Results 1 to 3 of 3

Thread: Browser Redirects and massive browser lag.

  1. #1
    Junior Member
    Join Date
    Aug 2010
    Posts
    1

    Exclamation Browser Redirects and massive browser lag.

    Hey there. Recently, my browser started redirecting me to random ad sites that all seem to be part of the same network. I'm directed to Infomash travel.kosmix.com, Pronto.com, and various others from Google links to known 'safe' sites such as the NY Times and CNN.com.

    I'm a bit dense when it comes to this stuff, so I've had a friend help me out. In the process he had me run ATF-Cleaner, GooredFix, had me do a few scans with Advanced SystemCare Pro, Kaspersky's TDSSKiller and Spybot S&D.

    At first, Spybot picked up some random adware and spyware, and ASC picked up some issues, but all of them were supposedly dealt with. This didn't fix the problem, though, so I was made to run ATF-Cleaner then TDSSKiller. TDSS picked something up, and supposedly took care of the issue, which after a reboot I was perfectly fine. For about 2 days.

    Now it's giving me the same redirects, making Google damn near impossible to use. But it's not just Google now. Random websites I browse are now giving me the same problem.

    I was given the advice to run ERUNT and the DDS tools, which I've done.
    I'll post my DDS in a post after this.

    DDS (Ver_10-03-17.01) - NTFSx86
    Run by Noob at 14:06:01.49 on Fri 08/13/2010
    Internet Explorer: 7.0.6000.16473 BrowserJavaVersion: 1.6.0_21
    Microsoft® Windows Vista™ Home Basic 6.0.6000.0.1252.1.1033.18.2047.840 [GMT -4:00]


    ============== Running Processes ===============

    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k rpcss
    C:\Windows\System32\svchost.exe -k secsvcs
    C:\Windows\system32\atiesrxx.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\SLsvc.exe
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\atieclxx.exe
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\inetsrv\inetinfo.exe
    C:\Program Files\Microsoft LifeCam\MSCamS32.exe
    C:\Program Files\Google\Update\GoogleUpdate.exe
    C:\Program Files\Google\Update\1.2.183.29\GoogleCrashHandler.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files\Viewpoint\Common\ViewpointService.exe
    C:\Windows\system32\svchost.exe -k iissvcs
    C:\Windows\system32\DRIVERS\xaudio.exe
    C:\Program Files\DynDNS Updater\DynUpSvc.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\taskeng.exe
    C:\hp\support\hpsysdrv.exe
    C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
    C:\WINDOWS\RtHDVCpl.exe
    C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
    C:\WINDOWS\vVX1000.exe
    C:\Program Files\WebcamMax\wcmmon.exe
    C:\Users\Noob\AppData\Local\Google\Update\GoogleUpdate.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\system32\wuauclt.exe
    C:\Program Files\Windows Media Player\wmplayer.exe
    C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
    C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files\Windows NT\Accessories\wordpad.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files\Windows Live\Contacts\wlcomm.exe
    C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    c:\windows\system32\inetsrv\w3wp.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Users\Noob\Desktop\dds.scr

    ============== Pseudo HJT Report ===============

    mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=73&bd=Pavilion&pf=desktop
    uInternet Settings,ProxyServer = http=127.0.0.1:5555
    uInternet Settings,ProxyOverride = <local>
    BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\progra~1\yahoo!\companion\installs\cpn1\yt.dll
    BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
    BHO: Yahoo! IE Services Button: {5bab4b5b-68bc-4b02-94d6-2fc0de4a7897} - c:\program files\yahoo!\common\yiesrvc.dll
    BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
    BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: Babylon IE plugin: {9cfaccb6-2f3f-4177-94ea-0d2b72d384c1} - i:\babylon\utils\BabylonIEPI.dll
    BHO: FlashGetBHO: {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - c:\users\noob\appdata\roaming\flashgetbho\FlashGetBHO3.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: Google Gears Helper: {e0fefe40-fbf9-42ae-ba58-794ca7e3fb53} - c:\program files\google\google gears\internet explorer\0.5.36.0\gears.dll
    BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\progra~1\yahoo!\companion\installs\cpn1\YTSingleInstance.dll
    TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn1\yt.dll
    uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
    uRun: [MsnMsgr] "c:\program files\windows live\messenger\MsnMsgr.Exe" /background
    uRun: [Google Update] "c:\users\noob\appdata\local\google\update\GoogleUpdate.exe" /c
    uRun: [Messenger (Yahoo!)] "c:\progra~1\yahoo!\messen~1\YahooMessenger.exe" -quiet
    uRun: [notepad] rundll32.exe c:\windows\servic~2\locals~1\ntload.dll,_IWMPEvents@0
    uRun: [CompanionLink] "c:\program files\sprint desktop sync\sprint desktop sync.exe" -Icon
    uRun: [FlashGet 3] "c:\program files\flashget network\flashget 3\FlashGet3.exe" -minimize
    uRun: [TweetMyPC] c:\program files\codegeeks\tweetmypc\TweetMyPC.exe
    uRunOnce: [FlashPlayerUpdate] c:\windows\system32\macromed\flash\NPSWF32_FlashUtil.exe -p
    mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    mRun: [hpsysdrv] c:\hp\support\hpsysdrv.exe
    mRun: [OsdMaestro] "c:\program files\hewlett-packard\on-screen osd indicator\OSD.exe"
    mRun: [NvSvc] RUNDLL32.EXE c:\windows\system32\nvsvc.dll,nvsvcStart
    mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
    mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
    mRun: [RtHDVCpl] RtHDVCpl.exe
    mRun: [DPService] "c:\program files\hp\dvdplay\DPService.exe"
    mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
    mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
    mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
    mRun: [XboxStat] "c:\program files\microsoft xbox 360 accessories\XboxStat.exe" silentrun
    mRun: [LifeCam] "c:\program files\microsoft lifecam\LifeExp.exe"
    mRun: [VX1000] c:\windows\vVX1000.exe
    mRun: [WebcamMaxMoniter] "c:\program files\webcammax\wcmmon.exe" /a
    mRun: [AdobeCS4ServiceManager] "c:\program files\common files\adobe\cs4servicemanager\CS4ServiceManager.exe" -launchedbylogin
    mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
    mRun: [Babylon Client] i:\babylon\Babylon.exe -AutoStart
    mRunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
    StartupFolder: c:\users\noob\appdata\local\windows\csrss.exe
    StartupFolder: c:\users\noob\appdata\local\windows\erunta~1.lnk - c:\program files\erunt\AUTOBACK.EXE
    StartupFolder: c:\users\noob\appdata\local\windows\winhelp.exe
    IE: Download all by FlashGet3 - c:\users\noob\appdata\roaming\flashgetbho\GetAllUrl.htm
    IE: Download by FlashGet3 - c:\users\noob\appdata\roaming\flashgetbho\GetUrl.htm
    IE: {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - res://i:\babylon\utils\BabylonIEPI.dll/ActionTU.htm
    IE: {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - {0B4350D1-055F-47A3-B112-5F2F2B0D6F08} - c:\program files\google\google gears\internet explorer\0.5.36.0\gears.dll
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
    IE: {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - c:\program files\yahoo!\common\yiesrvc.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office11\REFIEBAR.DLL
    Trusted Zone: convergysworkathome.com\www
    DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
    DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper.dll
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
    DPF: {A084A130-28AE-4B32-B51A-1C8CE164BC88} - hxxp://www.convergysworkathome.com/AppHardT.CAB
    DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
    Hosts: 127.0.0.1 www.spywareinfo.com

    ================= FIREFOX ===================

    FF - ProfilePath - c:\users\noob\appdata\roaming\mozilla\firefox\profiles\ytrkh2jn.default\
    FF - component: c:\program files\google\google gears\firefox\lib\ff35\gears.dll
    FF - component: c:\users\noob\appdata\roaming\mozilla\firefox\profiles\ytrkh2jn.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\winnt_x86-msvc\components\ipc.dll
    FF - component: c:\users\noob\appdata\roaming\mozilla\firefox\profiles\ytrkh2jn.default\extensions\{db9127a2-3381-41ec-82b3-1b6ed4c6f29a}\components\FlashGetXPI.dll
    FF - plugin: c:\program files\google\update\1.2.141.5\npGoogleOneClick7.dll
    FF - plugin: c:\program files\google\update\1.2.145.5\npGoogleOneClick8.dll
    FF - plugin: c:\program files\google\update\1.2.183.13\npGoogleOneClick8.dll
    FF - plugin: c:\program files\google\update\1.2.183.17\npGoogleOneClick8.dll
    FF - plugin: c:\program files\google\update\1.2.183.23\npGoogleOneClick8.dll
    FF - plugin: c:\program files\google\update\1.2.183.29\npGoogleOneClick8.dll
    FF - plugin: c:\program files\google\update\1.2.183.7\npGoogleOneClick8.dll
    FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
    FF - plugin: c:\program files\microsoft\office live\npOLW.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npOGAPlugin.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npViewpoint.dll
    FF - plugin: c:\program files\viewpoint\viewpoint media player\npViewpoint.dll
    FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
    FF - plugin: c:\users\noob\appdata\local\google\update\1.2.183.29\npGoogleOneClick8.dll
    FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}
    FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

    ---- FIREFOX POLICIES ----
    c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
    c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
    c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
    c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
    c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
    c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
    c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
    c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
    c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
    c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
    c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
    c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
    c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
    c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");

    ============= SERVICES / DRIVERS ===============

    R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-7-14 172032]
    R2 CamthWDM;WebcamMax, WDM Video Capture;c:\windows\system32\drivers\CamthWDM.sys [2008-2-9 941784]
    R2 DynDNS Updater;DynDNS Updater;c:\program files\dyndns updater\DynUpSvc.exe [2010-4-16 103800]
    R2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2009-10-20 50704]
    R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2008-9-7 24652]
    S2 gupdate1c9a72d9f0f015c;Google Update Service (gupdate1c9a72d9f0f015c);c:\program files\google\update\GoogleUpdate.exe [2009-3-17 133104]
    S3 xusb20;Xbox 360 Wireless Receiver for Windows Driver Service;c:\windows\system32\drivers\xusb20.sys [2006-10-13 50048]

    ============== File Associations ===============

    regfile="regedit.exe" "%1"

    =============== Created Last 30 ================

    2010-08-13 17:43:44 0 d-----w- c:\program files\trend micro
    2010-08-12 23:20:22 57140 ----a-w- c:\users\noob\OrderConfirmationPrint.aspx.htm
    2010-08-12 00:27:28 1625 ----a-w- c:\users\noob\Maynards says Chew.htm
    2010-08-11 23:30:09 295150 ----a-w- c:\users\noob\gingers.jpg
    2010-08-11 18:20:15 0 d-----w- c:\programdata\Sun
    2010-08-11 18:19:58 423656 ----a-w- c:\windows\system32\deployJava1.dll
    2010-08-11 18:12:27 59904 ----a-w- c:\users\noob\appdata\roaming\csrss.exe
    2010-08-11 00:24:19 0 d-----w- c:\users\noob\appdata\roaming\IObit
    2010-08-11 00:24:18 0 d-----w- c:\program files\IObit
    2010-08-10 23:40:46 2635 ----a-w- c:\users\noob\Falrun [Pemptus].bak
    2010-08-10 23:40:46 2387 ----a-w- c:\users\noob\Falrun [Pemptus].pq
    2010-08-10 16:02:28 0 d-----w- c:\users\noob\appdata\roaming\scdata
    2010-08-07 15:51:50 0 d-----w- C:\Temp
    2010-08-07 06:36:58 7493 ----a-w- c:\users\noob\pq.html
    2010-08-07 06:36:58 322663 ----a-w- c:\users\noob\pq.exe
    2010-08-06 16:25:06 0 d-----w- c:\program files\I-Doser
    2010-08-06 16:03:36 0 d-----w- c:\program files\IDoser v4
    2010-08-05 16:30:35 0 d-----w- c:\program files\MoparScape
    2010-08-05 01:39:38 0 d-----w- c:\program files\AutoHotkey
    2010-08-05 01:38:39 0 d-----w- c:\program files\Codegeeks
    2010-08-03 02:32:05 3138 ----a-w- c:\users\noob\Event.rtf
    2010-08-02 09:11:13 1425 ----a-w- c:\users\noob\printer.png
    2010-08-02 08:11:39 2838 ----a-w- c:\users\noob\Pokemon Crystal (U) [C][h1] (enable setting of time)_03.png
    2010-08-02 07:04:40 2090 ----a-w- c:\users\noob\Pokemon Crystal (U) [C][h1] (enable setting of time)_02.png
    2010-08-02 06:42:47 2381 ----a-w- c:\users\noob\Pokemon Crystal (U) [C][h1] (enable setting of time)_01.png
    2010-08-02 04:49:25 15281 ----a-w- c:\users\noob\Pokemon Crystal (U) [C][h1] (enable setting of time)1.sgm
    2010-08-02 04:31:41 32812 ----a-w- c:\users\noob\Pokemon Crystal (U) [C][h1] (enable setting of time).sav
    2010-08-02 04:30:04 2097152 ----a-r- c:\users\noob\Pokemon Crystal (U) [C][h1] (enable setting of time).gbc
    2010-08-02 02:04:06 8053 ----a-w- c:\users\noob\Legend of Zelda, The - Link's Awakening DX (V1.0) (U) [C][!]3.sgm
    2010-07-31 03:31:18 3318 ----a-w- c:\users\noob\Legend of Zelda, The - Link's Awakening DX (V1.0) (U) [C][!]_18.png
    2010-07-31 03:30:07 3329 ----a-w- c:\users\noob\Legend of Zelda, The - Link's Awakening DX (V1.0) (U) [C][!]_17.png
    2010-07-31 03:29:49 3223 ----a-w- c:\users\noob\Legend of Zelda, The - Link's Awakening DX (V1.0) (U) [C][!]_16.png
    2010-07-31 03:29:47 4744 ----a-w- c:\users\noob\Legend of Zelda, The - Link's Awakening DX (V1.0) (U) [C][!]_15.png
    2010-07-31 03:29:41 4936 ----a-w- c:\users\noob\Legend of Zelda, The - Link's Awakening DX (V1.0) (U) [C][!]_14.png
    2010-07-31 03:29:38 4969 ----a-w- c:\users\noob\Legend of Zelda, The - Link's Awakening DX (V1.0) (U) [C][!]_13.png
    2010-07-31 03:29:37 5008 ----a-w- c:\users\noob\Legend of Zelda, The - Link's Awakening DX (V1.0) (U) [C][!]_12.png
    2010-07-31 03:29:37 4936 ----a-w- c:\users\noob\Legend of Zelda, The - Link's Awakening DX (V1.0) (U) [C][!]_11.png
    2010-07-31 03:29:36 4936 ----a-w- c:\users\noob\Legend of Zelda, The - Link's Awakening DX (V1.0) (U) [C][!]_10.png
    2010-07-31 03:29:34 4944 ----a-w- c:\users\noob\Legend of Zelda, The - Link's Awakening DX (V1.0) (U) [C][!]_09.png
    2010-07-31 03:29:32 4930 ----a-w- c:\users\noob\Legend of Zelda, The - Link's Awakening DX (V1.0) (U) [C][!]_08.png
    2010-07-31 03:29:13 3260 ----a-w- c:\users\noob\Legend of Zelda, The - Link's Awakening DX (V1.0) (U) [C][!]_07.png
    2010-07-31 03:29:12 3323 ----a-w- c:\users\noob\Legend of Zelda, The - Link's Awakening DX (V1.0) (U) [C][!]_06.png
    2010-07-29 11:09:10 8533 ----a-w- c:\users\noob\Legend of Zelda, The - Link's Awakening DX (V1.0) (U) [C][!]2.sgm
    2010-07-27 11:31:59 11927 ----a-w- c:\users\noob\ekROSE Technical Issues solution list.rtf
    2010-07-27 07:02:13 3293 ----a-w- c:\users\noob\Legend of Zelda, The - Link's Awakening DX (V1.0) (U) [C][!]_05.png
    2010-07-27 07:02:10 4711 ----a-w- c:\users\noob\Legend of Zelda, The - Link's Awakening DX (V1.0) (U) [C][!]_03.png
    2010-07-27 07:02:10 412 ----a-w- c:\users\noob\Legend of Zelda, The - Link's Awakening DX (V1.0) (U) [C][!]_04.png
    2010-07-27 02:01:45 2924 ----a-w- c:\users\noob\printer4.PNG
    2010-07-27 02:01:25 5854 ----a-w- c:\users\noob\printer3.PNG
    2010-07-26 21:39:35 4127 ----a-w- c:\users\noob\printer2.PNG
    2010-07-26 21:39:16 3864 ----a-w- c:\users\noob\printer1.PNG
    2010-07-26 06:26:06 4154 ----a-w- c:\users\noob\Legend of Zelda, The - Link's Awakening DX (V1.0) (U) [C][!]_02.png
    2010-07-26 06:12:29 7000 ----a-w- c:\users\noob\Legend of Zelda, The - Link's Awakening DX (V1.0) (U) [C][!]1.sgm
    2010-07-26 05:56:33 4036 ----a-w- c:\users\noob\Legend of Zelda, The - Link's Awakening DX (V1.0) (U) [C][!]_01.png
    2010-07-26 05:25:20 8308 ----a-w- c:\users\noob\Legend of Zelda, The - Link's Awakening DX (V1.0) (U) [C][!].sgm
    2010-07-26 04:10:58 32768 ----a-w- c:\users\noob\Legend of Zelda, The - Link's Awakening DX (V1.0) (U) [C][!].sav
    2010-07-26 04:09:20 2218 ----a-w- c:\users\noob\vba.ini
    2010-07-26 04:02:04 1048576 ----a-r- c:\users\noob\Legend of Zelda, The - Link's Awakening DX (V1.0) (U) [C][!].gb
    2010-07-26 04:01:36 1974352 ----a-w- c:\users\noob\VisualBoyAdvance.exe
    2010-07-22 21:22:41 165389 ----a-w- c:\users\noob\ronery.jpg
    2010-07-21 23:49:03 0 d-----w- c:\users\noob\Food
    2010-07-21 22:40:13 151784 ----a-w- c:\users\noob\127834621949.png
    2010-07-19 22:42:20 14729 ----a-w- c:\users\noob\34925_1277717756700_1642685228_616170_5293389_n.jpg
    2010-07-17 15:01:39 0 d-----w- c:\users\noob\appdata\roaming\R.O.S.E Editor Suite
    2010-07-14 22:46:43 0 d-----w- c:\program files\Elite Kingdom Rose v2

    ==================== Find3M ====================

    2010-06-08 17:31:27 151552 ----a-w- c:\windows\system32\nvRegDev.dll
    2009-12-27 04:19:03 86016 ----a-w- c:\windows\inf\infstrng.dat
    2009-12-27 04:19:03 51200 ----a-w- c:\windows\inf\infpub.dat
    2009-12-27 04:19:02 86016 ----a-w- c:\windows\inf\infstor.dat
    2009-03-17 01:42:44 197 --sha-w- c:\program files\common files\maxtreme.dat
    2007-09-10 23:14:51 665600 ----a-w- c:\windows\inf\drvindex.dat
    2006-11-02 12:48:00 174 --sha-w- c:\program files\desktop.ini
    2006-11-02 12:39:34 30674 ----a-w- c:\windows\inf\perflib\0409\perfd.dat
    2006-11-02 12:39:34 30674 ----a-w- c:\windows\inf\perflib\0409\perfc.dat
    2006-11-02 12:39:34 287440 ----a-w- c:\windows\inf\perflib\0409\perfi.dat
    2006-11-02 12:39:34 287440 ----a-w- c:\windows\inf\perflib\0409\perfh.dat
    2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
    2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
    2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
    2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfc.dat
    2009-03-09 01:40:46 56 --sha-r- c:\windows\system32\35B708EDD8.sys
    2009-03-09 01:48:12 1682 --sha-w- c:\windows\system32\KGyGaAvL.sys

    ============= FINISH: 14:06:48.82 ===============

    Just to add, I did a scan with the Kaspersky Online Scanner 7 and found 'Trojan.Win32.FraudPack.beun', neither Spybot or Advanced SystemCare pick it up, and Google has failed me.
    Last edited by Blade81; 2010-08-14 at 00:16. Reason: Three posts merged. Helpers look for topics with 0 replies so don't add more posts, please.

  2. #2
    Emeritus Blade81's Avatar
    Join Date
    Oct 2006
    Location
    Finland
    Posts
    25,300

    Default

    Hi,

    If help still needed post fresh dds.txt & attach.txt contents.
    Microsoft Windows Insider MVP 2016-2018
    Microsoft MVP Consumer Security 2008-2015
    UNITE member since 2006

    If you have problems create a thread in the forum, please.

    Malware removal instructions are for the correspondent user's case only.

  3. #3
    Emeritus Blade81's Avatar
    Join Date
    Oct 2006
    Location
    Finland
    Posts
    25,300

    Default

    Due to inactivity, this thread will now be closed.

    Note:If it has been three days or more since your last post, and the helper assisting you posted a response to that post to which you did not reply, your topic will not be reopened. At that point, if you still require help, please start a new topic and include a fresh DDS log and a link to your previous thread. Please do not add any logs that might have been requested in the closed topic, you would be starting fresh.

    If it has been less than three days since your last response and you need the thread re-opened, please send me or other MOD a private message (pm). A valid, working link to the closed topic is required.
    Microsoft Windows Insider MVP 2016-2018
    Microsoft MVP Consumer Security 2008-2015
    UNITE member since 2006

    If you have problems create a thread in the forum, please.

    Malware removal instructions are for the correspondent user's case only.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •