0

My avira is giving me a warning that it blocks a "autorun.inf" from my drives C:, G: n F:. G n F are external HD. I keep on erasing the one on G: n F: but i keeps on comin back every time i reboot or plug in a Usb device. On drive C: i cant find the "autorun.inf" and malwarebytes and avira cant find it either.

Ived been doin this type of deletion but it stil comes back.....hassle =(

http://en.kioskea.net/forum/affich-63526-how-to-remove-autorun-inf-virus-open-hidden


Please help me out....thanks

4
Contributors
27
Replies
31
Views
6 Years
Discussion Span
Last Post by David H.
0

Download autorun-eater, it will take it all away and detect it on contact with removable devices

0

Download autorun-eater, it will take it all away and detect it on contact with removable devices

Absolutely no reason to download a special program to do this.
We don't know the operating system of the OP but here are instructions which should cover all:
go to Start Menu \ Run and type in gpedit.msc
If you are prompted for an administrator password or for confirmation, type the password, or click Allow.
Under Computer Configuration, expand Administrative Templates, expand Windows Components, and then click Autoplay Policies.
In the Details pane, double-click Turn off Autoplay.
Click Enabled, and then select All drives in the Turn off Autoplay box to disable Autorun on all drives.
Restart the computer

For Windows 7 do the following:
Click Start button > Open control panel.
Select Default Programs.
Click Change AutoPlay Setting.
Uncheck use AutoPlay for all media and devices and click save.

0

hi thanks for the replies. i tried that autorun eater but still the autorun.inf still pops up.

@jholand - yeah im running win7 but i already did that. The autorun doesnt execute it just pops up all the time even i delete it and avira keeps on blocking them.

0

hi thanks for the replies. i tried that autorun eater but still the autorun.inf still pops up.

@jholand - yeah im running win7 but i already did that. The autorun doesnt execute it just pops up all the time even i delete it and avira keeps on blocking them.

You all ready did what? If it is change settings on the computer, the computer should have been fully rebooted immediately following, did you do that? Did you change settings in Avira? If after all of this it all continues then you likely have infections.
You need to do the steps noted in our Read Me Sticky because this may be an infection.
http://www.daniweb.com/hardware-and-software/microsoft-windows/viruses-spyware-and-other-nasties/threads/134865
Post back with the logs.

Edited by jholland1964: n/a

0

did what you said about the autoplay setting,ived done that way back i got my Win7. Ok il post asap...myt take awhile coz its almost 2tb of memory to be scanned. Btw no settings changed in avira,just defaults.

Edited by jholland1964: n/a

0

did what you said about the autoplay setting,ived done that way back i got my Win7. Ok il post asap...myt take awhile coz its almost 2tb of memory to be scanned. Btw no settings changed in avira,just defaults.

The Avira setting change was the very first thing I gave you, any reason you chose to ignore that suggestion? That would turn that warning off.
When you get that warning from Avira what drive is it telling you that the autorun has been blocked?

0

Its just says Avira has blocked " g: autorun.inf ". Then theres no option of removal or quarantine its just plane " OK ". Its an avira pop up at the right top corner. It used to only happen to drive g: and f: now it also gives me a warning from drive c:. For the 2 drives i can see the autorun.inf file and erase it like a normal file for C: i cant see or delete it even in dos and malwarebytes n avira cant too. Btw the warning pops up everytime i plug or unplug any usb device. Thanks

0

Sir i think the ATFcleaner link is down. Got em from other sites, will do waht you posted now sir. Thanks

Edited by `d3x: n/a

0

Its just says Avira has blocked " g: autorun.inf ". Then theres no option of removal or quarantine its just plane " OK ". Its an avira pop up at the right top corner. It used to only happen to drive g: and f: now it also gives me a warning from drive c:. For the 2 drives i can see the autorun.inf file and erase it like a normal file for C: i cant see or delete it even in dos and malwarebytes n avira cant too. Btw the warning pops up everytime i plug or unplug any usb device. Thanks

I know exactly what you are saying, I have gotten them before also. I understood your first post and all the others. I have used Avira for well over 4 years and am very familiar with the program.
I also told you above how to get to that setting in Avira, it is there that you would be able to stop those pop ups. Look at my print screens.
Though, this shows Avira is doing it's job. So removing the default setting you are disabling a key part of the program, It IS blocking something, which should be telling you there is something wrong and you need to take additional steps.
There IS a chance, as I said earlier this could be an infection and you should follow all the steps given in our Read Me First Sticky and post back with copy/pastes of all the logs produced.

Here is the link for the 2nd time.

http://www.daniweb.com/hardware-and-software/microsoft-windows/viruses-spyware-and-other-nasties/threads/134865

Other than the above recommendations there are no others that I can give to you.

Attachments Avira_Configuration.jpg 38.26 KB Guard,_Scan,_Action_on_Detection.jpg 40.06 KB
0

im doin the stickied link now sir. Gmer is scanning all my drives now. Also si are you suggesting me to turn off the avira autorun blocker? As much as possible i wanna get rid of the autorun for good, it keeps on being created even i delete the files. Il update n post logs asap thanks.

Edited by `d3x: n/a

0

here's the Gmers log..Mbam is still in the process.

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2011-09-02 13:22:36
Windows 6.1.7601 Service Pack 1
Running: vuh2ooht.exe


---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\00158307ceb7
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\00158307ceb7 (not active ControlSet)

---- EOF - GMER 1.0.15 ----

0

Heres the latest Mbam log sir...

Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Database version: 7619

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

9/2/2011 3:59:22 PM
mbam-log-2011-09-02 (15-59-22).txt

Scan type: Full scan (C:\|D:\|E:\|F:\|G:\|)
Objects scanned: 624427
Time elapsed: 2 hour(s), 31 minute(s), 24 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

0

DDS logs please, both should be copy/pasted

Sorry here they are.

0

rar files wont attach...

Attachments
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Ultimate 
Boot Device: \Device\HarddiskVolume1
Install Date: 2/10/2011 1:56:38 AM
System Uptime: 9/2/2011 10:12:11 PM (1 hours ago)
.
Motherboard: MICRO-STAR INTERNATIONAL CO.,LTD |  | G31M3(MS-7528)
Processor: Intel(R) Core(TM)2 Quad CPU    Q6600  @ 2.40GHz | CPU 1 | 2403/267mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 98 GiB total, 45.338 GiB free.
D: is FIXED (NTFS) - 135 GiB total, 91.726 GiB free.
E: is FIXED (NTFS) - 466 GiB total, 232.137 GiB free.
F: is FIXED (NTFS) - 932 GiB total, 537.839 GiB free.
G: is FIXED (NTFS) - 149 GiB total, 44.223 GiB free.
I: is Removable
J: is Removable
K: is Removable
L: is CDROM ()
M: is Removable
Z: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP166: 9/1/2011 1:23:20 AM - Scheduled Checkpoint
RP167: 9/2/2011 5:47:37 PM - Removed NVIDIA PhysX
.
==== Installed Programs ======================
.
 Update for Microsoft Office 2007 (KB2508958)
4Media iPod to PC Transfer
AcronisDiskDirector11Home
Activision(R)
Adobe Acrobat X Pro - English, Russian
Adobe AIR
Adobe Community Help
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Media Player
Adobe Photoshop CS5
Adobe Support Advisor
AnyPic Image Resizer Pro 1.1.0
Apple Application Support
Apple Software Update
Assassin's Creed Brotherhood
Avira AntiVir Personal - Free Antivirus
Battlefield: Bad Company 2
Blur(TM)
CA Yahoo! Anti-Spy (remove only)
Call of Duty Modern Warfare 2
Call of Duty: Black Ops
Call of Duty: Black Ops - Multiplayer
Canon Inkjet Printer/Scanner/Fax Extended Survey Program
Canon Utilities Easy-PhotoPrint EX
Canon Utilities My Printer
Canon Utilities Solution Menu
Catalyst Control Center
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
CCC Help English
CD-LabelPrint
CDR KING USB GAMEPAD
Daniusoft Video Converter Ultimate(Build 3.1.1.0)
Dead Space 2
DiRT 3
Face Off Max
Facebook Video Calling 1.0.0.7930
Fraps (remove only)
FreeArc 0.666
Geniune Service
Genuine Fractals 5.0
Genuine Fractals 6.0.8 Professional Edition
ImTOO DVD Audio Ripper 6
Java(TM) 6 Update 23
Mac OS X Cursors
Magic ISO Maker v5.4 (build 0239)
MagicDisc 2.7.106
Malwarebytes' Anti-Malware version 1.51.1.1800
MartView
Medal of Honor (TM)
Media Browser
Microsoft .NET Framework 4 Multi-Targeting Pack
Microsoft Application Error Reporting
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional Plus 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SQL Server 2008 R2 Management Objects
Microsoft SQL Server Compact 3.5 SP2 ENU
Microsoft SQL Server System CLR Types
Microsoft Visual Basic 2010 Express - ENU
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
Microsoft XML Parser
Microsoft_VC80_ATL_x86
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
Mirror's Edge
Mozilla Firefox 5.0.1 (x86 en-US)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
NBA 2K11
Nero 8
neroxml
onOne PerfectPresets
OpenAL
PDF Settings CS5
PLDT-WatchPad
PunkBuster Services
QuickTime
Rapture3D 2.4.8 Game
Realtek High Definition Audio Driver
Samsung_MonSetup
Seagate Manager Installer
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB2509488)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft Office 2007 System (KB2541012)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2541007)
Security Update for Microsoft Office InfoPath 2007 (KB2510061)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB2535818)
Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)
Security Update for Microsoft Office Publisher 2007 (KB2284697)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Security Update for Microsoft Visual Basic 2010 Express - ENU (KB2251489)
SHIFT 2 UNLEASHED
Skype Toolbars
Skype 5.3
Spybot - Search & Destroy
Spyder2PRO
Steam
SyQic Yoonic Engine - PLDT Watchpad
Tablet
Theme Manager (Free)
Tom Clancy's Rainbow Six Vegas 2
Tom Clancy's Splinter Cell Conviction
Ubisoft Game Launcher
Update for 2007 Microsoft Office System (KB2284654)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office Outlook 2007 (KB2509470)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (KB2586924)
USB20 PC Camera-268
VCRedistSetup
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU
VLC media player 1.1.7
Yahoo! Messenger
Yahoo! Software Update
.
==== Event Viewer Messages From Past Week ========
.
9/2/2011 9:14:26 PM, Error: Service Control Manager [7022]  - The TabletService service hung on starting.
9/2/2011 7:53:18 PM, Error: Disk [11]  - The driver detected a controller error on \Device\Harddisk2\DR2.
9/2/2011 6:05:14 PM, Error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Program Compatibility Assistant Service service, but this action failed with the following error:  An instance of the service is already running.
9/2/2011 6:04:14 PM, Error: Service Control Manager [7034]  - The Diagnostic System Host service terminated unexpectedly.  It has done this 1 time(s).
9/2/2011 6:04:14 PM, Error: Service Control Manager [7031]  - The Windows Driver Foundation - User-mode Driver Framework service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
9/2/2011 6:04:14 PM, Error: Service Control Manager [7031]  - The Windows Audio Endpoint Builder service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
9/2/2011 6:04:14 PM, Error: Service Control Manager [7031]  - The Tablet PC Input Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
9/2/2011 6:04:14 PM, Error: Service Control Manager [7031]  - The Superfetch service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
9/2/2011 6:04:14 PM, Error: Service Control Manager [7031]  - The Program Compatibility Assistant Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
9/2/2011 6:04:14 PM, Error: Service Control Manager [7031]  - The Portable Device Enumerator Service service terminated unexpectedly.  It has done this 1 time(s).  The foll
.
DDS (Ver_2011-08-26.01) - NTFSAMD64 
Internet Explorer: 9.0.8112.16421  BrowserJavaVersion: 1.6.0_23
Run by Administrator at 23:25:03 on 2011-09-02
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.1.1033.18.4095.2648 [GMT 8:00]
.
AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Windows\System32\spoolsv.exe
E:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
E:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
C:\Windows\system32\taskhost.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Windows\system32\svchost.exe -k apphost
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
E:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\SysWOW64\astsrv.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
E:\Program Files (x86)\Sync\FreeAgentService.exe
C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
E:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Windows\system32\nlsInterface.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\Tablet.exe
C:\Windows\system32\svchost.exe -k iissvcs
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
E:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe
E:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
E:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files (x86)\RocketDock\RocketDock.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
E:\Program Files (x86)\FreeAgent Status\stxmenumgr.exe
E:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
E:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\WTablet\TabUserW.exe
C:\Windows\system32\Tablet.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\system32\taskeng.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://ww.google.com/
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: H - No File
mWinlogon: Userinit=userinit.exe,
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - E:\PROGRA~2\SPYBOT~1\SDHelper.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Search Toolbar: {9d425283-d487-4337-bab6-ab8354a81457} - C:\Program Files (x86)\Search Toolbar\SearchToolbar.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Search Toolbar: {9d425283-d487-4337-bab6-ab8354a81457} - C:\Program Files (x86)\Search Toolbar\SearchToolbar.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: {BA14329E-9550-4989-B3F2-9732E92D17CC} - No File
uRun: [AdobeBridge] 
uRun: [SpybotSD TeaTimer] e:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
mRun: [MaxMenuMgr] "E:\Program Files (x86)\FreeAgent Status\StxMenuMgr.exe"
mRun: [avgnt] "E:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
mRun: [<NO NAME>] 
mRun: [iTunesHelper] "E:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
StartupFolder: C:\Users\ADMINI~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ROCKET~1.LNK - C:\Program Files (x86)\RocketDock\RocketDock.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\COLORV~1.LNK - C:\Program Files (x86)\ColorVision\Utility\ColorVisionStartup.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-explorer: DontSetAutoplayCheckbox = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - E:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - E:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - E:\PROGRA~2\SPYBOT~1\SDHelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{715C50A4-98DD-4455-9D32-149343B9E538} : DhcpNameServer = 192.168.1.1
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO-X64: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO-X64:     0x1 - No File
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64:     AcroIEHelperStub - No File
BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - E:\PROGRA~2\SPYBOT~1\SDHelper.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Search Toolbar: {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files (x86)\Search Toolbar\SearchToolbar.dll
BHO-X64: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO-X64:     SkypeIEPluginBHO - No File
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO-X64: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO-X64:     SmartSelect - No File
TB-X64: Search Toolbar: {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files (x86)\Search Toolbar\SearchToolbar.dll
TB-X64: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB-X64: {BA14329E-9550-4989-B3F2-9732E92D17CC} - No File
mRun-x64: [SunJavaUpdateSched]
0

rar files wont attach...

Instructions are and were VERY clear both in our Read Me First Sticky
"please be sure to submit (Copy & Paste, not as an attachment unless requested) these requested scanlogs"

And as instructed by myself twice in this thread itself

"post back with copy/pastes of all the logs produced."

"DDS logs please, both should be copy/pasted"

Please COPY/PASTE both files. We do not open attached files due to the possiblility of infecting those opening the files.
The logs are both displayed in Notepad so a Copy/paste of these .txt files is very simple to do.

Edited by jholland1964: n/a

0

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_23
Run by Administrator at 23:25:03 on 2011-09-02
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.4095.2648 [GMT 8:00]
.
AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Windows\System32\spoolsv.exe
E:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
E:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
C:\Windows\system32\taskhost.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Windows\system32\svchost.exe -k apphost
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
E:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\SysWOW64\astsrv.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
E:\Program Files (x86)\Sync\FreeAgentService.exe
C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
E:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Windows\system32\nlsInterface.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\Tablet.exe
C:\Windows\system32\svchost.exe -k iissvcs
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
E:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe
E:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
E:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files (x86)\RocketDock\RocketDock.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
E:\Program Files (x86)\FreeAgent Status\stxmenumgr.exe
E:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
E:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\WTablet\TabUserW.exe
C:\Windows\system32\Tablet.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\system32\taskeng.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://ww.google.com/
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: H - No File
mWinlogon: Userinit=userinit.exe,
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - E:\PROGRA~2\SPYBOT~1\SDHelper.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Search Toolbar: {9d425283-d487-4337-bab6-ab8354a81457} - C:\Program Files (x86)\Search Toolbar\SearchToolbar.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Search Toolbar: {9d425283-d487-4337-bab6-ab8354a81457} - C:\Program Files (x86)\Search Toolbar\SearchToolbar.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: {BA14329E-9550-4989-B3F2-9732E92D17CC} - No File
uRun: [AdobeBridge]
uRun: [SpybotSD TeaTimer] e:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
mRun: [MaxMenuMgr] "E:\Program Files (x86)\FreeAgent Status\StxMenuMgr.exe"
mRun: [avgnt] "E:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
mRun: [<NO NAME>]
mRun: [iTunesHelper] "E:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
StartupFolder: C:\Users\ADMINI~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ROCKET~1.LNK - C:\Program Files (x86)\RocketDock\RocketDock.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\COLORV~1.LNK - C:\Program Files (x86)\ColorVision\Utility\ColorVisionStartup.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-explorer: DontSetAutoplayCheckbox = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - E:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - E:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - E:\PROGRA~2\SPYBOT~1\SDHelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{715C50A4-98DD-4455-9D32-149343B9E538} : DhcpNameServer = 192.168.1.1
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO-X64: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO-X64: 0x1 - No File
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - E:\PROGRA~2\SPYBOT~1\SDHelper.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Search Toolbar: {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files (x86)\Search Toolbar\SearchToolbar.dll
BHO-X64: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO-X64: SkypeIEPluginBHO - No File
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO-X64: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO-X64: SmartSelect - No File
TB-X64: Search Toolbar: {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files (x86)\Search Toolbar\SearchToolbar.dll
TB-X64: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB-X64: {BA14329E-9550-4989-B3F2-9732E92D17CC} - No File
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
mRun-x64: [MaxMenuMgr] "E:\Program Files (x86)\FreeAgent Status\StxMenuMgr.exe"
mRun-x64: [avgnt] "E:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
mRun-x64: [(Default)]
mRun-x64: [iTunesHelper] "E:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\b6ik3vau.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - component: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\b6ik3vau.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\XPATLCOM.dll
FF - component: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\b6ik3vau.default\extensions\piclens@cooliris.com\components\cooliris.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Users\Administrator\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
FF - plugin: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\b6ik3vau.default\extensions\piclens@cooliris.com\plugins\npcoolirisplugin.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
FF - plugin: D:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\browser\nppdf32.dll
FF - plugin: E:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
.
============= SERVICES / DRIVERS ===============
.
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;E:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2011-2-12 136360]
R2 AntiVirService;Avira AntiVir Guard;E:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2011-2-12 269480]
R2 avgntflt;avgntflt;C:\Windows\system32\DRIVERS\avgntflt.sys --> C:\Windows\system32\DRIVERS\avgntflt.sys [?]
R2 FreeAgentGoNext Service;Seagate Service;E:\Program Files (x86)\Sync\FreeAgentService.exe [2009-5-2 181544]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-8-28 366640]
R2 nlscc;Nalpeiron X64 Service;C:\Windows\system32\nlsInterface.exe --> C:\Windows\system32\nlsInterface.exe [?]
R2 OS Selector;Acronis OS Selector activator;E:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe [2010-9-29 2139400]
R2 SBSDWSCService;SBSD Security Center Service;E:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2011-8-29 1153368]
R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 wacmoumonitor;Wacom Mode Helper;C:\Windows\system32\DRIVERS\wacmoumonitor.sys --> C:\Windows\system32\DRIVERS\wacmoumonitor.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-19 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-19 138576]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\system32\drivers\rdpvideominiport.sys --> C:\Windows\system32\drivers\rdpvideominiport.sys [?]
S3 Spyder2;ColorVision Spyder2;C:\Windows\system32\DRIVERS\Spyder2.sys --> C:\Windows\system32\DRIVERS\Spyder2.sys [?]
S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-20 517096]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2011-09-02 09:01:17 -------- d-----w- C:\Users\Administrator\AppData\Local\Apple Computer
2011-08-30 10:52:05 8862544 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9F15835E-611A-4D72-A975-9D16DE3D7C74}\mpengine.dll
2011-08-29 15:48:33 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2011-08-29 09:19:05 -------- d-----w- C:\ProgramData\Autorun Eater
2011-08-29 06:24:48 -------- d-----w- C:\Program Files (x86)\AMD APP
2011-08-29 06:24:43 -------- d-----w- C:\Program Files\Common Files\ATI Technologies
2011-08-29 06:24:43 -------- d-----w- C:\Program Files (x86)\Common Files\ATI Technologies
2011-08-29 06:23:38 -------- d-----w- C:\Program Files (x86)\ATI Technologies
2011-08-29 06:23:35 -------- d-----w- C:\Program Files\ATI
2011-08-29 06:23:16 -------- d-----w- C:\Program Files\ATI Technologies
2011-08-28 15:24:18 -------- d-----w- C:\Users\Administrator\AppData\Roaming\CD-LabelPrint
2011-08-28 14:54:08 41272 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
2011-08-28 14:54:04 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-08-27 08:36:35 -------- d-----w- C:\Program Files\iPod
2011-08-27 08:36:34 -------- d-----w- C:\Program Files\iTunes
2011-08-24 05:11:16 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2011-08-24 05:11:16 2048 ----a-w- C:\Windows\System32\tzres.dll
2011-08-23 09:02:21 -------- d-----w- C:\Windows\RazorDOX
2011-08-14 05:21:08 -------- d-----w- C:\Users\Administrator\dwhelper
.
==================== Find3M ====================
.
2011-08-11 14:01:45 404640 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-07-28 22:23:16 9980416 ----a-w- C:\Windows\System32\drivers\atikmdag.sys
2011-07-28 22:09:06 23921664 ----a-w- C:\Windows\System32\atio6axx.dll
2011-07-28 21:44:06 18388480 ----a-w- C:\Windows\SysWow64\atioglxx.dll
2011-07-28 21:40:58 151552 ----a-w- C:\Windows\System32\atiapfxx.exe
2011-07-28 21:40:44 726528 ----a-w- C:\Windows\SysWow64\aticfx32.dll
2011-07-28 21:39:14 852992 ----a-w- C:\Windows\System32\aticfx64.dll
2011-07-28 21:36:26 462848 ----a-w- C:\Windows\System32\ATIDEMGX.dll
2011-07-28 21:36:12 485376 ----a-w- C:\Windows\System32\atieclxx.exe
2011-07-28 21:35:34 204288 ----a-w- C:\Windows\System32\atiesrxx.exe
2011-07-28 21:34:20 120320 ----a-w- C:\Windows\System32\atitmm64.dll
2011-07-28 21:34:00 423424 ----a-w- C:\Windows\System32\atipdl64.dll
2011-07-28 21:33:54 356352 ----a-w- C:\Windows\SysWow64\atipdlxx.dll
2011-07-28 21:33:42 278528 ----a-w- C:\Windows\SysWow64\Oemdspif.dll
2011-07-28 21:33:36 21504 ----a-w- C:\Windows\System32\atimuixx.dll
2011-07-28 21:33:32 59392 ----a-w- C:\Windows\System32\atiedu64.dll
2011-07-28 21:33:26 43520 ----a-w- C:\Windows\SysWow64\ati2edxx.dll
2011-07-28 21:30:26 4198912 ----a-w- C:\Windows\SysWow64\atidxx32.dll
2011-07-28 21:20:36 4943360 ----a-w- C:\Windows\System32\atidxx64.dll
2011-07-28 21:12:14 1113088 ----a-w- C:\Windows\System32\atiumd6v.dll
2011-07-28 21:11:42 1828864 ----a-w- C:\Windows\SysWow64\atiumdmv.dll
2011-07-28 21:11:30 3871744 ----a-w- C:\Windows\System32\atiumd6a.dll
2011-07-28 21:11:16 51200 ----a-w- C:\Windows\System32\aticalrt64.dll
2011-07-28 21:11:14 46080 ----a-w- C:\Windows\SysWow64\aticalrt.dll
2011-07-28 21:11:04 44544 ----a-w- C:\Windows\System32\aticalcl64.dll
2011-07-28 21:11:02 44032 ----a-w- C:\Windows\SysWow64\aticalcl.dll
2011-07-28 21:10:50 9644544 ----a-w- C:\Windows\System32\aticaldd64.dll
2011-07-28 21:09:10 4256768 ----a-w- C:\Windows\SysWow64\atiumdag.dll
2011-07-28 21:07:24 8247296 ----a-w- C:\Windows\SysWow64\aticaldd.dll
2011-07-28 21:03:58 4056064 ----a-w- C:\Windows\SysWow64\atiumdva.dll
2011-07-28 21:02:28 5399040 ----a-w- C:\Windows\System32\atiumd64.dll
2011-07-28 21:01:50 58880 ----a-w- C:\Windows\System32\coinst.dll
2011-07-28 20:54:52 378368 ----a-w- C:\Windows\System32\atiadlxx.dll
2011-07-28 20:54:44 266240 ----a-w- C:\Windows\SysWow64\atiadlxy.dll
2011-07-28 20:54:34 15360 ----a-w- C:\Windows\System32\atig6pxx.dll
2011-07-28 20:54:30 13312 ----a-w- C:\Windows\SysWow64\atiglpxx.dll
2011-07-28 20:54:30 13312 ----a-w- C:\Windows\System32\atiglpxx.dll
2011-07-28 20:54:26 39936 ----a-w- C:\Windows\System32\atig6txx.dll
2011-07-28 20:54:18 32768 ----a-w- C:\Windows\SysWow64\atigktxx.dll
2011-07-28 20:54:10 309248 ----a-w- C:\Windows\System32\drivers\atikmpag.sys
2011-07-28 20:53:22 40960 ----a-w- C:\Windows\System32\atiuxp64.dll
2011-07-28 20:53:14 31744 ----a-w- C:\Windows\SysWow64\atiuxpag.dll
2011-07-28 20:53:08 38912 ----a-w- C:\Windows\System32\atiu9p64.dll
2011-07-28 20:53:00 29184 ----a-w- C:\Windows\SysWow64\atiu9pag.dll
2011-07-28 20:52:26 53248 ----a-w- C:\Windows\System32\drivers\ati2erec.dll
2011-07-28 20:51:10 53760 ----a-w- C:\Windows\System32\atimpc64.dll
2011-07-28 20:51:10 53760 ----a-w- C:\Windows\System32\amdpcom64.dll
2011-07-28 20:51:04 52736 ----a-w- C:\Windows\SysWow64\atimpc32.dll
2011-07-28 20:51:04 52736 ----a-w- C:\Windows\SysWow64\amdpcom32.dll
2011-07-28 09:49:14 60416 ----a-w- C:\Windows\System32\OVDecode64.dll
2011-07-28 09:48:58 51200 ----a-w- C:\Windows\System32\OpenCL.dll
2011-07-28 09:48:48 16552960 ----a-w- C:\Windows\System32\amdocl64.dll
2011-07-22 05:42:23 2303488 ----a-w- C:\Windows\System32\jscript9.dll
2011-07-22 05:36:16 1389056 ----a-w- C:\Windows\System32\wininet.dll
2011-07-22 05:32:40 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2011-07-22 02:54:43 1797632 ----a-w- C:\Windows\SysWow64\jscript9.dll
2011-07-22 02:48:26 1126912 ----a-w- C:\Windows\SysWow64\wininet.dll
2011-07-22 02:44:36 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2011-07-17 15:54:02 59904 ----a-w- C:\Windows\SysWow64\OVDecode.dll
2011-07-17 15:53:46 51712 ----a-w- C:\Windows\SysWow64\OpenCL.dll
2011-07-17 15:53:28 12385280 ----a-w- C:\Windows\SysWow64\amdocl.dll
2011-07-16 05:41:50 362496 ----a-w- C:\Windows\System32\wow64win.dll
2011-07-16 05:41:49 243200 ----a-w- C:\Windows\System32\wow64.dll
2011-07-16 05:41:49 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2011-07-16 05:39:10 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2011-07-16 05:37:12 421888 ----a-w- C:\Windows\System32\KernelBase.dll
2011-07-16 04:29:19 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2011-07-16 04:26:00 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2011-07-16 04:25:37 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2011-07-16 04:24:23 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2011-07-16 04:24:22 272384 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2011-07-16 02:21:44 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2011-07-16 02:21:41 2048 ----a-w- C:\Windows\SysWow64\user.exe
2011-07-16 02:17:19 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2011-07-16 02:17:19 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2011-07-16 02:17:19 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2011-07-16 02:17:19 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2011-07-12 03:34:00 96104 ----a-w- C:\Windows\System32\dns-sd.exe
2011-07-12 03:34:00 85864 ----a-w- C:\Windows\System32\dnssd.dll
2011-07-12 03:34:00 61288 ----a-w- C:\Windows\System32\jdns_sd.dll
2011-07-12 03:34:00 212840 ----a-w- C:\Windows\System32\dnssdX.dll
2011-07-12 03:20:54 83816 ----a-w- C:\Windows\SysWow64\dns-sd.exe
2011-07-12 03:20:54 73064 ----a-w- C:\Windows\SysWow64\dnssd.dll
2011-07-12 03:20:54 50536 ----a-w- C:\Windows\SysWow64\jdns_sd.dll
2011-07-12 03:20:54 178536 ----a-w- C:\Windows\SysWow64\dnssdX.dll
2011-07-09 02:46:28 288768 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
2011-07-06 11:52:42 25912 ----a-w- C:\Windows\System32\drivers\mbam.sys
2011-07-05 10:37:00 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx
2011-07-05 10:37:00 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts
2011-06-29 13:53:43 88288 ----a-w- C:\Windows\System32\drivers\avgntflt.sys
2011-06-24 05:34:53 214528 ----a-w- C:\Windows\System32\winsrv.dll
2011-06-24 05:25:49 338432 ----a-w- C:\Windows\System32\conhost.exe
2011-06-23 05:43:12 5561216 ----a-w- C:\Windows\System32\ntoskrnl.exe
2011-06-23 04:33:57 3967872 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2011-06-23 04:33:57 3912576 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2011-06-21 06:34:00 1923968 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2011-06-15 19:34:06 2971648 ----a-w- C:\Windows\System32\SlotMaximizerBe.dll
2011-06-15 19:34:06 105984 ----a-w- C:\Windows\System32\SlotMaximizerAg.dll
2011-06-15 10:02:23 212992 ----a-w- C:\Windows\System32\odbctrac.dll
2011-06-15 10:02:23 163840 ----a-w- C:\Windows\System32\odbccp32.dll
.
============= FINISH: 23:28:33.25 ===============

0

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume1
Install Date: 2/10/2011 1:56:38 AM
System Uptime: 9/2/2011 10:12:11 PM (1 hours ago)
.
Motherboard: MICRO-STAR INTERNATIONAL CO.,LTD | | G31M3(MS-7528)
Processor: Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz | CPU 1 | 2403/267mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 98 GiB total, 45.338 GiB free.
D: is FIXED (NTFS) - 135 GiB total, 91.726 GiB free.
E: is FIXED (NTFS) - 466 GiB total, 232.137 GiB free.
F: is FIXED (NTFS) - 932 GiB total, 537.839 GiB free.
G: is FIXED (NTFS) - 149 GiB total, 44.223 GiB free.
I: is Removable
J: is Removable
K: is Removable
L: is CDROM ()
M: is Removable
Z: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP166: 9/1/2011 1:23:20 AM - Scheduled Checkpoint
RP167: 9/2/2011 5:47:37 PM - Removed NVIDIA PhysX
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
4Media iPod to PC Transfer
Acronis Disk Director 11 Home
Activision(R)
Adobe Acrobat X Pro - English, Russian
Adobe AIR
Adobe Community Help
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Media Player
Adobe Photoshop CS5
Adobe Support Advisor
AnyPic Image Resizer Pro 1.1.0
Apple Application Support
Apple Software Update
Assassin's Creed Brotherhood
Avira AntiVir Personal - Free Antivirus
Battlefield: Bad Company™ 2
Blur(TM)
CA Yahoo! Anti-Spy (remove only)
Call of Duty Modern Warfare 2
Call of Duty: Black Ops
Call of Duty: Black Ops - Multiplayer
Canon Inkjet Printer/Scanner/Fax Extended Survey Program
Canon Utilities Easy-PhotoPrint EX
Canon Utilities My Printer
Canon Utilities Solution Menu
Catalyst Control Center
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
CCC Help English
CD-LabelPrint
CDR KING USB GAMEPAD
Daniusoft Video Converter Ultimate(Build 3.1.1.0)
Dead Space™ 2
DiRT 3
Face Off Max
Facebook Video Calling 1.0.0.7930
Fraps (remove only)
FreeArc 0.666
Geniune Service
Genuine Fractals 5.0
Genuine Fractals 6.0.8 Professional Edition
ImTOO DVD Audio Ripper 6
Java(TM) 6 Update 23
Mac OS X Cursors
Magic ISO Maker v5.4 (build 0239)
MagicDisc 2.7.106
Malwarebytes' Anti-Malware version 1.51.1.1800
MartView
Medal of Honor (TM)
Media Browser
Microsoft .NET Framework 4 Multi-Targeting Pack
Microsoft Application Error Reporting
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional Plus 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SQL Server 2008 R2 Management Objects
Microsoft SQL Server Compact 3.5 SP2 ENU
Microsoft SQL Server System CLR Types
Microsoft Visual Basic 2010 Express - ENU
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
Microsoft XML Parser
Microsoft_VC80_ATL_x86
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
Mirror's Edge™
Mozilla Firefox 5.0.1 (x86 en-US)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
NBA 2K11
Nero 8
neroxml
onOne PerfectPresets
OpenAL
PDF Settings CS5
PLDT-WatchPad
PunkBuster Services
QuickTime
Rapture3D 2.4.8 Game
Realtek High Definition Audio Driver
Samsung_MonSetup
Seagate Manager Installer
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB2509488)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft Office 2007 System (KB2541012)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2541007)
Security Update for Microsoft Office InfoPath 2007 (KB2510061)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB2535818)
Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)
Security Update for Microsoft Office Publisher 2007 (KB2284697)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Security Update for Microsoft Visual Basic 2010 Express - ENU (KB2251489)
SHIFT 2 UNLEASHED™
Skype Toolbars
Skype™ 5.3
Spybot - Search & Destroy
Spyder2PRO
Steam
SyQic Yoonic Engine - PLDT Watchpad
Tablet
Theme Manager (Free)
Tom Clancy's Rainbow Six Vegas 2
Tom Clancy's Splinter Cell Conviction
Ubisoft Game Launcher
Update for 2007 Microsoft Office System (KB2284654)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office Outlook 2007 (KB2509470)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (KB2586924)
USB20 PC Camera-268
VCRedistSetup
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU
VLC media player 1.1.7
Yahoo! Messenger
Yahoo! Software Update
.
==== Event Viewer Messages From Past Week ========
.
9/2/2011 9:14:26 PM, Error: Service Control Manager [7022] - The TabletService service hung on starting.
9/2/2011 7:53:18 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR2.
9/2/2011 6:05:14 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Program Compatibility Assistant Service service, but this action failed with the following error: An instance of the service is already running.
9/2/2011 6:04:14 PM, Error: Service Control Manager [7034] - The Diagnostic System Host service terminated unexpectedly. It has done this 1 time(s).
9/2/2011 6:04:14 PM, Error: Service Control Manager [7031] - The Windows Driver Foundation - User-mode Driver Framework service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
9/2/2011 6:04:14 PM, Error: Service Control Manager [7031] - The Windows Audio Endpoint Builder service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
9/2/2011 6:04:14 PM, Error: Service Control Manager [7031] - The Tablet PC Input Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
9/2/2011 6:04:14 PM, Error: Service Control Manager [7031] - The Superfetch service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
9/2/2011 6:04:14 PM, Error: Service Control Manager [7031] - The Program Compatibility Assistant Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
9/2/2011 6:04:14 PM, Error: Service Control Manager [7031] - The Portable Device Enumerator Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
9/2/2011 6:04:14 PM, Error: Service Control Manager [7031] - The Offline Files service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
9/2/2011 6:04:14 PM, Error: Service Control Manager [7031] - The Network Connections service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.
9/2/2011 6:04:14 PM, Error: Service Control Manager [7031] - The Distributed Link Tracking Client service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
9/2/2011 6:04:14 PM, Error: Service Control Manager [7031] - The Desktop Window Manager Session Manager service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
9/2/2011 2:43:53 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk3\DR3.
9/1/2011 10:24:32 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the FreeAgentGoNext Service service.
9/1/2011 10:24:02 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AntiVirSchedulerService service.
8/30/2011 8:31:30 PM, Error: Service Control Manager [7000] - The Lavalys EVEREST Kernel Driver service failed to start due to the following error: Windows cannot verify the digital signature for this file. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
8/29/2011 6:19:44 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
8/29/2011 6:19:44 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
8/29/2011 6:19:44 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
8/29/2011 6:19:43 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
8/29/2011 6:19:43 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
8/29/2011 6:19:42 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
8/29/2011 6:19:35 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
8/29/2011 6:19:28 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD avipbb CSC DfsC discache NetBIOS NetBT nsiproxy Psched rdbss spldr tdx Wanarpv6 WfpLwf
8/29/2011 6:19:27 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
8/29/2011 6:19:27 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
8/29/2011 6:19:27 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
8/29/2011 6:19:27 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
8/29/2011 6:19:27 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
8/29/2011 6:19:27 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.
8/29/2011 6:19:27 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
8/29/2011 6:19:27 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
8/29/2011 6:19:27 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
8/29/2011 6:19:27 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
8/29/2011 2:24:21 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the AMD External Events Utility service to connect.
8/29/2011 2:24:21 PM, Error: Service Control Manager [7000] - The AMD External Events Utility service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
8/29/2011 11:59:37 PM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
8/27/2011 4:37:28 PM, Error: Service Control Manager [7038] - The upnphost service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error: The security account manager (SAM) or local security authority (LSA) server was in the wrong state to perform the security operation. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
8/27/2011 4:37:28 PM, Error: Service Control Manager [7000] - The UPnP Device Host service failed to start due to the following error: The service did not start due to a logon failure.
8/27/2011 4:37:28 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1069" attempting to start the service upnphost with arguments "" in order to run the server: {204810B9-73B2-11D4-BF42-00B0D0118B56}
8/26/2011 10:02:05 PM, Error: cdrom [11] - The driver detected a controller error on \Device\CdRom0.
.
==== End Of File ===========================

0

Sorry coz in the program it says i should zip it or attach then post in the forum

0

You have Spybot TeaTimer running. Turn it off and leave it off. If is known to stop or interfere with any changes made by other legal programs, even those the users makes himself.

To do this do the following:

* Run Spybot-S&D in Advanced Mode
* If it is not already set to do this, go to the Mode menu
select
Advanced Mode
* On the left hand side, click on Tools
* Then click on the Resident icon in the list
* Uncheck
Resident TeaTimer
and OK any prompts.
* Restart your computer

Also please turn off Windows Defender, it can do the same thing and honestly, this program really isn't worth much.
o turn off Windows Defender do this:
1.Run Windows Defender from Start Menu.
2.Click on Tools button.
3.Then click on Options link under “Tools and Settings” section.
4.Scroll down the “Options” page, and uncheck the check boxes of the following two settings:
Use real-time protection (recommended) under “Real-time protection options”
Use Windows Defender under “Administrator options”
*Note that both options MUST be unchecked for the Windows Defender service to be completely stopped. Else, only real-time protection is disabled.
5.Click on Save button.
6.A “Windows Defender is turned off” dialog message will appear, confirming that Windows Defender no longer runs.

* Restart your computer after doing both of the above.

Edited by jholland1964: n/a

0

Sorry coz in the program it says i should zip it or attach then post in the forum

BUT OUR instructions there ALSO say

"• Copy&Paste both the DDS.txt and the DDS Attach.txt into your post for assistance.

please be sure to submit (Copy & Paste, not as an attachment unless requested)"
and an attachment was clearly NOT requested.

0

Done sir...will this stop my pc making autorun.inf? Whats next please,so sorry for the inconvenience. Really appreciate the help.

0

I still don't believe that this autorun.inf pop up you keep getting from Avira is truly Avira doing it's job.
I honestly don't understand when you say you keep deleting it but it comes back. What exactly are you deleting?
External drives and USB devices usually have an Auto Play feature, meaning when you plug them in they will automatically play or run. Avira is stopping this for your safety. It will NOT stop the drive from working or the USB device from working, it will just stop it from auto running. You CAN run whatever it is manually.
Autorun.inf itself is a simple text based configuration file that tells the OS which executable to start, which icon to use, and which additional menu commands to make available.

0

Thanks for the reply. I kept on deleting "autorun.inf" file in my G: n F: drives which are external HD that i never unplug. Every time i plug or unplug a usb device whether its a flash stick, game pad controller or any USB device avira shows a pop up that it blocks an "autorun.inf" from those drives which are plugged the whole time and not from the newly plugged one. Then when i go to the drive folder the " autorun.inf" file is there again.

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.