patonm Posted October 27, 2008 Report Share Posted October 27, 2008 I would appreciate someones help in analyzing my log file. I have windows vista home premium 64bit and I have ran the following .-Spy-bot, Ad-Aware, Ccleaner, Avg free, Malwarebyte, a_squared free ,Advanced Windows Care,I have lost all icons in control panel and the panel opens only for a second and closes. I can access it through Programs_Accessories_System tools-Control panel-open file location but system restore is missing also add remove programs, windows update also.I am unaware of anything which may have caused this .My log is :-Logfile of Trend Micro HijackThis v2.0.2Scan saved at 9:58:04 PM, on 10/27/2008Platform: Windows Vista SP1 (WinNT 6.00.1905)MSIE: Internet Explorer v7.00 (7.00.6001.18000)Boot mode: NormalRunning processes:C:\Program Files (x86)\IObit\Advanced WindowsCare V2\Awcl.exeC:\Windows\SOUNDMAN.EXEC:\Program Files (x86)\AVG\AVG8\avgtray.exeC:\Program Files (x86)\SpywareBlaster\spywareblaster.exeC:\Program Files (x86)\SpywareBlaster\spywareblaster.exeC:\Program Files (x86)\SpywareBlaster\spywareblaster.exeC:\Program Files (x86)\SpywareBlaster\spywareblaster.exeC:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-Aware.exeC:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\TEMP\HijackThis.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.co.ukR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.co.ukR1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.co.ukR0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dllO2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG8\avgssie.dllO2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dllO2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.6.0_07\bin\ssv.dllO2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~2\AVG\AVG8\AVGTOO~1.DLLO2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar.dllO2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dllO3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~2\AVG\AVG8\AVGTOO~1.DLLO3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dllO3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar.dllO4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~2\AVG\AVG8\avgtray.exeO4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exeO4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenterO4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files (x86)\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files (x86)\Picasa2\PicasaMediaDetector.exe (User 'Default user')O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dllO16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cabO16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/...368/mcfscan.cabO18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG8\avgpp.dllO23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files (x86)\a-squared Free\a2service.exeO23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files (x86)\Lavasoft\Ad-Aware\aawservice.exeO23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - (no file)O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeO23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~2\AVG\AVG8\avgemc.exeO23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~2\AVG\AVG8\avgwdsvc.exeO23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exeO23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - (no file)O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exeO23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - (no file)O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - (no file)O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - (no file)O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: ProgramCheckerPro (sassvc) - Unknown owner - C:\Program Files (x86)\Zenturi\ProgramChecker\sassvc.exeO23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exeO23 - Service: Software Licensing (slsvc) - Unknown owner - (no file)O23 - Service: Print Spooler (Spooler) - Unknown owner - (no file)O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - (no file)O23 - Service: Volume Shadow Copy (VSS) - Unknown owner - (no file)O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - (no file)O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - (no file)--End of file - 5960 bytesThankyou Quote Link to post Share on other sites
sarahw Posted October 28, 2008 Report Share Posted October 28, 2008 Hi,That sounds like some strange issues.Please download Malwarebytes' Anti-Malware from Here or HereDouble Click mbam-setup.exe to install the application.Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.If an update is found, it will download and install the latest version.Once the program has loaded, select "Perform Quick Scan", then click Scan.The scan may take some time to finish,so please be patient.When the scan is complete, click OK, then Show Results to view the results.Make sure that everything is checked, and click Remove Selected.When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.Copy&Paste the entire report in your next reply.Extra Note:If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly. Quote Link to post Share on other sites
patonm Posted October 28, 2008 Author Report Share Posted October 28, 2008 Many thanks for your prompt reply. I think I mentioned in my post that I had ran Malwarebytes, but I have done so again and it found nothing. Quote Link to post Share on other sites
sarahw Posted October 30, 2008 Report Share Posted October 30, 2008 Hi,Could you please open Malwarebytes and get the last log for me. You can find the logs by clicking the Logs tab in MBAM. This is so I know what infections we are dealing with. Quote Link to post Share on other sites
patonm Posted October 30, 2008 Author Report Share Posted October 30, 2008 Log information as requested.Malwarebytes' Anti-Malware 1.30Database version: 1337Windows 6.0.6001 Service Pack 110/29/2008 10:43:08 PMmbam-log-2008-10-29 (22-43-08).txtScan type: Quick ScanObjects scanned: 36154Time elapsed: 1 minute(s), 17 second(s)Memory Processes Infected: 0Memory Modules Infected: 0Registry Keys Infected: 0Registry Values Infected: 0Registry Data Items Infected: 0Folders Infected: 0Files Infected: 0Memory Processes Infected:(No malicious items detected)Memory Modules Infected:(No malicious items detected)Registry Keys Infected:(No malicious items detected)Registry Values Infected:(No malicious items detected)Registry Data Items Infected:(No malicious items detected)Folders Infected:(No malicious items detected)Files Infected:(No malicious items detected) Quote Link to post Share on other sites
sarahw Posted October 30, 2008 Report Share Posted October 30, 2008 Download random's system information tool (RSIT) by random/random from here.It is important that is saved to your desktop.Double click on RSIT.exe to run RSIT.Click Continue at the disclaimer screen.Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized) Quote Link to post Share on other sites
patonm Posted October 30, 2008 Author Report Share Posted October 30, 2008 both logs for you.Logfile of random's system information tool 1.04 (written by random/random)Run by William Anne at 2008-10-30 17:47:02Microsoft® Windows Vista™ Home Premium Service Pack 1System drive C: has 130 GB (55%) free of 238 GBTotal RAM: 2047 MB (41% free)Logfile of Trend Micro HijackThis v2.0.2Scan saved at 5:47:09 PM, on 10/30/2008Platform: Windows Vista SP1 (WinNT 6.00.1905)MSIE: Internet Explorer v7.00 (7.00.6001.18000)Boot mode: NormalRunning processes:C:\Program Files (x86)\IObit\Advanced WindowsCare V2\Awcl.exeC:\Windows\SOUNDMAN.EXEC:\Program Files (x86)\SUPERAntiSpyware\SUPERAntiSpyware.exeC:\Program Files (x86)\AVG\AVG8\avgtray.exeC:\Program Files (x86)\TrojanHunter 5.0\THGuard.exeC:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\Users\William Anne\Desktop\RSIT.exeC:\TEMP\William Anne.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.co.ukR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.co.ukR1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.co.ukR0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dllO2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG8\avgssie.dllO2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dllO2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.6.0_07\bin\ssv.dllO2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~2\AVG\AVG8\AVGTOO~1.DLLO2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar.dllO2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dllO3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~2\AVG\AVG8\AVGTOO~1.DLLO3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dllO3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar.dllO4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~2\AVG\AVG8\avgtray.exeO4 - HKLM\..\Run: [THGuard] "C:\Program Files (x86)\TrojanHunter 5.0\THGuard.exe"O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exeO4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenterO4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files (x86)\SUPERAntiSpyware\SUPERAntiSpyware.exeO4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files (x86)\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files (x86)\Picasa2\PicasaMediaDetector.exe (User 'Default user')O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/...368/mcfscan.cabO18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG8\avgpp.dllO20 - Winlogon Notify: !SASWinLogon - C:\Program Files (x86)\SUPERAntiSpyware\SASWINLO.dllO23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files (x86)\a-squared Free\a2service.exeO23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files (x86)\Lavasoft\Ad-Aware\aawservice.exeO23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeO23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~2\AVG\AVG8\avgemc.exeO23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~2\AVG\AVG8\avgwdsvc.exeO23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exeO23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - (no file)O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exeO23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - (no file)O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - (no file)O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - (no file)O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: ProgramCheckerPro (sassvc) - Unknown owner - C:\Program Files (x86)\Zenturi\ProgramChecker\sassvc.exeO23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exeO23 - Service: Software Licensing (slsvc) - Unknown owner - (no file)O23 - Service: Print Spooler (Spooler) - Unknown owner - (no file)O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - (no file)O23 - Service: Volume Shadow Copy (VSS) - Unknown owner - (no file)O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - (no file)O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - (no file)--End of file - 5740 bytes======Scheduled tasks folder======C:\Windows\tasks\Advanced WindowsCare Personal Startup.jobC:\Windows\tasks\Schedule Task Weekly.jobC:\Windows\tasks\User_Feed_Synchronization-{19D32E0D-5706-48FB-B37A-9FBC8E0AAC40}.job======Registry dump======[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]&Yahoo! Toolbar Helper - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]AVG Safe Search - C:\Program Files (x86)\AVG\AVG8\avgssie.dll [2008-08-29 455960][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]Spybot-S&D IE Protection - C:\PROGRA~2\SPYBOT~1\SDHelper.dll [2008-09-15 1562960][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]SSVHelper Class - C:\Program Files (x86)\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}]AVG Security Toolbar - C:\PROGRA~2\AVG\AVG8\AVGTOO~1.DLL [2008-08-18 2055960][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar.dll [2008-09-03 193136][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]Google Toolbar Notifier BHO - C:\Program Files (x86)\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll [2008-10-07 652784][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]{A057A204-BACC-4D26-9990-79A187E2698E} - AVG Security Toolbar - C:\PROGRA~2\AVG\AVG8\AVGTOO~1.DLL [2008-08-18 2055960]{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416]{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar.dll [2008-09-03 193136][HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]"AVG8_TRAY"=C:\PROGRA~2\AVG\AVG8\avgtray.exe [2008-09-30 1234712]"THGuard"=C:\Program Files (x86)\TrojanHunter 5.0\THGuard.exe [2008-10-24 1056928][HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 138240]"WindowsWelcomeCenter"=C:\Windows\system32\oobefldr.dll [2008-01-21 2153472]"SUPERAntiSpyware"=C:\Program Files (x86)\SUPERAntiSpyware\SUPERAntiSpyware.exe [2008-09-03 1576176][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]C:\Program Files (x86)\SUPERAntiSpyware\SASWINLO.dll [2008-07-23 352256][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files (x86)\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824][HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]"SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice][HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice][HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]"dontdisplaylastusername"=0"legalnoticecaption"="legalnoticetext"="shutdownwithoutlogon"=1"undockwithoutlogon"=1"EnableUIADesktopToggle"=0[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]"NoActiveDesktop"="NoActiveDesktopChanges"="ForceActiveDesktopOn"=[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list][HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list][HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{37692b85-74f1-11dd-959f-00138f818a86}]shell\AutoRun\command - J:\setupSNK.exe[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{37692b8f-74f1-11dd-959f-00138f818a86}]shell\AutoRun\command - J:\setupSNK.exe[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d4d729a8-8d68-11dd-b61b-00138f818a86}]shell\AutoRun\command - J:\setupSNK.exe[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ed555e29-6d70-11dd-be2f-806e6f6e6963}]shell\AutoRun\command - E:\_SETIMG\EPSSWT.EXE /NOWIZ:"..\EPSETUP.EXE"======List of files/folders created in the last 1 months======2008-10-30 17:47:02 ----D---- C:\rsit2008-10-30 08:55:33 ----D---- C:\Program Files (x86)\RegistryFix72008-10-29 22:45:59 ----A---- C:\Windows\ntbtlog.txt2008-10-29 20:25:04 ----D---- C:\ProgramData\SUPERAntiSpyware.com2008-10-29 20:24:44 ----D---- C:\Users\William Anne\AppData\Roaming\SUPERAntiSpyware.com2008-10-29 20:24:44 ----D---- C:\Program Files (x86)\SUPERAntiSpyware2008-10-28 22:21:51 ----A---- C:\Windows\system32\Faultrep.dll2008-10-28 22:21:49 ----A---- C:\Windows\system32\win32spl.dll2008-10-27 23:16:29 ----D---- C:\Users\William Anne\AppData\Roaming\TrojanHunter2008-10-27 22:42:07 ----R---- C:\Windows\system32\streamhlp.dll2008-10-27 22:42:07 ----D---- C:\Program Files (x86)\TrojanHunter 5.02008-10-27 19:01:58 ----D---- C:\Program Files (x86)\Free Window Registry Repair2008-10-27 16:46:19 ----D---- C:\ProgramData\UDL2008-10-27 16:46:01 ----RA---- C:\Windows\system32\Epcmlib.dll2008-10-27 16:45:39 ----D---- C:\Program Files (x86)\EPSON Print CD2008-10-27 16:21:56 ----A---- C:\Windows\EPSMTL32.TXT2008-10-26 21:55:54 ----AD---- C:\ProgramData\TEMP2008-10-26 21:55:50 ----D---- C:\Program Files (x86)\SpywareBlaster2008-10-26 21:55:50 ----A---- C:\Windows\system32\MSSTDFMT.DLL2008-10-26 19:43:50 ----D---- C:\ProgramData\PrevxCSI2008-10-26 15:48:55 ----A---- C:\Windows\system32\E3TL.DLL2008-10-26 15:48:44 ----D---- C:\ProgramData\Zenturi2008-10-26 15:48:43 ----D---- C:\Program Files (x86)\Zenturi2008-10-25 21:57:38 ----D---- C:\Users\William Anne\AppData\Roaming\ImgBurn2008-10-25 21:51:17 ----D---- C:\Program Files (x86)\ImgBurn2008-10-25 21:39:06 ----D---- C:\Program Files (x86)\uTorrent2008-10-25 21:38:54 ----D---- C:\Users\William Anne\AppData\Roaming\uTorrent2008-10-24 14:34:46 ----A---- C:\Windows\system32\netapi32.dll2008-10-24 14:33:52 ----D---- C:\Program Files (x86)\Eusing Free Registry Cleaner2008-10-22 20:14:18 ----D---- C:\Program Files (x86)\OTS_Software2008-10-19 20:13:27 ----D---- C:\Program Files (x86)\OpenAL2008-10-19 20:13:27 ----A---- C:\Windows\system32\wrap_oal.dll2008-10-19 20:13:26 ----A---- C:\Windows\system32\OpenAL32.dll2008-10-15 22:11:13 ----D---- C:\Program Files (x86)\Rockstar Games2008-10-15 19:59:28 ----A---- C:\Windows\system32\EncDec.dll2008-10-15 19:59:25 ----A---- C:\Windows\system32\psisdecd.dll2008-10-15 19:09:22 ----A---- C:\Windows\system32\mshtml.dll2008-10-15 19:09:21 ----A---- C:\Windows\system32\ieframe.dll2008-10-15 19:09:20 ----A---- C:\Windows\system32\wininet.dll2008-10-15 19:09:20 ----A---- C:\Windows\system32\urlmon.dll2008-10-15 19:09:19 ----A---- C:\Windows\system32\iertutil.dll2008-10-15 19:09:18 ----A---- C:\Windows\system32\mstime.dll2008-10-15 19:09:18 ----A---- C:\Windows\system32\jsproxy.dll2008-10-13 17:36:49 ----A---- C:\Users\William Anne\AppData\Roaming\vispa.ini2008-10-12 15:02:39 ----D---- C:\Windows\7 Wonders II2008-10-12 15:00:54 ----D---- C:\Windows\Break Quest2008-10-12 14:58:33 ----D---- C:\Windows\Arctic Quest 22008-10-12 14:55:43 ----D---- C:\Windows\Luxor Mah Jong2008-10-12 14:53:29 ----D---- C:\Windows\Deep Sea Adventures2008-10-11 20:14:54 ----D---- C:\Users\William Anne\AppData\Roaming\AVGTOOLBAR2008-10-07 12:45:15 ----D---- C:\Windows\Temp2008-10-05 11:07:20 ----A---- C:\Windows\system32\javaws.exe2008-10-05 11:07:20 ----A---- C:\Windows\system32\javaw.exe2008-10-05 11:07:20 ----A---- C:\Windows\system32\java.exe2008-10-05 11:04:18 ----D---- C:\Program Files (x86)\Common Files\Java2008-10-01 18:28:21 ----D---- C:\Program Files (x86)\Panda Security======List of files/folders modified in the last 1 months======2008-10-30 17:47:09 ----D---- C:\Windows\Prefetch2008-10-30 17:47:09 ----D---- C:\TEMP2008-10-30 14:23:37 ----D---- C:\Users\William Anne\AppData\Roaming\SiteAdvisor2008-10-30 09:18:09 ----D---- C:\Windows\System322008-10-30 09:18:09 ----D---- C:\Windows\inf2008-10-30 08:55:33 ----RD---- C:\Program Files (x86)2008-10-29 23:04:06 ----D---- C:\ProgramData\Google Updater2008-10-29 22:52:25 ----D---- C:\Windows2008-10-29 22:45:49 ----D---- C:\Program Files (x86)\a-squared Free2008-10-29 20:25:04 ----HD---- C:\ProgramData2008-10-29 20:24:47 ----SHD---- C:\Windows\Installer2008-10-29 20:24:32 ----D---- C:\Program Files (x86)\Common Files\Wise Installation Wizard2008-10-29 20:23:21 ----D---- C:\Users\William Anne\AppData\Roaming\LimeWire2008-10-29 19:38:35 ----D---- C:\ProgramData\Spybot - Search & Destroy2008-10-29 18:53:45 ----D---- C:\Program Files (x86)\LimeWire2008-10-29 17:28:39 ----SD---- C:\Windows\Downloaded Program Files2008-10-28 23:17:22 ----D---- C:\Program Files (x86)\Mozilla Firefox2008-10-28 23:16:46 ----D---- C:\Windows\SysWOW642008-10-28 23:13:35 ----RD---- C:\Program Files2008-10-28 23:09:27 ----D---- C:\Program Files (x86)\Error Repair Professional2008-10-28 22:45:21 ----SD---- C:\Users\William Anne\AppData\Roaming\Microsoft2008-10-28 22:21:55 ----D---- C:\Windows\winsxs2008-10-27 23:15:20 ----D---- C:\Users\William Anne\AppData\Roaming\OpenOffice.org22008-10-27 18:19:02 ----D---- C:\Program Files (x86)\Weather Pulse2008-10-27 16:46:53 ----HD---- C:\Program Files (x86)\InstallShield Installation Information2008-10-27 16:46:46 ----D---- C:\Program Files (x86)\EPSON2008-10-26 19:40:34 ----D---- C:\Windows\Tasks2008-10-26 17:44:16 ----SD---- C:\ProgramData\Microsoft2008-10-26 17:30:37 ----D---- C:\PerfLogs2008-10-25 19:38:17 ----D---- C:\Windows\pss2008-10-25 19:16:59 ----D---- C:\Program Files (x86)\QuickTime2008-10-25 17:18:57 ----D---- C:\Windows\Microsoft.NET2008-10-25 17:18:44 ----RSD---- C:\Windows\assembly2008-10-24 16:10:51 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware2008-10-24 16:10:50 ----D---- C:\Windows\system32\drivers2008-10-23 20:14:35 ----D---- C:\Program Files (x86)\OTS Software2008-10-23 20:14:29 ----SHD---- C:\System Volume Information2008-10-22 20:21:23 ----HD---- C:\Program Files (x86)\InstallJammer Registry2008-10-18 21:14:52 ----D---- C:\dbTemp2008-10-16 15:38:18 ----D---- C:\Windows\Debug2008-10-15 20:07:35 ----D---- C:\Windows\ehome2008-10-15 20:07:35 ----D---- C:\Program Files (x86)\Windows Mail2008-10-15 20:07:31 ----D---- C:\Windows\system32\migration2008-10-10 14:08:39 ----HD---- C:\$AVG8.VAULT$2008-10-10 12:36:04 ----RD---- C:\Users2008-10-07 12:50:24 ----D---- C:\ProgramData\WinZip2008-10-05 11:07:20 ----D---- C:\Program Files (x86)\Java2008-10-05 11:04:18 ----D---- C:\Program Files (x86)\Common Files2008-10-04 19:56:47 ----D---- C:\Program Files (x86)\Hijackthis2008-10-02 22:26:13 ----D---- C:\ProgramData\NVIDIA2008-10-01 18:09:39 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======R1 AvgLdx64;AVG Free AVI Loader Driver x64; C:\Windows\System32\Drivers\avgldx64.sys []R1 AvgMfx64;AVG Free On-access Scanner Minifilter Driver x64; C:\Windows\System32\Drivers\avgmfx64.sys []R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\Windows\system32\drivers\RTKVAC64.SYS []R3 AvgWfpA;AVG Free8 Firewall Driver x86; C:\Windows\System32\Drivers\avgwfpa.sys []R3 ksthunk;Kernel Streaming Thunks; C:\Windows\system32\drivers\ksthunk.sys []R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys []R3 RTL8023x64;Realtek 10/100 NIC Family NDIS x64 Driver; C:\Windows\system32\DRIVERS\Rtnic64.sys []R3 ULi5261;ULi Based Ethernet NT Driver; C:\Windows\system32\DRIVERS\ULILAN64.SYS []R3 VST64_DPV;VST64_DPV; C:\Windows\system32\DRIVERS\VSTDPV6.SYS []R3 VST64HWBS2;VST64HWBS2; C:\Windows\system32\DRIVERS\VSTBS26.SYS []R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS []S1 SASDIFSV;SASDIFSV; \??\C:\Program Files (x86)\SUPERAntiSpyware\SASDIFSV.SYS [2008-09-03 8944]S1 SASKUTIL;SASKUTIL; \??\C:\Program Files (x86)\SUPERAntiSpyware\SASKUTIL.sys [2008-09-03 55024]S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys []S3 LVPr2M64;Logitech LVPr2M64 Driver; C:\Windows\system32\DRIVERS\LVPr2M64.sys []S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys []S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys []S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys []S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys []S3 SASENUM;SASENUM; \??\C:\Program Files (x86)\SUPERAntiSpyware\SASENUM.SYS [2008-09-03 7408]S3 usbaudio;USB Audio Driver (WDM); C:\Windows\system32\drivers\usbaudio.sys []S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys []S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys []S4 m5287;m5287; C:\Windows\system32\drivers\m5287.sys []S4 m5288;m5288; C:\Windows\system32\drivers\m5288.sys []S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys []S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys []======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======R2 a2free;a-squared Free Service; C:\Program Files (x86)\a-squared Free\a2service.exe [2008-10-19 418936]R2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files (x86)\Lavasoft\Ad-Aware\aawservice.exe [2008-08-19 611664]R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-09-10 116040]R2 avg8emc;AVG Free8 E-mail Scanner; C:\PROGRA~2\AVG\AVG8\avgemc.exe [2008-08-29 875288]R2 avg8wd;AVG Free8 WatchDog; C:\PROGRA~2\AVG\AVG8\avgwdsvc.exe [2008-08-29 231704]R2 Bonjour Service;Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2008-08-29 238888]R2 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-10-07 168432]R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2008-07-07 809296]S3 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2008-01-21 93696]S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-21 19968]S3 sassvc;ProgramCheckerPro; C:\Program Files (x86)\Zenturi\ProgramChecker\sassvc.exe [2006-02-15 122880]-----------------EOF-----------------info.txt logfile of random's system information tool 1.04 2008-10-30 17:47:12======Uninstall list======-->C:\PROGRA~2\Yahoo!\Common\UNYT_W~1.EXE-->C:\Program Files (x86)\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.07 Wonders II-->"C:\Windows\7 Wonders II\uninstall.exe" "/U:C:\Program Files (x86)\7 Wonders II\Uninstall\uninstall.xml"Acrobat.com-->C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe -uninstall com.adobe.mauby 4875E02D9FB21EE389F73B8D1702B320485DF8CE.1Acrobat.com-->MsiExec.exe /I{77DCDCE3-2DED-62F3-8154-05E745472D07}Ad-Aware-->MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}Adobe AIR-->MsiExec.exe /I{00203668-8170-44A0-BE44-B632FA4D780F}Adobe Flash Player ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\uninstall_activeX.exeAdobe Flash Player Plugin-->C:\Windows\SysWOW64\Macromed\Flash\uninstall_plugin.exeAdobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A90000000001}Advanced WindowsCare Personal-->"C:\Program Files (x86)\IObit\Advanced WindowsCare V2\unins000.exe"Any Video Converter 2.6.3-->"C:\Program Files (x86)\Any Video Converter\unins000.exe"Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}Arctic Quest 2-->"C:\Windows\Arctic Quest 2\uninstall.exe" "/U:C:\Program Files (x86)\Arctic Quest 2\Uninstall\uninstall.xml"a-squared Free 3.5-->"C:\Program Files (x86)\a-squared Free\unins000.exe"AVG Free 8.0-->C:\Program Files (x86)\AVG\AVG8\setup.exe /UNINSTALLBreak Quest-->"C:\Windows\Break Quest\uninstall.exe" "/U:C:\Program Files (x86)\Break Quest\Uninstall\uninstall.xml"CA Yahoo! Anti-Spy (remove only)-->"C:\Program Files (x86)\CA Yahoo! Anti-Spy\uninstall.exe"CCleaner (remove only)-->"C:\Program Files (x86)\CCleaner\uninst.exe"Deep Sea Adventures-->"C:\Windows\Deep Sea Adventures\uninstall.exe" "/U:C:\Program Files (x86)\Deep Sea Adventures\Uninstall\uninstall.xml"Driver Detective-->C:\Program Files (x86)\InstallShield Installation Information\{621C02EA-AAFF-4026-A903-165D59529A16}\setup.exe -runfromtemp -l0x0409EPSON PhotoQuicker3.5-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{65F5B7AF-3363-11D7-BB6B-00018021113F}\SETUP.EXE" -l0x9 uninstEPSON Print CD-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{FF477885-5EA8-40D0-ADF3-D4C1B86FAEA4}\SETUP.EXE" -l0x9 -SYSTEMEPSON PRINT Image Framer Tool2.1-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{23B59ED4-C360-11D7-875B-0090CC005647}\SETUP.EXE" -l0x9 anythingEPSON Printer Software-->C:\Windows\system32\spool\DRIVERS\x64\EPUPDATE.EXE /rESPR800 Referene Guide-->C:\Program Files (x86)\EPSON\TPMANUAL\ESPR800\REF_G\DOCUNINS.EXEESPR800 Software Guide-->C:\Program Files (x86)\EPSON\TPMANUAL\ESPR800\PQU_G\DOCUNINS.EXEEusing Free Registry Cleaner-->C:\PROGRA~2\Eusing Free Registry Cleaner\UNWISE.EXE C:\PROGRA~2\Eusing Free Registry Cleaner\INSTALL.LOGEVEREST Home Edition v2.20-->"C:\Program Files (x86)\Lavalys\EVEREST Home Edition\unins000.exe"Free Window Registry Repair-->C:\PROGRA~2\Free Window Registry Repair\UNWISE.EXE C:\PROGRA~2\Free Window Registry Repair\INSTALL.LOGGarmin WebUpdater-->MsiExec.exe /X{366FFC89-C800-4366-B903-B9C4314109A5}Google Earth-->MsiExec.exe /I{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}Google Toolbar for Internet Explorer-->"C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarManager_FE4264652A965D92.exe" /uninstallGoogle Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}Google Updater-->"C:\Program Files (x86)\Google\Google Updater\GoogleUpdater.exe" -uninstallHijackThis 2.0.2-->"C:\TEMP\HijackThis.exe" /uninstallHomonym Madness-->MsiExec.exe /I{F273B28F-6793-41A9-ABD8-080FC727F6B1}ImgBurn-->"C:\Program Files (x86)\ImgBurn\uninstall.exe"Inside The Beast-->MsiExec.exe /I{3F059E73-C365-488C-9560-EBB4F1585F8E}Java 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}Kyodai Mahjongg-->"C:\Program Files (x86)\Kyodai Mahjongg\unins000.exe"LimeWire 4.18.8-->"C:\Program Files (x86)\LimeWire\uninstall.exe"Luxor Mah Jong-->"C:\Windows\Luxor Mah Jong\uninstall.exe" "/U:C:\Program Files (x86)\Luxor Mah Jong\Uninstall\uninstall.xml"Malwarebytes' Anti-Malware-->"C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe"Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}Miditzer Style 216 ver. 0.881-->C:\Program Files (x86)\Miditzer Style 216\uninst.exeMozilla Firefox (2.0.0.17)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exeOpenAL-->"C:\Program Files (x86)\OpenAL\OpenALwEAX.exe" /U /SOpenOffice.org 2.4-->MsiExec.exe /I{2CD2C0DB-81C3-416B-9FA6-589B9235359B}OTS Software Toolbar-->C:\PROGRA~2\OTS_Software\UNWISE.EXE C:\PROGRA~2\OTS_Software\INSTALL.LOGPanda ActiveScan 2.0-->C:\Program Files (x86)\Panda Security\ActiveScan 2.0\as2uninst.exePicasa 2-->"C:\Program Files (x86)\Picasa2\Uninstall.exe"PIF DESIGNER2.1-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{23B59B9F-C360-11D7-875B-0090CC005647}\SETUP.EXE" -l0x9 anythingProgramChecker-->MsiExec.exe /I{FE047432-CD76-41F9-88FA-1AD225604FFB}QuickTime-->MsiExec.exe /I{8DC42D05-680B-41B0-8878-6C14D24602DB}RealPlayer-->C:\Program Files (x86)\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0Realtek AC'97 Audio-->Alcrmv64.exe -r -mRegistryFix v7.0-->"C:\Program Files (x86)\RegistryFix7\unins000.exe"ScanToWeb-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{EBAE381B-60A6-4863-AA9F-FCAB755BC9E5}\SETUP.EXE" ADDREMOVEDLGSecunia PSI (RC3)-->"C:\Program Files (x86)\Secunia\PSI (RC3)\uninstall.exe"Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}Ship Simulator 2008-->"C:\Program Files (x86)\Vstep\ShipSim2008\Uninstall.exe"Spybot - Search & Destroy-->"C:\Program Files (x86)\Spybot - Search & Destroy\unins000.exe"SpywareBlaster 4.1-->"C:\Program Files (x86)\SpywareBlaster\unins000.exe"Style Fixer 1.10-->"C:\Program Files (x86)\StyleFixer\unins000.exe"SUPERAntiSpyware Free Edition-->MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}System Requirements Lab-->C:\Program Files (x86)\SystemRequirementsLab\Uninstall.exeTrojanHunter 5.0-->"C:\Program Files (x86)\TrojanHunter 5.0\unins000.exe"USB-Flash Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{7EB597B1-9F63-4CA7-9CC5-1DADF9FFC8CD}\Setup.exe" -l0x9 Visual C++ 8.0 Runtime Setup Package (x64)-->MsiExec.exe /I{021C4C4F-C93C-4425-BFFD-C2D16776BFAE}Weather Pulse 2.10 build 5-->"C:\Program Files (x86)\Weather Pulse\unins000.exe"Wild Metal Country-->C:\Windows\IsUninst.exe -f"C:\Program Files (x86)\Rockstar Games\Wild Metal Country\Uninst.isu"Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}Yahoo! Toolbar-->C:\PROGRA~2\Yahoo!\Common\UNYT_W~1.EXE=====HijackThis Backups=====O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - (no file)O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~2\AVG\AVG8\avgwdsvc.exeO23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - (no file)O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - (no file)O23 - Service: Software Licensing (slsvc) - Unknown owner - (no file)O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - (no file)O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - (no file)O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - (no file)O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - (no file)O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - (no file)O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - (no file)O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - (no file)O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - (no file)O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - (no file)O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - (no file)O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~2\AVG\AVG8\avgwdsvc.exeO23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - (no file)O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - (no file)O23 - Service: Software Licensing (slsvc) - Unknown owner - (no file)O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - (no file)R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blankR0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = F2 - REG:system.ini: UserInit=C:\Windows\system32\Userinit.exeO23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - (no file)O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~2\Java\JRE16~2.0_0\bin\ssv.dllO9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dllO9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~2\Java\JRE16~2.0_0\bin\ssv.dllO9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dllO13 - Gopher Prefix: R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = O1 - Hosts: ::1 localhostO23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - (no file)O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - (no file)O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - (no file)O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - (no file)O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - (no file)O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - (no file)O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - (no file)O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - (no file)O23 - Service: Software Licensing (slsvc) - Unknown owner - (no file)O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - (no file)O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - (no file)R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dllO1 - Hosts: ::1 localhostR3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dllR0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = O1 - Hosts: ::1 localhostR0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = O1 - Hosts: ::1 localhostR0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - (no file)O23 - Service: ProgramCheckerPro (sassvc) - Unknown owner - C:\Program Files (x86)\Zenturi\ProgramChecker\sassvc.exeO23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - (no file)O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - (no file)O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - (no file)O23 - Service: Software Licensing (slsvc) - Unknown owner - (no file)O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - (no file)O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - (no file)O3 - Toolbar: OTS Software Toolbar - {e41b29e5-88b5-40b1-903e-080e0f2c4b65} - C:\Program Files (x86)\OTS_Software\tbOTS_.dllO23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~2\AVG\AVG8\avgwdsvc.exeO23 - Service: Volume Shadow Copy (VSS) - Unknown owner - (no file)O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - (no file)O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - (no file)O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exeO23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - (no file)R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = O1 - Hosts: ::1 localhostO2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllO23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - (no file)O2 - BHO: OTS Software Toolbar - {e41b29e5-88b5-40b1-903e-080e0f2c4b65} - C:\Program Files (x86)\OTS_Software\tbOTS_.dllO23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - (no file)O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - (no file)R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = O1 - Hosts: ::1 localhostR0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dllR0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cabO16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dllO23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - (no file)O23 - Service: Software Licensing (slsvc) - Unknown owner - (no file)O23 - Service: Volume Shadow Copy (VSS) - Unknown owner - (no file)O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - (no file)O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - (no file)O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - (no file)O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - (no file)O23 - Service: Print Spooler (Spooler) - Unknown owner - (no file)O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - (no file)O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - (no file)O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - (no file)O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - (no file)R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - (no file)O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - (no file)======Security center information======AS: AVG Anti-Virus Free (disabled)AS: Spybot - Search and Destroy (disabled)AS: Windows DefenderAS: SUPERAntiSpyware (disabled)======Environment variables======"ComSpec"=%SystemRoot%\system32\cmd.exe"FP_NO_HOST_CHECK"=NO"OS"=Windows_NT"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files (x86)\QuickTime\QTSystem\"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC"PROCESSOR_ARCHITECTURE"=AMD64"TEMP"=%SystemRoot%\TEMP"TMP"=%SystemRoot%\TEMP"USERNAME"=SYSTEM"windir"=%SystemRoot%"PROCESSOR_LEVEL"=15"PROCESSOR_IDENTIFIER"=AMD64 Family 15 Model 43 Stepping 1, AuthenticAMD"PROCESSOR_REVISION"=2b01"NUMBER_OF_PROCESSORS"=2"TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\34FB5F65-FFEB-4B61-BF0E-A6A76C450FAA\TraceFormat"DFSTRACINGON"=FALSE"CLASSPATH"=.;C:\Program Files (x86)\Java\jre1.6.0_07\lib\ext\QTJava.zip"QTJAVA"=C:\Program Files (x86)\Java\jre1.6.0_07\lib\ext\QTJava.zip-----------------EOF----------------- Quote Link to post Share on other sites
patonm Posted November 14, 2008 Author Report Share Posted November 14, 2008 problem resolved Quote Link to post Share on other sites
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.