Bodyroc Posted June 21, 2012 ID:562977 Share Posted June 21, 2012 I cleaned up my computer today because it kept jumping to other web sites. I used rkill, Mlwaerbytes and AVG Internet Security 2012.They cleaned up several viruses. Now I am hearing ad's in the background..DDS (Ver_2011-08-26.01).Microsoft Windows 7 ProfessionalBoot Device: \Device\HarddiskVolume1Install Date: 6/15/2012 12:45:05 PMSystem Uptime: 6/21/2012 11:32:35 AM (6 hours ago).Motherboard: Dell Inc. | | 0HF42MProcessor: Pentium® Dual-Core CPU T4500 @ 2.30GHz | Microprocessor | 2300/200mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 296 GiB total, 206.497 GiB free.D: is FIXED (NTFS) - 2 GiB total, 1.975 GiB free.E: is CDROM ()F: is RemovableG: is CDROM ().==== Disabled Device Manager Items =============.==== System Restore Points ===================.RP14: 6/18/2012 5:50:15 AM - Windows UpdateRP15: 6/18/2012 10:15:29 AM - Windows UpdateRP16: 6/18/2012 4:19:13 PM - Installed QuickTimeRP17: 6/19/2012 4:00:19 AM - Windows UpdateRP18: 6/19/2012 7:26:53 PM - Installed iTunesRP19: 6/20/2012 8:55:33 AM - Windows UpdateRP20: 6/20/2012 9:07:53 AM - Windows UpdateRP21: 6/20/2012 5:50:40 PM - Windows UpdateRP22: 6/21/2012 3:00:19 AM - Windows Update.==== Installed Programs ======================.AC3Filter 1.63bAdobe Acrobat X Pro - English, Français, DeutschAdobe AIRAdobe Creative Suite 6 Master CollectionAdobe Flash Player 11 ActiveXAdobe Help ManagerAdobe Widget BrowserApple Application SupportApple Software UpdateAtheros Communications Inc.® AR81Family Gigabit/Fast Ethernet DriverblCisco EAP-FAST ModuleCisco LEAP ModuleCisco PEAP ModuleCyberLink YouCamDefinition Update for Microsoft Office 2010 (KB982726) 32-Bit EditionDell Digital DeliveryDirectX 9 RuntimeDivX SetupFace FilterGetFLV Pro 9.0.0.7Google Talk PluginMalwarebytes Anti-Malware version 1.61.0.1400Microsoft Office 2010 Service Pack 1 (SP1)Microsoft Office Access MUI (English) 2010Microsoft Office Access Setup Metadata MUI (English) 2010Microsoft Office Excel MUI (English) 2010Microsoft Office Groove MUI (English) 2010Microsoft Office InfoPath MUI (English) 2010Microsoft Office OneNote MUI (English) 2010Microsoft Office Outlook MUI (English) 2010Microsoft Office PowerPoint MUI (English) 2010Microsoft Office Professional Plus 2010Microsoft Office Proof (English) 2010Microsoft Office Proof (French) 2010Microsoft Office Proof (Spanish) 2010Microsoft Office Proofing (English) 2010Microsoft Office Publisher MUI (English) 2010Microsoft Office Shared MUI (English) 2010Microsoft Office Shared Setup Metadata MUI (English) 2010Microsoft Office Word MUI (English) 2010Microsoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219Microsoft_VC80_CRT_x86Microsoft_VC90_CRT_x86Microsoft_VC90_MFC_x86Microsoft_VC90_MFCLOC_x86PDF Settings CS6phPowerISOQuickTimeRoxio BackOnTrackRoxio BackOnTrackPERoxio Burn - SecureRoxio CinePlayerRoxio CinePlayer Decoder PackRoxio Creator 2012 ProRoxio System Rollback Recovery DiskRoxio Video Capture USBSecurity Update for Microsoft Excel 2010 (KB2597166) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2553091)Security Update for Microsoft Office 2010 (KB2553096)Security Update for Microsoft Office 2010 (KB2553371) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2589320) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2598039) 32-Bit EditionSecurity Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit EditionSecurity Update for Microsoft SharePoint Workspace 2010 (KB2566445)Security Update for Microsoft Visio Viewer 2010 (KB2597981) 32-Bit EditionSmartSound Common DataSmartSound Quicktracks 5Sure Cuts A Lot 1.016Update for Microsoft Office 2010 (KB2553065)Update for Microsoft Office 2010 (KB2553092)Update for Microsoft Office 2010 (KB2553181) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2553267) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2553270) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2553310) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2553385) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2566458)Update for Microsoft Office 2010 (KB2596964) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2597091) 32-Bit EditionUpdate for Microsoft OneNote 2010 (KB2553290) 32-Bit EditionUpdate for Microsoft OneNote 2010 (KB2589345) 32-Bit EditionUpdate for Microsoft Outlook 2010 (KB2553248) 32-Bit EditionUpdate for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit EditionVC80CRTRedist - 8.0.50727.6195Visual Studio 2008 x64 RedistributablesVuzeVuze Remote ToolbarWinRAR archiverYahoo! MessengerYahoo! Software UpdateYahoo! Toolbar.==== Event Viewer Messages From Past Week ========.6/21/2012 9:57:58 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {D3DCB472-7261-43CE-924B-0704BD730D5F}6/21/2012 9:57:58 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF}6/21/2012 9:52:44 AM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.6/21/2012 9:52:44 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}6/21/2012 9:52:44 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}6/21/2012 9:52:35 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}6/21/2012 9:52:30 AM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\System32\bcmihvsrv64.dll Error Code: 216/21/2012 9:52:26 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}6/21/2012 9:52:12 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Avgldx64 Avgmfx64 discache SaibVdAd64 SCDEmu spldr Wanarpv66/21/2012 9:52:10 AM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.6/21/2012 12:23:29 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D3DCB472-7261-43CE-924B-0704BD730D5F} and APPID {D3DCB472-7261-43CE-924B-0704BD730D5F} to the user BodyRoc-PC\BodyRoc SID (S-1-5-21-2542778820-2784884513-1787564653-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.6/21/2012 12:23:28 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {145B4335-FE2A-4927-A040-7C35AD3180EF} and APPID {145B4335-FE2A-4927-A040-7C35AD3180EF} to the user BodyRoc-PC\BodyRoc SID (S-1-5-21-2542778820-2784884513-1787564653-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.6/21/2012 11:10:49 AM, Error: Service Control Manager [7003] - The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.6/21/2012 11:10:49 AM, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.6/21/2012 11:10:34 AM, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service.6/21/2012 1:53:45 PM, Error: Service Control Manager [7023] - The Function Discovery Resource Publication service terminated with the following error: %%-21470248916/21/2012 1:53:45 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error: %%-21470248916/20/2012 9:09:29 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Microsoft .NET Framework 4 Client Profile for Windows 7 x64-based Systems (KB982670).6/20/2012 9:07:54 AM, Error: Service Control Manager [7043] - The Windows Update service did not shut down properly after receiving a preshutdown control.6/20/2012 9:05:51 AM, Error: Microsoft-Windows-SharedAccess_NAT [31004] - The DNS proxy agent was unable to allocate 0 bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error.6/20/2012 6:03:11 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the AVG Firewall service to connect.6/20/2012 6:03:11 PM, Error: Service Control Manager [7000] - The AVG Firewall service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.6/20/2012 5:45:56 PM, Error: Microsoft-Windows-SharedAccess_NAT [34001] - The ICS_IPV6 failed to configure IPv6 stack.6/20/2012 2:38:23 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the avgwd service.6/19/2012 9:19:14 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.6/19/2012 6:54:08 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR2.6/19/2012 4:12:51 AM, Error: bowser [8003] - The master browser has received a server announcement from the computer MCGLOWN-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{284B2EF0-773D-47DF-887A-C0F6356C59F5}. The master browser is stopping or an election is being forced.6/18/2012 9:58:38 AM, Error: Service Control Manager [7023] -6/18/2012 9:55:36 AM, Error: Service Control Manager [7034] - The Dell Digital Delivery Service service terminated unexpectedly. It has done this 1 time(s).6/18/2012 9:55:32 AM, Error: Service Control Manager [7034] - The vToolbarUpdater11.1.0 service terminated unexpectedly. It has done this 1 time(s).6/18/2012 9:55:31 AM, Error: Service Control Manager [7034] - The BOT4Service service terminated unexpectedly. It has done this 1 time(s).6/18/2012 9:55:29 AM, Error: Service Control Manager [7034] - The Roxio SAIB Service service terminated unexpectedly. It has done this 1 time(s).6/18/2012 9:46:07 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Update for Windows 7 for x64-based Systems (KB2563227).6/18/2012 9:46:07 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Windows 7 for x64-based Systems (KB2560656).6/18/2012 9:46:07 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Windows 7 for x64-based Systems (KB2425227).6/18/2012 9:46:07 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2656356).6/18/2012 9:40:06 PM, Error: cdrom [11] - The driver detected a controller error on \Device\CdRom0.6/18/2012 10:00:56 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Update for Windows 7 for x64-based Systems (KB2703157).6/18/2012 10:00:56 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Update for Internet Explorer 8 Compatibility View List for Windows 7 for x64-based Systems (KB2598845).6/18/2012 10:00:56 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Security Update for Internet Explorer 8 for Windows 7 for x64-based Systems (KB2544521).6/17/2012 11:48:16 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000007f (0x0000000000000008, 0x0000000080050031, 0x00000000000406f8, 0xfffff8800401da9e). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 061712-21808-01.6/15/2012 4:12:49 PM, Error: Service Control Manager [7030] - The RoxMediaDB13 service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.6/15/2012 4:12:49 PM, Error: Service Control Manager [7030] - The Roxio Hard Drive Watcher 12 service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.6/15/2012 12:42:16 PM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-2147467243..==== End Of File ===========================.DDS (Ver_2011-08-26.01) - NTFSAMD64Internet Explorer: 9.0.8112.16421Run by BodyRoc at 17:00:10 on 2012-06-21Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.4056.1427 [GMT -4:00].AV: AVG Internet Security 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}SP: AVG Internet Security 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}FW: AVG Firewall *Disabled* {621CC794-9486-F902-D092-0484E8EA828B}.============== Running Processes ===============.C:\PROGRA~2\AVG\AVG2012\avgrsa.exeC:\Program Files (x86)\AVG\AVG2012\avgcsrva.exeC:\Windows\system32\wininit.exeC:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k RPCSSC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k NetworkServiceC:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXEC:\Windows\system32\WLANExt.exeC:\Windows\system32\conhost.exeC:\Program Files\Dell\DW WLAN Card\bcmwltry.exeC:\Windows\System32\spoolsv.exeC:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exeC:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeC:\Program Files (x86)\AVG\AVG2012\avgfws.exeC:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exeC:\Windows\System32\svchost.exe -k LocalServiceNoNetworkC:\Windows\system32\taskhost.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Windows\system32\svchost.exe -k imgsvcC:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exeC:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exeC:\Program Files (x86)\AVG\AVG2012\avgnsa.exeC:\Program Files (x86)\AVG\AVG2012\avgemca.exeC:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exeC:\Program Files (x86)\AVG\AVG2012\avgcsrva.exeC:\Windows\system32\WUDFHost.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exeC:\Windows\system32\SearchIndexer.exeC:\Program Files\Dell\DW WLAN Card\WLTRAY.EXEC:\Program Files\Windows Sidebar\sidebar.exeC:\Users\BodyRoc\AppData\Local\Google\Update\1.3.21.111\GoogleCrashHandler.exeC:\Program Files (x86)\PowerISO\PWRISOVM.EXEC:\Users\BodyRoc\AppData\Local\Google\Update\1.3.21.111\GoogleCrashHandler64.exeC:\Program Files (x86)\AVG\AVG2012\avgtray.exeC:\Program Files (x86)\AVG Secure Search\vprot.exeC:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exeC:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exeC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Program Files (x86)\Roxio 2012\5.0\CPMonitor.exeC:\Program Files (x86)\Roxio 2012\Roxio Burn\RoxioBurnLauncher.exeC:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exeC:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exeC:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exeC:\Program Files (x86)\iTunes\iTunesHelper.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exeC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Program Files\iPod\bin\iPodService.exeC:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exeC:\Program Files (x86)\Yahoo!\Messenger\ymsgr_tray.exeC:\Windows\system32\wuauclt.exeC:\Program Files (x86)\Internet Explorer\IELowutil.exeC:\Windows\system32\taskhost.exeC:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_2_202_235_ActiveX.exeC:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files\Adobe\Adobe Photoshop CS6 (64 Bit)\Photoshop.exeC:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exeC:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\BodyRoc\AppData\Local\Google\Update\GoogleUpdate.exeC:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ping.exeC:\Windows\system32\conhost.exeC:\Windows\SysWOW64\ping.exeC:\Windows\system32\conhost.exeC:\Windows\SysWOW64\ping.exeC:\Windows\system32\conhost.exeC:\Windows\system32\DllHost.exeC:\Windows\system32\DllHost.exeC:\Windows\SysWOW64\cmd.exeC:\Windows\system32\conhost.exeC:\Windows\SysWOW64\cscript.exeC:\Windows\system32\wbem\wmiprvse.exe.============== Pseudo HJT Report ===============.uStart Page = hxxp://www.google.com/uInternet Settings,ProxyOverride = *.localuURLSearchHooks: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dllmURLSearchHooks: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dllmWinlogon: Userinit=userinit.exe,BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dllBHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllBHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dllBHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dllBHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLLBHO: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dllBHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dllBHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLLBHO: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dllBHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dllBHO: Yontoo: {fd72061e-9fde-484d-a58a-0bab4151cad8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dllTB: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dllTB: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dllTB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dllTB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll{e7df6bff-55a5-4eb7-a673-4ed3e9456d39}uRun: [Google Update] "C:\Users\BodyRoc\AppData\Local\Google\Update\GoogleUpdate.exe" /cuRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRunuRun: [AdobeBridge]uRun: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quietmRun: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startupmRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"mRun: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServicesmRun: [YouCam Mirage] "C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"mRun: [YouCam Tray] "C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe" /smRun: [<NO NAME>]mRun: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatchTray13.exe"mRun: [iSUSPM] C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe -schedulermRun: [CPMonitor] "C:\Program Files (x86)\Roxio 2012\5.0\CPMonitor.exe"mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio 2012\Roxio Burn\RoxioBurnLauncher.exe"mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOWmRun: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exemRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbyloginmRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottimemRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttraymPolicies-explorer: NoActiveDesktop = 1 (0x1)mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)mPolicies-system: EnableUIADesktopToggle = 0 (0x0)IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.htmlIE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.htmlIE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.htmlIE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.htmlIE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dllIE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dllLSP: mswsock.dllTCP: DhcpNameServer = 72.240.13.7 72.240.13.5 156.154.70.43TCP: Interfaces\{284B2EF0-773D-47DF-887A-C0F6356C59F5} : DhcpNameServer = 72.240.13.7 72.240.13.5 156.154.70.43Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLLHandler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dllHandler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.1.0\ViProtocol.dllSEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLLBHO-X64: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dllBHO-X64: 0x1 - No FileBHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllBHO-X64: AcroIEHelperStub - No FileBHO-X64: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dllBHO-X64: Increase performance and video formats for your HTML5 <video> - No FileBHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dllBHO-X64: WormRadar.com IESiteBlocker.NavFilter - No FileBHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLLBHO-X64: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dllBHO-X64: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dllBHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLLBHO-X64: URLRedirectionBHO - No FileBHO-X64: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dllBHO-X64: Vuze Remote - No FileBHO-X64: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dllBHO-X64: SmartSelect - No FileBHO-X64: Yontoo: {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dllBHO-X64: Yontoo Layers - No FileTB-X64: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dllTB-X64: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dllTB-X64: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dllTB-X64: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dllmRun-x64: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startupmRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"mRun-x64: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"mRun-x64: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServicesmRun-x64: [YouCam Mirage] "C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"mRun-x64: [YouCam Tray] "C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe" /smRun-x64: [(Default)]mRun-x64: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatchTray13.exe"mRun-x64: [iSUSPM] C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe -schedulermRun-x64: [CPMonitor] "C:\Program Files (x86)\Roxio 2012\5.0\CPMonitor.exe"mRun-x64: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio 2012\Roxio Burn\RoxioBurnLauncher.exe"mRun-x64: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOWmRun-x64: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exemRun-x64: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbyloginmRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"mRun-x64: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"mRun-x64: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottimemRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttraySEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL.============= SERVICES / DRIVERS ===============.R0 AVGIDSEH;AVGIDSEH;C:\Windows\system32\DRIVERS\AVGIDSEH.Sys --> C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [?]R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?]R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]R0 Sahdad64;HDD Filter Driver;C:\Windows\system32\Drivers\Sahdad64.sys --> C:\Windows\system32\Drivers\Sahdad64.sys [?]R0 Saibad64;Volume Filter Driver;C:\Windows\system32\Drivers\Saibad64.sys --> C:\Windows\system32\Drivers\Saibad64.sys [?]R0 SysCow;SysCow;C:\Windows\system32\drivers\syscowad64v.sys --> C:\Windows\system32\drivers\syscowad64v.sys [?]R1 Avgfwfd;AVG network filter service;C:\Windows\system32\DRIVERS\avgfwd6a.sys --> C:\Windows\system32\DRIVERS\avgfwd6a.sys [?]R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?]R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?]R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?]R1 SaibVdAd64;Virtual Disk Driver;C:\Windows\system32\Drivers\SaibVdAd64.sys --> C:\Windows\system32\Drivers\SaibVdAd64.sys [?]R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]R2 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269;Roxio SAIB Service;C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe [2011-2-9 457200]R2 avgfws;AVG Firewall;C:\Program Files (x86)\AVG\AVG2012\avgfws.exe [2011-11-23 2391832]R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-8-2 192776]R2 BOT4Service;BOT4Service;C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe [2011-7-15 21488]R2 DellDigitalDelivery;Dell Digital Delivery Service;C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [2012-4-10 166912]R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-6-21 654408]R2 vToolbarUpdater11.1.0;vToolbarUpdater11.1.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe [2012-6-16 935480]R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys --> C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [?]R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys --> C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [?]R3 BcmVWL;Broadcom Virtual Wireless;C:\Windows\system32\DRIVERS\bcmvwl64.sys --> C:\Windows\system32\DRIVERS\bcmvwl64.sys [?]R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\system32\DRIVERS\clwvd.sys --> C:\Windows\system32\DRIVERS\clwvd.sys [?]R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\system32\DRIVERS\L1C60x64.sys --> C:\Windows\system32\DRIVERS\L1C60x64.sys [?]R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]S2 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatch13.exe [2011-7-13 340976]S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-6-18 257224]S3 dmvsc;dmvsc;C:\Windows\system32\drivers\dmvsc.sys --> C:\Windows\system32\drivers\dmvsc.sys [?]S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 31125880]S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]S3 RoxMediaDB13;RoxMediaDB13;C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxMediaDB13.exe [2011-7-13 1095664]S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992]S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]S4 BOTService;BOTService;C:\Program Files (x86)\Roxio\BackOnTrack\Instant Restore\BOTService.exe [2011-7-14 211440].=============== Created Last 30 ================.2012-06-21 15:28:07 -------- d--h--w- C:\$AVG2012-06-21 14:03:02 -------- d-----w- C:\Users\BodyRoc\AppData\Roaming\Malwarebytes2012-06-21 14:02:23 -------- d-----w- C:\ProgramData\Malwarebytes2012-06-21 14:02:20 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys2012-06-21 14:02:20 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware2012-06-21 01:07:33 902656 ----a-w- C:\Windows\System32\d2d1.dll2012-06-21 01:07:33 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll2012-06-21 01:07:33 1139200 ----a-w- C:\Windows\System32\FntCache.dll2012-06-20 21:59:33 -------- d-sh--w- C:\Windows\SysWow64\%APPDATA%2012-06-20 20:53:41 580096 ----a-w- C:\Windows\System32\ac3filter64.acm2012-06-20 20:53:41 -------- d-----w- C:\Program Files (x86)\AC3Filter2012-06-20 20:44:47 -------- d-----w- C:\Program Files (x86)\Craft Edge2012-06-20 19:48:17 -------- d-----w- C:\Program Files (x86)\GetFLV2012-06-20 18:34:08 -------- d-----w- C:\video_output2012-06-19 23:28:06 34152 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys2012-06-19 23:28:06 126312 ----a-w- C:\Windows\System32\GEARAspi64.dll2012-06-19 23:28:06 107368 ----a-w- C:\Windows\SysWow64\GEARAspi.dll2012-06-19 23:27:30 -------- d-----w- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}2012-06-19 23:27:30 -------- d-----w- C:\Program Files\iTunes2012-06-19 23:27:30 -------- d-----w- C:\Program Files\iPod2012-06-19 23:27:30 -------- d-----w- C:\Program Files (x86)\iTunes2012-06-19 23:26:15 -------- d-----w- C:\Program Files\Bonjour2012-06-19 23:26:15 -------- d-----w- C:\Program Files (x86)\Bonjour2012-06-19 19:09:36 -------- d-----w- C:\Users\BodyRoc\AppData\Roaming\Elephant Games2012-06-19 19:09:36 -------- d-----w- C:\ProgramData\Elephant Games2012-06-19 00:20:33 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl2012-06-19 00:20:33 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe2012-06-19 00:18:20 -------- d-----w- C:\Program Files (x86)\Yahoo!2012-06-18 21:35:55 -------- d-----w- C:\Users\BodyRoc\AppData\Local\Sonic_Solutions2012-06-18 20:23:49 -------- d-----w- C:\Users\BodyRoc\AppData\Local\Apple Computer2012-06-18 20:20:27 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin7.dll2012-06-18 20:20:27 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin6.dll2012-06-18 20:20:27 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin5.dll2012-06-18 20:20:27 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin4.dll2012-06-18 20:20:27 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin3.dll2012-06-18 20:20:27 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin2.dll2012-06-18 20:20:27 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin.dll2012-06-18 20:18:47 -------- d-----w- C:\Users\BodyRoc\AppData\Local\Apple2012-06-18 20:17:00 -------- d-----w- C:\Users\BodyRoc\AppData\Roaming\Roxio Burn2012-06-18 13:54:28 -------- d-----w- C:\Windows\SysWow64\Wat2012-06-18 13:54:28 -------- d-----w- C:\Windows\System32\Wat2012-06-18 09:57:00 -------- d-----w- C:\Users\BodyRoc\AppData\Roaming\ERS Game Studios2012-06-18 09:52:50 81408 ----a-w- C:\Windows\System32\imagehlp.dll2012-06-18 09:52:50 5120 ----a-w- C:\Windows\SysWow64\wmi.dll2012-06-18 09:52:50 5120 ----a-w- C:\Windows\System32\wmi.dll2012-06-18 09:52:50 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys2012-06-18 09:52:50 220672 ----a-w- C:\Windows\System32\wintrust.dll2012-06-18 09:52:50 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll2012-06-18 09:52:50 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll2012-06-17 22:53:48 -------- d-----w- C:\Users\BodyRoc\AppData\Roaming\Blue Tea Games2012-06-17 19:09:18 -------- d-----w- C:\Users\BodyRoc\AppData\Local\AVG Secure Search2012-06-16 21:31:59 -------- d-----w- C:\Users\BodyRoc\AppData\Local\ElevatedDiagnostics2012-06-16 18:51:22 -------- d-----w- C:\ProgramData\AVG Secure Search2012-06-16 18:40:07 -------- d-----w- C:\ProgramData\regid.1986-12.com.adobe2012-06-16 18:29:30 -------- d-----w- C:\ProgramData\ALM2012-06-16 18:25:18 -------- d-----w- C:\Users\BodyRoc\Adobe Flash Builder 4.62012-06-16 18:16:00 -------- d-----w- C:\Program Files (x86)\My Company Name2012-06-16 18:02:22 -------- d-----w- C:\Users\BodyRoc\AppData\Local\Adobe2012-06-16 17:39:07 -------- d-----w- C:\Users\BodyRoc\AppData\Local\DDMSettings2012-06-16 15:41:51 870912 ----a-w- C:\Windows\SysWow64\XpsPrint.dll2012-06-16 15:41:51 1465344 ----a-w- C:\Windows\System32\XpsPrint.dll2012-06-16 15:39:57 267776 ----a-w- C:\Windows\System32\FXSCOVER.exe2012-06-16 15:38:50 197120 ----a-w- C:\Windows\System32\d3d10_1.dll2012-06-16 15:38:50 161792 ----a-w- C:\Windows\SysWow64\d3d10_1.dll2012-06-16 15:38:48 1732096 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL2012-06-16 15:38:48 1367552 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll2012-06-16 15:38:47 936960 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll2012-06-16 15:38:47 1402880 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll2012-06-16 15:38:47 1393664 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll2012-06-16 15:38:42 2048 ----a-w- C:\Windows\SysWow64\tzres.dll2012-06-16 15:38:42 2048 ----a-w- C:\Windows\System32\tzres.dll2012-06-16 15:38:31 77312 ----a-w- C:\Windows\System32\packager.dll2012-06-16 15:38:31 67072 ----a-w- C:\Windows\SysWow64\packager.dll2012-06-16 15:34:25 -------- d-----w- C:\System Rollback Data2012-06-15 23:37:44 -------- d-----w- C:\Users\BodyRoc\AppData\Local\Diagnostics2012-06-15 22:48:10 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll2012-06-15 22:48:10 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys2012-06-15 22:48:10 1031680 ----a-w- C:\Windows\System32\rdpcore.dll2012-06-15 20:29:54 -------- d-----w- C:\Users\BodyRoc\AppData\Local\Rovi_Corporation2012-06-15 20:16:54 -------- d-----w- C:\ProgramData\Uninstall2012-06-15 20:16:40 -------- d-----w- C:\ProgramData\eSellerate2012-06-15 20:15:23 27632 ------w- C:\Windows\System32\drivers\SaibVdAd64.sys2012-06-15 20:15:23 27120 ------w- C:\Windows\System32\drivers\Sahdad64.sys2012-06-15 20:15:22 19952 ------w- C:\Windows\System32\drivers\Saibad64.sys2012-06-15 20:15:05 -------- d-----w- C:\Program Files (x86)\Roxio2012-06-15 20:06:51 -------- d-----w- C:\Program Files\Roxio2012-06-15 20:06:36 -------- d-----w- C:\Users\BodyRoc\AppData\Local\CyberLink2012-06-15 20:06:32 56208 ------w- C:\Windows\System32\drivers\PxHlpa64.sys2012-06-15 20:06:32 10224 ------w- C:\Windows\System32\drivers\cdralw2k.sys2012-06-15 20:06:32 10224 ------w- C:\Windows\System32\drivers\cdr4_xp.sys2012-06-15 20:06:31 -------- d-----w- C:\Program Files (x86)\Common Files\Sonic Shared2012-06-15 20:06:18 -------- d-----w- C:\Program Files (x86)\SmartSound Software2012-06-15 20:06:17 -------- d-----w- C:\ProgramData\SmartSound Software Inc2012-06-15 20:03:35 -------- d-----w- C:\Users\BodyRoc\AppData\Roaming\Roxio Log Files2012-06-15 19:25:25 -------- d-----w- C:\Program Files (x86)\Common Files\PX Storage Engine2012-06-15 19:25:22 -------- d-----w- C:\Program Files\DivX2012-06-15 19:25:14 -------- d-----w- C:\Program Files (x86)\Common Files\DivX Shared2012-06-15 19:25:02 -------- d-----w- C:\Program Files (x86)\DivX2012-06-15 19:24:48 -------- d-----w- C:\ProgramData\DivX2012-06-15 19:12:10 -------- d-----w- C:\Program Files (x86)\Yontoo2012-06-15 19:12:09 -------- d-----w- C:\ProgramData\Tarma Installer2012-06-15 19:11:21 -------- d-----w- C:\Program Files (x86)\1ClickDownload2012-06-15 19:06:55 -------- d-----w- C:\Program Files (x86)\Dell Digital Delivery2012-06-15 18:51:58 -------- d-----w- C:\Program Files (x86)\Microsoft Synchronization Services2012-06-15 18:51:38 -------- d-----w- C:\Windows\PCHEALTH2012-06-15 18:51:38 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server Compact Edition2012-06-15 18:50:12 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 82012-06-15 18:49:30 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services2012-06-15 18:48:58 -------- d-----w- C:\Users\BodyRoc\AppData\Local\Microsoft Help2012-06-15 18:38:36 -------- d-----w- C:\Users\BodyRoc\AppData\Roaming\AVG20122012-06-15 18:38:11 -------- d-----w- C:\Program Files (x86)\Common Files\AVG Secure Search2012-06-15 18:38:11 -------- d-----w- C:\Program Files (x86)\AVG Secure Search2012-06-15 18:38:09 -------- d--h--w- C:\ProgramData\Common Files2012-06-15 18:38:04 -------- d-----w- C:\Windows\SysWow64\drivers\AVG2012-06-15 18:37:37 -------- d-----w- C:\Windows\System32\drivers\AVG2012-06-15 18:37:37 -------- d-----w- C:\ProgramData\AVG20122012-06-15 18:37:08 -------- d-----w- C:\Program Files (x86)\AVG2012-06-15 18:35:34 -------- d-----w- C:\ProgramData\MFAData2012-06-15 18:16:24 -------- d-----w- C:\Users\BodyRoc\.swt2012-06-15 18:16:22 -------- d-----w- C:\Users\BodyRoc\AppData\Roaming\Azureus2012-06-15 18:15:49 -------- d-----w- C:\Program Files (x86)\Vuze2012-06-15 18:15:45 -------- d-----w- C:\Users\BodyRoc\AppData\Local\CRE2012-06-15 18:15:41 -------- d-----w- C:\Users\BodyRoc\AppData\Local\Conduit2012-06-15 18:15:41 -------- d-----w- C:\Program Files (x86)\Conduit2012-06-15 18:15:40 -------- d-----w- C:\Program Files (x86)\Vuze_Remote2012-06-15 18:12:38 -------- d-----w- C:\Users\BodyRoc\AppData\Local\Google2012-06-15 18:10:45 -------- d-----w- C:\Users\BodyRoc\AppData\Local\Deployment2012-06-15 18:10:45 -------- d-----w- C:\Users\BodyRoc\AppData\Local\Apps2012-06-15 17:39:03 -------- d-----w- C:\Windows\Panther2012-06-15 17:38:49 -------- d-sh--w- C:\Boot2012-06-15 17:38:29 -------- d-----w- C:\Program Files (x86)\Cisco2012-06-15 17:37:39 -------- d-sh--w- C:\Windows\Installer2012-06-15 17:37:07 1089024 ----a-w- C:\Windows\System32\BCMLogon.dll2012-06-15 16:59:15 125376 ----a-w- C:\Windows\System32\drivers\scdemu.sys2012-06-15 16:59:15 -------- d-----w- C:\Program Files (x86)\PowerISO2012-06-15 16:52:24 -------- d-----w- C:\Windows\SysWow64\Atheros_L1e2012-06-15 16:52:03 76912 ----a-w- C:\Windows\System32\drivers\L1C62x64.sys2012-06-15 16:52:03 75888 ----a-w- C:\Windows\System32\drivers\L1C60x64.sys2012-06-15 16:52:02 -------- d-----w- C:\dell.==================== Find3M ====================.2012-05-15 01:32:33 3146752 ----a-w- C:\Windows\System32\win32k.sys2012-05-04 11:06:22 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe2012-05-04 10:03:53 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe2012-05-04 10:03:50 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe2012-05-01 05:40:20 209920 ----a-w- C:\Windows\System32\profsvc.dll2012-04-28 03:55:21 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys2012-04-26 05:41:56 77312 ----a-w- C:\Windows\System32\rdpwsx.dll2012-04-26 05:41:55 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll2012-04-26 05:34:27 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe2012-04-25 17:11:36 52736 ----a-w- C:\Windows\System32\drivers\usbaapl64.sys2012-04-25 17:11:36 4547944 ----a-w- C:\Windows\System32\usbaaplrc.dll2012-04-24 05:37:37 184320 ----a-w- C:\Windows\System32\cryptsvc.dll2012-04-24 05:37:37 140288 ----a-w- C:\Windows\System32\cryptnet.dll2012-04-24 05:37:36 1462272 ----a-w- C:\Windows\System32\crypt32.dll2012-04-24 04:36:42 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll2012-04-24 04:36:42 1158656 ----a-w- C:\Windows\SysWow64\crypt32.dll2012-04-24 04:36:42 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll2012-04-07 12:31:40 3216384 ----a-w- C:\Windows\System32\msi.dll2012-04-07 11:26:29 2342400 ----a-w- C:\Windows\SysWow64\msi.dll2012-03-30 11:35:47 1918320 ----a-w- C:\Windows\System32\drivers\tcpip.sys.============= FINISH: 17:02:15.89 ===============Attach.txtDDS.txt Link to post Share on other sites More sharing options...
Firefox Posted June 21, 2012 ID:562978 Share Posted June 21, 2012 Hello and welcome to MalwarebytesMore than likely and after seeing you logs there, you seem to still be infected. Please follow the instructions below...Since you are infected, here are the steps needed to get your computer cleaned....Please read the following so that you can begin the cleaning process:IMPORTANT: Don't use any temporary file cleaners unless requested - this can cause data loss and make recovery difficultYou have 3 Options that you can choose from as listed below:Option 1 —— Free Expert advice in the Malware Removal ForumOption 2 —— Paying customer -- Contact Support via emailOption 3 —— Premium, Fee-Based SupportOPTION 1As we don't deal with malware removal in the General Malwarebytes' Anti-Malware Forum, you need to start a topic in theMalware Removal forum so a qualified helper can help you fix any malware related problems/infections you may have.Please read and follow the directions >>Right HERE<<, skipping any steps you are unable to complete.After posting your new post, make sure under options, you select Track this topic and choose Immediate Email Notification,so that you're alerted when someone has replied to your post.NOTE: Please do not post back to (bump) your topic within the first 48 hours.Replying to your own posts changes the post count and helpers are looking for topics with zero replies.If you reply to your own post helpers may think that you're already being helped and thus overlook your post.If there is no reply from any experts after 48 hours, you can reply to the topic, asking for help again.OrYou may send a Private Message to a Moderator asking for assistance.OPTION 2Alternatively, as a paying customer, you can contact the help desk by filling out the form located >>Right HERE<< OPTION 3If you would like to use our Malwarebytes Premium Services, Comprehensive solutions to all your computer support needs—from installation and set-up to troubleshooting and tune-ups go to our Malwarebytes Premium Services support site >>Right HERE<<Please be patient, someone will assist you as soon as possible.PS: Please use the "Reply to this Topic" or "More Reply Options" buttons (instead of the “Quote” and “MultiQuote” buttons) when replying here & at the other forums. That will make your topic easier to follow. Link to post Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now