Hello,
Please help, my firefox and google keep redirecting to other pages like search engines that I have never heard off. Before I found this site I did a virus sweep and couldn't find anything but this redirection is driving me nuts.
As per the requirement I have posted the logs below.
Thanks
Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org
Database version: v2012.02.12.02
Windows Vista Service Pack 1 x86 NTFS
Internet Explorer 7.0.6001.18000
P J :: PJ [administrator]
16/02/2012 19:37:55
mbam-log-2012-02-16 (19-37-55).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 177672
Time elapsed: 10 minute(s), 39 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
GMER 1.0.15.15641 - http://www.gmer.net
Rootkit quick scan 2012-02-16 19:52:23
Windows 6.0.6001 Service Pack 1 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 TOSHIBA_MK1234GSX rev.AH001A
Running: 333t5my4.exe; Driver: C:\Users\PJ0127~1\AppData\Local\Temp\ugtdapow.sys
---- System - GMER 1.0.15 ----
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObInsertObject
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObMakeTemporaryObject
---- Devices - GMER 1.0.15 ----
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-0 AnyDVD.sys (AnyDVD Filter Driver/SlySoft, Inc.)
Device \Driver\atapi \Device\Ide\IdePort0 AnyDVD.sys (AnyDVD Filter Driver/SlySoft, Inc.)
Device \Driver\atapi \Device\Ide\IdePort1 AnyDVD.sys (AnyDVD Filter Driver/SlySoft, Inc.)
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-2 AnyDVD.sys (AnyDVD Filter Driver/SlySoft, Inc.)
Device \FileSystem\Ntfs \Ntfs aswSP.SYS (avast! self protection module/AVAST Software)
AttachedDevice \FileSystem\Ntfs \Ntfs TfFsMon.sys (ThreatFire Filesystem Monitor/PC Tools)
AttachedDevice \FileSystem\Ntfs \Ntfs psdfilter.sys (PSD Filter Driver/HiTRUST)
Device \FileSystem\fastfat \Fat aswSP.SYS (avast! self protection module/AVAST Software)
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\fastfat \Fat TfFsMon.sys (ThreatFire Filesystem Monitor/PC Tools)
AttachedDevice \Driver\tdx \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice \Driver\tdx \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
---- EOF - GMER 1.0.15 ----
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 7.0.6001.18000 BrowserJavaVersion: 1.6.0_24
Run by P J at 19:56:20 on 2012-02-16
.
============== Running Processes ===============
.
.
============== Pseudo HJT Report ===============
.
BHO: IDM integration (IDMIEHlprObj Class): {0055c089-8582-441b-a0bf-17b458c2a3a8} - c:\program files\internet download manager\IDMIECC.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Skype add-on (mastermind): {22bf413b-c6d2-4d91-82a9-a0f997ba588c} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
TB: Acer eDataSecurity Management: {5cbe3b7c-1e47-477e-a7dd-396db0476e29} - c:\windows\system32\eDStoolbar.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
TB: {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - No File
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [AnyDVD] c:\program files\slysoft\anydvd\AnyDVDtray.exe
uRun: [IDMan] c:\program files\internet download manager\IDMan.exe /onboot
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
uRun: [Advanced SystemCare 5] "c:\program files\iobit\advanced systemcare 5\ASCTray.exe" /AutoStart
mRun: [LaunchAp] "c:\program files\launch manager\LaunchAp.exe"
mRun: [Wbutton] "c:\program files\launch manager\Wbutton.exe"
mRun: [AMTray.exe] "c:\acer\empowering technology\amtray.exe"
mRun: [AcerOrbicamRibbon] "c:\program files\acer\orbicam10\OrbiCam.exe" /hide
mRun: [ZoneAlarm Client] "c:\program files\zone labs\zonealarm\zlclient.exe"
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Append Link Target to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECapture.html
IE: Download all links with IDM - c:\program files\internet download manager\IEGetAll.htm
IE: Download with IDM - c:\program files\internet download manager\IEExt.htm
IE: Send image to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
TCP: DhcpNameServer = 194.168.4.100 194.168.8.100
TCP: Interfaces\{5EF374E6-F289-4B40-8ABF-9470AC7F7E70} : DhcpNameServer = 194.168.4.100 194.168.8.100
TCP: Interfaces\{ACE49B86-D212-43BF-83EB-E6EC10A4D5D9} : DhcpNameServer = 172.20.114.80 172.20.114.81 172.20.114.141
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
.
============= SERVICES / DRIVERS ===============
.
.
=============== Created Last 30 ================
.
2012-02-16 19:26:12 837 ----a-w- c:\programdata\yaynaaa.tmp
2012-02-16 19:21:30 850 ----a-w- c:\programdata\yaqhbaa.tmp
2012-02-16 19:16:40 435032 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-02-16 19:16:35 55128 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-02-16 19:14:25 41184 ----a-w- c:\windows\avastSS.scr
2012-02-16 19:14:04 -------- d-----w- c:\programdata\AVAST Software
2012-02-16 19:14:04 -------- d-----w- c:\program files\AVAST Software
2012-02-15 23:06:30 -------- d-----w- C:\$RECYCLE.BIN
2012-02-15 20:49:08 -------- d-----w- c:\users\p j\appdata\local\temp
2012-02-15 18:57:16 98816 ----a-w- c:\windows\sed.exe
2012-02-15 18:57:16 518144 ----a-w- c:\windows\SWREG.exe
2012-02-15 18:57:16 256000 ----a-w- c:\windows\PEV.exe
2012-02-15 18:57:16 208896 ----a-w- c:\windows\MBR.exe
2012-02-15 17:13:53 24 --sh--w- c:\windows\S728858A8.tmp
2012-02-14 20:02:41 21848 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe
2012-02-14 19:52:35 -------- d-----w- c:\programdata\IObit
2012-02-14 19:51:21 -------- d-----w- c:\users\p j\appdata\roaming\IObit
2012-02-14 19:51:11 -------- d-----w- c:\program files\IObit
2012-02-14 14:32:59 -------- d-----w- C:\TDSSKiller_Quarantine
2012-02-13 23:12:40 2948096 ----a-w- c:\windows\explorer.exe
2012-02-13 21:00:49 -------- d-----w- c:\users\p j\appdata\roaming\SUPERAntiSpyware.com
2012-02-13 21:00:22 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2012-02-13 21:00:22 -------- d-----w- c:\program files\SUPERAntiSpyware
2012-02-13 20:10:55 -------- d-----w- c:\windows\system32\EventProviders
2012-02-12 23:08:22 388096 ----a-r- c:\users\p j\appdata\roaming\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2012-02-12 23:08:20 -------- d-----w- c:\program files\Trend Micro
2012-02-12 14:04:49 -------- d-----w- c:\users\p j\appdata\roaming\Malwarebytes
2012-02-12 14:04:43 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-02-12 14:04:43 -------- d-----w- c:\programdata\Malwarebytes
2012-02-12 14:04:43 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-02-05 19:05:02 17920 ----a-w- c:\windows\system32\temp.008
2012-02-05 19:05:02 164112 ----a-w- c:\windows\system32\temp.006
2012-02-05 19:05:02 147728 ----a-w- c:\windows\system32\temp.007
2012-02-05 19:05:02 1409024 ----a-w- c:\windows\system32\temp.009
2012-02-05 19:05:01 598288 ----a-w- c:\windows\system32\temp.005
2012-02-05 18:48:32 -------- d-----w- c:\users\p j\appdata\roaming\Nuance
2012-02-05 18:46:55 -------- d-----w- c:\programdata\Dolphin
2012-02-05 18:46:29 17920 ----a-w- c:\windows\system32\temp.003
2012-02-05 18:46:29 1409024 ----a-w- c:\windows\system32\temp.004
2012-02-05 18:46:29 -------- d-----w- c:\program files\Dolphin
2012-02-05 18:46:28 598288 ----a-w- c:\windows\system32\temp.000
2012-02-05 18:46:28 164112 ----a-w- c:\windows\system32\temp.001
2012-02-05 18:46:28 147728 ----a-w- c:\windows\system32\temp.002
2012-02-05 17:44:42 -------- d-----w- c:\program files\PDFCreator
2012-02-05 10:21:32 -------- d-----w- c:\users\p j\appdata\roaming\Nokia Suite
2012-02-03 21:12:40 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2012-02-03 21:06:23 -------- d-----w- c:\program files\PC Connectivity Solution
2012-01-23 20:53:27 -------- d-----w- c:\users\p j\appdata\local\Google
2012-01-21 12:43:22 -------- d-----w- c:\program files\Windows Journal
2012-01-21 01:59:20 -------- d-----w- C:\inetpub
.
==================== Find3M ====================
.
2011-04-14 18:58:05 438272 ----a-w- c:\program files\VSRip.exe
2009-12-09 21:27:54 1216512 ----a-w- c:\program files\DVDSubEdit.exe
2005-07-14 19:31:20 27648 --sha-w- c:\windows\system32\AVSredirect.dll
.
============= FINISH: 20:02:50.78 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
.
==== Disk Partitions =========================
.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
Acer eDataSecurity Management
Acer eLock Management
Acer Empowering Technology
Acer Empowering Technology framework
Acer eSettings Management
Acer OrbiCam Application
Acer VCM
Acrobat.com
Ad-Aware
Adobe Acrobat 9 Pro Extended - English, Français, Deutsch
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 11 Plugin
Advanced SystemCare 5
AnyDVD
Apple Application Support
Apple Mobile Device Support
ATI Catalyst Install Manager
avast! Free Antivirus
AVerMedia A16D PCI Hybrid DVB-T 3.6.0.15
AVerMedia E506 CardBus Analog 3.5.0.65
AVerMedia E506 CardBus Hybrid DVB-T 3.5.0.65
AVerMedia M779 Driver
AVerMedia MCE Encoder 3.2.1.62
AVerMedia MCE Encoder x86 3.0.1.6
AVerMedia Media Center Plug-ins 2.0.8.0
AVerTV
AVerTV Hybrid+FM USB2.0 2.0.3.11
AVS Video Recorder 2.4
Blu-ray to MKV 1.2.2.8
CCleaner (remove only)
Citrix online plug-in - web
Citrix online plug-in (DV)
Citrix online plug-in (HDX)
Citrix online plug-in (USB)
Citrix online plug-in (Web)
CloneDVD2
Combined Community Codec Pack 2009-09-09
Comical 0.8
DivX Setup
DVD Shrink 3.2
ffdshow [rev 2844] [2009-03-30]
FreeKapture 2.00 - Freeware
Gold Wave Editor v10.1.2
HandBrake 0.9.5
HDAUDIO Soft Data Fax Modem with SmartCP
HiJackThis
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
ImgBurn
ImTOO DVD Ripper Ultimate 6
Internet Download Manager
iTunes
Jaksta Streaming Media Recorder
Java Auto Updater
K-Lite Mega Codec Pack 4.8.0
Launch Manager V1.1.1.4
Lexmark 2400 Series
Logitech Video Enumerator
Malwarebytes Anti-Malware version 1.60.1.1000
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft IntelliPoint 6.2
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft_VC100_CRT_SP1_x86
MKVtoolnix 5.0.0
MSVC80_x86_v2
MSVC90_x86
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
neroxml
Nokia Connectivity Cable Driver
Nokia Suite
PC Connectivity Solution
QuickTime
Realtek High Definition Audio Driver
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for 2007 Microsoft Office System (KB982312)
Security Update for 2007 Microsoft Office System (KB982331)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB982308)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office Outlook 2007 (KB980376)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office Publisher 2007 (KB982124)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB969613)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB982135)
Skype™ 4.0
SoundSoap PE
Studio 11
Studio 11 Ultimate
Subtitle Workshop 2.51
SUPERAntiSpyware
Texas Instruments PCIxx21/x515/xx12 drivers.
TIPCI
TMPGEnc DVD Author 3 with DivX Authoring
Unlocker 1.8.7
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Outlook 2007 Junk Email Filter (kb2202131)
Vista Codec Package
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
VLC media player 1.1.11
VobSub v2.23 (Remove Only)
WIDCOMM Bluetooth Software
Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
Windows Live Messenger
WinPcap 4.1.1
WinRAR archiver
Xvid 1.2.1 final uninstall
XviD MPEG4 Video Codec (remove only)
YouTube HD Transfer 1.0.582
Zappit!
ZoneAlarm
.
==== End Of File ===========================
Please help, my firefox and google keep redirecting to other pages like search engines that I have never heard off. Before I found this site I did a virus sweep and couldn't find anything but this redirection is driving me nuts.
As per the requirement I have posted the logs below.
Thanks
Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org
Database version: v2012.02.12.02
Windows Vista Service Pack 1 x86 NTFS
Internet Explorer 7.0.6001.18000
P J :: PJ [administrator]
16/02/2012 19:37:55
mbam-log-2012-02-16 (19-37-55).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 177672
Time elapsed: 10 minute(s), 39 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
GMER 1.0.15.15641 - http://www.gmer.net
Rootkit quick scan 2012-02-16 19:52:23
Windows 6.0.6001 Service Pack 1 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 TOSHIBA_MK1234GSX rev.AH001A
Running: 333t5my4.exe; Driver: C:\Users\PJ0127~1\AppData\Local\Temp\ugtdapow.sys
---- System - GMER 1.0.15 ----
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObInsertObject
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObMakeTemporaryObject
---- Devices - GMER 1.0.15 ----
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-0 AnyDVD.sys (AnyDVD Filter Driver/SlySoft, Inc.)
Device \Driver\atapi \Device\Ide\IdePort0 AnyDVD.sys (AnyDVD Filter Driver/SlySoft, Inc.)
Device \Driver\atapi \Device\Ide\IdePort1 AnyDVD.sys (AnyDVD Filter Driver/SlySoft, Inc.)
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-2 AnyDVD.sys (AnyDVD Filter Driver/SlySoft, Inc.)
Device \FileSystem\Ntfs \Ntfs aswSP.SYS (avast! self protection module/AVAST Software)
AttachedDevice \FileSystem\Ntfs \Ntfs TfFsMon.sys (ThreatFire Filesystem Monitor/PC Tools)
AttachedDevice \FileSystem\Ntfs \Ntfs psdfilter.sys (PSD Filter Driver/HiTRUST)
Device \FileSystem\fastfat \Fat aswSP.SYS (avast! self protection module/AVAST Software)
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\fastfat \Fat TfFsMon.sys (ThreatFire Filesystem Monitor/PC Tools)
AttachedDevice \Driver\tdx \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice \Driver\tdx \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
---- EOF - GMER 1.0.15 ----
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 7.0.6001.18000 BrowserJavaVersion: 1.6.0_24
Run by P J at 19:56:20 on 2012-02-16
.
============== Running Processes ===============
.
.
============== Pseudo HJT Report ===============
.
BHO: IDM integration (IDMIEHlprObj Class): {0055c089-8582-441b-a0bf-17b458c2a3a8} - c:\program files\internet download manager\IDMIECC.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Skype add-on (mastermind): {22bf413b-c6d2-4d91-82a9-a0f997ba588c} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
TB: Acer eDataSecurity Management: {5cbe3b7c-1e47-477e-a7dd-396db0476e29} - c:\windows\system32\eDStoolbar.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
TB: {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - No File
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [AnyDVD] c:\program files\slysoft\anydvd\AnyDVDtray.exe
uRun: [IDMan] c:\program files\internet download manager\IDMan.exe /onboot
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
uRun: [Advanced SystemCare 5] "c:\program files\iobit\advanced systemcare 5\ASCTray.exe" /AutoStart
mRun: [LaunchAp] "c:\program files\launch manager\LaunchAp.exe"
mRun: [Wbutton] "c:\program files\launch manager\Wbutton.exe"
mRun: [AMTray.exe] "c:\acer\empowering technology\amtray.exe"
mRun: [AcerOrbicamRibbon] "c:\program files\acer\orbicam10\OrbiCam.exe" /hide
mRun: [ZoneAlarm Client] "c:\program files\zone labs\zonealarm\zlclient.exe"
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Append Link Target to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECapture.html
IE: Download all links with IDM - c:\program files\internet download manager\IEGetAll.htm
IE: Download with IDM - c:\program files\internet download manager\IEExt.htm
IE: Send image to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
TCP: DhcpNameServer = 194.168.4.100 194.168.8.100
TCP: Interfaces\{5EF374E6-F289-4B40-8ABF-9470AC7F7E70} : DhcpNameServer = 194.168.4.100 194.168.8.100
TCP: Interfaces\{ACE49B86-D212-43BF-83EB-E6EC10A4D5D9} : DhcpNameServer = 172.20.114.80 172.20.114.81 172.20.114.141
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
.
============= SERVICES / DRIVERS ===============
.
.
=============== Created Last 30 ================
.
2012-02-16 19:26:12 837 ----a-w- c:\programdata\yaynaaa.tmp
2012-02-16 19:21:30 850 ----a-w- c:\programdata\yaqhbaa.tmp
2012-02-16 19:16:40 435032 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-02-16 19:16:35 55128 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-02-16 19:14:25 41184 ----a-w- c:\windows\avastSS.scr
2012-02-16 19:14:04 -------- d-----w- c:\programdata\AVAST Software
2012-02-16 19:14:04 -------- d-----w- c:\program files\AVAST Software
2012-02-15 23:06:30 -------- d-----w- C:\$RECYCLE.BIN
2012-02-15 20:49:08 -------- d-----w- c:\users\p j\appdata\local\temp
2012-02-15 18:57:16 98816 ----a-w- c:\windows\sed.exe
2012-02-15 18:57:16 518144 ----a-w- c:\windows\SWREG.exe
2012-02-15 18:57:16 256000 ----a-w- c:\windows\PEV.exe
2012-02-15 18:57:16 208896 ----a-w- c:\windows\MBR.exe
2012-02-15 17:13:53 24 --sh--w- c:\windows\S728858A8.tmp
2012-02-14 20:02:41 21848 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe
2012-02-14 19:52:35 -------- d-----w- c:\programdata\IObit
2012-02-14 19:51:21 -------- d-----w- c:\users\p j\appdata\roaming\IObit
2012-02-14 19:51:11 -------- d-----w- c:\program files\IObit
2012-02-14 14:32:59 -------- d-----w- C:\TDSSKiller_Quarantine
2012-02-13 23:12:40 2948096 ----a-w- c:\windows\explorer.exe
2012-02-13 21:00:49 -------- d-----w- c:\users\p j\appdata\roaming\SUPERAntiSpyware.com
2012-02-13 21:00:22 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2012-02-13 21:00:22 -------- d-----w- c:\program files\SUPERAntiSpyware
2012-02-13 20:10:55 -------- d-----w- c:\windows\system32\EventProviders
2012-02-12 23:08:22 388096 ----a-r- c:\users\p j\appdata\roaming\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2012-02-12 23:08:20 -------- d-----w- c:\program files\Trend Micro
2012-02-12 14:04:49 -------- d-----w- c:\users\p j\appdata\roaming\Malwarebytes
2012-02-12 14:04:43 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-02-12 14:04:43 -------- d-----w- c:\programdata\Malwarebytes
2012-02-12 14:04:43 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-02-05 19:05:02 17920 ----a-w- c:\windows\system32\temp.008
2012-02-05 19:05:02 164112 ----a-w- c:\windows\system32\temp.006
2012-02-05 19:05:02 147728 ----a-w- c:\windows\system32\temp.007
2012-02-05 19:05:02 1409024 ----a-w- c:\windows\system32\temp.009
2012-02-05 19:05:01 598288 ----a-w- c:\windows\system32\temp.005
2012-02-05 18:48:32 -------- d-----w- c:\users\p j\appdata\roaming\Nuance
2012-02-05 18:46:55 -------- d-----w- c:\programdata\Dolphin
2012-02-05 18:46:29 17920 ----a-w- c:\windows\system32\temp.003
2012-02-05 18:46:29 1409024 ----a-w- c:\windows\system32\temp.004
2012-02-05 18:46:29 -------- d-----w- c:\program files\Dolphin
2012-02-05 18:46:28 598288 ----a-w- c:\windows\system32\temp.000
2012-02-05 18:46:28 164112 ----a-w- c:\windows\system32\temp.001
2012-02-05 18:46:28 147728 ----a-w- c:\windows\system32\temp.002
2012-02-05 17:44:42 -------- d-----w- c:\program files\PDFCreator
2012-02-05 10:21:32 -------- d-----w- c:\users\p j\appdata\roaming\Nokia Suite
2012-02-03 21:12:40 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2012-02-03 21:06:23 -------- d-----w- c:\program files\PC Connectivity Solution
2012-01-23 20:53:27 -------- d-----w- c:\users\p j\appdata\local\Google
2012-01-21 12:43:22 -------- d-----w- c:\program files\Windows Journal
2012-01-21 01:59:20 -------- d-----w- C:\inetpub
.
==================== Find3M ====================
.
2011-04-14 18:58:05 438272 ----a-w- c:\program files\VSRip.exe
2009-12-09 21:27:54 1216512 ----a-w- c:\program files\DVDSubEdit.exe
2005-07-14 19:31:20 27648 --sha-w- c:\windows\system32\AVSredirect.dll
.
============= FINISH: 20:02:50.78 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
.
==== Disk Partitions =========================
.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
Acer eDataSecurity Management
Acer eLock Management
Acer Empowering Technology
Acer Empowering Technology framework
Acer eSettings Management
Acer OrbiCam Application
Acer VCM
Acrobat.com
Ad-Aware
Adobe Acrobat 9 Pro Extended - English, Français, Deutsch
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 11 Plugin
Advanced SystemCare 5
AnyDVD
Apple Application Support
Apple Mobile Device Support
ATI Catalyst Install Manager
avast! Free Antivirus
AVerMedia A16D PCI Hybrid DVB-T 3.6.0.15
AVerMedia E506 CardBus Analog 3.5.0.65
AVerMedia E506 CardBus Hybrid DVB-T 3.5.0.65
AVerMedia M779 Driver
AVerMedia MCE Encoder 3.2.1.62
AVerMedia MCE Encoder x86 3.0.1.6
AVerMedia Media Center Plug-ins 2.0.8.0
AVerTV
AVerTV Hybrid+FM USB2.0 2.0.3.11
AVS Video Recorder 2.4
Blu-ray to MKV 1.2.2.8
CCleaner (remove only)
Citrix online plug-in - web
Citrix online plug-in (DV)
Citrix online plug-in (HDX)
Citrix online plug-in (USB)
Citrix online plug-in (Web)
CloneDVD2
Combined Community Codec Pack 2009-09-09
Comical 0.8
DivX Setup
DVD Shrink 3.2
ffdshow [rev 2844] [2009-03-30]
FreeKapture 2.00 - Freeware
Gold Wave Editor v10.1.2
HandBrake 0.9.5
HDAUDIO Soft Data Fax Modem with SmartCP
HiJackThis
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
ImgBurn
ImTOO DVD Ripper Ultimate 6
Internet Download Manager
iTunes
Jaksta Streaming Media Recorder
Java Auto Updater
K-Lite Mega Codec Pack 4.8.0
Launch Manager V1.1.1.4
Lexmark 2400 Series
Logitech Video Enumerator
Malwarebytes Anti-Malware version 1.60.1.1000
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft IntelliPoint 6.2
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft_VC100_CRT_SP1_x86
MKVtoolnix 5.0.0
MSVC80_x86_v2
MSVC90_x86
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
neroxml
Nokia Connectivity Cable Driver
Nokia Suite
PC Connectivity Solution
QuickTime
Realtek High Definition Audio Driver
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for 2007 Microsoft Office System (KB982312)
Security Update for 2007 Microsoft Office System (KB982331)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB982308)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office Outlook 2007 (KB980376)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office Publisher 2007 (KB982124)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB969613)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB982135)
Skype™ 4.0
SoundSoap PE
Studio 11
Studio 11 Ultimate
Subtitle Workshop 2.51
SUPERAntiSpyware
Texas Instruments PCIxx21/x515/xx12 drivers.
TIPCI
TMPGEnc DVD Author 3 with DivX Authoring
Unlocker 1.8.7
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Outlook 2007 Junk Email Filter (kb2202131)
Vista Codec Package
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
VLC media player 1.1.11
VobSub v2.23 (Remove Only)
WIDCOMM Bluetooth Software
Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
Windows Live Messenger
WinPcap 4.1.1
WinRAR archiver
Xvid 1.2.1 final uninstall
XviD MPEG4 Video Codec (remove only)
YouTube HD Transfer 1.0.582
Zappit!
ZoneAlarm
.
==== End Of File ===========================