0

Hi im having the same issue as some other ppl who have poseted have MY IE is totally jacked upp it opens websites on its own worst case secanio it wont let me download anything my download speed is like 4 kbs i cant even download malwarebytes :( but then i managed to get it from my friend still of no help plz help here is the dds log


UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-06-23.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume1
Install Date: 4/2/2011 7:52:10 PM
System Uptime: 8/1/2011 8:56:37 AM (1 hours ago)
.
Motherboard: Intel Corporation | | DG33FB
Processor: Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz | J1PR | 1580/266mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 39 GiB total, 5.27 GiB free.
D: is FIXED (NTFS) - 68 GiB total, 61.408 GiB free.
E: is FIXED (NTFS) - 63 GiB total, 37.695 GiB free.
F: is FIXED (NTFS) - 62 GiB total, 19.336 GiB free.
G: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID:
Description: PCI Simple Communications Controller
Device ID: PCI\VEN_8086&DEV_29C4&SUBSYS_50448086&REV_02\3&18D45AA6&0&18
Manufacturer:
Name: PCI Simple Communications Controller
PNP Device ID: PCI\VEN_8086&DEV_29C4&SUBSYS_50448086&REV_02\3&18D45AA6&0&18
Service:
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: SABKUTIL
Device ID: ROOT\LEGACY_SABKUTIL\0000
Manufacturer:
Name: SABKUTIL
PNP Device ID: ROOT\LEGACY_SABKUTIL\0000
Service: SABKUTIL
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
360Amigo System Speedup PRO
Adobe Flash Player 10 ActiveX
Adobe Reader X (10.1.0)
Adobe Shockwave Player 11.5
Angry Birds
Apple Application Support
Apple Mobile Device Support
Apple Software Update
BitComet 1.28
Bonjour
BSR Screen Recorder 5
Counter-Strike 1.6
D3DX10
DFX for Windows Media Player
Fraps (remove only)
Free Privacy Eraser
Garena 2010
Gmail Notifier Pro
Google Chrome
Google Talk (remove only)
Graboid Video 2.06
Hide Window Hotkey
ICAI Self Evaluation System 1.0
Internet Download Manager
iTunes
Java Auto Updater
Java(TM) 6 Update 24
K-Lite Codec Pack 6.8.0 (Full)
Kaspersky Internet Security 2012
Lyrics Plugin for Windows Media Player
Malwarebytes' Anti-Malware version 1.51.1.1800
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SOAP Toolkit 3.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
MSVC80_x86_v2
MSVC90_x86
MSVCRT
MSXML 4.0 SP2 Parser and SDK
Nero 7 Essentials
neroxml
Nokia Connectivity Cable Driver
Nokia Ovi Suite
Nokia Ovi Suite Software Updater
NVIDIA 3D Vision Controller Driver
NVIDIA 3D Vision Controller Driver 275.33
NVIDIA 3D Vision Driver 275.33
NVIDIA Control Panel 275.33
NVIDIA Display Control Panel
NVIDIA Graphics Driver 275.33
NVIDIA Install Application
NVIDIA PhysX
NVIDIA PhysX System Software 9.10.0514
NVIDIA Stereoscopic 3D Driver
NVIDIA Update 1.3.5
NVIDIA Update Components
Ovi Desktop Sync Engine
OviMPlatform
PC Connectivity Solution
PowerISO
PS2
QuickTime
Real Alternative 2.0.2
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Skype Toolbars
Skype™ 5.3
Unlocker 1.9.0
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Ventrilo Client
VLC media player 1.0.1
Warkeys 1.18.1.0b
Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Messenger
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
WinRAR 4.00 (32-bit)
WinX HD Video Converter Deluxe 3.10.3
WoKF 1.0.64
Xvid 1.2.1 final uninstall
Yahoo! BrowserPlus 2.9.8
Yahoo! Messenger
Yahoo! Software Update
Yahoo! Toolbar
YouTube Downloader 2.7.2
.
==== Event Viewer Messages From Past Week ========
.
8/1/2011 8:57:26 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: SABKUTIL
8/1/2011 8:57:18 AM, Error: Service Control Manager [7000] - The Run software as Windows service service failed to start due to the following error: The system cannot find the file specified.
8/1/2011 1:55:41 AM, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
7/25/2011 8:27:40 PM, Error: Microsoft-Windows-WMPNSS-Service [14332] - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
.
==== End Of File ===========================
.
DDS (Ver_2011-06-23.01) - NTFSx86
Internet Explorer: 9.0.8112.16421
Run by Aswath at 9:08:17 on 2011-08-01
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.2045.966 [GMT 5.5:30]
.
AV: Kaspersky Internet Security *Enabled/Updated* {2EAA32A5-1EE1-1B22-95DA-337730C6E984}
SP: Kaspersky Internet Security *Enabled/Updated* {95CBD341-38DB-14AC-AF6A-08054B41A339}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security *Enabled* {1691B380-548E-1A7A-BE85-9A42CE15AEFF}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\Yzasya.exe
C:\Users\Aswath\AppData\Local\Temp\Yx0.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\Warkeys\AutoWarkey\AutoHotkey\AutoHotkey.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\tuEagles\EglSrv.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Users\Aswath\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Aswath\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Aswath\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Aswath\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Aswath\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Aswath\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Aswath\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Aswath\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Aswath\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\klwtblfs.exe
C:\Users\Aswath\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Aswath\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Users\Aswath\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Users\Aswath\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Aswath\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Aswath\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\rundll32.exe
C:\Users\Aswath\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Aswath\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\conhost.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://start.facemoods.com/?a=ddrnw
mStart Page = hxxp://www.yahoo.com
uInternet Settings,ProxyOverride = <local>
uInternet Settings,ProxyServer = 67.202.81.221:3128
uURLSearchHooks: H - No File
uURLSearchHooks: H - No File
uURLSearchHooks: H - No File
BHO: IDM integration (IDMIEHlprObj Class): {0055c089-8582-441b-a0bf-17b458c2a3a8} - c:\program files\internet download manager\IDMIECC.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\progra~1\yahoo!\companion\installs\cpn0\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: BitComet Helper: {39f7e362-828a-4b5a-bcaf-5b79bfdfea60} - c:\program files\bitcomet\tools\BitCometBHO_1.5.4.11.dll
BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - c:\program files\kaspersky lab\kaspersky internet security 2012\ievkbd.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: FilterBHO Class: {e33cf602-d945-461a-83f0-819f76a199f8} - c:\program files\kaspersky lab\kaspersky internet security 2012\klwtbbho.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\progra~1\yahoo!\companion\installs\cpn0\YTSingleInstance.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn0\yt.dll
TB: {1392B8D2-5C05-419F-A8F6-B9F15A596612} - No File
TB: {32B29DF0-2237-4370-9A29-37CEBB730E9B} - No File
uRun: [<NO NAME>]
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [Messenger (Yahoo!)] "c:\progra~1\yahoo!\messenger\YahooMessenger.exe" -quiet
uRun: [8DDYX0ZBPZ] c:\users\aswath\appdata\local\temp\Yx0.exe
mRun: [AVP] "c:\program files\kaspersky lab\kaspersky internet security 2012\avp.exe"
mRun: [googletalk] c:\program files\google\google talk\googletalk.exe /autostart
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
StartupFolder: c:\users\aswath\appdata\roaming\micros~1\windows\startm~1\programs\startup\my_aut~1.lnk - c:\program files\warkeys\autowarkey\autohotkey\AutoHotkey.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: &D&ownload &with BitComet - c:\program files\bitcomet\BitComet.exe/AddLink.htm
IE: &D&ownload all with BitComet - c:\program files\bitcomet\BitComet.exe/AddAllLink.htm
IE: Add to Anti-Banner - c:\program files\kaspersky lab\kaspersky internet security 2012\ie_banner_deny.htm
IE: Download all links with IDM - c:\program files\internet download manager\IEGetAll.htm
IE: Download with IDM - c:\program files\internet download manager\IEExt.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://c:\program files\bitcomet\tools\BitCometBHO_1.5.4.11.dll/206
IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - c:\program files\kaspersky lab\kaspersky internet security 2012\ievkbd.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - c:\program files\kaspersky lab\kaspersky internet security 2012\klwtbbho.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{0F966ABF-2129-4694-8874-31EFE76D0F39} : DhcpNameServer = 192.168.1.1
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: klogon - c:\windows\system32\klogon.dll
AppInit_DLLs: c:\progra~1\tueagles\eagleai.dll
SEH: N/A: {a5be62ca-de0f-4764-a0cb-4044816db174} - c:\progra~1\tueagles\EagleObj.dll
Hosts: 173.212.255.178 embedded.garena.com
Hosts: 173.212.255.178 embedded.garenanow.com
.
============= SERVICES / DRIVERS ===============
.
R1 kl2;kl2;c:\windows\system32\drivers\kl2.sys [2011-3-4 11352]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\drivers\klim6.sys [2011-3-10 23856]
R2 AVP;Kaspersky Anti-Virus Service;c:\program files\kaspersky lab\kaspersky internet security 2012\avp.exe [2011-4-24 202296]
R2 egldrv;egldrv;c:\program files\tueagles\egldrv.sys [2011-4-11 61440]
R2 IDMWFP;IDMWFP;c:\windows\system32\drivers\idmwfp.sys [2011-6-23 89888]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-8-1 366640]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\nvidia corporation\nvidia updatus\daemonu.exe [2011-6-20 2214504]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\nvidia corporation\3d vision\nvSCPAPISvr.exe [2011-5-20 378472]
R2 tuEaglesService;tuEagles Service;c:\program files\tueagles\EglSrv.exe [2011-4-11 336896]
R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [2009-11-2 19984]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-8-1 22712]
R4 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2011-8-1 41272]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 SKLService;Run software as Windows service;c:\program files\kaward\aklservice.exe --> c:\program files\kaward\aklservice.exe [?]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
S3 BITCOMET_HELPER_SERVICE;BitComet Disk Boost Service;c:\program files\bitcomet\tools\bitcometservice.exe -service --> c:\program files\bitcomet\tools\BitCometService.exe -service [?]
S4 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2011-6-6 64952]
.
=============== Created Last 30 ================
.
2011-08-01 03:28:59 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-08-01 03:28:55 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-08-01 03:28:55 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-08-01 03:16:23 -------- d-----w- C:\!KillBox
2011-07-31 20:11:01 -------- d-----w- c:\users\aswath\appdata\local\{659AEB99-D87E-4DDC-B34B-AF19225B23F7}
2011-07-31 17:43:19 -------- d-----w- c:\users\aswath\appdata\roaming\Malwarebytes
2011-07-31 17:43:09 -------- d-----w- c:\programdata\Malwarebytes
2011-07-31 13:23:00 230400 ----a-w- c:\windows\Yzasya.exe
2011-07-31 13:22:49 75776 --sha-r- c:\windows\system32\clipm.dll
2011-07-28 03:37:07 -------- d-----w- c:\users\aswath\appdata\local\Bulents
2011-07-28 03:37:06 81920 ----a-w- c:\windows\system32\bsrgvas.dll
2011-07-28 03:37:06 692224 ----a-w- c:\windows\system32\bsrmgcv.dll
2011-07-28 03:37:06 192512 ----a-w- c:\windows\system32\bsrmgps.dll
2011-07-28 03:35:57 585728 ----a-w- c:\windows\system32\bsratswf.dll
2011-07-28 03:35:57 147456 ----a-w- c:\windows\system32\bsratwmv.dll
2011-07-27 13:53:50 -------- d-----w- c:\users\aswath\appdata\local\{9D0AAEA0-76B9-458C-8548-8FBDA414386C}
2011-07-27 02:36:21 3796784 ----a-w- c:\users\aswath\appdata\roaming\idman60b.exe
2011-07-25 04:33:08 -------- d-----w- c:\users\aswath\appdata\local\{44FD6CF1-7A2F-42B3-81AD-8EB82349D123}
2011-07-23 06:58:50 -------- d-----w- c:\program files\Allmyapps
2011-07-23 06:52:10 -------- d-----w- c:\program files\JDownloader
2011-07-22 16:44:06 -------- d-----w- c:\users\aswath\appdata\local\{6CE6689D-CB68-4A05-99C2-350C5F24296F}
2011-07-22 15:49:39 -------- d-----w- c:\users\aswath\appdata\local\{7886A132-0E1D-44C3-AB1C-6EDB05F1EF6A}
2011-07-21 17:14:48 -------- d-----w- c:\users\aswath\appdata\local\{9722B5E6-732A-4CDA-96E1-CA4CC2756544}
2011-07-21 08:35:30 -------- d-----w- c:\users\aswath\appdata\local\{70ECF21D-3A2D-477D-960C-F2AD3E862BCA}
2011-07-21 06:10:17 -------- d-----w- c:\users\aswath\appdata\local\{92607921-A0DE-4304-B9CF-DD396C625DC8}
2011-07-20 15:07:27 -------- d-----w- c:\users\aswath\appdata\local\{852F532E-FF94-4BAB-B445-4041CF46E6E1}
2011-07-19 10:01:22 -------- d-----w- c:\users\aswath\appdata\local\{32816C0F-3174-4C72-82D0-B4EE7875BB9D}
2011-07-18 13:00:48 -------- d-----w- c:\users\aswath\appdata\local\Yahoo!
2011-07-18 12:59:54 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-07-18 12:58:29 -------- d-----w- c:\users\aswath\appdata\local\{9EEF8317-64E9-428C-9D48-597D4DBD0B8E}
2011-07-18 10:29:36 -------- d-----w- c:\program files\Ventrilo
2011-07-18 10:28:48 -------- d-----w- c:\program files\common files\Wise Installation Wizard
2011-07-17 02:26:44 -------- d-----w- c:\users\aswath\appdata\roaming\EFSoftware
2011-07-16 05:00:02 -------- d-----w- c:\users\aswath\appdata\local\{73CC5243-5241-4B6E-9C07-1C186A4505F7}
2011-07-12 05:12:22 -------- d-----w- c:\users\aswath\appdata\local\Graboid_Inc
2011-07-12 05:12:21 -------- d-----w- c:\users\aswath\appdata\local\Graboid
2011-07-12 05:12:19 -------- d-----w- c:\users\aswath\appdata\local\Geckofx
2011-07-12 05:10:16 -------- d-----w- c:\program files\Graboid
2011-07-10 11:32:28 -------- d-sh--w- C:\found.000
2011-07-09 03:14:50 -------- d-----w- c:\users\aswath\appdata\local\{D8418892-6183-493A-9195-4C229E41428D}
2011-07-08 08:45:15 -------- d-----w- c:\users\aswath\appdata\local\{2452A2AF-1D15-4C56-BFEE-AA294283EFFC}
2011-07-06 12:17:10 -------- d-----w- c:\users\aswath\appdata\local\{6AAC18D8-510E-47F0-B9BE-FBE663575509}
2011-07-06 01:56:10 -------- d-----w- c:\users\aswath\appdata\local\{BD2A3C45-94D5-4FE6-9880-860BB4ECC768}
2011-07-05 14:42:19 -------- d-----w- c:\users\aswath\appdata\local\{15EE643A-7C1C-42A6-91CA-EF0122CA654D}
2011-07-05 14:30:15 -------- d-----w- c:\users\aswath\appdata\local\{2613CF1F-C3BD-4F06-94FC-CCCDF20488F0}
2011-07-05 06:43:17 -------- d-----w- c:\users\aswath\appdata\local\{6AC658A5-9780-4044-9590-711643B51830}
2011-07-04 07:04:11 -------- d-----w- c:\users\aswath\appdata\local\{E628CC5A-9CB1-42EB-A209-5B9FE8014DEA}
.
==================== Find3M ====================
.
2011-06-09 15:50:58 89888 ----a-w- c:\windows\system32\drivers\idmwfp.sys
2011-05-20 17:05:28 304744 ----a-w- c:\windows\system32\nvStreaming.exe
.
============= FINISH: 9:09:56.09 ===============


Please help its irritating cant even work peacefully

2
Contributors
3
Replies
4
Views
6 Years
Discussion Span
Last Post by jholland1964
0

Boot to Safe Mode with Networking.
Internet Explorer go up to Tools, Internet Options. Connections Tab. Click the LAN Button.
When LAN Settings opens if there is a checkmark in use Proxy Server, REMOVE that check mark and click OK. Then OK your way out of Internet Options.

Then do this:
Download rkill and save it to the desktop.

http://www.bleepingcomputer.com/down...ti-virus/rkill

When at the download page, click on the Download Now button labeled iExplore.exe download link. When you are prompted where to save it, please save it on your desktop.

If you are unable to connect to the site to download RKill, please go back and do steps again and make sure the infection has not reenabled the proxy settings. You may have to do this quite a few times before you can get RKill downloaded. If you still cannot download the RKill program on the infected computer, you should download it to a clean computer and copy it to the infected one via a USB flash drive or CDROM.

Once it is downloaded, double-click on the iExplore.exe icon in order to automatically attempt to stop any processes associated with Personal Shield Pro and other Rogue programs. Please be patient while the program looks for various malware programs and ends them. When it has finished, the black window will automatically close and you can continue with the next step. If you get a message that RKill is an infection, do not be concerned. . So, please try running RKill until the malware is no longer running. You will then be able to proceed with the rest of the guide. Do not reboot your computer after running RKill as the malware programs will start again.

Once rkill has run then try to install MBA-M. Once installed then please update it.
If MalwareBytes' prompts you to reboot, please do not do so.

On the Scanner tab, make sure the the Perform full scan option is selected and then click on the Scan button to start scanning your computer for infected files. Once the scan is complete then have it Remove everything found and reboot.
Come back here and post the log.

0

OK I followed your intructions perfectly but rkil kept saying installation error but then someone it started scanning all it did was close all my chrome tabs well after which i updated my malwarebytes and let it run and here is the log file

Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Database version: 7361

Windows 6.1.7600 (Safe Mode)
Internet Explorer 9.0.8112.16421

8/3/2011 7:22:54 AM
mbam-log-2011-08-03 (07-22-54).txt

Scan type: Full scan (C:\|D:\|E:\|F:\|)
Objects scanned: 291205
Time elapsed: 24 minute(s), 27 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\ZU6RKI1ONY (Trojan.FakeAlert.SA) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\Users\Aswath\AppData\Local\Temp\mspass.exe (HackTool.Agent) -> Quarantined and deleted successfully.

and now my explorer dosent seem to cause problems my win 7 does it keeps saying windows service cannot be enabled O_O<--------- new problem

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.