Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Typical Problems - In Need of Your Help


  • This topic is locked This topic is locked
3 replies to this topic

#1 Mazurite

Mazurite

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:04:18 AM

Posted 16 February 2009 - 02:38 AM

Hello, I need someone's assistance in looking at these logs and/or explaining to me what my problem is and what to do. I'll start with my problem; Internet Explorer seems to have a hard time opening up a handful of web pages including www.avg.com, www.microsoft.com, www.pctools.com and some others. I get sent to a 'cannot be displayed' page. This is really a pain in my ass because I literally just bought a brand new 320GB HDD 2 days ago and installed Windows XP Home Edition SP3 on it creating 2 seperate partitions. Since microsoft sites don't work I can't manage to activate my windows cd-key and since the AVG sites don't work, I'm not able to download the updates for FREE AVG Anti-Virus 8.0. So as you can see this would probably piss you off too and any help would be appreciated.

After scanning with AVG Anti-Virus, Spyware Doctor, Spybot Search & Destroy, RegCure, CCleaner and ATF Cleaner - I then scanned with Combofix and Hijackthis and created 2 logs.
Here they are:

ComboFix 09-02-15.01 - Mazurite 2009-02-15 23:17:17.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2047.1486 [GMT -8:00]
Running from: c:\documents and settings\Mazurite\My Documents\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning enabled* (Outdated)
.

((((((((((((((((((((((((( Files Created from 2009-01-16 to 2009-02-16 )))))))))))))))))))))))))))))))
.

2009-02-15 23:14 . 2009-02-15 23:14 <DIR> d--h----- C:\$AVG8.VAULT$
2009-02-15 22:42 . 2009-02-15 22:43 <DIR> d-------- c:\program files\Spybot - Search & Destroy
2009-02-15 22:42 . 2009-02-15 23:09 <DIR> d-------- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-02-15 22:26 . 2009-02-15 22:26 <DIR> d-------- c:\windows\system32\drivers\Avg
2009-02-15 22:26 . 2009-02-15 22:26 <DIR> d-------- c:\program files\AVG
2009-02-15 22:26 . 2009-02-15 22:35 <DIR> d-------- c:\documents and settings\Mazurite\Application Data\AVGTOOLBAR
2009-02-15 22:26 . 2009-02-15 22:26 <DIR> d-------- c:\documents and settings\All Users\Application Data\avg8
2009-02-15 22:26 . 2009-02-15 22:26 325,128 --a------ c:\windows\system32\drivers\avgldx86.sys
2009-02-15 22:26 . 2009-02-15 22:26 107,272 --a------ c:\windows\system32\drivers\avgtdix.sys
2009-02-15 22:26 . 2009-02-15 22:26 10,520 --a------ c:\windows\system32\avgrsstx.dll
2009-02-15 22:19 . 2009-02-15 22:20 <DIR> d-------- c:\program files\Spyware Doctor
2009-02-15 22:19 . 2009-02-15 22:19 <DIR> d-------- c:\documents and settings\Mazurite\Application Data\PC Tools
2009-02-15 22:19 . 2009-02-15 23:14 <DIR> d-a------ c:\documents and settings\All Users\Application Data\TEMP
2009-02-15 22:19 . 2007-12-10 13:53 81,288 --a------ c:\windows\system32\drivers\iksyssec.sys
2009-02-15 22:19 . 2007-12-10 13:53 66,952 --a------ c:\windows\system32\drivers\iksysflt.sys
2009-02-15 22:19 . 2008-02-01 11:55 42,376 --a------ c:\windows\system32\drivers\ikfilesec.sys
2009-02-15 22:19 . 2007-12-10 13:53 29,576 --a------ c:\windows\system32\drivers\kcom.sys
2009-02-15 22:18 . 2009-02-15 22:23 <DIR> d-------- c:\program files\RegCure
2009-02-15 22:06 . 2005-08-02 07:00 232,192 -ra------ c:\windows\system32\drivers\rt73.sys
2009-02-15 02:06 . 2009-02-15 02:09 <DIR> d-------- c:\program files\Microsoft LifeCam
2009-02-15 02:05 . 2009-02-15 02:05 <DIR> d-------- c:\windows\system32\drivers\umdf
2009-02-15 02:05 . 2006-08-11 20:14 22,752 --a------ c:\windows\system32\spupdsvc.exe
2009-02-15 02:04 . 2009-02-15 02:04 <DIR> d-------- c:\documents and settings\All Users\Application Data\Blizzard
2009-02-15 02:02 . 2006-12-05 15:39 1,963,680 -ra------ c:\windows\system32\drivers\VX1000.sys
2009-02-15 02:01 . 2008-04-14 05:42 43,008 --a------ c:\windows\system32\ksxbar.ax
2009-02-15 02:01 . 2008-04-14 05:42 43,008 --a--c--- c:\windows\system32\dllcache\ksxbar.ax
2009-02-15 01:52 . 2009-02-15 01:52 410,984 --a------ c:\windows\system32\deploytk.dll
2009-02-15 01:50 . 2009-02-15 01:50 <DIR> d-------- c:\program files\Subliminal Blaster 2.0
2009-02-15 01:48 . 2009-02-15 01:48 <DIR> d-------- C:\Logs
2009-02-15 01:46 . 2009-02-15 01:46 940,794 --a------ c:\windows\system32\LoopyMusic.wav
2009-02-15 01:46 . 2009-02-15 01:46 146,650 --a------ c:\windows\system32\BuzzingBee.wav
2009-02-15 01:45 . 2009-02-15 01:45 <DIR> d-------- c:\windows\system32\Lang
2009-02-15 01:38 . 2009-02-15 01:39 <DIR> d-------- c:\windows\system32\RTCOM
2009-02-15 01:38 . 2009-02-15 01:38 <DIR> d-------- c:\program files\Realtek
2009-02-15 01:30 . 2009-02-15 01:38 <DIR> d--h----- c:\program files\InstallShield Installation Information
2009-02-15 01:30 . 2009-02-15 01:30 <DIR> d-------- c:\program files\ATI Technologies
2009-02-15 01:08 . 2009-02-15 01:08 <DIR> d-------- c:\documents and settings\Mazurite\Contacts
2009-02-15 01:07 . 2009-02-15 01:07 <DIR> d-------- c:\program files\MSN Messenger
2009-02-15 00:05 . 2009-02-15 00:06 <DIR> d-------- c:\documents and settings\Mazurite\.gimp-2.6
2009-02-15 00:05 . 2009-02-15 00:05 <DIR> d-------- c:\documents and settings\Mazurite\.gegl-0.0
2009-02-15 00:04 . 2009-02-15 00:04 <DIR> d-------- c:\program files\GIMP-2.0
2009-02-15 00:01 . 2009-02-15 00:01 <DIR> d-------- c:\documents and settings\Mazurite\Application Data\skypePM
2009-02-15 00:01 . 2009-02-15 01:35 <DIR> d-------- c:\documents and settings\Mazurite\Application Data\Skype
2009-02-15 00:01 . 2009-02-15 00:01 56 --ah----- c:\windows\system32\ezsidmv.dat
2009-02-15 00:00 . 2009-02-15 00:00 <DIR> dr------- c:\program files\Skype
2009-02-15 00:00 . 2009-02-15 00:00 <DIR> d-------- c:\program files\Common Files\Skype
2009-02-15 00:00 . 2009-02-15 00:00 <DIR> d-------- c:\documents and settings\All Users\Application Data\Skype
2009-02-14 23:57 . 2009-02-14 23:57 <DIR> d-------- c:\program files\DVD Shrink
2009-02-14 23:57 . 2009-02-14 23:57 <DIR> d-------- c:\documents and settings\All Users\Application Data\DVD Shrink
2009-02-14 23:53 . 2009-02-14 23:58 <DIR> d-------- c:\program files\Yahoo!
2009-02-14 23:53 . 2009-02-14 23:53 <DIR> d-------- c:\program files\CCleaner
2009-02-14 23:53 . 2009-02-14 23:53 <DIR> d-------- c:\documents and settings\Mazurite\Application Data\Yahoo!
2009-02-14 23:49 . 2009-02-14 23:51 <DIR> d-------- c:\program files\PokerStars
2009-02-14 23:49 . 2009-02-15 01:52 73,728 --a------ c:\windows\system32\javacpl.cpl
2009-02-14 23:48 . 2009-02-15 01:51 <DIR> d-------- c:\program files\Java
2009-02-14 23:48 . 2009-02-14 23:48 <DIR> d-------- c:\program files\Common Files\Java
2009-02-14 23:46 . 2009-02-14 23:49 <DIR> d-------- c:\program files\FrostWire
2009-02-14 23:43 . 2009-02-14 23:43 <DIR> d-------- c:\program files\LSI SoftModem
2009-02-14 23:43 . 2008-08-26 14:32 13,824 --a------ c:\windows\system32\agrscoin.dll
2009-02-14 23:42 . 2009-02-14 23:42 <DIR> d-------- c:\program files\Common Files\Blizzard Entertainment
2009-02-14 23:36 . 2009-02-14 23:36 <DIR> d-------- c:\windows\Options
2009-02-14 23:36 . 2009-02-14 23:36 <DIR> d-------- c:\program files\ltmoh
2009-02-14 23:36 . 2008-10-29 20:43 1,204,128 --a------ c:\windows\system32\drivers\AGRSM.sys
2009-02-14 23:36 . 2005-06-29 21:16 88,203 --------- c:\windows\AGRSMMSG.exe
2009-02-14 23:36 . 2005-05-01 20:10 68,096 --------- c:\windows\system32\agrsmdel.exe
2009-02-14 23:36 . 2008-09-26 15:13 55,816 --a------ c:\windows\agrsmdel.exe
2009-02-14 23:29 . 2009-02-14 23:29 <DIR> d-------- c:\windows\system32\AGEIA
2009-02-14 23:29 . 2009-02-14 23:29 <DIR> d-------- c:\program files\AGEIA Technologies
2009-02-14 23:28 . 2009-02-14 23:34 <DIR> d-------- c:\windows\NV36163576.TMP
2009-02-14 23:28 . 2009-02-14 23:28 <DIR> d-------- c:\program files\Common Files\Wise Installation Wizard
2009-02-14 23:21 . 2009-02-14 23:21 <DIR> d-------- c:\program files\SystemRequirementsLab
2009-02-14 23:03 . 2009-02-15 02:09 <DIR> d----c--- c:\windows\system32\DRVSTORE
2009-02-14 23:03 . 2008-12-09 17:06 282,624 --a------ c:\windows\system32\ykx32mpcoinst.dll
2009-02-14 22:56 . 2009-02-14 22:56 <DIR> d-------- c:\program files\Innovative Solutions
2009-02-14 22:30 . 2009-02-14 22:30 <DIR> d---s---- c:\documents and settings\Mazurite\UserData
2009-02-14 22:27 . 2008-12-23 16:03 50,688 --a------ C:\ATF-Cleaner.exe
2009-02-14 22:26 . 2008-12-09 17:06 296,448 --a------ c:\windows\system32\drivers\yk51x86.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-15 09:38 315,392 ----a-w c:\windows\HideWin.exe
2009-02-15 09:29 --------- d-----w c:\program files\Common Files\InstallShield
2009-02-15 05:53 --------- d-----w c:\program files\WordPerfect Office 11
2009-02-15 05:53 --------- d-----w c:\program files\Common Files\Corel
2009-02-15 05:53 --------- d-----w c:\program files\Common Files\Borland Shared
2009-02-15 05:49 --------- d-----w c:\program files\Windows Messaging
2009-02-15 05:45 --------- d-----w c:\program files\Mouse
2009-02-15 05:03 --------- d-----w c:\program files\microsoft frontpage
2009-01-07 19:28 453,152 ----a-w c:\windows\system32\nvuninst.exe
2008-12-10 17:45 70,936 ----a-w c:\windows\system32\PhysXLoader.dll
2008-12-04 17:28 24,344 ----a-w c:\windows\system32\PhysXDevice.dll
2008-11-26 16:55 288,024 ----a-w c:\windows\system32\PhysXCplUI.exe
2008-11-25 16:38 288,024 ----a-w c:\windows\system32\PhysXCompatCplUI.exe
2008-04-14 09:41 165,281 --sha-r c:\windows\system32\zxwdgfph.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="c:\program files\MSN Messenger\MsnMsgr.Exe" [2007-01-19 5674352]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-01-15 13680640]
"WheelMouse"="c:\program files\Mouse\Amoumain.exe" [2006-05-09 163840]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-01-15 86016]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-02-15 136600]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-02-15 1601304]
"ISTray"="c:\program files\Spyware Doctor\pctsTray.exe" [2008-02-01 1103240]
"nwiz"="nwiz.exe" [2009-01-15 c:\windows\system32\nwiz.exe]
"AGRSMMSG"="AGRSMMSG.exe" [2005-06-29 c:\windows\AGRSMMSG.exe]
"RTHDCPL"="RTHDCPL.EXE" [2007-06-13 c:\windows\RTHDCPL.exe]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-02-15 22:26 10520 c:\windows\system32\avgrsstx.dll

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Find Fast.lnk]
backup=c:\windows\pss\Microsoft Find Fast.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office Shortcut Bar.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Microsoft Office Shortcut Bar.lnk
backup=c:\windows\pss\Microsoft Office Shortcut Bar.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Office Startup.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Office Startup.lnk
backup=c:\windows\pss\Office Startup.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DriverMax]
--a------ 2009-02-10 13:42 5391192 c:\program files\Innovative Solutions\DriverMax\devices.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISTray]
--a------ 2008-02-01 11:55 1103240 c:\program files\Spyware Doctor\pctsTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LifeCam]
--a------ 2007-01-12 17:48 275800 c:\program files\Microsoft LifeCam\LifeExp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LtMoh]
--------- 2005-05-17 23:57 188416 c:\program files\ltmoh\ltmoh.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VX1000]
-ra------ 2006-12-05 15:38 707360 c:\windows\vVX1000.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"c:\\Program Files\\Microsoft LifeCam\\LifeCam.exe"=
"c:\\Program Files\\Microsoft LifeCam\\LifeExp.exe"=
"d:\\World of Warcraft\\Launcher.exe"=
"d:\\Curse\\CurseClient.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"2746:TCP"= 2746:TCP:hhpbhnge

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-02-15 325128]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-02-15 107272]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2009-02-15 298264]
S2 hoojbr;Update Center;c:\windows\system32\svchost.exe -k netsvcs [2008-04-14 14336]
S3 Amps2prt;Compatible PS/2 Port Mouse Driver;c:\windows\system32\drivers\Amps2prt.sys [2006-05-09 13824]
S3 PciCon;PciCon;\??\e:\pcicon.sys --> e:\PciCon.sys [?]
S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [2009-02-15 747912]
S3 skckbh;skckbh;\??\c:\windows\system32\01.tmp --> c:\windows\system32\01.tmp [?]

--- Other Services/Drivers In Memory ---

*Deregistered* - mchInjDrv

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
hoojbr
.
Contents of the 'Scheduled Tasks' folder

2009-02-15 c:\windows\Tasks\Microsoft_Hardware_Launch_setup_exe.job
- E:\setup.exe []

2009-02-15 c:\windows\Tasks\Microsoft_Hardware_Launch_vVX1000_exe.job
- c:\windows\vVX1000.exe [2006-12-05 15:38]

2009-02-16 c:\windows\Tasks\RegCure Program Check.job
- c:\program files\RegCure\RegCure.exe [2008-11-27 10:55]

2009-02-16 c:\windows\Tasks\RegCure.job
- c:\program files\RegCure\RegCure.exe [2008-11-27 10:55]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.ca/
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-15 23:18:08
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\skckbh]
"ImagePath"="\??\c:\windows\system32\01.tmp"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\hoojbr]
"ServiceDll"="c:\windows\system32\zxwdgfph.dll"
.
Completion time: 2009-02-15 23:19:10
ComboFix-quarantined-files.txt 2009-02-16 07:19:08

Pre-Run: 153,306,259,456 bytes free
Post-Run: 153,505,218,560 bytes free

WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

208





Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:21:17 PM, on 2/15/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\LSI SoftModem\agrsmsvc.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wpabaln.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [WheelMouse] C:\Program Files\Mouse\Amoumain.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownlo.../sysreqlab3.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1234679420301
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Program Files\LSI SoftModem\agrsmsvc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe

--
End of file - 6187 bytes

BC AdBot (Login to Remove)

 


#2 Mazurite

Mazurite
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:04:18 AM

Posted 16 February 2009 - 02:18 PM

I'm sorry to bump this thread back up, but I thought I should mention that I did try and go into 'safe mode with networking' to attempt to open web pages. Every page opened up perfectly fine including Microsoft's and AVG's websites. So then I figured maybe it was a program that I have running on startup preventing me from opening up some web pages. I went to Start, Run, and typed in msconfig. I disabled all startup items and restarted the computer. Still can't open these web pages. What could be the problem?

#3 teacup61

teacup61

    Bleepin' Texan!


  • Malware Response Team
  • 17,075 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wills Point, Texas
  • Local time:06:18 AM

Posted 27 February 2009 - 06:35 PM

Hello Mazurite,

Sorry about the delay.:thumbup2: If you still need help, please post a new HijackThis log to make sure nothing has changed, and I'll be happy to look at it for you.

Thanks,
tea
Please make a donation so I can keep helping people just like you.
Every little bit helps! :)
You can even use your credit card! Thank you!

Posted Image


Error reading poptart in Drive A: Delete kids y/n?

#4 teacup61

teacup61

    Bleepin' Texan!


  • Malware Response Team
  • 17,075 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wills Point, Texas
  • Local time:06:18 AM

Posted 08 March 2009 - 04:52 PM

Due to the lack of feedback this Topic is closed.

If you need this topic reopened, please request this by sending the moderating team a PM with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic
Please make a donation so I can keep helping people just like you.
Every little bit helps! :)
You can even use your credit card! Thank you!

Posted Image


Error reading poptart in Drive A: Delete kids y/n?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users