Web Browser Crashes and Search Engine Redirect problem

[sinshark]

When I click a link in a search engine, it sends me to another page, most the time I cannot go back without researching. My other problem is that windows explorer and IE/FF/Google Chrome all crash randomly while I am using them.


DDS (Ver_10-03-17.01) - NTFSx86
Run by Austin at 23:45:36.19 on Wed 09/15/2010
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_20
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3583.2141 [GMT -5:00]


============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\Windows\system32\lsm.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe
C:\Program Files\ATKGFNEX\GFNEXSrv.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\AskBarDis\bar\bin\AskService.exe
C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe
C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\ASUS\Splendid\ACMON.exe
C:\Program Files\ASUS\ATK Hotkey\HControl.exe
C:\Program Files\ASUS\ATK Hotkey\MsgTranAgt.exe
C:\Program Files\ASUS\Wireless Console 3\wcourier.exe
C:\Windows\System32\ACEngSvr.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe
C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe
C:\Program Files\ASUS\ATK Media\DMedia.exe
C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\AVG\AVG9\avgtray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\MagicDisc\MagicDisc.exe
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe
C:\Program Files\ASUS\ATK Hotkey\KBFiltr.exe
C:\Program Files\ASUS\ATK Hotkey\WDC.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\wuauclt.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Austin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KJCJP9O1\dds[1].com
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS
uStart Page = hxxp://www.facebook.com/
mDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS
uInternet Settings,ProxyOverride = *.local
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AskBar BHO: {201f27d4-3704-41d6-89c1-aa35e39143ed} - c:\program files\askbardis\bar\bin\askBar.dll
BHO: Skype add-on (mastermind): {22bf413b-c6d2-4d91-82a9-a0f997ba588c} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No File
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: Ask Toolbar: {3041d03e-fd4b-44e0-b742-2d9b88305f98} - c:\program files\askbardis\bar\bin\askBar.dll
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [LightScribe Control Panel] c:\program files\common files\lightscribe\LightScribeControlPanel.exe -hidden
uRun: [{CF419B41-84B9-7A2D-67EA-9ADAC134DD38}] c:\users\austin\appdata\roaming\afemen\ypub.exe
mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe
mRun: [ETDWare] c:\program files\elantech\ETDCtrl.exe
mRun: [ACMON] c:\program files\asus\splendid\ACMON.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [ADSMTray] c:\program files\asus\asus data security manager\ADSMTray.exe
mRun: [AmIcoSinglun] c:\program files\amicosinglun\AmIcoSinglun.exe
mRun: [ASUS Camera ScreenSaver] c:\windows\AsScrProlog.exe
mRun: [ATKMEDIA] c:\program files\asus\atk media\DMedia.exe
mRun: [ATKOSD2] c:\program files\asus\atkosd2\ATKOSD2.exe
mRun: [CLMLServer] "c:\program files\cyberlink\power2go\CLMLSvc.exe"
mRun: [HControlUser] c:\program files\asus\atk hotkey\HControlUser.exe
mRun: [P2Go_Menu] "c:\program files\cyberlink\power2go\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\power2go" updatewithcreateonce "software\cyberlink\power2go\6.0"
mRun: [Wireless Console 3] c:\program files\asus\wireless console 3\wcourier.exe
mRun: [Microsoft Pinyin IME Migration] c:\progra~1\common~1\micros~1\ime12\imesc\IMSCMIG.EXE /INSTALL
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [AVG9_TRAY] c:\progra~1\avg\avg9\avgtray.exe
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
StartupFolder: c:\users\austin\appdata\roaming\micros~1\windows\startm~1\programs\startup\magicd~1.lnk - c:\program files\magicdisc\MagicDisc.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\fancys~1.lnk - c:\windows\installer\{a9feb6d7-9c52-49fc-b956-7ab275b78890}\_5598CE641C54B66A23693F.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {5067A26B-1337-4436-8AFE-EE169C2DA79F} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
AppInit_DLLs: avgrsstx.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
LSA: Notification Packages = scecli c:\program files\asus\asus data security manager\ASPWDFLT

================= FIREFOX ===================

FF - ProfilePath - c:\users\austin\appdata\roaming\mozilla\firefox\profiles\irp47fqa.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.facebook.com/
FF - component: c:\program files\avg\avg9\firefox\components\avgssff.dll
FF - component: c:\users\austin\appdata\roaming\mozilla\firefox\profiles\irp47fqa.default\extensions\radiobar@toolbar\components\toolbarhomewmp.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdnu.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdnupdater2.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\users\austin\appdata\roaming\facebook\npfbplugin_1_0_3.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096);
c:\program files\mozilla firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\mozilla firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

============= SERVICES / DRIVERS ===============

R0 AVG Anti-Rootkit;AVG Anti-Rootkit;c:\windows\system32\drivers\avgarkt.sys [2007-1-31 5632]
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2010-6-5 64288]
R1 AvgArCln;Avg Anti-Rootkit Clean Driver;c:\windows\system32\drivers\AvgArCln.sys [2010-6-23 3968]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-10-6 216400]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2009-10-6 29584]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-10-6 243024]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-13 48128]
R2 ASKService;ASKService;c:\program files\askbardis\bar\bin\AskService.exe [2010-1-20 464264]
R2 ASKUpgrade;ASKUpgrade;c:\program files\askbardis\bar\bin\ASKUpgrade.exe [2010-1-20 234888]
R2 avg9wd;AVG Free WatchDog;c:\program files\avg\avg9\avgwdsvc.exe [2010-7-18 308136]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2010-2-4 1352832]
R2 SRS_VolSync_Service;SRS Volume Sync Service;c:\program files\srs labs\srs premium sound\SRS_VolSync.exe [2009-4-7 70880]
R2 StarWindServiceAE;StarWind AE Service;c:\program files\alcohol soft\alcohol 52\starwind\StarWindServiceAE.exe [2007-5-28 275968]
R3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\drivers\ETD.sys [2009-4-21 90112]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2009-8-21 66592]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2009-3-2 139776]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\drivers\vwifimp.sys [2009-7-13 14336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 CRFILTER;USB Mass Storage Filter;c:\windows\system32\drivers\CRFILTER.sys [2008-4-7 6656]
S3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;d:\games\dragon age\bin_ship\daupdatersvc.service.exe [2009-12-15 25832]
S3 dsiarhwprog;dsiarhwprog;c:\windows\system32\drivers\dsiarhwprog.sys [2010-4-1 29184]
S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2009-10-6 55264]
S3 fsssvc;Windows Live Family Safety;c:\program files\windows live\family safety\fsssvc.exe [2008-12-8 533344]
S3 libusb0;LibUsb-Win32 - Kernel Driver 11/20/2005, 20051120;c:\windows\system32\drivers\libusb0.sys [2010-5-13 29184]
S3 Partizan;Partizan;c:\windows\system32\drivers\Partizan.sys [2010-6-29 35816]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\drivers\SiSGB6.sys [2009-6-10 48128]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-2-25 1343400]

=============== Created Last 30 ================

2010-09-16 03:39:50 0 d-----w- c:\program files\Trend Micro
2010-09-16 02:41:55 0 d-----w- c:\users\austin\appdata\roaming\Etdyub
2010-09-16 02:41:55 0 d-----w- c:\users\austin\appdata\roaming\Afemen
2010-09-13 02:16:11 0 d-----w- c:\program files\Dragon Age Origins Character Creator
2010-09-05 02:39:56 0 d-----w- c:\program files\iPod
2010-09-02 23:33:28 0 d-----w- c:\users\austin\appdata\roaming\GlarySoft
2010-09-02 23:25:49 0 d-----w- c:\program files\Glary Utilities
2010-09-02 23:25:17 51355 ----a-w- c:\windows\system32\muzika.xm
2010-09-02 23:20:08 0 d-----w- c:\users\austin\appdata\roaming\Registry Mechanic
2010-08-30 05:08:36 193 ----a-w- c:\windows\WORDPAD.INI
2010-08-27 22:20:55 0 d-----w- c:\program files\Music Rescue
2010-08-27 19:01:46 0 d-----w- c:\programdata\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2010-08-27 18:58:05 0 d-----w- c:\program files\Bonjour
2010-08-27 18:37:30 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2010-08-27 18:37:30 49472 ----a-w- c:\windows\system32\netfxperf.dll
2010-08-27 18:37:30 297808 ----a-w- c:\windows\system32\mscoree.dll
2010-08-27 18:37:30 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2010-08-27 18:37:30 1130824 ----a-w- c:\windows\system32\dfshim.dll

==================== Find3M ====================

2010-09-16 02:58:07 45056 ----a-w- c:\windows\system32\acovcnt.exe
2010-07-18 21:17:54 243024 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-07-18 21:17:54 12536 ----a-w- c:\windows\system32\avgrsstx.dll
2010-07-18 21:17:27 216400 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-06-29 19:41:30 37600 ----a-w- c:\windows\system32\Partizan.exe
2010-06-21 06:08:34 15880 ----a-w- c:\windows\system32\lsdelete.exe
2009-08-26 10:21:33 32166 ----a-w- c:\windows\inf\perflib\040d\perfd.dat
2009-08-26 10:21:33 32166 ----a-w- c:\windows\inf\perflib\040d\perfc.dat
2009-08-26 10:21:33 229316 ----a-w- c:\windows\inf\perflib\040d\perfi.dat
2009-08-26 10:21:33 229316 ----a-w- c:\windows\inf\perflib\040d\perfh.dat
2009-08-26 10:15:58 45182 ----a-w- c:\windows\inf\perflib\0408\perfd.dat
2009-08-26 10:15:58 45182 ----a-w- c:\windows\inf\perflib\0408\perfc.dat
2009-08-26 10:15:58 369984 ----a-w- c:\windows\inf\perflib\0408\perfi.dat
2009-08-26 10:15:58 369984 ----a-w- c:\windows\inf\perflib\0408\perfh.dat
2009-08-26 10:10:14 42056 ----a-w- c:\windows\inf\perflib\0401\perfd.dat
2009-08-26 10:10:14 42056 ----a-w- c:\windows\inf\perflib\0401\perfc.dat
2009-08-26 10:10:14 289060 ----a-w- c:\windows\inf\perflib\0401\perfi.dat
2009-08-26 10:10:14 289060 ----a-w- c:\windows\inf\perflib\0401\perfh.dat
2009-08-26 10:04:31 36156 ----a-w- c:\windows\inf\perflib\0414\perfd.dat
2009-08-26 10:04:31 36156 ----a-w- c:\windows\inf\perflib\0414\perfc.dat
2009-08-26 10:04:31 298300 ----a-w- c:\windows\inf\perflib\0414\perfi.dat
2009-08-26 10:04:31 298300 ----a-w- c:\windows\inf\perflib\0414\perfh.dat
2009-08-26 09:59:10 38258 ----a-w- c:\windows\inf\perflib\040b\perfd.dat
2009-08-26 09:59:10 38258 ----a-w- c:\windows\inf\perflib\040b\perfc.dat
2009-08-26 09:59:10 279790 ----a-w- c:\windows\inf\perflib\040b\perfi.dat
2009-08-26 09:59:10 279790 ----a-w- c:\windows\inf\perflib\040b\perfh.dat
2009-08-26 09:53:48 39236 ----a-w- c:\windows\inf\perflib\0406\perfd.dat
2009-08-26 09:53:48 39236 ----a-w- c:\windows\inf\perflib\0406\perfc.dat
2009-08-26 09:53:48 306636 ----a-w- c:\windows\inf\perflib\0406\perfi.dat
2009-08-26 09:53:48 306636 ----a-w- c:\windows\inf\perflib\0406\perfh.dat
2009-08-26 09:48:27 37052 ----a-w- c:\windows\inf\perflib\041d\perfd.dat
2009-08-26 09:48:27 37052 ----a-w- c:\windows\inf\perflib\041d\perfc.dat
2009-08-26 09:48:27 294764 ----a-w- c:\windows\inf\perflib\041d\perfi.dat
2009-08-26 09:48:27 294764 ----a-w- c:\windows\inf\perflib\041d\perfh.dat
2009-08-26 09:40:12 40548 ----a-w- c:\windows\inf\perflib\0816\perfd.dat
2009-08-26 09:40:12 40548 ----a-w- c:\windows\inf\perflib\0816\perfc.dat
2009-08-26 09:40:12 336656 ----a-w- c:\windows\inf\perflib\0816\perfi.dat
2009-08-26 09:40:12 336656 ----a-w- c:\windows\inf\perflib\0816\perfh.dat
2009-08-26 09:35:14 48094 ----a-w- c:\windows\inf\perflib\040e\perfd.dat
2009-08-26 09:35:14 48094 ----a-w- c:\windows\inf\perflib\040e\perfc.dat
2009-08-26 09:35:14 287518 ----a-w- c:\windows\inf\perflib\040e\perfi.dat
2009-08-26 09:35:14 287518 ----a-w- c:\windows\inf\perflib\040e\perfh.dat
2009-08-26 09:30:18 36232 ----a-w- c:\windows\inf\perflib\0405\perfd.dat
2009-08-26 09:30:18 36232 ----a-w- c:\windows\inf\perflib\0405\perfc.dat
2009-08-26 09:30:18 292004 ----a-w- c:\windows\inf\perflib\0405\perfi.dat
2009-08-26 09:30:18 292004 ----a-w- c:\windows\inf\perflib\0405\perfh.dat
2009-08-26 09:25:12 31548 ----a-w- c:\windows\inf\perflib\0404\perfd.dat
2009-08-26 09:25:12 31548 ----a-w- c:\windows\inf\perflib\0404\perfc.dat
2009-08-26 09:25:12 117840 ----a-w- c:\windows\inf\perflib\0404\perfi.dat
2009-08-26 09:25:12 117840 ----a-w- c:\windows\inf\perflib\0404\perfh.dat
2009-08-26 09:20:07 37160 ----a-w- c:\windows\inf\perflib\041f\perfd.dat
2009-08-26 09:20:07 37160 ----a-w- c:\windows\inf\perflib\041f\perfc.dat
2009-08-26 09:20:07 285034 ----a-w- c:\windows\inf\perflib\041f\perfi.dat
2009-08-26 09:20:07 285034 ----a-w- c:\windows\inf\perflib\041f\perfh.dat
2009-08-26 09:15:21 38536 ----a-w- c:\windows\inf\perflib\0416\perfd.dat
2009-08-26 09:15:21 38536 ----a-w- c:\windows\inf\perflib\0416\perfc.dat
2009-08-26 09:15:21 323154 ----a-w- c:\windows\inf\perflib\0416\perfi.dat
2009-08-26 09:15:21 323154 ----a-w- c:\windows\inf\perflib\0416\perfh.dat
2009-08-26 09:10:40 38710 ----a-w- c:\windows\inf\perflib\0415\perfd.dat
2009-08-26 09:10:40 38710 ----a-w- c:\windows\inf\perflib\0415\perfc.dat
2009-08-26 09:10:40 337158 ----a-w- c:\windows\inf\perflib\0415\perfi.dat
2009-08-26 09:10:40 337158 ----a-w- c:\windows\inf\perflib\0415\perfh.dat
2009-08-26 09:06:00 31548 ----a-w- c:\windows\inf\perflib\0412\perfd.dat
2009-08-26 09:06:00 31548 ----a-w- c:\windows\inf\perflib\0412\perfc.dat
2009-08-26 09:06:00 157694 ----a-w- c:\windows\inf\perflib\0412\perfi.dat
2009-08-26 09:06:00 157694 ----a-w- c:\windows\inf\perflib\0412\perfh.dat
2009-08-26 09:01:08 31548 ----a-w- c:\windows\inf\perflib\0804\perfd.dat
2009-08-26 09:01:08 31548 ----a-w- c:\windows\inf\perflib\0804\perfc.dat
2009-08-26 09:01:07 111310 ----a-w- c:\windows\inf\perflib\0804\perfi.dat
2009-08-26 09:01:07 111310 ----a-w- c:\windows\inf\perflib\0804\perfh.dat
2009-08-26 08:56:28 39446 ----a-w- c:\windows\inf\perflib\0419\perfd.dat
2009-08-26 08:56:28 39446 ----a-w- c:\windows\inf\perflib\0419\perfc.dat
2009-08-26 08:56:28 336704 ----a-w- c:\windows\inf\perflib\0419\perfi.dat
2009-08-26 08:56:28 336704 ----a-w- c:\windows\inf\perflib\0419\perfh.dat
2009-08-26 08:51:37 43068 ----a-w- c:\windows\inf\perflib\0413\perfd.dat
2009-08-26 08:51:37 43068 ----a-w- c:\windows\inf\perflib\0413\perfc.dat
2009-08-26 08:51:37 341322 ----a-w- c:\windows\inf\perflib\0413\perfi.dat
2009-08-26 08:51:37 341322 ----a-w- c:\windows\inf\perflib\0413\perfh.dat
2009-08-26 08:47:06 37534 ----a-w- c:\windows\inf\perflib\0410\perfd.dat
2009-08-26 08:47:06 37534 ----a-w- c:\windows\inf\perflib\0410\perfc.dat
2009-08-26 08:47:06 335478 ----a-w- c:\windows\inf\perflib\0410\perfi.dat
2009-08-26 08:47:06 335478 ----a-w- c:\windows\inf\perflib\0410\perfh.dat
2009-08-26 08:42:15 31548 ----a-w- c:\windows\inf\perflib\0411\perfd.dat
2009-08-26 08:42:15 31548 ----a-w- c:\windows\inf\perflib\0411\perfc.dat
2009-08-26 08:42:15 141988 ----a-w- c:\windows\inf\perflib\0411\perfi.dat
2009-08-26 08:42:15 141988 ----a-w- c:\windows\inf\perflib\0411\perfh.dat
2009-08-26 08:37:29 38160 ----a-w- c:\windows\inf\perflib\040c\perfd.dat
2009-08-26 08:37:29 38160 ----a-w- c:\windows\inf\perflib\040c\perfc.dat
2009-08-26 08:37:29 344522 ----a-w- c:\windows\inf\perflib\040c\perfi.dat
2009-08-26 08:37:29 344522 ----a-w- c:\windows\inf\perflib\040c\perfh.dat
2009-08-26 08:33:15 41390 ----a-w- c:\windows\inf\perflib\0c0a\perfd.dat
2009-08-26 08:33:15 41390 ----a-w- c:\windows\inf\perflib\0c0a\perfc.dat
2009-08-26 08:33:15 341432 ----a-w- c:\windows\inf\perflib\0c0a\perfi.dat
2009-08-26 08:33:15 341432 ----a-w- c:\windows\inf\perflib\0c0a\perfh.dat
2009-08-26 08:28:53 38104 ----a-w- c:\windows\inf\perflib\0407\perfd.dat
2009-08-26 08:28:53 38104 ----a-w- c:\windows\inf\perflib\0407\perfc.dat
2009-08-26 08:28:53 295922 ----a-w- c:\windows\inf\perflib\0407\perfi.dat
2009-08-26 08:28:53 295922 ----a-w- c:\windows\inf\perflib\0407\perfh.dat
2009-07-14 04:56:42 31548 ----a-w- c:\windows\inf\perflib\0409\perfd.dat
2009-07-14 04:56:42 31548 ----a-w- c:\windows\inf\perflib\0409\perfc.dat
2009-06-10 21:26:35 9633792 --sha-r- c:\windows\fonts\StaticCache.dat
2010-01-04 15:56:34 16384 --sha-w- c:\windows\serviceprofiles\localservice\appdata\local\temp\cookies\index.dat
2010-01-04 15:56:34 16384 --sha-w- c:\windows\serviceprofiles\localservice\appdata\local\temp\history\history.ie5\index.dat
2010-01-04 15:56:34 32768 --sha-w- c:\windows\serviceprofiles\localservice\appdata\local\temp\temporary internet files\content.ie5\index.dat
2010-01-30 00:04:56 245760 --sha-w- c:\windows\serviceprofiles\localservice\appdata\roaming\microsoft\windows\ietldcache\index.dat
2009-12-21 05:58:34 16384 --sha-w- c:\windows\serviceprofiles\networkservice\appdata\local\temp\cookies\index.dat
2009-12-21 05:58:34 16384 --sha-w- c:\windows\serviceprofiles\networkservice\appdata\local\temp\history\history.ie5\index.dat
2009-12-21 05:58:34 32768 --sha-w- c:\windows\serviceprofiles\networkservice\appdata\local\temp\temporary internet files\content.ie5\index.dat
2010-01-22 16:37:22 245760 --sha-w- c:\windows\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\ietldcache\index.dat
2010-01-21 02:42:56 16384 --sha-w- c:\windows\system32\%appdata%\microsoft\windows\ietldcache\index.dat
2010-01-21 02:42:43 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\feeds cache\index.dat
2010-01-21 02:42:43 16384 --sha-w- c:\windows\system32\config\systemprofile\appdata\roaming\microsoft\windows\privacie\index.dat
2009-07-14 01:14:45 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe

============= FINISH: 23:50:26.03 ===============

My Browser crashes when I try to upload the Attach.txt file. I am trying to post it in a reply.

New addition: Firefox will no longer load at all. I have tried to re-install it but to no avail. IE8 is the only thing I can use.

[sinshark]

Any help would be nice

[tashi]

Hello sinshark,

May I direct you to the forum FAQS.

Posting additional comments or logs before a volunteer responds, can push you back instead of forward, because your thread ends up with a newer date. In addition helpers would think you are already being assisted because of the post count, they look for topics with a 0 response. For that reason we may merge such posts but please do not count on it.

"BEFORE you POST"(READ this Procedure BEFORE Requesting Assistance)

Three had already been merged.


Also linked in the sticky: The Waiting Room: Post here if waiting for help four days

Best regards.

[Blade81]

Hi,

• Please Download Rootkit Unhooker Save it to your desktop.
• Now double-click on RKUnhookerLE.exe to run it.
• Click the Report tab, then click Scan.
• Check (Tick) Drivers, Stealth, Files, Code Hooks. Uncheck the rest. then Click OK.
• Wait till the scanner has finished and then click File, Save Report.
• Save the report somewhere where you can find it. Click Close.

Copy the entire contents of the report and paste it in a reply here. Post also contents of fresh dds.txt log.

Note** you may get this warning it is ok, just ignore

Rootkit Unhooker has detected a parasite inside itself!
It is recommended to remove parasite, okay?

[sinshark]

Attached are the report of the scan and a fresh DDS.

[Blade81]

IMPORTANT I notice there are signs of one or more P2P (Peer to Peer) File Sharing Programs on your computer.

Vuze
Vuze Toolbar


I'd like you to read this thread.

Please go to Control Panel > Programs and Features and uninstall the programs listed above (in red).


After that:

Please visit this webpage for download links, and instructions for running ComboFix tool:

http://www.bleepingcomputer.com/comb...o-use-combofix

Please ensure you read this guide carefully first.

Please continue as follows:

1. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix, link
   Remember to re-enable them afterwards.
   
   
2. Click Yes to allow ComboFix to continue scanning for malware.

When the tool is finished, it will produce a report for you.

Please include the following reports for further review, and so we may continue cleansing the system:

C:\ComboFix.txt
New dds log.

A word of warning: Neither I nor sUBs are responsible for any damage you may have caused your machine by running ComboFix. This tool is not a toy and not for everyday use.

[sinshark]

I have been using vuze for two years and it has never caused problems before. I dont believe it is now. I could be wrong however. If this is the only problem that you can see then thank you for the help anyway.

[Blade81]

Maybe it hasn't caused problems earlier but still can't be said it isn't this time. Anyway, if you want me to continue helping then do as instructed or let me know and I'll archive this topic. It's up to you

[sinshark]

Just go ahead an archive it because there is no way I am getting rid of vuze. Thank you for your help anyway, it seemed to help with the web browsers crashing.