Hello,
Since yesterday I've been getting the dreaded google search redirect issues on both Opera and IE. Have tried nuking my computer with all things antivirus but to no avail, so am seeking further assistance here.
Also, strangely, any program that works from a launcher has stopped working - mainly games. The launcher will load, but will not then actually launch the game exe. Unsure if this is related, but have no other explaination.
Logs follow
Malwarebyte:
Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org
Database version: 7319
Windows 6.1.7600 (Safe Mode)
Internet Explorer 8.0.7600.16385
29/07/2011 20:00:17
mbam-log-2011-07-29 (20-00-17).txt
Scan type: Quick scan
Objects scanned: 169393
Time elapsed: 3 minute(s), 4 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
GMER (blank after the auto scan it does on startup)
DDS
.
DDS (Ver_2011-06-23.01) - NTFSAMD64
Internet Explorer: 8.0.7600.16385
Run by Lucian at 20:10:47 on 2011-07-29
Microsoft Windows 7 Professional 6.1.7600.0.1252.44.1033.18.4094.2958 [GMT 1:00]
.
AV: Spyware Doctor with AntiVirus *Disabled/Updated* {2F668A56-D5E0-2DF1-A0AE-CB1284F42AB2}
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spyware Doctor with AntiVirus *Disabled/Updated* {94076BB2-F3DA-227F-9A1E-F060FF73600F}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Saitek\SD6\Software\ProfilerU.exe
C:\Program Files\Saitek\SD6\Software\SaiMfd.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\YoutubeDownloader.org\YoutubeDownloader\YoutubeDownloader Updater.exe
C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Ask.com\Updater\Updater.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
C:\Users\Lucian\AppData\Local\Apps\2.0\HR1DZ98O.501\G8CHHLTG.JTC\curs..tion_eee711038731a406_0004.0000_0d453ed5fea2fe48\CurseClient.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\taskhost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.smartwebsearch.net/index.php?from=3
uURLSearchHooks: H - No File
mWinlogon: Userinit=userinit.exe,
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
uRun: [NTServiceManager] C:\Program Files (x86)\YoutubeDownloader.org\YoutubeDownloader\YoutubeDownloader Updater.exe
uRun: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun: [TrojanScanner] C:\Program Files (x86)\Trojan Remover\Trjscan.exe /boot
StartupFolder: C:\Users\Lucian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip
StartupFolder: C:\Users\Lucian\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\STARTU~1.LNK - C:\Users\Lucian\AppData\Roaming\FAH\CPU\StartupCPU.exe
StartupFolder: C:\Users\Lucian\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\STARTU~2.LNK - C:\Users\Lucian\AppData\Roaming\FAH\GPU\StartupGPU.exe
StartupFolder: C:\Users\Lucian\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\VERSIO~1.LNK - C:\Users\Lucian\AppData\Roaming\FAH\VersionCheck.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
LSP: C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll
LSP: mswsock.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{E32CD60E-FE0E-4BAC-BEB1-CAD4DEDB86F8} : DhcpNameServer = 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
SubSystems: Windows = basesrv,1 winsrv:UserServerDllInitialization,3 consrv:ConServerDllInitialization,2 sxssrv,4
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
BHO-X64: URLRedirectionBHO - No File
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
mRun-x64: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun-x64: [TrojanScanner] C:\Program Files (x86)\Trojan Remover\Trjscan.exe /boot
.
============= SERVICES / DRIVERS ===============
.
R0 PCTCore;PCTools KDS;C:\Windows\system32\drivers\PCTCore64.sys --> C:\Windows\system32\drivers\PCTCore64.sys [?]
R0 pctDS;PC Tools Data Store;C:\Windows\system32\drivers\pctDS64.sys --> C:\Windows\system32\drivers\pctDS64.sys [?]
R0 pctEFA;PC Tools Extended File Attributes;C:\Windows\system32\drivers\pctEFA64.sys --> C:\Windows\system32\drivers\pctEFA64.sys [?]
R0 TfFsMon;TfFsMon;C:\Windows\system32\drivers\TfFsMon.sys --> C:\Windows\system32\drivers\TfFsMon.sys [?]
R0 TFSysMon;TFSysMon;C:\Windows\system32\drivers\TfSysMon.sys --> C:\Windows\system32\drivers\TfSysMon.sys [?]
R1 pctgntdi;pctgntdi;\??\C:\Windows\System32\drivers\pctgntdi64.sys --> C:\Windows\System32\drivers\pctgntdi64.sys [?]
R1 PCTSD;PC Tools Spyware Doctor Driver;C:\Windows\system32\Drivers\PCTSD64.sys --> C:\Windows\system32\Drivers\PCTSD64.sys [?]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2011-5-20 136360]
R2 avgntflt;avgntflt;C:\Windows\system32\DRIVERS\avgntflt.sys --> C:\Windows\system32\DRIVERS\avgntflt.sys [?]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-7-29 366640]
R2 StarWindServiceAE;StarWind AE Service;C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
R3 lvpepf64;Volume Adapter;C:\Windows\system32\DRIVERS\lv302a64.sys --> C:\Windows\system32\DRIVERS\lv302a64.sys [?]
R3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\system32\DRIVERS\lvrs64.sys --> C:\Windows\system32\DRIVERS\lvrs64.sys [?]
R3 LVUSBS64;Logitech USB Monitor Filter;C:\Windows\system32\drivers\LVUSBS64.sys --> C:\Windows\system32\drivers\LVUSBS64.sys [?]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
S2 AntiVirService;Avira AntiVir Guard;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2011-5-20 269480]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-7-11 136176]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-7-11 136176]
S3 npusbio;npusbio;C:\Windows\system32\Drivers\npusbio_x64.sys --> C:\Windows\system32\Drivers\npusbio_x64.sys [?]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 pctplsg;pctplsg;\??\C:\Windows\System32\drivers\pctplsg64.sys --> C:\Windows\System32\drivers\pctplsg64.sys [?]
S3 SaiH2541;SaiH2541;C:\Windows\system32\DRIVERS\SaiH2541.sys --> C:\Windows\system32\DRIVERS\SaiH2541.sys [?]
S3 sdAuxService;PC Tools Auxiliary Service;C:\Program Files (x86)\PC Tools Security\pctsAuxs.exe [2011-7-27 371472]
S3 sdCoreService;PC Tools Security Service;C:\Program Files (x86)\PC Tools Security\pctsSvc.exe [2011-7-27 1117144]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 20992]
S3 TfNetMon;TfNetMon;\??\C:\Windows\system32\drivers\TfNetMon.sys --> C:\Windows\system32\drivers\TfNetMon.sys [?]
S3 ThreatFire;ThreatFire;C:\Program Files (x86)\PC Tools Security\TFEngine\TFService.exe service --> C:\Program Files (x86)\PC Tools Security\TFEngine\TFService.exe service [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2011-07-29 18:10:35 77312 ----a-w- C:\Windows\SysWow64\ztvunace26.dll
2011-07-29 18:10:35 75264 ----a-w- C:\Windows\SysWow64\unacev2.dll
2011-07-29 18:10:35 69632 ----a-w- C:\Windows\SysWow64\ztvcabinet.dll
2011-07-29 18:10:35 162304 ----a-w- C:\Windows\SysWow64\ztvunrar36.dll
2011-07-29 18:10:35 153088 ----a-w- C:\Windows\SysWow64\UNRAR3.dll
2011-07-29 18:10:34 -------- d-----w- C:\Users\Lucian\AppData\Roaming\Simply Super Software
2011-07-29 18:10:34 -------- d-----w- C:\ProgramData\Simply Super Software
2011-07-29 18:10:34 -------- d-----w- C:\Program Files (x86)\Trojan Remover
2011-07-29 16:30:42 8578896 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2A36097E-2D94-4775-AC08-01934B2EA513}\mpengine.dll
2011-07-29 16:13:17 41272 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
2011-07-29 16:13:13 25912 ----a-w- C:\Windows\System32\drivers\mbam.sys
2011-07-29 15:59:39 -------- d-----w- C:\Users\Lucian\AppData\Local\PMB Files
2011-07-28 09:26:29 -------- d-----w- C:\Users\Lucian\AppData\Local\ATI
2011-07-28 09:23:37 -------- d-----w- C:\Program Files (x86)\ATI Technologies
2011-07-28 09:23:01 -------- d-----w- C:\Program Files\ATI Technologies
2011-07-28 09:22:59 -------- d-----w- C:\Program Files\ATI
2011-07-28 09:22:05 -------- d-----w- C:\ATI
2011-07-28 09:11:18 -------- d-----w- C:\Program Files (x86)\ESET
2011-07-28 08:54:33 -------- d-----w- C:\Users\Lucian\AppData\Roaming\Malwarebytes
2011-07-28 08:53:22 -------- d-----w- C:\ProgramData\Malwarebytes
2011-07-28 08:53:19 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-07-27 15:31:09 -------- d-----w- C:\Users\Lucian\AppData\Local\VeniceAlphaTrial
2011-07-27 15:31:09 -------- d-----w- C:\Users\Lucian\AppData\Local\BF3
2011-07-27 15:30:44 -------- d-----w- C:\Program Files (x86)\BF3 Alpha Trial Web Plugins
2011-07-27 15:28:56 -------- d-----w- C:\ProgramData\EA Core
2011-07-27 15:23:04 -------- d--h--w- C:\Program Files (x86)\Common Files\EAInstaller
2011-07-27 14:14:55 -------- d-----w- C:\Users\Lucian\AppData\Roaming\Origin
2011-07-27 14:13:21 -------- d-----w- C:\Users\Lucian\AppData\Local\Origin
2011-07-27 14:13:14 -------- d-----w- C:\ProgramData\Origin
2011-07-27 14:13:14 -------- d-----w- C:\ProgramData\Electronic Arts
2011-07-27 14:13:14 -------- d-----w- C:\Program Files (x86)\Origin Games
2011-07-27 14:12:50 -------- d-----w- C:\Program Files (x86)\Origin
2011-07-27 11:56:23 74824 --s---w- C:\Windows\System32\drivers\TfSysMon.sys
2011-07-27 11:56:23 65072 --s---w- C:\Windows\System32\drivers\TfFsMon.sys
2011-07-27 11:56:23 41888 --s---w- C:\Windows\System32\drivers\TfNetMon.sys
2011-07-27 11:46:46 816016 ----a-w- C:\Windows\System32\drivers\pctEFA64.sys
2011-07-27 11:46:46 452872 ----a-w- C:\Windows\System32\drivers\pctDS64.sys
2011-07-27 11:46:45 334976 ----a-w- C:\Windows\System32\drivers\pctgntdi64.sys
2011-07-27 11:46:45 140800 ----a-w- C:\Windows\System32\drivers\pctwfpfilter64.sys
2011-07-27 11:46:41 282440 ----a-w- C:\Windows\System32\drivers\PCTCore64.sys
2011-07-27 11:46:40 279344 ----a-w- C:\Windows\System32\drivers\PCTSD64.sys
2011-07-27 11:46:37 92896 ----a-w- C:\Windows\System32\drivers\pctplsg64.sys
2011-07-27 11:46:28 -------- d-----w- C:\Program Files (x86)\PC Tools Security
2011-07-27 11:46:28 -------- d-----w- C:\Program Files (x86)\Common Files\PC Tools
2011-07-27 11:45:18 -------- d-----w- C:\ProgramData\PC Tools
2011-07-26 14:54:53 -------- d-----w- C:\Program Files\Microsoft Synchronization Services
2011-07-26 14:54:36 -------- d-----w- C:\Windows\PCHEALTH
2011-07-26 14:54:36 -------- d-----w- C:\Program Files\Microsoft SQL Server Compact Edition
2011-07-26 14:53:22 -------- d-----w- C:\Users\Lucian\AppData\Local\Microsoft Help
2011-07-26 11:07:39 -------- d-----we C:\Windows\system64
2011-07-25 10:54:40 -------- d-----w- C:\Program Files (x86)\Common Files\Macrovision Shared
2011-07-25 10:54:20 -------- d-----w- C:\ProgramData\Rosetta Stone
2011-07-25 10:54:20 -------- d-----w- C:\Program Files (x86)\Rosetta Stone
2011-07-17 09:02:25 -------- d-----w- C:\Users\Lucian\AppData\Roaming\Research In Motion
2011-07-17 09:02:25 -------- d-----w- C:\Users\Lucian\AppData\Local\Research In Motion
2011-07-17 09:00:13 31744 ----a-w- C:\Windows\System32\drivers\RimSerial_AMD64.sys
2011-07-17 08:59:39 -------- d-----w- C:\ProgramData\Research In Motion
2011-07-17 08:59:18 -------- d-----w- C:\Program Files (x86)\Research In Motion
2011-07-17 08:59:18 -------- d-----w- C:\Program Files (x86)\Common Files\Research In Motion
2011-07-13 08:17:54 362496 ----a-w- C:\Windows\System32\wow64win.dll
2011-07-13 08:17:54 338944 ----a-w- C:\Windows\System32\conhost.exe
2011-07-13 08:17:54 214528 ----a-w- C:\Windows\System32\winsrv.dll
2011-07-13 08:17:53 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2011-07-13 08:17:53 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2011-07-13 08:17:53 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2011-07-13 08:17:53 243200 ----a-w- C:\Windows\System32\wow64.dll
2011-07-13 08:17:53 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2011-07-13 08:17:53 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2011-07-13 08:17:53 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2011-07-13 08:17:52 2048 ----a-w- C:\Windows\SysWow64\user.exe
2011-07-12 08:26:58 -------- d-----w- C:\Users\Lucian\AppData\Roaming\LolClient
2011-07-12 08:08:10 467984 ----a-w- C:\Windows\SysWow64\d3dx10_39.dll
2011-07-12 08:08:10 1493528 ----a-w- C:\Windows\SysWow64\D3DCompiler_39.dll
2011-07-12 08:08:09 3851784 ----a-w- C:\Windows\SysWow64\D3DX9_39.dll
2011-07-12 08:05:34 -------- d-----w- C:\Riot Games
2011-07-12 07:45:40 -------- d-----w- C:\Program Files (x86)\LoL
2011-07-12 07:44:01 -------- d-----w- C:\ProgramData\PMB Files
2011-07-12 07:43:52 -------- d-----w- C:\Program Files (x86)\Pando Networks
2011-07-11 12:17:54 -------- d-----w- C:\Users\Lucian\AppData\Local\Google
2011-07-09 13:59:20 -------- d-----w- C:\ProgramData\Vsk5Online
2011-07-09 13:54:38 -------- d-----w- C:\Program Files (x86)\Vsk5Online
2011-07-06 17:29:37 -------- d-----w- C:\Users\Lucian\AppData\Local\ElevatedDiagnostics
2011-07-04 19:44:12 -------- d-----w- C:\ProgramData\YouTube Downloader
2011-07-04 19:44:09 -------- d-----w- C:\Program Files (x86)\YouTube Downloader
2011-07-04 19:38:30 -------- d-----w- C:\Program Files (x86)\YoutubeDownloader.org
2011-07-04 18:25:04 -------- d-----w- C:\Windows\SysWow64\RTCOM
2011-07-04 18:25:04 -------- d-----w- C:\Program Files\Realtek
2011-07-04 16:34:33 12 ---ha-w- C:\Windows\et.sys
2011-07-04 16:16:54 45056 ----a-r- C:\Users\Lucian\AppData\Roaming\Microsoft\Installer\{EF6C41BD-4BFA-4AE5-88AD-A1F1249435A2}\transposer.exe1_EF6C41BD4BFA4AE588ADA1F1249435A2.exe
2011-07-04 16:16:52 45056 ----a-r- C:\Users\Lucian\AppData\Roaming\Microsoft\Installer\{EF6C41BD-4BFA-4AE5-88AD-A1F1249435A2}\transposer.exe_EF6C41BD4BFA4AE588ADA1F1249435A2.exe
2011-07-04 16:16:51 -------- d-----w- C:\Program Files (x86)\Common Files\sony shared
2011-07-04 16:16:50 -------- d-----w- C:\Program Files (x86)\GenTek Solutions Inc
2011-07-04 16:14:15 -------- d-----w- C:\Windows\Downloaded Installations
2011-07-03 16:20:58 -------- d-----w- C:\Program Files\Ventrilo
2011-07-03 16:20:17 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard
2011-07-01 14:57:37 -------- d-----w- C:\Program Files (x86)\Minecraft
2011-07-01 14:35:17 -------- d-----w- C:\Program Files (x86)\Ask.com
2011-07-01 14:35:17 -------- d-----w- C:\Firefox
2011-07-01 10:23:14 -------- d-----w- C:\Users\Lucian\AppData\Local\Apps
2011-07-01 10:23:11 -------- d-----w- C:\Users\Lucian\AppData\Local\Deployment
.
==================== Find3M ====================
.
2011-07-12 13:07:57 404640 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-06-29 09:30:11 88288 ----a-w- C:\Windows\System32\drivers\avgntflt.sys
2011-06-17 21:31:17 280768 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2011-06-17 21:29:34 215128 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2011-06-14 18:38:12 2899176 ----a-w- C:\Windows\System32\drivers\RTKVHD64.sys
2011-06-13 18:04:16 1560680 ----a-w- C:\Windows\System32\RTSnMg64.cpl
2011-06-11 02:56:44 3134464 ----a-w- C:\Windows\System32\win32k.sys
2011-06-10 13:35:06 840 ----a-w- C:\Users\Lucian\AppData\Roaming\Lucian.vbs
2011-06-07 16:09:32 2405992 ----a-w- C:\Windows\System32\RtPgEx64.dll
2011-06-03 13:11:36 1805928 ----a-w- C:\Windows\System32\RtkApi64.dll
2011-06-02 16:03:58 92264 ----a-w- C:\Windows\System32\RCoInst64.dll
2011-06-02 06:39:54 422400 ----a-w- C:\Windows\System32\KernelBase.dll
2011-06-02 05:56:28 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2011-06-02 05:54:50 272384 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2011-06-02 03:45:49 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2011-06-02 03:45:49 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2011-06-02 03:45:49 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2011-06-02 03:45:49 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2011-06-01 15:13:05 75136 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe
2011-06-01 15:02:08 2434856 ----a-w- C:\Windows\SysWow64\pbsvc_bc2.exe
2011-06-01 08:18:00 466456 ----a-w- C:\Windows\System32\wrap_oal.dll
2011-06-01 08:18:00 444952 ----a-w- C:\Windows\SysWow64\wrap_oal.dll
2011-06-01 08:18:00 122904 ----a-w- C:\Windows\System32\OpenAL32.dll
2011-06-01 08:17:59 109080 ----a-w- C:\Windows\SysWow64\OpenAL32.dll
2011-05-31 21:48:25 503352 ----a-w- C:\Windows\System32\drivers\sptd.sys.vir
2011-05-31 09:09:30 3114088 ----a-w- C:\Windows\System32\RtkAPO64.dll
2011-05-28 03:25:16 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2011-05-28 03:00:02 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2011-05-27 16:58:00 1284712 ----a-w- C:\Windows\RtlExUpd.dll
2011-05-24 18:14:10 270720 ------w- C:\Windows\System32\MpSigStub.exe
2011-05-24 11:21:59 404992 ----a-w- C:\Windows\System32\umpnpmgr.dll
2011-05-24 10:34:20 64512 ----a-w- C:\Windows\SysWow64\devobj.dll
2011-05-24 10:34:20 44544 ----a-w- C:\Windows\SysWow64\devrtl.dll
2011-05-24 10:34:00 145920 ----a-w- C:\Windows\SysWow64\cfgmgr32.dll
2011-05-24 10:32:46 252928 ----a-w- C:\Windows\SysWow64\drvinst.exe
2011-05-23 16:12:36 1245288 ----a-w- C:\Windows\System32\RTCOM64.dll
2011-05-20 13:03:07 0 ----a-w- C:\Windows\ativpsrm.bin
2011-05-19 09:54:28 507904 ----a-r- C:\Windows\SysWow64\btwapi.dll
2011-05-05 14:24:02 2085440 ----a-w- C:\Windows\System32\FMAPO64.dll
2011-05-04 05:30:38 2326016 ----a-w- C:\Windows\System32\tquery.dll
2011-05-04 05:28:07 779264 ----a-w- C:\Windows\System32\mssvp.dll
2011-05-04 05:28:07 2228224 ----a-w- C:\Windows\System32\mssrch.dll
2011-05-04 05:28:06 75264 ----a-w- C:\Windows\System32\msscntrs.dll
2011-05-04 05:28:06 491520 ----a-w- C:\Windows\System32\mssph.dll
2011-05-04 05:28:06 288256 ----a-w- C:\Windows\System32\mssphtb.dll
2011-05-04 05:24:09 593408 ----a-w- C:\Windows\System32\SearchIndexer.exe
2011-05-04 05:24:09 249856 ----a-w- C:\Windows\System32\SearchProtocolHost.exe
2011-05-04 05:24:09 113664 ----a-w- C:\Windows\System32\SearchFilterHost.exe
2011-05-04 04:53:10 1553920 ----a-w- C:\Windows\SysWow64\tquery.dll
2011-05-04 04:52:59 666624 ----a-w- C:\Windows\SysWow64\mssvp.dll
2011-05-04 04:52:59 59392 ----a-w- C:\Windows\SysWow64\msscntrs.dll
2011-05-04 04:52:59 337408 ----a-w- C:\Windows\SysWow64\mssph.dll
2011-05-04 04:52:59 197120 ----a-w- C:\Windows\SysWow64\mssphtb.dll
2011-05-04 04:52:59 1401856 ----a-w- C:\Windows\SysWow64\mssrch.dll
2011-05-04 04:52:12 86528 ----a-w- C:\Windows\SysWow64\SearchFilterHost.exe
2011-05-04 04:52:12 428032 ----a-w- C:\Windows\SysWow64\SearchIndexer.exe
2011-05-04 04:52:12 164352 ----a-w- C:\Windows\SysWow64\SearchProtocolHost.exe
2011-05-04 03:52:22 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2011-05-04 02:51:08 287744 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
2011-05-04 02:51:08 157696 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys
2011-05-04 02:51:05 126464 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys
2011-05-03 05:21:22 976896 ----a-w- C:\Windows\System32\inetcomm.dll
2011-05-03 04:50:29 740864 ----a-w- C:\Windows\SysWow64\inetcomm.dll
.
============= FINISH: 20:11:21.20 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-06-23.01)
.
Microsoft Windows 7 Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 20/05/2011 13:51:08
System Uptime: 29/07/2011 20:01:06 (0 hours ago)
.
Motherboard: Gigabyte Technology Co., Ltd. | | P35-DS3
Processor: Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz | Socket 775 | 3000/333mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 466 GiB total, 214.965 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: Windows Firewall Authorization Driver
Device ID: ROOT\LEGACY_MPSDRV\0000
Manufacturer:
Name: Windows Firewall Authorization Driver
PNP Device ID: ROOT\LEGACY_MPSDRV\0000
Service: mpsdrv
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Realtek RTL8169/8110 Family PCI Gigabit Ethernet NIC (NDIS 6.20)
Device ID: PCI\VEN_10EC&DEV_8169&SUBSYS_816910EC&REV_10\4&30D54F48&0&10F0
Manufacturer: Realtek
Name: Realtek RTL8169/8110 Family PCI Gigabit Ethernet NIC (NDIS 6.20)
PNP Device ID: PCI\VEN_10EC&DEV_8169&SUBSYS_816910EC&REV_10\4&30D54F48&0&10F0
Service: RTL8167
.
==== System Restore Points ===================
.
RP74: 28/07/2011 03:00:31 - Windows Update
RP75: 29/07/2011 07:03:15 - Windows Update
RP76: 29/07/2011 12:11:46 - Restore Operation
RP77: 29/07/2011 17:26:53 - Windows Update
RP78: 29/07/2011 17:30:23 - Windows Update
.
==== Installed Programs ======================
.
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader X (10.0.1)
Ask Toolbar
µTorrent
Avira AntiVir Personal - Free Antivirus
Battlefield: Bad Company 2
BF3 Alpha Trial
BlackBerry Desktop Software 6.1
Curse Client
EasyBits GO
ESN Sonar
Fable III
Frozen Synapse
Google Earth
Google Update Helper
Java Auto Updater
Java(TM) 6 Update 26
League of Legends
Malwarebytes' Anti-Malware version 1.51.1.1800
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Napoleon: Total War
OpenAL
Opera 11.50
Origin
Pando Media Booster
Portal 2
PunkBuster Services
Rapture3D 2.4.8 Game
Realtek High Definition Audio Driver
Rosetta Stone Version 3
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Skype™ 5.3
Spyware Doctor
Steam
Team Fortress 2
TrackIR5
Transposer
Trojan Remover 6.8.2
Vsk5Online
Warhammer® 40,000®: Dawn of War® II – Retribution™
Warhammer® 40,000™: Dawn of War® II
World of Warcraft
YouTube Downloader 3.1
.
==== Event Viewer Messages From Past Week ========
.
29/07/2011 20:01:34, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: sptd
29/07/2011 20:01:28, Error: Service Control Manager [7001] - The Windows Firewall service depends on the Windows Firewall Authorization Driver service which failed to start because of the following error: Cannot create a file when that file already exists.
29/07/2011 20:01:28, Error: Service Control Manager [7000] - The Windows Firewall Authorization Driver service failed to start due to the following error: Cannot create a file when that file already exists.
29/07/2011 19:56:27, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
29/07/2011 19:56:26, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
29/07/2011 19:56:26, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
29/07/2011 19:56:25, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
29/07/2011 19:56:25, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
29/07/2011 19:56:24, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
29/07/2011 19:56:14, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
29/07/2011 19:56:12, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD avipbb CSC DfsC discache NetBIOS NetBT nsiproxy pctgntdi PCTSD Psched rdbss spldr sptd tdx Wanarpv6 WfpLwf ws2ifsl
29/07/2011 19:56:12, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
29/07/2011 19:56:12, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
29/07/2011 19:56:12, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
29/07/2011 19:56:12, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
29/07/2011 19:56:12, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
29/07/2011 19:56:12, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.
29/07/2011 19:56:12, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
29/07/2011 19:56:12, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
29/07/2011 19:56:12, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
29/07/2011 19:56:12, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
29/07/2011 17:10:32, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
29/07/2011 17:10:14, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: avipbb discache PCTSD spldr sptd TfFsMon TFSysMon Wanarpv6
29/07/2011 17:09:38, Error: sptd [4] - Driver detected an internal error in its data structures for .
29/07/2011 17:04:38, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{ba088b26-82dd-11e0-9dde-806e6f6e6963}\System Volume Information\SystemRestore\New-system' was corrupted and it has been recovered. Some data might have been lost.
29/07/2011 17:03:56, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
29/07/2011 13:29:47, Error: VDS Basic Provider [1] - Unexpected failure. Error code: D@01010004
29/07/2011 13:09:41, Error: VDS Basic Provider [1] - Unexpected failure. Error code: 490@01010004
29/07/2011 12:29:43, Error: Service Control Manager [7023] - The Windows Defender service terminated with the following error: %%-2147024882
29/07/2011 06:59:18, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x000000c2 (0x0000000000000007, 0x0000000000001097, 0x00000000041d0000, 0xfffffa80054d7010). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 072911-28563-01.
28/07/2011 01:26:53, Error: Microsoft-Windows-HAL [12] - The platform firmware has corrupted memory across the previous system power transition. Please check for updated firmware for your system.
27/07/2011 15:43:11, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Media Player Network Sharing Service service to connect.
27/07/2011 15:43:11, Error: Service Control Manager [7000] - The Windows Media Player Network Sharing Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
27/07/2011 12:56:23, Error: Service Control Manager [7030] - The ThreatFire service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
.
==== End Of File ===========================
Thank you in advance for the help,
Lucian
Since yesterday I've been getting the dreaded google search redirect issues on both Opera and IE. Have tried nuking my computer with all things antivirus but to no avail, so am seeking further assistance here.
Also, strangely, any program that works from a launcher has stopped working - mainly games. The launcher will load, but will not then actually launch the game exe. Unsure if this is related, but have no other explaination.
Logs follow
Malwarebyte:
Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org
Database version: 7319
Windows 6.1.7600 (Safe Mode)
Internet Explorer 8.0.7600.16385
29/07/2011 20:00:17
mbam-log-2011-07-29 (20-00-17).txt
Scan type: Quick scan
Objects scanned: 169393
Time elapsed: 3 minute(s), 4 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
GMER (blank after the auto scan it does on startup)
DDS
.
DDS (Ver_2011-06-23.01) - NTFSAMD64
Internet Explorer: 8.0.7600.16385
Run by Lucian at 20:10:47 on 2011-07-29
Microsoft Windows 7 Professional 6.1.7600.0.1252.44.1033.18.4094.2958 [GMT 1:00]
.
AV: Spyware Doctor with AntiVirus *Disabled/Updated* {2F668A56-D5E0-2DF1-A0AE-CB1284F42AB2}
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spyware Doctor with AntiVirus *Disabled/Updated* {94076BB2-F3DA-227F-9A1E-F060FF73600F}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Saitek\SD6\Software\ProfilerU.exe
C:\Program Files\Saitek\SD6\Software\SaiMfd.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\YoutubeDownloader.org\YoutubeDownloader\YoutubeDownloader Updater.exe
C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Ask.com\Updater\Updater.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
C:\Users\Lucian\AppData\Local\Apps\2.0\HR1DZ98O.501\G8CHHLTG.JTC\curs..tion_eee711038731a406_0004.0000_0d453ed5fea2fe48\CurseClient.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\taskhost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.smartwebsearch.net/index.php?from=3
uURLSearchHooks: H - No File
mWinlogon: Userinit=userinit.exe,
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
uRun: [NTServiceManager] C:\Program Files (x86)\YoutubeDownloader.org\YoutubeDownloader\YoutubeDownloader Updater.exe
uRun: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun: [TrojanScanner] C:\Program Files (x86)\Trojan Remover\Trjscan.exe /boot
StartupFolder: C:\Users\Lucian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip
StartupFolder: C:\Users\Lucian\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\STARTU~1.LNK - C:\Users\Lucian\AppData\Roaming\FAH\CPU\StartupCPU.exe
StartupFolder: C:\Users\Lucian\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\STARTU~2.LNK - C:\Users\Lucian\AppData\Roaming\FAH\GPU\StartupGPU.exe
StartupFolder: C:\Users\Lucian\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\VERSIO~1.LNK - C:\Users\Lucian\AppData\Roaming\FAH\VersionCheck.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
LSP: C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll
LSP: mswsock.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{E32CD60E-FE0E-4BAC-BEB1-CAD4DEDB86F8} : DhcpNameServer = 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
SubSystems: Windows = basesrv,1 winsrv:UserServerDllInitialization,3 consrv:ConServerDllInitialization,2 sxssrv,4
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
BHO-X64: URLRedirectionBHO - No File
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
mRun-x64: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun-x64: [TrojanScanner] C:\Program Files (x86)\Trojan Remover\Trjscan.exe /boot
.
============= SERVICES / DRIVERS ===============
.
R0 PCTCore;PCTools KDS;C:\Windows\system32\drivers\PCTCore64.sys --> C:\Windows\system32\drivers\PCTCore64.sys [?]
R0 pctDS;PC Tools Data Store;C:\Windows\system32\drivers\pctDS64.sys --> C:\Windows\system32\drivers\pctDS64.sys [?]
R0 pctEFA;PC Tools Extended File Attributes;C:\Windows\system32\drivers\pctEFA64.sys --> C:\Windows\system32\drivers\pctEFA64.sys [?]
R0 TfFsMon;TfFsMon;C:\Windows\system32\drivers\TfFsMon.sys --> C:\Windows\system32\drivers\TfFsMon.sys [?]
R0 TFSysMon;TFSysMon;C:\Windows\system32\drivers\TfSysMon.sys --> C:\Windows\system32\drivers\TfSysMon.sys [?]
R1 pctgntdi;pctgntdi;\??\C:\Windows\System32\drivers\pctgntdi64.sys --> C:\Windows\System32\drivers\pctgntdi64.sys [?]
R1 PCTSD;PC Tools Spyware Doctor Driver;C:\Windows\system32\Drivers\PCTSD64.sys --> C:\Windows\system32\Drivers\PCTSD64.sys [?]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2011-5-20 136360]
R2 avgntflt;avgntflt;C:\Windows\system32\DRIVERS\avgntflt.sys --> C:\Windows\system32\DRIVERS\avgntflt.sys [?]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-7-29 366640]
R2 StarWindServiceAE;StarWind AE Service;C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
R3 lvpepf64;Volume Adapter;C:\Windows\system32\DRIVERS\lv302a64.sys --> C:\Windows\system32\DRIVERS\lv302a64.sys [?]
R3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\system32\DRIVERS\lvrs64.sys --> C:\Windows\system32\DRIVERS\lvrs64.sys [?]
R3 LVUSBS64;Logitech USB Monitor Filter;C:\Windows\system32\drivers\LVUSBS64.sys --> C:\Windows\system32\drivers\LVUSBS64.sys [?]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
S2 AntiVirService;Avira AntiVir Guard;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2011-5-20 269480]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-7-11 136176]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-7-11 136176]
S3 npusbio;npusbio;C:\Windows\system32\Drivers\npusbio_x64.sys --> C:\Windows\system32\Drivers\npusbio_x64.sys [?]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 pctplsg;pctplsg;\??\C:\Windows\System32\drivers\pctplsg64.sys --> C:\Windows\System32\drivers\pctplsg64.sys [?]
S3 SaiH2541;SaiH2541;C:\Windows\system32\DRIVERS\SaiH2541.sys --> C:\Windows\system32\DRIVERS\SaiH2541.sys [?]
S3 sdAuxService;PC Tools Auxiliary Service;C:\Program Files (x86)\PC Tools Security\pctsAuxs.exe [2011-7-27 371472]
S3 sdCoreService;PC Tools Security Service;C:\Program Files (x86)\PC Tools Security\pctsSvc.exe [2011-7-27 1117144]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 20992]
S3 TfNetMon;TfNetMon;\??\C:\Windows\system32\drivers\TfNetMon.sys --> C:\Windows\system32\drivers\TfNetMon.sys [?]
S3 ThreatFire;ThreatFire;C:\Program Files (x86)\PC Tools Security\TFEngine\TFService.exe service --> C:\Program Files (x86)\PC Tools Security\TFEngine\TFService.exe service [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2011-07-29 18:10:35 77312 ----a-w- C:\Windows\SysWow64\ztvunace26.dll
2011-07-29 18:10:35 75264 ----a-w- C:\Windows\SysWow64\unacev2.dll
2011-07-29 18:10:35 69632 ----a-w- C:\Windows\SysWow64\ztvcabinet.dll
2011-07-29 18:10:35 162304 ----a-w- C:\Windows\SysWow64\ztvunrar36.dll
2011-07-29 18:10:35 153088 ----a-w- C:\Windows\SysWow64\UNRAR3.dll
2011-07-29 18:10:34 -------- d-----w- C:\Users\Lucian\AppData\Roaming\Simply Super Software
2011-07-29 18:10:34 -------- d-----w- C:\ProgramData\Simply Super Software
2011-07-29 18:10:34 -------- d-----w- C:\Program Files (x86)\Trojan Remover
2011-07-29 16:30:42 8578896 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2A36097E-2D94-4775-AC08-01934B2EA513}\mpengine.dll
2011-07-29 16:13:17 41272 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
2011-07-29 16:13:13 25912 ----a-w- C:\Windows\System32\drivers\mbam.sys
2011-07-29 15:59:39 -------- d-----w- C:\Users\Lucian\AppData\Local\PMB Files
2011-07-28 09:26:29 -------- d-----w- C:\Users\Lucian\AppData\Local\ATI
2011-07-28 09:23:37 -------- d-----w- C:\Program Files (x86)\ATI Technologies
2011-07-28 09:23:01 -------- d-----w- C:\Program Files\ATI Technologies
2011-07-28 09:22:59 -------- d-----w- C:\Program Files\ATI
2011-07-28 09:22:05 -------- d-----w- C:\ATI
2011-07-28 09:11:18 -------- d-----w- C:\Program Files (x86)\ESET
2011-07-28 08:54:33 -------- d-----w- C:\Users\Lucian\AppData\Roaming\Malwarebytes
2011-07-28 08:53:22 -------- d-----w- C:\ProgramData\Malwarebytes
2011-07-28 08:53:19 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-07-27 15:31:09 -------- d-----w- C:\Users\Lucian\AppData\Local\VeniceAlphaTrial
2011-07-27 15:31:09 -------- d-----w- C:\Users\Lucian\AppData\Local\BF3
2011-07-27 15:30:44 -------- d-----w- C:\Program Files (x86)\BF3 Alpha Trial Web Plugins
2011-07-27 15:28:56 -------- d-----w- C:\ProgramData\EA Core
2011-07-27 15:23:04 -------- d--h--w- C:\Program Files (x86)\Common Files\EAInstaller
2011-07-27 14:14:55 -------- d-----w- C:\Users\Lucian\AppData\Roaming\Origin
2011-07-27 14:13:21 -------- d-----w- C:\Users\Lucian\AppData\Local\Origin
2011-07-27 14:13:14 -------- d-----w- C:\ProgramData\Origin
2011-07-27 14:13:14 -------- d-----w- C:\ProgramData\Electronic Arts
2011-07-27 14:13:14 -------- d-----w- C:\Program Files (x86)\Origin Games
2011-07-27 14:12:50 -------- d-----w- C:\Program Files (x86)\Origin
2011-07-27 11:56:23 74824 --s---w- C:\Windows\System32\drivers\TfSysMon.sys
2011-07-27 11:56:23 65072 --s---w- C:\Windows\System32\drivers\TfFsMon.sys
2011-07-27 11:56:23 41888 --s---w- C:\Windows\System32\drivers\TfNetMon.sys
2011-07-27 11:46:46 816016 ----a-w- C:\Windows\System32\drivers\pctEFA64.sys
2011-07-27 11:46:46 452872 ----a-w- C:\Windows\System32\drivers\pctDS64.sys
2011-07-27 11:46:45 334976 ----a-w- C:\Windows\System32\drivers\pctgntdi64.sys
2011-07-27 11:46:45 140800 ----a-w- C:\Windows\System32\drivers\pctwfpfilter64.sys
2011-07-27 11:46:41 282440 ----a-w- C:\Windows\System32\drivers\PCTCore64.sys
2011-07-27 11:46:40 279344 ----a-w- C:\Windows\System32\drivers\PCTSD64.sys
2011-07-27 11:46:37 92896 ----a-w- C:\Windows\System32\drivers\pctplsg64.sys
2011-07-27 11:46:28 -------- d-----w- C:\Program Files (x86)\PC Tools Security
2011-07-27 11:46:28 -------- d-----w- C:\Program Files (x86)\Common Files\PC Tools
2011-07-27 11:45:18 -------- d-----w- C:\ProgramData\PC Tools
2011-07-26 14:54:53 -------- d-----w- C:\Program Files\Microsoft Synchronization Services
2011-07-26 14:54:36 -------- d-----w- C:\Windows\PCHEALTH
2011-07-26 14:54:36 -------- d-----w- C:\Program Files\Microsoft SQL Server Compact Edition
2011-07-26 14:53:22 -------- d-----w- C:\Users\Lucian\AppData\Local\Microsoft Help
2011-07-26 11:07:39 -------- d-----we C:\Windows\system64
2011-07-25 10:54:40 -------- d-----w- C:\Program Files (x86)\Common Files\Macrovision Shared
2011-07-25 10:54:20 -------- d-----w- C:\ProgramData\Rosetta Stone
2011-07-25 10:54:20 -------- d-----w- C:\Program Files (x86)\Rosetta Stone
2011-07-17 09:02:25 -------- d-----w- C:\Users\Lucian\AppData\Roaming\Research In Motion
2011-07-17 09:02:25 -------- d-----w- C:\Users\Lucian\AppData\Local\Research In Motion
2011-07-17 09:00:13 31744 ----a-w- C:\Windows\System32\drivers\RimSerial_AMD64.sys
2011-07-17 08:59:39 -------- d-----w- C:\ProgramData\Research In Motion
2011-07-17 08:59:18 -------- d-----w- C:\Program Files (x86)\Research In Motion
2011-07-17 08:59:18 -------- d-----w- C:\Program Files (x86)\Common Files\Research In Motion
2011-07-13 08:17:54 362496 ----a-w- C:\Windows\System32\wow64win.dll
2011-07-13 08:17:54 338944 ----a-w- C:\Windows\System32\conhost.exe
2011-07-13 08:17:54 214528 ----a-w- C:\Windows\System32\winsrv.dll
2011-07-13 08:17:53 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2011-07-13 08:17:53 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2011-07-13 08:17:53 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2011-07-13 08:17:53 243200 ----a-w- C:\Windows\System32\wow64.dll
2011-07-13 08:17:53 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2011-07-13 08:17:53 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2011-07-13 08:17:53 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2011-07-13 08:17:52 2048 ----a-w- C:\Windows\SysWow64\user.exe
2011-07-12 08:26:58 -------- d-----w- C:\Users\Lucian\AppData\Roaming\LolClient
2011-07-12 08:08:10 467984 ----a-w- C:\Windows\SysWow64\d3dx10_39.dll
2011-07-12 08:08:10 1493528 ----a-w- C:\Windows\SysWow64\D3DCompiler_39.dll
2011-07-12 08:08:09 3851784 ----a-w- C:\Windows\SysWow64\D3DX9_39.dll
2011-07-12 08:05:34 -------- d-----w- C:\Riot Games
2011-07-12 07:45:40 -------- d-----w- C:\Program Files (x86)\LoL
2011-07-12 07:44:01 -------- d-----w- C:\ProgramData\PMB Files
2011-07-12 07:43:52 -------- d-----w- C:\Program Files (x86)\Pando Networks
2011-07-11 12:17:54 -------- d-----w- C:\Users\Lucian\AppData\Local\Google
2011-07-09 13:59:20 -------- d-----w- C:\ProgramData\Vsk5Online
2011-07-09 13:54:38 -------- d-----w- C:\Program Files (x86)\Vsk5Online
2011-07-06 17:29:37 -------- d-----w- C:\Users\Lucian\AppData\Local\ElevatedDiagnostics
2011-07-04 19:44:12 -------- d-----w- C:\ProgramData\YouTube Downloader
2011-07-04 19:44:09 -------- d-----w- C:\Program Files (x86)\YouTube Downloader
2011-07-04 19:38:30 -------- d-----w- C:\Program Files (x86)\YoutubeDownloader.org
2011-07-04 18:25:04 -------- d-----w- C:\Windows\SysWow64\RTCOM
2011-07-04 18:25:04 -------- d-----w- C:\Program Files\Realtek
2011-07-04 16:34:33 12 ---ha-w- C:\Windows\et.sys
2011-07-04 16:16:54 45056 ----a-r- C:\Users\Lucian\AppData\Roaming\Microsoft\Installer\{EF6C41BD-4BFA-4AE5-88AD-A1F1249435A2}\transposer.exe1_EF6C41BD4BFA4AE588ADA1F1249435A2.exe
2011-07-04 16:16:52 45056 ----a-r- C:\Users\Lucian\AppData\Roaming\Microsoft\Installer\{EF6C41BD-4BFA-4AE5-88AD-A1F1249435A2}\transposer.exe_EF6C41BD4BFA4AE588ADA1F1249435A2.exe
2011-07-04 16:16:51 -------- d-----w- C:\Program Files (x86)\Common Files\sony shared
2011-07-04 16:16:50 -------- d-----w- C:\Program Files (x86)\GenTek Solutions Inc
2011-07-04 16:14:15 -------- d-----w- C:\Windows\Downloaded Installations
2011-07-03 16:20:58 -------- d-----w- C:\Program Files\Ventrilo
2011-07-03 16:20:17 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard
2011-07-01 14:57:37 -------- d-----w- C:\Program Files (x86)\Minecraft
2011-07-01 14:35:17 -------- d-----w- C:\Program Files (x86)\Ask.com
2011-07-01 14:35:17 -------- d-----w- C:\Firefox
2011-07-01 10:23:14 -------- d-----w- C:\Users\Lucian\AppData\Local\Apps
2011-07-01 10:23:11 -------- d-----w- C:\Users\Lucian\AppData\Local\Deployment
.
==================== Find3M ====================
.
2011-07-12 13:07:57 404640 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-06-29 09:30:11 88288 ----a-w- C:\Windows\System32\drivers\avgntflt.sys
2011-06-17 21:31:17 280768 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2011-06-17 21:29:34 215128 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2011-06-14 18:38:12 2899176 ----a-w- C:\Windows\System32\drivers\RTKVHD64.sys
2011-06-13 18:04:16 1560680 ----a-w- C:\Windows\System32\RTSnMg64.cpl
2011-06-11 02:56:44 3134464 ----a-w- C:\Windows\System32\win32k.sys
2011-06-10 13:35:06 840 ----a-w- C:\Users\Lucian\AppData\Roaming\Lucian.vbs
2011-06-07 16:09:32 2405992 ----a-w- C:\Windows\System32\RtPgEx64.dll
2011-06-03 13:11:36 1805928 ----a-w- C:\Windows\System32\RtkApi64.dll
2011-06-02 16:03:58 92264 ----a-w- C:\Windows\System32\RCoInst64.dll
2011-06-02 06:39:54 422400 ----a-w- C:\Windows\System32\KernelBase.dll
2011-06-02 05:56:28 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2011-06-02 05:54:50 272384 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2011-06-02 03:45:49 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2011-06-02 03:45:49 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2011-06-02 03:45:49 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2011-06-02 03:45:49 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2011-06-01 15:13:05 75136 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe
2011-06-01 15:02:08 2434856 ----a-w- C:\Windows\SysWow64\pbsvc_bc2.exe
2011-06-01 08:18:00 466456 ----a-w- C:\Windows\System32\wrap_oal.dll
2011-06-01 08:18:00 444952 ----a-w- C:\Windows\SysWow64\wrap_oal.dll
2011-06-01 08:18:00 122904 ----a-w- C:\Windows\System32\OpenAL32.dll
2011-06-01 08:17:59 109080 ----a-w- C:\Windows\SysWow64\OpenAL32.dll
2011-05-31 21:48:25 503352 ----a-w- C:\Windows\System32\drivers\sptd.sys.vir
2011-05-31 09:09:30 3114088 ----a-w- C:\Windows\System32\RtkAPO64.dll
2011-05-28 03:25:16 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2011-05-28 03:00:02 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2011-05-27 16:58:00 1284712 ----a-w- C:\Windows\RtlExUpd.dll
2011-05-24 18:14:10 270720 ------w- C:\Windows\System32\MpSigStub.exe
2011-05-24 11:21:59 404992 ----a-w- C:\Windows\System32\umpnpmgr.dll
2011-05-24 10:34:20 64512 ----a-w- C:\Windows\SysWow64\devobj.dll
2011-05-24 10:34:20 44544 ----a-w- C:\Windows\SysWow64\devrtl.dll
2011-05-24 10:34:00 145920 ----a-w- C:\Windows\SysWow64\cfgmgr32.dll
2011-05-24 10:32:46 252928 ----a-w- C:\Windows\SysWow64\drvinst.exe
2011-05-23 16:12:36 1245288 ----a-w- C:\Windows\System32\RTCOM64.dll
2011-05-20 13:03:07 0 ----a-w- C:\Windows\ativpsrm.bin
2011-05-19 09:54:28 507904 ----a-r- C:\Windows\SysWow64\btwapi.dll
2011-05-05 14:24:02 2085440 ----a-w- C:\Windows\System32\FMAPO64.dll
2011-05-04 05:30:38 2326016 ----a-w- C:\Windows\System32\tquery.dll
2011-05-04 05:28:07 779264 ----a-w- C:\Windows\System32\mssvp.dll
2011-05-04 05:28:07 2228224 ----a-w- C:\Windows\System32\mssrch.dll
2011-05-04 05:28:06 75264 ----a-w- C:\Windows\System32\msscntrs.dll
2011-05-04 05:28:06 491520 ----a-w- C:\Windows\System32\mssph.dll
2011-05-04 05:28:06 288256 ----a-w- C:\Windows\System32\mssphtb.dll
2011-05-04 05:24:09 593408 ----a-w- C:\Windows\System32\SearchIndexer.exe
2011-05-04 05:24:09 249856 ----a-w- C:\Windows\System32\SearchProtocolHost.exe
2011-05-04 05:24:09 113664 ----a-w- C:\Windows\System32\SearchFilterHost.exe
2011-05-04 04:53:10 1553920 ----a-w- C:\Windows\SysWow64\tquery.dll
2011-05-04 04:52:59 666624 ----a-w- C:\Windows\SysWow64\mssvp.dll
2011-05-04 04:52:59 59392 ----a-w- C:\Windows\SysWow64\msscntrs.dll
2011-05-04 04:52:59 337408 ----a-w- C:\Windows\SysWow64\mssph.dll
2011-05-04 04:52:59 197120 ----a-w- C:\Windows\SysWow64\mssphtb.dll
2011-05-04 04:52:59 1401856 ----a-w- C:\Windows\SysWow64\mssrch.dll
2011-05-04 04:52:12 86528 ----a-w- C:\Windows\SysWow64\SearchFilterHost.exe
2011-05-04 04:52:12 428032 ----a-w- C:\Windows\SysWow64\SearchIndexer.exe
2011-05-04 04:52:12 164352 ----a-w- C:\Windows\SysWow64\SearchProtocolHost.exe
2011-05-04 03:52:22 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2011-05-04 02:51:08 287744 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
2011-05-04 02:51:08 157696 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys
2011-05-04 02:51:05 126464 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys
2011-05-03 05:21:22 976896 ----a-w- C:\Windows\System32\inetcomm.dll
2011-05-03 04:50:29 740864 ----a-w- C:\Windows\SysWow64\inetcomm.dll
.
============= FINISH: 20:11:21.20 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-06-23.01)
.
Microsoft Windows 7 Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 20/05/2011 13:51:08
System Uptime: 29/07/2011 20:01:06 (0 hours ago)
.
Motherboard: Gigabyte Technology Co., Ltd. | | P35-DS3
Processor: Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz | Socket 775 | 3000/333mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 466 GiB total, 214.965 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: Windows Firewall Authorization Driver
Device ID: ROOT\LEGACY_MPSDRV\0000
Manufacturer:
Name: Windows Firewall Authorization Driver
PNP Device ID: ROOT\LEGACY_MPSDRV\0000
Service: mpsdrv
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Realtek RTL8169/8110 Family PCI Gigabit Ethernet NIC (NDIS 6.20)
Device ID: PCI\VEN_10EC&DEV_8169&SUBSYS_816910EC&REV_10\4&30D54F48&0&10F0
Manufacturer: Realtek
Name: Realtek RTL8169/8110 Family PCI Gigabit Ethernet NIC (NDIS 6.20)
PNP Device ID: PCI\VEN_10EC&DEV_8169&SUBSYS_816910EC&REV_10\4&30D54F48&0&10F0
Service: RTL8167
.
==== System Restore Points ===================
.
RP74: 28/07/2011 03:00:31 - Windows Update
RP75: 29/07/2011 07:03:15 - Windows Update
RP76: 29/07/2011 12:11:46 - Restore Operation
RP77: 29/07/2011 17:26:53 - Windows Update
RP78: 29/07/2011 17:30:23 - Windows Update
.
==== Installed Programs ======================
.
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader X (10.0.1)
Ask Toolbar
µTorrent
Avira AntiVir Personal - Free Antivirus
Battlefield: Bad Company 2
BF3 Alpha Trial
BlackBerry Desktop Software 6.1
Curse Client
EasyBits GO
ESN Sonar
Fable III
Frozen Synapse
Google Earth
Google Update Helper
Java Auto Updater
Java(TM) 6 Update 26
League of Legends
Malwarebytes' Anti-Malware version 1.51.1.1800
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Napoleon: Total War
OpenAL
Opera 11.50
Origin
Pando Media Booster
Portal 2
PunkBuster Services
Rapture3D 2.4.8 Game
Realtek High Definition Audio Driver
Rosetta Stone Version 3
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Skype™ 5.3
Spyware Doctor
Steam
Team Fortress 2
TrackIR5
Transposer
Trojan Remover 6.8.2
Vsk5Online
Warhammer® 40,000®: Dawn of War® II – Retribution™
Warhammer® 40,000™: Dawn of War® II
World of Warcraft
YouTube Downloader 3.1
.
==== Event Viewer Messages From Past Week ========
.
29/07/2011 20:01:34, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: sptd
29/07/2011 20:01:28, Error: Service Control Manager [7001] - The Windows Firewall service depends on the Windows Firewall Authorization Driver service which failed to start because of the following error: Cannot create a file when that file already exists.
29/07/2011 20:01:28, Error: Service Control Manager [7000] - The Windows Firewall Authorization Driver service failed to start due to the following error: Cannot create a file when that file already exists.
29/07/2011 19:56:27, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
29/07/2011 19:56:26, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
29/07/2011 19:56:26, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
29/07/2011 19:56:25, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
29/07/2011 19:56:25, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
29/07/2011 19:56:24, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
29/07/2011 19:56:14, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
29/07/2011 19:56:12, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD avipbb CSC DfsC discache NetBIOS NetBT nsiproxy pctgntdi PCTSD Psched rdbss spldr sptd tdx Wanarpv6 WfpLwf ws2ifsl
29/07/2011 19:56:12, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
29/07/2011 19:56:12, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
29/07/2011 19:56:12, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
29/07/2011 19:56:12, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
29/07/2011 19:56:12, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
29/07/2011 19:56:12, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.
29/07/2011 19:56:12, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
29/07/2011 19:56:12, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
29/07/2011 19:56:12, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
29/07/2011 19:56:12, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
29/07/2011 17:10:32, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
29/07/2011 17:10:14, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: avipbb discache PCTSD spldr sptd TfFsMon TFSysMon Wanarpv6
29/07/2011 17:09:38, Error: sptd [4] - Driver detected an internal error in its data structures for .
29/07/2011 17:04:38, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{ba088b26-82dd-11e0-9dde-806e6f6e6963}\System Volume Information\SystemRestore\New-system' was corrupted and it has been recovered. Some data might have been lost.
29/07/2011 17:03:56, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
29/07/2011 13:29:47, Error: VDS Basic Provider [1] - Unexpected failure. Error code: D@01010004
29/07/2011 13:09:41, Error: VDS Basic Provider [1] - Unexpected failure. Error code: 490@01010004
29/07/2011 12:29:43, Error: Service Control Manager [7023] - The Windows Defender service terminated with the following error: %%-2147024882
29/07/2011 06:59:18, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x000000c2 (0x0000000000000007, 0x0000000000001097, 0x00000000041d0000, 0xfffffa80054d7010). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 072911-28563-01.
28/07/2011 01:26:53, Error: Microsoft-Windows-HAL [12] - The platform firmware has corrupted memory across the previous system power transition. Please check for updated firmware for your system.
27/07/2011 15:43:11, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Media Player Network Sharing Service service to connect.
27/07/2011 15:43:11, Error: Service Control Manager [7000] - The Windows Media Player Network Sharing Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
27/07/2011 12:56:23, Error: Service Control Manager [7030] - The ThreatFire service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
.
==== End Of File ===========================
Thank you in advance for the help,
Lucian