Jump to content


Photo
- - - - -

Re-direct virus in Modzilla Firefoxm & IE9 on Vista (Jetmp3 & Blekko)

Jetmp3.dll Blekko re direct virus

  • This topic is locked This topic is locked
28 replies to this topic

#1 Nova1205

Nova1205

    New Member

  • Members
  • Pip
  • 19 posts

Posted 08 July 2012 - 01:03 PM

I had the re-direct virus and the adv virus( Blekko, Jetmp3.dll) on my ie9 (explorer) & Modzilla. So I came here, and found help,I ran, ESET Online Scanner, Security Check from here or here, ATF Cleaner by Atribune from here, The problem is all the work I did it did not get the redirect virus off of IE9 worked, but not for Modsilla. By that way has anyone noticed that we can nolonger delete IE9 add ons (were viruses nest or at least Jetmp3 & blekko did)??? Also after removing the viruses which there were many I had to remove and then get the new Java, Adobe Reader, and Adobe Flash Player. After all of that I cannot in no means ever download Adobe Reader ever again, it is dead for me. (Something blocked it or broke the windows installer with does not work for Adobe reader only) Had anyone else gotten that DLL error??

What I need help with (How can I clean Modzilla? How can I get Adobe reader back (I have worked on these issures for weeks)?), I used anti-Malware and it still did not get rid of these virus pest.

#2 screen317

screen317

    MBAM Sentinel

  • Moderators
  • PipPipPipPipPipPip
  • 19,486 posts
  • Gender:Male
  • Location:New Haven, CT

Posted 08 July 2012 - 01:11 PM

Hi and welcome to Malwarebytes.

Please update MBAM, run a Quick Scan, and post its log.

Next, download DDS by sUBs and save it to your Desktop.

Double-click on the DDS icon and let the scan run. When it has run two logs will be produced, please post only DDS.txt directly into your reply.
Chris Fistonich
Research Team

Posted Image

Follow us: Twitter, Become a fan: Facebook

#3 Nova1205

Nova1205

    New Member

  • Members
  • Pip
  • 19 posts

Posted 11 July 2012 - 03:39 PM

log


Malwarebytes Anti-Malware (Trial) 1.61.0.1400
www.malwarebytes.org
Database version: v2012.07.11.09
Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Dwayne Brazil :: DWAYNEBRAZIL-PC [administrator]
Protection: Enabled
7/11/2012 2:55:20 PM
mbam-log-2012-07-11 (14-55-20).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 268622
Time elapsed: 41 minute(s), 22 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)

#4 screen317

screen317

    MBAM Sentinel

  • Moderators
  • PipPipPipPipPipPip
  • 19,486 posts
  • Gender:Male
  • Location:New Haven, CT

Posted 11 July 2012 - 03:46 PM

Did you see my instructions to run DDS? No rush. Just want to make sure. :)
Chris Fistonich
Research Team

Posted Image

Follow us: Twitter, Become a fan: Facebook

#5 Nova1205

Nova1205

    New Member

  • Members
  • Pip
  • 19 posts

Posted 11 July 2012 - 03:57 PM

DDS.txt (I posted both should I block out my name?)

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.5.1
Run by Dwayne Brazil at 15:41:13 on 2012-07-11
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.1.1033.18.2037.624 [GMT -5:00]
.
AV: avast! antivirus *Disabled/Outdated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
AV: AVG Internet Security 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: avast! antivirus *Disabled/Outdated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: AVG Internet Security 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: AVG Internet Security 2012 *Enabled* {621CC794-9486-F902-D092-0484E8EA828B}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Dell\DellDock\DockLogin.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\WLTRYSVC.EXE
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\bcmwltry.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG2012\avgfws.exe
C:\Program Files\AVG\AVG2012\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Giraffic\Veoh_GirafficWatchdog.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\AVG\AVG2012\avgnsx.exe
C:\Program Files\AVG\AVG2012\avgemcx.exe
C:\Program Files\Dell\DellDock\DellDock.exe
C:\Program Files\AVG\AVG2012\avgrsx.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\AVG\AVG2012\avgcsrvx.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\MSN Toolbar\Platform\4.0.0417.0\mswinext.exe
C:\Program Files\Common Files\PC Tools\Outlook Express API\launcher.exe
C:\Program Files\Giraffic\Veoh_Giraffic.exe
C:\Program Files\Ask.com\Updater\Updater.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Windows\system32\lxcecoms.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe
C:\Program Files\AVG Secure Search\vprot.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Common Files\Apple\Internet Services\ubd.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe
C:\Program Files\Raxco\PerfectDisk2008\PD91Agent.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe
C:\Windows\system32\STacSV.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Raxco\PerfectDisk2008\PD91AgentS1.exe
C:\Program Files\Raxco\PerfectDisk2008\PD91AgentS1.exe
C:\Program Files\Raxco\PerfectDisk2008\PD91AgentS1.exe
C:\Program Files\Raxco\PerfectDisk2008\PD91AgentS1.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\AVG\AVG2012\avgcsrvx.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\Macromed\Flash\FlashUtil32_11_3_300_257_ActiveX.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Windows\notepad.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uSearch Page = hxxp://www.google.com
uStart Page = hxxp://www.google.com/
uSearch Bar = Preserve
uWindow Title = Internet Explorer provided by Dell
uInternet Settings,ProxyOverride = 192.168.*.*;*.local
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
mURLSearchHooks: H - No File
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: {134da043-566e-4572-82e6-8978d0ed03d8} - JetMP3
BHO: AVG Do Not Track: {31332eef-cb9f-458f-afeb-d30e9a66b6ba} - c:\program files\avg\avg2012\avgdtiex.dll
BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - c:\program files\divx\divx plus web player\ie\divxhtml5\DivXHTML5.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg2012\avgssie.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\oracle\javafx 2.1 runtime\bin\ssv.dll
BHO: blekko search bar: {8769adce-dba5-48e9-afb5-67b12cdf2e61} - blekko search bar
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - c:\program files\avg secure search\11.1.0.12\AVG Secure Search_toolbar.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5612.1312\swg.dll
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_219B3E1547538286.dll
BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\dell\bae\BAE.dll
BHO: MSN Toolbar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\msn toolbar\platform\4.0.0417.0\npwinext.dll
BHO: Avira SearchFree Toolbar plus Web Protection: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\oracle\javafx 2.1 runtime\bin\jp2ssv.dll
TB: &Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar.dll
TB: Veoh Web Player Video Finder: {0fbb9689-d3d7-4f7a-a2e2-585b10099bfc} - c:\program files\veoh networks\veohwebplayer\VeohIEToolbar.dll
TB: MSN Toolbar: {8dcb7100-df86-4384-8842-8fa844297b3f} - c:\program files\msn toolbar\platform\4.0.0417.0\npwinext.dll
TB: Avira SearchFree Toolbar plus Web Protection: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
TB: blekko search bar: {8769adce-dba5-48e9-afb5-67b12cdf2e61} -
TB: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - c:\program files\avg secure search\11.1.0.12\AVG Secure Search_toolbar.dll
{e7df6bff-55a5-4eb7-a673-4ed3e9456d39}
uRun: [VeohPlugin] "c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe"
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [MobileDocuments] c:\program files\common files\apple\internet services\ubd.exe
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [Apoint] c:\program files\delltpad\Apoint.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
mRun: [IAAnotif] "c:\program files\intel\intel matrix storage manager\Iaanotif.exe"
mRun: [PCMService] "c:\program files\dell\mediadirect\PCMService.exe"
mRun: [Dell DataSafe Online] "c:\program files\dell datasafe online\DataSafeOnline.exe" /m
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [avast!] c:\progra~1\alwils~1\avast4\ashDisp.exe
mRun: [MSN Toolbar] "c:\program files\msn toolbar\platform\4.0.0417.0\mswinext.exe"
mRun: [Microsoft Default Manager] "c:\program files\microsoft\search enhancement pack\default manager\DefMgr.exe" -resume
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [Nektra OEAPI] c:\program files\common files\pc tools\outlook express api\Launcher.exe
mRun: [ApnUpdater] "c:\program files\ask.com\updater\Updater.exe"
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [LXCECATS] rundll32 c:\windows\system32\spool\drivers\w32x86\3\LXCEtime.dll,_RunDLLEntry@16
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRun: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe
mRun: [vProt] "c:\program files\avg secure search\vprot.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe"
StartupFolder: c:\users\dwayne~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\delldo~1.lnk - c:\program files\dell\delldock\DellDock.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\quickset.lnk - c:\program files\dell\quickset\quickset.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - c:\program files\avg\avg2012\avgdtiex.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office11\REFIEBAR.DLL
LSP: c:\program files\avira\antivir desktop\avsda.dll
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cab
TCP: DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
TCP: Interfaces\{2416E992-A504-4179-B2B8-031BC444FA60} : DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\11.2.0\ViProtocol.dll
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
Notify: GoToAssist - c:\program files\citrix\gotoassist\514\G2AWinLogon.dll
Notify: igfxcui - igfxdev.dll
AppInit_DLLs: c:\progra~2\bprote~1\22453~1.59\protec~1.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\dwayne brazil\appdata\roaming\mozilla\firefox\profiles\z9f285ei.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=DMDTDF&PC=VEOH&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://google.com
FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7B94bef496-6159-4b9e-9346-85db4ec55333%7D&mid=e06a377a3b7047d19764d168dd110558-012448c3d9867908ac62aa5a7627bf1e4a7f5de6&ds=AVG&v=11.1.0.7&lang=en&pr=pr&d=2012-06-20%2016%3A07%3A34&sap=ku&q=
FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\common files\avg secure search\sitesafetyinstaller\11.2.0\npsitesafety.dll
FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: c:\program files\msn toolbar\platform\4.0.0417.0\npwinext.dll
FF - plugin: c:\program files\oracle\javafx 2.1 runtime\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\veoh networks\veohwebplayer\npWebPlayerVideoPluginATL.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_3_300_262.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - plugin: c:\windows\system32\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2012-1-31 31952]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-2-17 114768]
R1 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwd6x.sys [2011-5-23 47968]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2012-2-22 235216]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-12-23 41040]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2012-3-19 301248]
R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [2012-5-10 36000]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2011-8-11 116608]
R2 AntiVirSchedulerService;Avira Scheduler;c:\program files\avira\antivir desktop\sched.exe [2012-5-10 86224]
R2 AntiVirService;Avira Realtime Protection;c:\program files\avira\antivir desktop\avguard.exe [2012-5-10 110032]
R2 AntiVirWebService;Avira Web Protection;c:\program files\avira\antivir desktop\avwebgrd.exe [2012-5-10 465360]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-2-17 20560]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2009-2-17 51792]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast4\ashServ.exe [2009-2-17 138680]
R2 avgfws;AVG Firewall;c:\program files\avg\avg2012\avgfws.exe [2012-3-23 2321520]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2012-5-10 83392]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2012-2-14 193288]
R2 DockLoginService;Dock Login Service;c:\program files\dell\delldock\DockLogin.exe [2008-5-2 161048]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
R2 Giraffic;Veoh Giraffic Video Accelerator;c:\program files\giraffic\veoh_girafficwatchdog.exe --service --> c:\program files\giraffic\Veoh_GirafficWatchdog.exe --service [?]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-6-19 654408]
R2 MotoHelper;MotoHelper Service;c:\program files\motorola\motohelper\MotoHelperService.exe [2011-12-6 214896]
R2 PD91Agent;PD91Agent;c:\program files\raxco\perfectdisk2008\PD91Agent.exe [2008-12-31 693512]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2011-12-23 139856]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\avgidsfilterx.sys [2011-12-23 24144]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2011-12-23 17232]
R3 IntcHdmiAddService;Intel® High Definition Audio HDMI Service;c:\windows\system32\drivers\IntcHdmi.sys [2008-11-11 111616]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-6-19 22344]
S2 AESTFilters;Andrea ST Filters Service; [x]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2012\avgidsagent.exe [2012-4-30 5106744]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-7-2 250056]
S3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast4\ashMaiSv.exe [2009-2-17 254040]
S3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast4\ashWebSv.exe [2009-2-17 352920]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2012-6-19 30192]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-4-29 113120]
S3 PD91Engine;PD91Engine;c:\program files\raxco\perfectdisk2008\PD91Engine.exe [2008-12-31 910600]
.
=============== Created Last 30 ================
.
2012-07-11 16:40:22 -------- d-----w- c:\users\dwayne brazil\appdata\local\{4432EBC5-282B-430E-816C-126417B20AED}
2012-07-11 16:40:01 -------- d-----w- c:\users\dwayne brazil\appdata\local\{348CE649-8A7A-45DE-87BE-B9E7DFE4B3CF}
2012-07-11 04:39:22 -------- d-----w- c:\users\dwayne brazil\appdata\local\{16BB4608-B610-4CFD-9EE5-6F91B5FF15BB}
2012-07-11 04:39:01 -------- d-----w- c:\users\dwayne brazil\appdata\local\{66D51D01-B0AF-4D5F-AADA-1CA3A486C7D9}
2012-07-10 16:38:16 -------- d-----w- c:\users\dwayne brazil\appdata\local\{70AB398E-862B-4CBA-A1C9-25E5AA508AE8}
2012-07-10 16:37:55 -------- d-----w- c:\users\dwayne brazil\appdata\local\{B20D248A-6EDE-4877-918B-6563CCD84AD7}
2012-07-10 01:44:13 -------- d-----w- c:\users\dwayne brazil\appdata\local\{45594C78-9740-4E5E-BE06-161D26157C62}
2012-07-10 01:43:40 -------- d-----w- c:\users\dwayne brazil\appdata\local\{820A151A-42E6-47DD-A46A-D75AD6245CE9}
2012-07-09 13:42:43 -------- d-----w- c:\users\dwayne brazil\appdata\local\{87758640-800E-4795-8F84-BF0C289AB578}
2012-07-09 13:42:21 -------- d-----w- c:\users\dwayne brazil\appdata\local\{B8DF31B4-21FA-4D9B-8DF5-33833309B977}
2012-07-08 22:22:13 -------- d-----w- c:\users\dwayne brazil\appdata\local\{9525226C-E31C-4DC2-9B40-C1CA5C7C1823}
2012-07-08 22:21:47 -------- d-----w- c:\users\dwayne brazil\appdata\local\{A7D5ABD0-03E6-4349-BF88-824910A08253}
2012-07-08 17:02:45 -------- d-----w- c:\users\dwayne brazil\appdata\local\{88612293-F52F-4930-AE36-A349B6AD468D}
2012-07-08 17:02:18 -------- d-----w- c:\users\dwayne brazil\appdata\local\{AA05A257-7EB1-424E-9C85-317F46B78ECE}
2012-07-08 04:21:12 -------- d-----w- c:\users\dwayne brazil\appdata\local\{927F61BE-0CF4-433E-A6E8-C78E7B623042}
2012-07-08 04:20:48 -------- d-----w- c:\users\dwayne brazil\appdata\local\{8C178EFB-41A4-4BC9-A2BB-03C173A25362}
2012-07-07 21:53:29 -------- d-----w- c:\users\dwayne brazil\appdata\roaming\FixCleaner
2012-07-07 21:53:13 -------- d-----w- c:\program files\FixCleaner
2012-07-07 19:35:59 -------- d-----w- C:\searchplugins
2012-07-07 19:35:59 -------- d-----w- C:\bProtectorForWindows
2012-07-07 19:31:05 -------- d-----w- c:\users\dwayne brazil\appdata\local\Promosoft Corporation
2012-07-07 16:20:07 -------- d-----w- c:\users\dwayne brazil\appdata\local\{E29E0143-15D2-4A78-B96F-98BCC7BF150C}
2012-07-07 16:19:47 -------- d-----w- c:\users\dwayne brazil\appdata\local\{E325DC03-6545-45C0-AFF1-A3F063EB0AC4}
2012-07-07 03:56:52 -------- d-----w- c:\users\dwayne brazil\appdata\local\{527012A8-E157-403A-A34C-94BFEC7C2D9D}
2012-07-07 03:56:31 -------- d-----w- c:\users\dwayne brazil\appdata\local\{73A2C109-2048-4122-8518-07E77FC23403}
2012-07-06 15:55:53 -------- d-----w- c:\users\dwayne brazil\appdata\local\{8FD27F59-14FC-42A8-878E-6ACBB4A1A6EA}
2012-07-06 15:55:32 -------- d-----w- c:\users\dwayne brazil\appdata\local\{6F6E0AC6-CAE7-42CE-9FEA-7BB80CD08788}
2012-07-06 03:54:51 -------- d-----w- c:\users\dwayne brazil\appdata\local\{1B7C01ED-B1BB-471A-BE4D-87289D7AB3EC}
2012-07-06 03:54:29 -------- d-----w- c:\users\dwayne brazil\appdata\local\{79CA4285-F7FE-4A83-94BE-17368013559E}
2012-07-05 15:54:05 -------- d-----w- c:\users\dwayne brazil\appdata\local\{5FABC33E-3E72-43EF-BBB0-9FBE5A0E87FC}
2012-07-05 15:53:43 -------- d-----w- c:\users\dwayne brazil\appdata\local\{6865A132-40FA-4324-AE1A-04683BBC53A6}
2012-07-05 03:53:01 -------- d-----w- c:\users\dwayne brazil\appdata\local\{3EEAE9EC-65DF-4C83-B0BB-746440152D7B}
2012-07-05 03:52:33 -------- d-----w- c:\users\dwayne brazil\appdata\local\{01326AE5-472D-437E-9746-EB5E28816C45}
2012-07-04 15:51:36 -------- d-----w- c:\users\dwayne brazil\appdata\local\{145D41D6-4C42-4466-BFC0-3146DAD14A99}
2012-07-04 15:51:09 -------- d-----w- c:\users\dwayne brazil\appdata\local\{72462683-99A0-4566-A1EC-F900C6E14B3E}
2012-07-04 02:29:56 -------- d-----w- c:\users\dwayne brazil\appdata\local\{B1301911-8B3F-42CB-9CAD-DBFF27F76A9E}
2012-07-04 02:29:35 -------- d-----w- c:\users\dwayne brazil\appdata\local\{93F6E7A3-3C88-4995-BCA4-BB0EF42BB0AF}
2012-07-03 14:28:43 -------- d-----w- c:\users\dwayne brazil\appdata\local\{36C660EE-AE37-4BB7-A9D8-F271B4BCC63D}
2012-07-03 14:27:50 -------- d-----w- c:\users\dwayne brazil\appdata\local\{1880C47B-CDEF-4CFC-A3F6-3AAADCC5A521}
2012-07-03 02:26:48 -------- d-----w- c:\users\dwayne brazil\appdata\local\{912944B3-7BB0-4DBF-BFE4-D792722B5D72}
2012-07-03 02:26:26 -------- d-----w- c:\users\dwayne brazil\appdata\local\{6EEE3CA6-A40D-4E31-A478-0FF9944D55A4}
2012-07-02 20:36:57 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-07-02 20:36:57 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-07-02 14:25:45 -------- d-----w- c:\users\dwayne brazil\appdata\local\{8E12204F-A978-4718-88F5-50280F9C92CD}
2012-07-02 14:25:23 -------- d-----w- c:\users\dwayne brazil\appdata\local\{E0082D17-96C0-4E33-A500-AB7F3E99DE1A}
2012-07-01 20:11:33 -------- d-----w- c:\users\dwayne brazil\appdata\local\{F70FACE6-37D1-48C7-B5E7-51BE0716EB24}
2012-07-01 20:11:08 -------- d-----w- c:\users\dwayne brazil\appdata\local\{0BF9B124-3B63-46F4-9809-683C434DBBAA}
2012-06-30 22:39:30 -------- d-----w- c:\users\dwayne brazil\appdata\local\{09976377-D34B-43A2-ABC4-98C8D8129DFB}
2012-06-30 22:39:09 -------- d-----w- c:\users\dwayne brazil\appdata\local\{56652E80-74C3-46A2-8950-639EF7502546}
2012-06-30 03:53:44 -------- d-----w- c:\users\dwayne brazil\appdata\local\{80262053-0385-4E8C-B51F-015F776409C3}
2012-06-30 03:53:19 -------- d-----w- c:\users\dwayne brazil\appdata\local\{D291C0F5-A067-4C30-8134-7CC4C3D1E92F}
2012-06-30 03:19:35 -------- d-----w- c:\users\dwayne brazil\appdata\local\{C0A6DAAE-06BF-464E-899F-278D3AB3E89B}
2012-06-29 19:23:01 -------- d-----w- c:\users\dwayne brazil\appdata\local\Apple
2012-06-29 15:19:11 -------- d-----w- c:\users\dwayne brazil\appdata\local\{C0B84BDD-2F53-4D5C-9B34-659506115AE0}
2012-06-29 15:18:51 -------- d-----w- c:\users\dwayne brazil\appdata\local\{9A57BAA2-5818-49AF-A045-953183ABEA11}
2012-06-29 03:18:12 -------- d-----w- c:\users\dwayne brazil\appdata\local\{FB1F81A9-32AB-4AA5-B49E-F5BA4297B771}
2012-06-29 03:17:51 -------- d-----w- c:\users\dwayne brazil\appdata\local\{9AA8879C-14AB-40D0-9373-911C628EAC80}
2012-06-28 15:17:05 -------- d-----w- c:\users\dwayne brazil\appdata\local\{6E98FC34-CD7A-449E-98F8-0C155F007F79}
2012-06-28 15:16:43 -------- d-----w- c:\users\dwayne brazil\appdata\local\{4E1EF9FA-1619-4E03-972F-1D6C37AC4EE0}
2012-06-26 16:45:38 -------- d-----w- c:\programdata\AVAST Software
2012-06-26 14:58:16 -------- d-----w- c:\users\dwayne brazil\appdata\local\{9A3D93FD-8BBE-4B9E-8446-17702907EBD5}
2012-06-26 14:57:37 -------- d-----w- c:\users\dwayne brazil\appdata\local\{510DD920-E1A5-4824-B6EF-4D06F5302DA0}
2012-06-26 02:13:36 -------- d-----w- c:\users\dwayne brazil\appdata\local\{1F28A52D-FD13-4470-9443-918B48842DD9}
2012-06-26 02:13:12 -------- d-----w- c:\users\dwayne brazil\appdata\local\{5EFDF81B-D50E-4C86-9B5B-2CBD6BBC46F9}
2012-06-25 14:12:19 -------- d-----w- c:\users\dwayne brazil\appdata\local\{AC3AB486-75D1-496E-A6A1-7FA5FD723697}
2012-06-25 14:11:48 -------- d-----w- c:\users\dwayne brazil\appdata\local\{739FB1D3-1003-4F9C-8E63-A06E4659A6F8}
2012-06-24 17:33:10 -------- d-----w- c:\users\dwayne brazil\appdata\local\{0B08CBDB-CB58-4004-B446-204D453F655F}
2012-06-24 17:32:49 -------- d-----w- c:\users\dwayne brazil\appdata\local\{2EBC0259-36A0-439E-BCA2-042EF261CF37}
2012-06-24 15:21:21 -------- d-----w- c:\users\dwayne brazil\appdata\roaming\SUPERAntiSpyware.com
2012-06-24 15:18:20 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2012-06-24 15:18:20 -------- d-----w- c:\program files\SUPERAntiSpyware
2012-06-24 14:57:02 -------- d-----w- c:\users\dwayne brazil\appdata\local\{037BE981-4444-4F26-B2E3-DE96A22587AD}
2012-06-24 02:22:34 -------- d-----w- c:\users\dwayne brazil\appdata\local\{07BB2F47-BADC-471F-9584-15C228996200}
2012-06-24 02:22:13 -------- d-----w- c:\users\dwayne brazil\appdata\local\{415F46C9-56E6-4FE6-93BD-EC9B9F9F6207}
2012-06-23 15:52:21 -------- d-----w- c:\program files\Oracle
2012-06-23 15:51:20 772504 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-06-23 15:48:00 -------- d-----w- c:\program files\DllErrorsFix
2012-06-23 14:21:23 -------- d-----w- c:\users\dwayne brazil\appdata\local\{28C1B69E-66A5-4D9B-B8D4-DD9C895001C5}
2012-06-23 14:21:02 -------- d-----w- c:\users\dwayne brazil\appdata\local\{F0C687DA-A860-42EC-BBDA-241FDA8AE300}
2012-06-23 14:09:05 -------- d-----w- c:\users\dwayne brazil\appdata\local\Apple Computer
2012-06-23 07:03:06 -------- d-----w- c:\program files\common files\searchplugins
2012-06-23 07:03:06 -------- d-----w- c:\program files\common files\bProtectorForWindows
2012-06-23 07:00:46 -------- d-----w- c:\users\dwayne brazil\appdata\local\Adobe
2012-06-23 05:47:54 98816 ----a-w- c:\windows\sed.exe
2012-06-23 05:47:54 518144 ----a-w- c:\windows\SWREG.exe
2012-06-23 05:47:54 256000 ----a-w- c:\windows\PEV.exe
2012-06-23 05:47:54 208896 ----a-w- c:\windows\MBR.exe
2012-06-23 05:47:07 -------- d-s---w- C:\ComboFix
2012-06-23 05:36:02 -------- d-----w- c:\users\dwayne brazil\appdata\local\Macromedia
2012-06-23 02:35:26 9815752 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe
2012-06-23 02:20:18 -------- d-----w- c:\users\dwayne brazil\appdata\local\{6A15C4A2-1093-494C-BCAB-95690739605E}
2012-06-23 02:19:38 -------- d-----w- c:\users\dwayne brazil\appdata\local\{82F71EDE-E5CF-485C-AD61-484C16C3007C}
2012-06-23 01:02:48 -------- d-----w- c:\program files\ESET
2012-06-22 15:25:44 -------- d-----w- c:\users\dwayne brazil\searchplugins
2012-06-22 15:25:44 -------- d-----w- c:\users\dwayne brazil\bProtectorForWindows
2012-06-22 14:24:03 2422272 ----a-w- c:\windows\system32\wucltux.dll
2012-06-22 14:23:02 88576 ----a-w- c:\windows\system32\wudriver.dll
2012-06-22 14:22:46 33792 ----a-w- c:\windows\system32\wuapp.exe
2012-06-22 14:22:46 171904 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-22 14:19:03 -------- d-----w- c:\users\dwayne brazil\appdata\local\{08B7A4BC-F48D-4F90-A67C-0176E2B5E9D4}
2012-06-22 14:18:24 -------- d-----w- c:\users\dwayne brazil\appdata\local\{03D8DAD3-28E9-4D69-A4D5-F8A85C73FCD5}
2012-06-22 01:42:44 -------- d-----w- c:\users\dwayne brazil\appdata\local\{BC3B54B1-C300-441C-8B41-07685BD5FA8D}
2012-06-22 01:42:20 -------- d-----w- c:\users\dwayne brazil\appdata\local\{63802B09-E244-48C1-89B5-AB26E259F247}
2012-06-21 08:04:16 -------- d-----w- c:\users\dwayne brazil\appdata\local\{D037A18D-4537-4F6A-90B1-94B3FFAF9276}
2012-06-21 08:03:54 -------- d-----w- c:\users\dwayne brazil\appdata\local\{A3A4CE9C-705D-45E4-8380-D011180E5BBA}
2012-06-20 21:09:23 -------- d-----w- c:\users\dwayne brazil\appdata\roaming\AVG2012
2012-06-20 21:09:06 -------- d-----w- c:\users\dwayne brazil\appdata\local\AVG Secure Search
2012-06-20 21:07:35 -------- d-----w- c:\programdata\AVG Secure Search
2012-06-20 21:07:29 -------- d-----w- c:\program files\common files\AVG Secure Search
2012-06-20 21:07:26 -------- d-----w- c:\program files\AVG Secure Search
2012-06-20 21:02:36 -------- d-----w- c:\windows\system32\drivers\AVG
2012-06-20 21:02:36 -------- d-----w- c:\programdata\AVG2012
2012-06-20 20:03:12 -------- d-----w- c:\users\dwayne brazil\appdata\local\{8EDB21A1-F169-40B2-8584-55E8239938EF}
2012-06-20 20:02:52 -------- d-----w- c:\users\dwayne brazil\appdata\local\{0A588854-6EA6-4803-A3BD-BBF6947CF8E9}
2012-06-20 03:35:53 -------- d-----w- c:\users\dwayne brazil\appdata\local\{7AB48D50-DE13-4285-8B3F-C1C653177558}
2012-06-20 03:35:33 -------- d-----w- c:\users\dwayne brazil\appdata\local\{85B74429-9E34-477A-BCEB-4FCF7F7AD3FA}
2012-06-19 19:24:03 73728 ----a-w- c:\windows\system32\AEstSrv.exe
2012-06-19 19:24:03 647168 ----a-w- c:\windows\system32\aestecap.dll
2012-06-19 19:24:03 53248 ----a-w- c:\windows\system32\aestaren.dll
2012-06-19 19:24:03 1601536 ----a-w- c:\windows\system32\stlang.dll
2012-06-19 19:24:03 131072 ----a-w- c:\windows\system32\aestacap.dll
2012-06-19 19:24:03 102400 ----a-w- c:\windows\system32\stacsv.exe
2012-06-19 19:24:02 4947968 ----a-w- c:\windows\system32\stacgui.cpl
2012-06-19 19:09:28 -------- d-----w- c:\program files\Free Window Registry Repair
2012-06-19 16:35:40 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-06-19 16:26:14 319456 ----a-w- c:\windows\DIFxAPI.dll
2012-06-19 16:25:16 -------- d-----w- c:\program files\Realtek
2012-06-19 16:25:09 -------- d--h--w- c:\program files\Temp
2012-06-19 16:25:04 1698408 ----a-w- c:\windows\RtlExUpd.dll
2012-06-19 16:25:00 32768 ----a-w- c:\program files\common files\installshield\professional\runtime\Objectps.dll
2012-06-19 16:24:59 69715 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\ctor.dll
2012-06-19 16:24:59 274432 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\iscript.dll
2012-06-19 16:24:59 204800 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\iuser.dll
2012-06-19 16:24:58 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\DotNetInstaller.exe
2012-06-19 16:24:57 757760 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\iKernel.dll
2012-06-19 16:24:54 200836 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\iGdi.dll
2012-06-19 16:24:53 331908 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\setup.dll
2012-06-19 16:17:27 -------- d-----w- c:\programdata\blekko toolbars
2012-06-19 16:16:42 -------- d-----w- c:\users\dwayne brazil\appdata\local\blekkotb_031
2012-06-19 15:36:55 6762896 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{8840a44a-0515-470b-a985-138736f815c3}\mpengine.dll
2012-06-19 15:36:52 -------- d-----w- C:\6535c968e8a60c7126351ed3cf1a
2012-06-19 15:34:37 -------- d-----w- c:\users\dwayne brazil\appdata\local\{C7238AD9-579A-42B3-AA92-513693D8D667}
2012-06-19 15:34:27 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
2012-06-19 15:34:11 -------- d-----w- c:\users\dwayne brazil\appdata\local\{E97E0139-613F-4FE9-8F24-E9670EFD5230}
2012-06-19 14:45:08 -------- d-----w- c:\windows\searchplugins
2012-06-19 14:45:08 -------- d-----w- c:\windows\bProtectorForWindows
2012-06-19 03:33:21 -------- d-----w- c:\users\dwayne brazil\appdata\local\{EC72E503-44F3-4554-B10A-325B6AE1D6DB}
2012-06-19 03:33:00 -------- d-----w- c:\users\dwayne brazil\appdata\local\{874361F9-1F8C-464D-A5A4-F224CA1F9D5A}
2012-06-18 15:32:41 -------- d-----w- c:\users\dwayne brazil\appdata\local\{1E3BD469-3CAF-44ED-90C7-FBEB7D810F57}
2012-06-18 03:24:26 -------- d-----w- c:\users\dwayne brazil\appdata\local\{12B504B9-CBEC-4935-9CF9-E5EDD4A949D7}
2012-06-17 22:11:42 -------- d-----w- c:\programdata\IBUpdaterService
2012-06-17 22:09:06 -------- d-----w- C:\a19b594d55c418092444
2012-06-17 22:04:08 -------- d-----w- c:\users\dwayne brazil\appdata\roaming\PerformerSoft
2012-06-17 22:02:47 17464 ----a-w- c:\windows\system32\roboot.exe
2012-06-17 22:02:37 -------- d-----w- c:\program files\PC Performer
2012-06-17 22:02:32 -------- d-----w- c:\users\dwayne brazil\appdata\local\Babylon
2012-06-17 22:02:26 -------- d-----w- c:\programdata\Babylon
2012-06-17 22:02:25 -------- d-----w- c:\users\dwayne brazil\appdata\roaming\Babylon
2012-06-17 22:01:50 -------- d-----w- c:\windows\system32\searchplugins
2012-06-17 22:01:50 -------- d-----w- c:\windows\system32\bProtectorForWindows
2012-06-17 22:01:43 -------- d-----w- c:\programdata\bProtectorForWindows
2012-06-17 15:24:05 -------- d-----w- c:\users\dwayne brazil\appdata\local\{BAE477EB-20E8-45E2-A3EC-C5D707998549}
2012-06-16 18:26:17 -------- d-----w- c:\users\dwayne brazil\appdata\local\{20606419-B813-40FA-A827-0AA779DB8A9E}
2012-06-16 05:32:29 -------- d-----w- c:\users\dwayne brazil\appdata\local\{C7C19D52-FCC6-4297-BAD2-F607102EC5F5}
2012-06-15 15:26:38 -------- d-----w- c:\users\dwayne brazil\appdata\local\{F7ED4386-A05E-469C-840D-0DB63EDAB190}
2012-06-14 17:49:18 -------- d-----w- c:\users\dwayne brazil\appdata\local\{19FF009D-4942-4AEE-A05D-2D861F97DBF0}
2012-06-14 17:48:47 -------- d-----w- c:\users\dwayne brazil\appdata\local\{52CC5F81-6013-4F6F-818C-6AB4CCF9F337}
2012-06-14 04:59:49 984064 ----a-w- c:\windows\system32\crypt32.dll
2012-06-14 04:59:49 98304 ----a-w- c:\windows\system32\cryptnet.dll
2012-06-14 04:59:49 133120 ----a-w- c:\windows\system32\cryptsvc.dll
2012-06-14 04:58:20 180736 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-06-14 04:58:17 2045440 ----a-w- c:\windows\system32\win32k.sys
2012-06-14 02:57:53 -------- d-----w- c:\users\dwayne brazil\appdata\local\{33E79F72-497D-4B19-A243-017EBA2A68C6}
2012-06-14 02:57:32 -------- d-----w- c:\users\dwayne brazil\appdata\local\{B6E4AE25-1398-4606-AD46-45C69FCBEC46}
2012-06-13 14:57:34 -------- d-----w- c:\users\dwayne brazil\appdata\local\{F1C58683-548B-4854-9DE5-53557020A712}
2012-06-13 14:49:45 -------- d-sh--w- C:\found.001
2012-06-12 23:49:54 -------- d-----w- c:\users\dwayne brazil\appdata\local\{B9C63B75-B65A-47A7-ACDB-27D45E860477}
2012-06-12 23:49:30 -------- d-----w- c:\users\dwayne brazil\appdata\local\{39DEBD5E-5B66-46C8-8A89-025E073B84D8}
2012-06-12 14:02:54 -------- d-----w- c:\users\dwayne brazil\appdata\local\{60C68984-007B-4EDE-920A-0B64B0EAD1F0}
2012-06-12 00:20:19 -------- d-----w- c:\users\dwayne brazil\appdata\local\{53CA6501-1759-4A7A-9309-7599FA0EB2B9}
2012-06-12 00:19:58 -------- d-----w- c:\users\dwayne brazil\appdata\local\{3468C4A9-8D61-40F8-96F1-3822AA855065}
.
==================== Find3M ====================
.
2012-05-17 22:45:37 1800192 ----a-w- c:\windows\system32\jscript9.dll
2012-05-17 22:35:47 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-05-17 22:35:39 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-05-17 22:29:45 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-05-17 22:24:45 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-05-05 00:29:16 687504 ----a-w- c:\windows\system32\deployJava1.dll
2012-04-25 05:32:27 83392 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2012-04-19 01:56:30 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2012-04-19 01:56:30 69632 ----a-w- c:\windows\system32\QuickTime.qts
2012-04-17 02:18:01 36000 ----a-w- c:\windows\system32\drivers\avkmgr.sys
.
============= FINISH: 15:45:16.19 ===============




.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft® Windows Vista™ Home Basic
Boot Device: \Device\HarddiskVolume3
Install Date: 11/11/2008 3:51:16 AM
System Uptime: 7/11/2012 8:43:35 AM (7 hours ago)
.
Motherboard: Dell Inc. | | 0U990C
Processor: Intel® Pentium® Dual CPU T3200 @ 2.00GHz | Microprocessor | 2000/166mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 221 GiB total, 146.453 GiB free.
D: is FIXED (NTFS) - 10 GiB total, 4.395 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0000
Manufacturer: Microsoft
Name: Microsoft ISATAP Adapter
PNP Device ID: ROOT\*ISATAP\0000
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0002
Manufacturer: Microsoft
Name: Microsoft ISATAP Adapter #3
PNP Device ID: ROOT\*ISATAP\0002
Service: tunnel
.
==== System Restore Points ===================
.
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Shockwave Player 11.6
AML Free Registry Cleaner 4.24
AOL Install
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Ask Toolbar
avast! Antivirus
AVG 2012
Avira Free Antivirus
Banctec Service Agreement
Bonjour
Bonjour Print Services
Browser Address Error Redirector
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Compatibility Pack for the 2007 Office system
Conexant HDA D330 MDC V.92 Modem
Coupon Printer for Windows
D3DX10
Dell Best of Web
Dell DataSafe Online
Dell Dock
Dell Driver Download Manager
Dell Getting Started Guide
Dell Touchpad
Dell Wireless WLAN Card Utility
DELL0604
Digital Line Detect
DivX Setup
EarthLink Setup Files
EDocs
Funambol Outlook Sync Client 8.2.7
Google Desktop
Google Toolbar for Internet Explorer
GoToAssist 8.0.0.514
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
iCloud
Intel® Matrix Storage Manager
Internet Explorer (Enable DEP)
iTunes
Java Auto Updater
Java™ 6 Update 7
Java™ 7 Update 5
JavaFX 2.1.1
Malwarebytes Anti-Malware version 1.61.0.1400
MediaDirect
Merriam-Webster 3.0
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Default Manager
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Professional Edition 2003
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word 2003
Microsoft Office Word MUI (English) 2007
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Works
MobileMe Control Panel
Modem Diagnostic Tool
Moffsoft FreeCalc
MotoHelper 2.1.32 Driver 5.4.0
MotoHelper MergeModules
Motorola Mobile Drivers Installation 5.4.0
Mozilla Firefox 13.0.1 (x86 en-US)
Mozilla Maintenance Service
MSN Toolbar
MSN Toolbar Platform
MSVCRT
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
NetWaiting
NetZeroInstallers
OGA Notifier 2.0.0048.0
OutlookAddinSetup
PC Tools Anti-Spam Toolbar
PerfectDisk 2008 Server
QuickSet
QuickTime
Realtek High Definition Audio Driver
Roxio Creator Audio
Roxio Creator Copy
Roxio Creator Data
Roxio Creator DE
Roxio Creator Tools
Roxio Express Labeler 3
Roxio Update Manager
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition
Segoe UI
SigmaTel Audio
Spelling Dictionaries Support For Adobe Reader 9
SUPERAntiSpyware
swMSM
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687267) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VC80CRTRedist - 8.0.50727.6195
Veoh Giraffic Video Accelerator
Veoh Web Player
VLC media player 1.1.11
Webshots Desktop
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Messenger
Windows Live OneCare safety scanner
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Media Player Firefox Plugin
.
==== Event Viewer Messages From Past Week ========
.
7/9/2012 9:03:20 AM, Error: Service Control Manager [7031] - The Windows Installer service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
7/9/2012 8:23:59 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Avgldx86 TfFsMon TfSysMon
7/9/2012 8:23:59 AM, Error: Service Control Manager [7024] - The AVGIDSAgent service terminated with service-specific error 3758213657 (0xE001CA19).
7/9/2012 4:54:11 PM, Error: EventLog [6008] - The previous system shutdown at 11:02:40 AM on 7/9/2012 was unexpected.
7/8/2012 5:16:08 PM, Error: EventLog [6008] - The previous system shutdown at 3:30:34 PM on 7/8/2012 was unexpected.
7/8/2012 12:01:54 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.
7/8/2012 10:01:12 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Media Player Network Sharing Service service to connect.
7/8/2012 10:01:12 AM, Error: Service Control Manager [7000] - The Windows Media Player Network Sharing Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
7/8/2012 10:00:10 AM, Error: Service Control Manager [7000] - The Avira Web Protection service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
7/8/2012 10:00:07 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Avira Web Protection service to connect.
7/7/2012 6:09:02 PM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
7/7/2012 6:08:51 PM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error 2147749155 (0x80040D23).
7/7/2012 11:15:10 AM, Error: Service Control Manager [7000] - The Adobe Flash Player Update Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
7/7/2012 11:15:09 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Adobe Flash Player Update Service service to connect.
7/7/2012 10:58:32 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
7/7/2012 10:38:56 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
7/7/2012 10:27:13 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
7/7/2012 10:26:12 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: aswSP Avgldx86 Avgmfx86 avipbb avkmgr SASDIFSV SASKUTIL spldr ssmdrv TfFsMon TfSysMon Wanarpv6
7/7/2012 10:26:12 AM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
7/7/2012 10:25:37 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
7/7/2012 10:25:32 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
7/7/2012 10:25:19 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
7/7/2012 10:25:14 AM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\System32\bcmihvsrv.dll Error Code: 21
7/7/2012 10:06:13 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the lxce_device service to connect.
7/7/2012 10:06:13 AM, Error: Service Control Manager [7000] - The lxce_device service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
7/7/2012 10:04:31 AM, Error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{2416E992-A504-4179-B2B8-031BC444FA60} because another computer on the network has the same name. The server could not start.
7/6/2012 9:35:38 PM, Error: Service Control Manager [7031] - The Windows Installer service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.
7/6/2012 8:29:33 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the avgwd service.
7/6/2012 5:49:47 PM, Error: EventLog [6008] - The previous system shutdown at 3:30:15 PM on 7/6/2012 was unexpected.
7/6/2012 12:25:18 PM, Error: EventLog [6008] - The previous system shutdown at 12:16:40 PM on 7/6/2012 was unexpected.
7/6/2012 12:13:03 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {0C0A3666-30C9-11D0-8F20-00805F2CD064} to the user DwayneBrazil-PC\Renette Brazil SID (S-1-5-21-477695542-166054522-388963492-1002) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
7/5/2012 8:20:27 AM, Error: Microsoft-Windows-ResourcePublication [1002] - Element Provider\Microsoft.Base.Publication/Publication/Computer failed to publish. Ensure that both PKEY_PUBSVCS_METADATA and PKEY_PUBSVCS_TYPE are set properly on the function instance and there were no errors adding the function instance.
7/4/2012 3:37:25 PM, Error: EventLog [6008] - The previous system shutdown at 3:02:31 PM on 7/4/2012 was unexpected.
7/11/2012 9:07:35 AM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.1.100 for the Network Card with network address 00226935B55F has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
7/11/2012 8:46:36 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: TfFsMon TfSysMon
7/11/2012 8:46:36 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the AVGIDSAgent service to connect.
7/11/2012 8:46:36 AM, Error: Service Control Manager [7000] - The AVGIDSAgent service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
7/11/2012 8:45:45 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Intel® Matrix Storage Event Monitor service to connect.
7/11/2012 8:45:45 AM, Error: Service Control Manager [7000] - The SupportSoft Sprocket Service (dellsupportcenter) service failed to start due to the following error: The system cannot find the path specified.
7/11/2012 8:45:45 AM, Error: Service Control Manager [7000] - The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
7/11/2012 8:45:45 AM, Error: Service Control Manager [7000] - The Intel® Matrix Storage Event Monitor service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
7/11/2012 8:45:45 AM, Error: Service Control Manager [7000] - The Andrea ST Filters Service service failed to start due to the following error: The system cannot find the path specified.
7/10/2012 8:23:02 PM, Error: iaStor [9] - The device, \Device\Ide\iaStor0, did not respond within the timeout period.
7/10/2012 8:11:26 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the STacSV service.
7/10/2012 5:53:30 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the PD91Engine service to connect.
7/10/2012 5:53:30 PM, Error: Service Control Manager [7000] - The PD91Engine service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
7/10/2012 5:53:30 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service PD91Engine with arguments "-Service" in order to run the server: {00772927-3E20-4854-9D99-77DEA78FE9E5}
7/10/2012 5:51:27 PM, Error: EventLog [6008] - The previous system shutdown at 4:59:45 PM on 7/10/2012 was unexpected.
7/10/2012 4:35:21 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.
7/10/2012 11:37:52 AM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.
.
==== End Of File ===========================

#6 Nova1205

Nova1205

    New Member

  • Members
  • Pip
  • 19 posts

Posted 11 July 2012 - 04:00 PM

I would have done this sooner however we have been having lightning storms. I placed the info in two post because the second group was so large.

#7 screen317

screen317

    MBAM Sentinel

  • Moderators
  • PipPipPipPipPipPip
  • 19,486 posts
  • Gender:Male
  • Location:New Haven, CT

Posted 12 July 2012 - 11:09 AM

Hi,


notice that you are using more than one antivirus program (avast, AVG, and Antivir). This is very dangerous, as multiple AVs can interfere with one another and actually allow MORE viruses to get through. I strongly suggest you go to Start -> Control Panel -> Add or Remove Programs and uninstall all but one antivirus program. SuperAntiSpyware may also conflict.

I suggest also uninstalling MSN Toolbar

After that, reboot and post a fresh DDS log.

Reboot.
Chris Fistonich
Research Team

Posted Image

Follow us: Twitter, Become a fan: Facebook

#8 Nova1205

Nova1205

    New Member

  • Members
  • Pip
  • 19 posts

Posted 12 July 2012 - 04:21 PM

I will remove avast however I have been stuck with avast for several years. Avast is expired, only the registration work which pops up all the time. I gave up trying to get rid of it, I went to computer people and it is almost impossible to to without causing chaos. If I download a program from Avast to remove it, my google gadgets will be blocked, along with images from web sites, youtube and dozens of other issues. Even the people at windows could not figure this out. If I try to download the newest Avast (I tried for several yeas) it will not allow me to due so by have an existing program (or part of one).

#9 screen317

screen317

    MBAM Sentinel

  • Moderators
  • PipPipPipPipPipPip
  • 19,486 posts
  • Gender:Male
  • Location:New Haven, CT

Posted 15 July 2012 - 11:35 PM

Hi,

Try this updated avast remover please:

http://www.avast.com/uninstall-utility
Chris Fistonich
Research Team

Posted Image

Follow us: Twitter, Become a fan: Facebook

#10 screen317

screen317

    MBAM Sentinel

  • Moderators
  • PipPipPipPipPipPip
  • 19,486 posts
  • Gender:Male
  • Location:New Haven, CT

Posted 19 July 2012 - 04:29 PM

Are you still with us? This topic will be closed in a few days if we do not hear back from you.
Chris Fistonich
Research Team

Posted Image

Follow us: Twitter, Become a fan: Facebook

#11 Nova1205

Nova1205

    New Member

  • Members
  • Pip
  • 19 posts

Posted 21 July 2012 - 12:31 PM

I am still with you, I will be using the remover today.

#12 Nova1205

Nova1205

    New Member

  • Members
  • Pip
  • 19 posts

Posted 21 July 2012 - 12:55 PM

Avast is gone, with no problems (I still have my google gadgets) I removed avira & super anti spyware.

#13 Nova1205

Nova1205

    New Member

  • Members
  • Pip
  • 19 posts

Posted 21 July 2012 - 02:31 PM

Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org
Database version: v2012.07.21.09
Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Dwayne Brazil :: DWAYNEBRAZIL-PC [administrator]
Protection: Enabled
7/21/2012 1:29:03 PM
mbam-log-2012-07-21 (13-29-03).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 247906
Time elapsed: 53 minute(s), 32 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)


.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.5.1
Run by Dwayne Brazil at 14:26:37 on 2012-07-21
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.1.1033.18.2037.567 [GMT -5:00]
.
AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: AVG Internet Security 2012 *Disabled* {621CC794-9486-F902-D092-0484E8EA828B}
.
============== Running Processes ===============
.
C:\PROGRA~1\AVG\AVG2012\avgrsx.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Dell\DellDock\DockLogin.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\WLTRYSVC.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\WLANExt.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG2012\avgcsrvx.exe
C:\Program Files\AVG\AVG2012\avgfws.exe
C:\Program Files\AVG\AVG2012\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Giraffic\Veoh_GirafficWatchdog.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Windows\system32\lxcecoms.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\AVG\AVG2012\avgnsx.exe
C:\Program Files\AVG\AVG2012\avgemcx.exe
C:\Program Files\Dell\DellDock\DellDock.exe
C:\Program Files\Raxco\PerfectDisk2008\PD91Agent.exe
C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\STacSV.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.1.3\ToolbarUpdater.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\AVG\AVG2012\avgidsagent.exe
C:\Program Files\Raxco\PerfectDisk2008\PD91AgentS1.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\System32\bcmwltry.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Common Files\PC Tools\Outlook Express API\launcher.exe
C:\Program Files\Ask.com\Updater\Updater.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe
C:\Program Files\AVG Secure Search\vprot.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Common Files\Apple\Internet Services\ubd.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\Macromed\Flash\FlashUtil32_11_3_300_265_ActiveX.exe
C:\Program Files\Giraffic\Veoh_Giraffic.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Windows\notepad.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\RacAgent.exe
.
============== Pseudo HJT Report ===============
.
uSearch Page = hxxp://www.google.com
uStart Page = hxxp://www.google.com/
uSearch Bar = Preserve
uWindow Title = Internet Explorer provided by Dell
uInternet Settings,ProxyOverride = 192.168.*.*;*.local
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
mURLSearchHooks: H - No File
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: {134da043-566e-4572-82e6-8978d0ed03d8} - JetMP3
BHO: AVG Do Not Track: {31332eef-cb9f-458f-afeb-d30e9a66b6ba} - c:\program files\avg\avg2012\avgdtiex.dll
BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - c:\program files\divx\divx plus web player\ie\divxhtml5\DivXHTML5.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg2012\avgssie.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\oracle\javafx 2.1 runtime\bin\ssv.dll
BHO: blekko search bar: {8769adce-dba5-48e9-afb5-67b12cdf2e61} - blekko search bar
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - c:\program files\avg secure search\12.1.0.20\AVG Secure Search_toolbar.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5612.1312\swg.dll
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_219B3E1547538286.dll
BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\dell\bae\BAE.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\oracle\javafx 2.1 runtime\bin\jp2ssv.dll
TB: &Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar.dll
TB: Veoh Web Player Video Finder: {0fbb9689-d3d7-4f7a-a2e2-585b10099bfc} - c:\program files\veoh networks\veohwebplayer\VeohIEToolbar.dll
TB: blekko search bar: {8769adce-dba5-48e9-afb5-67b12cdf2e61} -
TB: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - c:\program files\avg secure search\12.1.0.20\AVG Secure Search_toolbar.dll
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
{e7df6bff-55a5-4eb7-a673-4ed3e9456d39}
uRun: [VeohPlugin] "c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe"
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [MobileDocuments] c:\program files\common files\apple\internet services\ubd.exe
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [Apoint] c:\program files\delltpad\Apoint.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
mRun: [IAAnotif] "c:\program files\intel\intel matrix storage manager\Iaanotif.exe"
mRun: [PCMService] "c:\program files\dell\mediadirect\PCMService.exe"
mRun: [Dell DataSafe Online] "c:\program files\dell datasafe online\DataSafeOnline.exe" /m
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [Nektra OEAPI] c:\program files\common files\pc tools\outlook express api\Launcher.exe
mRun: [ApnUpdater] "c:\program files\ask.com\updater\Updater.exe"
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
mRun: [LXCECATS] rundll32 c:\windows\system32\spool\drivers\w32x86\3\LXCEtime.dll,_RunDLLEntry@16
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRun: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe
mRun: [vProt] "c:\program files\avg secure search\vprot.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe"
StartupFolder: c:\users\dwayne~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\delldo~1.lnk - c:\program files\dell\delldock\DellDock.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\quickset.lnk - c:\program files\dell\quickset\quickset.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - c:\program files\avg\avg2012\avgdtiex.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office11\REFIEBAR.DLL
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cab
TCP: DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
TCP: Interfaces\{2416E992-A504-4179-B2B8-031BC444FA60} : DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\12.1.3\ViProtocol.dll
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
Notify: GoToAssist - c:\program files\citrix\gotoassist\514\G2AWinLogon.dll
Notify: igfxcui - igfxdev.dll
AppInit_DLLs: c:\progra~2\bprote~1\22453~1.59\protec~1.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\dwayne brazil\appdata\roaming\mozilla\firefox\profiles\z9f285ei.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=DMDTDF&PC=VEOH&q=
FF - prefs.js: browser.startup.homepage - hxxp://google.com
FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7B94bef496-6159-4b9e-9346-85db4ec55333%7D&mid=e06a377a3b7047d19764d168dd110558-012448c3d9867908ac62aa5a7627bf1e4a7f5de6&ds=AVG&v=11.1.0.7&lang=en&pr=pr&d=2012-06-20%2016%3A07%3A34&sap=ku&q=
FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\common files\avg secure search\sitesafetyinstaller\11.2.0\npsitesafety.dll
FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: c:\program files\msn toolbar\platform\4.0.0417.0\npwinext.dll
FF - plugin: c:\program files\oracle\javafx 2.1 runtime\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\veoh networks\veohwebplayer\npWebPlayerVideoPluginATL.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_3_300_265.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - plugin: c:\windows\system32\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-4-19 24896]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2012-1-31 31952]
R1 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwd6x.sys [2011-5-23 47968]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2012-2-22 235216]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-12-23 41040]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2012-3-19 301248]
R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2012-7-21 27496]
R2 avgfws;AVG Firewall;c:\program files\avg\avg2012\avgfws.exe [2012-3-23 2321520]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2012\avgidsagent.exe [2012-4-30 5106744]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2012-2-14 193288]
R2 DockLoginService;Dock Login Service;c:\program files\dell\delldock\DockLogin.exe [2008-5-2 161048]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
R2 Giraffic;Veoh Giraffic Video Accelerator;c:\program files\giraffic\veoh_girafficwatchdog.exe --service --> c:\program files\giraffic\Veoh_GirafficWatchdog.exe --service [?]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-6-19 655944]
R2 MotoHelper;MotoHelper Service;c:\program files\motorola\motohelper\MotoHelperService.exe [2011-12-6 214896]
R2 PD91Agent;PD91Agent;c:\program files\raxco\perfectdisk2008\PD91Agent.exe [2008-12-31 693512]
R2 vToolbarUpdater12.1.3;vToolbarUpdater12.1.3;c:\program files\common files\avg secure search\vtoolbarupdater\12.1.3\ToolbarUpdater.exe [2012-7-21 830048]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2011-12-23 139856]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\avgidsfilterx.sys [2011-12-23 24144]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2011-12-23 17232]
R3 IntcHdmiAddService;Intel® High Definition Audio HDMI Service;c:\windows\system32\drivers\IntcHdmi.sys [2008-11-11 111616]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-6-19 22344]
S2 AESTFilters;Andrea ST Filters Service; [x]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-7-2 250056]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2012-6-19 30192]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-4-29 113120]
S3 PD91Engine;PD91Engine;c:\program files\raxco\perfectdisk2008\PD91Engine.exe [2008-12-31 910600]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2012-07-21 18:09:20 711240 ----a-w- c:\windows\isRS-000.tmp
2012-07-21 15:48:04 27496 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
2012-07-21 15:47:59 -------- d-----w- c:\program files\AVG Secure Search
2012-07-21 15:29:34 -------- d-----w- c:\users\dwayne brazil\appdata\local\{3E8AD64A-4902-4EA6-933D-72A4BB88390C}
2012-07-21 15:29:03 -------- d-----w- c:\users\dwayne brazil\appdata\local\{F5139D57-DDA8-46EF-8354-8273507A5A02}
2012-07-21 02:13:28 -------- d-----w- c:\users\dwayne brazil\appdata\local\{8817C592-BB13-4D9F-8E6C-5CA0C9400890}
2012-07-20 14:12:12 -------- d-----w- c:\users\dwayne brazil\appdata\local\{874CB392-6DF6-4453-AFD0-FE56BE91EE92}
2012-07-20 14:11:41 -------- d-----w- c:\users\dwayne brazil\appdata\local\{D9AEE32E-2291-4997-9D84-8D63AB3B0FEA}
2012-07-20 01:40:19 -------- d-----w- c:\users\dwayne brazil\appdata\local\{AB79D4A1-C308-453A-910C-45EF807DA7BC}
2012-07-20 01:39:58 -------- d-----w- c:\users\dwayne brazil\appdata\local\{CE8CB43B-8B9B-4307-866D-05B5A4036AF1}
2012-07-19 13:39:07 -------- d-----w- c:\users\dwayne brazil\appdata\local\{1584D27C-8A79-4CF4-9634-9A18CDEC4214}
2012-07-19 13:38:42 -------- d-----w- c:\users\dwayne brazil\appdata\local\{5592D07E-9501-491F-BE5B-938E57223023}
2012-07-19 04:51:27 -------- d-----w- c:\users\dwayne brazil\appdata\local\{8DB58A49-B18A-42AA-AD7F-F39270712CFB}
2012-07-18 01:58:31 -------- d-----w- c:\users\dwayne brazil\appdata\local\{20BC8DD1-C6FF-4635-B514-3D42817AC17D}
2012-07-18 01:58:07 -------- d-----w- c:\users\dwayne brazil\appdata\local\{016247E9-32C0-424D-AFC9-ABF98D5674BC}
2012-07-17 13:57:43 -------- d-----w- c:\users\dwayne brazil\appdata\local\{89ACF64D-72CC-43CA-A411-D625F38FC93D}
2012-07-17 13:57:20 -------- d-----w- c:\users\dwayne brazil\appdata\local\{B79342AB-CAB8-4426-9D76-6D4428BF3171}
2012-07-17 01:56:42 -------- d-----w- c:\users\dwayne brazil\appdata\local\{4132BEA3-C19A-4325-8709-95FC79395333}
2012-07-17 01:56:18 -------- d-----w- c:\users\dwayne brazil\appdata\local\{16399073-57CB-4D2E-A0A8-32D41FF8C3DA}
2012-07-16 13:55:40 -------- d-----w- c:\users\dwayne brazil\appdata\local\{AEA185F6-C57D-4D1C-A206-C7ED534F9D18}
2012-07-16 13:55:19 -------- d-----w- c:\users\dwayne brazil\appdata\local\{9BFC50B8-787F-485B-9D46-0FAC433EA3E7}
2012-07-15 16:15:09 -------- d-----w- c:\users\dwayne brazil\appdata\local\{CC0D7BA7-DF22-4B48-AEAA-4CCB2951F793}
2012-07-15 16:14:46 -------- d-----w- c:\users\dwayne brazil\appdata\local\{23CF12B2-0106-4586-A124-31E55FE8A434}
2012-07-14 23:17:27 -------- d-----w- c:\users\dwayne brazil\appdata\local\{6275B715-65EF-4615-983A-573EC70D8682}
2012-07-14 23:16:57 -------- d-----w- c:\users\dwayne brazil\appdata\local\{D5B4B168-259E-46A5-B010-0B9591343732}
2012-07-14 02:03:09 -------- d-----w- c:\users\dwayne brazil\appdata\local\{8BBD552D-FCFB-4D0D-A968-D930E6FA5740}
2012-07-14 02:02:46 -------- d-----w- c:\users\dwayne brazil\appdata\local\{BAD2647D-52B3-40EA-9657-26F3AE0B8D77}
2012-07-13 14:02:05 -------- d-----w- c:\users\dwayne brazil\appdata\local\{5DFABFDD-6DA0-4AFB-A017-D905EA4BE7D5}
2012-07-13 14:01:41 -------- d-----w- c:\users\dwayne brazil\appdata\local\{9697E04C-C8C8-43AD-9657-4075AB647014}
2012-07-13 02:01:00 -------- d-----w- c:\users\dwayne brazil\appdata\local\{701FBB44-E828-4F3E-A2A3-96909CF9C04C}
2012-07-13 02:00:37 -------- d-----w- c:\users\dwayne brazil\appdata\local\{D0593395-1587-4554-95FD-3D6BE7028E48}
2012-07-12 13:59:36 -------- d-----w- c:\users\dwayne brazil\appdata\local\{89B2158F-36FD-4680-8067-BFA5F7C6A02F}
2012-07-12 13:59:12 -------- d-----w- c:\users\dwayne brazil\appdata\local\{9B44C3BC-C6B2-4C0F-8234-7CCC7808EEBE}
2012-07-12 04:26:43 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-07-12 04:26:40 678912 ----a-w- c:\program files\internet explorer\iedvtool.dll
2012-07-12 00:47:15 2047488 ----a-w- c:\windows\system32\win32k.sys
2012-07-12 00:40:21 -------- d-----w- C:\e3fa374b8fb0eab1134d3959
2012-07-11 16:40:22 -------- d-----w- c:\users\dwayne brazil\appdata\local\{4432EBC5-282B-430E-816C-126417B20AED}
2012-07-11 16:40:01 -------- d-----w- c:\users\dwayne brazil\appdata\local\{348CE649-8A7A-45DE-87BE-B9E7DFE4B3CF}
2012-07-11 14:32:32 1401856 ----a-w- c:\windows\system32\msxml6.dll
2012-07-11 14:32:32 1248768 ----a-w- c:\windows\system32\msxml3.dll
2012-07-11 14:32:29 708608 ----a-w- c:\program files\common files\system\ado\msado15.dll
2012-07-11 14:32:23 440704 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-07-11 14:32:23 278528 ----a-w- c:\windows\system32\schannel.dll
2012-07-11 14:32:23 204288 ----a-w- c:\windows\system32\ncrypt.dll
2012-07-11 04:39:22 -------- d-----w- c:\users\dwayne brazil\appdata\local\{16BB4608-B610-4CFD-9EE5-6F91B5FF15BB}
2012-07-11 04:39:01 -------- d-----w- c:\users\dwayne brazil\appdata\local\{66D51D01-B0AF-4D5F-AADA-1CA3A486C7D9}
2012-07-10 16:38:16 -------- d-----w- c:\users\dwayne brazil\appdata\local\{70AB398E-862B-4CBA-A1C9-25E5AA508AE8}
2012-07-10 16:37:55 -------- d-----w- c:\users\dwayne brazil\appdata\local\{B20D248A-6EDE-4877-918B-6563CCD84AD7}
2012-07-10 01:44:13 -------- d-----w- c:\users\dwayne brazil\appdata\local\{45594C78-9740-4E5E-BE06-161D26157C62}
2012-07-10 01:43:40 -------- d-----w- c:\users\dwayne brazil\appdata\local\{820A151A-42E6-47DD-A46A-D75AD6245CE9}
2012-07-09 13:42:43 -------- d-----w- c:\users\dwayne brazil\appdata\local\{87758640-800E-4795-8F84-BF0C289AB578}
2012-07-09 13:42:21 -------- d-----w- c:\users\dwayne brazil\appdata\local\{B8DF31B4-21FA-4D9B-8DF5-33833309B977}
2012-07-08 22:22:13 -------- d-----w- c:\users\dwayne brazil\appdata\local\{9525226C-E31C-4DC2-9B40-C1CA5C7C1823}
2012-07-08 22:21:47 -------- d-----w- c:\users\dwayne brazil\appdata\local\{A7D5ABD0-03E6-4349-BF88-824910A08253}
2012-07-08 17:02:45 -------- d-----w- c:\users\dwayne brazil\appdata\local\{88612293-F52F-4930-AE36-A349B6AD468D}
2012-07-08 17:02:18 -------- d-----w- c:\users\dwayne brazil\appdata\local\{AA05A257-7EB1-424E-9C85-317F46B78ECE}
2012-07-08 04:21:12 -------- d-----w- c:\users\dwayne brazil\appdata\local\{927F61BE-0CF4-433E-A6E8-C78E7B623042}
2012-07-08 04:20:48 -------- d-----w- c:\users\dwayne brazil\appdata\local\{8C178EFB-41A4-4BC9-A2BB-03C173A25362}
2012-07-07 21:53:29 -------- d-----w- c:\users\dwayne brazil\appdata\roaming\FixCleaner
2012-07-07 21:53:13 -------- d-----w- c:\program files\FixCleaner
2012-07-07 19:35:59 -------- d-----w- C:\searchplugins
2012-07-07 19:35:59 -------- d-----w- C:\bProtectorForWindows
2012-07-07 19:31:05 -------- d-----w- c:\users\dwayne brazil\appdata\local\Promosoft Corporation
2012-07-07 16:20:07 -------- d-----w- c:\users\dwayne brazil\appdata\local\{E29E0143-15D2-4A78-B96F-98BCC7BF150C}
2012-07-07 16:19:47 -------- d-----w- c:\users\dwayne brazil\appdata\local\{E325DC03-6545-45C0-AFF1-A3F063EB0AC4}
2012-07-07 03:56:52 -------- d-----w- c:\users\dwayne brazil\appdata\local\{527012A8-E157-403A-A34C-94BFEC7C2D9D}
2012-07-07 03:56:31 -------- d-----w- c:\users\dwayne brazil\appdata\local\{73A2C109-2048-4122-8518-07E77FC23403}
2012-07-06 15:55:53 -------- d-----w- c:\users\dwayne brazil\appdata\local\{8FD27F59-14FC-42A8-878E-6ACBB4A1A6EA}
2012-07-06 15:55:32 -------- d-----w- c:\users\dwayne brazil\appdata\local\{6F6E0AC6-CAE7-42CE-9FEA-7BB80CD08788}
2012-07-06 03:54:51 -------- d-----w- c:\users\dwayne brazil\appdata\local\{1B7C01ED-B1BB-471A-BE4D-87289D7AB3EC}
2012-07-06 03:54:29 -------- d-----w- c:\users\dwayne brazil\appdata\local\{79CA4285-F7FE-4A83-94BE-17368013559E}
2012-07-05 15:54:05 -------- d-----w- c:\users\dwayne brazil\appdata\local\{5FABC33E-3E72-43EF-BBB0-9FBE5A0E87FC}
2012-07-05 15:53:43 -------- d-----w- c:\users\dwayne brazil\appdata\local\{6865A132-40FA-4324-AE1A-04683BBC53A6}
2012-07-05 03:53:01 -------- d-----w- c:\users\dwayne brazil\appdata\local\{3EEAE9EC-65DF-4C83-B0BB-746440152D7B}
2012-07-05 03:52:33 -------- d-----w- c:\users\dwayne brazil\appdata\local\{01326AE5-472D-437E-9746-EB5E28816C45}
2012-07-04 15:51:36 -------- d-----w- c:\users\dwayne brazil\appdata\local\{145D41D6-4C42-4466-BFC0-3146DAD14A99}
2012-07-04 15:51:09 -------- d-----w- c:\users\dwayne brazil\appdata\local\{72462683-99A0-4566-A1EC-F900C6E14B3E}
2012-07-04 02:29:56 -------- d-----w- c:\users\dwayne brazil\appdata\local\{B1301911-8B3F-42CB-9CAD-DBFF27F76A9E}
2012-07-04 02:29:35 -------- d-----w- c:\users\dwayne brazil\appdata\local\{93F6E7A3-3C88-4995-BCA4-BB0EF42BB0AF}
2012-07-03 14:28:43 -------- d-----w- c:\users\dwayne brazil\appdata\local\{36C660EE-AE37-4BB7-A9D8-F271B4BCC63D}
2012-07-03 14:27:50 -------- d-----w- c:\users\dwayne brazil\appdata\local\{1880C47B-CDEF-4CFC-A3F6-3AAADCC5A521}
2012-07-03 02:26:48 -------- d-----w- c:\users\dwayne brazil\appdata\local\{912944B3-7BB0-4DBF-BFE4-D792722B5D72}
2012-07-03 02:26:26 -------- d-----w- c:\users\dwayne brazil\appdata\local\{6EEE3CA6-A40D-4E31-A478-0FF9944D55A4}
2012-07-02 20:36:57 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-07-02 20:36:57 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-07-02 14:25:45 -------- d-----w- c:\users\dwayne brazil\appdata\local\{8E12204F-A978-4718-88F5-50280F9C92CD}
2012-07-02 14:25:23 -------- d-----w- c:\users\dwayne brazil\appdata\local\{E0082D17-96C0-4E33-A500-AB7F3E99DE1A}
2012-07-01 20:11:33 -------- d-----w- c:\users\dwayne brazil\appdata\local\{F70FACE6-37D1-48C7-B5E7-51BE0716EB24}
2012-07-01 20:11:08 -------- d-----w- c:\users\dwayne brazil\appdata\local\{0BF9B124-3B63-46F4-9809-683C434DBBAA}
2012-06-30 22:39:30 -------- d-----w- c:\users\dwayne brazil\appdata\local\{09976377-D34B-43A2-ABC4-98C8D8129DFB}
2012-06-30 22:39:09 -------- d-----w- c:\users\dwayne brazil\appdata\local\{56652E80-74C3-46A2-8950-639EF7502546}
2012-06-30 03:53:44 -------- d-----w- c:\users\dwayne brazil\appdata\local\{80262053-0385-4E8C-B51F-015F776409C3}
2012-06-30 03:53:19 -------- d-----w- c:\users\dwayne brazil\appdata\local\{D291C0F5-A067-4C30-8134-7CC4C3D1E92F}
2012-06-30 03:19:35 -------- d-----w- c:\users\dwayne brazil\appdata\local\{C0A6DAAE-06BF-464E-899F-278D3AB3E89B}
2012-06-29 19:23:01 -------- d-----w- c:\users\dwayne brazil\appdata\local\Apple
2012-06-29 15:19:11 -------- d-----w- c:\users\dwayne brazil\appdata\local\{C0B84BDD-2F53-4D5C-9B34-659506115AE0}
2012-06-29 15:18:51 -------- d-----w- c:\users\dwayne brazil\appdata\local\{9A57BAA2-5818-49AF-A045-953183ABEA11}
2012-06-29 03:18:12 -------- d-----w- c:\users\dwayne brazil\appdata\local\{FB1F81A9-32AB-4AA5-B49E-F5BA4297B771}
2012-06-29 03:17:51 -------- d-----w- c:\users\dwayne brazil\appdata\local\{9AA8879C-14AB-40D0-9373-911C628EAC80}
2012-06-28 15:17:05 -------- d-----w- c:\users\dwayne brazil\appdata\local\{6E98FC34-CD7A-449E-98F8-0C155F007F79}
2012-06-28 15:16:43 -------- d-----w- c:\users\dwayne brazil\appdata\local\{4E1EF9FA-1619-4E03-972F-1D6C37AC4EE0}
2012-06-26 16:45:38 -------- d-----w- c:\programdata\AVAST Software
2012-06-26 14:58:16 -------- d-----w- c:\users\dwayne brazil\appdata\local\{9A3D93FD-8BBE-4B9E-8446-17702907EBD5}
2012-06-26 14:57:37 -------- d-----w- c:\users\dwayne brazil\appdata\local\{510DD920-E1A5-4824-B6EF-4D06F5302DA0}
2012-06-26 02:13:36 -------- d-----w- c:\users\dwayne brazil\appdata\local\{1F28A52D-FD13-4470-9443-918B48842DD9}
2012-06-26 02:13:12 -------- d-----w- c:\users\dwayne brazil\appdata\local\{5EFDF81B-D50E-4C86-9B5B-2CBD6BBC46F9}
2012-06-25 14:12:19 -------- d-----w- c:\users\dwayne brazil\appdata\local\{AC3AB486-75D1-496E-A6A1-7FA5FD723697}
2012-06-25 14:11:48 -------- d-----w- c:\users\dwayne brazil\appdata\local\{739FB1D3-1003-4F9C-8E63-A06E4659A6F8}
2012-06-24 17:33:10 -------- d-----w- c:\users\dwayne brazil\appdata\local\{0B08CBDB-CB58-4004-B446-204D453F655F}
2012-06-24 17:32:49 -------- d-----w- c:\users\dwayne brazil\appdata\local\{2EBC0259-36A0-439E-BCA2-042EF261CF37}
2012-06-24 15:21:21 -------- d-----w- c:\users\dwayne brazil\appdata\roaming\SUPERAntiSpyware.com
2012-06-24 15:18:20 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2012-06-24 15:18:20 -------- d-----w- c:\program files\SUPERAntiSpyware
2012-06-24 14:57:02 -------- d-----w- c:\users\dwayne brazil\appdata\local\{037BE981-4444-4F26-B2E3-DE96A22587AD}
2012-06-24 02:22:34 -------- d-----w- c:\users\dwayne brazil\appdata\local\{07BB2F47-BADC-471F-9584-15C228996200}
2012-06-24 02:22:13 -------- d-----w- c:\users\dwayne brazil\appdata\local\{415F46C9-56E6-4FE6-93BD-EC9B9F9F6207}
2012-06-23 15:52:21 -------- d-----w- c:\program files\Oracle
2012-06-23 15:51:20 772504 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-06-23 15:48:00 -------- d-----w- c:\program files\DllErrorsFix
2012-06-23 14:21:23 -------- d-----w- c:\users\dwayne brazil\appdata\local\{28C1B69E-66A5-4D9B-B8D4-DD9C895001C5}
2012-06-23 14:21:02 -------- d-----w- c:\users\dwayne brazil\appdata\local\{F0C687DA-A860-42EC-BBDA-241FDA8AE300}
2012-06-23 14:09:05 -------- d-----w- c:\users\dwayne brazil\appdata\local\Apple Computer
2012-06-23 07:03:06 -------- d-----w- c:\program files\common files\searchplugins
2012-06-23 07:03:06 -------- d-----w- c:\program files\common files\bProtectorForWindows
2012-06-23 07:00:46 -------- d-----w- c:\users\dwayne brazil\appdata\local\Adobe
2012-06-23 05:47:54 98816 ----a-w- c:\windows\sed.exe
2012-06-23 05:47:54 518144 ----a-w- c:\windows\SWREG.exe
2012-06-23 05:47:54 256000 ----a-w- c:\windows\PEV.exe
2012-06-23 05:47:54 208896 ----a-w- c:\windows\MBR.exe
2012-06-23 05:47:07 -------- d-s---w- C:\ComboFix
2012-06-23 05:36:02 -------- d-----w- c:\users\dwayne brazil\appdata\local\Macromedia
2012-06-23 02:20:18 -------- d-----w- c:\users\dwayne brazil\appdata\local\{6A15C4A2-1093-494C-BCAB-95690739605E}
2012-06-23 02:19:38 -------- d-----w- c:\users\dwayne brazil\appdata\local\{82F71EDE-E5CF-485C-AD61-484C16C3007C}
2012-06-23 01:02:48 -------- d-----w- c:\program files\ESET
2012-06-22 15:25:44 -------- d-----w- c:\users\dwayne brazil\searchplugins
2012-06-22 15:25:44 -------- d-----w- c:\users\dwayne brazil\bProtectorForWindows
2012-06-22 14:24:03 2422272 ----a-w- c:\windows\system32\wucltux.dll
2012-06-22 14:23:02 88576 ----a-w- c:\windows\system32\wudriver.dll
2012-06-22 14:22:46 33792 ----a-w- c:\windows\system32\wuapp.exe
2012-06-22 14:22:46 171904 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-22 14:19:03 -------- d-----w- c:\users\dwayne brazil\appdata\local\{08B7A4BC-F48D-4F90-A67C-0176E2B5E9D4}
2012-06-22 14:18:24 -------- d-----w- c:\users\dwayne brazil\appdata\local\{03D8DAD3-28E9-4D69-A4D5-F8A85C73FCD5}
2012-06-22 01:42:44 -------- d-----w- c:\users\dwayne brazil\appdata\local\{BC3B54B1-C300-441C-8B41-07685BD5FA8D}
2012-06-22 01:42:20 -------- d-----w- c:\users\dwayne brazil\appdata\local\{63802B09-E244-48C1-89B5-AB26E259F247}
.
==================== Find3M ====================
.
2012-07-03 18:46:44 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-06-19 17:45:25 319456 ----a-w- c:\windows\DIFxAPI.dll
2012-06-02 08:33:25 1800192 ----a-w- c:\windows\system32\jscript9.dll
2012-06-02 08:25:03 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-06-02 08:20:33 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-06-02 08:16:52 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-05-05 00:29:16 687504 ----a-w- c:\windows\system32\deployJava1.dll
2012-05-01 14:03:49 180736 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-04-23 16:00:53 984064 ----a-w- c:\windows\system32\crypt32.dll
2012-04-23 16:00:53 98304 ----a-w- c:\windows\system32\cryptnet.dll
2012-04-23 16:00:53 133120 ----a-w- c:\windows\system32\cryptsvc.dll
.
============= FINISH: 14:29:33.06 ===============

#14 Nova1205

Nova1205

    New Member

  • Members
  • Pip
  • 19 posts

Posted 22 July 2012 - 07:43 PM

That redirect virus is still on modzilla.

#15 Nova1205

Nova1205

    New Member

  • Members
  • Pip
  • 19 posts

Posted 24 July 2012 - 12:37 AM

I still see SUPERAntiSpyware.com and avast in the log even though i removed them, why?

#16 screen317

screen317

    MBAM Sentinel

  • Moderators
  • PipPipPipPipPipPip
  • 19,486 posts
  • Gender:Male
  • Location:New Haven, CT

Posted 24 July 2012 - 11:04 PM

Just remnants most likely. I'll see if I can remove any traces that I can see.


Please visit this webpage for instructions for running ComboFix:
http://www.bleepingc...to-use-combofix

  • When the tool is finished, it will produce a report for you.
  • Please post the C:\ComboFix.txt along with a new DDS log so we may continue cleaning the system.


-screen317
Chris Fistonich
Research Team

Posted Image

Follow us: Twitter, Become a fan: Facebook

#17 screen317

screen317

    MBAM Sentinel

  • Moderators
  • PipPipPipPipPipPip
  • 19,486 posts
  • Gender:Male
  • Location:New Haven, CT

Posted 27 July 2012 - 12:41 PM

Are you still with us? This topic will be closed in a few days if we do not hear back from you.
Chris Fistonich
Research Team

Posted Image

Follow us: Twitter, Become a fan: Facebook

#18 Nova1205

Nova1205

    New Member

  • Members
  • Pip
  • 19 posts

Posted 27 July 2012 - 03:13 PM

I am having a problem with combofx "failed to get data EnableLUA" also I am only to stage 50 and no report.
I had to trun off AVG disable botton has a problem.

#19 Nova1205

Nova1205

    New Member

  • Members
  • Pip
  • 19 posts

Posted 27 July 2012 - 05:13 PM

I ran it "combofix" three times, the last time it removed some files however it has not put out a report.

#20 screen317

screen317

    MBAM Sentinel

  • Moderators
  • PipPipPipPipPipPip
  • 19,486 posts
  • Gender:Male
  • Location:New Haven, CT

Posted 29 July 2012 - 10:25 PM

See if any of these files exists:

C:\ComboFix.txt
C:\log.txt
C:\qoobox\ComboFix.txt
C:\qoobox\log.txt


If not, then do the following:

Delete your copy of ComboFix. Grab a fresh copy and save it to your Desktop, but do not run it yet. Before you download it, rename it to sega.com (ensure that the Save As type is "All Files").

Please reboot to Safe Mode (tap the F8 key just before Windows starts to load and select the Safe Mode option from the menu).


Click Start --> Run, and enter this command exactly as shown:

"%userprofile%\desktop\sega.com" /killall


See if it will run successfully now. Stop it after half an hour of no activity.
Chris Fistonich
Research Team

Posted Image

Follow us: Twitter, Become a fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users