Greetings!
I have gone thru the 5 step that are suggested as a start. I firmly believe that my system is infected, or something, but all the scans that i have done and that i can think of doing are saying its clean. My system doesn't run smoothly. I have uninstalled everything i don't use, fixed the registry, run ccleaner and still no change. I would appreciate some advice and knowledge. I am not sure what to look for or should i say what not to look for in running these scans. The more i can learn the better off ill be. I have attached the logs from the scans that i was instructed to do. Thank you in advance for your help and wisdom.
Benji
Attach.txt
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Professional
Boot Device: \Device\HarddiskVolume3
Install Date: 9/3/2010 6:30:47 PM
System Uptime: 11/12/2011 8:03:51 PM (9 hours ago)
.
Motherboard: ASRock | | G41M-GS
Processor: Intel(R) Celeron(R) CPU E3300 @ 2.50GHz | CPUSocket | 2500/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 10 GiB total, 0.761 GiB free.
D: is CDROM ()
E: is FIXED (NTFS) - 456 GiB total, 293.494 GiB free.
F: is FIXED (NTFS) - 58 GiB total, 27.828 GiB free.
G: is FIXED (NTFS) - 54 GiB total, 47.251 GiB free.
H: is CDROM (CDFS)
L: is FIXED (NTFS) - 466 GiB total, 287.296 GiB free.
M: is FIXED (NTFS) - 466 GiB total, 419.965 GiB free.
N: is FIXED (NTFS) - 466 GiB total, 465.61 GiB free.
O: is FIXED (NTFS) - 466 GiB total, 465.611 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Linksys Wireless-G PCI Adapter
Device ID: PCI\VEN_1814&DEV_0301&SUBSYS_00551737&REV_00\4&2C30955E&0&00F0
Manufacturer: Linksys, A Division of Cisco Systems, Inc.
Name: Linksys Wireless-G PCI Adapter
PNP Device ID: PCI\VEN_1814&DEV_0301&SUBSYS_00551737&REV_00\4&2C30955E&0&00F0
Service: rt61x64
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Realtek PCIe GBE Family Controller
Device ID: PCI\VEN_10EC&DEV_8168&SUBSYS_81681849&REV_03\4&1BA3C945&0&00E1
Manufacturer: Realtek
Name: Realtek PCIe GBE Family Controller
PNP Device ID: PCI\VEN_10EC&DEV_8168&SUBSYS_81681849&REV_03\4&1BA3C945&0&00E1
Service: RTL8167
.
==== System Restore Points ===================
.
RP150: 10/27/2011 3:00:13 AM - Windows Update
RP151: 11/6/2011 8:36:50 PM - Scheduled Checkpoint
RP28: 11/9/2011 2:27:44 AM - Windows Update
RP152: 11/9/2011 3:00:14 AM - Windows Update
RP153: 11/9/2011 9:43:17 AM - Installed Java(TM) 6 Update 29
RP154: 11/11/2011 3:00:12 AM - Windows Update
RP155: 11/12/2011 5:04:42 PM - Configured PowerDVD
RP156: 11/12/2011 5:06:06 PM - Configured Power2Go
RP157: 11/12/2011 5:08:13 PM - Configured LabelPrint
RP158: 11/12/2011 5:10:19 PM - Configured PowerProducer
RP159: 11/12/2011 5:11:41 PM - Configured PowerStarter
RP160: 11/12/2011 5:42:33 PM - Windows Update
RP161: 11/12/2011 5:57:26 PM - Removed Privatefirewall 7.0
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
µTorrent
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Apple Application Support
Apple Software Update
ASRock IES
ASRock InstantBoot
ASRock OC Tuner
D3DX10
Definition update for Microsoft Office 2010 (KB982726) 32-Bit Edition
DVD Flick 1.3.0.7
FormatFactory 2.70
Foxit Reader
Free Video to MP3 Converter version 4.3.815
Freecorder 4.02B Application
Freecorder Toolbar
G-Force
Game Maker 8.0
GameHouse Games Collection: Casino Island To Go
GameHouse Games Collection: Hamsterball
GameHouse Games Collection: Mad Caps
GameHouse Games Collection: Trivia Machine
Google Chrome
Google Earth
Google Talk (remove only)
Google Update Helper
HijackThis 2.0.2
Hoyle Slots 2011 (remove only)
ImgBurn
iPhone Explorer 2.112
IrfanView (remove only)
Java Auto Updater
Java(TM) 6 Update 29
K-Lite Mega Codec Pack 7.8.0
LabSim
LimeWire PRO 4.18.8
Magic ISO Maker v5.4 (build 0239)
MagicDisc 2.7.106
Malwarebytes' Anti-Malware version 1.51.2.1300
Masque IGT Slots Little Green Men
Masque IGT Slots Texas Tea
Masque IGT Slots Wolf Run
Microsoft Expression Blend
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access database engine 2007 (English)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Project MUI (English) 2010
Microsoft Office Project Professional 2010
Microsoft Office Proof (English) 2007
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2007
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing (English) 2010
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2007
Microsoft Project Professional 2010
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Streets & Trips 2010
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable Package
Mozilla Firefox 7.0.1 (x86 en-US)
Mozilla Thunderbird (3.1)
Mp3tag v2.49
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nero 7 Ultra Edition
neroxml
Notepad++
Octoshape add-in for Adobe Flash Player
QuickTime
Ralink RT6x Wireless LAN Card
Realtek Ethernet Controller Driver
Roll
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB2553074)
Security Update for 2007 Microsoft Office System (KB2553089)
Security Update for 2007 Microsoft Office System (KB2553090)
Security Update for 2007 Microsoft Office System (KB2584063)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft Office 2010 (KB2289078)
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2553073)
Security Update for Microsoft Office Groove 2007 (KB2552997)
Security Update for Microsoft Office InfoPath 2007 (KB2510061)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB2535818)
Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)
Security Update for Microsoft Office Publisher 2007 (KB2284697)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)
SoulSeek 157 NS 13e
Spybot - Search & Destroy
TeamViewer 6
Update for 2007 Microsoft Office System (KB2284654)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office 2010 (KB2202188)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2523113)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553455) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2583910)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Outlook 2007 Junk Email Filter (KB2596560)
Visual C++ 8.0 Runtime Setup Package (x64)
Visual Studio 2008 x64 Redistributables
VLC media player 1.1.11
Windows 7 USB/DVD Download Tool
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
WinSCP 4.3.3
.
==== Event Viewer Messages From Past Week ========
.
11/13/2011 5:48:25 AM, Error: Microsoft-Windows-DNS-Client [1012] - There was an error while attempting to read the local hosts file.
11/12/2011 8:04:38 PM, Error: Service Control Manager [7000] - The Cyberlink RichVideo Service(CRVS) service failed to start due to the following error: The system cannot find the file specified.
11/12/2011 8:04:03 PM, Error: Microsoft-Windows-Kernel-Processor-Power [6] - Some processor performance power management features have been disabled due to a known firmware problem. Check with the computer manufacturer for updated firmware.
11/12/2011 8:03:06 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
11/12/2011 7:06:39 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
11/12/2011 7:06:39 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
11/12/2011 7:06:37 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
11/12/2011 7:06:30 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
11/12/2011 7:06:23 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
11/12/2011 7:06:13 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Avgldx64 Avgmfx64 discache spldr vmm Wanarpv6
11/12/2011 7:03:37 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD Avgldx64 Avgmfx64 Avgtdia CSC DfsC discache NetBIOS NetBT nsiproxy Psched rdbss spldr tdx vmm VWiFiFlt Wanarpv6 WfpLwf
11/12/2011 7:03:37 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
11/12/2011 7:03:37 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
11/12/2011 7:03:37 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
11/12/2011 7:03:37 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
11/12/2011 7:03:37 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
11/12/2011 7:03:37 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.
11/12/2011 7:03:37 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
11/12/2011 7:03:37 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
11/12/2011 7:03:37 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
11/12/2011 7:03:37 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
11/12/2011 7:00:21 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Windows 7 for x64-based Systems (KB2607576).
11/12/2011 6:58:10 PM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
11/12/2011 6:58:10 PM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-1073473535.
11/11/2011 8:01:20 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk3\DR4.
11/10/2011 9:52:49 PM, Error: bowser [8003] - The master browser has received a server announcement from the computer JDOGG-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{A3829E5D-31A3-4B9B-AEBB-8952943179EB}. The master browser is stopping or an election is being forced.
.
==== End Of File ===========================
DDS.txt
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_29
Run by The SPun One at 5:48:34 on 2011-11-13
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.2813.1649 [GMT -6:00]
.
AV: AVG Anti-Virus Free Edition 2011 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2011 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
E:\Windows\system32\wininit.exe
E:\Windows\system32\lsm.exe
E:\Windows\system32\svchost.exe -k DcomLaunch
E:\Windows\system32\svchost.exe -k RPCSS
E:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
E:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
E:\Windows\system32\svchost.exe -k netsvcs
E:\Windows\system32\svchost.exe -k LocalService
E:\Program Files\Sandboxie\SbieSvc.exe
E:\Windows\system32\svchost.exe -k NetworkService
E:\Windows\System32\spoolsv.exe
E:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
E:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
E:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe
E:\Program Files\Bonjour\mDNSResponder.exe
E:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
E:\Program Files (x86)\TestOut\Orbis\OrbisClient.Services.exe
E:\Windows\system32\taskhost.exe
E:\Windows\system32\Dwm.exe
E:\Windows\Explorer.EXE
E:\Windows\system32\svchost.exe -k imgsvc
E:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
E:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
E:\Windows\System32\hkcmd.exe
E:\Windows\System32\igfxpers.exe
E:\Program Files\Windows Sidebar\sidebar.exe
E:\Program Files (x86)\Freecorder\FLVSrvc.exe
E:\Program Files (x86)\AVG\AVG10\avgtray.exe
E:\Program Files (x86)\iTunes\iTunesHelper.exe
E:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
E:\Program Files (x86)\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
E:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
E:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
E:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
E:\Program Files\iPod\bin\iPodService.exe
E:\Windows\system32\SearchIndexer.exe
E:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
E:\Program Files\Windows Media Player\wmpnetwk.exe
E:\Windows\System32\svchost.exe -k LocalServicePeerNet
E:\Windows\system32\DllHost.exe
E:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
E:\Windows\system32\conhost.exe
E:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
E:\Windows\system32\conhost.exe
E:\Program Files (x86)\Mozilla Firefox\firefox.exe
E:\Windows\System32\svchost.exe -k swprv
E:\Windows\system32\DllHost.exe
E:\Windows\system32\DllHost.exe
E:\Windows\SysWOW64\cmd.exe
E:\Windows\system32\conhost.exe
E:\Windows\SysWOW64\cscript.exe
E:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: Freecorder Toolbar: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - E:\Program Files (x86)\Freecorder\tbFre1.dll
mURLSearchHooks: Freecorder Toolbar: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - E:\Program Files (x86)\Freecorder\tbFre1.dll
mWinlogon: Userinit=userinit.exe
BHO: Freecorder Toolbar: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - E:\Program Files (x86)\Freecorder\tbFre1.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - E:\Program Files (x86)\AVG\AVG10\avgssie.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - E:\PROGRA~2\SPYBOT~1\SDHelper.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - E:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - E:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - E:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - E:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: Freecorder Toolbar: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - E:\Program Files (x86)\Freecorder\tbFre1.dll
uRun: [googletalk] E:\Users\The SPun One\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart
uRun: [SpybotSD TeaTimer] E:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
uRun: [Sidebar] E:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [SandboxieControl] "E:\Program Files\Sandboxie\SbieCtrl.exe"
mRun: [Freecorder FLV Service] "E:\Program Files (x86)\Freecorder\FLVSrvc.exe" /run
mRun: [AVG_TRAY] E:\Program Files (x86)\AVG\AVG10\avgtray.exe
mRun: [APSDaemon] "E:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [iTunesHelper] "E:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [SunJavaUpdateSched] "E:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: E:\Users\THESPU~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MAGICD~1.LNK - E:\Program Files (x86)\MagicDisc\MagicDisc.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - E:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: Se&nd to OneNote - E:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - E:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - E:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - E:\PROGRA~2\SPYBOT~1\SDHelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: Interfaces\{0717F876-376C-46F5-A7D3-385527E387BF} : DhcpNameServer = 192.168.0.1 205.171.3.25
TCP: Interfaces\{A3829E5D-31A3-4B9B-AEBB-8952943179EB} : NameServer = 192.168.0.1,205.171.3.25
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - E:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - E:\Program Files (x86)\AVG\AVG10\avgpp.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - E:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - E:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO-X64: Freecorder Toolbar: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - E:\Program Files (x86)\Freecorder\tbFre1.dll
BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - E:\Program Files (x86)\AVG\AVG10\avgssie.dll
BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File
BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - E:\PROGRA~2\SPYBOT~1\SDHelper.dll
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - E:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - E:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - E:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
BHO-X64: URLRedirectionBHO - No File
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: Freecorder Toolbar: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - E:\Program Files (x86)\Freecorder\tbFre1.dll
mRun-x64: [Freecorder FLV Service] "E:\Program Files (x86)\Freecorder\FLVSrvc.exe" /run
mRun-x64: [AVG_TRAY] E:\Program Files (x86)\AVG\AVG10\avgtray.exe
mRun-x64: [APSDaemon] "E:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [iTunesHelper] "E:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [SunJavaUpdateSched] "E:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - E:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - E:\Users\The SPun One\AppData\Roaming\Mozilla\Firefox\Profiles\t20ktzcj.default\
FF - prefs.js: browser.search.selectedEngine - Search the Web
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - component: E:\Program Files (x86)\AVG\AVG10\Firefox4\components\avgssff4.dll
FF - component: E:\Program Files (x86)\AVG\AVG10\Firefox4\components\avgssff5.dll
FF - component: E:\Users\The SPun One\AppData\Roaming\Mozilla\Firefox\Profiles\t20ktzcj.default\extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612}\components\FFExternalAlert.dll
FF - component: E:\Users\The SPun One\AppData\Roaming\Mozilla\Firefox\Profiles\t20ktzcj.default\extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612}\components\RadioWMPCore.dll
FF - plugin: E:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
FF - plugin: E:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
FF - plugin: E:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: E:\Program Files (x86)\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: E:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: E:\Program Files (x86)\Google\Update\1.3.21.53\npGoogleUpdate3.dll
FF - plugin: E:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll
FF - plugin: E:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll
FF - plugin: E:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll
FF - plugin: E:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: E:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: e:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrlui.dll
FF - plugin: E:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: E:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: E:\Users\The SPun One\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: E:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSEH;AVGIDSEH;E:\Windows\system32\DRIVERS\AVGIDSEH.Sys --> E:\Windows\system32\DRIVERS\AVGIDSEH.Sys [?]
R0 Avgrkx64;AVG Anti-Rootkit Driver;E:\Windows\system32\DRIVERS\avgrkx64.sys --> E:\Windows\system32\DRIVERS\avgrkx64.sys [?]
R1 Avgldx64;AVG AVI Loader Driver;E:\Windows\system32\DRIVERS\avgldx64.sys --> E:\Windows\system32\DRIVERS\avgldx64.sys [?]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;E:\Windows\system32\DRIVERS\avgmfx64.sys --> E:\Windows\system32\DRIVERS\avgmfx64.sys [?]
R1 Avgtdia;AVG TDI Driver;E:\Windows\system32\DRIVERS\avgtdia.sys --> E:\Windows\system32\DRIVERS\avgtdia.sys [?]
R1 VWiFiFlt;Virtual WiFi Filter Driver;E:\Windows\system32\DRIVERS\vwififlt.sys --> E:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 avgwd;AVG WatchDog;E:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe [2011-2-8 269520]
R2 OrbisClient.Services;LabSim Configuration and Security;E:\Program Files (x86)\TestOut\Orbis\OrbisClient.Services.exe [2011-3-11 52736]
R2 SBSDWSCService;SBSD Security Center Service;E:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2011-5-11 1153368]
R2 TeamViewer6;TeamViewer 6;E:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-8-30 2358656]
R3 AVGIDSDriver;AVGIDSDriver;E:\Windows\system32\DRIVERS\AVGIDSDriver.Sys --> E:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [?]
R3 AVGIDSFilter;AVGIDSFilter;E:\Windows\system32\DRIVERS\AVGIDSFilter.Sys --> E:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [?]
R3 SbieDrv;SbieDrv;E:\Program Files\Sandboxie\SbieDrv.sys [2011-10-12 157824]
S2 AVGIDSAgent;AVGIDSAgent;E:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2011-8-18 7390560]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;E:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;E:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);E:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-9-30 136176]
S3 gupdatem;Google Update Service (gupdatem);E:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-9-30 136176]
S3 netr7364;RT73 USB Wireless LAN Card Driver for Vista;E:\Windows\system32\DRIVERS\netr7364.sys --> E:\Windows\system32\DRIVERS\netr7364.sys [?]
S3 osppsvc;Office Software Protection Platform;E:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 rt61x64;Linksys Wireless-G PCI Adapter Driver;E:\Windows\system32\DRIVERS\WMP54Gv41x64.sys --> E:\Windows\system32\DRIVERS\WMP54Gv41x64.sys [?]
S3 RTL8167;Realtek 8167 NT Driver;E:\Windows\system32\DRIVERS\Rt64win7.sys --> E:\Windows\system32\DRIVERS\Rt64win7.sys [?]
S3 StorSvc;Storage Service;E:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992]
S3 TsUsbFlt;TsUsbFlt;E:\Windows\system32\drivers\tsusbflt.sys --> E:\Windows\system32\drivers\tsusbflt.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;E:\Windows\system32\Drivers\usbaapl64.sys --> E:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;E:\Windows\system32\Wat\WatAdminSvc.exe --> E:\Windows\system32\Wat\WatAdminSvc.exe [?]
S3 WDC_SAM;WD SCSI Pass Thru driver;E:\Windows\system32\DRIVERS\wdcsam64.sys --> E:\Windows\system32\DRIVERS\wdcsam64.sys [?]
.
=============== Created Last 30 ================
.
2011-11-13 01:43:00 -------- d-----w- E:\Program Files (x86)\Trend Micro
2011-11-12 23:09:09 -------- d-----w- E:\Users\The SPun One\Cyberlink
2011-11-09 06:58:06 886784 ----a-w- E:\Program Files\Common Files\System\wab32.dll
2011-11-09 06:58:06 708608 ----a-w- E:\Program Files (x86)\Common Files\System\wab32.dll
2011-11-09 06:58:05 1923952 ----a-w- E:\Windows\System32\drivers\tcpip.sys
2011-11-09 06:58:04 3144704 ----a-w- E:\Windows\System32\win32k.sys
2011-10-25 23:31:44 255552 ----a-w- E:\Windows\SysWow64\drivers\mcdbus.sys
2011-10-25 23:31:44 255552 ----a-w- E:\Windows\System32\drivers\mcdbus.sys
2011-10-25 23:31:42 -------- d-----w- E:\Program Files (x86)\MagicDisc
2011-10-25 06:08:05 -------- d-----r- E:\Sandbox
2011-10-25 06:06:20 -------- d-----w- E:\Program Files\Sandboxie
2011-10-22 20:41:06 -------- d-----w- E:\Program Files\iPod
2011-10-22 20:41:05 -------- d-----w- E:\Program Files\iTunes
2011-10-22 20:41:05 -------- d-----w- E:\Program Files (x86)\iTunes
2011-10-22 20:33:49 -------- d-----w- E:\Program Files\Bonjour
2011-10-22 20:33:49 -------- d-----w- E:\Program Files (x86)\Bonjour
2011-10-21 04:33:33 -------- d-----w- E:\Program Files (x86)\Common Files\Wise Installation Wizard
2011-10-19 05:16:04 -------- d-----w- E:\Program Files\WDCSAM
2011-10-17 00:55:32 18139008 ----a-w- E:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSO.DLL
.
==================== Find3M ====================
.
2011-10-03 11:06:03 472808 ----a-w- E:\Windows\SysWow64\deployJava1.dll
2011-09-01 05:24:07 2309120 ----a-w- E:\Windows\System32\jscript9.dll
2011-09-01 05:17:57 1389056 ----a-w- E:\Windows\System32\wininet.dll
2011-09-01 05:12:04 2382848 ----a-w- E:\Windows\System32\mshtml.tlb
2011-09-01 02:35:59 1798144 ----a-w- E:\Windows\SysWow64\jscript9.dll
2011-09-01 02:28:15 1126912 ----a-w- E:\Windows\SysWow64\wininet.dll
2011-09-01 02:22:54 2382848 ----a-w- E:\Windows\SysWow64\mshtml.tlb
2011-08-31 23:00:50 25416 ----a-w- E:\Windows\System32\drivers\mbam.sys
2011-08-31 04:05:32 96104 ----a-w- E:\Windows\System32\dns-sd.exe
2011-08-31 04:05:32 85864 ----a-w- E:\Windows\System32\dnssd.dll
2011-08-31 04:05:32 61288 ----a-w- E:\Windows\System32\jdns_sd.dll
2011-08-31 04:05:32 212840 ----a-w- E:\Windows\System32\dnssdX.dll
2011-08-31 04:05:04 83816 ----a-w- E:\Windows\SysWow64\dns-sd.exe
2011-08-31 04:05:04 73064 ----a-w- E:\Windows\SysWow64\dnssd.dll
2011-08-31 04:05:04 50536 ----a-w- E:\Windows\SysWow64\jdns_sd.dll
2011-08-31 04:05:04 178536 ----a-w- E:\Windows\SysWow64\dnssdX.dll
2011-08-27 23:36:10 404640 ----a-w- E:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-08-27 05:37:49 861696 ----a-w- E:\Windows\System32\oleaut32.dll
2011-08-27 05:37:48 331776 ----a-w- E:\Windows\System32\oleacc.dll
2011-08-27 04:26:27 571904 ----a-w- E:\Windows\SysWow64\oleaut32.dll
2011-08-27 04:26:27 233472 ----a-w- E:\Windows\SysWow64\oleacc.dll
2011-08-17 05:26:46 613888 ----a-w- E:\Windows\System32\psisdecd.dll
2011-08-17 05:25:08 108032 ----a-w- E:\Windows\System32\psisrndr.ax
2011-08-17 04:24:12 465408 ----a-w- E:\Windows\SysWow64\psisdecd.dll
2011-08-17 04:19:27 75776 ----a-w- E:\Windows\SysWow64\psisrndr.ax
.
============= FINISH: 5:49:04.65 ===============
mbam-log.txt
Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org
Database version: 8149
Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421
11/13/2011 5:30:31 AM
mbam-log-2011-11-13 (05-30-31).txt
Scan type: Quick scan
Objects scanned: 174813
Time elapsed: 3 minute(s), 19 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
gmer.log
**That log appear to be blank**
I have gone thru the 5 step that are suggested as a start. I firmly believe that my system is infected, or something, but all the scans that i have done and that i can think of doing are saying its clean. My system doesn't run smoothly. I have uninstalled everything i don't use, fixed the registry, run ccleaner and still no change. I would appreciate some advice and knowledge. I am not sure what to look for or should i say what not to look for in running these scans. The more i can learn the better off ill be. I have attached the logs from the scans that i was instructed to do. Thank you in advance for your help and wisdom.
Benji
Attach.txt
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Professional
Boot Device: \Device\HarddiskVolume3
Install Date: 9/3/2010 6:30:47 PM
System Uptime: 11/12/2011 8:03:51 PM (9 hours ago)
.
Motherboard: ASRock | | G41M-GS
Processor: Intel(R) Celeron(R) CPU E3300 @ 2.50GHz | CPUSocket | 2500/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 10 GiB total, 0.761 GiB free.
D: is CDROM ()
E: is FIXED (NTFS) - 456 GiB total, 293.494 GiB free.
F: is FIXED (NTFS) - 58 GiB total, 27.828 GiB free.
G: is FIXED (NTFS) - 54 GiB total, 47.251 GiB free.
H: is CDROM (CDFS)
L: is FIXED (NTFS) - 466 GiB total, 287.296 GiB free.
M: is FIXED (NTFS) - 466 GiB total, 419.965 GiB free.
N: is FIXED (NTFS) - 466 GiB total, 465.61 GiB free.
O: is FIXED (NTFS) - 466 GiB total, 465.611 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Linksys Wireless-G PCI Adapter
Device ID: PCI\VEN_1814&DEV_0301&SUBSYS_00551737&REV_00\4&2C30955E&0&00F0
Manufacturer: Linksys, A Division of Cisco Systems, Inc.
Name: Linksys Wireless-G PCI Adapter
PNP Device ID: PCI\VEN_1814&DEV_0301&SUBSYS_00551737&REV_00\4&2C30955E&0&00F0
Service: rt61x64
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Realtek PCIe GBE Family Controller
Device ID: PCI\VEN_10EC&DEV_8168&SUBSYS_81681849&REV_03\4&1BA3C945&0&00E1
Manufacturer: Realtek
Name: Realtek PCIe GBE Family Controller
PNP Device ID: PCI\VEN_10EC&DEV_8168&SUBSYS_81681849&REV_03\4&1BA3C945&0&00E1
Service: RTL8167
.
==== System Restore Points ===================
.
RP150: 10/27/2011 3:00:13 AM - Windows Update
RP151: 11/6/2011 8:36:50 PM - Scheduled Checkpoint
RP28: 11/9/2011 2:27:44 AM - Windows Update
RP152: 11/9/2011 3:00:14 AM - Windows Update
RP153: 11/9/2011 9:43:17 AM - Installed Java(TM) 6 Update 29
RP154: 11/11/2011 3:00:12 AM - Windows Update
RP155: 11/12/2011 5:04:42 PM - Configured PowerDVD
RP156: 11/12/2011 5:06:06 PM - Configured Power2Go
RP157: 11/12/2011 5:08:13 PM - Configured LabelPrint
RP158: 11/12/2011 5:10:19 PM - Configured PowerProducer
RP159: 11/12/2011 5:11:41 PM - Configured PowerStarter
RP160: 11/12/2011 5:42:33 PM - Windows Update
RP161: 11/12/2011 5:57:26 PM - Removed Privatefirewall 7.0
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
µTorrent
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Apple Application Support
Apple Software Update
ASRock IES
ASRock InstantBoot
ASRock OC Tuner
D3DX10
Definition update for Microsoft Office 2010 (KB982726) 32-Bit Edition
DVD Flick 1.3.0.7
FormatFactory 2.70
Foxit Reader
Free Video to MP3 Converter version 4.3.815
Freecorder 4.02B Application
Freecorder Toolbar
G-Force
Game Maker 8.0
GameHouse Games Collection: Casino Island To Go
GameHouse Games Collection: Hamsterball
GameHouse Games Collection: Mad Caps
GameHouse Games Collection: Trivia Machine
Google Chrome
Google Earth
Google Talk (remove only)
Google Update Helper
HijackThis 2.0.2
Hoyle Slots 2011 (remove only)
ImgBurn
iPhone Explorer 2.112
IrfanView (remove only)
Java Auto Updater
Java(TM) 6 Update 29
K-Lite Mega Codec Pack 7.8.0
LabSim
LimeWire PRO 4.18.8
Magic ISO Maker v5.4 (build 0239)
MagicDisc 2.7.106
Malwarebytes' Anti-Malware version 1.51.2.1300
Masque IGT Slots Little Green Men
Masque IGT Slots Texas Tea
Masque IGT Slots Wolf Run
Microsoft Expression Blend
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access database engine 2007 (English)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Project MUI (English) 2010
Microsoft Office Project Professional 2010
Microsoft Office Proof (English) 2007
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2007
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing (English) 2010
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2007
Microsoft Project Professional 2010
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Streets & Trips 2010
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable Package
Mozilla Firefox 7.0.1 (x86 en-US)
Mozilla Thunderbird (3.1)
Mp3tag v2.49
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nero 7 Ultra Edition
neroxml
Notepad++
Octoshape add-in for Adobe Flash Player
QuickTime
Ralink RT6x Wireless LAN Card
Realtek Ethernet Controller Driver
Roll
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB2553074)
Security Update for 2007 Microsoft Office System (KB2553089)
Security Update for 2007 Microsoft Office System (KB2553090)
Security Update for 2007 Microsoft Office System (KB2584063)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft Office 2010 (KB2289078)
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2553073)
Security Update for Microsoft Office Groove 2007 (KB2552997)
Security Update for Microsoft Office InfoPath 2007 (KB2510061)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB2535818)
Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)
Security Update for Microsoft Office Publisher 2007 (KB2284697)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)
SoulSeek 157 NS 13e
Spybot - Search & Destroy
TeamViewer 6
Update for 2007 Microsoft Office System (KB2284654)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office 2010 (KB2202188)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2523113)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553455) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2583910)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Outlook 2007 Junk Email Filter (KB2596560)
Visual C++ 8.0 Runtime Setup Package (x64)
Visual Studio 2008 x64 Redistributables
VLC media player 1.1.11
Windows 7 USB/DVD Download Tool
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
WinSCP 4.3.3
.
==== Event Viewer Messages From Past Week ========
.
11/13/2011 5:48:25 AM, Error: Microsoft-Windows-DNS-Client [1012] - There was an error while attempting to read the local hosts file.
11/12/2011 8:04:38 PM, Error: Service Control Manager [7000] - The Cyberlink RichVideo Service(CRVS) service failed to start due to the following error: The system cannot find the file specified.
11/12/2011 8:04:03 PM, Error: Microsoft-Windows-Kernel-Processor-Power [6] - Some processor performance power management features have been disabled due to a known firmware problem. Check with the computer manufacturer for updated firmware.
11/12/2011 8:03:06 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
11/12/2011 7:06:39 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
11/12/2011 7:06:39 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
11/12/2011 7:06:37 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
11/12/2011 7:06:30 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
11/12/2011 7:06:23 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
11/12/2011 7:06:13 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Avgldx64 Avgmfx64 discache spldr vmm Wanarpv6
11/12/2011 7:03:37 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD Avgldx64 Avgmfx64 Avgtdia CSC DfsC discache NetBIOS NetBT nsiproxy Psched rdbss spldr tdx vmm VWiFiFlt Wanarpv6 WfpLwf
11/12/2011 7:03:37 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
11/12/2011 7:03:37 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
11/12/2011 7:03:37 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
11/12/2011 7:03:37 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
11/12/2011 7:03:37 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
11/12/2011 7:03:37 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.
11/12/2011 7:03:37 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
11/12/2011 7:03:37 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
11/12/2011 7:03:37 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
11/12/2011 7:03:37 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
11/12/2011 7:00:21 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Windows 7 for x64-based Systems (KB2607576).
11/12/2011 6:58:10 PM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
11/12/2011 6:58:10 PM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-1073473535.
11/11/2011 8:01:20 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk3\DR4.
11/10/2011 9:52:49 PM, Error: bowser [8003] - The master browser has received a server announcement from the computer JDOGG-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{A3829E5D-31A3-4B9B-AEBB-8952943179EB}. The master browser is stopping or an election is being forced.
.
==== End Of File ===========================
DDS.txt
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_29
Run by The SPun One at 5:48:34 on 2011-11-13
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.2813.1649 [GMT -6:00]
.
AV: AVG Anti-Virus Free Edition 2011 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2011 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
E:\Windows\system32\wininit.exe
E:\Windows\system32\lsm.exe
E:\Windows\system32\svchost.exe -k DcomLaunch
E:\Windows\system32\svchost.exe -k RPCSS
E:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
E:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
E:\Windows\system32\svchost.exe -k netsvcs
E:\Windows\system32\svchost.exe -k LocalService
E:\Program Files\Sandboxie\SbieSvc.exe
E:\Windows\system32\svchost.exe -k NetworkService
E:\Windows\System32\spoolsv.exe
E:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
E:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
E:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe
E:\Program Files\Bonjour\mDNSResponder.exe
E:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
E:\Program Files (x86)\TestOut\Orbis\OrbisClient.Services.exe
E:\Windows\system32\taskhost.exe
E:\Windows\system32\Dwm.exe
E:\Windows\Explorer.EXE
E:\Windows\system32\svchost.exe -k imgsvc
E:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
E:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
E:\Windows\System32\hkcmd.exe
E:\Windows\System32\igfxpers.exe
E:\Program Files\Windows Sidebar\sidebar.exe
E:\Program Files (x86)\Freecorder\FLVSrvc.exe
E:\Program Files (x86)\AVG\AVG10\avgtray.exe
E:\Program Files (x86)\iTunes\iTunesHelper.exe
E:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
E:\Program Files (x86)\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
E:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
E:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
E:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
E:\Program Files\iPod\bin\iPodService.exe
E:\Windows\system32\SearchIndexer.exe
E:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
E:\Program Files\Windows Media Player\wmpnetwk.exe
E:\Windows\System32\svchost.exe -k LocalServicePeerNet
E:\Windows\system32\DllHost.exe
E:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
E:\Windows\system32\conhost.exe
E:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
E:\Windows\system32\conhost.exe
E:\Program Files (x86)\Mozilla Firefox\firefox.exe
E:\Windows\System32\svchost.exe -k swprv
E:\Windows\system32\DllHost.exe
E:\Windows\system32\DllHost.exe
E:\Windows\SysWOW64\cmd.exe
E:\Windows\system32\conhost.exe
E:\Windows\SysWOW64\cscript.exe
E:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: Freecorder Toolbar: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - E:\Program Files (x86)\Freecorder\tbFre1.dll
mURLSearchHooks: Freecorder Toolbar: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - E:\Program Files (x86)\Freecorder\tbFre1.dll
mWinlogon: Userinit=userinit.exe
BHO: Freecorder Toolbar: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - E:\Program Files (x86)\Freecorder\tbFre1.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - E:\Program Files (x86)\AVG\AVG10\avgssie.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - E:\PROGRA~2\SPYBOT~1\SDHelper.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - E:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - E:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - E:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - E:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: Freecorder Toolbar: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - E:\Program Files (x86)\Freecorder\tbFre1.dll
uRun: [googletalk] E:\Users\The SPun One\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart
uRun: [SpybotSD TeaTimer] E:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
uRun: [Sidebar] E:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [SandboxieControl] "E:\Program Files\Sandboxie\SbieCtrl.exe"
mRun: [Freecorder FLV Service] "E:\Program Files (x86)\Freecorder\FLVSrvc.exe" /run
mRun: [AVG_TRAY] E:\Program Files (x86)\AVG\AVG10\avgtray.exe
mRun: [APSDaemon] "E:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [iTunesHelper] "E:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [SunJavaUpdateSched] "E:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: E:\Users\THESPU~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MAGICD~1.LNK - E:\Program Files (x86)\MagicDisc\MagicDisc.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - E:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: Se&nd to OneNote - E:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - E:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - E:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - E:\PROGRA~2\SPYBOT~1\SDHelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: Interfaces\{0717F876-376C-46F5-A7D3-385527E387BF} : DhcpNameServer = 192.168.0.1 205.171.3.25
TCP: Interfaces\{A3829E5D-31A3-4B9B-AEBB-8952943179EB} : NameServer = 192.168.0.1,205.171.3.25
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - E:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - E:\Program Files (x86)\AVG\AVG10\avgpp.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - E:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - E:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO-X64: Freecorder Toolbar: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - E:\Program Files (x86)\Freecorder\tbFre1.dll
BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - E:\Program Files (x86)\AVG\AVG10\avgssie.dll
BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File
BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - E:\PROGRA~2\SPYBOT~1\SDHelper.dll
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - E:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - E:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - E:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
BHO-X64: URLRedirectionBHO - No File
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: Freecorder Toolbar: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - E:\Program Files (x86)\Freecorder\tbFre1.dll
mRun-x64: [Freecorder FLV Service] "E:\Program Files (x86)\Freecorder\FLVSrvc.exe" /run
mRun-x64: [AVG_TRAY] E:\Program Files (x86)\AVG\AVG10\avgtray.exe
mRun-x64: [APSDaemon] "E:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [iTunesHelper] "E:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [SunJavaUpdateSched] "E:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - E:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - E:\Users\The SPun One\AppData\Roaming\Mozilla\Firefox\Profiles\t20ktzcj.default\
FF - prefs.js: browser.search.selectedEngine - Search the Web
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - component: E:\Program Files (x86)\AVG\AVG10\Firefox4\components\avgssff4.dll
FF - component: E:\Program Files (x86)\AVG\AVG10\Firefox4\components\avgssff5.dll
FF - component: E:\Users\The SPun One\AppData\Roaming\Mozilla\Firefox\Profiles\t20ktzcj.default\extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612}\components\FFExternalAlert.dll
FF - component: E:\Users\The SPun One\AppData\Roaming\Mozilla\Firefox\Profiles\t20ktzcj.default\extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612}\components\RadioWMPCore.dll
FF - plugin: E:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
FF - plugin: E:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
FF - plugin: E:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: E:\Program Files (x86)\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: E:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: E:\Program Files (x86)\Google\Update\1.3.21.53\npGoogleUpdate3.dll
FF - plugin: E:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll
FF - plugin: E:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll
FF - plugin: E:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll
FF - plugin: E:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: E:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: e:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrlui.dll
FF - plugin: E:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: E:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: E:\Users\The SPun One\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: E:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSEH;AVGIDSEH;E:\Windows\system32\DRIVERS\AVGIDSEH.Sys --> E:\Windows\system32\DRIVERS\AVGIDSEH.Sys [?]
R0 Avgrkx64;AVG Anti-Rootkit Driver;E:\Windows\system32\DRIVERS\avgrkx64.sys --> E:\Windows\system32\DRIVERS\avgrkx64.sys [?]
R1 Avgldx64;AVG AVI Loader Driver;E:\Windows\system32\DRIVERS\avgldx64.sys --> E:\Windows\system32\DRIVERS\avgldx64.sys [?]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;E:\Windows\system32\DRIVERS\avgmfx64.sys --> E:\Windows\system32\DRIVERS\avgmfx64.sys [?]
R1 Avgtdia;AVG TDI Driver;E:\Windows\system32\DRIVERS\avgtdia.sys --> E:\Windows\system32\DRIVERS\avgtdia.sys [?]
R1 VWiFiFlt;Virtual WiFi Filter Driver;E:\Windows\system32\DRIVERS\vwififlt.sys --> E:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 avgwd;AVG WatchDog;E:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe [2011-2-8 269520]
R2 OrbisClient.Services;LabSim Configuration and Security;E:\Program Files (x86)\TestOut\Orbis\OrbisClient.Services.exe [2011-3-11 52736]
R2 SBSDWSCService;SBSD Security Center Service;E:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2011-5-11 1153368]
R2 TeamViewer6;TeamViewer 6;E:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-8-30 2358656]
R3 AVGIDSDriver;AVGIDSDriver;E:\Windows\system32\DRIVERS\AVGIDSDriver.Sys --> E:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [?]
R3 AVGIDSFilter;AVGIDSFilter;E:\Windows\system32\DRIVERS\AVGIDSFilter.Sys --> E:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [?]
R3 SbieDrv;SbieDrv;E:\Program Files\Sandboxie\SbieDrv.sys [2011-10-12 157824]
S2 AVGIDSAgent;AVGIDSAgent;E:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2011-8-18 7390560]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;E:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;E:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);E:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-9-30 136176]
S3 gupdatem;Google Update Service (gupdatem);E:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-9-30 136176]
S3 netr7364;RT73 USB Wireless LAN Card Driver for Vista;E:\Windows\system32\DRIVERS\netr7364.sys --> E:\Windows\system32\DRIVERS\netr7364.sys [?]
S3 osppsvc;Office Software Protection Platform;E:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 rt61x64;Linksys Wireless-G PCI Adapter Driver;E:\Windows\system32\DRIVERS\WMP54Gv41x64.sys --> E:\Windows\system32\DRIVERS\WMP54Gv41x64.sys [?]
S3 RTL8167;Realtek 8167 NT Driver;E:\Windows\system32\DRIVERS\Rt64win7.sys --> E:\Windows\system32\DRIVERS\Rt64win7.sys [?]
S3 StorSvc;Storage Service;E:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992]
S3 TsUsbFlt;TsUsbFlt;E:\Windows\system32\drivers\tsusbflt.sys --> E:\Windows\system32\drivers\tsusbflt.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;E:\Windows\system32\Drivers\usbaapl64.sys --> E:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;E:\Windows\system32\Wat\WatAdminSvc.exe --> E:\Windows\system32\Wat\WatAdminSvc.exe [?]
S3 WDC_SAM;WD SCSI Pass Thru driver;E:\Windows\system32\DRIVERS\wdcsam64.sys --> E:\Windows\system32\DRIVERS\wdcsam64.sys [?]
.
=============== Created Last 30 ================
.
2011-11-13 01:43:00 -------- d-----w- E:\Program Files (x86)\Trend Micro
2011-11-12 23:09:09 -------- d-----w- E:\Users\The SPun One\Cyberlink
2011-11-09 06:58:06 886784 ----a-w- E:\Program Files\Common Files\System\wab32.dll
2011-11-09 06:58:06 708608 ----a-w- E:\Program Files (x86)\Common Files\System\wab32.dll
2011-11-09 06:58:05 1923952 ----a-w- E:\Windows\System32\drivers\tcpip.sys
2011-11-09 06:58:04 3144704 ----a-w- E:\Windows\System32\win32k.sys
2011-10-25 23:31:44 255552 ----a-w- E:\Windows\SysWow64\drivers\mcdbus.sys
2011-10-25 23:31:44 255552 ----a-w- E:\Windows\System32\drivers\mcdbus.sys
2011-10-25 23:31:42 -------- d-----w- E:\Program Files (x86)\MagicDisc
2011-10-25 06:08:05 -------- d-----r- E:\Sandbox
2011-10-25 06:06:20 -------- d-----w- E:\Program Files\Sandboxie
2011-10-22 20:41:06 -------- d-----w- E:\Program Files\iPod
2011-10-22 20:41:05 -------- d-----w- E:\Program Files\iTunes
2011-10-22 20:41:05 -------- d-----w- E:\Program Files (x86)\iTunes
2011-10-22 20:33:49 -------- d-----w- E:\Program Files\Bonjour
2011-10-22 20:33:49 -------- d-----w- E:\Program Files (x86)\Bonjour
2011-10-21 04:33:33 -------- d-----w- E:\Program Files (x86)\Common Files\Wise Installation Wizard
2011-10-19 05:16:04 -------- d-----w- E:\Program Files\WDCSAM
2011-10-17 00:55:32 18139008 ----a-w- E:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSO.DLL
.
==================== Find3M ====================
.
2011-10-03 11:06:03 472808 ----a-w- E:\Windows\SysWow64\deployJava1.dll
2011-09-01 05:24:07 2309120 ----a-w- E:\Windows\System32\jscript9.dll
2011-09-01 05:17:57 1389056 ----a-w- E:\Windows\System32\wininet.dll
2011-09-01 05:12:04 2382848 ----a-w- E:\Windows\System32\mshtml.tlb
2011-09-01 02:35:59 1798144 ----a-w- E:\Windows\SysWow64\jscript9.dll
2011-09-01 02:28:15 1126912 ----a-w- E:\Windows\SysWow64\wininet.dll
2011-09-01 02:22:54 2382848 ----a-w- E:\Windows\SysWow64\mshtml.tlb
2011-08-31 23:00:50 25416 ----a-w- E:\Windows\System32\drivers\mbam.sys
2011-08-31 04:05:32 96104 ----a-w- E:\Windows\System32\dns-sd.exe
2011-08-31 04:05:32 85864 ----a-w- E:\Windows\System32\dnssd.dll
2011-08-31 04:05:32 61288 ----a-w- E:\Windows\System32\jdns_sd.dll
2011-08-31 04:05:32 212840 ----a-w- E:\Windows\System32\dnssdX.dll
2011-08-31 04:05:04 83816 ----a-w- E:\Windows\SysWow64\dns-sd.exe
2011-08-31 04:05:04 73064 ----a-w- E:\Windows\SysWow64\dnssd.dll
2011-08-31 04:05:04 50536 ----a-w- E:\Windows\SysWow64\jdns_sd.dll
2011-08-31 04:05:04 178536 ----a-w- E:\Windows\SysWow64\dnssdX.dll
2011-08-27 23:36:10 404640 ----a-w- E:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-08-27 05:37:49 861696 ----a-w- E:\Windows\System32\oleaut32.dll
2011-08-27 05:37:48 331776 ----a-w- E:\Windows\System32\oleacc.dll
2011-08-27 04:26:27 571904 ----a-w- E:\Windows\SysWow64\oleaut32.dll
2011-08-27 04:26:27 233472 ----a-w- E:\Windows\SysWow64\oleacc.dll
2011-08-17 05:26:46 613888 ----a-w- E:\Windows\System32\psisdecd.dll
2011-08-17 05:25:08 108032 ----a-w- E:\Windows\System32\psisrndr.ax
2011-08-17 04:24:12 465408 ----a-w- E:\Windows\SysWow64\psisdecd.dll
2011-08-17 04:19:27 75776 ----a-w- E:\Windows\SysWow64\psisrndr.ax
.
============= FINISH: 5:49:04.65 ===============
mbam-log.txt
Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org
Database version: 8149
Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421
11/13/2011 5:30:31 AM
mbam-log-2011-11-13 (05-30-31).txt
Scan type: Quick scan
Objects scanned: 174813
Time elapsed: 3 minute(s), 19 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
gmer.log
**That log appear to be blank**
