Redirected from google

**scroofius** · 01-03-2011

Hi,
I am having a problem with being redirected. If I type a subject into Google and the results appear, when I try to open the sites, I am redirected to a different search site. It doesn't happen ALL the time, just 70% (?).

I am using Windows Vista.
I am connected to a router (the other computer on this router doesn't have the problem).
I have Kapersky as my antivirus.

I did go through a long sequence of running anti malware programs and searching host files etc. a few weeks back but to no avail. I'd like to attempt it all again from scratch as this problem is frustrating and costing me too much time. I'd appreciate any help you can offer.
Thanks.

**broni** · 02-03-2011

Welcome aboard

Please, complete all steps listed here: HERE

Please, observe following rules:

Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
If you're stuck, or you're not sure about certain step, always ask before doing anything else.
Please refrain from running tools or applying updates other than those I suggest.
Never run more than one scan at a time.
Keep updating me regarding your computer behavior, good, or bad.
The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

**scroofius** · 05-03-2011

I followed the directions carefully however I had to run the malware software three times as it kept crashing my system. The third time I did manage to copy it. I hope this is enough to get to the next step. (I'm hoping this is the log you need as it didn't give me the chance to name it gmer.log)
Thanks in advance, I'll wait for your reply before doing anything else.

Malwarebytes' Anti-Malware 1.50.1.1100
Malwarebytes

Database version: 5957

Windows 6.0.6002 Service Pack 2
Internet Explorer 7.0.6002.18005

04/03/2011 3:37:41 PM
mbam-log-2011-03-04 (15-37-41).txt

Scan type: Quick scan
Objects scanned: 164170
Time elapsed: 11 minute(s), 14 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 1
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Associations\bak_Application (Hijacker.Application) -> Value: bak_Application -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Associations\Application (Hijacker.Application) -> Bad: (Trusted Software File Extension Search) Good: (http://shell.windows.com/fileassoc/%...dir.asp?Ext=%s) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
c:\Users\kris walker\AppData\Roaming\microsoft\Windows\start menu\Programs\security tool.lnk (Rogue.SecurityTool) -> Quarantined and deleted successfully.

**broni** · 05-03-2011

Go on.....

**broni** · 12-03-2011

Reopened.

**scroofius** · 14-03-2011

Here's the MBR check info:

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows Vista Home Premium Edition
Windows Information: Service Pack 2 (build 6002), 32-bit
Base Board Manufacturer: Acer
BIOS Manufacturer: Phoenix Technologies, LTD
System Manufacturer: Acer
System Product Name: Aspire X1200
Logical Drives Mask: 0x000000f4

Kernel Drivers (total 152):
0x83215000 \SystemRoot\system32\ntkrnlpa.exe
0x835CF000 \SystemRoot\system32\hal.dll
0x80405000 \SystemRoot\system32\kdcom.dll
0x8040C000 \SystemRoot\system32\PSHED.dll
0x8041D000 \SystemRoot\system32\BOOTVID.dll
0x80425000 \SystemRoot\system32\CLFS.SYS
0x80466000 \SystemRoot\system32\CI.dll
0x8AE0F000 \SystemRoot\system32\DRIVERS\kl1.sys
0x8B331000 \SystemRoot\system32\drivers\Wdf01000.sys
0x8B3AD000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x8B3BA000 \SystemRoot\system32\drivers\acpi.sys
0x8AE00000 \SystemRoot\system32\drivers\WMILIB.SYS
0x80546000 \SystemRoot\system32\drivers\msisadrv.sys
0x8054E000 \SystemRoot\system32\drivers\pci.sys
0x80575000 \SystemRoot\System32\drivers\partmgr.sys
0x80584000 \SystemRoot\system32\drivers\volmgr.sys
0x80593000 \SystemRoot\System32\drivers\volmgrx.sys
0x805DD000 \SystemRoot\system32\drivers\pciide.sys
0x805E4000 \SystemRoot\system32\drivers\PCIIDEX.SYS
0x80604000 \SystemRoot\System32\drivers\mountmgr.sys
0x80614000 \SystemRoot\System32\Drivers\UBHelper.sys
0x8061C000 \SystemRoot\system32\drivers\atapi.sys
0x80624000 \SystemRoot\system32\drivers\ataport.SYS
0x80642000 \SystemRoot\system32\DRIVERS\nvstor32.sys
0x80666000 \SystemRoot\system32\DRIVERS\storport.sys
0x806A7000 \SystemRoot\system32\drivers\fltmgr.sys
0x806D9000 \SystemRoot\system32\drivers\fileinfo.sys
0x806E9000 \SystemRoot\system32\DRIVERS\psdfilter.sys
0x806F2000 \SystemRoot\System32\Drivers\ksecdd.sys
0x8420A000 \SystemRoot\system32\drivers\ndis.sys
0x84315000 \SystemRoot\system32\drivers\msrpc.sys
0x84340000 \SystemRoot\system32\drivers\NETIO.SYS
0x8B400000 \SystemRoot\System32\drivers\tcpip.sys
0x8B4EA000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x8B607000 \SystemRoot\System32\Drivers\Ntfs.sys
0x8B717000 \SystemRoot\system32\drivers\volsnap.sys
0x8B750000 \SystemRoot\System32\Drivers\spldr.sys
0x8B758000 \SystemRoot\System32\Drivers\mup.sys
0x8B767000 \SystemRoot\System32\drivers\ecache.sys
0x8B78E000 \SystemRoot\system32\drivers\disk.sys
0x8B79F000 \SystemRoot\system32\drivers\CLASSPNP.SYS
0x8B7C0000 \SystemRoot\system32\drivers\crcdisk.sys
0x8B7E0000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x8B7EB000 \SystemRoot\system32\DRIVERS\tunmp.sys
0x8B529000 \SystemRoot\system32\DRIVERS\amdk8.sys
0x8B7F4000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0x8B539000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x8B54C000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x8B557000 \SystemRoot\system32\DRIVERS\nvsmu.sys
0x8B55F000 \SystemRoot\system32\DRIVERS\usbohci.sys
0x8B569000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x8B5A7000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x80763000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x8B5B6000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x8B5CE000 \SystemRoot\system32\DRIVERS\NTIDrvr.sys
0x8F40A000 \SystemRoot\system32\DRIVERS\nvmfdx32.sys
0x8F607000 \SystemRoot\system32\DRIVERS\nvlddmkm.sys
0x8FD14000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x8FDB4000 \SystemRoot\System32\drivers\watchdog.sys
0x8FDC0000 \SystemRoot\system32\DRIVERS\ohci1394.sys
0x8FDD0000 \SystemRoot\system32\DRIVERS\1394BUS.SYS
0x8F507000 \SystemRoot\system32\DRIVERS\msiscsi.sys
0x8FDDE000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x8FDE9000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x8F536000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x8F541000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x8F564000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x8F573000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x8F587000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x8F59C000 \SystemRoot\system32\DRIVERS\termdd.sys
0x8F5AC000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x8F600000 \SystemRoot\system32\DRIVERS\swenum.sys
0x8F5B7000 \SystemRoot\system32\DRIVERS\ks.sys
0x8F5E1000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x8F5EB000 \SystemRoot\system32\DRIVERS\umbus.sys
0x8437B000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x8B5D6000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x9000E000 \SystemRoot\system32\drivers\RTKVHDA.sys
0x9020F000 \SystemRoot\system32\drivers\portcls.sys
0x9023C000 \SystemRoot\system32\drivers\drmk.sys
0x90261000 \SystemRoot\system32\drivers\nvhda32v.sys
0x9026F000 \SystemRoot\system32\DRIVERS\klif.sys
0x902F2000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0x902FB000 \SystemRoot\System32\Drivers\Null.SYS
0x90302000 \SystemRoot\System32\Drivers\Beep.SYS
0x90309000 \SystemRoot\System32\drivers\vga.sys
0x90315000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x90336000 \SystemRoot\system32\DRIVERS\hidusb.sys
0x9033F000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x9034F000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x90356000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x90358000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x90360000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x90368000 \SystemRoot\system32\DRIVERS\klmouflt.sys
0x90371000 \SystemRoot\system32\drivers\rdpencdd.sys
0x90379000 \SystemRoot\System32\Drivers\Msfs.SYS
0x90384000 \SystemRoot\System32\Drivers\Npfs.SYS
0x90392000 \SystemRoot\System32\DRIVERS\rasacd.sys
0x9039B000 \SystemRoot\system32\DRIVERS\tdx.sys
0x903B1000 \SystemRoot\system32\DRIVERS\kl2.sys
0x903B7000 \SystemRoot\system32\DRIVERS\smb.sys
0x903CB000 \SystemRoot\System32\DRIVERS\netbt.sys
0x843B0000 \SystemRoot\system32\drivers\afd.sys
0x90000000 \SystemRoot\system32\drivers\ws2ifsl.sys
0x8B5E7000 \SystemRoot\system32\DRIVERS\pacer.sys
0x8F5F8000 \SystemRoot\system32\DRIVERS\klim6.sys
0x90607000 \SystemRoot\system32\DRIVERS\USBSTOR.SYS
0x9061C000 \SystemRoot\system32\DRIVERS\netbios.sys
0x9062A000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x9063D000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x90679000 \SystemRoot\system32\drivers\nsiproxy.sys
0x90683000 \SystemRoot\System32\Drivers\dfsc.sys
0x906A7000 \SystemRoot\System32\Drivers\crashdmp.sys
0x906B4000 \SystemRoot\System32\Drivers\dump_diskdump.sys
0x906BE000 \SystemRoot\System32\Drivers\dump_nvstor32.sys
0x99A40000 \SystemRoot\System32\win32k.sys
0x906E2000 \SystemRoot\System32\drivers\Dxapi.sys
0x906EC000 \SystemRoot\system32\DRIVERS\monitor.sys
0x99C60000 \SystemRoot\System32\TSDDD.dll
0x906FB000 \SystemRoot\system32\drivers\luafv.sys
0x99C80000 \SystemRoot\System32\cdd.dll
0x90716000 \SystemRoot\system32\drivers\spsys.sys
0x907C6000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x907D6000 \SystemRoot\system32\DRIVERS\rspndr.sys
0xA340F000 \SystemRoot\system32\drivers\HTTP.sys
0xA347C000 \SystemRoot\System32\DRIVERS\srvnet.sys
0xA3499000 \SystemRoot\system32\DRIVERS\bowser.sys
0xA34B2000 \SystemRoot\System32\drivers\mpsdrv.sys
0xA34C7000 \SystemRoot\system32\drivers\mrxdav.sys
0xA34E8000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xA3507000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0xA3540000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0xA3558000 \SystemRoot\System32\DRIVERS\srv2.sys
0xA3580000 \SystemRoot\System32\DRIVERS\srv.sys
0xA35CE000 \??\C:\Windows\system32\drivers\int15.sys
0xA5E04000 \SystemRoot\system32\drivers\peauth.sys
0xA5EE2000 \SystemRoot\system32\DRIVERS\PSDNServ.sys
0xA5EEB000 \SystemRoot\system32\DRIVERS\PSDVdisk.sys
0xA5EFD000 \SystemRoot\System32\Drivers\secdrv.SYS
0xA5F07000 \SystemRoot\System32\drivers\tcpipreg.sys
0xA5F13000 \SystemRoot\system32\DRIVERS\WUDFRd.sys
0xA5F28000 \SystemRoot\system32\DRIVERS\WUDFPf.sys
0xA5F3A000 \SystemRoot\system32\DRIVERS\cdfs.sys
0xA5FAC000 \SystemRoot\System32\Drivers\fastfat.SYS
0x99C90000 \SystemRoot\System32\ATMFD.DLL
0xA5F50000 \SystemRoot\system32\DRIVERS\udfs.sys
0xA5FEB000 \SystemRoot\system32\DRIVERS\STREAM.SYS
0xA5FF8000 \SystemRoot\system32\DRIVERS\emStream.sys
0xA5FA4000 \SystemRoot\system32\drivers\emAudio.sys
0xA5FD4000 \SystemRoot\system32\DRIVERS\usbscan.sys
0xA5FE1000 \SystemRoot\system32\DRIVERS\asyncmac.sys
0x77D10000 \Windows\System32\ntdll.dll

Processes (total 74):
0 System Idle Process
4 System
464 C:\Windows\System32\smss.exe
532 csrss.exe
584 C:\Windows\System32\wininit.exe
596 csrss.exe
636 C:\Windows\System32\services.exe
684 C:\Windows\System32\lsass.exe
692 C:\Windows\System32\lsm.exe
848 C:\Windows\System32\svchost.exe
900 C:\Windows\System32\nvvsvc.exe
936 C:\Windows\System32\svchost.exe
988 C:\Windows\System32\svchost.exe
1040 C:\Windows\System32\svchost.exe
1064 C:\Windows\System32\svchost.exe
1160 C:\Windows\System32\winlogon.exe
1216 C:\Windows\System32\audiodg.exe
1292 C:\Windows\System32\SLsvc.exe
1332 C:\Windows\System32\svchost.exe
1492 C:\Windows\System32\rundll32.exe
1516 C:\Windows\System32\svchost.exe
1788 C:\Windows\System32\spoolsv.exe
1796 C:\Windows\System32\taskeng.exe
1836 C:\Windows\System32\svchost.exe
2036 C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
124 C:\Windows\System32\rundll32.exe
260 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
508 C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
520 C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
456 C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
1440 C:\Program Files\Canon\IJPLM\ijplmsvc.exe
1588 C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
1852 C:\Program Files\Common Files\LightScribe\LSSrvc.exe
1876 C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
408 C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
2056 C:\Windows\System32\svchost.exe
2088 C:\Windows\System32\svchost.exe
2132 C:\Windows\System32\svchost.exe
2156 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
2228 C:\Windows\System32\SearchIndexer.exe
2288 C:\Program Files\bin32\nSvcAppFlt.exe
2392 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
2432 C:\Program Files\bin32\nSvcIp.exe
2664 WUDFHost.exe
1080 C:\Windows\System32\svchost.exe
3576 C:\Windows\System32\dwm.exe
3940 C:\Windows\System32\taskeng.exe
728 C:\Windows\explorer.exe
3136 C:\Program Files\Acer\Empowering Technology\SysMonitor.exe
804 C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
2960 C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
3308 C:\Windows\RtHDVCpl.exe
3152 C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe
1628 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
3564 C:\Windows\VM302Snap.exe
3876 C:\Windows\Domino.exe
3856 C:\Program Files\Common Files\Java\Java Update\jusched.exe
3776 C:\Windows\ehome\ehtray.exe
3612 C:\Program Files\MP4 Player\Mp4Player.exe
3392 C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
3088 C:\Program Files\Windows Media Player\wmpnscfg.exe
3056 C:\Program Files\W3i\InstallIQUpdater\InstallIQUpdater.exe
3124 C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
2508 C:\Program Files\Common Files\microsoft shared\Works Shared\WkCalRem.exe
412 C:\Program Files\Windows Media Player\wmpnetwk.exe
2372 C:\Windows\ehome\ehmsas.exe
5744 C:\Program Files\Common Files\Real\Update_OB\realsched.exe
5916 taskeng.exe
3912 C:\Program Files\Mozilla Firefox\firefox.exe
3156 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtblfs.exe
5732 C:\Windows\System32\SearchProtocolHost.exe
772 C:\Windows\System32\SearchFilterHost.exe
5072 C:\Users\kris walker\Desktop\MBRCheck.exe
3120 C:\Windows\System32\conime.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000005`00100000 (NTFS)
\\.\F: --> \\.\PhysicalDrive0 at offset 0x00000027`c2e00000 (NTFS)

PhysicalDrive0 Model Number: WDC WD3200AAJS-22L7A, Rev: 01.0

Size Device Name MBR Status
--------------------------------------------
298 GB \\.\PhysicalDrive0 MBR Code Faked!
SHA1: 93A472601A0A56E7A7ABAEE72DA1D0B68F611BDA

Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:
Options:
[1] Dump the MBR of a physical disk to file.
[2] Restore the MBR of a physical disk with a standard boot code.
[3] Exit.

Enter your choice:

Thanks again.

**broni** · 16-03-2011

DDS logs.
GMER log.

**scroofius** · 18-03-2011

I will try to paste these logs into my reply again but today it timed out. If that happens again, Can I paste these logs in sections or should I zip them? Please let me know what works best for you.Thanks.

DDS log below:
.
DDS (Ver_11-03-05.01) - NTFSx86
Run by kris walker at 15:53:23.02 on 17/03/2011
Internet Explorer: 7.0.6002.18005 BrowserJavaVersion: 1.6.0_24
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.2.1033.18.2814.1725 [GMT -7:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security *Enabled* {6E6FFDEC-83DD-85C5-A4B0-0DA3EBDE2D7D}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\rundll32.exe
C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\bin32\nSvcAppFlt.exe
C:\Program Files\bin32\nSvcIp.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Acer\Empowering Technology\SysMonitor.exe
C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
C:\Windows\VM302Snap.exe
C:\Windows\Domino.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\MP4 Player\Mp4Player.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\W3i\InstallIQUpdater\InstallIQUpdater.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Common Files\microsoft shared\Works Shared\WkCalRem.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtblfs.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\kris walker\Desktop\dds.scr
C:\Windows\system32\conime.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uLocal Page = \blank.htm
uDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=1009&s=1&o=vp32&d=0909&m=aspire_ x1200
uStart Page = hxxp://www.ask.com?o=14196&l=dis
mStart Page = hxxp://en.ca.acer.yahoo.com
mDefault_Page_URL = hxxp://en.ca.acer.yahoo.com
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - c:\program files\kaspersky lab\kaspersky internet security 2011\ievkbd.dll
BHO: ShowBarObj Class: {83a2f9b1-01a2-4aa5-87d1-45b6b8505e96} - c:\program files\acer\empowering technology\edatasecurity\x86\ActiveToolBand.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - c:\program files\windows live\companion\companioncore.dll
BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: FilterBHO Class: {e33cf602-d945-461a-83f0-819f76a199f8} - c:\program files\kaspersky lab\kaspersky internet security 2011\klwtbbho.dll
TB: {0BF43445-2F28-4351-9252-17FE6E806AA0} - No File
TB: Acer eDataSecurity Management: {5cbe3b7c-1e47-477e-a7dd-396db0476e29} - c:\program files\acer\empowering technology\edatasecurity\x86\eDStoolbar.dll
TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
uRun: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [ISUSPM Startup] "c:\program files\common files\installshield\updateservice\ISUSPM.exe" -startup
uRun: [MP4 Player] "c:\program files\mp4 player\mp4Player.exe" hmw
uRun: [LightScribe Control Panel] c:\program files\common files\lightscribe\LightScribeControlPanel.exe -hidden
uRun: [Speech Recognition] "c:\windows\speech\common\sapisvr.exe" -SpeechUX -Startup
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [InstallIQUpdater] "c:\program files\w3i\installiqupdater\InstallIQUpdater.exe" /silent /autorun
mRun: [Acer Empowering Technology Monitor] c:\program files\acer\empowering technology\SysMonitor.exe
mRun: [eDataSecurity Loader] c:\program files\acer\empowering technology\edatasecurity\x86\eDSloader.exe
mRun: [PCMMediaSharing] c:\program files\acer arcade live\acer homemedia connect\kernel\dms\PCMMediaSharing.exe
mRun: [BkupTray] "c:\program files\newtech infosystems\nti backup now 5\BkupTray.exe"
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [Skytel] Skytel.exe
mRun: [Acer Assist Launcher] c:\program files\acer\acer assist\launcher.exe
mRun: [Monitor] "c:\program files\leapfrog\leapfrog connect\Monitor.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [AVP] "c:\program files\kaspersky lab\kaspersky internet security 2011\avp.exe"
mRun: [UVS12 Preload] c:\program files\corel\corel videostudio 12\uvPL.exe
mRun: [BigDogPath] c:\windows\VM302Snap.exe Vimicro USB PC Camera (ZC0302)
mRun: [Domino] c:\windows\Domino.exe
mRun: [USB2Check] RUNDLL32.EXE "c:\windows\system32\PCLECoInst.dll",CheckUSBContr oller
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
StartupFolder: c:\users\kriswa~1\appdata\roaming\micros~1\windows \startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
StartupFolder: c:\users\kriswa~1\appdata\roaming\micros~1\windows \startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
StartupFolder: c:\users\kriswa~1\appdata\roaming\micros~1\windows \startm~1\programs\startup\wkcalrem.lnk - c:\program files\common files\microsoft shared\works shared\WkCalRem.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\sta rtup\micros~1.lnk - c:\program files\microsoft office\office\OSA9.EXE
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Add to Anti-Banner - c:\program files\kaspersky lab\kaspersky internet security 2011\ie_banner_deny.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - c:\program files\kaspersky lab\kaspersky internet security 2011\klwtbbho.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - c:\program files\kaspersky lab\kaspersky internet security 2011\klwtbbho.dll
LSP: %SYSTEMROOT%\system32\nvLsp.dll
DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
Notify: GoToAssist - c:\program files\citrix\gotoassist\570\G2AWinLogon.dll
Notify: klogon - c:\windows\system32\klogon.dll
AppInit_DLLs: AVGRSSTX.DLL c:\progra~1\google\google~1\goec62~1.dll, c:\progra~1\kasper~1\kasper~1\mzvkbd3.dll,c:\progr a~1\kasper~1\kasper~1\kloehk.dll
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\kriswa~1\appdata\roaming\mozilla\firefox\ profiles\2mspq09p.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www3.iamwired.net/websearch.php?src=tops&search=
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=
FF - component: c:\program files\mozilla firefox\extensions\{ab2ce124-6272-4b12-94a9-7303c7397bd1}\components\SkypeFfComponent.dll
FF - component: c:\program files\mozilla firefox\extensions\kavantibanner@kaspersky.ru\comp onents\abhelperxpcom.dll
FF - component: c:\program files\mozilla firefox\extensions\linkfilter@kaspersky.ru\compone nts\kavlinkfilter.dll
FF - component: c:\program files\real\realplayer\browserrecord\firefox\ext\co mponents\nprpffbrowserrecordext.dll
FF - plugin: c:\program files\canon\easy-photoprint ex\NPEZFFPI.DLL
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Anti-Banner: KavAntiBanner@Kaspersky.ru - c:\program files\mozilla firefox\extensions\KavAntiBanner@Kaspersky.ru
FF - Ext: Kaspersky URL Advisor: linkfilter@kaspersky.ru - c:\program files\mozilla firefox\extensions\linkfilter@kaspersky.ru
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Skype extension: {AB2CE124-6272-4b12-94A9-7303C7397BD1} - c:\program files\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - c:\program files\real\realplayer\browserrecord\firefox\ext
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: AutocompletePro - Your handy search suggestions tool: support@predictad.com - %profile%\extensions\support@predictad.com
FF - Ext: Download Youtube Videos +: video.downloader.plugin@ffpimp.com - %profile%\extensions\video.downloader.plugin@ffpim p.com
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
============= SERVICES / DRIVERS ===============
.
R1 kl2;kl2;c:\windows\system32\drivers\kl2.sys [2010-6-9 11352]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\drivers\klim6.sys [2010-4-22 22104]
R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [2009-11-2 19984]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2008-4-29 43552]
S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssflt r.sys [2011-1-4 39272]
S3 vvftav302;vvftav302;c:\windows\system32\drivers\vv ftav302.sys [2007-3-18 475136]
.
=============== Created Last 30 ================
.
2011-03-14 22:51:35 -------- d-----w- c:\users\kriswa~1\appdata\roaming\FixCleaner
2011-03-14 22:51:23 -------- d-----w- c:\program files\FixCleaner
2011-03-14 22:50:56 -------- d-----w- c:\program files\Downloaded Installers
2011-03-09 00:19:16 429056 ----a-w- c:\windows\system32\EncDec.dll
2011-03-09 00:19:16 322560 ----a-w- c:\windows\system32\sbe.dll
2011-03-09 00:19:16 177664 ----a-w- c:\windows\system32\mpg2splt.ax
2011-03-09 00:19:16 153088 ----a-w- c:\windows\system32\sbeio.dll
2011-03-09 00:19:15 2067968 ----a-w- c:\windows\system32\mstscax.dll
2011-03-09 00:19:14 677888 ----a-w- c:\windows\system32\mstsc.exe
2011-03-04 23:24:34 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-03-04 23:24:30 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
.
==================== Find3M ====================
.
2011-02-03 05:40:23 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-01-20 16:08:16 478720 ----a-w- c:\windows\system32\dxgi.dll
2011-01-20 16:08:06 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
2011-01-20 16:08:06 189952 ----a-w- c:\windows\system32\d3d10core.dll
2011-01-20 16:08:06 160768 ----a-w- c:\windows\system32\d3d10_1.dll
2011-01-20 16:08:06 1029120 ----a-w- c:\windows\system32\d3d10.dll
2011-01-20 16:07:58 37376 ----a-w- c:\windows\system32\cdd.dll
2011-01-20 16:07:42 258048 ----a-w- c:\windows\system32\winspool.drv
2011-01-20 16:07:16 586240 ----a-w- c:\windows\system32\stobject.dll
2011-01-20 16:06:38 2873344 ----a-w- c:\windows\system32\mf.dll
2011-01-20 16:06:35 26112 ----a-w- c:\windows\system32\printfilterpipelineprxy.dll
2011-01-20 16:04:54 98816 ----a-w- c:\windows\system32\mfps.dll
2011-01-20 16:04:54 209920 ----a-w- c:\windows\system32\mfplat.dll
2011-01-20 14:28:38 1554432 ----a-w- c:\windows\system32\xpsservices.dll
2011-01-20 14:27:50 876032 ----a-w- c:\windows\system32\XpsPrint.dll
2011-01-20 14:26:30 667648 ----a-w- c:\windows\system32\printfilterpipelinesvc.exe
2011-01-20 14:25:25 847360 ----a-w- c:\windows\system32\OpcServices.dll
2011-01-20 14:24:32 288768 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-01-20 14:24:26 135680 ----a-w- c:\windows\system32\XpsRasterService.dll
2011-01-20 14:15:10 979456 ----a-w- c:\windows\system32\MFH264Dec.dll
2011-01-20 14:14:39 357376 ----a-w- c:\windows\system32\MFHEAACdec.dll
2011-01-20 14:14:03 302592 ----a-w- c:\windows\system32\mfmp4src.dll
2011-01-20 14:14:03 261632 ----a-w- c:\windows\system32\mfreadwrite.dll
2011-01-20 14:12:46 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
2011-01-20 14:11:34 486400 ----a-w- c:\windows\system32\d3d10level9.dll
2011-01-20 13:47:51 683008 ----a-w- c:\windows\system32\d2d1.dll
2011-01-20 13:44:05 1068544 ----a-w- c:\windows\system32\DWrite.dll
2011-01-20 13:44:03 797184 ----a-w- c:\windows\system32\FntCache.dll
2011-01-08 08:47:50 34304 ----a-w- c:\windows\system32\atmlib.dll
2011-01-08 06:28:49 292352 ----a-w- c:\windows\system32\atmfd.dll
2010-12-31 13:57:01 2039808 ----a-w- c:\windows\system32\win32k.sys
2010-12-28 15:55:03 413696 ----a-w- c:\windows\system32\odbc32.dll
2010-12-20 16:36:20 834048 ----a-w- c:\windows\system32\wininet.dll
2010-12-20 15:37:57 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-12-20 14:55:46 389632 ----a-w- c:\windows\system32\html.iec
2010-07-23 06:40:00 2944904 ----a-w- c:\program files\common files\AskToolbarInstaller.exe
.
============= FINISH: 15:55:22.21 ===============

**scroofius** · 18-03-2011

Hmmm that worked...I'll try another.

DDS second log.....
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_11-03-05.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 20/09/2009 9:45:42 PM
System Uptime: 16/03/2011 2:11:55 PM (25 hours ago)
.
Motherboard: Acer | | WMCP78M
Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 5000+ | Socket AM2 | 2600/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 139 GiB total, 66.967 GiB free.
E: is Removable
F: is FIXED (NTFS) - 139 GiB total, 122.718 GiB free.
G: is CDROM ()
H: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID:
Description:
Device ID: ROOT\*6TO4MP\0186
Manufacturer:
Name:
PNP Device ID: ROOT\*6TO4MP\0186
Service:
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft 6to4 Adapter
Device ID: ROOT\*6TO4MP\0912
Manufacturer: Microsoft
Name: Microsoft 6to4 Adapter
PNP Device ID: ROOT\*6TO4MP\0912
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft 6to4 Adapter
Device ID: ROOT\*6TO4MP\0920
Manufacturer: Microsoft
Name: Microsoft 6to4 Adapter #2
PNP Device ID: ROOT\*6TO4MP\0920
Service: tunnel
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
.
Acer Arcade Live Main Page
Acer Assist
Acer eDataSecurity Management
Acer Empowering Technology
Acer HomeMedia Connect
Acer HomeMedia Trial Creator
Acer Registration
Acer ScreenSaver
Acer SlideShow DVD
Activation Assistant for the 2007 Microsoft Office suites
Adobe Bridge 1.0
Adobe Common File Installer
Adobe Flash Player 10 Plugin
Adobe Flash Player ActiveX
Adobe Help Center 1.0
Adobe Photoshop CS2
Adobe Reader 8.2.6
Adobe Shockwave Player 11.5
Adobe Stock Photos 1.0
Apple Application Support
Apple Software Update
ArcSoft PhotoBase 3
ArcSoft PhotoStudio 5
AutocompletePro
Canon Inkjet Printer/Scanner/Fax Extended Survey Program
Canon MP Navigator EX 3.0
Canon MP560 series MP Drivers
Canon Utilities Easy-PhotoPrint EX
Canon Utilities My Printer
Canon Utilities Solution Menu
CCleaner
Chicken Invaders 3
Corel VideoStudio 12
CorelDRAW Graphics Suite X4
CorelDRAW Graphics Suite X4 - Capture
CorelDRAW Graphics Suite X4 - Content
CorelDRAW Graphics Suite X4 - Draw
CorelDRAW Graphics Suite X4 - Extra Content
CorelDRAW Graphics Suite X4 - Filters
CorelDRAW Graphics Suite X4 - FontNav
CorelDRAW Graphics SUite X4 - ICA
CorelDRAW Graphics Suite X4 - IPM
CorelDRAW Graphics Suite X4 - Lang BR
CorelDRAW Graphics Suite X4 - Lang EN
CorelDRAW Graphics Suite X4 - Lang ES
CorelDRAW Graphics Suite X4 - Lang FR
CorelDRAW Graphics Suite X4 - PP
CorelDRAW Graphics Suite X4 - VBA
CorelDRAW(R) Graphics Suite X4
CorelDRAW(R) Graphics Suite X4 - Extra Content
CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension
D3DX10
Diner Dash Flo on the Go
EN
FixCleaner
FontNav
FrostWire 4.21.3
Google Desktop
GoToAssist Corporate
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HyperLoad - Mah Jongg
InstallIQ Updater
Java Auto Updater
Java(TM) 6 Update 24
Jewel Quest Solitaire
Junk Mail filter update
Kaspersky Internet Security 2011
Kick N Rush
LeapFrog Connect
LeapFrog Leapster2 Plugin
LightScribe System Software
LightScribe Template Labeler
Mahjong Escape Ancient China
Malwarebytes' Anti-Malware
Mesh Runtime
Messenger Companion
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Office 2000 Professional
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Excel MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Works
Mozilla Firefox (3.6.15)
MP4 Player
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
NTI Backup Now 5
NTI Backup Now Standard
NTI Media Maker 8
NVIDIA Drivers
NVIDIA ForceWare Network Access Manager
Pinnacle Instant DVD Recorder
PVSonyDll
QuickTime
RealPlayer
Realtek High Definition Audio Driver
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2289158)
Security Update for 2007 Microsoft Office System (KB2344875)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft Office Excel 2007 (KB2345035)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office PowerPoint Viewer (KB2413381)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Security Update for Windows Media Encoder (KB2447961)
Security Update for Windows Media Encoder (KB954156)
Security Update for Windows Media Encoder (KB979332)
Segoe UI
Skype Toolbars
Skype™ 5.0
SmartSound Quicktracks Plugin
Spelling Dictionaries Support For Adobe Reader 8
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update Manager
Use the entry named LeapFrog Connect to uninstall (LeapFrog Leapster2 Plugin)
VBA
VideoStudio
Visual Basic for Applications (R) Core
Visual Basic for Applications (R) Core - English
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Media Encoder 9 Series
Windows Media Player Firefox Plugin
XnView 1.97.8
YouSendIt Express
Zuma Deluxe
.
==== Event Viewer Messages From Past Week ========
.
15/03/2011 9:20:55 PM, Error: nvstor32 [5] - A parity error was detected on \Device\RaidPort0.
.
==== End Of File ===========================

**scroofius** · 18-03-2011

GM log is TOO big, I'm getting a critical error every time I paste it. Would you like it in two pieces?
Thanks.

Redirected from google

Redirected from google

Similar Threads

When I search with google I get redirected

Google links redirected

Google links being redirected.

Google Redirected Help(RESOLVED)

Google links are being redirected