Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

HiJack This Log Attached, Please Help

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

HiJack This Log Attached, Please Help

Unread postby BigDaddy66 » January 27th, 2009, 9:09 pm

When I start my computer I get a pop-up window that reads:

Error Loading
p2esocks_1020.dll
The specified module could not be found

I found the program Hijack This, so I have attached the log so hopefully one of you experts can assist me with fixing this problem.

Thank you.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:09:05, on 1/27/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18241)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe
C:\Program Files\Lexmark X5100 Series\lxbabmgr.exe
C:\Program Files\Lexmark X5100 Series\lxbabmon.exe
C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe
C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe
C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe
C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\PROGRA~1\AVG\AVG8\avgfws8.exe
C:\Program Files\AVG\AVG8\avgui.exe
C:\Program Files\AVG\AVG8\avgscanx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchProtocolHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://login.live.com/login.srf?wa=wsig ... 1&id=64855
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 9\SnagItBHO.dll
O2 - BHO: (no name) - {0ff9a677-542a-481d-a6d6-3fa32d8a806d} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 9\SnagItIEAddin.dll
O4 - HKLM\..\Run: [Lexmark X5100 Series] "C:\Program Files\Lexmark X5100 Series\lxbabmgr.exe"
O4 - HKLM\..\Run: [DiscWizardMonitor.exe] C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\MpcStar\Codecs\QuickTime\QTSystem\qttask.exe" -atboottime
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Instant Access] rundll32.exe p2esocks_1020.dll,InstantAccess
O4 - Global Startup: SnagIt 9.lnk = C:\Program Files\TechSmith\SnagIt 9\SnagIt32.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0594AF7E-573B-40DF-8165-E47AB2EAEFE8} - http://akamai.downloadv3.com/binaries/P ... _EN_XP.cab
O16 - DPF: {1A1F56AA-3401-46F9-B277-D57F3421F821} (FunGamesLoader Object) - http://www.worldwinner.com/games/v47/sh ... Loader.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocach ... 0.15-3.cab
O16 - DPF: {469C7080-8EC8-43A6-AD97-45848113743C} - http://akamai.downloadv3.com/binaries/I ... _EN_XP.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Fac ... loader.cab
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 6190562765
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab
O16 - DPF: {CF969D51-F764-4FBF-9E90-475248601C8A} (FamilyFeud Control) - http://www.worldwinner.com/games/v47/fa ... lyfeud.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0041DB34-23FE-493C-8287-6892C43D942A}: NameServer = 24.226.10.193,24.226.76.249
O17 - HKLM\System\CS1\Services\Tcpip\..\{0041DB34-23FE-493C-8287-6892C43D942A}: NameServer = 24.226.10.193,24.226.76.249
O17 - HKLM\System\CS2\Services\Tcpip\..\{0041DB34-23FE-493C-8287-6892C43D942A}: NameServer = 24.226.10.193,24.226.76.249
O17 - HKLM\System\CS3\Services\Tcpip\..\{0041DB34-23FE-493C-8287-6892C43D942A}: NameServer = 24.226.10.193,24.226.76.249
O18 - Protocol: intu-qt2007 - {026BF40D-BA05-467B-9F1F-AD0D7A3F5F11} - (no file)
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE

--
End of file - 8212 bytes
BigDaddy66
Active Member
 
Posts: 9
Joined: January 27th, 2009, 8:56 pm
Advertisement
Register to Remove

Re: HiJack This Log Attached, Please Help

Unread postby Shaba » February 7th, 2009, 6:17 am

Hi BigDaddy66 and sorry for delay.

If you still need help, please post next a fresh HijackThis log.
User avatar
Shaba
Admin/Teacher Emeritus
 
Posts: 26974
Joined: March 24th, 2006, 4:42 am
Location: Finland

Re: HiJack This Log Attached, Pls Help (Reposted as Requested)

Unread postby BigDaddy66 » February 7th, 2009, 4:06 pm

Here is the reposting of a "fresh" Hi-jack this logfile. I am still have the same problem on start-up. Thank you in advance.

Regards,
BigDaddy66

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:04:09, on 2/7/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18372)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8\avgfws8.exe
C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Lexmark X5100 Series\lxbabmgr.exe
C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe
C:\Program Files\Lexmark X5100 Series\lxbabmon.exe
C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe
C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TechSmith\SnagIt 9\TSCHelp.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\TechSmith\SnagIt 9\snagiteditor.exe
C:\Program Files\VSO\ConvertX\3\ConvertXtoDvd.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://login.live.com/login.srf?wa=wsig ... 2&id=64855
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 9\SnagItBHO.dll
O2 - BHO: (no name) - {0ff9a677-542a-481d-a6d6-3fa32d8a806d} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 9\SnagItIEAddin.dll
O4 - HKLM\..\Run: [Lexmark X5100 Series] "C:\Program Files\Lexmark X5100 Series\lxbabmgr.exe"
O4 - HKLM\..\Run: [DiscWizardMonitor.exe] C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\MpcStar\Codecs\QuickTime\QTSystem\qttask.exe" -atboottime
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Instant Access] rundll32.exe p2esocks_1020.dll,InstantAccess
O4 - Global Startup: SnagIt 9.lnk = C:\Program Files\TechSmith\SnagIt 9\SnagIt32.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0594AF7E-573B-40DF-8165-E47AB2EAEFE8} - http://akamai.downloadv3.com/binaries/P ... _EN_XP.cab
O16 - DPF: {1A1F56AA-3401-46F9-B277-D57F3421F821} (FunGamesLoader Object) - http://www.worldwinner.com/games/v47/sh ... Loader.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocach ... 0.15-3.cab
O16 - DPF: {469C7080-8EC8-43A6-AD97-45848113743C} - http://akamai.downloadv3.com/binaries/I ... _EN_XP.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Fac ... loader.cab
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 6190562765
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab
O16 - DPF: {CF969D51-F764-4FBF-9E90-475248601C8A} (FamilyFeud Control) - http://www.worldwinner.com/games/v47/fa ... lyfeud.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0041DB34-23FE-493C-8287-6892C43D942A}: NameServer = 24.226.10.193,24.226.76.249
O17 - HKLM\System\CS1\Services\Tcpip\..\{0041DB34-23FE-493C-8287-6892C43D942A}: NameServer = 24.226.10.193,24.226.76.249
O17 - HKLM\System\CS2\Services\Tcpip\..\{0041DB34-23FE-493C-8287-6892C43D942A}: NameServer = 24.226.10.193,24.226.76.249
O17 - HKLM\System\CS3\Services\Tcpip\..\{0041DB34-23FE-493C-8287-6892C43D942A}: NameServer = 24.226.10.193,24.226.76.249
O18 - Protocol: intu-qt2007 - {026BF40D-BA05-467B-9F1F-AD0D7A3F5F11} - (no file)
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE

--
End of file - 8634 bytes
BigDaddy66
Active Member
 
Posts: 9
Joined: January 27th, 2009, 8:56 pm

Re: HiJack This Log Attached, Please Help

Unread postby Shaba » February 7th, 2009, 4:11 pm

  • Download random''s system information tool (RSIT) by random/random from here and save it to your desktop.
  • Double click on RSIT.exe to run RSIT.
  • Click Continue at the disclaimer screen.
  • Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)
User avatar
Shaba
Admin/Teacher Emeritus
 
Posts: 26974
Joined: March 24th, 2006, 4:42 am
Location: Finland

Re: HiJack This Log Attached, Please Help

Unread postby BigDaddy66 » February 7th, 2009, 7:09 pm

Here are the results from running random.exe
Thank you,
BigDaddy66


Logfile of random's system information tool 1.05 (written by random/random)
Run by user at 2009-02-07 18:03:50
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 89 GB (76%) free of 117 GB
Total RAM: 751 MB (16% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:04:50, on 2/7/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18372)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8\avgfws8.exe
C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Lexmark X5100 Series\lxbabmgr.exe
C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe
C:\Program Files\Lexmark X5100 Series\lxbabmon.exe
C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe
C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TechSmith\SnagIt 9\TSCHelp.exe
C:\Program Files\TechSmith\SnagIt 9\snagiteditor.exe
C:\Program Files\VSO\ConvertX\3\ConvertXtoDvd.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Documents and Settings\user\My Documents\Downloads\Programs\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\user.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://login.live.com/login.srf?wa=wsig ... 2&id=64855
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 9\SnagItBHO.dll
O2 - BHO: (no name) - {0ff9a677-542a-481d-a6d6-3fa32d8a806d} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 9\SnagItIEAddin.dll
O4 - HKLM\..\Run: [Lexmark X5100 Series] "C:\Program Files\Lexmark X5100 Series\lxbabmgr.exe"
O4 - HKLM\..\Run: [DiscWizardMonitor.exe] C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\MpcStar\Codecs\QuickTime\QTSystem\qttask.exe" -atboottime
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Instant Access] rundll32.exe p2esocks_1020.dll,InstantAccess
O4 - Global Startup: SnagIt 9.lnk = C:\Program Files\TechSmith\SnagIt 9\SnagIt32.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0594AF7E-573B-40DF-8165-E47AB2EAEFE8} - http://akamai.downloadv3.com/binaries/P ... _EN_XP.cab
O16 - DPF: {1A1F56AA-3401-46F9-B277-D57F3421F821} (FunGamesLoader Object) - http://www.worldwinner.com/games/v47/sh ... Loader.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocach ... 0.15-3.cab
O16 - DPF: {469C7080-8EC8-43A6-AD97-45848113743C} - http://akamai.downloadv3.com/binaries/I ... _EN_XP.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Fac ... loader.cab
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 6190562765
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab
O16 - DPF: {CF969D51-F764-4FBF-9E90-475248601C8A} (FamilyFeud Control) - http://www.worldwinner.com/games/v47/fa ... lyfeud.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0041DB34-23FE-493C-8287-6892C43D942A}: NameServer = 24.226.10.193,24.226.76.249
O17 - HKLM\System\CS1\Services\Tcpip\..\{0041DB34-23FE-493C-8287-6892C43D942A}: NameServer = 24.226.10.193,24.226.76.249
O17 - HKLM\System\CS2\Services\Tcpip\..\{0041DB34-23FE-493C-8287-6892C43D942A}: NameServer = 24.226.10.193,24.226.76.249
O17 - HKLM\System\CS3\Services\Tcpip\..\{0041DB34-23FE-493C-8287-6892C43D942A}: NameServer = 24.226.10.193,24.226.76.249
O18 - Protocol: intu-qt2007 - {026BF40D-BA05-467B-9F1F-AD0D7A3F5F11} - (no file)
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE

--
End of file - 8680 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Microsoft_Hardware_Launch_IPoint_exe.job
C:\WINDOWS\tasks\RegCure Program Check.job
C:\WINDOWS\tasks\RegCure.job
C:\WINDOWS\tasks\Uniblue SpeedUpMyPC Nag.job
C:\WINDOWS\tasks\Uniblue SpeedUpMyPC.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{C941E1B1-72BB-4AD6-A986-DAFE9BD2747A}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDMIEHlprObj Class - C:\Program Files\Internet Download Manager\IDMIECC.dll [2008-01-08 95664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00C6482D-C502-44C8-8409-FCE54AD9C208}]
SnagIt Toolbar Loader - C:\Program Files\TechSmith\SnagIt 9\SnagItBHO.dll [2008-09-22 66888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0ff9a677-542a-481d-a6d6-3fa32d8a806d}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2009-01-27 1078552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - SnagIt - C:\Program Files\TechSmith\SnagIt 9\SnagItIEAddin.dll [2008-09-22 161096]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Lexmark X5100 Series"=C:\Program Files\Lexmark X5100 Series\lxbabmgr.exe [2003-03-04 86100]
"DiscWizardMonitor.exe"=C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe [2007-08-08 1169456]
"AcronisTimounterMonitor"=C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe [2007-08-08 1945424]
"Acronis Scheduler2 Service"=C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe [2007-08-08 148760]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"NeroCheck"=C:\WINDOWS\System32\\NeroCheck.exe [2001-07-09 155648]
"QuickTime Task"=C:\Program Files\MpcStar\Codecs\QuickTime\QTSystem\qttask.exe [2008-08-15 282624]
"IntelliPoint"=C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2008-06-10 1406024]
"igfxtray"=C:\WINDOWS\system32\igfxtray.exe [2005-09-20 94208]
"igfxhkcmd"=C:\WINDOWS\system32\hkcmd.exe [2005-09-20 77824]
"igfxpers"=C:\WINDOWS\system32\igfxpers.exe [2005-09-20 114688]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2009-01-27 1601304]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
"Instant Access"=p2esocks_1020.dll []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpyKiller]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Symantec NetDriver Monitor]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WeatherCast]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WhenUSave]
[]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
SnagIt 9.lnk - C:\Program Files\TechSmith\SnagIt 9\SnagIt32.exe
Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2009-01-27 10520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2005-09-20 135168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-13 239616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2008-05-26 304128]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
relog_ap

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoResolveSearch"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\BearShare\BearShare.exe"="C:\Program Files\BearShare\BearShare.exe:*:Enabled:BearShare"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:Enabled:DNA"
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Azureus\Azureus.exe"="C:\Program Files\Azureus\Azureus.exe:*:Enabled:Azureus"
"C:\Program Files\nFusion IPPVR\IPPVR.exe"="C:\Program Files\nFusion IPPVR\IPPVR.exe:*:Enabled:IPPVR"
"C:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools\Recycle Bin\kdja.exe"="C:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools\Recycle Bin\kdja.exe:*:Enabled:windows media player streaming service"
"C:\Documents and Settings\user\Desktop\Nfusion Nova\IPVR\IPPVR_HD_1.5_Beta_.exe"="C:\Documents and Settings\user\Desktop\Nfusion Nova\IPVR\IPPVR_HD_1.5_Beta_.exe:*:Enabled:IPPVR"
"C:\Documents and Settings\user\Desktop\Nfusion Nova\IPVR\IPPVR.exe"="C:\Documents and Settings\user\Desktop\Nfusion Nova\IPVR\IPPVR.exe:*:Enabled:IPPVR"
"C:\Documents and Settings\user\Desktop\Nfusion Nova\IPVR\nfpvrwin.exe"="C:\Documents and Settings\user\Desktop\Nfusion Nova\IPVR\nfpvrwin.exe:*:Enabled:nfpvrwin"
"C:\IPPVR\IPPVR.exe"="C:\IPPVR\IPPVR.exe:*:Enabled:IPPVR"
"C:\Program Files\AVG\AVG8\avgam.exe"="C:\Program Files\AVG\AVG8\avgam.exe:*:Enabled:avgam.exe"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG8\avgnsx.exe"="C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:MSN Messenger 7.5"

======List of files/folders created in the last 1 months======

2009-02-07 18:03:50 ----D---- C:\rsit
2009-01-30 07:48:42 ----HDC---- C:\WINDOWS\ie8
2009-01-27 22:26:39 ----D---- C:\Program Files\SpywareBlaster
2009-01-27 19:47:24 ----D---- C:\Program Files\Trend Micro
2009-01-27 19:37:48 ----HD---- C:\$AVG8.VAULT$
2009-01-27 19:21:27 ----A---- C:\WINDOWS\system32\avgrsstx.dll
2009-01-27 19:19:59 ----A---- C:\WINDOWS\system32\avgfwdx.dll
2009-01-27 19:19:58 ----D---- C:\Program Files\AVG
2009-01-15 02:22:00 ----N---- C:\WINDOWS\system32\msrating.dll.mui
2009-01-15 02:21:44 ----N---- C:\WINDOWS\system32\mshta.exe.mui
2009-01-15 02:19:22 ----N---- C:\WINDOWS\system32\ie4uinit.exe.mui
2009-01-15 02:19:02 ----N---- C:\WINDOWS\system32\iedkcs32.dll.mui
2009-01-13 21:17:53 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-01-12 22:33:50 ----D---- C:\Program Files\Common Files\Adobe AIR
2009-01-11 09:32:51 ----A---- C:\WINDOWS\system32\tmp.txt
2009-01-11 09:32:48 ----A---- C:\rapport.txt
2009-01-10 14:56:56 ----D---- C:\IPPVR

======List of files/folders modified in the last 1 months======

2009-02-07 18:02:41 ----D---- C:\Documents and Settings\user\Application Data\DMCache
2009-02-07 17:58:15 ----D---- C:\WINDOWS\system32\CatRoot2
2009-02-07 16:16:19 ----D---- C:\WINDOWS\Temp
2009-02-07 14:58:12 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-02-07 12:54:42 ----A---- C:\WINDOWS\NeroDigital.ini
2009-02-07 11:30:56 ----D---- C:\Documents and Settings\user\Application Data\Vso
2009-02-07 06:31:58 ----D---- C:\WINDOWS\Prefetch
2009-02-07 06:31:54 ----A---- C:\WINDOWS\LEXSTAT.INI
2009-02-02 17:34:02 ----D---- C:\Documents and Settings\user\Application Data\dvdcss
2009-02-01 09:15:28 ----D---- C:\Documents and Settings\user\Application Data\VideoReDoPlus
2009-01-30 07:53:13 ----D---- C:\WINDOWS
2009-01-30 07:53:00 ----D---- C:\WINDOWS\system32
2009-01-30 07:52:43 ----D---- C:\WINDOWS\system32\en-US
2009-01-30 07:52:42 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-01-30 07:52:42 ----HD---- C:\WINDOWS\inf
2009-01-30 07:52:42 ----D---- C:\WINDOWS\Media
2009-01-30 07:52:42 ----D---- C:\WINDOWS\Help
2009-01-30 07:52:42 ----D---- C:\Program Files\Internet Explorer
2009-01-30 07:51:08 ----D---- C:\WINDOWS\ie8updates
2009-01-30 07:50:59 ----HD---- C:\WINDOWS\$hf_mig$
2009-01-30 07:50:49 ----A---- C:\WINDOWS\imsins.BAK
2009-01-29 22:47:59 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2009-01-27 22:26:39 ----D---- C:\Program Files
2009-01-27 19:33:08 ----D---- C:\WINDOWS\system32\drivers
2009-01-27 19:19:58 ----SHD---- C:\WINDOWS\Installer
2009-01-27 19:19:58 ----D---- C:\Documents and Settings\All Users\Application Data\avg8
2009-01-27 18:57:21 ----D---- C:\WINDOWS\system
2009-01-26 17:18:20 ----D---- C:\WINDOWS\network diagnostic
2009-01-18 22:40:01 ----D---- C:\Documents and Settings\user\Application Data\Azureus
2009-01-15 02:22:22 ----A---- C:\WINDOWS\system32\ieframe.dll.mui
2009-01-15 02:19:22 ----A---- C:\WINDOWS\system32\advpack.dll.mui
2009-01-15 02:17:22 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2009-01-15 02:13:18 ----A---- C:\WINDOWS\system32\mshtml.dll
2009-01-15 02:12:12 ----A---- C:\WINDOWS\system32\ieframe.dll
2009-01-15 02:06:48 ----A---- C:\WINDOWS\system32\urlmon.dll
2009-01-15 02:06:22 ----A---- C:\WINDOWS\system32\WinFXDocObj.exe
2009-01-15 02:06:08 ----A---- C:\WINDOWS\system32\webcheck.dll
2009-01-15 02:06:00 ----A---- C:\WINDOWS\system32\url.dll
2009-01-15 02:05:42 ----A---- C:\WINDOWS\system32\wininet.dll
2009-01-15 02:05:34 ----A---- C:\WINDOWS\system32\occache.dll
2009-01-15 02:05:34 ----A---- C:\WINDOWS\system32\msrating.dll
2009-01-15 02:05:34 ----A---- C:\WINDOWS\system32\licmgr10.dll
2009-01-15 02:04:28 ----A---- C:\WINDOWS\system32\corpol.dll
2009-01-15 02:04:16 ----A---- C:\WINDOWS\system32\jsproxy.dll
2009-01-15 02:03:58 ----A---- C:\WINDOWS\system32\jscript.dll
2009-01-15 02:03:50 ----A---- C:\WINDOWS\system32\ieaksie.dll
2009-01-15 02:03:42 ----A---- C:\WINDOWS\system32\ieakeng.dll
2009-01-15 02:03:36 ----A---- C:\WINDOWS\system32\vbscript.dll
2009-01-15 02:03:32 ----A---- C:\WINDOWS\system32\admparse.dll
2009-01-15 02:03:28 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2009-01-15 02:03:20 ----A---- C:\WINDOWS\system32\ieakui.dll
2009-01-15 02:03:18 ----A---- C:\WINDOWS\system32\ieudinit.exe
2009-01-15 02:03:18 ----A---- C:\WINDOWS\system32\iesetup.dll
2009-01-15 02:03:14 ----A---- C:\WINDOWS\system32\inseng.dll
2009-01-15 02:03:14 ----A---- C:\WINDOWS\system32\iernonce.dll
2009-01-15 02:03:12 ----A---- C:\WINDOWS\system32\advpack.dll
2009-01-15 02:02:50 ----A---- C:\WINDOWS\system32\iertutil.dll
2009-01-15 02:02:40 ----A---- C:\WINDOWS\system32\msfeeds.dll
2009-01-15 02:02:20 ----A---- C:\WINDOWS\system32\mstime.dll
2009-01-15 02:01:52 ----A---- C:\WINDOWS\system32\iepeers.dll
2009-01-15 02:01:42 ----A---- C:\WINDOWS\system32\msfeedssync.exe
2009-01-15 02:01:40 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2009-01-15 02:01:40 ----A---- C:\WINDOWS\system32\icardie.dll
2009-01-15 02:01:26 ----A---- C:\WINDOWS\system32\imgutil.dll
2009-01-15 02:01:22 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2009-01-15 02:01:18 ----A---- C:\WINDOWS\system32\pngfilt.dll
2009-01-15 02:01:16 ----A---- C:\WINDOWS\system32\dxtrans.dll
2009-01-15 02:01:06 ----A---- C:\WINDOWS\system32\mshtmled.dll
2009-01-15 02:00:46 ----A---- C:\WINDOWS\system32\mshtmler.dll
2009-01-15 02:00:38 ----A---- C:\WINDOWS\system32\mshta.exe
2009-01-15 01:50:50 ----A---- C:\WINDOWS\system32\ieui.dll
2009-01-15 01:50:38 ----A---- C:\WINDOWS\system32\msls31.dll
2009-01-15 01:35:10 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2009-01-12 22:34:37 ----D---- C:\Program Files\Adobe
2009-01-12 22:33:50 ----D---- C:\Program Files\Common Files
2009-01-12 22:31:44 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-01-12 22:30:40 ----D---- C:\Program Files\Common Files\Adobe
2009-01-12 22:28:45 ----D---- C:\WINDOWS\WinSxS
2009-01-11 09:32:21 ----D---- C:\Documents and Settings\user\Application Data\IDM
2009-01-10 14:55:18 ----D---- C:\WINDOWS\system32\CatRoot
2009-01-10 14:07:15 ----D---- C:\WINDOWS\Cache
2009-01-09 20:35:28 ----A---- C:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AvgLdx86;AVG AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2009-01-27 325128]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-01-27 27656]
R1 AvgTdiX;AVG8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2009-01-27 107272]
R1 cdrbsdrv;cdrbsdrv; C:\WINDOWS\system32\drivers\cdrbsdrv.sys [2004-03-08 13567]
R1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys [2007-02-12 31360]
R1 incdrm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys [2007-02-12 33792]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 ISODrive;ISO DVD/CD-ROM Device Driver; \??\C:\Program Files\UltraISO\drivers\ISODrive.sys []
R1 sf;SFI Service; C:\WINDOWS\system32\drivers\sf.sys [2003-02-07 32197]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2003-03-31 12032]
R2 tifsfilter;Acronis True Image FS Filter; C:\WINDOWS\system32\DRIVERS\tifsfilt.sys [2007-11-20 32768]
R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2003-02-26 100032]
R3 Avgfwdx;Avgfwdx; C:\WINDOWS\system32\DRIVERS\avgfwdx.sys [2009-01-27 29208]
R3 E100B;Intel(R) PRO Adapter Driver; C:\WINDOWS\System32\DRIVERS\e100b325.sys [2003-03-04 145408]
R3 HCF_MSFT;HCF_MSFT; C:\WINDOWS\System32\DRIVERS\HCF_MSFT.sys [2001-08-17 907456]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 ialm;ialm; C:\WINDOWS\System32\DRIVERS\ialmnt5.sys [2005-09-20 1302332]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2008-10-03 47360]
R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2008-02-25 105088]
R3 SMBios;Intel (R) System Managment BIOS Service; C:\WINDOWS\System32\DRIVERS\SMBios.sys [2003-02-12 34978]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2003-03-19 555264]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbscan;USB Scanner Driver; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2008-04-13 15104]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R4 InCDfs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys [2007-02-12 112384]
S1 cdrbsvsd;cdrbsvsd; C:\WINDOWS\system32\drivers\cdrbsvsd.sys []
S3 {6080A529-897E-4629-A488-ABA0C29B635E};Intel(R) Graphics Platform (SoftBIOS) Driver; C:\WINDOWS\system32\drivers\ialmsbw.sys [2003-03-13 112288]
S3 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91};Intel(R) Graphics Chipset (KCH) Driver; C:\WINDOWS\system32\drivers\ialmkchw.sys [2003-03-13 78496]
S3 a3z4txsz;a3z4txsz; C:\WINDOWS\system32\drivers\a3z4txsz.sys []
S3 Avgfwfd;AVG network filter service; C:\WINDOWS\system32\DRIVERS\avgfwdx.sys [2009-01-27 29208]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 m4cxw2k3;NDIS5.1 Miniport Driver for D-Link PCI Express Ethernet Controller; C:\WINDOWS\system32\DRIVERS\m4cxw2k3.sys []
S3 MidiSyn;MidiSyn; C:\WINDOWS\system32\drivers\MidiSyn.sys []
S3 MR97310_USB_DUAL_CAMERA;MR97310 CIF Dual Mode Camera; C:\WINDOWS\system32\drivers\MR97310_USB_DUAL_CAMERA.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NAL;Nal Service ; \??\C:\WINDOWS\system32\Drivers\iqvw32.sys []
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 Ser2pl;Prolific Serial port driver; C:\WINDOWS\system32\DRIVERS\ser2pl.sys [2003-07-16 43264]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS []
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 wanatw;WAN Miniport (ATW); C:\WINDOWS\system32\drivers\wanatw.sys []
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sr;System Restore Filter Driver; C:\WINDOWS\System32\DRIVERS\sr.sys [2008-04-13 73472]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe [2007-08-08 410904]
R2 avg8wd;AVG8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-01-27 298264]
R2 avgfws8;AVG8 Firewall; C:\PROGRA~1\AVG\AVG8\avgfws8.exe [2009-01-27 1339600]
R2 InCDsrv;InCD Helper; C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe [2007-02-12 924160]
R2 LexBceS;LexBce Server; C:\WINDOWS\system32\LEXBCES.EXE [2003-02-28 303104]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]
R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
S4 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-01-05 774144]
S4 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2006-12-23 262144]

-----------------EOF-----------------

info.txt logfile of random's system information tool 1.05 2009-02-07 18:05:03

======Uninstall list======

-->MsiExec.exe /I{219B0DA4-8F1A-499D-8795-4A07C632521E}
-->MsiExec.exe /I{403EF592-953B-4794-BCEF-ECAB835C2095}
-->MsiExec.exe /I{644B991F-B109-4360-9DA3-40CDAD13961C}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
ABBYY FineReader 5.0 Sprint-->MsiExec.exe /X{4468EF97-A253-4699-9E1C-88CAE2C6832D}
Acrobat.com-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe -uninstall com.adobe.mauby 4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
Acrobat.com-->MsiExec.exe /I{77DCDCE3-2DED-62F3-8154-05E745472D07}
Adobe AIR-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{00203668-8170-44A0-BE44-B632FA4D780F}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A90000000001}
AVG 8.0-->C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
Azureus Vuze-->C:\Program Files\Azureus\uninstall.exe
CD Jewel Case and Label Creator-->C:\PROGRA~1\CDLabel\UNWISE.EXE C:\PROGRA~1\CDLabel\INSTALL.LOG
ConvertXtoDVD 2.99.11.700-->"C:\Program Files\VSO\ConvertX\3\unins000.exe"
Driver Genius Professional Edition-->"C:\Program Files\Driver-Soft\DriverGenius\unins000.exe"
DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5.0.8.5-->"C:\Program Files\DVDFab 5\unins000.exe"
Elf Bowling Hawaiian Vacation-->"C:\Program Files\Elf Bowling Hawaiian Vacation\ReflexiveArcade\unins000.exe"
FaxTools-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F45298E5-0083-426F-A668-1A2C5F04B8A0}\setup.exe" -l0x9 ControlPanel
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Hotfix for Windows XP (KB915800-v4)-->"C:\WINDOWS\$NtUninstallKB915800-v4$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Intel(R) Extreme Graphics 2 Driver-->RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx PCI\VEN_8086&DEV_2572
Intel(R) Network Connections-->MsiExec.exe /I{999104C6-AC4B-43D3-B8E2-125C0EEA9A71}
Internet Download Manager-->C:\Program Files\Internet Download Manager\Uninstall.exe
IrfanView (remove only)-->C:\Program Files\IrfanView\iv_uninstall.exe
Java 2 Runtime Environment, SE v1.4.2_05-->MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142050}
Lexmark X5100 Series-->C:\WINDOWS\System32\spool\drivers\w32x86\3\LXBAUN5C.EXE -dLexmark X5100 Series
Macromedia Flash Player-->MsiExec.exe /X{0456ebd7-5f67-4ab6-852e-63781e3f389c}
MediaMonkey 3.0-->"C:\Program Files\MediaMonkey\unins000.exe"
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft Data Access Components KB870669-->C:\WINDOWS\muninst.exe C:\WINDOWS\INF\KB870669.inf
Microsoft English TTS Engine-->MsiExec.exe /I{94824ADD-8F26-43D2-84DB-22E11F377E5E}
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{91110409-6000-11D3-8CFE-0150048383C9}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
MpcStar 2.1-->C:\Program Files\MpcStar\uninst.exe
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Nero 7 Essentials-->MsiExec.exe /X{8DA83EA6-E731-4722-958D-613399AE1033}
nFusion IPPVR 3.0b-->C:\WINDOWS\iun6002.exe "C:\Program Files\nFusion IPPVR\irunin.ini"
OpenAL-->"C:\Program Files\OpenAL\oalinst.exe" /U
REALTEK GbE & FE Ethernet PCI NIC Driver-->C:\Program Files\InstallShield Installation Information\{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}\setup.exe -runfromtemp -l0x0009 -removeonly
RegCure 1.5.0.1-->C:\Program Files\RegCure\uninst.exe
Seagate DiscWizard-->MsiExec.exe /X{81A60A13-224D-4637-8203-3EAC03B121A4}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Windows Internet Explorer 7 (KB928090)-->"C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB929969)-->"C:\WINDOWS\ie7updates\KB929969\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB931768)-->"C:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB933566)-->"C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB937143)-->"C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
SIW version 2008-10-28-->"C:\Program Files\SIW\unins000.exe"
SnagIt 9-->MsiExec.exe /I{ADDD6985-3A28-44D0-A1BA-FDD19A820491}
Sony USB Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}\Setup.exe" UNINSTALL
SpywareBlaster 4.1-->"C:\Program Files\SpywareBlaster\unins000.exe"
TTS Wrapper-->MsiExec.exe /I{97D0C0A1-7E64-4B05-A2EE-61D2CE23F154}
UltraISO Premium V8.62-->"C:\Program Files\UltraISO\unins000.exe"
Update for Windows Internet Explorer 8 (KB961813)-->"C:\WINDOWS\ie8updates\KB961813-IE8\spuninst\spuninst.exe"
Update for Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Update for Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
VideoLAN VLC media player 0.8.6c-->C:\Program Files\VideoLAN\VLC\uninstall.exe
VideoReDo/Plus Version 2.5.3.500-->"C:\Program Files\VideoReDoPlus\unins000.exe"
Viewpoint Media Player-->C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
ViewSonic Monitor Drivers-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B4FEA924-630D-11D4-B78E-005004566E4D}\Setup.exe" -l0x9
ViewSonic Windows XP Signed Files-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FC47C7A5-BE63-11D5-B7C9-005004566E4D}\Setup.exe" -l0x9
WinAVI Video Converter 9.0-->"C:\WINDOWS\WinAVI Video Converter 9.0\uninstall.exe" "/U:C:\Program Files\WinAVI Video Converter 9.0\Uninstall\uninstall.xml"
Windows Genuine Advantage v1.3.0254.0-->MsiExec.exe /I{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}
Windows Internet Explorer 8 Release Candidate 1-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Search 4.0-->"C:\WINDOWS\$NtUninstallKB940157$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
WinZip-->"C:\Program Files\WinZip\WINZIP32.EXE" /uninstall
Zuma Deluxe RA-->C:\PROGRA~1\ZUMADE~1\UNWISE.EXE C:\PROGRA~1\ZUMADE~1\INSTALL.LOG

======Security center information======

AV: AVG Internet Security
FW: AVG Firewall

System event log

Computer Name: USER-LQP5EB1R2M
Event Code: 7036
Message: The HTTP SSL service entered the running state.

Record Number: 1693037
Source Name: Service Control Manager
Time Written: 20081116190834.000000-300
Event Type: information
User:

Computer Name: USER-LQP5EB1R2M
Event Code: 7035
Message: The HTTP SSL service was successfully sent a start control.

Record Number: 1693036
Source Name: Service Control Manager
Time Written: 20081116190834.000000-300
Event Type: information
User: NT AUTHORITY\LOCAL SERVICE

Computer Name: USER-LQP5EB1R2M
Event Code: 7036
Message: The Remote Access Connection Manager service entered the running state.

Record Number: 1693035
Source Name: Service Control Manager
Time Written: 20081116190818.000000-300
Event Type: information
User:

Computer Name: USER-LQP5EB1R2M
Event Code: 7035
Message: The Remote Access Connection Manager service was successfully sent a start control.

Record Number: 1693034
Source Name: Service Control Manager
Time Written: 20081116190817.000000-300
Event Type: information
User: USER-LQP5EB1R2M\user

Computer Name: USER-LQP5EB1R2M
Event Code: 7036
Message: The Telephony service entered the running state.

Record Number: 1693033
Source Name: Service Control Manager
Time Written: 20081116190817.000000-300
Event Type: information
User:

Application event log

Computer Name: USER-LQP5EB1R2M
Event Code: 1000
Message: Faulting application iexplore.exe, version 7.0.6000.16705, faulting module ntdll.dll, version 5.1.2600.5512, fault address 0x000109f9.

Record Number: 5
Source Name: Application Error
Time Written: 20081014134622.000000-240
Event Type: error
User:

Computer Name: USER-LQP5EB1R2M
Event Code: 1800
Message: The Windows Security Center Service has started.

Record Number: 4
Source Name: SecurityCenter
Time Written: 20081014121822.000000-240
Event Type: information
User:

Computer Name: USER-LQP5EB1R2M
Event Code: 1000
Message: Faulting application iexplore.exe, version 7.0.6000.16705, faulting module ntdll.dll, version 5.1.2600.5512, fault address 0x00011669.

Record Number: 3
Source Name: Application Error
Time Written: 20081013210749.000000-240
Event Type: error
User:

Computer Name: USER-LQP5EB1R2M
Event Code: 1800
Message: The Windows Security Center Service has started.

Record Number: 2
Source Name: SecurityCenter
Time Written: 20081011105901.000000-240
Event Type: information
User:

Computer Name: USER-LQP5EB1R2M
Event Code: 1800
Message: The Windows Security Center Service has started.

Record Number: 1
Source Name: SecurityCenter
Time Written: 20081010202613.000000-240
Event Type: information
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\;C:\Program Files\Intel\DMIX
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 2 Stepping 9, GenuineIntel
"PROCESSOR_REVISION"=0209
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"FP_NO_HOST_CHECK"=NO

-----------------EOF-----------------
BigDaddy66
Active Member
 
Posts: 9
Joined: January 27th, 2009, 8:56 pm

Re: HiJack This Log Attached, Please Help

Unread postby Shaba » February 8th, 2009, 4:06 am

IMPORTANT I notice there are signs of one or more P2P (Peer to Peer) File Sharing Programs on your computer.

Azureus Vuze

I'd like you to read the MRU policy for P2P Programs.

Please go to Control Panel > Add/Remove Programs and uninstall the programs listed above (in red).

Delete info.txt from c:\rsit folder.

[b]Please run a new RSIT scan when finished and post the log back here.[/b
User avatar
Shaba
Admin/Teacher Emeritus
 
Posts: 26974
Joined: March 24th, 2006, 4:42 am
Location: Finland

Re: HiJack This Log Attached, Please Help

Unread postby BigDaddy66 » February 8th, 2009, 1:10 pm

Thank you. I have reviewed the P2P policy and fully understand and will comply.
However, I did not see anything hilighted in red that specifically noted what should be uninstalled. Specifically I knew of Azureus Vuze and uninstalled via add/remove programs. I did see some lines of test in the logs referring to "Bearshare". I have not used that progam in quite awhile and it was not in my add/remove programs listing. I did a general search for *bear* and come up with nothing. Therefore whatever still exists in my system I will need help eliminating.

I did uninstall many unused or unwanted programs and the ran regcure to clean up.
I then ran rsit.exe again ande here is the updated logs.

Once again, thank you.
Bigdaddy66

Logfile of random's system information tool 1.05 (written by random/random)
Run by user at 2009-02-08 12:04:30
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 96 GB (82%) free of 117 GB
Total RAM: 751 MB (44% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:04:49, on 2/8/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18372)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Lexmark X5100 Series\lxbabmgr.exe
C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe
C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe
C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe
C:\PROGRA~1\AVG\AVG8\avgfws8.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Lexmark X5100 Series\lxbabmon.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\user\Desktop\RSIT.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\user.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://login.live.com/login.srf?wa=wsig ... 2&id=64855
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: (no name) - {0ff9a677-542a-481d-a6d6-3fa32d8a806d} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O4 - HKLM\..\Run: [Lexmark X5100 Series] "C:\Program Files\Lexmark X5100 Series\lxbabmgr.exe"
O4 - HKLM\..\Run: [DiscWizardMonitor.exe] C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\MpcStar\Codecs\QuickTime\QTSystem\qttask.exe" -atboottime
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Instant Access] rundll32.exe p2esocks_1020.dll,InstantAccess
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0594AF7E-573B-40DF-8165-E47AB2EAEFE8} - http://akamai.downloadv3.com/binaries/P ... _EN_XP.cab
O16 - DPF: {1A1F56AA-3401-46F9-B277-D57F3421F821} (FunGamesLoader Object) - http://www.worldwinner.com/games/v47/sh ... Loader.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocach ... 0.15-3.cab
O16 - DPF: {469C7080-8EC8-43A6-AD97-45848113743C} - http://akamai.downloadv3.com/binaries/I ... _EN_XP.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Fac ... loader.cab
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 6190562765
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab
O16 - DPF: {CF969D51-F764-4FBF-9E90-475248601C8A} (FamilyFeud Control) - http://www.worldwinner.com/games/v47/fa ... lyfeud.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0041DB34-23FE-493C-8287-6892C43D942A}: NameServer = 24.226.10.193,24.226.76.249
O17 - HKLM\System\CS1\Services\Tcpip\..\{0041DB34-23FE-493C-8287-6892C43D942A}: NameServer = 24.226.10.193,24.226.76.249
O17 - HKLM\System\CS2\Services\Tcpip\..\{0041DB34-23FE-493C-8287-6892C43D942A}: NameServer = 24.226.10.193,24.226.76.249
O17 - HKLM\System\CS3\Services\Tcpip\..\{0041DB34-23FE-493C-8287-6892C43D942A}: NameServer = 24.226.10.193,24.226.76.249
O18 - Protocol: intu-qt2007 - {026BF40D-BA05-467B-9F1F-AD0D7A3F5F11} - (no file)
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE

--
End of file - 7903 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Microsoft_Hardware_Launch_IPoint_exe.job
C:\WINDOWS\tasks\RegCure Program Check.job
C:\WINDOWS\tasks\RegCure.job
C:\WINDOWS\tasks\Uniblue SpeedUpMyPC Nag.job
C:\WINDOWS\tasks\Uniblue SpeedUpMyPC.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{C941E1B1-72BB-4AD6-A986-DAFE9BD2747A}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDMIEHlprObj Class - C:\Program Files\Internet Download Manager\IDMIECC.dll [2008-01-08 95664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0ff9a677-542a-481d-a6d6-3fa32d8a806d}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2009-01-27 1078552]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Lexmark X5100 Series"=C:\Program Files\Lexmark X5100 Series\lxbabmgr.exe [2003-03-04 86100]
"DiscWizardMonitor.exe"=C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe [2007-08-08 1169456]
"AcronisTimounterMonitor"=C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe [2007-08-08 1945424]
"Acronis Scheduler2 Service"=C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe [2007-08-08 148760]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"NeroCheck"=C:\WINDOWS\System32\\NeroCheck.exe [2001-07-09 155648]
"QuickTime Task"=C:\Program Files\MpcStar\Codecs\QuickTime\QTSystem\qttask.exe [2008-08-15 282624]
"IntelliPoint"=C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2008-06-10 1406024]
"igfxtray"=C:\WINDOWS\system32\igfxtray.exe [2005-09-20 94208]
"igfxhkcmd"=C:\WINDOWS\system32\hkcmd.exe [2005-09-20 77824]
"igfxpers"=C:\WINDOWS\system32\igfxpers.exe [2005-09-20 114688]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2009-01-27 1601304]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
"Instant Access"=p2esocks_1020.dll []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpyKiller]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Symantec NetDriver Monitor]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WeatherCast]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WhenUSave]
[]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2009-01-27 10520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2005-09-20 135168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-13 239616]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
relog_ap

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoResolveSearch"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\BearShare\BearShare.exe"="C:\Program Files\BearShare\BearShare.exe:*:Enabled:BearShare"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:Enabled:DNA"
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Azureus\Azureus.exe"="C:\Program Files\Azureus\Azureus.exe:*:Enabled:Azureus"
"C:\Program Files\nFusion IPPVR\IPPVR.exe"="C:\Program Files\nFusion IPPVR\IPPVR.exe:*:Enabled:IPPVR"
"C:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools\Recycle Bin\kdja.exe"="C:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools\Recycle Bin\kdja.exe:*:Enabled:windows media player streaming service"
"C:\Documents and Settings\user\Desktop\Nfusion Nova\IPVR\IPPVR_HD_1.5_Beta_.exe"="C:\Documents and Settings\user\Desktop\Nfusion Nova\IPVR\IPPVR_HD_1.5_Beta_.exe:*:Enabled:IPPVR"
"C:\Documents and Settings\user\Desktop\Nfusion Nova\IPVR\IPPVR.exe"="C:\Documents and Settings\user\Desktop\Nfusion Nova\IPVR\IPPVR.exe:*:Enabled:IPPVR"
"C:\Documents and Settings\user\Desktop\Nfusion Nova\IPVR\nfpvrwin.exe"="C:\Documents and Settings\user\Desktop\Nfusion Nova\IPVR\nfpvrwin.exe:*:Enabled:nfpvrwin"
"C:\IPPVR\IPPVR.exe"="C:\IPPVR\IPPVR.exe:*:Enabled:IPPVR"
"C:\Program Files\AVG\AVG8\avgam.exe"="C:\Program Files\AVG\AVG8\avgam.exe:*:Enabled:avgam.exe"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG8\avgnsx.exe"="C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:MSN Messenger 7.5"

======List of files/folders created in the last 1 months======

2009-02-08 11:35:11 ----SHD---- C:\Config.Msi
2009-02-07 18:03:50 ----D---- C:\rsit
2009-01-30 07:48:42 ----HDC---- C:\WINDOWS\ie8
2009-01-27 22:26:39 ----D---- C:\Program Files\SpywareBlaster
2009-01-27 19:47:24 ----D---- C:\Program Files\Trend Micro
2009-01-27 19:37:48 ----HD---- C:\$AVG8.VAULT$
2009-01-27 19:21:27 ----A---- C:\WINDOWS\system32\avgrsstx.dll
2009-01-27 19:19:59 ----A---- C:\WINDOWS\system32\avgfwdx.dll
2009-01-27 19:19:58 ----D---- C:\Program Files\AVG
2009-01-15 02:22:00 ----N---- C:\WINDOWS\system32\msrating.dll.mui
2009-01-15 02:21:44 ----N---- C:\WINDOWS\system32\mshta.exe.mui
2009-01-15 02:19:22 ----N---- C:\WINDOWS\system32\ie4uinit.exe.mui
2009-01-15 02:19:02 ----N---- C:\WINDOWS\system32\iedkcs32.dll.mui
2009-01-13 21:17:53 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-01-12 22:33:50 ----D---- C:\Program Files\Common Files\Adobe AIR
2009-01-11 09:32:51 ----A---- C:\WINDOWS\system32\tmp.txt

======List of files/folders modified in the last 1 months======

2009-02-08 12:00:17 ----D---- C:\WINDOWS\Temp
2009-02-08 11:58:58 ----D---- C:\WINDOWS\Prefetch
2009-02-08 11:57:42 ----D---- C:\WINDOWS\system32\en-US
2009-02-08 11:57:42 ----D---- C:\WINDOWS\system32
2009-02-08 11:57:42 ----D---- C:\WINDOWS
2009-02-08 11:57:42 ----D---- C:\Program Files\Windows Desktop Search
2009-02-08 11:56:44 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-02-08 11:56:14 ----D---- C:\WINDOWS\system32\CatRoot2
2009-02-08 11:56:12 ----HD---- C:\WINDOWS\inf
2009-02-08 11:56:12 ----D---- C:\WINDOWS\system32\wbem
2009-02-08 11:54:52 ----D---- C:\Program Files
2009-02-08 11:35:37 ----D---- C:\Program Files\Common Files
2009-02-08 11:35:17 ----SHD---- C:\WINDOWS\Installer
2009-02-08 11:31:48 ----D---- C:\Documents and Settings\user\Application Data\DMCache
2009-02-07 23:48:41 ----D---- C:\Documents and Settings\user\Application Data\Vso
2009-02-07 23:47:09 ----A---- C:\WINDOWS\NeroDigital.ini
2009-02-07 06:31:54 ----A---- C:\WINDOWS\LEXSTAT.INI
2009-02-02 17:34:02 ----D---- C:\Documents and Settings\user\Application Data\dvdcss
2009-02-01 09:15:28 ----D---- C:\Documents and Settings\user\Application Data\VideoReDoPlus
2009-01-30 07:52:42 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-01-30 07:52:42 ----D---- C:\WINDOWS\Media
2009-01-30 07:52:42 ----D---- C:\WINDOWS\Help
2009-01-30 07:52:42 ----D---- C:\Program Files\Internet Explorer
2009-01-30 07:51:12 ----A---- C:\WINDOWS\imsins.BAK
2009-01-30 07:51:08 ----D---- C:\WINDOWS\ie8updates
2009-01-30 07:50:59 ----HD---- C:\WINDOWS\$hf_mig$
2009-01-29 22:47:59 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2009-01-27 19:33:08 ----D---- C:\WINDOWS\system32\drivers
2009-01-27 19:19:58 ----D---- C:\Documents and Settings\All Users\Application Data\avg8
2009-01-27 18:57:21 ----D---- C:\WINDOWS\system
2009-01-26 17:18:20 ----D---- C:\WINDOWS\network diagnostic
2009-01-18 22:40:01 ----D---- C:\Documents and Settings\user\Application Data\Azureus
2009-01-15 02:22:22 ----A---- C:\WINDOWS\system32\ieframe.dll.mui
2009-01-15 02:19:22 ----A---- C:\WINDOWS\system32\advpack.dll.mui
2009-01-15 02:17:22 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2009-01-15 02:13:18 ----A---- C:\WINDOWS\system32\mshtml.dll
2009-01-15 02:12:12 ----A---- C:\WINDOWS\system32\ieframe.dll
2009-01-15 02:06:48 ----A---- C:\WINDOWS\system32\urlmon.dll
2009-01-15 02:06:22 ----A---- C:\WINDOWS\system32\WinFXDocObj.exe
2009-01-15 02:06:08 ----A---- C:\WINDOWS\system32\webcheck.dll
2009-01-15 02:06:00 ----A---- C:\WINDOWS\system32\url.dll
2009-01-15 02:05:42 ----A---- C:\WINDOWS\system32\wininet.dll
2009-01-15 02:05:34 ----A---- C:\WINDOWS\system32\occache.dll
2009-01-15 02:05:34 ----A---- C:\WINDOWS\system32\msrating.dll
2009-01-15 02:05:34 ----A---- C:\WINDOWS\system32\licmgr10.dll
2009-01-15 02:04:28 ----A---- C:\WINDOWS\system32\corpol.dll
2009-01-15 02:04:16 ----A---- C:\WINDOWS\system32\jsproxy.dll
2009-01-15 02:03:58 ----A---- C:\WINDOWS\system32\jscript.dll
2009-01-15 02:03:50 ----A---- C:\WINDOWS\system32\ieaksie.dll
2009-01-15 02:03:42 ----A---- C:\WINDOWS\system32\ieakeng.dll
2009-01-15 02:03:36 ----A---- C:\WINDOWS\system32\vbscript.dll
2009-01-15 02:03:32 ----A---- C:\WINDOWS\system32\admparse.dll
2009-01-15 02:03:28 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2009-01-15 02:03:20 ----A---- C:\WINDOWS\system32\ieakui.dll
2009-01-15 02:03:18 ----A---- C:\WINDOWS\system32\ieudinit.exe
2009-01-15 02:03:18 ----A---- C:\WINDOWS\system32\iesetup.dll
2009-01-15 02:03:14 ----A---- C:\WINDOWS\system32\inseng.dll
2009-01-15 02:03:14 ----A---- C:\WINDOWS\system32\iernonce.dll
2009-01-15 02:03:12 ----A---- C:\WINDOWS\system32\advpack.dll
2009-01-15 02:02:50 ----A---- C:\WINDOWS\system32\iertutil.dll
2009-01-15 02:02:40 ----A---- C:\WINDOWS\system32\msfeeds.dll
2009-01-15 02:02:20 ----A---- C:\WINDOWS\system32\mstime.dll
2009-01-15 02:01:52 ----A---- C:\WINDOWS\system32\iepeers.dll
2009-01-15 02:01:42 ----A---- C:\WINDOWS\system32\msfeedssync.exe
2009-01-15 02:01:40 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2009-01-15 02:01:40 ----A---- C:\WINDOWS\system32\icardie.dll
2009-01-15 02:01:26 ----A---- C:\WINDOWS\system32\imgutil.dll
2009-01-15 02:01:22 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2009-01-15 02:01:18 ----A---- C:\WINDOWS\system32\pngfilt.dll
2009-01-15 02:01:16 ----A---- C:\WINDOWS\system32\dxtrans.dll
2009-01-15 02:01:06 ----A---- C:\WINDOWS\system32\mshtmled.dll
2009-01-15 02:00:46 ----A---- C:\WINDOWS\system32\mshtmler.dll
2009-01-15 02:00:38 ----A---- C:\WINDOWS\system32\mshta.exe
2009-01-15 01:50:50 ----A---- C:\WINDOWS\system32\ieui.dll
2009-01-15 01:50:38 ----A---- C:\WINDOWS\system32\msls31.dll
2009-01-15 01:35:10 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2009-01-12 22:34:37 ----D---- C:\Program Files\Adobe
2009-01-12 22:31:44 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-01-12 22:30:40 ----D---- C:\Program Files\Common Files\Adobe
2009-01-12 22:28:45 ----D---- C:\WINDOWS\WinSxS
2009-01-11 09:32:21 ----D---- C:\Documents and Settings\user\Application Data\IDM
2009-01-10 14:55:18 ----D---- C:\WINDOWS\system32\CatRoot
2009-01-10 14:07:15 ----D---- C:\WINDOWS\Cache
2009-01-09 20:35:28 ----A---- C:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AvgLdx86;AVG AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2009-01-27 325128]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-01-27 27656]
R1 AvgTdiX;AVG8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2009-01-27 107272]
R1 cdrbsdrv;cdrbsdrv; C:\WINDOWS\system32\drivers\cdrbsdrv.sys [2004-03-08 13567]
R1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys [2007-02-12 31360]
R1 incdrm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys [2007-02-12 33792]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 ISODrive;ISO DVD/CD-ROM Device Driver; \??\C:\Program Files\UltraISO\drivers\ISODrive.sys []
R1 sf;SFI Service; C:\WINDOWS\system32\drivers\sf.sys [2003-02-07 32197]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2003-03-31 12032]
R2 tifsfilter;Acronis True Image FS Filter; C:\WINDOWS\system32\DRIVERS\tifsfilt.sys [2007-11-20 32768]
R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2003-02-26 100032]
R3 Avgfwdx;Avgfwdx; C:\WINDOWS\system32\DRIVERS\avgfwdx.sys [2009-01-27 29208]
R3 E100B;Intel(R) PRO Adapter Driver; C:\WINDOWS\System32\DRIVERS\e100b325.sys [2003-03-04 145408]
R3 HCF_MSFT;HCF_MSFT; C:\WINDOWS\System32\DRIVERS\HCF_MSFT.sys [2001-08-17 907456]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 ialm;ialm; C:\WINDOWS\System32\DRIVERS\ialmnt5.sys [2005-09-20 1302332]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2008-10-03 47360]
R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2008-02-25 105088]
R3 SMBios;Intel (R) System Managment BIOS Service; C:\WINDOWS\System32\DRIVERS\SMBios.sys [2003-02-12 34978]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2003-03-19 555264]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbscan;USB Scanner Driver; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2008-04-13 15104]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R4 InCDfs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys [2007-02-12 112384]
S1 cdrbsvsd;cdrbsvsd; C:\WINDOWS\system32\drivers\cdrbsvsd.sys []
S3 {6080A529-897E-4629-A488-ABA0C29B635E};Intel(R) Graphics Platform (SoftBIOS) Driver; C:\WINDOWS\system32\drivers\ialmsbw.sys [2003-03-13 112288]
S3 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91};Intel(R) Graphics Chipset (KCH) Driver; C:\WINDOWS\system32\drivers\ialmkchw.sys [2003-03-13 78496]
S3 a1lzp3wt;a1lzp3wt; C:\WINDOWS\system32\drivers\a1lzp3wt.sys []
S3 Avgfwfd;AVG network filter service; C:\WINDOWS\system32\DRIVERS\avgfwdx.sys [2009-01-27 29208]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 m4cxw2k3;NDIS5.1 Miniport Driver for D-Link PCI Express Ethernet Controller; C:\WINDOWS\system32\DRIVERS\m4cxw2k3.sys []
S3 MidiSyn;MidiSyn; C:\WINDOWS\system32\drivers\MidiSyn.sys []
S3 MR97310_USB_DUAL_CAMERA;MR97310 CIF Dual Mode Camera; C:\WINDOWS\system32\drivers\MR97310_USB_DUAL_CAMERA.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NAL;Nal Service ; \??\C:\WINDOWS\system32\Drivers\iqvw32.sys []
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 Ser2pl;Prolific Serial port driver; C:\WINDOWS\system32\DRIVERS\ser2pl.sys [2003-07-16 43264]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS []
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 wanatw;WAN Miniport (ATW); C:\WINDOWS\system32\drivers\wanatw.sys []
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sr;System Restore Filter Driver; C:\WINDOWS\System32\DRIVERS\sr.sys [2008-04-13 73472]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe [2007-08-08 410904]
R2 avg8wd;AVG8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-01-27 298264]
R2 avgfws8;AVG8 Firewall; C:\PROGRA~1\AVG\AVG8\avgfws8.exe [2009-01-27 1339600]
R2 InCDsrv;InCD Helper; C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe [2007-02-12 924160]
R2 LexBceS;LexBce Server; C:\WINDOWS\system32\LEXBCES.EXE [2003-02-28 303104]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
S4 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-01-05 774144]
S4 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2006-12-23 262144]

-----------------EOF-----------------

info.txt logfile of random's system information tool 1.05 2009-02-08 12:04:52

======Uninstall list======

-->MsiExec.exe /I{219B0DA4-8F1A-499D-8795-4A07C632521E}
-->MsiExec.exe /I{403EF592-953B-4794-BCEF-ECAB835C2095}
-->MsiExec.exe /I{644B991F-B109-4360-9DA3-40CDAD13961C}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
ABBYY FineReader 5.0 Sprint-->MsiExec.exe /X{4468EF97-A253-4699-9E1C-88CAE2C6832D}
Acrobat.com-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe -uninstall com.adobe.mauby 4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
Acrobat.com-->MsiExec.exe /I{77DCDCE3-2DED-62F3-8154-05E745472D07}
Adobe AIR-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{00203668-8170-44A0-BE44-B632FA4D780F}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A90000000001}
AVG 8.0-->C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
CD Jewel Case and Label Creator-->C:\PROGRA~1\CDLabel\UNWISE.EXE C:\PROGRA~1\CDLabel\INSTALL.LOG
ConvertXtoDVD 2.99.11.700-->"C:\Program Files\VSO\ConvertX\3\unins000.exe"
Driver Genius Professional Edition-->"C:\Program Files\Driver-Soft\DriverGenius\unins000.exe"
DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5.0.8.5-->"C:\Program Files\DVDFab 5\unins000.exe"
FaxTools-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F45298E5-0083-426F-A668-1A2C5F04B8A0}\setup.exe" -l0x9 ControlPanel
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Hotfix for Windows XP (KB915800-v4)-->"C:\WINDOWS\$NtUninstallKB915800-v4$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Intel(R) Extreme Graphics 2 Driver-->RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx PCI\VEN_8086&DEV_2572
Intel(R) Network Connections-->MsiExec.exe /I{999104C6-AC4B-43D3-B8E2-125C0EEA9A71}
Internet Download Manager-->C:\Program Files\Internet Download Manager\Uninstall.exe
IrfanView (remove only)-->C:\Program Files\IrfanView\iv_uninstall.exe
Java 2 Runtime Environment, SE v1.4.2_05-->MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142050}
Lexmark X5100 Series-->C:\WINDOWS\System32\spool\drivers\w32x86\3\LXBAUN5C.EXE -dLexmark X5100 Series
Macromedia Flash Player-->MsiExec.exe /X{0456ebd7-5f67-4ab6-852e-63781e3f389c}
MediaMonkey 3.0-->"C:\Program Files\MediaMonkey\unins000.exe"
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft Data Access Components KB870669-->C:\WINDOWS\muninst.exe C:\WINDOWS\INF\KB870669.inf
Microsoft English TTS Engine-->MsiExec.exe /I{94824ADD-8F26-43D2-84DB-22E11F377E5E}
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{91110409-6000-11D3-8CFE-0150048383C9}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
MpcStar 2.1-->C:\Program Files\MpcStar\uninst.exe
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Nero 7 Essentials-->MsiExec.exe /X{8DA83EA6-E731-4722-958D-613399AE1033}
OpenAL-->"C:\Program Files\OpenAL\oalinst.exe" /U
REALTEK GbE & FE Ethernet PCI NIC Driver-->C:\Program Files\InstallShield Installation Information\{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}\setup.exe -runfromtemp -l0x0009 -removeonly
RegCure 1.5.0.1-->C:\Program Files\RegCure\uninst.exe
Seagate DiscWizard-->MsiExec.exe /X{81A60A13-224D-4637-8203-3EAC03B121A4}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Windows Internet Explorer 7 (KB928090)-->"C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB929969)-->"C:\WINDOWS\ie7updates\KB929969\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB931768)-->"C:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB933566)-->"C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB937143)-->"C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
SIW version 2008-10-28-->"C:\Program Files\SIW\unins000.exe"
Sony USB Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}\Setup.exe" UNINSTALL
SpywareBlaster 4.1-->"C:\Program Files\SpywareBlaster\unins000.exe"
TTS Wrapper-->MsiExec.exe /I{97D0C0A1-7E64-4B05-A2EE-61D2CE23F154}
UltraISO Premium V8.62-->"C:\Program Files\UltraISO\unins000.exe"
Update for Windows Internet Explorer 8 (KB961813)-->"C:\WINDOWS\ie8updates\KB961813-IE8\spuninst\spuninst.exe"
Update for Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Update for Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
VideoLAN VLC media player 0.8.6c-->C:\Program Files\VideoLAN\VLC\uninstall.exe
VideoReDo/Plus Version 2.5.3.500-->"C:\Program Files\VideoReDoPlus\unins000.exe"
Viewpoint Media Player-->C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
ViewSonic Monitor Drivers-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B4FEA924-630D-11D4-B78E-005004566E4D}\Setup.exe" -l0x9
ViewSonic Windows XP Signed Files-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FC47C7A5-BE63-11D5-B7C9-005004566E4D}\Setup.exe" -l0x9
WinAVI Video Converter 9.0-->"C:\WINDOWS\WinAVI Video Converter 9.0\uninstall.exe" "/U:C:\Program Files\WinAVI Video Converter 9.0\Uninstall\uninstall.xml"
Windows Genuine Advantage v1.3.0254.0-->MsiExec.exe /I{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}
Windows Internet Explorer 8 Release Candidate 1-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
WinZip-->"C:\Program Files\WinZip\WINZIP32.EXE" /uninstall

======Security center information======

AV: AVG Internet Security
FW: AVG Firewall

System event log

Computer Name: USER-LQP5EB1R2M
Event Code: 7035
Message: The Remote Access Connection Manager service was successfully sent a start control.

Record Number: 1693408
Source Name: Service Control Manager
Time Written: 20081204234538.000000-300
Event Type: information
User: USER-LQP5EB1R2M\user

Computer Name: USER-LQP5EB1R2M
Event Code: 7036
Message: The Telephony service entered the running state.

Record Number: 1693407
Source Name: Service Control Manager
Time Written: 20081204234538.000000-300
Event Type: information
User:

Computer Name: USER-LQP5EB1R2M
Event Code: 7036
Message: The Application Layer Gateway Service service entered the running state.

Record Number: 1693406
Source Name: Service Control Manager
Time Written: 20081204234537.000000-300
Event Type: information
User:

Computer Name: USER-LQP5EB1R2M
Event Code: 7035
Message: The Application Layer Gateway Service service was successfully sent a start control.

Record Number: 1693405
Source Name: Service Control Manager
Time Written: 20081204234537.000000-300
Event Type: information
User: NT AUTHORITY\SYSTEM

Computer Name: USER-LQP5EB1R2M
Event Code: 7036
Message: The SSDP Discovery Service service entered the running state.

Record Number: 1693404
Source Name: Service Control Manager
Time Written: 20081204234536.000000-300
Event Type: information
User:

Application event log

Computer Name: USER-LQP5EB1R2M
Event Code: 1000
Message: Faulting application iexplore.exe, version 7.0.6000.16705, faulting module ntdll.dll, version 5.1.2600.5512, fault address 0x000109f9.

Record Number: 5
Source Name: Application Error
Time Written: 20081014134622.000000-240
Event Type: error
User:

Computer Name: USER-LQP5EB1R2M
Event Code: 1800
Message: The Windows Security Center Service has started.

Record Number: 4
Source Name: SecurityCenter
Time Written: 20081014121822.000000-240
Event Type: information
User:

Computer Name: USER-LQP5EB1R2M
Event Code: 1000
Message: Faulting application iexplore.exe, version 7.0.6000.16705, faulting module ntdll.dll, version 5.1.2600.5512, fault address 0x00011669.

Record Number: 3
Source Name: Application Error
Time Written: 20081013210749.000000-240
Event Type: error
User:

Computer Name: USER-LQP5EB1R2M
Event Code: 1800
Message: The Windows Security Center Service has started.

Record Number: 2
Source Name: SecurityCenter
Time Written: 20081011105901.000000-240
Event Type: information
User:

Computer Name: USER-LQP5EB1R2M
Event Code: 1800
Message: The Windows Security Center Service has started.

Record Number: 1
Source Name: SecurityCenter
Time Written: 20081010202613.000000-240
Event Type: information
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\;C:\Program Files\Intel\DMIX
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 2 Stepping 9, GenuineIntel
"PROCESSOR_REVISION"=0209
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"FP_NO_HOST_CHECK"=NO

-----------------EOF-----------------
BigDaddy66
Active Member
 
Posts: 9
Joined: January 27th, 2009, 8:56 pm

Re: HiJack This Log Attached, Please Help

Unread postby Shaba » February 8th, 2009, 2:17 pm

Download ERUNT from Derfisch or MVPS and save it to your desktop.

Please follow Step 4 onwards of the Installing & Using ERUNT to back up your registry. Skip Step 19 for now.

Please download the OTMoveIt3 by OldTimer.
  • Save it to your desktop.
  • Please double-click OTMoveIt3.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).
  • Copy the lines in the codebox below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):

    Code: Select all
    :files
    C:\Program Files\BearShare
    C:\Program Files\DNA
    C:\Program Files\BitTorrent
    C:\Program Files\uTorrent
    C:\Program Files\Azureus
    
    :reg
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "Instant Access"=-
    
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]
    
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
    
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpyKiller]
    
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Symantec NetDriver Monitor]
    
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
    
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WeatherCast]
    
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WhenUSave]
    
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "C:\Program Files\BearShare\BearShare.exe"=-
    "C:\Program Files\DNA\btdna.exe"=-
    "C:\Program Files\BitTorrent\bittorrent.exe"=-
    "C:\Program Files\uTorrent\uTorrent.exe"="-
    "C:\Program Files\Azureus\Azureus.exe"=-
    "C:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools\Recycle Bin\kdja.exe"=-
    :commands
    [EmptyTemp]
    [reboot]
    

  • Return to OTMoveIt3, right click in the "Paste List of Files/Folders to Move" window (under the yellow bar) and choose Paste.
  • Click the red Moveit! button.
  • Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  • Close OTMoveIt3
Note: If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes. In this case, after the reboot, open Notepad (Start->All Programs->Accessories->Notepad), click File->Open, in the File Name box enter *.log and press the Enter key, navigate to the C:\_OTMoveIt\MovedFiles folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post.

Rerun rsit.

Post:

- a fresh rsit log
- otmoveit3 log
User avatar
Shaba
Admin/Teacher Emeritus
 
Posts: 26974
Joined: March 24th, 2006, 4:42 am
Location: Finland

Re: HiJack This Log Attached, Please Help

Unread postby BigDaddy66 » February 8th, 2009, 9:12 pm

I hope I followed the instructions properly, here are the results.
Thank you,
BigDaddy66

Logfile of random's system information tool 1.05 (written by random/random)
Run by user at 2009-02-08 20:10:48
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 92 GB (78%) free of 117 GB
Total RAM: 751 MB (28% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:11:00, on 2/8/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18372)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8\avgfws8.exe
C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lexmark X5100 Series\lxbabmgr.exe
C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe
C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe
C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe
C:\Program Files\MpcStar\Codecs\QuickTime\QTSystem\qttask.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Lexmark X5100 Series\lxbabmon.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Documents and Settings\user\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\user.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://login.live.com/login.srf?wa=wsig ... 2&id=64855
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: (no name) - {0ff9a677-542a-481d-a6d6-3fa32d8a806d} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O4 - HKLM\..\Run: [Lexmark X5100 Series] "C:\Program Files\Lexmark X5100 Series\lxbabmgr.exe"
O4 - HKLM\..\Run: [DiscWizardMonitor.exe] C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\MpcStar\Codecs\QuickTime\QTSystem\qttask.exe" -atboottime
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0594AF7E-573B-40DF-8165-E47AB2EAEFE8} - http://akamai.downloadv3.com/binaries/P ... _EN_XP.cab
O16 - DPF: {1A1F56AA-3401-46F9-B277-D57F3421F821} (FunGamesLoader Object) - http://www.worldwinner.com/games/v47/sh ... Loader.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocach ... 0.15-3.cab
O16 - DPF: {469C7080-8EC8-43A6-AD97-45848113743C} - http://akamai.downloadv3.com/binaries/I ... _EN_XP.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Fac ... loader.cab
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 6190562765
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab
O16 - DPF: {CF969D51-F764-4FBF-9E90-475248601C8A} (FamilyFeud Control) - http://www.worldwinner.com/games/v47/fa ... lyfeud.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0041DB34-23FE-493C-8287-6892C43D942A}: NameServer = 24.226.10.193,24.226.76.249
O17 - HKLM\System\CS1\Services\Tcpip\..\{0041DB34-23FE-493C-8287-6892C43D942A}: NameServer = 24.226.10.193,24.226.76.249
O17 - HKLM\System\CS2\Services\Tcpip\..\{0041DB34-23FE-493C-8287-6892C43D942A}: NameServer = 24.226.10.193,24.226.76.249
O17 - HKLM\System\CS3\Services\Tcpip\..\{0041DB34-23FE-493C-8287-6892C43D942A}: NameServer = 24.226.10.193,24.226.76.249
O18 - Protocol: intu-qt2007 - {026BF40D-BA05-467B-9F1F-AD0D7A3F5F11} - (no file)
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE

--
End of file - 8033 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Microsoft_Hardware_Launch_IPoint_exe.job
C:\WINDOWS\tasks\RegCure Program Check.job
C:\WINDOWS\tasks\RegCure.job
C:\WINDOWS\tasks\Uniblue SpeedUpMyPC Nag.job
C:\WINDOWS\tasks\Uniblue SpeedUpMyPC.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{C941E1B1-72BB-4AD6-A986-DAFE9BD2747A}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDMIEHlprObj Class - C:\Program Files\Internet Download Manager\IDMIECC.dll [2008-01-08 95664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0ff9a677-542a-481d-a6d6-3fa32d8a806d}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2009-01-27 1078552]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Lexmark X5100 Series"=C:\Program Files\Lexmark X5100 Series\lxbabmgr.exe [2003-03-04 86100]
"DiscWizardMonitor.exe"=C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe [2007-08-08 1169456]
"AcronisTimounterMonitor"=C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe [2007-08-08 1945424]
"Acronis Scheduler2 Service"=C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe [2007-08-08 148760]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"NeroCheck"=C:\WINDOWS\System32\\NeroCheck.exe [2001-07-09 155648]
"QuickTime Task"=C:\Program Files\MpcStar\Codecs\QuickTime\QTSystem\qttask.exe [2008-08-15 282624]
"IntelliPoint"=C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2008-06-10 1406024]
"igfxtray"=C:\WINDOWS\system32\igfxtray.exe [2005-09-20 94208]
"igfxhkcmd"=C:\WINDOWS\system32\hkcmd.exe [2005-09-20 77824]
"igfxpers"=C:\WINDOWS\system32\igfxpers.exe [2005-09-20 114688]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2009-01-27 1601304]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]

C:\Documents and Settings\user\Start Menu\Programs\Startup
ERUNT AutoBackup.lnk - C:\Program Files\ERUNT\AUTOBACK.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2009-01-27 10520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2005-09-20 135168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-13 239616]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
relog_ap

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoResolveSearch"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\uTorrent\uTorrent.exe"=""
"C:\Program Files\nFusion IPPVR\IPPVR.exe"="C:\Program Files\nFusion IPPVR\IPPVR.exe:*:Enabled:IPPVR"
"C:\Documents and Settings\user\Desktop\Nfusion Nova\IPVR\IPPVR_HD_1.5_Beta_.exe"="C:\Documents and Settings\user\Desktop\Nfusion Nova\IPVR\IPPVR_HD_1.5_Beta_.exe:*:Enabled:IPPVR"
"C:\Documents and Settings\user\Desktop\Nfusion Nova\IPVR\IPPVR.exe"="C:\Documents and Settings\user\Desktop\Nfusion Nova\IPVR\IPPVR.exe:*:Enabled:IPPVR"
"C:\Documents and Settings\user\Desktop\Nfusion Nova\IPVR\nfpvrwin.exe"="C:\Documents and Settings\user\Desktop\Nfusion Nova\IPVR\nfpvrwin.exe:*:Enabled:nfpvrwin"
"C:\IPPVR\IPPVR.exe"="C:\IPPVR\IPPVR.exe:*:Enabled:IPPVR"
"C:\Program Files\AVG\AVG8\avgam.exe"="C:\Program Files\AVG\AVG8\avgam.exe:*:Enabled:avgam.exe"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG8\avgnsx.exe"="C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:MSN Messenger 7.5"

======List of files/folders created in the last 1 months======

2009-02-08 19:59:19 ----D---- C:\_OTMoveIt
2009-02-08 19:42:51 ----D---- C:\WINDOWS\ERDNT
2009-02-08 19:42:16 ----D---- C:\Program Files\ERUNT
2009-02-08 11:35:11 ----SHD---- C:\Config.Msi
2009-02-07 18:03:50 ----D---- C:\rsit
2009-01-30 07:48:42 ----HDC---- C:\WINDOWS\ie8
2009-01-27 22:26:39 ----D---- C:\Program Files\SpywareBlaster
2009-01-27 19:47:24 ----D---- C:\Program Files\Trend Micro
2009-01-27 19:37:48 ----HD---- C:\$AVG8.VAULT$
2009-01-27 19:21:27 ----A---- C:\WINDOWS\system32\avgrsstx.dll
2009-01-27 19:19:59 ----A---- C:\WINDOWS\system32\avgfwdx.dll
2009-01-27 19:19:58 ----D---- C:\Program Files\AVG
2009-01-15 02:22:00 ----N---- C:\WINDOWS\system32\msrating.dll.mui
2009-01-15 02:21:44 ----N---- C:\WINDOWS\system32\mshta.exe.mui
2009-01-15 02:19:22 ----N---- C:\WINDOWS\system32\ie4uinit.exe.mui
2009-01-15 02:19:02 ----N---- C:\WINDOWS\system32\iedkcs32.dll.mui
2009-01-13 21:17:53 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-01-12 22:33:50 ----D---- C:\Program Files\Common Files\Adobe AIR
2009-01-11 09:32:51 ----A---- C:\WINDOWS\system32\tmp.txt

======List of files/folders modified in the last 1 months======

2009-02-08 20:05:07 ----D---- C:\WINDOWS\Temp
2009-02-08 19:59:55 ----D---- C:\Documents and Settings\user\Application Data\DMCache
2009-02-08 19:54:09 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-02-08 19:44:47 ----D---- C:\WINDOWS\system32\config
2009-02-08 19:42:51 ----D---- C:\WINDOWS
2009-02-08 19:42:16 ----D---- C:\Program Files
2009-02-08 11:58:58 ----D---- C:\WINDOWS\Prefetch
2009-02-08 11:57:42 ----D---- C:\WINDOWS\system32\en-US
2009-02-08 11:57:42 ----D---- C:\WINDOWS\system32
2009-02-08 11:56:14 ----D---- C:\WINDOWS\system32\CatRoot2
2009-02-08 11:56:12 ----HD---- C:\WINDOWS\inf
2009-02-08 11:56:12 ----D---- C:\WINDOWS\system32\wbem
2009-02-08 11:35:37 ----D---- C:\Program Files\Common Files
2009-02-08 11:35:17 ----SHD---- C:\WINDOWS\Installer
2009-02-07 23:48:41 ----D---- C:\Documents and Settings\user\Application Data\Vso
2009-02-07 23:47:09 ----A---- C:\WINDOWS\NeroDigital.ini
2009-02-07 06:31:54 ----A---- C:\WINDOWS\LEXSTAT.INI
2009-02-02 17:34:02 ----D---- C:\Documents and Settings\user\Application Data\dvdcss
2009-02-01 09:15:28 ----D---- C:\Documents and Settings\user\Application Data\VideoReDoPlus
2009-01-30 07:52:42 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-01-30 07:52:42 ----D---- C:\WINDOWS\Media
2009-01-30 07:52:42 ----D---- C:\WINDOWS\Help
2009-01-30 07:52:42 ----D---- C:\Program Files\Internet Explorer
2009-01-30 07:51:12 ----A---- C:\WINDOWS\imsins.BAK
2009-01-30 07:51:08 ----D---- C:\WINDOWS\ie8updates
2009-01-30 07:50:59 ----HD---- C:\WINDOWS\$hf_mig$
2009-01-29 22:47:59 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2009-01-27 19:33:08 ----D---- C:\WINDOWS\system32\drivers
2009-01-27 19:19:58 ----D---- C:\Documents and Settings\All Users\Application Data\avg8
2009-01-27 18:57:21 ----D---- C:\WINDOWS\system
2009-01-26 17:18:20 ----D---- C:\WINDOWS\network diagnostic
2009-01-18 22:40:01 ----D---- C:\Documents and Settings\user\Application Data\Azureus
2009-01-15 02:22:22 ----A---- C:\WINDOWS\system32\ieframe.dll.mui
2009-01-15 02:19:22 ----A---- C:\WINDOWS\system32\advpack.dll.mui
2009-01-15 02:17:22 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2009-01-15 02:13:18 ----A---- C:\WINDOWS\system32\mshtml.dll
2009-01-15 02:12:12 ----A---- C:\WINDOWS\system32\ieframe.dll
2009-01-15 02:06:48 ----A---- C:\WINDOWS\system32\urlmon.dll
2009-01-15 02:06:22 ----A---- C:\WINDOWS\system32\WinFXDocObj.exe
2009-01-15 02:06:08 ----A---- C:\WINDOWS\system32\webcheck.dll
2009-01-15 02:06:00 ----A---- C:\WINDOWS\system32\url.dll
2009-01-15 02:05:42 ----A---- C:\WINDOWS\system32\wininet.dll
2009-01-15 02:05:34 ----A---- C:\WINDOWS\system32\occache.dll
2009-01-15 02:05:34 ----A---- C:\WINDOWS\system32\msrating.dll
2009-01-15 02:05:34 ----A---- C:\WINDOWS\system32\licmgr10.dll
2009-01-15 02:04:28 ----A---- C:\WINDOWS\system32\corpol.dll
2009-01-15 02:04:16 ----A---- C:\WINDOWS\system32\jsproxy.dll
2009-01-15 02:03:58 ----A---- C:\WINDOWS\system32\jscript.dll
2009-01-15 02:03:50 ----A---- C:\WINDOWS\system32\ieaksie.dll
2009-01-15 02:03:42 ----A---- C:\WINDOWS\system32\ieakeng.dll
2009-01-15 02:03:36 ----A---- C:\WINDOWS\system32\vbscript.dll
2009-01-15 02:03:32 ----A---- C:\WINDOWS\system32\admparse.dll
2009-01-15 02:03:28 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2009-01-15 02:03:20 ----A---- C:\WINDOWS\system32\ieakui.dll
2009-01-15 02:03:18 ----A---- C:\WINDOWS\system32\ieudinit.exe
2009-01-15 02:03:18 ----A---- C:\WINDOWS\system32\iesetup.dll
2009-01-15 02:03:14 ----A---- C:\WINDOWS\system32\inseng.dll
2009-01-15 02:03:14 ----A---- C:\WINDOWS\system32\iernonce.dll
2009-01-15 02:03:12 ----A---- C:\WINDOWS\system32\advpack.dll
2009-01-15 02:02:50 ----A---- C:\WINDOWS\system32\iertutil.dll
2009-01-15 02:02:40 ----A---- C:\WINDOWS\system32\msfeeds.dll
2009-01-15 02:02:20 ----A---- C:\WINDOWS\system32\mstime.dll
2009-01-15 02:01:52 ----A---- C:\WINDOWS\system32\iepeers.dll
2009-01-15 02:01:42 ----A---- C:\WINDOWS\system32\msfeedssync.exe
2009-01-15 02:01:40 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2009-01-15 02:01:40 ----A---- C:\WINDOWS\system32\icardie.dll
2009-01-15 02:01:26 ----A---- C:\WINDOWS\system32\imgutil.dll
2009-01-15 02:01:22 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2009-01-15 02:01:18 ----A---- C:\WINDOWS\system32\pngfilt.dll
2009-01-15 02:01:16 ----A---- C:\WINDOWS\system32\dxtrans.dll
2009-01-15 02:01:06 ----A---- C:\WINDOWS\system32\mshtmled.dll
2009-01-15 02:00:46 ----A---- C:\WINDOWS\system32\mshtmler.dll
2009-01-15 02:00:38 ----A---- C:\WINDOWS\system32\mshta.exe
2009-01-15 01:50:50 ----A---- C:\WINDOWS\system32\ieui.dll
2009-01-15 01:50:38 ----A---- C:\WINDOWS\system32\msls31.dll
2009-01-15 01:35:10 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2009-01-12 22:34:37 ----D---- C:\Program Files\Adobe
2009-01-12 22:31:44 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-01-12 22:30:40 ----D---- C:\Program Files\Common Files\Adobe
2009-01-12 22:28:45 ----D---- C:\WINDOWS\WinSxS
2009-01-11 09:32:21 ----D---- C:\Documents and Settings\user\Application Data\IDM
2009-01-10 14:55:18 ----D---- C:\WINDOWS\system32\CatRoot
2009-01-10 14:07:15 ----D---- C:\WINDOWS\Cache
2009-01-09 20:35:28 ----A---- C:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AvgLdx86;AVG AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2009-01-27 325128]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-01-27 27656]
R1 AvgTdiX;AVG8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2009-01-27 107272]
R1 cdrbsdrv;cdrbsdrv; C:\WINDOWS\system32\drivers\cdrbsdrv.sys [2004-03-08 13567]
R1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys [2007-02-12 31360]
R1 incdrm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys [2007-02-12 33792]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 ISODrive;ISO DVD/CD-ROM Device Driver; \??\C:\Program Files\UltraISO\drivers\ISODrive.sys []
R1 sf;SFI Service; C:\WINDOWS\system32\drivers\sf.sys [2003-02-07 32197]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2003-03-31 12032]
R2 tifsfilter;Acronis True Image FS Filter; C:\WINDOWS\system32\DRIVERS\tifsfilt.sys [2007-11-20 32768]
R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2003-02-26 100032]
R3 Avgfwdx;Avgfwdx; C:\WINDOWS\system32\DRIVERS\avgfwdx.sys [2009-01-27 29208]
R3 E100B;Intel(R) PRO Adapter Driver; C:\WINDOWS\System32\DRIVERS\e100b325.sys [2003-03-04 145408]
R3 HCF_MSFT;HCF_MSFT; C:\WINDOWS\System32\DRIVERS\HCF_MSFT.sys [2001-08-17 907456]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 ialm;ialm; C:\WINDOWS\System32\DRIVERS\ialmnt5.sys [2005-09-20 1302332]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2008-10-03 47360]
R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2008-02-25 105088]
R3 SMBios;Intel (R) System Managment BIOS Service; C:\WINDOWS\System32\DRIVERS\SMBios.sys [2003-02-12 34978]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2003-03-19 555264]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbscan;USB Scanner Driver; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2008-04-13 15104]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R4 InCDfs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys [2007-02-12 112384]
S1 cdrbsvsd;cdrbsvsd; C:\WINDOWS\system32\drivers\cdrbsvsd.sys []
S3 {6080A529-897E-4629-A488-ABA0C29B635E};Intel(R) Graphics Platform (SoftBIOS) Driver; C:\WINDOWS\system32\drivers\ialmsbw.sys [2003-03-13 112288]
S3 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91};Intel(R) Graphics Chipset (KCH) Driver; C:\WINDOWS\system32\drivers\ialmkchw.sys [2003-03-13 78496]
S3 Avgfwfd;AVG network filter service; C:\WINDOWS\system32\DRIVERS\avgfwdx.sys [2009-01-27 29208]
S3 axa5u96z;axa5u96z; C:\WINDOWS\system32\drivers\axa5u96z.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 m4cxw2k3;NDIS5.1 Miniport Driver for D-Link PCI Express Ethernet Controller; C:\WINDOWS\system32\DRIVERS\m4cxw2k3.sys []
S3 MidiSyn;MidiSyn; C:\WINDOWS\system32\drivers\MidiSyn.sys []
S3 MR97310_USB_DUAL_CAMERA;MR97310 CIF Dual Mode Camera; C:\WINDOWS\system32\drivers\MR97310_USB_DUAL_CAMERA.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NAL;Nal Service ; \??\C:\WINDOWS\system32\Drivers\iqvw32.sys []
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 Ser2pl;Prolific Serial port driver; C:\WINDOWS\system32\DRIVERS\ser2pl.sys [2003-07-16 43264]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS []
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 wanatw;WAN Miniport (ATW); C:\WINDOWS\system32\drivers\wanatw.sys []
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sr;System Restore Filter Driver; C:\WINDOWS\System32\DRIVERS\sr.sys [2008-04-13 73472]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe [2007-08-08 410904]
R2 avg8wd;AVG8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-01-27 298264]
R2 avgfws8;AVG8 Firewall; C:\PROGRA~1\AVG\AVG8\avgfws8.exe [2009-01-27 1339600]
R2 InCDsrv;InCD Helper; C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe [2007-02-12 924160]
R2 LexBceS;LexBce Server; C:\WINDOWS\system32\LEXBCES.EXE [2003-02-28 303104]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
S4 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-01-05 774144]
S4 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2006-12-23 262144]

-----------------EOF-----------------
info.txt logfile of random's system information tool 1.05 2009-02-08 12:04:52

======Uninstall list======

-->MsiExec.exe /I{219B0DA4-8F1A-499D-8795-4A07C632521E}
-->MsiExec.exe /I{403EF592-953B-4794-BCEF-ECAB835C2095}
-->MsiExec.exe /I{644B991F-B109-4360-9DA3-40CDAD13961C}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
ABBYY FineReader 5.0 Sprint-->MsiExec.exe /X{4468EF97-A253-4699-9E1C-88CAE2C6832D}
Acrobat.com-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe -uninstall com.adobe.mauby 4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
Acrobat.com-->MsiExec.exe /I{77DCDCE3-2DED-62F3-8154-05E745472D07}
Adobe AIR-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{00203668-8170-44A0-BE44-B632FA4D780F}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A90000000001}
AVG 8.0-->C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
CD Jewel Case and Label Creator-->C:\PROGRA~1\CDLabel\UNWISE.EXE C:\PROGRA~1\CDLabel\INSTALL.LOG
ConvertXtoDVD 2.99.11.700-->"C:\Program Files\VSO\ConvertX\3\unins000.exe"
Driver Genius Professional Edition-->"C:\Program Files\Driver-Soft\DriverGenius\unins000.exe"
DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5.0.8.5-->"C:\Program Files\DVDFab 5\unins000.exe"
FaxTools-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F45298E5-0083-426F-A668-1A2C5F04B8A0}\setup.exe" -l0x9 ControlPanel
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Hotfix for Windows XP (KB915800-v4)-->"C:\WINDOWS\$NtUninstallKB915800-v4$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Intel(R) Extreme Graphics 2 Driver-->RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx PCI\VEN_8086&DEV_2572
Intel(R) Network Connections-->MsiExec.exe /I{999104C6-AC4B-43D3-B8E2-125C0EEA9A71}
Internet Download Manager-->C:\Program Files\Internet Download Manager\Uninstall.exe
IrfanView (remove only)-->C:\Program Files\IrfanView\iv_uninstall.exe
Java 2 Runtime Environment, SE v1.4.2_05-->MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142050}
Lexmark X5100 Series-->C:\WINDOWS\System32\spool\drivers\w32x86\3\LXBAUN5C.EXE -dLexmark X5100 Series
Macromedia Flash Player-->MsiExec.exe /X{0456ebd7-5f67-4ab6-852e-63781e3f389c}
MediaMonkey 3.0-->"C:\Program Files\MediaMonkey\unins000.exe"
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft Data Access Components KB870669-->C:\WINDOWS\muninst.exe C:\WINDOWS\INF\KB870669.inf
Microsoft English TTS Engine-->MsiExec.exe /I{94824ADD-8F26-43D2-84DB-22E11F377E5E}
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{91110409-6000-11D3-8CFE-0150048383C9}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
MpcStar 2.1-->C:\Program Files\MpcStar\uninst.exe
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Nero 7 Essentials-->MsiExec.exe /X{8DA83EA6-E731-4722-958D-613399AE1033}
OpenAL-->"C:\Program Files\OpenAL\oalinst.exe" /U
REALTEK GbE & FE Ethernet PCI NIC Driver-->C:\Program Files\InstallShield Installation Information\{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}\setup.exe -runfromtemp -l0x0009 -removeonly
RegCure 1.5.0.1-->C:\Program Files\RegCure\uninst.exe
Seagate DiscWizard-->MsiExec.exe /X{81A60A13-224D-4637-8203-3EAC03B121A4}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Windows Internet Explorer 7 (KB928090)-->"C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB929969)-->"C:\WINDOWS\ie7updates\KB929969\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB931768)-->"C:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB933566)-->"C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB937143)-->"C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
SIW version 2008-10-28-->"C:\Program Files\SIW\unins000.exe"
Sony USB Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}\Setup.exe" UNINSTALL
SpywareBlaster 4.1-->"C:\Program Files\SpywareBlaster\unins000.exe"
TTS Wrapper-->MsiExec.exe /I{97D0C0A1-7E64-4B05-A2EE-61D2CE23F154}
UltraISO Premium V8.62-->"C:\Program Files\UltraISO\unins000.exe"
Update for Windows Internet Explorer 8 (KB961813)-->"C:\WINDOWS\ie8updates\KB961813-IE8\spuninst\spuninst.exe"
Update for Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Update for Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
VideoLAN VLC media player 0.8.6c-->C:\Program Files\VideoLAN\VLC\uninstall.exe
VideoReDo/Plus Version 2.5.3.500-->"C:\Program Files\VideoReDoPlus\unins000.exe"
Viewpoint Media Player-->C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
ViewSonic Monitor Drivers-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B4FEA924-630D-11D4-B78E-005004566E4D}\Setup.exe" -l0x9
ViewSonic Windows XP Signed Files-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FC47C7A5-BE63-11D5-B7C9-005004566E4D}\Setup.exe" -l0x9
WinAVI Video Converter 9.0-->"C:\WINDOWS\WinAVI Video Converter 9.0\uninstall.exe" "/U:C:\Program Files\WinAVI Video Converter 9.0\Uninstall\uninstall.xml"
Windows Genuine Advantage v1.3.0254.0-->MsiExec.exe /I{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}
Windows Internet Explorer 8 Release Candidate 1-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
WinZip-->"C:\Program Files\WinZip\WINZIP32.EXE" /uninstall

======Security center information======

AV: AVG Internet Security
FW: AVG Firewall

System event log

Computer Name: USER-LQP5EB1R2M
Event Code: 7035
Message: The Remote Access Connection Manager service was successfully sent a start control.

Record Number: 1693408
Source Name: Service Control Manager
Time Written: 20081204234538.000000-300
Event Type: information
User: USER-LQP5EB1R2M\user

Computer Name: USER-LQP5EB1R2M
Event Code: 7036
Message: The Telephony service entered the running state.

Record Number: 1693407
Source Name: Service Control Manager
Time Written: 20081204234538.000000-300
Event Type: information
User:

Computer Name: USER-LQP5EB1R2M
Event Code: 7036
Message: The Application Layer Gateway Service service entered the running state.

Record Number: 1693406
Source Name: Service Control Manager
Time Written: 20081204234537.000000-300
Event Type: information
User:

Computer Name: USER-LQP5EB1R2M
Event Code: 7035
Message: The Application Layer Gateway Service service was successfully sent a start control.

Record Number: 1693405
Source Name: Service Control Manager
Time Written: 20081204234537.000000-300
Event Type: information
User: NT AUTHORITY\SYSTEM

Computer Name: USER-LQP5EB1R2M
Event Code: 7036
Message: The SSDP Discovery Service service entered the running state.

Record Number: 1693404
Source Name: Service Control Manager
Time Written: 20081204234536.000000-300
Event Type: information
User:

Application event log

Computer Name: USER-LQP5EB1R2M
Event Code: 1000
Message: Faulting application iexplore.exe, version 7.0.6000.16705, faulting module ntdll.dll, version 5.1.2600.5512, fault address 0x000109f9.

Record Number: 5
Source Name: Application Error
Time Written: 20081014134622.000000-240
Event Type: error
User:

Computer Name: USER-LQP5EB1R2M
Event Code: 1800
Message: The Windows Security Center Service has started.

Record Number: 4
Source Name: SecurityCenter
Time Written: 20081014121822.000000-240
Event Type: information
User:

Computer Name: USER-LQP5EB1R2M
Event Code: 1000
Message: Faulting application iexplore.exe, version 7.0.6000.16705, faulting module ntdll.dll, version 5.1.2600.5512, fault address 0x00011669.

Record Number: 3
Source Name: Application Error
Time Written: 20081013210749.000000-240
Event Type: error
User:

Computer Name: USER-LQP5EB1R2M
Event Code: 1800
Message: The Windows Security Center Service has started.

Record Number: 2
Source Name: SecurityCenter
Time Written: 20081011105901.000000-240
Event Type: information
User:

Computer Name: USER-LQP5EB1R2M
Event Code: 1800
Message: The Windows Security Center Service has started.

Record Number: 1
Source Name: SecurityCenter
Time Written: 20081010202613.000000-240
Event Type: information
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\;C:\Program Files\Intel\DMIX
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 2 Stepping 9, GenuineIntel
"PROCESSOR_REVISION"=0209
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"FP_NO_HOST_CHECK"=NO

-----------------EOF-----------------


========== FILES ==========
File/Folder C:\Program Files\BearShare not found.
File/Folder C:\Program Files\DNA not found.
File/Folder C:\Program Files\BitTorrent not found.
File/Folder C:\Program Files\uTorrent not found.
File/Folder C:\Program Files\Azureus not found.
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Instant Access not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp\\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr\\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task\\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpyKiller\\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Symantec NetDriver Monitor\\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe\\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WeatherCast\\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WhenUSave\\ not found.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\Program Files\BearShare\BearShare.exe not found.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\Program Files\DNA\btdna.exe not found.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\Program Files\BitTorrent\bittorrent.exe not found.
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\"C:\Program Files\uTorrent\uTorrent.exe"|"- /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\Program Files\Azureus\Azureus.exe not found.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools\Recycle Bin\kdja.exe not found.
========== COMMANDS ==========
File delete failed. C:\DOCUME~1\user\LOCALS~1\Temp\~DF4B0.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\user\LOCALS~1\Temp\~DF7766.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\user\LOCALS~1\Temp\~DFECA8.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\2b660e7a-bf46-4ff8-b16a-c0aebef0674c.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\2e784649-ae27-4f69-b70b-0911a0f03a1c.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\3cfaa0fe-2656-4ae5-8e85-41d6e6b8ee39.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\631f1002-4cbf-45a4-808f-aaf4b4460d77.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\65f0ef02-c7ee-4257-9849-88c8438e22fc.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\685a3402-30cf-486c-a328-9024b022be82.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\75c20efe-6385-4d8e-bf11-5ce6b6ed8a5b.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\a362be0d-6c1f-4509-8855-3d0d77593d26.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\a95adb4e-fe00-478c-8eb2-387f115af37c.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\ab64767a-f468-46da-97f2-9833ed8eea0f.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\ebb29b54-3fef-4d27-9c93-99f6fd4353ac.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\f7ad6b44-6d05-423e-939c-d6d6be7e4495.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\f8a1eee0-6dcc-48f9-aabe-f8164b3063d8.tmp scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
FireFox cache emptied.
Temp folders emptied.

OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 02082009_200501
BigDaddy66
Active Member
 
Posts: 9
Joined: January 27th, 2009, 8:56 pm

Re: HiJack This Log Attached, Please Help

Unread postby Shaba » February 9th, 2009, 1:11 am

Please go to Kaspersky website and perform an online antivirus scan.

Note: If you are using Windows Vista, open your browser by right-clicking on its icon and select ''Run as administrator'' to perform this scan.

  1. Read through the requirements and privacy statement and click on Accept button.
  2. It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
  3. When the downloads have finished, click on Settings.
  4. Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button:
      Spyware, Adware, Dialers, and other potentially dangerous programs
      Archives
  5. Click on My Computer under Scan.
  6. Once the scan is complete, it will display the results. Click on View Scan Report.
  7. You will see a list of infected items there. Click on Save Report As....
  8. Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button.
  9. Please post this log in your next reply along with a fresh HijackThis log.

If you need a tutorial, see here
User avatar
Shaba
Admin/Teacher Emeritus
 
Posts: 26974
Joined: March 24th, 2006, 4:42 am
Location: Finland

Re: HiJack This Log Attached, Please Help

Unread postby BigDaddy66 » February 11th, 2009, 12:51 am

Sorry to take so long...here is the info requested.
Regards,
BigDaddy66

--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7 REPORT
Tuesday, February 10, 2009
Operating System: Microsoft Windows XP Home Edition Service Pack 3 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Tuesday, February 10, 2009 22:20:29
Records in database: 1779468
--------------------------------------------------------------------------------

Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes

Scan area - My Computer:
A:\
C:\
D:\
E:\
G:\

Scan statistics:
Files scanned: 48467
Threat name: 0
Infected objects: 0
Suspicious objects: 0
Duration of the scan: 01:50:03

No malware has been detected. The scan area is clean.

The selected area was scanned.


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:46:47, on 2/10/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18372)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lexmark X5100 Series\lxbabmgr.exe
C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe
C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe
C:\Program Files\Lexmark X5100 Series\lxbabmon.exe
C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8\avgfws8.exe
C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Java\jre6\bin\java.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://login.live.com/login.srf?wa=wsig ... 2&id=64855
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: (no name) - {0ff9a677-542a-481d-a6d6-3fa32d8a806d} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [Lexmark X5100 Series] "C:\Program Files\Lexmark X5100 Series\lxbabmgr.exe"
O4 - HKLM\..\Run: [DiscWizardMonitor.exe] C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\MpcStar\Codecs\QuickTime\QTSystem\qttask.exe" -atboottime
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0594AF7E-573B-40DF-8165-E47AB2EAEFE8} - http://akamai.downloadv3.com/binaries/P ... _EN_XP.cab
O16 - DPF: {1A1F56AA-3401-46F9-B277-D57F3421F821} (FunGamesLoader Object) - http://www.worldwinner.com/games/v47/sh ... Loader.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocach ... 0.15-3.cab
O16 - DPF: {469C7080-8EC8-43A6-AD97-45848113743C} - http://akamai.downloadv3.com/binaries/I ... _EN_XP.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Fac ... loader.cab
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 6190562765
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab
O16 - DPF: {CF969D51-F764-4FBF-9E90-475248601C8A} (FamilyFeud Control) - http://www.worldwinner.com/games/v47/fa ... lyfeud.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0041DB34-23FE-493C-8287-6892C43D942A}: NameServer = 24.226.10.193,24.226.76.249
O17 - HKLM\System\CS1\Services\Tcpip\..\{0041DB34-23FE-493C-8287-6892C43D942A}: NameServer = 24.226.10.193,24.226.76.249
O17 - HKLM\System\CS2\Services\Tcpip\..\{0041DB34-23FE-493C-8287-6892C43D942A}: NameServer = 24.226.10.193,24.226.76.249
O17 - HKLM\System\CS3\Services\Tcpip\..\{0041DB34-23FE-493C-8287-6892C43D942A}: NameServer = 24.226.10.193,24.226.76.249
O18 - Protocol: intu-qt2007 - {026BF40D-BA05-467B-9F1F-AD0D7A3F5F11} - (no file)
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE

--
End of file - 7971 bytes
BigDaddy66
Active Member
 
Posts: 9
Joined: January 27th, 2009, 8:56 pm

Re: HiJack This Log Attached, Please Help

Unread postby Shaba » February 11th, 2009, 1:03 am

That looks good :)

Still problems?
User avatar
Shaba
Admin/Teacher Emeritus
 
Posts: 26974
Joined: March 24th, 2006, 4:42 am
Location: Finland

Re: HiJack This Log Attached, Please Help

Unread postby BigDaddy66 » February 11th, 2009, 6:07 pm

Actually I just notice today that error dll message no longer appears when I start up.

Thank you for all your assistance, it is greatly appreciated.

Best regards,
BigDaddy66
BigDaddy66
Active Member
 
Posts: 9
Joined: January 27th, 2009, 8:56 pm

Re: HiJack This Log Attached, Please Help

Unread postby Shaba » February 12th, 2009, 1:12 am

Great :)

Let's then clear some leftovers before final instructions:

Open HijackThis, click do a system scan only and checkmark these:

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: (no name) - {0ff9a677-542a-481d-a6d6-3fa32d8a806d} - (no file)
O18 - Protocol: intu-qt2007 - {026BF40D-BA05-467B-9F1F-AD0D7A3F5F11} - (no file)


Close all windows including browser and press fix checked.

Reboot.

Post back a fresh hijackthis log, please.
User avatar
Shaba
Admin/Teacher Emeritus
 
Posts: 26974
Joined: March 24th, 2006, 4:42 am
Location: Finland

Re: HiJack This Log Attached, Please Help

Unread postby BigDaddy66 » February 12th, 2009, 5:38 pm

I followed your last directions and here is the new hi-jack this log.

Regards,
BigDaddy66

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:35:12, on 2/12/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18372)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe
C:\PROGRA~1\AVG\AVG8\avgfws8.exe
C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lexmark X5100 Series\lxbabmgr.exe
C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe
C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe
C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe
C:\Program Files\Lexmark X5100 Series\lxbabmon.exe
C:\Program Files\MpcStar\Codecs\QuickTime\QTSystem\qttask.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Software Informer\softinfo.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://login.live.com/login.srf?wa=wsig ... 2&id=64855
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [Lexmark X5100 Series] "C:\Program Files\Lexmark X5100 Series\lxbabmgr.exe"
O4 - HKLM\..\Run: [DiscWizardMonitor.exe] C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\MpcStar\Codecs\QuickTime\QTSystem\qttask.exe" -atboottime
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Software Informer] "C:\Program Files\Software Informer\softinfo.exe" -autorun
O4 - Startup: ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE
O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download video with Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0594AF7E-573B-40DF-8165-E47AB2EAEFE8} - http://akamai.downloadv3.com/binaries/P ... _EN_XP.cab
O16 - DPF: {1A1F56AA-3401-46F9-B277-D57F3421F821} (FunGamesLoader Object) - http://www.worldwinner.com/games/v47/sh ... Loader.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocach ... 0.15-3.cab
O16 - DPF: {469C7080-8EC8-43A6-AD97-45848113743C} - http://akamai.downloadv3.com/binaries/I ... _EN_XP.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Fac ... loader.cab
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 6190562765
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab
O16 - DPF: {CF969D51-F764-4FBF-9E90-475248601C8A} (FamilyFeud Control) - http://www.worldwinner.com/games/v47/fa ... lyfeud.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0041DB34-23FE-493C-8287-6892C43D942A}: NameServer = 24.226.10.193,24.226.76.249
O17 - HKLM\System\CS1\Services\Tcpip\..\{0041DB34-23FE-493C-8287-6892C43D942A}: NameServer = 24.226.10.193,24.226.76.249
O17 - HKLM\System\CS2\Services\Tcpip\..\{0041DB34-23FE-493C-8287-6892C43D942A}: NameServer = 24.226.10.193,24.226.76.249
O17 - HKLM\System\CS3\Services\Tcpip\..\{0041DB34-23FE-493C-8287-6892C43D942A}: NameServer = 24.226.10.193,24.226.76.249
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE

--
End of file - 8538 bytes
BigDaddy66
Active Member
 
Posts: 9
Joined: January 27th, 2009, 8:56 pm
Advertisement
Register to Remove

Next

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 63 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware