Im Infected

[cfussell]

Hello,

I thought I got rid of the malware but it continues to come back. I especially see it when I open up Internet explorer. I have AVG as antivirus, ran adware, spybot, and AVG in safe mode. I am not sure what to do now. I will check back after work today around 6pm CST. Thank you for any help in advance!

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_24

Run by cfusse at 5:59:00 on 2011-12-26

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.2942.1136 [GMT -6:00]

.

AV: Lavasoft Ad-Watch Live! Anti-Virus *Enabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}

AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}

SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Lavasoft Ad-Watch Live! *Enabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}

.

============== Running Processes ===============

.

C:\PROGRA~1\AVG\AVG2012\avgrsx.exe

C:\Program Files\AVG\AVG2012\avgcsrvx.exe

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe

C:\Windows\System32\spoolsv.exe

C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\AVG\AVG2012\avgwdsvc.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files\DRoster\Firebird\bin\fbguard.exe

C:\Program Files\Common Files\LightScribe\LSSrvc.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\9.0.1\ToolbarUpdater.exe

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\DRIVERS\xaudio.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

C:\Program Files\AVG\AVG2012\avgnsx.exe

C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe

C:\Windows\system32\WUDFHost.exe

C:\Program Files\DRoster\Firebird\bin\fbserver.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\Lavasoft\Ad-Aware\AWSC.exe

C:\Program Files\Lavasoft\Ad-Aware\AWSC.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\AVG\AVG PC Tuneup 2011\BoostSpeed.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe

C:\hp\support\hpsysdrv.exe

C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe

C:\Windows\RtHDVCpl.exe

C:\Program Files\HP\HP Software Update\hpwuSchd2.exe

C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe

C:\Windows\System32\wpcumi.exe

C:\Program Files\AVG\AVG2012\avgtray.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe

C:\Program Files\Ask.com\Updater\Updater.exe

C:\Program Files\AVG Secure Search\vprot.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Windows\ehome\ehtray.exe

C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe

C:\Users\cfusse\AppData\Roaming\Google\Google Talk\googletalk.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\ehome\ehmsas.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files\iPod\bin\iPodService.exe

c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe

C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\hp\kbd\kbd.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\Users\cfusse\Desktop\Malwarebytes' Anti-Malware\mbam.exe

C:\Users\cfusse\Desktop\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Users\cfusse\Desktop\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Windows\system32\NOTEPAD.EXE

C:\Program Files\Common Files\Java\Java Update\jucheck.exe

C:\Program Files\Windows Mail\WinMail.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com/

uDefault_Search_URL = hxxp://www.google.com/ie

uInternet Settings,ProxyOverride = *.local

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

uURLSearchHooks: H - No File

uURLSearchHooks: H - No File

uURLSearchHooks: UrlSearchHook Class: {00000000-6e41-4fd3-8538-502f5495e5fc} - c:\program files\ask.com\GenericAskToolbar.dll

uURLSearchHooks: H - No File

uURLSearchHooks: H - No File

mURLSearchHooks: H - No File

BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg2012\avgssie.dll

BHO: Yahoo! IE Services Button: {5bab4b5b-68bc-4b02-94d6-2fc0de4a7897} - c:\program files\yahoo!\common\yiesrvc.dll

BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No File

BHO: Ad-Aware Security Toolbar: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - c:\program files\adawaretb\adawareDx.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - c:\program files\avg secure search\9.0.0.18\AVG Secure Search_toolbar.dll

BHO: MSN Toolbar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\msn toolbar\platform\4.0.0379.0\npwinext.dll

BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

TB: MSN Toolbar: {8dcb7100-df86-4384-8842-8fa844297b3f} - c:\program files\msn toolbar\platform\4.0.0379.0\npwinext.dll

TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File

TB: {9D425283-D487-4337-BAB6-AB8354A81457} - No File

TB: Ad-Aware Security Toolbar: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - c:\program files\adawaretb\adawareDx.dll

TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll

TB: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - c:\program files\avg secure search\9.0.0.18\AVG Secure Search_toolbar.dll

TB: {8BDEA9D6-6F62-45EB-8EE9-8A81AF0D2F94} - No File

{e7df6bff-55a5-4eb7-a673-4ed3e9456d39}

uRun: [sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun

uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe

uRun: [Google Update] "c:\users\cfusse\appdata\local\google\update\GoogleUpdate.exe" /c

uRun: [HPADVISOR] c:\program files\hewlett-packard\hp advisor\HPAdvisor.exe view=DOCKVIEW,SYSTRAY

uRun: [googletalk] c:\users\cfusse\appdata\roaming\google\google talk\googletalk.exe /autostart

mRun: [hpsysdrv] c:\hp\support\hpsysdrv.exe

mRun: [KBD] c:\hp\kbd\KbdStub.EXE

mRun: [OsdMaestro] "c:\program files\hewlett-packard\on-screen osd indicator\OSD.exe"

mRun: [RtHDVCpl] RtHDVCpl.exe

mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe

mRun: [ContentTransferWMDetector.exe] c:\program files\sony\content transfer\ContentTransferWMDetector.exe

mRun: [WPCUMI] c:\windows\system32\WpcUmi.exe

mRun: [Malwarebytes Anti-Malware (reboot)] "c:\users\cfusse\desktop\malwarebytes' anti-malware\mbam.exe" /runcleanupscript

mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe"

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [Ad-Aware Browsing Protection] "c:\programdata\ad-aware browsing protection\adawarebp.exe"

mRun: [<NO NAME>]

mRun: [ApnUpdater] "c:\program files\ask.com\updater\Updater.exe"

mRun: [vProt] "c:\program files\avg secure search\vprot.exe"

mRun: [Malwarebytes' Anti-Malware] "c:\users\cfusse\desktop\malwarebytes' anti-malware\mbamgui.exe" /starttray

mRunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe

mRunOnce: [Malwarebytes' Anti-Malware] c:\users\cfusse\desktop\malwarebytes' anti-malware\mbamgui.exe /install /silent

mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office11\EXCEL.EXE/3000

IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll

IE: {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - c:\program files\yahoo!\common\yiesrvc.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office11\REFIEBAR.DLL

LSP: c:\windows\system32\wpclsp.dll

LSP: mswsock.dll

DPF: {02A2D714-433E-46E4-B217-7C3B3FAF8EAE} - hxxp://www.worldwinner.com/games/v47/scrabblecubes/scrabblecubes.cab

DPF: {038E2507-7A48-41E2-94AD-7F23D199AF4E} - hxxp://www.worldwinner.com/games/v54/zengems/zengems.cab

DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} - hxxps://oas.support.microsoft.com/ActiveX/MSDcode.cab

DPF: {0B195D55-0AB4-48C7-828F-34BE10BA4266} - hxxp://www.worldwinner.com/games/v53/dealornodeal/dealornodeal.cab

DPF: {13EB7AC8-4811-461C-8581-89650F3D716B} - hxxp://www.worldwinner.com/games/v44/walloffame/walloffame.cab

DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: {18C3FD15-74F6-4280-9C98-3590C966B7B8} - hxxp://www.worldwinner.com/games/v47/skillgam/skillgam.cab

DPF: {1A1F56AA-3401-46F9-B277-D57F3421F821} - hxxp://www.worldwinner.com/games/v47/shared/FunGamesLoader.cab

DPF: {1D082E71-DF20-4AAF-863B-596428C49874} - hxxp://www.worldwinner.com/games/v50/tpir/tpir.cab

DPF: {2C153C75-8476-434B-B3C3-57B63A3D1939} - hxxp://www.worldwinner.com/games/v48/brickout/brickout.cab

DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper.dll

DPF: {3107C2A8-9F0B-4404-A58B-21BD85268FBC} - hxxp://www.pogo.com/cdl/launcher/PogoWebLauncherInstaller.CAB

DPF: {33E54F7F-561C-49E6-929B-D7E76D3AFEB1} - hxxp://www.worldwinner.com/games/v50/pool/pool.cab

DPF: {3D3DBC64-0D21-4EA4-94EE-86D6D9B31C0C} - hxxp://www.worldwinner.com/games/v45/moneylist/moneylist.cab

DPF: {42FDC231-A411-45F8-B8B6-3B5026111DA8} - hxxp://www.worldwinner.com/games/v47/solitairerush/solitairerush.cab

DPF: {48DD0448-9209-4F81-9F6D-D83562940134} - hxxp://lads.myspace.com/upload/MySpaceUploader1006.cab

DPF: {4AB16005-E995-4A60-89DE-8B8A3E6EB5B0} - hxxp://www.worldwinner.com/games/v56/trivialpursuit/trivialpursuit.cab

DPF: {555F1BBC-6EC2-474F-84AF-633EF097FF54} - hxxp://www.worldwinner.com/games/v52/wwhearts/wwhearts.cab

DPF: {58FC4C77-71C2-4972-A8CD-78691AD85158} - hxxp://www.worldwinner.com/games/v63/bjattack/bja.cab

DPF: {615F158E-D5CA-422F-A8E7-F6A5EED7063B} - hxxp://www.worldwinner.com/games/v51/bejeweled/bejeweled.cab

DPF: {61900274-3323-4446-BDCD-91548D32AF1B} - hxxp://www.worldwinner.com/games/v56/spidersolitaire/spidersolitaire.cab

DPF: {62969CF2-0F7A-433B-A221-FD8818C06C2F} - hxxp://www.worldwinner.com/games/v49/blockwerx/blockwerx.cab

DPF: {64CD313F-F079-4D93-959F-4D28B5519449} - hxxp://www.worldwinner.com/games/v56/jeopardy/jeopardy.cab

DPF: {6C6FE41A-0DA6-42A1-9AD8-792026B2B2A7} - hxxp://www.worldwinner.com/games/v41/freecell/freecell.cab

DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab

DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} - hxxp://www.worldwinner.com/games/shared/wwlaunch.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

DPF: {8F6E7FB2-E56B-4F66-A4E1-9765D2565280} - hxxp://www.worldwinner.com/games/launcher/ie/v2.23.01.0/iewwload.cab

DPF: {94299420-321F-4FF9-A247-62A23EBB640B} - hxxp://www.worldwinner.com/games/v46/wordmojo/wordmojo.cab

DPF: {95A311CD-EC8E-452A-BCEC-B844EB616D03} - hxxp://www.worldwinner.com/games/v51/bejeweledtwist/bejeweledtwist.cab

DPF: {97438FE9-D361-4279-BA82-98CC0877A717} - hxxp://www.worldwinner.com/games/v57/cubis/cubis.cab

DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} - hxxp://lads.myspace.com/upload/MySpaceUploader2.cab

DPF: {A021A215-6CDC-44B4-8C16-90491CED9605} - hxxp://www.worldwinner.com/games/v68/clue/clue.cab

DPF: {A52FBD2B-7AB3-4F6B-90E3-91C772C5D00F} - hxxp://www.worldwinner.com/games/v57/wof/wof.cab

DPF: {A91FB93D-7561-4524-8484-5C27C8FA8D42} - hxxp://www.worldwinner.com/games/v50/luxor/luxor.cab

DPF: {AC2881FD-5760-46DB-83AE-20A5C6432A7E} - hxxp://www.worldwinner.com/games/v67/swapit/swapit.cab

DPF: {B06CE1BC-5D9D-4676-BD28-1752DBF394E0} - hxxp://www.worldwinner.com/games/v41/hangman/hangman.cab

DPF: {B6FA2311-5F85-47D3-B885-7055340FC740} - hxxp://www.worldwinner.com/games/v46/grandslam/grandslamtrivia.cab

DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - hxxp://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab

DPF: {BA35B9B8-DE9E-47C9-AFA7-3C77E3DDFD39} - hxxp://www.worldwinner.com/games/v46/monopoly/monopoly.cab

DPF: {BA94245D-2AA0-4953-9D9F-B0EE4CC02C43} - hxxp://www.worldwinner.com/games/v42/tilecity/tilecity.cab

DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} - hxxp://ax.emsisoft.com/asquared.cab

DPF: {BB637307-92FA-47EC-B3F7-6969078673CC} - hxxp://www.worldwinner.com/games/v45/royal/royal.cab

DPF: {C5326A4D-E9AA-40AD-A09A-E74304D86B47} - hxxp://www.worldwinner.com/games/v52/dinerdash/dinerdash.cab

DPF: {C82BB209-F528-46F9-96D5-69DEF7260916} - hxxp://www.worldwinner.com/games/v45/mysterypi/mysterypi.cab

DPF: {C93C1C34-CEA9-49B1-9046-040F59E0E0D8} - hxxp://www.worldwinner.com/games/v43/paint/paint.cab

DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

DPF: {CF969D51-F764-4FBF-9E90-475248601C8A} - hxxp://www.worldwinner.com/games/v49/familyfeud/familyfeud.cab

DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} - hxxp://75.145.120.131/activex/AMC.cab

DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - hxxp://www.popcap.com/webgames/popcaploader_v10.cab

DPF: {E12EB891-D000-421B-A8ED-EDE1BDCA14A0} - hxxp://www.worldwinner.com/games/v44/golfsol/golfsol.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

DPF: {E70E3E64-2793-4AEF-8CC8-F1606BE563B0} - hxxp://www.worldwinner.com/games/v54/wwspades/wwspades.cab

DPF: {FAE74270-E5EE-49C3-B816-EA8B4D55F38F} - hxxp://www.worldwinner.com/games/v53/h2hpool/h2hpool.cab

TCP: DhcpNameServer = 208.180.83.133 208.180.42.68

TCP: Interfaces\{852874A1-D633-4CEC-814B-BEC35DCF5BDB} : DhcpNameServer = 208.180.83.133 208.180.42.68

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll

Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\9.0.1\ViProtocol.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\users\cfusse\appdata\roaming\mozilla\firefox\profiles\gvjcnyt4.default\

FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2260173&SearchSource=3&q={searchTerms}

FF - prefs.js: browser.search.selectedEngine - Ask.com

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com

FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=utf-8&mssrc=ms_kwd&mstb=adawaretb&q=

FF - component: c:\program files\avg\avg10\firefox\components\avgssff.dll

FF - component: c:\program files\avg\avg10\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll

FF - component: c:\program files\avg\avg10\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll

FF - component: c:\program files\avg\avg10\toolbar\firefox\avg@igeared\components\xpavgtbapi.dll

FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll

FF - plugin: c:\program files\google\picasa3\npPicasa3.dll

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\program files\ksolo\npAVX.dll

FF - plugin: c:\program files\microsoft silverlight\4.0.60831.0\npctrlui.dll

FF - plugin: c:\program files\mozilla firefox\plugins\NPcolPM460.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npCouponPrinter.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npMozCouponPrinter.dll

FF - plugin: c:\program files\msn toolbar\platform\4.0.0379.0\npwinext.dll

FF - plugin: c:\program files\nos\bin\np_gp.dll

FF - plugin: c:\program files\virtual earth 3d\npVE3D.dll

FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll

FF - plugin: c:\users\cfusse\appdata\local\google\update\1.3.21.79\npGoogleUpdate3.dll

FF - plugin: c:\users\cfusse\appdata\locallow\unity\webplayer\loader\npUnity3D32.dll

FF - plugin: c:\users\cfusse\appdata\roaming\mozilla\plugins\npgoogletalk.dll

FF - plugin: c:\users\cfusse\appdata\roaming\mozilla\plugins\npgtpo3dautoplugin.dll

.

---- FIREFOX POLICIES ----

FF - user.js: yahoo.homepage.dontask - true

.

============= SERVICES / DRIVERS ===============

.

R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2011-7-11 23120]

R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2011-9-13 32592]

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2011-11-8 64512]

R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2011-10-7 230608]

R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-8-8 40016]

R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2011-7-11 295248]

R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2011-6-6 64952]

R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2012\AVGIDSAgent.exe [2011-10-12 4433248]

R2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2011-8-2 192776]

R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;c:\program files\droster\firebird\bin\fbguard.exe -s --> c:\program files\droster\firebird\bin\fbguard.exe -s [?]

R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-6-20 21504]

R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2011-11-3 2152152]

R2 MBAMService;MBAMService;c:\users\cfusse\desktop\malwarebytes' anti-malware\mbamservice.exe [2010-11-22 366152]

R2 vToolbarUpdater;vToolbarUpdater;c:\program files\common files\avg secure search\vtoolbarupdater\9.0.1\ToolbarUpdater.exe [2011-12-7 855904]

R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2011-7-11 134736]

R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2011-7-11 24272]

R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2011-10-4 16720]

R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\program files\droster\firebird\bin\fbserver.exe -s --> c:\program files\droster\firebird\bin\fbserver.exe -s [?]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-11-22 22216]

R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2010-11-22 41272]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\avg\avg10\toolbar\ToolbarBroker.exe [2011-5-16 1025352]

S3 DCamUSBNW800;CIF USB Camera (2110);c:\windows\system32\drivers\pcam800.sys [2002-7-27 210792]

S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2010-10-28 39272]

S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-9-22 1493352]

S3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\lavasoft\ad-aware\kernexplorer.sys [2011-11-3 15232]

S3 nosGetPlusHelper;getPlus® Helper 3004;c:\windows\system32\svchost.exe -k nosGetPlusHelper [2008-6-20 21504]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

.

=============== Created Last 30 ================

.

2011-12-24 15:35:41 -------- d-----w- C:\Kingsbury

2011-12-16 23:34:57 1427456 ----a-w- c:\windows\system32\inetcpl.cpl

2011-12-15 15:33:35 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe

2011-12-15 15:33:34 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe

2011-12-15 15:33:32 429056 ----a-w- c:\windows\system32\EncDec.dll

2011-12-15 15:33:29 2043904 ----a-w- c:\windows\system32\win32k.sys

2011-12-15 15:33:26 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat

2011-12-15 15:33:24 49152 ----a-w- c:\windows\system32\csrsrv.dll

2011-12-15 15:33:21 2048 ----a-w- c:\windows\system32\tzres.dll

2011-12-07 18:49:22 -------- d-----w- c:\programdata\AVG Secure Search

2011-12-05 11:15:29 677136 ----a-w- c:\programdata\microsoft\ehome\packages\mcespotlight\mcespotlight\SpotlightResources.dll

2011-11-26 15:21:45 -------- d-----w- c:\users\cfusse\appdata\roaming\SumatraPDF

2011-11-26 15:21:08 -------- d-----w- c:\program files\Ask.com

2011-11-26 15:20:59 -------- d-----w- c:\program files\PDFReader

.

==================== Find3M ====================

.

2011-12-26 10:11:30 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2011-11-29 00:21:17 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-11-08 23:49:12 16432 ----a-w- c:\windows\system32\lsdelete.exe

2011-11-03 22:47:42 1798144 ----a-w- c:\windows\system32\jscript9.dll

2011-11-03 22:39:47 1127424 ----a-w- c:\windows\system32\wininet.dll

2011-11-03 22:31:57 2382848 ----a-w- c:\windows\system32\mshtml.tlb

2011-11-03 18:06:56 64512 ----a-w- c:\windows\system32\drivers\Lbd.sys

2011-10-07 11:23:48 230608 ----a-w- c:\windows\system32\drivers\avgldx86.sys

2011-10-04 11:21:16 16720 ----a-w- c:\windows\system32\drivers\AVGIDSShim.sys

.

============= FINISH: 6:00:02.67 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft® Windows Vista™ Home Premium

Boot Device: \Device\HarddiskVolume1

Install Date: 2/8/2008 12:39:43 PM

System Uptime: 12/26/2011 3:58:06 AM (3 hours ago)

.

Motherboard: ECS | | Nettle2

Processor: AMD Athlon 64 X2 Dual Core Processor 4800+ | Socket M2 | 2500/201mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 456 GiB total, 296.887 GiB free.

D: is FIXED (NTFS) - 10 GiB total, 1.322 GiB free.

E: is CDROM ()

F: is Removable

J: is Removable

L: is Removable

M: is Removable

N: is Removable

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP1381: 12/2/2011 12:00:03 AM - Scheduled Checkpoint

RP1382: 12/2/2011 7:38:16 PM - Scheduled Checkpoint

RP1383: 12/4/2011 2:20:21 AM - Scheduled Checkpoint

RP1384: 12/4/2011 9:17:56 PM - Scheduled Checkpoint

RP1385: 12/6/2011 1:24:30 AM - Scheduled Checkpoint

RP1386: 12/7/2011 12:00:06 AM - Scheduled Checkpoint

RP1387: 12/8/2011 12:00:05 AM - Scheduled Checkpoint

RP1388: 12/9/2011 12:16:56 AM - Scheduled Checkpoint

RP1389: 12/10/2011 2:22:26 AM - Scheduled Checkpoint

RP1390: 12/11/2011 2:39:18 AM - Scheduled Checkpoint

RP1391: 12/14/2011 11:33:54 PM - Scheduled Checkpoint

RP1392: 12/16/2011 5:15:32 PM - Windows Update

RP1393: 12/17/2011 3:47:01 AM - Removed Bonjour

RP1394: 12/18/2011 2:06:18 AM - Scheduled Checkpoint

RP1395: 12/19/2011 11:33:01 PM - Scheduled Checkpoint

RP1396: 12/21/2011 12:00:06 AM - Scheduled Checkpoint

RP1397: 12/22/2011 10:39:51 AM - Scheduled Checkpoint

RP1398: 12/23/2011 1:18:19 AM - Scheduled Checkpoint

RP1399: 12/24/2011 3:37:13 AM - Scheduled Checkpoint

RP1400: 12/25/2011 5:27:35 AM - Scheduled Checkpoint

RP1401: 12/26/2011 5:43:34 AM - Scheduled Checkpoint

.

==== Installed Programs ======================

.

ABC Amber PDF Converter

Ad-Aware

Ad-Aware Security Toolbar

Adobe Download Manager

Adobe Flash Player 10 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader X (10.1.1)

Adobe Shockwave Player 11.5

Apple Application Support

Apple Mobile Device Support

Apple Software Update

Artweaver 1.0

Ask Toolbar

Audacity 1.2.6

AVG 2012

AVG PC Tuneup 2011

AVS Update Manager 1.0

AVS Video Converter 6

AVS4YOU Software Navigator 1.3

AXIS Media Control Embedded

Bonjour

Bytescout XLS Viewer 2.30a (FREEWARE)

Cards_Calendar_OrderGift_DoMorePlugout

CIF USB Camera (2110)

Clip Art Collection

Compatibility Pack for the 2007 Office system

Content Transfer

Coupon Printer for Windows

CyberLink DVD Suite Deluxe

D3DX10

Digital Media Converter Pro 3.0

DR Systems Web Ambassador

DRoster

Employee Scheduling Assistant

Enhanced Multimedia Keyboard Solution

EZ Cards Creator

Feedback Tool

Google Talk (remove only)

Google Talk Plugin

Hardware Diagnostic Tools

Hewlett-Packard Active Check

Hewlett-Packard Asset Agent for Health Check

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

HP Active Support Library

HP Advisor

HP Customer Experience Enhancements

HP Customer Feedback

HP Easy Setup - Frontend

HP On-Screen Cap/Num/Scroll Lock Indicator

HP Photo Creations

HP Photosmart Essential 2.5

HP Picasso Media Center Add-In

HP Update

HPPhotoSmartPhotobookWebPack1

IrfanView (remove only)

iTunes

Java Auto Updater

Java 6 Update 24

Junk Mail filter update

kSolo Recorder

LabelPrint

LightScribe System Software

LightScribe Template Labeler

Malwarebytes' Anti-Malware version 1.51.2.1300

Microsoft .NET Framework 1.1

Microsoft .NET Framework 1.1 Security Update (KB2572067)

Microsoft .NET Framework 1.1 Security Update (KB979906)

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 4 Client Profile

Microsoft Application Error Reporting

Microsoft Default Manager

Microsoft Office File Validation Add-In

Microsoft Office PowerPoint Viewer 2007 (English)

Microsoft Office Small Business Edition 2003

Microsoft Office Word Viewer 2003

Microsoft Search Enhancement Pack

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Works

Mozilla Firefox 8.0.1 (x86 en-US)

Mpeg2Decoder 1.3

MSN

MSN Toolbar

MSN Toolbar Platform

MSVCRT

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MSXML 4.0 SP2 Parser and SDK

muvee autoProducer 6.1

My HP Games

NVIDIA Display Control Panel

NVIDIA Drivers

OGA Notifier 2.0.0048.0

OpenOffice.org 3.1

PDF Reader

Photo Viewer V2.4

Picasa 3

Picture Timeclock

PowerDirector

PSSWCORE

Python 2.5

QuickTime

Realtek High Definition Audio Driver

Revo Uninstaller 1.93

Safari

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Segoe UI

Snap 'n Share Pro

Soft Data Fax Modem with SmartCP

SPORE™

Spybot - Search & Destroy

Super Winspy v3.3

TrojanHunter 5.0

Uniblue RegistryBooster 2

Unity Web Player

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

VegasVip

VideoToolkit01

Virtual Earth 3D (Beta)

Visual C++ 2008 x86 Runtime - (v9.0.30729)

Visual C++ 2008 x86 Runtime - v9.0.30729.01

WeatherBug Gadget

Windows Live Communications Platform

Windows Live Essentials

Windows Live Family Safety

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Mail

Windows Live Messenger

Windows Live MIME IFilter

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live Sync

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

Windows Media Player Firefox Plugin

Wizard101

Yahoo! Browser Services

Yahoo! Install Manager

Yahoo! Internet Mail

Yahoo! Messenger

Yahoo! Software Update

Yontoo Layers Client 1.10.01

.

==== Event Viewer Messages From Past Week ========

.

12/26/2011 4:01:03 AM, Error: Microsoft-Windows-WMPNSS-Service [14325] - Service 'WMPNetworkSvc' did not start correctly because QueryService encountered error '0x80070424'. In Windows Media Player, turn off media sharing, and then turn it back on.

12/26/2011 3:58:59 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: i8042prt

12/26/2011 3:58:59 AM, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service.

12/26/2011 3:58:59 AM, Error: Service Control Manager [7003] - The Internet Connection Sharing (ICS) service depends the following service: BFE. This service might not be installed.

.

==== End Of File ===========================

[Maurice Naggar]

Hello,

Would you advise if you have resolved your issues or if you have sought help elsewhere?

If not resolved and you are not already seeking help elsewhere, I'd like for you to rerun a new (fresh) DDS and Copy & Paste the DDS.txt into a new reply into this Topi

Anyone other than original-poster who has similar issues, do not reply here. Start your own topic.

[Maurice Naggar]

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!