patonm
-
Content Count
5 -
Joined
-
Last visited
Content Type
Profiles
Forums
Calendar
Posts posted by patonm
-
-
both logs for you.
Logfile of random's system information tool 1.04 (written by random/random)
Run by William Anne at 2008-10-30 17:47:02
Microsoft® Windows Vista™ Home Premium Service Pack 1
System drive C: has 130 GB (55%) free of 238 GB
Total RAM: 2047 MB (41% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:47:09 PM, on 10/30/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\IObit\Advanced WindowsCare V2\Awcl.exe
C:\Windows\SOUNDMAN.EXE
C:\Program Files (x86)\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files (x86)\AVG\AVG8\avgtray.exe
C:\Program Files (x86)\TrojanHunter 5.0\THGuard.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\William Anne\Desktop\RSIT.exe
C:\TEMP\William Anne.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.co.uk
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.co.uk
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.co.uk
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~2\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~2\AVG\AVG8\AVGTOO~1.DLL
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~2\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [THGuard] "C:\Program Files (x86)\TrojanHunter 5.0\THGuard.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files (x86)\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files (x86)\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files (x86)\Picasa2\PicasaMediaDetector.exe (User 'Default user')
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/...368/mcfscan.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files (x86)\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files (x86)\a-squared Free\a2service.exe
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files (x86)\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~2\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~2\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - (no file)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - (no file)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - (no file)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - (no file)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ProgramCheckerPro (sassvc) - Unknown owner - C:\Program Files (x86)\Zenturi\ProgramChecker\sassvc.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Software Licensing (slsvc) - Unknown owner - (no file)
O23 - Service: Print Spooler (Spooler) - Unknown owner - (no file)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - (no file)
O23 - Service: Volume Shadow Copy (VSS) - Unknown owner - (no file)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - (no file)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - (no file)
--
End of file - 5740 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Advanced WindowsCare Personal Startup.job
C:\Windows\tasks\Schedule Task Weekly.job
C:\Windows\tasks\User_Feed_Synchronization-{19D32E0D-5706-48FB-B37A-9FBC8E0AAC40}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files (x86)\AVG\AVG8\avgssie.dll [2008-08-29 455960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~2\SPYBOT~1\SDHelper.dll [2008-09-15 1562960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files (x86)\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}]
AVG Security Toolbar - C:\PROGRA~2\AVG\AVG8\AVGTOO~1.DLL [2008-08-18 2055960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar.dll [2008-09-03 193136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files (x86)\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll [2008-10-07 652784]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{A057A204-BACC-4D26-9990-79A187E2698E} - AVG Security Toolbar - C:\PROGRA~2\AVG\AVG8\AVGTOO~1.DLL [2008-08-18 2055960]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar.dll [2008-09-03 193136]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AVG8_TRAY"=C:\PROGRA~2\AVG\AVG8\avgtray.exe [2008-09-30 1234712]
"THGuard"=C:\Program Files (x86)\TrojanHunter 5.0\THGuard.exe [2008-10-24 1056928]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 138240]
"WindowsWelcomeCenter"=C:\Windows\system32\oobefldr.dll [2008-01-21 2153472]
"SUPERAntiSpyware"=C:\Program Files (x86)\SUPERAntiSpyware\SUPERAntiSpyware.exe [2008-09-03 1576176]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files (x86)\SUPERAntiSpyware\SASWINLO.dll [2008-07-23 352256]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files (x86)\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=
"NoActiveDesktopChanges"=
"ForceActiveDesktopOn"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{37692b85-74f1-11dd-959f-00138f818a86}]
shell\AutoRun\command - J:\setupSNK.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{37692b8f-74f1-11dd-959f-00138f818a86}]
shell\AutoRun\command - J:\setupSNK.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d4d729a8-8d68-11dd-b61b-00138f818a86}]
shell\AutoRun\command - J:\setupSNK.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ed555e29-6d70-11dd-be2f-806e6f6e6963}]
shell\AutoRun\command - E:\_SETIMG\EPSSWT.EXE /NOWIZ:"..\EPSETUP.EXE"
======List of files/folders created in the last 1 months======
2008-10-30 17:47:02 ----D---- C:\rsit
2008-10-30 08:55:33 ----D---- C:\Program Files (x86)\RegistryFix7
2008-10-29 22:45:59 ----A---- C:\Windows\ntbtlog.txt
2008-10-29 20:25:04 ----D---- C:\ProgramData\SUPERAntiSpyware.com
2008-10-29 20:24:44 ----D---- C:\Users\William Anne\AppData\Roaming\SUPERAntiSpyware.com
2008-10-29 20:24:44 ----D---- C:\Program Files (x86)\SUPERAntiSpyware
2008-10-28 22:21:51 ----A---- C:\Windows\system32\Faultrep.dll
2008-10-28 22:21:49 ----A---- C:\Windows\system32\win32spl.dll
2008-10-27 23:16:29 ----D---- C:\Users\William Anne\AppData\Roaming\TrojanHunter
2008-10-27 22:42:07 ----R---- C:\Windows\system32\streamhlp.dll
2008-10-27 22:42:07 ----D---- C:\Program Files (x86)\TrojanHunter 5.0
2008-10-27 19:01:58 ----D---- C:\Program Files (x86)\Free Window Registry Repair
2008-10-27 16:46:19 ----D---- C:\ProgramData\UDL
2008-10-27 16:46:01 ----RA---- C:\Windows\system32\Epcmlib.dll
2008-10-27 16:45:39 ----D---- C:\Program Files (x86)\EPSON Print CD
2008-10-27 16:21:56 ----A---- C:\Windows\EPSMTL32.TXT
2008-10-26 21:55:54 ----AD---- C:\ProgramData\TEMP
2008-10-26 21:55:50 ----D---- C:\Program Files (x86)\SpywareBlaster
2008-10-26 21:55:50 ----A---- C:\Windows\system32\MSSTDFMT.DLL
2008-10-26 19:43:50 ----D---- C:\ProgramData\PrevxCSI
2008-10-26 15:48:55 ----A---- C:\Windows\system32\E3TL.DLL
2008-10-26 15:48:44 ----D---- C:\ProgramData\Zenturi
2008-10-26 15:48:43 ----D---- C:\Program Files (x86)\Zenturi
2008-10-25 21:57:38 ----D---- C:\Users\William Anne\AppData\Roaming\ImgBurn
2008-10-25 21:51:17 ----D---- C:\Program Files (x86)\ImgBurn
2008-10-25 21:39:06 ----D---- C:\Program Files (x86)\uTorrent
2008-10-25 21:38:54 ----D---- C:\Users\William Anne\AppData\Roaming\uTorrent
2008-10-24 14:34:46 ----A---- C:\Windows\system32\netapi32.dll
2008-10-24 14:33:52 ----D---- C:\Program Files (x86)\Eusing Free Registry Cleaner
2008-10-22 20:14:18 ----D---- C:\Program Files (x86)\OTS_Software
2008-10-19 20:13:27 ----D---- C:\Program Files (x86)\OpenAL
2008-10-19 20:13:27 ----A---- C:\Windows\system32\wrap_oal.dll
2008-10-19 20:13:26 ----A---- C:\Windows\system32\OpenAL32.dll
2008-10-15 22:11:13 ----D---- C:\Program Files (x86)\Rockstar Games
2008-10-15 19:59:28 ----A---- C:\Windows\system32\EncDec.dll
2008-10-15 19:59:25 ----A---- C:\Windows\system32\psisdecd.dll
2008-10-15 19:09:22 ----A---- C:\Windows\system32\mshtml.dll
2008-10-15 19:09:21 ----A---- C:\Windows\system32\ieframe.dll
2008-10-15 19:09:20 ----A---- C:\Windows\system32\wininet.dll
2008-10-15 19:09:20 ----A---- C:\Windows\system32\urlmon.dll
2008-10-15 19:09:19 ----A---- C:\Windows\system32\iertutil.dll
2008-10-15 19:09:18 ----A---- C:\Windows\system32\mstime.dll
2008-10-15 19:09:18 ----A---- C:\Windows\system32\jsproxy.dll
2008-10-13 17:36:49 ----A---- C:\Users\William Anne\AppData\Roaming\vispa.ini
2008-10-12 15:02:39 ----D---- C:\Windows\7 Wonders II
2008-10-12 15:00:54 ----D---- C:\Windows\Break Quest
2008-10-12 14:58:33 ----D---- C:\Windows\Arctic Quest 2
2008-10-12 14:55:43 ----D---- C:\Windows\Luxor Mah Jong
2008-10-12 14:53:29 ----D---- C:\Windows\Deep Sea Adventures
2008-10-11 20:14:54 ----D---- C:\Users\William Anne\AppData\Roaming\AVGTOOLBAR
2008-10-07 12:45:15 ----D---- C:\Windows\Temp
2008-10-05 11:07:20 ----A---- C:\Windows\system32\javaws.exe
2008-10-05 11:07:20 ----A---- C:\Windows\system32\javaw.exe
2008-10-05 11:07:20 ----A---- C:\Windows\system32\java.exe
2008-10-05 11:04:18 ----D---- C:\Program Files (x86)\Common Files\Java
2008-10-01 18:28:21 ----D---- C:\Program Files (x86)\Panda Security
======List of files/folders modified in the last 1 months======
2008-10-30 17:47:09 ----D---- C:\Windows\Prefetch
2008-10-30 17:47:09 ----D---- C:\TEMP
2008-10-30 14:23:37 ----D---- C:\Users\William Anne\AppData\Roaming\SiteAdvisor
2008-10-30 09:18:09 ----D---- C:\Windows\System32
2008-10-30 09:18:09 ----D---- C:\Windows\inf
2008-10-30 08:55:33 ----RD---- C:\Program Files (x86)
2008-10-29 23:04:06 ----D---- C:\ProgramData\Google Updater
2008-10-29 22:52:25 ----D---- C:\Windows
2008-10-29 22:45:49 ----D---- C:\Program Files (x86)\a-squared Free
2008-10-29 20:25:04 ----HD---- C:\ProgramData
2008-10-29 20:24:47 ----SHD---- C:\Windows\Installer
2008-10-29 20:24:32 ----D---- C:\Program Files (x86)\Common Files\Wise Installation Wizard
2008-10-29 20:23:21 ----D---- C:\Users\William Anne\AppData\Roaming\LimeWire
2008-10-29 19:38:35 ----D---- C:\ProgramData\Spybot - Search & Destroy
2008-10-29 18:53:45 ----D---- C:\Program Files (x86)\LimeWire
2008-10-29 17:28:39 ----SD---- C:\Windows\Downloaded Program Files
2008-10-28 23:17:22 ----D---- C:\Program Files (x86)\Mozilla Firefox
2008-10-28 23:16:46 ----D---- C:\Windows\SysWOW64
2008-10-28 23:13:35 ----RD---- C:\Program Files
2008-10-28 23:09:27 ----D---- C:\Program Files (x86)\Error Repair Professional
2008-10-28 22:45:21 ----SD---- C:\Users\William Anne\AppData\Roaming\Microsoft
2008-10-28 22:21:55 ----D---- C:\Windows\winsxs
2008-10-27 23:15:20 ----D---- C:\Users\William Anne\AppData\Roaming\OpenOffice.org2
2008-10-27 18:19:02 ----D---- C:\Program Files (x86)\Weather Pulse
2008-10-27 16:46:53 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2008-10-27 16:46:46 ----D---- C:\Program Files (x86)\EPSON
2008-10-26 19:40:34 ----D---- C:\Windows\Tasks
2008-10-26 17:44:16 ----SD---- C:\ProgramData\Microsoft
2008-10-26 17:30:37 ----D---- C:\PerfLogs
2008-10-25 19:38:17 ----D---- C:\Windows\pss
2008-10-25 19:16:59 ----D---- C:\Program Files (x86)\QuickTime
2008-10-25 17:18:57 ----D---- C:\Windows\Microsoft.NET
2008-10-25 17:18:44 ----RSD---- C:\Windows\assembly
2008-10-24 16:10:51 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2008-10-24 16:10:50 ----D---- C:\Windows\system32\drivers
2008-10-23 20:14:35 ----D---- C:\Program Files (x86)\OTS Software
2008-10-23 20:14:29 ----SHD---- C:\System Volume Information
2008-10-22 20:21:23 ----HD---- C:\Program Files (x86)\InstallJammer Registry
2008-10-18 21:14:52 ----D---- C:\dbTemp
2008-10-16 15:38:18 ----D---- C:\Windows\Debug
2008-10-15 20:07:35 ----D---- C:\Windows\ehome
2008-10-15 20:07:35 ----D---- C:\Program Files (x86)\Windows Mail
2008-10-15 20:07:31 ----D---- C:\Windows\system32\migration
2008-10-10 14:08:39 ----HD---- C:\$AVG8.VAULT$
2008-10-10 12:36:04 ----RD---- C:\Users
2008-10-07 12:50:24 ----D---- C:\ProgramData\WinZip
2008-10-05 11:07:20 ----D---- C:\Program Files (x86)\Java
2008-10-05 11:04:18 ----D---- C:\Program Files (x86)\Common Files
2008-10-04 19:56:47 ----D---- C:\Program Files (x86)\Hijackthis
2008-10-02 22:26:13 ----D---- C:\ProgramData\NVIDIA
2008-10-01 18:09:39 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AvgLdx64;AVG Free AVI Loader Driver x64; C:\Windows\System32\Drivers\avgldx64.sys []
R1 AvgMfx64;AVG Free On-access Scanner Minifilter Driver x64; C:\Windows\System32\Drivers\avgmfx64.sys []
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\Windows\system32\drivers\RTKVAC64.SYS []
R3 AvgWfpA;AVG Free8 Firewall Driver x86; C:\Windows\System32\Drivers\avgwfpa.sys []
R3 ksthunk;Kernel Streaming Thunks; C:\Windows\system32\drivers\ksthunk.sys []
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys []
R3 RTL8023x64;Realtek 10/100 NIC Family NDIS x64 Driver; C:\Windows\system32\DRIVERS\Rtnic64.sys []
R3 ULi5261;ULi Based Ethernet NT Driver; C:\Windows\system32\DRIVERS\ULILAN64.SYS []
R3 VST64_DPV;VST64_DPV; C:\Windows\system32\DRIVERS\VSTDPV6.SYS []
R3 VST64HWBS2;VST64HWBS2; C:\Windows\system32\DRIVERS\VSTBS26.SYS []
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS []
S1 SASDIFSV;SASDIFSV; \??\C:\Program Files (x86)\SUPERAntiSpyware\SASDIFSV.SYS [2008-09-03 8944]
S1 SASKUTIL;SASKUTIL; \??\C:\Program Files (x86)\SUPERAntiSpyware\SASKUTIL.sys [2008-09-03 55024]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys []
S3 LVPr2M64;Logitech LVPr2M64 Driver; C:\Windows\system32\DRIVERS\LVPr2M64.sys []
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys []
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys []
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys []
S3 SASENUM;SASENUM; \??\C:\Program Files (x86)\SUPERAntiSpyware\SASENUM.SYS [2008-09-03 7408]
S3 usbaudio;USB Audio Driver (WDM); C:\Windows\system32\drivers\usbaudio.sys []
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys []
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys []
S4 m5287;m5287; C:\Windows\system32\drivers\m5287.sys []
S4 m5288;m5288; C:\Windows\system32\drivers\m5288.sys []
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys []
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 a2free;a-squared Free Service; C:\Program Files (x86)\a-squared Free\a2service.exe [2008-10-19 418936]
R2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files (x86)\Lavasoft\Ad-Aware\aawservice.exe [2008-08-19 611664]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-09-10 116040]
R2 avg8emc;AVG Free8 E-mail Scanner; C:\PROGRA~2\AVG\AVG8\avgemc.exe [2008-08-29 875288]
R2 avg8wd;AVG Free8 WatchDog; C:\PROGRA~2\AVG\AVG8\avgwdsvc.exe [2008-08-29 231704]
R2 Bonjour Service;Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-10-07 168432]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2008-07-07 809296]
S3 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2008-01-21 93696]
S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-21 19968]
S3 sassvc;ProgramCheckerPro; C:\Program Files (x86)\Zenturi\ProgramChecker\sassvc.exe [2006-02-15 122880]
-----------------EOF-----------------
info.txt logfile of random's system information tool 1.04 2008-10-30 17:47:12
======Uninstall list======
-->C:\PROGRA~2\Yahoo!\Common\UNYT_W~1.EXE
-->C:\Program Files (x86)\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
7 Wonders II-->"C:\Windows\7 Wonders II\uninstall.exe" "/U:C:\Program Files (x86)\7 Wonders II\Uninstall\uninstall.xml"
Acrobat.com-->C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe -uninstall com.adobe.mauby 4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
Acrobat.com-->MsiExec.exe /I{77DCDCE3-2DED-62F3-8154-05E745472D07}
Ad-Aware-->MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe AIR-->MsiExec.exe /I{00203668-8170-44A0-BE44-B632FA4D780F}
Adobe Flash Player ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin-->C:\Windows\SysWOW64\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A90000000001}
Advanced WindowsCare Personal-->"C:\Program Files (x86)\IObit\Advanced WindowsCare V2\unins000.exe"
Any Video Converter 2.6.3-->"C:\Program Files (x86)\Any Video Converter\unins000.exe"
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Arctic Quest 2-->"C:\Windows\Arctic Quest 2\uninstall.exe" "/U:C:\Program Files (x86)\Arctic Quest 2\Uninstall\uninstall.xml"
a-squared Free 3.5-->"C:\Program Files (x86)\a-squared Free\unins000.exe"
AVG Free 8.0-->C:\Program Files (x86)\AVG\AVG8\setup.exe /UNINSTALL
Break Quest-->"C:\Windows\Break Quest\uninstall.exe" "/U:C:\Program Files (x86)\Break Quest\Uninstall\uninstall.xml"
CA Yahoo! Anti-Spy (remove only)-->"C:\Program Files (x86)\CA Yahoo! Anti-Spy\uninstall.exe"
CCleaner (remove only)-->"C:\Program Files (x86)\CCleaner\uninst.exe"
Deep Sea Adventures-->"C:\Windows\Deep Sea Adventures\uninstall.exe" "/U:C:\Program Files (x86)\Deep Sea Adventures\Uninstall\uninstall.xml"
Driver Detective-->C:\Program Files (x86)\InstallShield Installation Information\{621C02EA-AAFF-4026-A903-165D59529A16}\setup.exe -runfromtemp -l0x0409
EPSON PhotoQuicker3.5-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{65F5B7AF-3363-11D7-BB6B-00018021113F}\SETUP.EXE" -l0x9 uninst
EPSON Print CD-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{FF477885-5EA8-40D0-ADF3-D4C1B86FAEA4}\SETUP.EXE" -l0x9 -SYSTEM
EPSON PRINT Image Framer Tool2.1-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{23B59ED4-C360-11D7-875B-0090CC005647}\SETUP.EXE" -l0x9 anything
EPSON Printer Software-->C:\Windows\system32\spool\DRIVERS\x64\EPUPDATE.EXE /r
ESPR800 Referene Guide-->C:\Program Files (x86)\EPSON\TPMANUAL\ESPR800\REF_G\DOCUNINS.EXE
ESPR800 Software Guide-->C:\Program Files (x86)\EPSON\TPMANUAL\ESPR800\PQU_G\DOCUNINS.EXE
Eusing Free Registry Cleaner-->C:\PROGRA~2\Eusing Free Registry Cleaner\UNWISE.EXE C:\PROGRA~2\Eusing Free Registry Cleaner\INSTALL.LOG
EVEREST Home Edition v2.20-->"C:\Program Files (x86)\Lavalys\EVEREST Home Edition\unins000.exe"
Free Window Registry Repair-->C:\PROGRA~2\Free Window Registry Repair\UNWISE.EXE C:\PROGRA~2\Free Window Registry Repair\INSTALL.LOG
Garmin WebUpdater-->MsiExec.exe /X{366FFC89-C800-4366-B903-B9C4314109A5}
Google Earth-->MsiExec.exe /I{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}
Google Toolbar for Internet Explorer-->"C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarManager_FE4264652A965D92.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
Google Updater-->"C:\Program Files (x86)\Google\Google Updater\GoogleUpdater.exe" -uninstall
HijackThis 2.0.2-->"C:\TEMP\HijackThis.exe" /uninstall
Homonym Madness-->MsiExec.exe /I{F273B28F-6793-41A9-ABD8-080FC727F6B1}
ImgBurn-->"C:\Program Files (x86)\ImgBurn\uninstall.exe"
Inside The Beast-->MsiExec.exe /I{3F059E73-C365-488C-9560-EBB4F1585F8E}
Java 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Kyodai Mahjongg-->"C:\Program Files (x86)\Kyodai Mahjongg\unins000.exe"
LimeWire 4.18.8-->"C:\Program Files (x86)\LimeWire\uninstall.exe"
Luxor Mah Jong-->"C:\Windows\Luxor Mah Jong\uninstall.exe" "/U:C:\Program Files (x86)\Luxor Mah Jong\Uninstall\uninstall.xml"
Malwarebytes' Anti-Malware-->"C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Miditzer Style 216 ver. 0.881-->C:\Program Files (x86)\Miditzer Style 216\uninst.exe
Mozilla Firefox (2.0.0.17)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
OpenAL-->"C:\Program Files (x86)\OpenAL\OpenALwEAX.exe" /U /S
OpenOffice.org 2.4-->MsiExec.exe /I{2CD2C0DB-81C3-416B-9FA6-589B9235359B}
OTS Software Toolbar-->C:\PROGRA~2\OTS_Software\UNWISE.EXE C:\PROGRA~2\OTS_Software\INSTALL.LOG
Panda ActiveScan 2.0-->C:\Program Files (x86)\Panda Security\ActiveScan 2.0\as2uninst.exe
Picasa 2-->"C:\Program Files (x86)\Picasa2\Uninstall.exe"
PIF DESIGNER2.1-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{23B59B9F-C360-11D7-875B-0090CC005647}\SETUP.EXE" -l0x9 anything
ProgramChecker-->MsiExec.exe /I{FE047432-CD76-41F9-88FA-1AD225604FFB}
QuickTime-->MsiExec.exe /I{8DC42D05-680B-41B0-8878-6C14D24602DB}
RealPlayer-->C:\Program Files (x86)\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Realtek AC'97 Audio-->Alcrmv64.exe -r -m
RegistryFix v7.0-->"C:\Program Files (x86)\RegistryFix7\unins000.exe"
ScanToWeb-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{EBAE381B-60A6-4863-AA9F-FCAB755BC9E5}\SETUP.EXE" ADDREMOVEDLG
Secunia PSI (RC3)-->"C:\Program Files (x86)\Secunia\PSI (RC3)\uninstall.exe"
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Ship Simulator 2008-->"C:\Program Files (x86)\Vstep\ShipSim2008\Uninstall.exe"
Spybot - Search & Destroy-->"C:\Program Files (x86)\Spybot - Search & Destroy\unins000.exe"
SpywareBlaster 4.1-->"C:\Program Files (x86)\SpywareBlaster\unins000.exe"
Style Fixer 1.10-->"C:\Program Files (x86)\StyleFixer\unins000.exe"
SUPERAntiSpyware Free Edition-->MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
System Requirements Lab-->C:\Program Files (x86)\SystemRequirementsLab\Uninstall.exe
TrojanHunter 5.0-->"C:\Program Files (x86)\TrojanHunter 5.0\unins000.exe"
USB-Flash Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{7EB597B1-9F63-4CA7-9CC5-1DADF9FFC8CD}\Setup.exe" -l0x9
Visual C++ 8.0 Runtime Setup Package (x64)-->MsiExec.exe /I{021C4C4F-C93C-4425-BFFD-C2D16776BFAE}
Weather Pulse 2.10 build 5-->"C:\Program Files (x86)\Weather Pulse\unins000.exe"
Wild Metal Country-->C:\Windows\IsUninst.exe -f"C:\Program Files (x86)\Rockstar Games\Wild Metal Country\Uninst.isu"
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
Yahoo! Toolbar-->C:\PROGRA~2\Yahoo!\Common\UNYT_W~1.EXE
=====HijackThis Backups=====
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - (no file)
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~2\AVG\AVG8\avgwdsvc.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - (no file)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - (no file)
O23 - Service: Software Licensing (slsvc) - Unknown owner - (no file)
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - (no file)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - (no file)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - (no file)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - (no file)
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - (no file)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - (no file)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - (no file)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - (no file)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - (no file)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - (no file)
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~2\AVG\AVG8\avgwdsvc.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - (no file)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - (no file)
O23 - Service: Software Licensing (slsvc) - Unknown owner - (no file)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - (no file)
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
F2 - REG:system.ini: UserInit=C:\Windows\system32\Userinit.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - (no file)
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~2\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~2\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O1 - Hosts: ::1 localhost
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - (no file)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - (no file)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - (no file)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - (no file)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - (no file)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - (no file)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - (no file)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - (no file)
O23 - Service: Software Licensing (slsvc) - Unknown owner - (no file)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - (no file)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - (no file)
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
O1 - Hosts: ::1 localhost
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
O1 - Hosts: ::1 localhost
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - (no file)
O23 - Service: ProgramCheckerPro (sassvc) - Unknown owner - C:\Program Files (x86)\Zenturi\ProgramChecker\sassvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - (no file)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - (no file)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - (no file)
O23 - Service: Software Licensing (slsvc) - Unknown owner - (no file)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - (no file)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - (no file)
O3 - Toolbar: OTS Software Toolbar - {e41b29e5-88b5-40b1-903e-080e0f2c4b65} - C:\Program Files (x86)\OTS_Software\tbOTS_.dll
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~2\AVG\AVG8\avgwdsvc.exe
O23 - Service: Volume Shadow Copy (VSS) - Unknown owner - (no file)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - (no file)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - (no file)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - (no file)
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - (no file)
O2 - BHO: OTS Software Toolbar - {e41b29e5-88b5-40b1-903e-080e0f2c4b65} - C:\Program Files (x86)\OTS_Software\tbOTS_.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - (no file)
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - (no file)
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
O1 - Hosts: ::1 localhost
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - (no file)
O23 - Service: Software Licensing (slsvc) - Unknown owner - (no file)
O23 - Service: Volume Shadow Copy (VSS) - Unknown owner - (no file)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - (no file)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - (no file)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - (no file)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - (no file)
O23 - Service: Print Spooler (Spooler) - Unknown owner - (no file)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - (no file)
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - (no file)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - (no file)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - (no file)
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - (no file)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - (no file)
======Security center information======
AS: AVG Anti-Virus Free (disabled)
AS: Spybot - Search and Destroy (disabled)
AS: Windows Defender
AS: SUPERAntiSpyware (disabled)
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files (x86)\QuickTime\QTSystem\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=AMD64 Family 15 Model 43 Stepping 1, AuthenticAMD
"PROCESSOR_REVISION"=2b01
"NUMBER_OF_PROCESSORS"=2
"TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\34FB5F65-FFEB-4B61-BF0E-A6A76C450FAA\TraceFormat
"DFSTRACINGON"=FALSE
"CLASSPATH"=.;C:\Program Files (x86)\Java\jre1.6.0_07\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files (x86)\Java\jre1.6.0_07\lib\ext\QTJava.zip
-----------------EOF-----------------
-
Log information as requested.
Malwarebytes' Anti-Malware 1.30
Database version: 1337
Windows 6.0.6001 Service Pack 1
10/29/2008 10:43:08 PM
mbam-log-2008-10-29 (22-43-08).txt
Scan type: Quick Scan
Objects scanned: 36154
Time elapsed: 1 minute(s), 17 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
-
Many thanks for your prompt reply. I think I mentioned in my post that I had ran Malwarebytes, but I have done so again and it found nothing.
-
I would appreciate someones help in analyzing my log file. I have windows vista home premium 64bit and I have ran the following .-
Spy-bot, Ad-Aware, Ccleaner, Avg free, Malwarebyte, a_squared free ,Advanced Windows Care,
I have lost all icons in control panel and the panel opens only for a second and closes. I can access it through Programs_Accessories_System tools-Control panel-open file location but system restore is missing also add remove programs, windows update also.
I am unaware of anything which may have caused this .My log is :-
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:58:04 PM, on 10/27/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\IObit\Advanced WindowsCare V2\Awcl.exe
C:\Windows\SOUNDMAN.EXE
C:\Program Files (x86)\AVG\AVG8\avgtray.exe
C:\Program Files (x86)\SpywareBlaster\spywareblaster.exe
C:\Program Files (x86)\SpywareBlaster\spywareblaster.exe
C:\Program Files (x86)\SpywareBlaster\spywareblaster.exe
C:\Program Files (x86)\SpywareBlaster\spywareblaster.exe
C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-Aware.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\TEMP\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.co.uk
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.co.uk
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.co.uk
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~2\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~2\AVG\AVG8\AVGTOO~1.DLL
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~2\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files (x86)\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files (x86)\Picasa2\PicasaMediaDetector.exe (User 'Default user')
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/...368/mcfscan.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG8\avgpp.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files (x86)\a-squared Free\a2service.exe
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files (x86)\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - (no file)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~2\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~2\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - (no file)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - (no file)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - (no file)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - (no file)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ProgramCheckerPro (sassvc) - Unknown owner - C:\Program Files (x86)\Zenturi\ProgramChecker\sassvc.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Software Licensing (slsvc) - Unknown owner - (no file)
O23 - Service: Print Spooler (Spooler) - Unknown owner - (no file)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - (no file)
O23 - Service: Volume Shadow Copy (VSS) - Unknown owner - (no file)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - (no file)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - (no file)
--
End of file - 5960 bytes
Thankyou
Hijackthis
in Malware Removal
Posted
problem resolved