Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with Spyware Guard 2008


  • This topic is locked This topic is locked
2 replies to this topic

#1 number3

number3

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:01:50 AM

Posted 30 December 2008 - 12:47 PM

NOTES:
• My Hardrive lite is constantly blinking at 1 blink per second.
• I’m able to get on the internet and browse around in SAFE MODE.
• I’ve attempted to install numerous software ( AVG – SPYBOT – SUPERANTISPYWARE ) And all of them fail when it tries to connect to the internet.


Steps I've taken to resolve this issue:
• Booted in SAFE MODE under ADMINITRATOR
• Copied mbam-setup to the desktop
• Ran mbam-setup
• After the installation I click on Start / Malwarebytes’ Anti-Malware and NOTHING happens.
• I opened Task Manager and see mbam.exe running but it doesn’t open.
• I’ve had good success using this software in the past but can’t get it to INSTALL to let it work…


• Downloaded “ randoms system information tool (RSIT) and saved it to my desktop.
• Double clicked on RSIT.exe to run it.
• Clicked Continue at the disclaimer screen.
• Here are my posts of the contents of both log.txt and info.txt

Logfile of random's system information tool 1.05 (written by random/random)
Run by Administrator at 2008-12-30 09:26:54
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 67 GB (88%) free of 76 GB
Total RAM: 478 MB (60% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:26:59 AM, on 12/30/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Safe mode with network support

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\taskmgr.exe
C:\Documents and Settings\Administrator\Desktop\mbam-setup-1.31.exe
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-5OSRM.tmp\mbam-setup-1.31.tmp
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
\NICKS\Ext. 260 Drive\SOFTWARE\SoftwareInstalled\Basic\Anti-Malware\RSIT.exe
E:\Computer\SOFTWARE\Anti-Malware\Administrator.exe

O2 - BHO: (no name) - {0A278A38-0AD5-460E-8CDA-B7CE4EB79C2C} - C:\WINDOWS\system32\awttusSk.dll
O2 - BHO: globaladsolution browser enhancer - {3BCC954E-131C-DB90-FEE5-8512B2F6AE93} - C:\WINDOWS\system32\nkfyzcagegktdhvfo.dll
O2 - BHO: (no name) - {3ef11c4b-8ef8-4684-a6c5-e73641582ebb} - (no file)
O2 - BHO: {7ab5d1cd-badf-a65b-67d4-eaec7a38e754} - {457e83a7-ceae-4d76-b56a-fdabdc1d5ba7} - C:\WINDOWS\system32\mtftvw.dll
O2 - BHO: (no name) - {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} - C:\WINDOWS\system32\khfGyvvw.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file)
O2 - BHO: globaladsolution - {e9247862-11db-7ee7-d80f-f2b314e3e205} - C:\WINDOWS\system32\nse2A.dll
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [HijackThis startup scan] E:\Computer\SOFTWARE\Anti-Malware\HijackThis.exe /startupscan
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: eFax DllCmd 3.5.lnk = C:\Program Files\eFax Messenger 3.5\J2GDllCmd.exe
O4 - Global Startup: eFax Tray Menu 3.5.lnk = C:\Program Files\eFax Messenger 3.5\J2GTray.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: bmnet.dll
O10 - Unknown file in Winsock LSP: bmnet.dll
O10 - Unknown file in Winsock LSP: bmnet.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.att.net
O16 - DPF: {5727FF4C-EF4E-4d96-A96C-03AD91910448} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab_ind.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1230277548562
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secur...loadManager.ocx
O16 - DPF: {C4847596-972C-11D0-9567-00A0C9273C2A} (Crystal Report Viewer Control) - http://fvs.vascorltd.com/viewer/activeXVie...tivexviewer.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: C:\WINDOWS\system32\zuziberi.dll,avgrsstx.dll mtftvw.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: khfGyvvw - C:\WINDOWS\SYSTEM32\khfGyvvw.dll
O21 - SSODL: ieModule - {2720B1A2-4602-4F66-9B3F-BD16ACA9FBAE} - C:\Documents and Settings\All Users\Application Data\Microsoft\Internet Explorer\DLLs\ieModule.dll
O21 - SSODL: InternetConnection - {3B165E67-C70E-4F32-8A3D-E889E24FDAE2} - C:\Documents and Settings\All Users\Application Data\Microsoft\Internet Explorer\DLLs\wogieguedm.dll
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bytemobile Web Configurator (bmwebcfg) - Bytemobile, Inc. - C:\WINDOWS\system32\bmwebcfg.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: GoToMyPC - Citrix Online - C:\Program Files\Citrix\GoToMyPC\g2svc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Program Files\Java\jre6\bin\jqs.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

--
End of file - 5697 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AntispywareBot Scheduled Scan.job
C:\WINDOWS\tasks\bhkvfwov.job
C:\WINDOWS\tasks\Registry Winner Schedule.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0A278A38-0AD5-460E-8CDA-B7CE4EB79C2C}]
C:\WINDOWS\system32\awttusSk.dll [2008-12-25 302592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3BCC954E-131C-DB90-FEE5-8512B2F6AE93}]
globaladsolution browser enhancer - C:\WINDOWS\system32\nkfyzcagegktdhvfo.dll [2008-12-23 390656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3ef11c4b-8ef8-4684-a6c5-e73641582ebb}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{457e83a7-ceae-4d76-b56a-fdabdc1d5ba7}]
C:\WINDOWS\system32\mtftvw.dll [2008-12-30 129024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C}]
C:\WINDOWS\system32\khfGyvvw.dll [2008-12-25 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java™ Plug-In SSV Helper

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar4.dll [2007-01-19 2403392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll [2008-10-23 737776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java™ Plug-In 2 SSV Helper

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e9247862-11db-7ee7-d80f-f2b314e3e205}]
globaladsolution - C:\WINDOWS\system32\nse2A.dll [2008-12-02 673280]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2008-12-03 399504]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"HijackThis startup scan"=E:\Computer\SOFTWARE\Anti-Malware\HijackThis.exe [2008-12-30 396288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cpqset]
C:\Program Files\HPQ\Default Settings\cpqset.exe [2004-10-13 229438]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Component Manager]
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe [2003-12-22 241664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\HP\HP Software Update\HPWuSchd.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1]
C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-04 208952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2004-06-04 286720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2005-06-18 98304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateManager]
C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe [2003-08-19 110592]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2005-05-11 282624]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
C:\PROGRA~1\MICROS~3\Office\OSA9.EXE [2000-01-21 65588]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
eFax DllCmd 3.5.lnk - C:\Program Files\eFax Messenger 3.5\J2GDllCmd.exe
eFax Tray Menu 3.5.lnk - C:\Program Files\eFax Messenger 3.5\J2GTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\WINDOWS\system32\zuziberi.dll,avgrsstx.dll mtftvw.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2008-12-03 352256]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\GoToMyPC]
C:\Program Files\Citrix\GoToMyPC\G2WinLogon.dll [2005-12-06 10848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2006-02-07 139264]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\khfGyvvw]
C:\WINDOWS\system32\khfGyvvw.dll [2008-12-25 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2006-06-19 702768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]
ieModule - {2720B1A2-4602-4F66-9B3F-BD16ACA9FBAE} - C:\Documents and Settings\All Users\Application Data\Microsoft\Internet Explorer\DLLs\ieModule.dll [2008-12-26 2687488]
InternetConnection - {3B165E67-C70E-4F32-8A3D-E889E24FDAE2} - C:\Documents and Settings\All Users\Application Data\Microsoft\Internet Explorer\DLLs\wogieguedm.dll [2008-12-30 766976]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C}"=C:\WINDOWS\system32\khfGyvvw.dll [2008-12-25 34816]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
C:\WINDOWS\system32\awttusSk
"notification packages"=scecli
C:\WINDOWS\system32\zuziberi.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, digeste.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SYMTDI]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoResolveSearch"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Internet Explorer\IEXPLORE.EXE"="C:\Program Files\Internet Explorer\IEXPLORE.EXE:*:Disabled:Internet Explorer"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\explorer.exe"="C:\WINDOWS\explorer.exe:*:Enabled:Explorer"
"C:\WINDOWS\system32\logonui.exe"="C:\WINDOWS\system32\logonui.exe:*:Enabled:logonui"
"C:\WINDOWS\system32\winlogon.exe"="C:\WINDOWS\system32\winlogon.exe:*:Enabled:winlogon"
"C:\Program Files\AVG\AVG8\avgemc.exe"="C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2008-12-30 09:26:54 ----D---- C:\rsit
2008-12-30 08:37:08 ----D---- C:\VundoFix Backups
2008-12-30 08:37:08 ----A---- C:\VundoFix.txt
2008-12-30 08:05:25 ----SH---- C:\WINDOWS\system32\ctxklrgq.ini
2008-12-30 08:05:21 ----A---- C:\WINDOWS\system32\qgrlkxtc.dll
2008-12-30 07:57:28 ----A---- C:\WINDOWS\system32\mtftvw.dll
2008-12-30 07:57:27 ----A---- C:\WINDOWS\system32\wukdperw.dll
2008-12-30 00:47:34 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-12-29 23:05:37 ----HD---- C:\$AVG8.VAULT$
2008-12-29 22:57:47 ----A---- C:\WINDOWS\system32\a.exe
2008-12-29 22:01:27 ----D---- C:\Program Files\SUPERAntiSpyware
2008-12-29 21:59:48 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2008-12-29 21:56:03 ----A---- C:\WINDOWS\system32\avgrsstx.dll
2008-12-29 21:53:02 ----D---- C:\Program Files\AVG
2008-12-29 21:53:02 ----D---- C:\Documents and Settings\All Users\Application Data\avg8
2008-12-29 20:30:22 ----D---- C:\Program Files\IObit
2008-12-29 20:30:22 ----D---- C:\Documents and Settings\Administrator\Application Data\IObit
2008-12-29 20:28:46 ----A---- C:\WINDOWS\system32\tuvWqQhF.dll
2008-12-29 20:27:07 ----ASH---- C:\Documents and Settings\Administrator\Application Data\desktop.ini
2008-12-29 20:27:06 ----SD---- C:\Documents and Settings\Administrator\Application Data\Microsoft
2008-12-29 20:00:50 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2008-12-29 13:11:10 ----D---- C:\WINDOWS\47D5D869FE574F2FA35883CFAA7B4968.TMP
2008-12-29 12:57:54 ----D---- C:\Program Files\Registry Winner
2008-12-29 04:18:40 ----SH---- C:\WINDOWS\system32\ycrmqmxl.ini
2008-12-29 04:18:30 ----A---- C:\WINDOWS\system32\lxmqmrcy.dll
2008-12-29 04:06:54 ----A---- C:\WINDOWS\system32\ykfmkq.dll
2008-12-29 04:06:52 ----A---- C:\WINDOWS\system32\ussinngm.dll
2008-12-29 03:15:09 ----A---- C:\WINDOWS\system32\cont_globaladsolution-remove.exe
2008-12-29 03:14:19 ----A---- C:\WINDOWS\system32\zbamrrwmkk.exe
2008-12-28 23:31:19 ----D---- C:\Documents and Settings\All Users\Application Data\Symantec
2008-12-28 23:29:11 ----D---- C:\Program Files\Symantec
2008-12-28 23:28:19 ----D---- C:\Program Files\Norton AntiVirus
2008-12-28 23:28:19 ----D---- C:\Program Files\Common Files\Symantec Shared
2008-12-27 00:33:33 ----D---- C:\Documents and Settings\All Users\Application Data\1018440782
2008-12-26 23:59:11 ----D---- C:\Program Files\AntispywareBot
2008-12-26 23:30:42 ----D---- C:\Program Files\GetPack
2008-12-26 23:30:28 ----D---- C:\Program Files\GrandPack
2008-12-26 22:43:49 ----D---- C:\Program Files\CyberDefender
2008-12-26 21:41:40 ----A---- C:\WINDOWS\system32\uxnrha.dll
2008-12-26 21:41:37 ----A---- C:\WINDOWS\system32\vwailqsr.dll
2008-12-26 21:38:46 ----SH---- C:\WINDOWS\system32\uhniyxfk.ini
2008-12-26 21:38:37 ----A---- C:\WINDOWS\system32\kfxyinhu.dll
2008-12-26 21:34:31 ----A---- C:\WINDOWS\system32\winscenter.exe
2008-12-26 21:34:15 ----A---- C:\WINDOWS\vmreg.dll
2008-12-26 21:34:15 ----A---- C:\WINDOWS\sysexplorer.exe
2008-12-26 21:34:15 ----A---- C:\WINDOWS\syscert.exe
2008-12-26 21:34:15 ----A---- C:\WINDOWS\sys.com
2008-12-26 21:34:15 ----A---- C:\WINDOWS\spoolsystem.exe
2008-12-26 21:34:15 ----A---- C:\WINDOWS\reged.exe
2008-12-26 21:34:14 ----D---- C:\Program Files\Spyware Guard 2008
2008-12-26 21:33:04 ----A---- C:\Documents and Settings\All Users\Application Data\svhost.exe
2008-12-26 00:53:09 ----A---- C:\WINDOWS\system32\javaws.exe
2008-12-26 00:53:09 ----A---- C:\WINDOWS\system32\javaw.exe
2008-12-26 00:53:08 ----A---- C:\WINDOWS\system32\java.exe
2008-12-25 19:03:18 ----SH---- C:\WINDOWS\system32\pmhsmbel.ini
2008-12-25 19:03:14 ----A---- C:\WINDOWS\system32\lebmshmp.dll
2008-12-25 19:03:07 ----A---- C:\WINDOWS\system32\ffdzwd.dll
2008-12-25 19:03:03 ----A---- C:\WINDOWS\system32\wcgnbypv.dll
2008-12-25 19:01:01 ----A---- C:\WINDOWS\system32\db332f48-.txt
2008-12-25 18:59:55 ----ASH---- C:\WINDOWS\system32\kSsuttwa.ini2
2008-12-25 18:59:55 ----ASH---- C:\WINDOWS\system32\kSsuttwa.ini
2008-12-25 18:59:49 ----A---- C:\WINDOWS\system32\awttusSk.dll
2008-12-25 18:54:45 ----A---- C:\WINDOWS\system32\vtUolKCV.dll
2008-12-25 18:54:43 ----D---- C:\Program Files\iCheck
2008-12-25 18:54:43 ----D---- C:\Program Files\GetModule
2008-12-25 18:54:39 ----N---- C:\WINDOWS\system32\khfGyvvw.dll
2008-12-25 18:54:36 ----A---- C:\WINDOWS\system32\digeste.dll
2008-12-25 18:06:54 ----A---- C:\WINDOWS\system32\igfxres.dll
2008-12-25 17:42:54 ----D---- C:\Program Files\SystemRequirementsLab
2008-12-25 15:39:57 ----D---- C:\WINDOWS\Prefetch
2008-12-25 15:36:38 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2008-12-25 15:36:26 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2008-12-25 15:36:14 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2008-12-25 15:35:50 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2008-12-25 15:35:36 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2008-12-25 15:35:23 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2008-12-25 15:35:04 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2008-12-25 15:34:52 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2008-12-25 15:34:39 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2008-12-25 15:34:24 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2008-12-25 15:34:12 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2008-12-25 15:33:58 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2008-12-25 15:33:45 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2008-12-25 15:33:32 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2008-12-25 15:33:20 ----HDC---- C:\WINDOWS\$NtUninstallKB951376$
2008-12-25 15:33:05 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2008-12-25 15:32:52 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2008-12-25 15:32:40 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2008-12-25 15:32:26 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2008-12-25 15:32:13 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2008-12-25 15:27:37 ----A---- C:\WINDOWS\setuplog.txt
2008-12-25 15:26:14 ----N---- C:\WINDOWS\system32\msxml6r.dll
2008-12-25 15:26:14 ----N---- C:\WINDOWS\system32\msxml6.dll
2008-12-25 15:25:34 ----N---- C:\WINDOWS\system32\aaclient.dll
2008-12-25 15:25:33 ----N---- C:\WINDOWS\system32\ati3duag.dll
2008-12-25 15:25:33 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
2008-12-25 15:25:33 ----N---- C:\WINDOWS\system32\ati2dvag.dll
2008-12-25 15:25:33 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
2008-12-25 15:25:33 ----N---- C:\WINDOWS\system32\ati2cqag.dll
2008-12-25 15:25:32 ----N---- C:\WINDOWS\system32\azroles.dll
2008-12-25 15:25:32 ----N---- C:\WINDOWS\system32\ativvaxx.dll
2008-12-25 15:25:32 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2008-12-25 15:25:31 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2008-12-25 15:25:30 ----N---- C:\WINDOWS\system32\dot3api.dll
2008-12-25 15:25:30 ----N---- C:\WINDOWS\system32\dimsroam.dll
2008-12-25 15:25:30 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2008-12-25 15:25:30 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2008-12-25 15:25:30 ----N---- C:\WINDOWS\system32\credssp.dll
2008-12-25 15:25:29 ----N---- C:\WINDOWS\system32\dot3ui.dll
2008-12-25 15:25:29 ----N---- C:\WINDOWS\system32\dot3svc.dll
2008-12-25 15:25:29 ----N---- C:\WINDOWS\system32\dot3msm.dll
2008-12-25 15:25:29 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2008-12-25 15:25:29 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2008-12-25 15:25:29 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2008-12-25 15:25:28 ----N---- C:\WINDOWS\system32\eapsvc.dll
2008-12-25 15:25:28 ----N---- C:\WINDOWS\system32\eapqec.dll
2008-12-25 15:25:28 ----N---- C:\WINDOWS\system32\eappprxy.dll
2008-12-25 15:25:28 ----N---- C:\WINDOWS\system32\eapphost.dll
2008-12-25 15:25:28 ----N---- C:\WINDOWS\system32\eappgnui.dll
2008-12-25 15:25:28 ----N---- C:\WINDOWS\system32\eappcfg.dll
2008-12-25 15:25:28 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2008-12-25 15:25:28 ----N---- C:\WINDOWS\system32\eapolqec.dll
2008-12-25 15:25:26 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2008-12-25 15:25:24 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2008-12-25 15:25:24 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2008-12-25 15:25:23 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2008-12-25 15:25:23 ----N---- C:\WINDOWS\system32\kmsvc.dll
2008-12-25 15:25:23 ----N---- C:\WINDOWS\system32\kbdpash.dll
2008-12-25 15:25:23 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2008-12-25 15:25:22 ----N---- C:\WINDOWS\system32\mmcex.dll
2008-12-25 15:25:22 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2008-12-25 15:25:21 ----N---- C:\WINDOWS\system32\mmcperf.exe
2008-12-25 15:25:21 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2008-12-25 15:25:20 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2008-12-25 15:25:20 ----N---- C:\WINDOWS\system32\mssha.dll
2008-12-25 15:25:19 ----N---- C:\WINDOWS\system32\napstat.exe
2008-12-25 15:25:19 ----N---- C:\WINDOWS\system32\napmontr.dll
2008-12-25 15:25:19 ----N---- C:\WINDOWS\system32\napipsec.dll
2008-12-25 15:25:19 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2008-12-25 15:25:18 ----N---- C:\WINDOWS\system32\onex.dll
2008-12-25 15:25:18 ----N---- C:\WINDOWS\system32\nv4_disp.dll
2008-12-25 15:25:17 ----N---- C:\WINDOWS\system32\qcliprov.dll
2008-12-25 15:25:17 ----N---- C:\WINDOWS\system32\qagentrt.dll
2008-12-25 15:25:17 ----N---- C:\WINDOWS\system32\qagent.dll
2008-12-25 15:25:17 ----N---- C:\WINDOWS\system32\photometadatahandler.dll
2008-12-25 15:25:16 ----N---- C:\WINDOWS\system32\s3gnb.dll
2008-12-25 15:25:16 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2008-12-25 15:25:16 ----N---- C:\WINDOWS\system32\rasqec.dll
2008-12-25 15:25:16 ----N---- C:\WINDOWS\system32\qutil.dll
2008-12-25 15:25:15 ----N---- C:\WINDOWS\system32\slserv.exe
2008-12-25 15:25:15 ----N---- C:\WINDOWS\system32\slrundll.exe
2008-12-25 15:25:15 ----N---- C:\WINDOWS\system32\slgen.dll
2008-12-25 15:25:15 ----N---- C:\WINDOWS\system32\slextspk.dll
2008-12-25 15:25:15 ----N---- C:\WINDOWS\system32\slcoinst.dll
2008-12-25 15:25:15 ----N---- C:\WINDOWS\system32\setupn.exe
2008-12-25 15:25:14 ----N---- C:\WINDOWS\system32\tspkg.dll
2008-12-25 15:25:14 ----N---- C:\WINDOWS\system32\tsgqec.dll
2008-12-25 15:25:13 ----N---- C:\WINDOWS\system32\windowscodecsext.dll
2008-12-25 15:25:13 ----N---- C:\WINDOWS\system32\windowscodecs.dll
2008-12-25 15:25:12 ----N---- C:\WINDOWS\system32\wmphoto.dll
2008-12-25 15:25:12 ----N---- C:\WINDOWS\system32\wlanapi.dll
2008-12-25 15:25:07 ----N---- C:\WINDOWS\slrundll.exe
2008-12-25 15:24:56 ----D---- C:\WINDOWS\system32\scripting
2008-12-25 15:24:47 ----D---- C:\WINDOWS\l2schemas
2008-12-25 15:24:42 ----D---- C:\WINDOWS\system32\en
2008-12-25 15:24:39 ----D---- C:\WINDOWS\system32\bits
2008-12-25 15:18:16 ----D---- C:\WINDOWS\ServicePackFiles
2008-12-25 15:09:12 ----A---- C:\WINDOWS\002865_.tmp
2008-12-25 15:03:52 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2008-12-25 15:03:49 ----D---- C:\WINDOWS\EHome
2008-12-23 20:44:18 ----D---- C:\Program Files\DivX
2008-12-14 03:05:38 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2008-12-14 03:05:26 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$
2008-12-14 03:01:48 ----HDC---- C:\WINDOWS\$NtUninstallKB954600_0$
2008-12-14 03:01:30 ----HDC---- C:\WINDOWS\$NtUninstallKB956802_0$
2008-12-03 04:22:22 ----A---- C:\WINDOWS\system32\nkfyzcagegktdhvfo.dll
2008-12-02 09:23:26 ----A---- C:\WINDOWS\system32\nse2A.dll

======List of files/folders modified in the last 1 months======

2008-12-30 09:20:30 ----D---- C:\WINDOWS\system32\drivers
2008-12-30 09:20:02 ----AC---- C:\WINDOWS\ntbtlog.txt
2008-12-30 08:50:38 ----D---- C:\WINDOWS\system32
2008-12-30 08:04:31 ----D---- C:\WINDOWS\Temp
2008-12-30 08:02:21 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-12-30 00:41:47 ----D---- C:\WINDOWS
2008-12-30 00:20:37 ----D---- C:\WINDOWS\system32\config
2008-12-29 22:21:32 ----D---- C:\Program Files
2008-12-29 22:03:17 ----SHD---- C:\WINDOWS\Installer
2008-12-29 22:03:12 ----HD---- C:\Config.Msi
2008-12-29 21:59:48 ----D---- C:\Program Files\Common Files
2008-12-29 21:40:56 ----D---- C:\Program Files\Snapshot Viewer
2008-12-29 21:39:48 ----SD---- C:\WINDOWS\Tasks
2008-12-29 21:13:50 ----D---- C:\WINDOWS\system32\CatRoot2
2008-12-29 20:27:05 ----D---- C:\Documents and Settings
2008-12-29 13:16:17 ----D---- C:\Program Files\ESET
2008-12-29 13:08:15 ----D---- C:\Program Files\Microsoft AntiSpyware
2008-12-29 11:08:29 ----HD---- C:\WINDOWS\inf
2008-12-26 22:55:34 ----A---- C:\WINDOWS\win.ini
2008-12-26 21:34:05 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-12-26 20:00:09 ----D---- C:\WINDOWS\system32\wbem
2008-12-26 20:00:09 ----D---- C:\WINDOWS\Registration
2008-12-26 00:51:45 ----D---- C:\Program Files\Java
2008-12-25 23:46:06 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-12-25 22:33:13 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-12-25 17:52:56 ----D---- C:\WINDOWS\system32\ReinstallBackups
2008-12-25 15:44:22 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-12-25 15:42:26 ----AC---- C:\WINDOWS\OEWABLog.txt
2008-12-25 15:39:16 ----D---- C:\WINDOWS\system32\Setup
2008-12-25 15:39:16 ----D---- C:\Program Files\Messenger
2008-12-25 15:39:15 ----D---- C:\WINDOWS\AppPatch
2008-12-25 15:39:13 ----RSD---- C:\WINDOWS\Fonts
2008-12-25 15:38:30 ----D---- C:\WINDOWS\security
2008-12-25 15:37:23 ----D---- C:\WINDOWS\system32\CatRoot
2008-12-25 15:26:30 ----D---- C:\WINDOWS\WinSxS
2008-12-25 15:26:13 ----D---- C:\Program Files\Windows Media Player
2008-12-25 15:26:10 ----D---- C:\WINDOWS\Help
2008-12-25 15:25:41 ----D---- C:\WINDOWS\network diagnostic
2008-12-25 15:25:41 ----D---- C:\WINDOWS\ime
2008-12-25 15:25:07 ----D---- C:\WINDOWS\system32\en-US
2008-12-25 15:25:05 ----D---- C:\WINDOWS\system32\usmt
2008-12-25 15:24:39 ----D---- C:\WINDOWS\PeerNet
2008-12-25 15:24:38 ----D---- C:\Program Files\Movie Maker
2008-12-25 15:18:02 ----D---- C:\WINDOWS\system32\Restore
2008-12-25 15:18:01 ----D---- C:\WINDOWS\system32\npp
2008-12-25 15:17:58 ----D---- C:\WINDOWS\msagent
2008-12-25 15:17:55 ----D---- C:\WINDOWS\srchasst
2008-12-25 15:17:51 ----D---- C:\Program Files\NetMeeting
2008-12-25 15:17:47 ----D---- C:\WINDOWS\system32\Com
2008-12-25 15:17:34 ----D---- C:\Program Files\Windows NT
2008-12-25 15:17:34 ----D---- C:\Program Files\Outlook Express
2008-12-25 15:17:27 ----D---- C:\Program Files\Common Files\System
2008-12-25 15:16:42 ----D---- C:\WINDOWS\system32\oobe
2008-12-25 15:16:37 ----D---- C:\WINDOWS\system
2008-12-25 14:55:34 ----D---- C:\WINDOWS\Debug
2008-12-17 23:05:25 ----HD---- C:\WINDOWS\$hf_mig$
2008-12-14 03:04:56 ----D---- C:\Program Files\Internet Explorer
2008-12-12 22:40:02 ----A---- C:\WINDOWS\system32\mshtml.dll
2008-12-09 15:24:37 ----A---- C:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2004-10-07 35840]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-04 12032]
R2 SYMTDI;SYMTDI; \??\C:\WINDOWS\system32\Drivers\SYMTDI.SYS []
R3 GEARAspiWDM;GEAR CDRom Filter; C:\WINDOWS\SYSTEM32\DRIVERS\GEARAspiWDM.sys [2004-04-05 13872]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 Point32;Microsoft IntelliPoint Filter Driver; C:\WINDOWS\system32\DRIVERS\point32.sys [2005-06-10 21760]
R3 RTL8023xp;Realtek RTL8139/810x/8169/8110 all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2004-06-28 69760]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2004-10-05 185824]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 w29n51;Intel® PRO/Wireless 2200BG Network Connection Driver for Windows XP; C:\WINDOWS\system32\DRIVERS\w29n51.sys [2004-09-20 3210496]
S1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2008-12-29 97928]
S1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2008-12-29 26824]
S1 eabfiltr;EABFiltr; \??\C:\WINDOWS\system32\drivers\EABFiltr.sys []
S1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
S2 AvgTdiX;AVG Free8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2008-12-29 76040]
S2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2003-04-09 11043]
S3 ACGPRS;Sierra Wireless 3G Adapter; C:\WINDOWS\system32\DRIVERS\acgprs.sys [2006-02-14 97280]
S3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
S3 CAMCAUD;Conexant AMC 3D Environmental Audio; C:\WINDOWS\system32\drivers\camcaud.sys [2004-10-14 292864]
S3 CAMCHALA;CAMCHALA; C:\WINDOWS\system32\drivers\camchal.sys [2004-10-14 276480]
S3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
S3 eabusb;eabusb; \??\C:\WINDOWS\system32\drivers\eabusb.sys []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-03-07 51120]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2005-03-07 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-03-07 21744]
S3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2004-03-10 1041536]
S3 HSFHWICH;HSFHWICH; C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys [2004-03-10 199552]
S3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2006-02-07 1399615]
S3 mf;mf; C:\WINDOWS\system32\DRIVERS\mf.sys [2008-04-13 63744]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
S3 PCTINDIS5;PCTINDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCTINDIS5.SYS []
S3 RimSerPort;RIM Virtual Serial Port; C:\WINDOWS\system32\DRIVERS\RimSerial.sys [2006-02-14 18432]
S3 RimUsb;RIM Handheld; C:\WINDOWS\System32\Drivers\RimUsb.sys []
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-04 5888]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
S3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 SYMREDRV;SYMREDRV; \??\C:\WINDOWS\system32\Drivers\SYMREDRV.SYS []
S3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2004-11-08 85504]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2004-03-10 682624]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

S2 avg8emc;AVG Free8 E-mail Scanner; C:\PROGRA~1\AVG\AVG8\avgemc.exe [2008-12-29 875288]
S2 avg8wd;AVG Free8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-12-29 231704]
S2 bmwebcfg;Bytemobile Web Configurator; C:\WINDOWS\system32\bmwebcfg.exe [2006-02-14 122880]
S2 ccEvtMgr;Symantec Event Manager; C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe [2002-08-08 308936]
S2 GoToMyPC;GoToMyPC; C:\Program Files\Citrix\GoToMyPC\g2svc.exe [2005-12-06 230496]
S2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe -service -config C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf []
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768]
S3 ccPwdSvc;Symantec Password Validation Service; C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe [2002-08-19 63176]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-01-27 138168]
S3 hpqwmi;HP WMI Interface; C:\Program Files\HPQ\SHARED\HPQWMI.exe [2004-07-27 98304]
S3 iPodService;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2004-06-04 401408]
S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-09-29 69632]

-----------------EOF-----------------

info.txt logfile of random's system information tool 1.05 2008-12-30 09:27:03

======Uninstall list======

-->C:\Program Files\Spyware Guard 2008\uninstall.exe
-->C:\WINDOWS\system32\\MSIEXEC.EXE /I {09DA4F91-2A09-4232-AB8C-6BC740096DE3} REMOVE=UpdateMgrFeature
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {9541FED0-327F-4df0-8B96-EF57EF622F19}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player 9 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
Adobe Reader 7.0-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70000000000}
Advanced SystemCare 3-->"C:\Program Files\IObit\Advanced SystemCare 3\unins000.exe"
AT&&T Worldnet Accelerator-->C:\Program Files\AT&T Worldnet Accelerator\trayctl.exe /UNINSTALL
AT&T Worldnet Service-->C:\WINDOWS\wnbackup\WnClient80\unwise.exe /Z /U C:\WINDOWS\wnbackup\WnClient80\install.log "AT&T WorldNet Service"
AVG Free 8.0-->C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
Broadcom 802.11 Driver-->C:\WINDOWS\system32\BCMWLU00.exe verbose /rootkey=Software\Broadcom\802.11\UninstallInfo
Cingular Communication Manager-->MsiExec.exe /X{716D0F61-8553-46F4-8788-AD5E11A890F8}
Conexant AC-Link Audio-->CIAunwdm.exe
Contextual Platform Globaladsolution-->C:\WINDOWS\system32\cont_globaladsolution-remove.exe
Daily Text 1.3.0 -- January 1-->"C:\Program Files\Daily Text\uninstall.exe"
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
eFax Messenger 3.5-->C:\Program Files\eFax Messenger 3.5\Uninstall.exe
Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar4.dll"
GoToMyPC-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{58F4D4FD-1814-4068-B316-C28FC776C6DD}\Setup.exe" -l0x9 AddRemovePrograms
HijackThis 2.0.2-->"E:\Computer\SOFTWARE\Anti-Malware\HijackThis.exe" /uninstall
Hotfix for Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
HP Deskjet 3740-->msiexec /x{F901CA6D-A074-42D3-A11D-33AAE6FFD0C1}
HP Extended Capabilities 5.3-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP Help and Support-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A93C4E94-1005-489D-BEAA-B873C1AA6CFC}\setup.exe" -l0x9
HP Image Zone Express-->MsiExec.exe /X{FE64AE29-0883-4C70-8388-DC026019C900}
HP Imaging Device Functions 5.3-->C:\Program Files\HP\Digital Imaging\DigitalImagingMonitor\hpzscr01.exe -datfile hpqbud01.dat
HP Photo & Imaging 3.1-->C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP PSC & OfficeJet 3.0-->"C:\Program Files\HP\Digital Imaging\{F38FA38A-7E5A-4209-88ED-4DE21CD20EEF}\setup\hpzscr01.exe" -datfile hposcr03.dat
HP Software Update-->MsiExec.exe /X{15EE79F4-4ED1-4267-9B0F-351009325D7D}
HP Solution Center & Imaging Support Tools 5.3-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
Intel® Extreme Graphics 2 Driver-->RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx PCI\VEN_8086&DEV_3582
Internet Speed Monitor-->C:\Program Files\iCheck\Uninstall.exe
InterVideo WinDVD-->"C:\Program Files\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe" REMOVEALL
iTunes-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{00FC6799-866E-44A1-A60C-DCF394CF56FD}
J2SE Runtime Environment 5.0 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
Java 2 Runtime Environment, SE v1.4.2_05-->MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142050}
Java™ 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Java™ 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Macromedia Shockwave Player-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Memories Disc Creator 2.0-->MsiExec.exe /X{2E132061-C78A-48D4-A899-1D13B9D189FA}
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft Access 2002 Runtime-->MsiExec.exe /I{901C0409-6000-11D3-8CFE-0050048383C9}
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office 2000 SR-1 Premium-->MsiExec.exe /I{00000409-78E1-11D2-B60F-006097C998E7}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
MSN-->C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
muvee autoProducer 3.5 - SE-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{37E31FCE-A048-4D8C-B167-31891BCF6585}\setup.exe" -l0x9
Nokia Connectivity Adapter Cable DKU-5-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F1BA3CD5-89DC-4273-8603-A75F33E9B335}\Setup.exe" -l0x9
Norton AntiVirus 2003-->MsiExec.exe /I{47D5D869-FE57-4F2F-A358-83CFAA7B4968}
Quick Launch Buttons 5.00 C2-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CEB326EC-8F40-47B2-BA22-BB092565D66F}\setup.exe" -l0x9 -uninst
QuickTime-->C:\WINDOWS\unvise32qt.exe C:\WINDOWS\system32\QuickTime\Uninstall.log
REALTEK Gigabit and Fast Ethernet NIC Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{94FB906A-CF42-4128-A509-D353026A607E}\Setup.exe" -l0x9 REMOVE
Regional Building Assistant (RBA)-->C:\WINDOWS\odeunst.exe -n "C:\Program Files\Regional Building Assistant (RBA)\ODEUNST.LOG"
RON Tool Globaladsolution-->C:\WINDOWS\system32\zbamrrwmkk.exe
Rosetta Stone 2.1.3.0A-->"C:\Program Files\Rosetta Stone\RS2.1.3.0A_Support\Uninstall Rosetta Stone 2.1.3.0A\Uninstall Rosetta Stone 2.1.3.0A.exe"
Security Update for Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player 9 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
Security Update for Windows Media Player 9 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP9$\spuninst\spuninst.exe"
Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
SoftV92 Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_8086&DEV_24C6&SUBSYS_3080103C\HXFSETUP.EXE -U -Ihpm30805.inf
Sonic RecordNow!-->MsiExec.exe /I{9541FED0-327F-4DF0-8B96-EF57EF622F19}
Sonic Update Manager-->MsiExec.exe /I{09DA4F91-2A09-4232-AB8C-6BC740096DE3}
SUPERAntiSpyware Free Edition-->MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe
tcConference-->rundll32 C:\WINDOWS\SYSTEM32\tc4.dll,uninstall
Texas Instruments PCIxx21/x515 drivers.-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{C569D686-A444-4AF0-A437-15CBB2816E34}
Update for Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Update for Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Video Server S-->C:\Program Files\Video Server S\UnInstall_27908.exe
Watchtower Library 2007 - English-->C:\Program Files\Watchtower\Watchtower Library 2007\E\uninst.exe
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
Yahoo! Toolbar-->C:\PROGRA~1\Yahoo!\Common\unyt.exe
Zone Deluxe Games-->MsiExec.exe /I{66C018BD-6F16-4B32-B4CD-1DC1B21FBDFF}

=====HijackThis Backups=====

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.att.net/ie4/search/index.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [DXDllRegExe] dxdllreg.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [Propel Accelerator] "C:\Program Files\AT&T Worldnet Accelerator\trayctl.exe" /STARTUPLAUNCH
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [GoToMyPC] C:\Program Files\Citrix\GoToMyPC\g2svc.exe -logon
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [vepijizolu] Rundll32.exe "C:\WINDOWS\system32\hufovora.dll",s
O4 - HKLM\..\Run: [1078236386] "C:\Documents and Settings\All Users\Application Data\1018440782\1078236386.exe"
O4 - HKLM\..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe
O4 - HKLM\..\Run: [ccRegVfy] C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe
O4 - HKLM\..\Run: [pufuwpynluzbatl] C:\WINDOWS\System32\regsvr32.exe /s "C:\WINDOWS\system32\nkfyzcagegktdhvfo.dll"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [spywareguard] C:\Program Files\Spyware Guard 2008\spywareguard.exe
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKLM\..\RunOnce: [VundoFix] "E:\Computer\SOFTWARE\Anti-Spyware\vundofix.exe"
O4 - HKCU\..\Run: [Advanced SystemCare 3] "C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe" /startup
O4 - HKCU\..\Run: [HijackThis startup scan] E:\Computer\SOFTWARE\Anti-Malware\HijackThis.exe /startupscan
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: eFax DllCmd 3.5.lnk = C:\Program Files\eFax Messenger 3.5\J2GDllCmd.exe
O4 - Global Startup: eFax Tray Menu 3.5.lnk = C:\Program Files\eFax Messenger 3.5\J2GTray.exe
O21 - SSODL: InternetConnection - {3B165E67-C70E-4F32-8A3D-E889E24FDAE2} - C:\Documents and Settings\All Users\Application Data\Microsoft\Internet Explorer\DLLs\wogieguedm.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: Bytemobile Web Configurator (bmwebcfg) - Bytemobile, Inc. - C:\WINDOWS\system32\bmwebcfg.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.att.net
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O16 - DPF: {5727FF4C-EF4E-4d96-A96C-03AD91910448} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab_ind.cab
O23 - Service: GoToMyPC - Citrix Online - C:\Program Files\Citrix\GoToMyPC\g2svc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1230277548562
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secur...loadManager.ocx
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Program Files\Java\jre6\bin\jqs.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O16 - DPF: {C4847596-972C-11D0-9567-00A0C9273C2A} (Crystal Report Viewer Control) - http://fvs.vascorltd.com/viewer/activeXVie...tivexviewer.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: C:\WINDOWS\system32\zuziberi.dll,avgrsstx.dll mtftvw.dll
O21 - SSODL: ieModule - {2720B1A2-4602-4F66-9B3F-BD16ACA9FBAE} - C:\Documents and Settings\All Users\Application Data\Microsoft\Internet Explorer\DLLs\ieModule.dll

======Security center information======

AV: AVG Anti-Virus Free (outdated)
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic

System event log

Computer Name: WEAVER-HPLAPTOP
Event Code: 7035
Message: The Application Layer Gateway Service service was successfully sent a start control.

Record Number: 56434
Source Name: Service Control Manager
Time Written: 20081225220650.000000-480
Event Type: information
User: NT AUTHORITY\SYSTEM

Computer Name: WEAVER-HPLAPTOP
Event Code: 7036
Message: The Network Location Awareness (NLA) service entered the running state.

Record Number: 56433
Source Name: Service Control Manager
Time Written: 20081225220645.000000-480
Event Type: information
User:

Computer Name: WEAVER-HPLAPTOP
Event Code: 7036
Message: The Fast User Switching Compatibility service entered the running state.

Record Number: 56432
Source Name: Service Control Manager
Time Written: 20081225220645.000000-480
Event Type: information
User:

Computer Name: WEAVER-HPLAPTOP
Event Code: 7035
Message: The Network Location Awareness (NLA) service was successfully sent a start control.

Record Number: 56431
Source Name: Service Control Manager
Time Written: 20081225220645.000000-480
Event Type: information
User: NT AUTHORITY\SYSTEM

Computer Name: WEAVER-HPLAPTOP
Event Code: 7035
Message: The Fast User Switching Compatibility service was successfully sent a start control.

Record Number: 56430
Source Name: Service Control Manager
Time Written: 20081225220645.000000-480
Event Type: information
User: NT AUTHORITY\SYSTEM

Application event log

Computer Name: WEAVER-HPLAPTOP
Event Code: 4113
Message:
Record Number: 14810
Source Name: Avira AntiVir
Time Written: 20081226155908.000000-480
Event Type: warning
User: NT AUTHORITY\SYSTEM

Computer Name: WEAVER-HPLAPTOP
Event Code: 4113
Message:
Record Number: 14809
Source Name: Avira AntiVir
Time Written: 20081226155908.000000-480
Event Type: warning
User: NT AUTHORITY\SYSTEM

Computer Name: WEAVER-HPLAPTOP
Event Code: 4113
Message:
Record Number: 14808
Source Name: Avira AntiVir
Time Written: 20081226155908.000000-480
Event Type: warning
User: NT AUTHORITY\SYSTEM

Computer Name: WEAVER-HPLAPTOP
Event Code: 4113
Message:
Record Number: 14807
Source Name: Avira AntiVir
Time Written: 20081226155908.000000-480
Event Type: warning
User: NT AUTHORITY\SYSTEM

Computer Name: WEAVER-HPLAPTOP
Event Code: 4113
Message:
Record Number: 14806
Source Name: Avira AntiVir
Time Written: 20081226155908.000000-480
Event Type: warning
User: NT AUTHORITY\SYSTEM

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 13 Stepping 8, GenuineIntel
"PROCESSOR_REVISION"=0d08
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"SAFEBOOT_OPTION"=NETWORK

-----------------EOF-----------------

Thanks for ALL suggestions..

Paul

Edited by number3, 30 December 2008 - 01:11 PM.


BC AdBot (Login to Remove)

 


#2 fenzodahl512

fenzodahl512

  • Members
  • 6,738 posts
  • OFFLINE
  •  
  • Local time:05:50 PM

Posted 05 January 2009 - 06:21 AM

Hello, sorry for the delay.. If you still need help, please run RSIT again and post the RSIT log.txt here for my review..


Regards
fenzodahl512 :thumbsup:

Keep calm, make it simple, use your brain, don't freak out, and you'll be just fine..
Awesomeness: When I get sad, I stop being sad and be awesome instead.. True story - Barney Stinson
Posted Image Posted Image
Its gonna be legen.. wait for it.. dary! Cherish the pain, it means you're still alive


#3 fenzodahl512

fenzodahl512

  • Members
  • 6,738 posts
  • OFFLINE
  •  
  • Local time:05:50 PM

Posted 12 January 2009 - 03:07 AM

Due to the lack of feedback this Topic is closed.

If you need this topic reopened, please request this by sending the moderating team a PM with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic

Keep calm, make it simple, use your brain, don't freak out, and you'll be just fine..
Awesomeness: When I get sad, I stop being sad and be awesome instead.. True story - Barney Stinson
Posted Image Posted Image
Its gonna be legen.. wait for it.. dary! Cherish the pain, it means you're still alive





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users