Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Latest News:    Tumblr Fixes Security Bug that Leaked Private Account Info

Featured Deal: Get The Pay What You Want: AWS Cloud Development Bundle Deal

Photo

Windows Update redirecting to Google + More

Started by roacherz , Jan 20 2009 01:00 PM

  • This topic is locked This topic is locked
2 replies to this topic

#1 roacherz

roacherz

  • Members
  • 1 posts
  • OFFLINE
    •  
  • Gender:Female
  • Local time:09:54 AM

Posted 20 January 2009 - 01:00 PM

Hi there, I usually post over at tech guys forums, but I searched google and this site came up with a similar issue I was having. I cannot goto the windows update page, it goes to google for some reason. I cannot update antivir, it times out. I also play a lot of games, and some of their loading screens do not load either, the pictures or sites.
Posted Image
Posted Image
Posted Image
Posted Image
Posted Image



I also did a hijack this log:

Logfile of random's system information tool 1.05 (written by random/random)
Run by Rochelle at 2009-01-20 12:28:09
Microsoft Windows XP Professional Service Pack 3
System drive C: has 77 GB (59%) free of 131 GB
Total RAM: 2814 MB (80% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:28:12 PM, on 1/20/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Razer\Copperhead\razerhid.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\AIM6\aim6.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Razer\Copperhead\razertra.exe
C:\Program Files\Razer\Copperhead\razerofa.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Ventrilo\Ventrilo.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Rochelle\Desktop\RSIT.exe
C:\Program Files\trend micro\Rochelle.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: (no name) - {C5BF49A2-94F3-42BD-F434-3604812C8955} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [razer] C:\Program Files\Razer\Copperhead\razerhid.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1229068739461
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: jgzfkj9w38rksndfi7r4 - {C5BF49A2-94F3-42BD-F434-3604812C8955} - (no file)
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: getPlus® Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: getPlus® Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 5683 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\RegCure Program Check.job
C:\WINDOWS\tasks\RegCure.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C5BF49A2-94F3-42BD-F434-3604812C8955}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-09-17 13574144]
"razer"=C:\Program Files\Razer\Copperhead\razerhid.exe [2005-10-08 155648]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-09-06 413696]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-09-17 86016]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Aim6"=C:\Program Files\AIM6\aim6.exe [2008-10-21 50472]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2007-10-18 5724184]
"Steam"=c:\program files\steam\steam.exe [2009-01-14 1410296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aim6]
C:\Program Files\AIM6\aim6.exe [2008-10-21 50472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ares]
C:\Program Files\Ares\Ares.exe -h []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avgnt]
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igndlm.exe]
C:\Program Files\Download Manager\DLM.exe [2008-08-01 1103216]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LifeCam]
C:\Program Files\Microsoft LifeCam\LifeExp.exe [2006-10-13 277296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2007-10-18 5724184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
C:\WINDOWS\System32\NvCpl.dll [2008-09-17 13574144]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NVIDIA nTune]
C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe [2006-09-13 81920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
C:\WINDOWS\System32\NvMcTray.dll [2008-09-17 86016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
C:\WINDOWS\RTHDCPL.EXE [2006-09-12 16264192]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2008-11-18 21633320]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2008-09-16 1833296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe [2008-12-12 136600]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VX3000]
C:\WINDOWS\vVX3000.exe [2006-10-13 707376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 241704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
jgzfkj9w38rksndfi7r4 - {C5BF49A2-94F3-42BD-F434-3604812C8955}

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableRegistryTools"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
"NoFolderOptions"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\AIM6\aim6.exe"="C:\Program Files\AIM6\aim6.exe:*:Enabled:AIM"
"C:\Program Files\Ventrilo\Ventrilo.exe"="C:\Program Files\Ventrilo\Ventrilo.exe:*:Enabled:Ventrilo.exe"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Microsoft LifeCam\LifeExp.exe"="C:\Program Files\Microsoft LifeCam\LifeExp.exe:*:Enabled:LifeExp.exe"
"C:\Program Files\Microsoft LifeCam\LifeCam.exe"="C:\Program Files\Microsoft LifeCam\LifeCam.exe:*:Enabled:LifeCam.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\Vuze\Azureus.exe"="C:\Program Files\Vuze\Azureus.exe:*:Enabled:Azureus"
"C:\Program Files\Ares\Ares.exe"="C:\Program Files\Ares\Ares.exe:*:Enabled:Ares p2p for windows"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Program Files\Common Files\AOL\Loader\aolload.exe"="C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

======List of files/folders created in the last 1 months======

2009-01-20 12:23:09 ----D---- C:\Program Files\trend micro
2009-01-20 12:23:08 ----D---- C:\rsit
2009-01-20 12:03:54 ----A---- C:\WINDOWS\system32\msvcrtnew.dll
2009-01-20 12:03:54 ----A---- C:\WINDOWS\system32\msvcr90.dll
2009-01-20 12:03:54 ----A---- C:\WINDOWS\system32\msvcr80d.dll
2009-01-20 12:03:54 ----A---- C:\WINDOWS\system32\msvcr80.dll
2009-01-20 12:03:54 ----A---- C:\WINDOWS\system32\msvcr70.dll
2009-01-20 12:03:54 ----A---- C:\WINDOWS\system32\msvcp90.dll
2009-01-20 12:03:54 ----A---- C:\WINDOWS\system32\msvcp80.dll
2009-01-20 12:03:54 ----A---- C:\WINDOWS\system32\msvcp70.dll
2009-01-20 12:03:54 ----A---- C:\WINDOWS\system32\msvcm90.dll
2009-01-20 12:03:54 ----A---- C:\WINDOWS\system32\dxgi.dll
2009-01-20 12:03:54 ----A---- C:\WINDOWS\system32\dwmapi.dll
2009-01-20 12:03:54 ----A---- C:\WINDOWS\system32\d3d10core.dll
2009-01-20 12:03:54 ----A---- C:\WINDOWS\system32\d3d10.dll
2009-01-20 12:03:53 ----A---- C:\WINDOWS\system32\Vista.Emulation.dll
2009-01-20 12:03:53 ----A---- C:\WINDOWS\system32\msvcm80.dll
2009-01-20 12:03:53 ----A---- C:\WINDOWS\system32\M2000Twn.dll
2009-01-20 12:03:53 ----A---- C:\WINDOWS\system32\d3dx9_40.dll
2009-01-20 12:03:53 ----A---- C:\WINDOWS\system32\d3dx9_39.dll
2009-01-20 12:03:52 ----A---- C:\WINDOWS\system32\d3dx9_38.dll
2009-01-20 12:03:52 ----A---- C:\WINDOWS\system32\d3dx9_37.dll
2009-01-20 12:03:52 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2009-01-20 12:03:52 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2009-01-20 12:03:52 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
2009-01-20 12:03:52 ----A---- C:\WINDOWS\system32\D3DX10d_39.dll
2009-01-20 12:03:52 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
2009-01-20 12:03:52 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2009-01-20 12:03:52 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2009-01-20 12:03:52 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2009-01-20 12:03:52 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2009-01-20 12:03:52 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2009-01-20 12:03:52 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2009-01-20 12:03:52 ----A---- C:\WINDOWS\system32\d3dx10.dll
2009-01-20 12:03:52 ----A---- C:\WINDOWS\system32\D3D10SDKLayers.DLL
2009-01-20 12:03:52 ----A---- C:\WINDOWS\system32\d2d1.dll
2009-01-20 12:03:52 ----A---- C:\WINDOWS\system32\CompressATI2.dll
2009-01-20 12:03:52 ----A---- C:\WINDOWS\system32\avrt.dll
2009-01-20 12:03:52 ----A---- C:\Program Files\Common Files\unins000.exe
2009-01-20 05:40:49 ----D---- C:\Program Files\RegCure
2009-01-17 22:47:41 ----SHD---- C:\RECYCLER
2009-01-17 22:46:19 ----A---- C:\ComboFix.txt
2009-01-17 22:44:34 ----D---- C:\ComboFix
2009-01-17 22:42:54 ----D---- C:\WINDOWS\Minidump
2009-01-17 22:41:58 ----A---- C:\Documents and Settings\All Users\Application Data\svhost.exe
2009-01-17 22:41:55 ----A---- C:\ufwh.exe
2009-01-14 22:09:09 ----D---- C:\WINDOWS\system32\AGEIA
2009-01-14 22:09:09 ----D---- C:\Program Files\AGEIA Technologies
2009-01-14 22:08:47 ----A---- C:\WINDOWS\system32\nvudisp.exe
2009-01-14 22:08:31 ----A---- C:\WINDOWS\system32\NVUNINST.EXE
2009-01-14 22:08:01 ----D---- C:\NVIDIA
2009-01-14 22:05:44 ----A---- C:\WINDOWS\ntbtlog.txt
2009-01-14 03:23:34 ----D---- C:\Program Files\Steam
2009-01-14 03:01:42 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-01-14 03:01:35 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2009-01-11 21:05:39 ----D---- C:\Program Files\Driver Sweeper
2009-01-10 19:00:44 ----D---- C:\Program Files\Razer
2009-01-04 03:32:43 ----D---- C:\Program Files\Combined Community Codec Pack
2009-01-03 13:16:40 ----D---- C:\Documents and Settings\Rochelle\Application Data\IGN_DLM
2009-01-03 13:16:25 ----D---- C:\Program Files\Download Manager
2009-01-02 20:13:11 ----D---- C:\CrashReport
2009-01-02 18:16:58 ----D---- C:\Program Files\Runes of Magic
2009-01-01 21:16:09 ----A---- C:\WINDOWS\system32\kbdkor.dll
2009-01-01 21:16:09 ----A---- C:\WINDOWS\system32\kbdjpn.dll
2009-01-01 21:16:09 ----A---- C:\WINDOWS\system32\kbd106.dll
2009-01-01 21:16:09 ----A---- C:\WINDOWS\system32\kbd103.dll
2009-01-01 21:16:09 ----A---- C:\WINDOWS\system32\kbd101c.dll
2009-01-01 21:16:09 ----A---- C:\WINDOWS\system32\kbd101b.dll
2009-01-01 20:57:03 ----D---- C:\Documents and Settings\All Users\Application Data\Avg8
2009-01-01 11:16:55 ----D---- C:\Program Files\AIM6
2009-01-01 00:36:28 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2009-01-01 00:36:02 ----D---- C:\WINDOWS\ie7updates
2009-01-01 00:35:53 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2008-12-31 13:28:29 ----D---- C:\WINDOWS\WBEM
2008-12-31 13:27:09 ----HDC---- C:\WINDOWS\ie7
2008-12-31 13:27:02 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
2008-12-31 13:26:53 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
2008-12-31 13:23:12 ----A---- C:\WINDOWS\system32\MRT.exe
2008-12-31 13:23:04 ----HDC---- C:\WINDOWS\$NtUninstallKB960714$
2008-12-31 13:22:47 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
2008-12-31 13:22:38 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
2008-12-31 13:22:31 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2008-12-31 13:22:24 ----HDC---- C:\WINDOWS\$NtUninstallKB936782_WMP11$
2008-12-31 13:17:10 ----D---- C:\WINDOWS\Prefetch
2008-12-31 12:59:20 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2008-12-31 12:59:14 ----HDC---- C:\WINDOWS\$NtUninstallKB958215$
2008-12-31 12:59:09 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2008-12-31 12:59:05 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2008-12-31 12:58:59 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2008-12-31 12:58:53 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2008-12-31 12:58:49 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2008-12-31 12:58:42 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2008-12-31 12:58:37 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2008-12-31 12:58:32 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2008-12-31 12:58:27 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2008-12-31 12:58:22 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2008-12-31 12:58:18 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2008-12-31 12:58:14 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2008-12-31 12:58:09 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2008-12-31 12:58:05 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2008-12-31 12:58:01 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2008-12-31 12:57:57 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2008-12-31 12:57:53 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2008-12-31 12:54:36 ----D---- C:\WINDOWS\system32\scripting
2008-12-31 12:54:35 ----D---- C:\WINDOWS\system32\en
2008-12-31 12:54:35 ----D---- C:\WINDOWS\l2schemas
2008-12-31 12:49:43 ----D---- C:\WINDOWS\network diagnostic
2008-12-31 12:30:31 ----D---- C:\fixwareout
2008-12-31 02:02:28 ----D---- C:\Documents and Settings\Rochelle\Application Data\dyyno-vlc
2008-12-31 01:55:36 ----D---- C:\Program Files\Dyyno
2008-12-30 17:01:28 ----A---- C:\WINDOWS\wininit.ini
2008-12-30 16:57:25 ----D---- C:\Documents and Settings\Rochelle\Application Data\WeGame
2008-12-30 10:47:02 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2008-12-30 10:46:13 ----D---- C:\Program Files\Topaz Labs
2008-12-29 19:55:49 ----D---- C:\Program Files\Spybot - Search & Destroy
2008-12-29 19:55:49 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-12-29 19:47:23 ----HDC---- C:\WINDOWS\$NtUninstallKB926239$
2008-12-29 19:47:15 ----N---- C:\WINDOWS\system32\spmsg.dll
2008-12-29 19:47:13 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
2008-12-29 19:47:04 ----D---- C:\Program Files\Windows Media Connect 2
2008-12-29 19:46:56 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
2008-12-29 19:46:46 ----D---- C:\225909650bf22b9f067703
2008-12-29 19:46:28 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2008-12-29 19:46:13 ----D---- C:\55e1ea91e4cd0fc6a26ec91c864b
2008-12-29 19:46:06 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2008-12-29 19:45:49 ----D---- C:\f05d1e8025a9b83570
2008-12-25 02:08:51 ----D---- C:\Program Files\7-Zip
2008-12-24 15:09:17 ----D---- C:\Program Files\AVG
2008-12-24 12:09:53 ----D---- C:\Documents and Settings\All Users\Application Data\PC Drivers Headquarters
2008-12-24 12:09:21 ----D---- C:\Program Files\PC Drivers HeadQuarters
2008-12-24 04:23:08 ----D---- C:\Program Files\WinPcap
2008-12-23 14:28:01 ----D---- C:\Documents and Settings\Rochelle\Application Data\DivX
2008-12-23 11:37:13 ----D---- C:\Program Files\Photodex Presenter
2008-12-23 11:37:13 ----D---- C:\Documents and Settings\Rochelle\Application Data\Netscape
2008-12-23 11:36:53 ----D---- C:\Documents and Settings\Rochelle\Application Data\Photodex
2008-12-23 09:50:34 ----D---- C:\Program Files\MagicISO
2008-12-23 08:11:36 ----A---- C:\Boot.bak
2008-12-23 08:11:26 ----RASHD---- C:\cmdcons
2008-12-23 08:10:51 ----A---- C:\WINDOWS\zip.exe
2008-12-23 08:10:51 ----A---- C:\WINDOWS\VFIND.exe
2008-12-23 08:10:51 ----A---- C:\WINDOWS\SWXCACLS.exe
2008-12-23 08:10:51 ----A---- C:\WINDOWS\SWSC.exe
2008-12-23 08:10:51 ----A---- C:\WINDOWS\SWREG.exe
2008-12-23 08:10:51 ----A---- C:\WINDOWS\sed.exe
2008-12-23 08:10:51 ----A---- C:\WINDOWS\NIRCMD.exe
2008-12-23 08:10:51 ----A---- C:\WINDOWS\grep.exe
2008-12-23 08:10:51 ----A---- C:\WINDOWS\fdsv.exe
2008-12-23 08:10:49 ----D---- C:\WINDOWS\ERDNT
2008-12-23 08:10:49 ----D---- C:\Qoobox
2008-12-23 07:13:10 ----D---- C:\Documents and Settings\Rochelle\Application Data\Apple Computer
2008-12-23 07:09:09 ----D---- C:\Program Files\Common Files\Apple
2008-12-23 07:09:08 ----D---- C:\Program Files\QuickTime
2008-12-23 07:09:07 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-12-23 07:08:56 ----D---- C:\Program Files\Apple Software Update
2008-12-23 07:08:56 ----D---- C:\Documents and Settings\All Users\Application Data\Apple
2008-12-21 13:34:26 ----N---- C:\WINDOWS\system32\pxinsi64.exe
2008-12-21 13:34:26 ----N---- C:\WINDOWS\system32\pxcpyi64.exe
2008-12-21 13:34:17 ----D---- C:\Program Files\DivX
2008-12-21 13:06:00 ----D---- C:\Program Files\VDOWNLOADER

======List of files/folders modified in the last 1 months======

2009-01-20 12:27:54 ----RD---- C:\Program Files
2009-01-20 12:23:00 ----D---- C:\Documents and Settings\Rochelle\Application Data\Skype
2009-01-20 12:14:41 ----D---- C:\Program Files\Mozilla Firefox
2009-01-20 12:14:15 ----D---- C:\Documents and Settings\Rochelle\Application Data\skypePM
2009-01-20 12:14:12 ----SHD---- C:\WINDOWS\Installer
2009-01-20 12:05:44 ----D---- C:\WINDOWS\Temp
2009-01-20 12:05:19 ----D---- C:\WINDOWS\system32
2009-01-20 12:04:16 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-01-20 12:03:52 ----D---- C:\Program Files\Common Files
2009-01-20 11:59:04 ----D---- C:\Program Files\KeyToPlay
2009-01-20 08:48:17 ----D---- C:\WINDOWS\system32\CatRoot2
2009-01-20 07:00:56 ----D---- C:\Program Files\World of Warcraft
2009-01-20 05:42:15 ----D---- C:\Documents and Settings\Rochelle\Application Data\Azureus
2009-01-20 05:42:02 ----SD---- C:\WINDOWS\Tasks
2009-01-18 00:02:55 ----RSD---- C:\WINDOWS\Fonts
2009-01-17 23:33:09 ----D---- C:\WINDOWS\system32\drivers
2009-01-17 23:03:11 ----D---- C:\WINDOWS
2009-01-17 22:45:24 ----A---- C:\WINDOWS\system.ini
2009-01-17 22:43:48 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-01-17 22:42:01 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-01-15 05:40:15 ----D---- C:\Program Files\Warcraft III
2009-01-14 22:10:35 ----D---- C:\WINDOWS\nview
2009-01-14 22:08:47 ----D---- C:\WINDOWS\Help
2009-01-14 03:01:44 ----HD---- C:\WINDOWS\inf
2009-01-14 03:01:42 ----HD---- C:\WINDOWS\$hf_mig$
2009-01-14 03:01:41 ----A---- C:\WINDOWS\imsins.BAK
2009-01-13 06:01:52 ----D---- C:\WINDOWS\system32\Adobe
2009-01-13 05:58:20 ----D---- C:\Documents and Settings\Rochelle\Application Data\Adobe
2009-01-10 19:00:59 ----D---- C:\WINDOWS\system32\ReinstallBackups
2009-01-10 19:00:43 ----HD---- C:\Program Files\InstallShield Installation Information
2009-01-10 19:00:22 ----D---- C:\Program Files\Common Files\InstallShield
2009-01-04 13:14:33 ----RASH---- C:\boot.ini
2009-01-04 13:14:33 ----A---- C:\WINDOWS\win.ini
2009-01-01 20:56:59 ----SD---- C:\Documents and Settings\Rochelle\Application Data\Microsoft
2009-01-01 13:13:48 ----D---- C:\WINDOWS\WinSxS
2009-01-01 13:12:11 ----D---- C:\Program Files\Adobe
2009-01-01 11:17:30 ----D---- C:\Documents and Settings\All Users\Application Data\Viewpoint
2009-01-01 11:17:24 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-01-01 11:17:10 ----D---- C:\Program Files\Common Files\AOL
2009-01-01 00:36:34 ----D---- C:\WINDOWS\system32\CatRoot
2009-01-01 00:36:21 ----D---- C:\WINDOWS\system32\en-US
2009-01-01 00:36:21 ----D---- C:\Program Files\Internet Explorer
2008-12-31 19:00:49 ----D---- C:\WINDOWS\Microsoft.NET
2008-12-31 13:28:31 ----D---- C:\WINDOWS\system32\config
2008-12-31 13:28:24 ----D---- C:\WINDOWS\Media
2008-12-31 13:25:08 ----D---- C:\WINDOWS\system32\XPSViewer
2008-12-31 13:24:42 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-12-31 13:24:38 ----RSD---- C:\WINDOWS\assembly
2008-12-31 13:23:12 ----D---- C:\WINDOWS\Debug
2008-12-31 13:17:39 ----A---- C:\WINDOWS\OEWABLog.txt
2008-12-31 13:17:14 ----A---- C:\WINDOWS\setuplog.txt
2008-12-31 13:16:47 ----D---- C:\WINDOWS\system32\Setup
2008-12-31 13:16:47 ----D---- C:\WINDOWS\AppPatch
2008-12-31 13:16:46 ----D---- C:\WINDOWS\system32\wbem
2008-12-31 12:57:58 ----D---- C:\Program Files\Messenger
2008-12-31 12:57:47 ----D---- C:\WINDOWS\security
2008-12-31 12:54:56 ----D---- C:\WINDOWS\ServicePackFiles
2008-12-31 12:54:47 ----D---- C:\WINDOWS\system32\inetsrv
2008-12-31 12:54:46 ----D---- C:\WINDOWS\ime
2008-12-31 12:54:36 ----D---- C:\WINDOWS\system32\usmt
2008-12-31 12:54:34 ----D---- C:\WINDOWS\system32\bits
2008-12-31 12:54:34 ----D---- C:\WINDOWS\peernet
2008-12-31 12:54:34 ----D---- C:\Program Files\Movie Maker
2008-12-31 12:51:39 ----D---- C:\WINDOWS\system32\Restore
2008-12-31 12:51:39 ----D---- C:\WINDOWS\system32\npp
2008-12-31 12:51:37 ----D---- C:\WINDOWS\msagent
2008-12-31 12:51:36 ----D---- C:\WINDOWS\srchasst
2008-12-31 12:51:36 ----D---- C:\Program Files\NetMeeting
2008-12-31 12:51:34 ----D---- C:\WINDOWS\system32\Com
2008-12-31 12:51:32 ----D---- C:\Program Files\Windows Media Player
2008-12-31 12:51:31 ----D---- C:\Program Files\Windows NT
2008-12-31 12:51:31 ----D---- C:\Program Files\Outlook Express
2008-12-31 12:51:29 ----D---- C:\Program Files\Common Files\System
2008-12-31 12:51:13 ----D---- C:\WINDOWS\system32\oobe
2008-12-31 12:51:12 ----D---- C:\WINDOWS\system
2008-12-31 12:48:55 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2008-12-31 12:47:02 ----D---- C:\WINDOWS\EHome
2008-12-29 19:46:10 ----D---- C:\WINDOWS\system32\LogFiles
2008-12-24 13:28:27 ----D---- C:\Documents and Settings\All Users\Application Data\FLEXnet
2008-12-23 11:37:13 ----D---- C:\Documents and Settings\Rochelle\Application Data\Mozilla
2008-12-23 11:04:04 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2008-12-23 10:18:19 ----D---- C:\Program Files\Common Files\Adobe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2008-10-30 75072]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [2008-04-13 14592]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352]
R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys []
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-09-12 4381184]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-30 12160]
R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2008-09-17 6132576]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\System32\DRIVERS\NVENETFD.sys [2006-08-07 52736]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\System32\DRIVERS\nvnetbus.sys [2006-08-07 18944]
R3 NVR0Dev;NVR0Dev; \??\C:\WINDOWS\nvoclock.sys []
R3 Razerlow;Razer Copperhead Driver; C:\WINDOWS\System32\Drivers\Razerlow.sys [2005-08-12 19020]
R3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 VX3000;VX-3000; C:\WINDOWS\system32\DRIVERS\VX3000.sys [2006-10-13 1966384]
S1 7a0a3617;7a0a3617; C:\WINDOWS\System32\drivers\7a0a3617.sys []
S3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-13 60800]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-13 61824]
S3 nm;Network Monitor Driver; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320]
S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2007-11-06 34064]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirScheduler;Avira AntiVir Personal - Free Antivirus Scheduler; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-15 68865]
R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-15 151297]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-12-12 152984]
R2 MSCamSvc;MSCamSvc; C:\Program Files\Microsoft LifeCam\MSCamS32.exe [2006-10-13 207664]
R2 nTuneService;nTune Service; C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe [2006-09-13 118784]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-09-17 163908]
R2 Viewpoint Manager Service;Viewpoint Manager Service; C:\Program Files\Viewpoint\Common\ViewpointService.exe [2007-01-04 24652]
R3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-12-13 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 getPlus® Helper;getPlus® Helper; C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [2008-12-01 33752]
S3 getPlus® Helper;getPlus® Helper; C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [2008-12-01 33752]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2007-11-06 92792]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------







And here is the antivir log:

20.01.2009 12:38:57 - Installation Directory: C:\Program Files\Avira\AntiVir PersonalEdition Classic\
20.01.2009 12:38:57 - Backup Directory: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\
20.01.2009 12:38:57 - Temp Directory: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_49760c30\
20.01.2009 12:38:57 - Using System's global Proxy settings
20.01.2009 12:38:57 - Launching GUI... display mode: 0
20.01.2009 12:38:57 - selftest successful: C:\Program Files\Avira\AntiVir PersonalEdition Classic\updlib.dll
20.01.2009 12:38:57 - selftest successful: C:\Program Files\Avira\AntiVir PersonalEdition Classic\updlibrc.dll
20.01.2009 12:38:57 - Installation Directory: C:\Program Files\Avira\AntiVir PersonalEdition Classic\
20.01.2009 12:38:57 - Backup Directory: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\
20.01.2009 12:38:57 - Temp Directory: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_49760c30\
20.01.2009 12:38:57 - Using System's global Proxy settings
20.01.2009 12:38:57 - Launching GUI... display mode: 0
20.01.2009 12:38:57 - selftest successful: C:\Program Files\Avira\AntiVir PersonalEdition Classic\updlib.dll
20.01.2009 12:38:57 - selftest successful: C:\Program Files\Avira\AntiVir PersonalEdition Classic\updlibrc.dll
20.01.2009 12:38:57 - Avira AntiVir Personal - Free Antivirus
20.01.2009 12:39:00 - Connection failed while downloading via the system proxy the file http://dl9.freeav.net/upd/idx/master.idx.
20.01.2009 12:39:00 - Switching to next update server
20.01.2009 12:39:02 - Connection failed while downloading via the system proxy the file http://dl4.avgate.net/upd/idx/master.idx.
20.01.2009 12:39:02 - Switching to next update server
20.01.2009 12:39:05 - Connection failed while downloading via the system proxy the file http://dl5.avgate.net/upd/idx/master.idx.
20.01.2009 12:39:05 - Switching to next update server
20.01.2009 12:39:07 - Connection failed while downloading via the system proxy the file http://dl6.avgate.net/upd/idx/master.idx.
20.01.2009 12:39:07 - Switching to next update server
20.01.2009 12:39:10 - Connection failed while downloading via the system proxy the file http://dl1.avgate.net/upd/idx/master.idx.
20.01.2009 12:39:10 - Switching to next update server
20.01.2009 12:39:12 - Connection failed while downloading via the system proxy the file http://dl3.avgate.net/upd/idx/master.idx.
20.01.2009 12:39:12 - Switching to next update server
20.01.2009 12:39:15 - Connection failed while downloading via the system proxy the file http://dl10.freeav.net/upd/idx/master.idx.
20.01.2009 12:39:15 - Switching to next update server
20.01.2009 12:39:17 - Connection failed while downloading via the system proxy the file http://dl2.avgate.net/upd/idx/master.idx.
20.01.2009 12:39:17 - Switching to next update server
20.01.2009 12:39:20 - Connection failed while downloading via the system proxy the file http://dl8.freeav.net/upd/idx/master.idx.
20.01.2009 12:39:20 - Switching to next update server
20.01.2009 12:39:27 - Registry entry created successfully: Software\Avira\AntiVir PersonalEdition Classic |UpdateInProgress
20.01.2009 12:39:27 - Critical error: Connection failed while downloading via the system proxy the file http://dl7.avgate.net/upd/idx/master.idx.


I scanned w/ spybot search and Destroy, and also used RegCure.

Also, I cannot use system restore for some reason either.
I also downloaded the Gooredfix.exe program, But I dont want to use it yet.


I installed and ran ATF cleaner, and I also have Fixwareout and Combofix.

I would greatly appreciate some help! thanks. If you need more pictures let me know.
Posted Image

BC AdBot (Login to Remove)

 

#2 KoanYorel

KoanYorel

    Bleepin' Conundrum


  • Members
  • 19,461 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:65 miles due East of the "Logic Free Zone", in Md, USA
  • Local time:10:54 AM

Posted 31 January 2009 - 12:29 AM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a description of your problem, along with any steps you may have performed so far.

Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.

If you have already posted a DDS log, please do so again, as your situation may have changed.
Use the 'Add Reply' and add the new log to this thread.


Thanks and again sorry for the delay.

We need to see some information about what is happening in your machine. Please perform the following scan:
  • Download DDS by sUBs from one of the following links. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explaination about the tool. No input is needed, the scan is running.
  • Notepad will open with the results, click no to the Optional_Scan
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE

R,
K
The only easy day was yesterday.

...some do, some don't; some will, some won't (WR)

#3 KoanYorel

KoanYorel

    Bleepin' Conundrum


  • Members
  • 19,461 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:65 miles due East of the "Logic Free Zone", in Md, USA
  • Local time:10:54 AM

Posted 05 February 2009 - 11:26 AM

Due to the lack of feedback This Topic is closed.

Should you need it reopened, please contact a Forum Moderator. Include the address of this thread in your request.

If you have a new issue, please start a New Topic.

This applies only to the original poster. Everyone else please begin a New Topic.

R,
K
The only easy day was yesterday.

...some do, some don't; some will, some won't (WR)
Back to Virus, Trojan, Spyware, and Malware Removal Help


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users


  1. BleepingComputer.com
  2. Security
  3. Virus, Trojan, Spyware, and Malware Removal Help
  4. Privacy Policy
  5. Rules ·