loxim

Ive been having problems trying to open spybot, malwarebytes, avg etc. and unable to do so. An error pops up saying a problem has caused them to close. Im highly suspicious of a virus or something causing this. Ive also been having many popups happening throughout the day, and my pc has been slowing down. Any help would be great thanks.


DDS (Ver_09-07-30.01) - NTFSx86
Run by Jordan at 16:03:11.41 on Sun 08/16/2009
Internet Explorer: 7.0.6001.18000 BrowserJavaVersion: 1.6.0_05
Microsoft® Windows Vista™ Home Basic 6.0.6001.1.1252.1.1033.18.3582.2694 [GMT -5:00]

SP: Spybot - Search and Destroy *disabled* (Outdated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\temp\257604372.tmp
C:\Windows\Explorer.EXE
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchFilterHost.exe
C:\New Downloads\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = *.local
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~2\office12\GRA8E1~1.DLL
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_05\bin\ssv.dll
BHO: {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - No File
TB: {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - No File
TB: {A26503FE-B3B8-4910-A9DC-9CBD25C6B8D6} - No File
EB: {2AA2FBF8-9C76-4E97-A226-25C5F4AB6358} - No File
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
uRun: [Steam] "c:\program files\steam\steam.exe" -silent
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_05\bin\ssv.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} - hxxp://www.creative.com/softwareupdate/su/ocx/15101/CTSUEng.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
TCP: NameServer = 85.255.112.174,85.255.112.71
TCP: {26833AE2-E5A3-4C4B-814A-0BDE739E0EB6} = 85.255.112.174,85.255.112.71
TCP: {5D82DA8F-124F-4B5B-A5ED-289BC234A2C4} = 85.255.112.174,85.255.112.71
TCP: {B5BCA5FB-EB09-4827-B9DE-24312D15EA4E} = 85.255.112.174,85.255.112.71
TCP: {E87F50A7-EA4A-4E95-96A0-265AD47B3E04} = 85.255.112.174,85.255.112.71
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\progra~1\micros~2\office12\GR99D3~1.DLL
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~2\office12\GRA8E1~1.DLL

================= FIREFOX ===================

FF - ProfilePath - c:\users\jordan\appdata\roaming\mozilla\firefox\profiles\ow10c716.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com
FF - plugin: c:\program files\mozilla firefox\plugins\npViewpoint.dll
FF - plugin: c:\program files\viewpoint\viewpoint media player\npViewpoint.dll
FF - plugin: c:\users\jordan\appdata\roaming\mozilla\firefox\profiles\ow10c716.default\extensions\moveplayer@movenetworks.com\platform\winnt_x86-msvc\plugins\npmnqmp071303000006.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}

============= SERVICES / DRIVERS ===============

R3 netr28u;RT2870 USB Wireless LAN Card Driver for Vista;c:\windows\system32\drivers\netr28u.sys [2007-8-16 552448]
S1 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwd6x.sys [2009-8-16 23832]
S4 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2008-1-25 600912]
S4 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2008-4-17 24652]

=============== Created Last 30 ================

2009-08-16 15:52 38,160 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-08-16 15:52 <DIR> --d----- c:\programdata\Malwarebytes
2009-08-16 15:52 <DIR> --d----- c:\progra~2\Malwarebytes
2009-08-16 15:52 19,096 a------- c:\windows\system32\drivers\mbam.sys
2009-08-16 15:52 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
2009-08-16 15:21 23,832 a------- c:\windows\system32\drivers\avgfwd6x.sys
2009-08-13 23:35 <DIR> --d----- c:\windows\system32\URTTEMP
2009-08-13 23:34 22,328 a------- c:\windows\system32\drivers\PnkBstrK.sys
2009-08-13 23:34 22,328 a------- c:\users\jordan\appdata\roaming\PnkBstrK.sys
2009-08-13 23:34 103,736 a------- c:\windows\system32\PnkBstrB.exe
2009-08-13 23:33 669,184 a------- c:\windows\system32\pbsvc.exe
2009-08-13 23:33 66,872 a------- c:\windows\system32\PnkBstrA.exe
2009-08-13 23:33 <DIR> --d----- c:\programdata\Media Center Programs
2009-08-13 23:33 <DIR> --d----- c:\progra~2\Media Center Programs
2009-08-12 13:45 25,280 a------- c:\windows\system32\drivers\hamachi.sys
2009-08-12 13:45 <DIR> --d----- c:\program files\Hamachi
2009-08-11 16:54 <DIR> --d----- c:\program files\Atari
2009-08-07 11:10 <DIR> --d----- c:\programdata\Digsby
2009-08-07 11:10 <DIR> --d----- c:\progra~2\Digsby
2009-08-06 01:03 <DIR> --d----- c:\program files\Steam
2009-08-03 18:12 <DIR> --d----- c:\users\jordan\appdata\roaming\Digsby
2009-08-03 18:12 <DIR> --d----- c:\program files\Digsby
2009-08-03 12:31 <DIR> --d----- c:\program files\Cryptic Studios
2009-08-02 21:44 <DIR> -cd-h--- c:\programdata\{148D8B8A-8F96-4822-81EC-D510B626B7D5}
2009-08-02 21:44 <DIR> -cd-h--- c:\progra~2\{148D8B8A-8F96-4822-81EC-D510B626B7D5}
2009-08-02 21:44 <DIR> --d----- c:\program files\Uniblue DriverScanner 2009
2009-08-02 21:35 <DIR> -cd-h--- c:\programdata\{DC840DBC-2CB0-4FEA-98ED-F4E3BD2970C7}
2009-08-02 21:35 <DIR> -cd-h--- c:\progra~2\{DC840DBC-2CB0-4FEA-98ED-F4E3BD2970C7}
2009-08-02 21:35 <DIR> -cd-h--- c:\programdata\{E18C8A94-0667-4A02-B59B-9CB3A8F22628}
2009-08-02 21:35 <DIR> -cd-h--- c:\progra~2\{E18C8A94-0667-4A02-B59B-9CB3A8F22628}
2009-08-02 21:35 <DIR> --d----- c:\programdata\DriverScanner
2009-08-02 21:35 <DIR> --d----- c:\progra~2\DriverScanner
2009-08-02 21:23 <DIR> --d----- c:\users\jordan\appdata\roaming\uniblue
2009-08-02 21:22 <DIR> --d----- c:\program files\Uniblue
2009-08-02 20:59 97,800 a------- c:\windows\system32\infocardapi.dll
2009-08-02 20:59 622,080 a------- c:\windows\system32\icardagt.exe
2009-08-02 20:59 105,016 a------- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-08-02 20:59 43,544 a------- c:\windows\system32\PresentationHostProxy.dll
2009-08-02 20:59 37,384 a------- c:\windows\system32\infocardcpl.cpl
2009-08-02 20:59 11,264 a------- c:\windows\system32\icardres.dll
2009-08-02 20:59 781,344 a------- c:\windows\system32\PresentationNative_v0300.dll
2009-08-02 20:59 326,160 a------- c:\windows\system32\PresentationHost.exe
2009-08-02 20:52 96,760 a------- c:\windows\system32\dfshim.dll
2009-08-02 20:52 282,112 a------- c:\windows\system32\mscoree.dll
2009-08-02 20:52 41,984 a------- c:\windows\system32\netfxperf.dll
2009-08-02 20:52 158,720 a------- c:\windows\system32\mscorier.dll
2009-08-02 20:52 83,968 a------- c:\windows\system32\mscories.dll
2009-08-02 20:50 <DIR> --d-hr-- C:\AHCache
2009-07-27 17:09 <DIR> --d----- c:\program files\Belkin
2009-07-27 17:07 <DIR> --d----- c:\windows\{16D3778B-2A5E-481D-B7DC-FA4A68496C97}
2009-07-17 22:35 285 a------- c:\windows\STONEHDS.INI

==================== Find3M ====================

2009-08-16 15:48 86,016 a------- c:\windows\inf\infstor.dat
2009-08-16 15:48 51,200 a------- c:\windows\inf\infpub.dat
2009-08-16 15:48 86,016 a------- c:\windows\inf\infstrng.dat
2009-07-18 11:06 827,904 a------- c:\windows\system32\wininet.dll
2009-07-18 11:01 78,336 a------- c:\windows\system32\ieencode.dll
2009-07-18 04:46 26,624 a------- c:\windows\system32\ieUnatt.exe
2009-07-11 14:55 279,712 a------- c:\windows\system32\drivers\atksgt.sys
2009-07-11 14:55 25,888 a------- c:\windows\system32\drivers\lirsgt.sys
2009-06-15 10:24 156,672 a------- c:\windows\system32\t2embed.dll
2009-06-15 10:20 72,704 a------- c:\windows\system32\fontsub.dll
2009-06-15 10:20 10,240 a------- c:\windows\system32\dciman32.dll
2009-06-15 07:52 289,792 a------- c:\windows\system32\atmfd.dll
2008-06-11 03:07 665,600 a------- c:\windows\inf\drvindex.dat
2008-05-15 11:52 174 a--sh--- c:\program files\desktop.ini
2008-05-01 09:28 878 a------- c:\users\jordan\appdata\roaming\wklnhst.dat
2006-11-02 07:39 287,440 a------- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 07:39 287,440 a------- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 07:39 30,674 a------- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 07:39 30,674 a------- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 04:20 287,440 a------- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 04:20 287,440 a------- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 04:20 30,674 a------- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 04:20 30,674 a------- c:\windows\inf\perflib\0000\perfc.dat

============= FINISH: 16:03:29.65 ===============

Attached Files

Attach.txt (3.5 KB, 0 views)

sUBs

Your logs are incomplete. Where's the GMER log?

loxim

Here you go. attachment.

Attached Files

gmer.txt (21.4 KB, 6 views)

sUBs

Please visit this webpage for instructions for downloading and running ComboFix:

http://www.bleepingcomputer.com/comb...o-use-combofix

Post the log from ComboFix when you've accomplished that.