surfing Protection

swMSM

Trend Micro Titanium Internet Security

Unity Web Player

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft .NET Framework 4 Client Profile (KB2836939)

Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)

VIA Platform Device Manager

Windows Live

Windows Live Communications Platform

Windows Live Essentials

Windows Live Family Safety

Windows Live Fotogalerie

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Language Selector

Windows Live Mail

Windows Live Mesh

Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen

Windows Live Mesh ActiveX control for remote connections

Windows Live Messenger

Windows Live MIME IFilter

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live Remote Client

Windows Live Remote Client Resources

Windows Live Remote Service

Windows Live Remote Service Resources

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

.

==== Event Viewer Messages From Past Week ========

.

2/7/2014 6:20:01 PM, Error: Service Control Manager [7022]  - The Windows Update service hung on starting.

2/7/2014 4:04:00 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AudioEndpointBuilder service.

2/7/2014 4:03:30 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.

2/7/2014 10:14:36 PM, Error: Service Control Manager [7034]  - The SecureUpdate service terminated unexpectedly.  It has done this 1 time(s).

2/7/2014 10:14:35 PM, Error: Service Control Manager [7034]  - The LiveUpdate service terminated unexpectedly.  It has done this 1 time(s).

2/6/2014 4:32:27 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Windows Defender - KB915597 (Definition 1.165.3263.0).

2/6/2014 4:29:34 PM, Error: Service Control Manager [7030]  - The Wise Boot Assistant service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.

2/6/2014 3:27:35 PM, Error: Service Control Manager [7000]  - The Internet Explorer ETW Collector Service service failed to start due to the following error:  The parameter is incorrect.

2/5/2014 7:44:59 PM, Error: Service Control Manager [7000]  - The TiMiniService service failed to start due to the following error:  The parameter is incorrect.

2/5/2014 7:44:58 PM, Error: Service Control Manager [7023]  - The Pml Driver HPZ12 service terminated with the following error:  Operation did not complete successfully because the file contains a virus.

2/5/2014 7:44:58 PM, Error: Service Control Manager [7023]  - The Net Driver HPZ12 service terminated with the following error:  Operation did not complete successfully because the file contains a virus.

2/5/2014 7:44:58 PM, Error: Service Control Manager [7000]  - The SecureUpdate service failed to start due to the following error:  The parameter is incorrect.

2/5/2014 7:44:58 PM, Error: Service Control Manager [7000]  - The LiveUpdate service failed to start due to the following error:  The parameter is incorrect.

2/5/2014 7:44:57 PM, Error: Service Control Manager [7023]  - The Cryptographic Services service terminated with the following error:  Operation did not complete successfully because the file contains a virus.

2/5/2014 7:44:57 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Apple Mobile Device service to connect.

2/5/2014 7:44:57 PM, Error: Service Control Manager [7000]  - The Device Handle Service service failed to start due to the following error:  The parameter is incorrect.

2/5/2014 7:44:57 PM, Error: Service Control Manager [7000]  - The Apple Mobile Device service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.

2/5/2014 7:38:18 PM, Error: Microsoft-Windows-DistributedCOM [10000]  - Unable to start a DCOM Server: {73C9DFA0-750D-11E1-B0C4-0800200C9A66}. The error: "87" Happened while starting this command: C:\windows\system32\Macromed\Flash\FlashUtil64_12_0_0_44_ActiveX.exe -Embedding

2/5/2014 7:32:12 PM, Error: volmgr [46]  - Crash dump initialization failed!

2/5/2014 7:29:24 PM, Error: Service Control Manager [7043]  - The Group Policy Client service did not shut down properly after receiving a preshutdown control.

2/4/2014 8:28:26 PM, Error: Service Control Manager [7031]  - The Apple Mobile Device service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

2/4/2014 7:53:24 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.

.

==== End Of File ===========================


 

Link to post
Share on other sites

I am withdrawing this topic because it appears to be fixed now. I believe it was ad-aware (that used to be one of my trusted brands) that hijacked my browser. Is Lavasoft.com a scam for Lavasoft.eu? Or are they both scams now?

 

If anyone knows I would be interested. Otherwise this one is resolved. 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.