Jump to content

google redirect striking search famous search cash search


pilvlp

Recommended Posts

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_29

Run by Acer at 18:06:35 on 2011-11-10

Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.4061.1815 [GMT -5:00]

.

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Program Files\Sandboxie\SbieSvc.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe

C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

C:\Windows\system32\nvvsvc.exe

C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files\Common Files\SPBA\upeksvr.exe

C:\Program Files (x86)\Acer Bio Protection\BASVC.exe

C:\Program Files (x86)\Acer Bio Protection\CompPtcVUI.exe

C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe

C:\Windows\SysWOW64\PnkBstrA.exe

C:\Program Files (x86)\Comcast\Desktop Doctor\bin\sprtsvc.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe

C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

C:\Program Files (x86)\WhatPulse\WhatPulse.exe

C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

C:\Windows\System32\svchost.exe -k secsvcs

C:\Windows\system32\wuauclt.exe

C:\Windows\System32\msdtc.exe

C:\Windows\ehome\ehmsas.exe

C:\Windows\system32\taskhost.exe

C:\Program Files (x86)\Steam\Steam.exe

C:\Users\Acer\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Acer\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Acer\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Acer\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Acer\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Acer\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Acer\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Acer\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Acer\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Acer\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Acer\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\SysWOW64\rundll32.exe

C:\Users\Acer\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\system32\taskeng.exe

"C:\Windows\system32\svchost.exe"

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_5739g&r=2v361009x106l03f3zq26t46m4u71p

uStart Page = hxxp://google.com/

uInternet Settings,ProxyOverride = *.local

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: BitComet Helper: {39f7e362-828a-4b5a-bcaf-5b79bfdfea60} - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.4.6.22.dll

BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

BHO: Partner BHO Class: {83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4} - C:\ProgramData\Partner\partner.dll

BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

uRun: [WhatPulse] C:\Program Files (x86)\WhatPulse\WhatPulse.exe

uRun: [Google Update] "C:\Users\Acer\AppData\Local\Google\Update\GoogleUpdate.exe" /c

uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

mRun: [<NO NAME>]

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [sNM] C:\Program Files (x86)\SpyNoMore\SNM.exe /startup

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableLUA = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

mPolicies-system: PromptOnSecureDesktop = 0 (0x0)

mPolicies-system: DisableCAD = 1 (0x1)

IE: &D&ownload &with BitComet - C:\Program Files (x86)\BitComet\BitComet.exe/AddLink.htm

IE: &D&ownload all video with BitComet - C:\Program Files (x86)\BitComet\BitComet.exe/AddVideo.htm

IE: &D&ownload all with BitComet - C:\Program Files (x86)\BitComet\BitComet.exe/AddAllLink.htm

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000

IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html

IE: {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files (x86)\Acer Bio Protection\PwdBank.exe

IE: {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.4.6.22.dll/206

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL

LSP: mswsock.dll

DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

TCP: DhcpNameServer = 68.87.72.134 68.87.77.134 192.168.1.1

TCP: Interfaces\{91D625C1-866F-457D-80E9-74AE46C9447D} : DhcpNameServer = 192.168.1.1

TCP: Interfaces\{91D625C1-866F-457D-80E9-74AE46C9447D}\05F6F6073536F6F60737 : DhcpNameServer = 192.168.2.1

TCP: Interfaces\{91D625C1-866F-457D-80E9-74AE46C9447D}\2456C6B696E6E233036443 : DhcpNameServer = 192.168.2.1

TCP: Interfaces\{91D625C1-866F-457D-80E9-74AE46C9447D}\2456C6B696E6F574F575962756C6563737F5333413938364 : DhcpNameServer = 192.168.2.1

TCP: Interfaces\{91D625C1-866F-457D-80E9-74AE46C9447D}\2456C6B696E6F5E4B2F5631334346483 : DhcpNameServer = 192.168.2.1 192.168.2.1

TCP: Interfaces\{91D625C1-866F-457D-80E9-74AE46C9447D}\76865697A7F62737 : DhcpNameServer = 192.168.2.1

TCP: Interfaces\{F790BC89-052E-4F7C-8279-E0648FA1BC33} : DhcpNameServer = 68.87.72.134 68.87.77.134 192.168.1.1

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

LSA: Notification Packages = C:\Program Files (x86)\Acer Bio Protection\PwdFilterV64

SubSystems: Windows = basesrv,1 winsrv:UserServerDllInitialization,3 consrv:ConServerDllInitialization,2 sxssrv,4

BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO-X64: AcroIEHelperStub - No File

BHO-X64: BitComet Helper: {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.4.6.22.dll

BHO-X64: BitComet ClickCapture - No File

BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

BHO-X64: Partner BHO Class: {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\partner.dll

BHO-X64: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO-X64: SkypeIEPluginBHO - No File

BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll

BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

mRun-x64: [(Default)]

mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun-x64: [sNM] C:\Program Files (x86)\SpyNoMore\SNM.exe /startup

IE-X64: {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files (x86)\Acer Bio Protection\PwdBank.exe

IE-X64: {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.4.6.22.dll/206

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\ejmrt4h7.default\

FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2260173&SearchSource=3&q={searchTerms}

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/

FF - component: C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll

FF - component: C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\ejmrt4h7.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}\platform\WINNT_x86-msvc\components\SSSLauncher.dll

FF - component: C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\ejmrt4h7.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}\components\IBitCometExtension.dll

FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\0.80.0\npesnlaunch.dll

FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.13\npGoogleOneClick8.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.53\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll

FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\Program Files (x86)\WorldWinner.com, Inc\WorldWinner Games\npwwload.dll

FF - plugin: C:\Users\Acer\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll

FF - plugin: C:\Users\Acer\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll

FF - plugin: C:\Users\Acer\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll

FF - plugin: C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\ejmrt4h7.default\extensions\battlefieldheroespatcher@ea.com\platform\WINNT_x86-msvc\plugins\npBFHUpdater.dll

FF - plugin: C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\ejmrt4h7.default\extensions\battlefieldplay4free@ea.com\platform\WINNT_x86-msvc\plugins\npBP4FUpdater.dll

FF - plugin: C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\ejmrt4h7.default\extensions\runtime@panda3d.org\platform\WINNT_x86-msvc\plugins\nppanda3d.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

FF - Ext: Skype Click to Call: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}

FF - Ext: Battlefield Heroes Updater: battlefieldheroespatcher@ea.com - %profile%\extensions\battlefieldheroespatcher@ea.com

FF - Ext: Battlefield Play4Free: battlefieldplay4free@ea.com - %profile%\extensions\battlefieldplay4free@ea.com

FF - Ext: Panda3D Game Engine Plug-In: runtime@panda3d.org - %profile%\extensions\runtime@panda3d.org

FF - Ext: FireShot: {0b457cAA-602d-484a-8fe7-c1d894a011ba} - %profile%\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}

FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}

FF - Ext: ReloadEvery: {888d99e7-e8b5-46a3-851e-1ec45da1e644} - %profile%\extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}

FF - Ext: BitComet Video Downloader: {B042753D-F57E-4e8e-A01B-7379A6D4CEFB} - %profile%\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}

FF - Ext: Better Facebook!: betterfacebook@mattkruse.com - %profile%\extensions\betterfacebook@mattkruse.com

FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension

.

---- FIREFOX POLICIES ----

FF - user.js: general.useragent.extra.brc -

.

============= SERVICES / DRIVERS ===============

.

R1 mwlPSDFilter;mwlPSDFilter;C:\Windows\system32\DRIVERS\mwlPSDFilter.sys --> C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [?]

R1 mwlPSDNServ;mwlPSDNServ;C:\Windows\system32\DRIVERS\mwlPSDNServ.sys --> C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [?]

R1 mwlPSDVDisk;mwlPSDVDisk;C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys --> C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [?]

R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]

R2 ePowerSvc;Acer ePower Service;C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [2009-10-26 788512]

R2 IGBASVC;EgisTec Service;C:\Program Files (x86)\Acer Bio Protection\BASVC.exe [2009-9-5 3453440]

R2 MWLService;MyWinLocker Service;C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe [2009-3-26 305448]

R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-9-29 2255464]

R2 TomTomHOMEService;TomTomHOMEService;C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2011-4-22 92592]

R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller;C:\Windows\system32\DRIVERS\L1C60x64.sys --> C:\Windows\system32\DRIVERS\L1C60x64.sys [?]

R3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETw5s64.sys --> C:\Windows\system32\DRIVERS\NETw5s64.sys [?]

R3 nuvotoncir;Nuvoton IR Transceiver;C:\Windows\system32\DRIVERS\nuvotoncir.sys --> C:\Windows\system32\DRIVERS\nuvotoncir.sys [?]

R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]

R3 SbieDrv;SbieDrv;C:\Program Files\Sandboxie\SbieDrv.sys [2010-7-4 139880]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-6-21 135664]

S2 RS_Service;Raw Socket Service;C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [2009-6-19 237568]

S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe [2011-3-1 129440]

S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-6-21 135664]

S3 MEMSWEEP2;MEMSWEEP2;\??\C:\Windows\system32\1314.tmp --> C:\Windows\system32\1314.tmp [?]

S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\netw5v64.sys --> C:\Windows\system32\DRIVERS\netw5v64.sys [?]

S3 npggsvc;nProtect GameGuard Service;C:\Windows\system32\GameMon.des -service --> C:\Windows\system32\GameMon.des -service [?]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]

S3 winbondcir;Winbond IR Transceiver;C:\Windows\system32\DRIVERS\winbondcir.sys --> C:\Windows\system32\DRIVERS\winbondcir.sys [?]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe --> C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [?]

S4 BroadCamService;BroadCam Video Streaming Server;C:\Program Files (x86)\NCH Software\BroadCam\broadcam.exe [2010-8-22 1052676]

S4 CLHNService;CLHNService;C:\Program Files (x86)\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [2009-10-26 75048]

S4 FreeAgentGoNext Service;Seagate Service;C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe [2009-9-25 189736]

S4 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2009-4-11 61184]

S4 NTIBackupSvc;NTI Backup Now 5 Backup Service;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-9-23 50424]

S4 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-9-23 144632]

S4 Partner Service;Partner Service;C:\ProgramData\Partner\partner.exe [2009-10-26 111088]

.

=============== Created Last 30 ================

.

2011-11-10 14:01:36 -------- d-----w- C:\Users\Acer\AppData\Local\Skyrim

2011-11-10 03:50:23 31232 ----a-w- C:\Windows\System32\drivers\tap0901.sys

2011-11-09 19:39:06 1152 ----a-w- C:\Windows\SysWow64\windrv.sys

2011-11-09 19:38:45 -------- d-----w- C:\Users\Acer\AppData\Roaming\GetRightToGo

2011-11-09 18:50:06 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{6B86A085-4B57-41A0-92C2-683FC6CAC58A}\offreg.dll

2011-11-09 03:43:23 -------- d-----w- C:\Program Files (x86)\ESET

2011-11-09 03:22:17 18816 ------w- C:\Windows\SysWow64\SAVRKBootTasks.sys

2011-11-08 14:25:24 6144 ------w- C:\Windows\System32\1314.tmp

2011-11-08 13:57:43 6144 ------w- C:\Windows\System32\BCB9.tmp

2011-11-08 13:57:37 -------- d-----w- C:\Program Files (x86)\Sophos

2011-11-08 07:42:28 8570192 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{6B86A085-4B57-41A0-92C2-683FC6CAC58A}\mpengine.dll

2011-11-07 09:23:57 -------- d-sh--w- C:\Windows\System32\%APPDATA%

2011-11-07 09:19:37 -------- d-sh--w- C:\Users\Acer\AppData\Local\138e3774

.

==================== Find3M ====================

.

2011-11-09 23:23:09 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2011-10-04 18:28:20 280904 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr

2011-10-04 18:28:20 280904 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe

2011-10-03 09:06:03 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll

2011-09-30 01:29:33 280904 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0

2011-09-29 16:51:41 75136 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe

2011-08-31 21:00:50 25416 ----a-w- C:\Windows\System32\drivers\mbam.sys

2011-08-26 22:21:30 42392 ----a-w- C:\Windows\SysWow64\xfcodec.dll

2011-08-26 22:21:30 28056 ----a-w- C:\Windows\System32\xfcodec64.dll

.

============= FINISH: 18:07:36.73 ===============

Link to post
Share on other sites

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume2

Install Date: 8/12/2010 2:10:24 AM

System Uptime: 11/9/2011 1:47:23 PM (29 hours ago)

.

Motherboard: Acer | | JM50-MV

Processor: Intel® Core2 Duo CPU T6600 @ 2.20GHz | U2E1 | 2200/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 216 GiB total, 23.89 GiB free.

D: is CDROM ()

.

==== Disabled Device Manager Items =============

.

Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Description: int15

Device ID: ROOT\LEGACY_INT15\0000

Manufacturer:

Name: int15

PNP Device ID: ROOT\LEGACY_INT15\0000

Service: int15

.

Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Description: Windows Firewall Authorization Driver

Device ID: ROOT\LEGACY_MPSDRV\0000

Manufacturer:

Name: Windows Firewall Authorization Driver

PNP Device ID: ROOT\LEGACY_MPSDRV\0000

Service: mpsdrv

.

Class GUID: {4d36e96d-e325-11ce-bfc1-08002be10318}

Description: LSI HDA Modem

Device ID: HDAUDIO\FUNC_02&VEN_11C1&DEV_1040&SUBSYS_1025021E&REV_1002\4&269586B1&0&0101

Manufacturer: LSI

Name: LSI HDA Modem

PNP Device ID: HDAUDIO\FUNC_02&VEN_11C1&DEV_1040&SUBSYS_1025021E&REV_1002\4&269586B1&0&0101

Service: Modem

.

==== System Restore Points ===================

.

RP191: 11/10/2011 8:59:12 AM - Installed DirectX

.

==== Installed Programs ======================

.

2007 Microsoft Office Suite Service Pack 1 (SP1)

Acer Arcade Deluxe

Acer Assist

Acer Backup Manager

Acer Bio Protection

Acer Crystal Eye Webcam 2.0.7

Acer Crystal Eye Webcam Video Class Camera

Acer PowerSmart Manager

Acer Registration

Acer ScreenSaver

Acer VCM

Acrobat.com

Active GIF Creator 3.4

Adobe AIR

Adobe Flash Player 10 Plugin

Adobe Reader 9

Adobe Shockwave Player 11.5

Airport Mania First Flight

Apple Application Support

Apple Software Update

Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver

Audacity 1.3.12 (Unicode)

Audiosurf

AutoHotkey 1.0.48.05

Backup Manager Basic

Battlefield 3™ Open Beta

Battlefield Heroes

Battlefield Play4Free

Battlelog Web Plugins

Belkin Setup and Router Monitor

BitComet 1.22

BroadCam Video Streaming Server

C:\Program Files (x86)\Acer GameZone\GameConsole

Cake Mania 2

Cheat Engine 5.6.1

Choice Guard

Cisco Connect

Comcast Desktop Software (v1.2.0.9)

Compatibility Pack for the 2007 Office system

Cooking Dash

Coupon Printer for Windows

Cradle of Rome

Dairy Dash

Debut Video Capture Software

Desktop Doctor

Disney Toontown Online

DNA

Dream Day Honeymoon

EA SPORTS online 2008

Eastside UK pre-game Editor v2007.1.6

Eastside UK saved game Editor v2007.0.4

EPSON Scan

ESET Online Scanner v3

ESN Sonar

eSobi v2

Express Burn Disc Burning Software

EZ Macros

Facebook Video Calling 1.0.0.8714

Fingerprint Solution

FrostWire 4.21.5

Futuremark SystemInfo

Galapago

Game Fire

GamersFirst LIVE!

GKLauncher

Google Chrome

Google Toolbar for Internet Explorer

Google Update Helper

Hydro Hydra

ImageConverter Plus 7.1

Java Auto Updater

Java 6 Update 29

Jewel Quest Solitaire

Junk Mail filter update

K-Lite Codec Pack 6.1.0 (Full)

Kings Legacy

Launch Manager

League of Legends

Left 4 Dead 2

Left 4 Dead 2 Authoring Tools

Life QuestJust For Fun Games

Luxor 2

Mahjong Escape Ancient China

Malwarebytes' Anti-Malware version 1.51.2.1300

Microsoft Office Excel MUI (English) 2007

Microsoft Office Home and Student 2007

Microsoft Office OneNote MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office PowerPoint Viewer 2007 (English)

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Suite Activation Assistant

Microsoft Office Word MUI (English) 2007

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft Works

Microsoft XNA Framework Redistributable 4.0

mIRC

Mozilla Firefox (3.6.23)

MSVCRT

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MyWinLocker

NTI Backup Now 5

NTI Backup Now Standard

NTI Media Maker 8

Nuvoton CIR Device Driver

NVIDIA 3D Vision Controller Driver

NVIDIA PhysX

Ocean Express

OpenAL

Orion

Pando Media Booster

Parking Dash

Pidgin

Poker Night at the Inventory

Prism Video Converter

PunkBuster Services

Puzzle Express

QuickTime

Rainbow Web

Razer DeathAdder Black Edition Mouse

Realtek High Definition Audio Driver

Realtek USB 2.0 Card Reader

Return of Warrior

Rock Manager

Seagate Manager Installer

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Extended (KB2416472)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

SharpKeys

Skype Click to Call

Skype™ 5.5

SopCast 3.2.9

Sophos Anti-Rootkit 1.5.20

SpeedFan (remove only)

Steam

StreamTorrent 1.0

System Requirements Lab

System Requirements Lab CYRI

Team Fortress 2

TeamSpeak 3 Client

TomTom HOME 2.8.2.2264

TomTom HOME Visual Studio Merge Modules

Toontown Keep-Alive

Torchlight

Tradewinds 2

Tri-Peaks Solitaire To Go

Turbo Pizza

Unity Web Player

Unreal Tournament 2004

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2473228)

Update for Microsoft .NET Framework 4 Extended (KB2468871)

Update for Office 2007 (KB946691)

Upgrade Kit

VideoPad Video Editor

VLC media player 1.1.0

VTFEdit 1.2.5

WBFS Manager 3.0

Wedding Dash

WhatPulse 1.7

Windows Live Call

Windows Live Communications Platform

Windows Live Essentials

Windows Live Mail

Windows Live Messenger

Windows Live Photo Gallery

Windows Live Sign-in Assistant

Windows Live Sync

Windows Live Upload Tool

Windows Live Writer

Windows Media Player Firefox Plugin

World Basketball Manager 2010

WorldWinner Games

Xfire (remove only)

Zuma Deluxe

.

==== Event Viewer Messages From Past Week ========

.

11/9/2011 1:48:00 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: SAVRKBootTasks

11/9/2011 1:47:56 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Raw Socket Service service to connect.

11/9/2011 1:47:56 PM, Error: Service Control Manager [7000] - The Raw Socket Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

11/9/2011 1:47:56 PM, Error: Service Control Manager [7000] - The int15 service failed to start due to the following error: The system cannot find the file specified.

11/9/2011 1:47:50 PM, Error: Service Control Manager [7001] - The Windows Firewall service depends on the Windows Firewall Authorization Driver service which failed to start because of the following error: Cannot create a file when that file already exists.

11/9/2011 1:47:50 PM, Error: Service Control Manager [7000] - The Windows Firewall Authorization Driver service failed to start due to the following error: Cannot create a file when that file already exists.

11/8/2011 9:07:42 AM, Error: Application Popup [1060] - \??\C:\Windows\system32\BCB9.tmp has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

11/8/2011 12:09:10 PM, Error: Service Control Manager [7000] - The MEMSWEEP2 service failed to start due to the following error: This driver has been blocked from loading

11/8/2011 12:09:10 PM, Error: Application Popup [1060] - \??\C:\Windows\system32\1314.tmp has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

11/7/2011 4:19:38 AM, Error: Service Control Manager [7034] - The Raw Socket Service service terminated unexpectedly. It has done this 1 time(s).

11/7/2011 11:10:43 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.

11/7/2011 11:10:39 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}

11/7/2011 11:10:39 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

11/7/2011 11:10:37 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}

11/7/2011 11:10:37 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}

11/7/2011 11:10:36 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

11/7/2011 11:10:31 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}

11/7/2011 11:10:13 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD DfsC discache mwlPSDFilter mwlPSDNServ mwlPSDVDisk NetBIOS NetBT nsiproxy Psched rdbss spldr sptd tdx vwififlt Wanarpv6 WfpLwf

11/7/2011 11:10:13 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

11/7/2011 11:10:13 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.

11/7/2011 11:10:13 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.

11/7/2011 11:10:13 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.

11/7/2011 11:10:13 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.

11/7/2011 11:10:13 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.

11/7/2011 11:10:13 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

11/7/2011 11:10:13 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

11/7/2011 11:10:13 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.

11/7/2011 11:10:13 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.

11/7/2011 11:09:47 PM, Error: sptd [4] - Driver detected an internal error in its data structures for .

11/7/2011 11:07:04 PM, Error: Service Control Manager [7034] - The NVIDIA Display Driver Service service terminated unexpectedly. It has done this 2 time(s).

11/7/2011 11:06:47 PM, Error: Service Control Manager [7034] - The TomTomHOMEService service terminated unexpectedly. It has done this 1 time(s).

11/7/2011 11:06:47 PM, Error: Service Control Manager [7034] - The SupportSoft Sprocket Service (ddoctorv2) service terminated unexpectedly. It has done this 1 time(s).

11/7/2011 11:06:47 PM, Error: Service Control Manager [7034] - The Sandboxie Service service terminated unexpectedly. It has done this 1 time(s).

11/7/2011 11:06:47 PM, Error: Service Control Manager [7034] - The PnkBstrA service terminated unexpectedly. It has done this 1 time(s).

11/7/2011 11:06:47 PM, Error: Service Control Manager [7034] - The NVIDIA Display Driver Service service terminated unexpectedly. It has done this 1 time(s).

11/7/2011 11:06:47 PM, Error: Service Control Manager [7034] - The MyWinLocker Service service terminated unexpectedly. It has done this 1 time(s).

11/7/2011 11:06:47 PM, Error: Service Control Manager [7034] - The Intel® Matrix Storage Event Monitor service terminated unexpectedly. It has done this 1 time(s).

11/7/2011 11:06:47 PM, Error: Service Control Manager [7034] - The EgisTec Service service terminated unexpectedly. It has done this 1 time(s).

11/7/2011 11:06:47 PM, Error: Service Control Manager [7034] - The AffinegyService service terminated unexpectedly. It has done this 1 time(s).

11/7/2011 11:06:47 PM, Error: Service Control Manager [7034] - The Acer ePower Service service terminated unexpectedly. It has done this 1 time(s).

11/10/2011 8:55:07 AM, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

.

==== End Of File ===========================

Link to post
Share on other sites

  • 2 weeks later...
  • Staff

Hi and welcome to Malwarebytes.

Please update MBAM, run a Quick Scan, and post its log.

Next, please visit this webpage for instructions for running ComboFix:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

  • When the tool is finished, it will produce a report for you.
  • Please post the contents of C:\ComboFix.txt along with a new DDS log so we may continue cleaning the system.

Link to post
Share on other sites

  • 3 weeks later...
  • 2 weeks later...
  • Staff

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.