Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

help with hijacklog file


  • This topic is locked This topic is locked
19 replies to this topic

#1 denschwindt

denschwindt

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:12:31 PM

Posted 15 December 2008 - 01:57 AM

hello, i'm dennis and i am new to this sight. i need help with a hijack this log. i have multiple trojans, hijakers and adware in registry. my anti virus removes them and they come back. i also cannot d\l from windows update at all code is 80070490. i think the problems are related can someone please help me with this problem. thanx, dennis........


info.txt logfile of random's system information tool 1.04 2008-12-15 00:32:30

======Uninstall list======

-->"C:\Program Files\eMachines Games\eMachines Game Console\Uninstall.exe"
-->C:\Program Files\Nero\Nero8\\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\Windows\NuNInst.exe /UNINSTALL
-->C:\Windows\UNNeroBackItUp.exe /UNINSTALL
-->C:\Windows\UNNeroMediaHome.exe /UNINSTALL
-->C:\Windows\UNNeroShowTime.exe /UNINSTALL
-->C:\Windows\UNNeroVision.exe /UNINSTALL
-->C:\Windows\UNRecode.exe /UNINSTALL
Acoustica Mixcraft-->C:\PROGRA~1\ACOUST~1\UNWISE.EXE C:\PROGRA~1\ACOUST~1\INSTALL.LOG
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
Adobe Flash Player 9 ActiveX-->C:\Windows\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
Adobe Flash Player ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 8.1.2-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
Agere Systems PCI-SV92PP Soft Modem-->agrsmdel
AOL Uninstaller (Choose which Products to Remove)-->C:\Program Files\Common Files\AOL\uninstaller.exe
AVG 8.0-->C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
DFX for Winamp-->"C:\Program Files\Winamp\uninstall_dfx.exe"
Digital Media Reader-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{BE2CC4A5-2128-4EA2-941D-14F7A6A1AB61} /l1033
Easy Video Joiner 5.21-->"C:\Program Files\Easy Video Joiner\unins000.exe"
Easy Video Splitter 1.28-->"C:\Program Files\Easy Video Splitter\unins000.exe"
eMachines Games-->"C:\Program Files\eMachines Games\Uninstall.exe"
eMachines Recovery Center Installer-->MsiExec.exe /X{7F3BCF8A-8E02-4659-AF25-F9AB66BD6718}
eMule-->"C:\Program Files\eMule\Uninstall.exe"
eMulev0.49a.-MorphXTv11.0-->"C:\Program Files\eMule\unins000.exe"
ffdshow [rev 1723] [2007-12-24]-->"C:\Program Files\ffdshow\unins000.exe"
GGE909 PC Recoil Pad-->C:\PROGRA~1\GAMEEL~1\GGE909~1\UNWISE.EXE C:\PROGRA~1\GAMEEL~1\GGE909~1\INSTALL.LOG
Google Desktop-->C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_11CB06797F2F038A.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
Google Updater-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
Graboid Video 1.3-->C:\Program Files\Graboid\uninst.exe
GTA San Andreas-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}\setup.exe" -l0x9 -removeonly
Guitar Pro 4-->MsiExec.exe /X{54A2CFDE-DC70-46E0-92AC-DC88F6303D39}
HBO on Broadband-->MsiExec.exe /X{CD41450A-587C-486C-8DD6-AAD35835FCF8}
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
iolo technologies' System Mechanic Professional 7-->"C:\Program Files\iolo\System Mechanic Professional 7\unins000.exe"
Ipswitch WS_FTP Professional 2007-->C:\Program Files\InstallShield Installation Information\{AD88355B-A4E0-4DA1-BAC3-EA4FEA930691}\setup.exe -runfromtemp -l0x0009 -removeonly
Java™ SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Works-->MsiExec.exe /I{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}
Microsoft WSE 2.0 SP3 Runtime-->MsiExec.exe /X{F3CA9611-CD42-4562-ADAB-A554CF8E17F1}
Midnight Club 2-->MsiExec.exe /I{F0211FD4-AA98-4B38-A714-36B9DA9B703B}
Move Networks Media Player for Internet Explorer-->C:\Users\dennis\AppData\Roaming\Move Networks\ie_bin\Uninst.exe
Movielink Manager-->C:\Program Files\Movielink\MovielinkManager\Movielink Util.exe /uninstall
Mozilla ActiveX Control v1.7.12-->C:\Program Files\Mozilla ActiveX Control v1.7.12\uninst.exe
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
Need for Speed™ Carbon-->C:\Program Files\Electronic Arts\Need for Speed Carbon\EAUninstall.exe
Need for Speed™ ProStreet-->MsiExec.exe /X{CC419DDC-E0F0-4013-B25A-6FA036516F0D}
Nero 8-->MsiExec.exe /X{D6C9AF27-9414-46C8-B9D8-D878BA041033}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
Netflix Movie Viewer-->MsiExec.exe /X{BCE72AED-3332-4863-9567-C5DCB9052CA2}
NETGEAR WG111v2 wireless USB 2.0 adapter-->C:\Program Files\InstallShield Installation Information\{4102037D-E8E0-48E0-B203-E521D194FB71}\setup.exe -runfromtemp -l0x0009 -removeonly
Netscape Navigator (9.0.0.6)-->C:\Program Files\Netscape\Navigator 9\uninstall\helper.exe
NVIDIA Drivers-->C:\Windows\system32\NVUNINST.EXE UninstallGUI
Power2Go 5.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" -uninstall
QuickTime-->C:\Windows\unvise32qt.exe C:\Windows\system32\QuickTime\Uninstall.log
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m
RTC Client API v1.2-->MsiExec.exe /X{44CDBD1B-89FB-4E02-8319-2A4C550F664A}
Spare Backup-->MsiExec.exe /X{A57C6094-FC5A-4DEC-B1E0-1B2F48EEE8F4}
SRS Audio Sandbox-->MsiExec.exe /X{00029EB7-E72E-4E78-88A5-D0BB7D917433}
System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe
VCRedistSetup-->MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
VideoLAN VLC media player 0.8.6d-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Viewpoint Media Player-->C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
Winamp Toolbar for Firefox-->"\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\uninstall.exe"
Winamp-->"C:\Program Files\Winamp\UninstWA.exe"
WinAVI Video Converter 9.0-->"C:\Windows\WinAVI Video Converter 9.0\uninstall.exe" "/U:C:\Program Files\WinAVI Video Converter 9.0\Uninstall\uninstall.xml"
WinImage-->"C:\Program Files\WinImage\winimage.exe" /uninstall
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
WinZip 11.2-->MsiExec.exe /X{CD95F661-A5C4-44F5-A6AA-ECDD91C240B6}
Xilisoft DVD Ripper Platinum 5-->C:\Program Files\Xilisoft\DVD Ripper Platinum 5\Uninstall.exe
Zune Language Pack (ES)-->MsiExec.exe /X{EE4ACABF-531E-419A-9225-B8E0FA4955AF}
Zune Language Pack (FR)-->MsiExec.exe /X{0076E1AC-9E7B-4B9F-A62A-4CC9511AD8E3}
Zune-->C:\Program Files\Zune\ZuneSetup.exe /x
Zune-->MsiExec.exe /X{FF70513F-E3A7-402F-84FB-B7810A064BE2}

======Hosts File======

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com

======Security center information======

AV: AVG Anti-Virus
AS: AVG Anti-Virus (disabled)
AS: Windows Defender
AS: SUPERAntiSpyware

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 107 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=6b02
"NUMBER_OF_PROCESSORS"=2

-----------------EOF-----------------
log file...........................................................................................................................................


Logfile of random's system information tool 1.04 (written by random/random)
Run by dennis at 2008-12-15 00:31:46
Microsoft® Windows Vista™ Home Premium Service Pack 1
System drive C: has 55 GB (15%) free of 371 GB
Total RAM: 1919 MB (52% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:32:24 AM, on 12/15/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Program Files\Zune\ZuneLauncher.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\NETGEAR\WG111v2\WG111v2.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\iolo\System Mechanic Professional 7\SMSystemAnalyzer.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\iolo\System Mechanic Professional 7\SMTrayNotify.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\AVG\AVG8\avgscanx.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Users\dennis\Desktop\New Folder\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\dennis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.com/g/startpage.html?Ch...DTP&M=T5246
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.com/g/startpage.html?Ch...DTP&M=T5246
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.gateway.com/g/sidepanel.html?Ch...DTP&M=T5246
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Road Runner High Speed Online
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: AVGTOOLBAR - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O3 - Toolbar: AVGTOOLBAR - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL (file missing)
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [Zune Launcher] "C:\Program Files\Zune\ZuneLauncher.exe"
O4 - HKLM\..\Run: [iolo Startup] "C:\Program Files\iolo\Common\Lib\ioloLManager.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: NETGEAR WG111v2 Smart Wizard..lnk = C:\Program Files\Common Files\VistaRunApp.exe
O4 - Global Startup: NETGEAR WG111v2 Smart Wizard.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - http://activation.rr.com/install/downloads/tgctlcm.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownlo.../sysreqlab3.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{CB36428F-4FC0-4030-8CD2-A44E23EA2DFA}: NameServer = 192.168.1.1
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL,avgrsstx.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\eMachines Games\eMachines Game Console\GameConsoleService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iolo FileInfoList Service (ioloFileInfoList) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe
O23 - Service: iolo System Service (ioloSystemService) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe
O23 - Service: Movielink Core Service - Movielink LLC - C:\PROGRA~1\MOVIEL~1\MOVIEL~1\MOVIEL~2.EXE
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: OrbMediaService - Unknown owner - C:\Program Files\Winamp Remote\bin\OrbMediaService.exe (file missing)
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe

--
End of file - 8230 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Uniblue SpeedUpMyPC Nag.job
C:\Windows\tasks\Uniblue SpeedUpMyPC.job
C:\Windows\tasks\Uniblue SpyEraser.job
C:\Windows\tasks\User_Feed_Synchronization-{8C8C3F69-80C8-437E-95B6-A717AF793437}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2008-12-13 419096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll [2007-03-14 501400]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}]
AVGTOOLBAR - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2008-11-26 251504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll [2008-11-29 657904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll [2008-11-26 522224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}
{A057A204-BACC-4D26-9990-79A187E2698E} - AVGTOOLBAR - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL []
SITEguard
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2008-11-26 251504]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-09-19 4702208]
"NvSvc"=C:\Windows\system32\nvsvc.dll [2007-09-12 86016]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2007-09-12 8497696]
"Skytel"=C:\Windows\Skytel.exe [2007-08-03 1826816]
"NBKeyScan"=C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2008-06-08 2221352]
"Zune Launcher"=C:\Program Files\Zune\ZuneLauncher.exe [2008-11-10 157312]
"iolo Startup"=C:\Program Files\iolo\Common\Lib\ioloLManager.exe [2008-05-06 307568]
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2008-12-13 1171712]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SMRequiresRestart"= []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-10-17 39408]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe [2008-06-24 132392]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
NETGEAR WG111v2 Smart Wizard..lnk - C:\Program Files\Common Files\VistaRunApp.exe
NETGEAR WG111v2 Smart Wizard.lnk - C:\Program Files\NETGEAR\WG111v2\WG111v2.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL,avgrsstx.dll"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=149
"_NoDriveTypeAutoRun"=149

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\PPMate\ppmate.exe"="C:\Program Files\PPMate\ppmate.exe:*:Enabled:PPMate"
"C:\Program Files\PPMate\ppmnet.exe"="C:\Program Files\PPMate\ppmnet.exe:*:Enabled:PPMate"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - open - NOTEPAD.EXE %1
.reg - open - NOTEPAD.EXE %1
.scr - open - NOTEPAD.EXE %1
.vbs - open - NOTEPAD.EXE %1

======List of files/folders created in the last 1 months======

2008-12-15 00:31:46 ----D---- C:\rsit
2008-12-14 13:30:18 ----D---- C:\Program Files\Trend Micro
2008-12-13 16:19:29 ----HD---- C:\$AVG8.VAULT$
2008-12-13 14:55:08 ----D---- C:\Program Files\AVG(0)
2008-12-10 06:39:13 ----A---- C:\Windows\system32\dfxg11.dll
2008-12-10 06:36:50 ----D---- C:\Program Files\DFX
2008-12-06 13:58:49 ----D---- C:\Users\dennis\AppData\Roaming\Winamp
2008-12-06 01:23:01 ----D---- C:\Program Files\HBO
2008-12-05 13:20:10 ----D---- C:\Program Files\Graboid
2008-12-05 02:43:17 ----D---- C:\Program Files\JlgSolera
2008-12-05 02:40:25 ----D---- C:\Program Files\GuitarFX 3
2008-12-04 14:48:33 ----D---- C:\Program Files\Softonic_English
2008-12-04 14:48:04 ----D---- C:\Users\dennis\AppData\Roaming\vlc(32)
2008-12-03 01:10:19 ----A---- C:\Windows\system32\ssleay32.dll
2008-12-03 01:10:19 ----A---- C:\Windows\system32\libeay32.dll
2008-12-03 01:10:08 ----D---- C:\Program Files\iolo
2008-11-30 23:58:53 ----D---- C:\Program Files\Zune
2008-11-30 14:49:57 ----D---- C:\Program Files\Xilisoft
2008-11-30 00:36:32 ----D---- C:\Program Files\Common Files\Nero
2008-11-29 22:05:46 ----D---- C:\Program Files\WinAVI Video Converter 9.0
2008-11-29 17:05:54 ----A---- C:\Windows\NeroDigital.ini
2008-11-29 15:37:42 ----D---- C:\Users\dennis\AppData\Roaming\Nero
2008-11-28 17:12:20 ----D---- C:\Program Files\Guitar FX BOX 2.7
2008-11-28 04:24:51 ----D---- C:\Program Files\NETGEAR
2008-11-28 04:06:59 ----A---- C:\Windows\system32\WinService.exe
2008-11-28 04:06:59 ----A---- C:\Windows\system32\SCMLib.dll
2008-11-28 01:19:56 ----D---- C:\Program Files\fr-FR
2008-11-28 01:19:55 ----D---- C:\Program Files\es-ES
2008-11-28 01:18:14 ----D---- C:\Program Files\Network Sharing
2008-11-28 01:18:08 ----D---- C:\Program Files\en-US
2008-11-28 01:17:00 ----D---- C:\Windows\PCHEALTH
2008-11-27 08:28:40 ----N---- C:\Windows\system32\avgrsstx.dll.install_backup
2008-11-27 08:28:40 ----A---- C:\Windows\system32\avgrsstx.dll
2008-11-27 07:51:12 ----D---- C:\Program Files\AVG(19)
2008-11-26 01:00:11 ----D---- C:\Windows\nvtmpinst
2008-11-25 00:39:34 ----D---- C:\Program Files\Lavasoft
2008-11-25 00:39:33 ----D---- C:\ProgramData\Lavasoft
2008-11-25 00:38:36 ----D---- C:\Windows\DED53B0BB67C4244AE6AD6FD3C28D1EF.TMP
2008-11-23 11:31:48 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2008-11-23 11:13:30 ----A---- C:\Windows\system32\wups2.dll
2008-11-23 11:13:30 ----A---- C:\Windows\system32\wucltux.dll
2008-11-23 11:13:30 ----A---- C:\Windows\system32\wuaueng.dll
2008-11-23 11:13:30 ----A---- C:\Windows\system32\wuauclt.exe
2008-11-23 11:13:05 ----A---- C:\Windows\system32\wups.dll
2008-11-23 11:13:05 ----A---- C:\Windows\system32\wudriver.dll
2008-11-23 11:13:05 ----A---- C:\Windows\system32\wuapi.dll
2008-11-23 11:12:54 ----A---- C:\Windows\system32\wuwebv.dll
2008-11-23 11:12:54 ----A---- C:\Windows\system32\wuapp.exe
2008-11-22 15:46:11 ----A---- C:\EventLOG.txt
2008-11-21 13:50:47 ----D---- C:\Program Files\Blaze Media Pro
2008-11-21 13:08:16 ----D---- C:\Users\dennis\AppData\Roaming\Syntrillium
2008-11-20 15:55:39 ----D---- C:\Users\dennis\AppData\Roaming\GetRightToGo
2008-11-19 14:15:05 ----D---- C:\Program Files\Adobe Media Player
2008-11-19 14:15:03 ----D---- C:\Program Files\Common Files\Adobe AIR
2008-11-18 17:50:18 ----D---- C:\ProgramData\SUPERAntiSpyware.com
2008-11-18 17:49:33 ----D---- C:\Users\dennis\AppData\Roaming\SUPERAntiSpyware.com
2008-11-18 17:49:33 ----D---- C:\Program Files\SUPERAntiSpyware
2008-11-16 15:43:00 ----D---- C:\Users\dennis\AppData\Roaming\Winamp(110)
2008-11-16 15:43:00 ----D---- C:\Program Files\Winamp(21)

======List of files/folders modified in the last 1 months======

2008-12-15 00:32:24 ----D---- C:\Windows\Temp
2008-12-15 00:00:16 ----SHD---- C:\System Volume Information
2008-12-14 21:46:57 ----D---- C:\Windows\Prefetch
2008-12-14 13:30:18 ----RD---- C:\Program Files
2008-12-13 18:23:49 ----D---- C:\Windows\system32\drivers
2008-12-13 18:23:25 ----D---- C:\Windows\System32
2008-12-13 18:23:23 ----D---- C:\ProgramData\avg8
2008-12-13 18:22:37 ----SD---- C:\Users\dennis\AppData\Roaming\Microsoft
2008-12-13 18:22:36 ----D---- C:\Windows
2008-12-13 18:22:34 ----HD---- C:\ProgramData
2008-12-13 18:19:27 ----D---- C:\Windows\system32\catroot2
2008-12-13 18:16:01 ----D---- C:\Windows\winsxs
2008-12-13 18:16:01 ----D---- C:\Windows\system32\Msdtc
2008-12-13 18:15:53 ----D---- C:\Windows\system32\wbem
2008-12-13 18:14:57 ----D---- C:\Windows\system32\config
2008-12-13 18:14:31 ----D---- C:\Windows\Tasks
2008-12-13 18:14:31 ----D---- C:\Windows\system32\spool
2008-12-13 18:14:31 ----D---- C:\Windows\system32\CodeIntegrity
2008-12-13 18:14:29 ----SHD---- C:\Windows\Installer
2008-12-13 18:14:29 ----HD---- C:\Windows\inf
2008-12-13 18:14:29 ----D---- C:\Users\dennis\AppData\Roaming\uTorrent
2008-12-13 18:14:27 ----D---- C:\Program Files\bearshare
2008-12-13 18:14:27 ----D---- C:\Program Files\AVG
2008-12-13 18:14:21 ----D---- C:\Windows\registration
2008-12-13 13:02:13 ----SD---- C:\Windows\Downloaded Program Files
2008-12-12 22:59:13 ----D---- C:\Windows\Microsoft.NET
2008-12-12 22:58:56 ----RSD---- C:\Windows\assembly
2008-12-12 22:50:43 ----D---- C:\Windows\system32\catroot
2008-12-12 00:55:47 ----D---- C:\My Downloads
2008-12-10 06:36:47 ----D---- C:\Program Files\Winamp
2008-12-10 03:35:02 ----D---- C:\Program Files\Windows Media Player
2008-12-09 16:10:12 ----A---- C:\Windows\system32\pthreadGC2.dll
2008-12-06 11:31:55 ----D---- C:\Program Files\Mozilla ActiveX Control v1.7.12
2008-12-06 01:39:03 ----D---- C:\Users\dennis\AppData\Roaming\vlc
2008-12-05 18:59:41 ----D---- C:\Program Files\Windows Defender
2008-12-04 14:48:34 ----D---- C:\Program Files\Conduit
2008-12-03 07:37:48 ----D---- C:\Windows\Minidump
2008-12-03 01:11:18 ----D---- C:\ProgramData\iolo
2008-11-30 00:40:33 ----A---- C:\Windows\system32\MsiExec.exe.log
2008-11-30 00:36:32 ----D---- C:\ProgramData\Nero
2008-11-30 00:36:32 ----D---- C:\Program Files\Common Files
2008-11-29 22:05:53 ----A---- C:\Windows\WinAVI Video Converter 9.0 Setup Log.txt
2008-11-29 22:05:25 ----D---- C:\Program Files\WinAVI Video Converter
2008-11-29 22:05:19 ----A---- C:\Windows\WinAVI Video Converter 9.0 Uninstall Log.txt
2008-11-29 21:41:21 ----D---- C:\Boot
2008-11-29 15:51:35 ----HD---- C:\TEMP
2008-11-29 15:47:47 ----D---- C:\Windows\SMINST
2008-11-29 15:07:08 ----D---- C:\Users\dennis\AppData\Roaming\Spare Backup
2008-11-29 14:59:29 ----A---- C:\Windows\system32\regsvr32.exe.log
2008-11-28 10:07:58 ----D---- C:\Program Files\Common Files\microsoft shared
2008-11-28 05:42:49 ----A---- C:\Windows\system32\PerfStringBackup.INI
2008-11-28 04:46:09 ----D---- C:\Windows\ehome
2008-11-28 04:23:58 ----HD---- C:\Program Files\InstallShield Installation Information
2008-11-28 04:01:59 ----D---- C:\ProgramData\NVIDIA
2008-11-28 01:18:09 ----SD---- C:\ProgramData\Microsoft
2008-11-27 08:00:58 ----HD---- C:\Windows\system32\GroupPolicy
2008-11-27 08:00:58 ----D---- C:\Windows\system32\Tasks
2008-11-27 08:00:55 ----D---- C:\Users\dennis\AppData\Roaming\iolo
2008-11-27 08:00:54 ----D---- C:\Program Files\eMule
2008-11-27 08:00:53 ----D---- C:\Program Files\Acoustica Mixcraft
2008-11-26 00:02:48 ----D---- C:\Program Files\Google
2008-11-25 02:31:42 ----D---- C:\Windows\system32\LogFiles
2008-11-24 19:55:20 ----D---- C:\Program Files\Windows Mail
2008-11-24 19:55:16 ----D---- C:\Program Files\Morpheus Ultra
2008-11-24 00:35:03 ----D---- C:\Users\dennis\AppData\Roaming\BSplayer Pro
2008-11-23 11:56:21 ----D---- C:\Windows\rescache
2008-11-23 11:19:07 ----D---- C:\Windows\system32\en-US
2008-11-22 13:49:14 ----D---- C:\Program Files\Snocap
2008-11-22 12:04:08 ----RSD---- C:\Windows\Fonts
2008-11-22 12:01:25 ----D---- C:\Program Files\Internet Explorer
2008-11-22 12:01:19 ----D---- C:\ProgramData\Microsoft Help
2008-11-22 12:01:18 ----D---- C:\Program Files\Microsoft Works
2008-11-22 11:45:35 ----D---- C:\Users\dennis\AppData\Roaming\Morpheus
2008-11-21 13:48:01 ----D---- C:\Program Files\Microsoft Office
2008-11-21 13:47:20 ----D---- C:\Users\dennis\AppData\Roaming\Winamp(138)
2008-11-21 13:46:19 ----D---- C:\Windows\ShellNew
2008-11-20 15:47:06 ----D---- C:\Program Files\MSECACHE
2008-11-19 16:44:10 ----D---- C:\Windows\system32\Macromed
2008-11-19 14:15:12 ----D---- C:\Users\dennis\AppData\Roaming\Adobe
2008-11-19 14:14:45 ----D---- C:\ProgramData\Adobe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AvgLdx86;AVG AVI Loader Driver x86; C:\Windows\System32\Drivers\avgldx86.sys [2008-12-13 96520]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\Windows\System32\Drivers\avgmfx86.sys [2008-12-13 26184]
R1 ElRawDisk;ElRawDisk; \??\C:\Windows\system32\drivers\elrawdsk.sys [2007-09-20 12800]
R1 FileDisk;FileDisk; C:\Windows\system32\drivers\FileDisk.sys [2006-07-24 9341]
R2 LMIRfsDriver;LogMeIn Remote File System Driver; \??\C:\Windows\system32\drivers\LMIRfsDriver.sys [2007-08-03 46112]
R2 RMCAST;RMCAST (Pgm) Protocol Driver; C:\Windows\system32\DRIVERS\RMCAST.sys [2008-05-09 113664]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2008-03-21 1203776]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-09-19 1959832]
R3 lmimirr;lmimirr; C:\Windows\system32\DRIVERS\lmimirr.sys [2007-08-03 10144]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2007-11-18 1040544]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2007-09-12 7623968]
R3 Pcouffin;Low level access layer for CD devices; C:\Windows\System32\Drivers\Pcouffin.sys [2008-03-19 31680]
R3 RTL8187;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter Vista Driver; C:\Windows\system32\DRIVERS\wg111v2.sys [2007-02-09 213216]
R3 SRS_SSCFilter;SRS Labs Audio Sandbox (WDM); C:\Windows\system32\drivers\srs_sscfilter_i386.sys [2007-07-26 39808]
R3 wanatw;WAN Miniport (ATW); C:\Windows\system32\DRIVERS\wanatw4.sys [2006-11-29 33588]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-18 83328]
S2 LMIInfo;LogMeIn Kernel Information Provider; \??\C:\Program Files\LogMeIn\x86\RaInfo.sys []
S3 ac97intc;Intel® 82801 Audio Driver Install Service (WDM); C:\Windows\system32\drivers\ac97intc.sys [2006-11-02 108032]
S3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver; C:\Windows\system32\DRIVERS\bcm4sbxp.sys [2006-11-02 45056]
S3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys [2006-11-02 14208]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-18 5632]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 ialm;ialm; C:\Windows\system32\DRIVERS\ialmnt5.sys [2006-11-02 1302492]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-18 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-18 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-18 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-18 6016]
S3 NCHSSVAD;SoundTap Recorder; C:\Windows\system32\drivers\nchssvad.sys [2008-09-06 27136]
S3 NETw2v32;Intel® PRO/Wireless 2200BG Network Connection Driver for Windows Vista; C:\Windows\system32\DRIVERS\NETw2v32.sys [2006-11-02 2589184]
S3 SymIM;Symantec Network Security Intermediate Filter Service; C:\Windows\system32\DRIVERS\SymIM.sys []
S3 SymIMMP;SymIMMP; C:\Windows\system32\DRIVERS\SymIM.sys []
S3 teamviewervpn;TeamViewer VPN Adapter; C:\Windows\system32\DRIVERS\teamviewervpn.sys [2008-01-25 25088]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys []
S3 WinUSB;WinUSB; C:\Windows\system32\DRIVERS\WinUSB.sys [2008-01-18 31616]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-19 39936]
S4 LMIRfsClientNP;LMIRfsClientNP; C:\Windows\system32\drivers\LMIRfsClientNP.sys []
S4 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2006-11-02 82432]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2008-03-18 13312]
R2 AOL ACS;AOL Connectivity Service; C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe [2006-10-23 46640]
R2 avg8emc;AVG8 E-mail Scanner; C:\PROGRA~1\AVG\AVG8\avgemc.exe [2008-12-13 902424]
R2 avg8wd;AVG8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-12-13 282904]
R2 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-11-29 137200]
R2 ioloFileInfoList;iolo FileInfoList Service; C:\Program Files\iolo\common\lib\ioloServiceManager.exe [2008-05-02 566120]
R2 ioloSystemService;iolo System Service; C:\Program Files\iolo\common\lib\ioloServiceManager.exe [2008-05-02 566120]
R2 Movielink Core Service;Movielink Core Service; C:\PROGRA~1\MOVIEL~1\MOVIEL~1\MOVIEL~2.EXE [2008-03-05 1332568]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2008-06-08 877864]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-05-16 118784]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe [2006-12-19 81920]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-06-24 537896]
S2 OrbMediaService;OrbMediaService; C:\Program Files\Winamp Remote\bin\OrbMediaService.exe []
S3 GameConsoleService;GameConsoleService; C:\Program Files\eMachines Games\eMachines Game Console\GameConsoleService.exe [2007-08-29 181800]
S3 ZuneNetworkSvc;Zune Network Sharing Service; C:\Program Files\Zune\ZuneNss.exe [2008-11-10 5117568]
S3 ZuneWlanCfgSvc;Zune Wireless Configuration Service; C:\Windows\system32\ZuneWlanCfgSvc.exe [2008-11-10 243840]
S4 GoogleDesktopManager;GoogleDesktopManager; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe []
S4 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2008-06-11 66872]

-----------------EOF-----------------

Attached Files

  • Attached File  log.txt   27.55KB   28 downloads


BC AdBot (Login to Remove)

 


#2 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 37,011 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:02:31 PM

Posted 23 December 2008 - 08:59 PM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a description of your problem, along with any steps you may have performed so far.

Upon completing the steps below a staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.


Thanks and again sorry for the delay.

We need to see some information about what is happening in your machine. Please perform the following scan:
  • Download DDS by sUBs from one of the following links. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results, click no to the Optional_Scan
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet. Information on A/V control HERE

Orange Blossom :thumbsup:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript

#3 denschwindt

denschwindt
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:12:31 PM

Posted 27 December 2008 - 02:23 AM

here are the results of the dds test. i zipped and attached them like instructed. thancks, dennis........

Attached Files


Edited by denschwindt, 27 December 2008 - 02:28 AM.


#4 denschwindt

denschwindt
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:12:31 PM

Posted 27 December 2008 - 02:29 AM

heres the other file

Attached Files



#5 denschwindt

denschwindt
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:12:31 PM

Posted 27 December 2008 - 02:32 AM

i also removed the p2p software from remove programs and i cant seem to get them off of my computer.

#6 PropagandaPanda

PropagandaPanda


  • Malware Response Team
  • 10,433 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:31 PM

Posted 27 December 2008 - 11:36 PM

Sorry, we seem to have missed your reply. The notification system was down when you replied.

Disable Realtime Protection
Antimalware programs can interfere with ComboFix and other tools we need to run. Please temporarily disable all realtime protections you have enabled. Refer to this page, if you are unsure how.

To disable AVG:
  • Please navigate to the system tray on the bottom right hand corner and look for this Posted Image sign.
  • Right click it-> select Quit Control Center.
  • A warning will pop up, click Yes
Download and Run ComboFix
If you have already run ComboFix, delete your copy and download a new one. If the computer in question is unable to download ComboFix, transfer it using a removable media (CDs, flash drive).

Download Combofix by sUBs from any of the links below, and save it to your desktop.
Link 1, Link 2, Link 3
  • Close/disable all anti-virus and anti-malware programs so they do not interfere with the running of ComboFix. Refer to this page if you are not sure how.
  • Double click on ComboFix.exe and follow the prompts. If you are using Windows Vista, right click the icon and select "Run as Administrator". You will not recieve the prompts below if you are not using Windows XP. ComboFix will check to see if you have the Windows Recovery Console installed.
  • If you did not have it installed, you will see the prompt below. Choose YES.
    Posted ImagePosted Image

  • When the Recovery Console has been installed, you will see the prompt below. Choose YES.
    Posted Image
  • When finished, ComboFix will produce a report for you. Please post the contents of the log (C:\ComboFix.txt).
Leave your computer alone while ComboFix is running. ComboFix will restart your computer if malware is found; allow it to do so.

In your next reply include:
-the ComboFix log
-a new HijackThis or DDS log

Please also tell me of any changes you have made to your computer since you started your topic.

With Regards,
The Panda

#7 denschwindt

denschwindt
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:12:31 PM

Posted 28 December 2008 - 03:44 PM

here are the log files you requested

Attached Files



#8 PropagandaPanda

PropagandaPanda


  • Malware Response Team
  • 10,433 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:31 PM

Posted 28 December 2008 - 09:05 PM

Hello.

Those logs look clean.

What problems are you having now please?

With Regards,
The Panda

#9 denschwindt

denschwindt
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:12:31 PM

Posted 29 December 2008 - 02:31 AM

windows update. i cannot d/l or even search for updates. error 80070940

#10 PropagandaPanda

PropagandaPanda


  • Malware Response Team
  • 10,433 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:31 PM

Posted 30 December 2008 - 07:05 AM

Hello.

Let's see if Dial-A-Fix can fix that.

Download and Run Dial-a-Fix
This program fixes many common problems in Windows.
  • Please download Dial-A-Fix to your desktop.
  • Right click the zip file and select Extract All to extract the contents into a new.
  • Double click Dial-a-Fix.exe to start the program.
  • Press the green double checkmark box (Looks like this: Posted Image)
  • Uncheck Empty Temp Folders and Adjust Time/Date in the prep section. The prep section should then look like this:
    Posted Image
  • When the window looks like this, press the GO button in the bottom of the window.
    Posted Image
  • Close Dial-A-Fix

Try Windows Update again and tell me how it goes.

With Regards,
The Panda

#11 denschwindt

denschwindt
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:12:31 PM

Posted 30 December 2008 - 02:25 PM

the link dont work that u gave me

#12 denschwindt

denschwindt
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:12:31 PM

Posted 30 December 2008 - 03:32 PM

btw im running vista hp sp2. dial a fix don't work on vista. anything else?

Edited by denschwindt, 30 December 2008 - 04:06 PM.


#13 PropagandaPanda

PropagandaPanda


  • Malware Response Team
  • 10,433 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:31 PM

Posted 30 December 2008 - 04:51 PM

Sorry, my mistake.

First there are some file associations to be repaired.

Download and Run DAFT
This tool will find and fix problems with your file extension associations.
  • Download daft.exe by Deckard to your desktop.
  • Double click daft.exe to run it.
  • Click Scan.
  • Put a check mark beside all the boxes.
  • Click Fix.
  • Clost out of daft.
Let's try uninstalling your Service Packs.
Open Add/Remove programs.
Select the "Show Updates Option".
Remove the latest service pack you have installed.

Try the updating again.

With Regards,
The Panda

Edited by PropagandaPanda, 30 December 2008 - 04:52 PM.


#14 denschwindt

denschwindt
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:12:31 PM

Posted 01 January 2009 - 02:20 AM

there r only 2 updates listed. silverlight and update fo ms kb937286. but, when i go to view update history theres a big list i can do nothing with. i right click and it just says view details. i did uninstal the 2p from add remove prpograms. did i mess up???

#15 PropagandaPanda

PropagandaPanda


  • Malware Response Team
  • 10,433 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:31 PM

Posted 01 January 2009 - 03:40 PM

Hello.

Update history should be the updates you already installed.

With Regards,
The Panda




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users