Solved trojan / "Object is inaccessible."

crunchie · 2010/08/01

If you can check your dns settings in the router to make certain they are correct, that will suffice.
I just want to make certain they have not been compromised.

Run OTL
Under the [color= "#0000FF"]Custom Scans/Fixes[/color] box at the bottom, paste in the following
Code:
:OTL
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings:  "ProxyServer" = http=127.0.0.1:5643
:Commands
[emptytemp]
[resethosts]
[Reboot]
Then click the [color= "#FF0000"]Run Fix[/color] button at the top.

Let the program run unhindered, reboot the PC when it is done.

Post log from this run.

Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

davee · 2010/08/01

ummm how do i check my dns settings ? and what would they be ??

davee · 2010/08/01

here is log from run fix
All processes killed
========== OTL ==========
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer| /E : value set successfully!
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Dave
->Temp folder emptied: 2260543 bytes
->Temporary Internet Files folder emptied: 2157729 bytes
->Java cache emptied: 0 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 3258 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33237 bytes
->Flash cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 16384 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 215135 bytes

Total Files Cleaned = 5.00 mb

C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.9.1 log created on 08012010_220546

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

davee · 2010/08/01

here is latest OTL quick scan log
OTL logfile created on: 8/1/2010 10:09:55 PM - Run 5
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Documents and Settings\Dave\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 64.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 84.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 39.06 Gb Total Space | 17.47 Gb Free Space | 44.72% Space Free | Partition Type: NTFS
Drive D: | 109.99 Gb Total Space | 39.67 Gb Free Space | 36.07% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: HOME-8WI9D3OO4Q
Current User Name: Dave
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/07/23 18:10:41 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dave\Desktop\OTL.exe
PRC - [2010/07/22 17:18:09 | 002,403,568 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
PRC - [2010/07/21 18:59:20 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgemc.exe
PRC - [2010/07/17 09:29:21 | 002,065,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgtray.exe
PRC - [2010/07/17 09:29:17 | 000,620,896 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe
PRC - [2010/07/17 09:29:17 | 000,515,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe
PRC - [2010/07/17 09:29:14 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe
PRC - [2010/07/17 09:28:18 | 000,723,296 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2010/07/17 09:28:17 | 001,101,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2010/06/30 14:52:22 | 000,836,464 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe
PRC - [2010/01/07 13:38:10 | 000,058,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ZuneBusEnum.exe
PRC - [2009/03/05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008/04/14 10:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/01/26 17:55:04 | 001,486,848 | ---- | M] () -- C:\Program Files\NETGEAR\WG311v3\wlancfg5.exe

========== Modules (SafeList) ==========

MOD - [2010/07/23 18:10:41 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dave\Desktop\OTL.exe
MOD - [2008/04/14 10:10:20 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx

========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - File not found [Auto | Stopped] -- -- (AntiVirService)
SRV - File not found [Auto | Stopped] -- -- (AntiVirSchedulerService)
SRV - [2010/07/21 18:59:20 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgemc.exe -- (avg9emc)
SRV - [2010/07/17 09:29:14 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2010/06/14 15:07:14 | 000,615,936 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010/01/07 13:38:18 | 000,447,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc)
SRV - [2010/01/07 13:38:10 | 000,058,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\ZuneBusEnum.exe -- (ZuneBusEnum)
SRV - [2010/01/07 13:38:08 | 005,950,704 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\ZuneNss.exe -- (ZuneNetworkSvc)
SRV - [2009/11/06 08:18:50 | 000,051,168 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus(R)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - [2010/07/17 09:29:19 | 000,243,024 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2010/07/17 09:28:18 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2010/06/03 10:05:22 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2010/05/26 17:02:31 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/04/24 02:31:01 | 000,106,432 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2010/02/26 14:32:58 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010/02/26 14:32:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010/02/26 14:32:44 | 000,022,528 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010/02/26 14:32:44 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010/02/19 13:04:28 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)
DRV - [2010/02/19 13:04:27 | 000,012,872 | ---- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2010/02/11 17:38:10 | 003,565,056 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2010/01/07 13:22:02 | 000,040,832 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\zumbus.sys -- (zumbus)
DRV - [2010/01/02 03:20:34 | 000,026,024 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV - [2009/02/13 14:22:54 | 000,095,576 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2008/08/26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008/04/14 04:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2006/11/02 07:00:08 | 000,039,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB)
DRV - [2005/10/06 15:17:34 | 000,280,576 | ---- | M] (Marvell Semiconductor, Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WG311v3XP.sys -- (W8335XP) NETGEAR WG311v3 802.11g Wireless PCI Adapter for Windows XP (8335)
DRV - [2005/05/18 19:50:30 | 002,319,680 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2005/03/04 13:10:26 | 000,074,496 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys -- (RTL8023xp)
DRV - [2004/08/04 15:31:32 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rtl8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2003/10/15 17:52:50 | 000,174,530 | R--- | M] (OmniVision Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ov519vid.sys -- (ovt519)
DRV - [2003/07/02 06:42:00 | 000,027,904 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\viaagp1.sys -- (viaagp1)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com.au/webhp?hl=en
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

FF - HKLM\software\mozilla\Firefox\extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2010/06/26 14:00:13 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010/06/26 14:00:13 | 000,000,000 | ---D | M]

[2009/11/22 09:04:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dave\Application Data\Mozilla\Extensions
[2009/11/22 09:04:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dave\Application Data\Mozilla\Extensions\mozswing@mozswing.org

O1 HOSTS File: ([2010/08/01 22:05:53 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (no name) - {81fdd779-57e9-0539-b8cd-d06cb867e3fd} - No CLSID value found.
O2 - BHO: (no name) - {8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6} - No CLSID value found.
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (no name) - {EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA} - C:\Program Files\PicLensIE\cooliris.dll (Cooliris Inc.)
O2 - BHO: (no name) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - No CLSID value found.
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\NETGEAR WG311v3 Smart Wizard.lnk = C:\Program Files\NETGEAR\WG311v3\wlancfg5.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Launch Cooliris - {3437D640-C91A-458f-89F5-B9095EA4C28B} - C:\Program Files\PicLensIE\cooliris.dll (Cooliris Inc.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab (QuickTime Plugin Control)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} http://lads.myspace.com/upload/MySpaceUploader2.cab (MySpace Uploader Control)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: GinaDLL - (MrvGINA.dll) - C:\WINDOWS\System32\MrvGINA.dll (Marvell(R))
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop WallPaper: C:\Documents and Settings\Dave\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Dave\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/04/10 11:24:58 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/07/31 22:21:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dave\DoctorWeb
[2010/07/31 21:06:10 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2010/07/31 13:35:46 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010/07/31 13:31:55 | 000,050,688 | ---- | C] (Atribune.org) -- C:\Documents and Settings\Dave\Desktop\ATF-Cleaner.exe
[2010/07/30 20:27:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2010/07/29 21:03:28 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Dave\Recent
[2010/07/27 20:51:16 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010/07/26 16:59:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Socusoft
[2010/07/25 10:36:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\vsosdk
[2010/07/23 22:48:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2010/07/23 22:48:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010/07/23 22:48:04 | 000,423,656 | ---- | C] (Oracle) -- C:\WINDOWS\System32\deployJava1.dll
[2010/07/23 22:48:04 | 000,153,376 | ---- | C] (Oracle) -- C:\WINDOWS\System32\javaws.exe
[2010/07/23 22:48:04 | 000,145,184 | ---- | C] (Oracle) -- C:\WINDOWS\System32\javaw.exe
[2010/07/23 22:48:04 | 000,145,184 | ---- | C] (Oracle) -- C:\WINDOWS\System32\java.exe
[2010/07/23 21:05:25 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/07/23 18:10:38 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Dave\Desktop\OTL.exe
[2010/07/22 19:16:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dave\Application Data\Malwarebytes
[2010/07/22 19:16:36 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/07/22 19:16:35 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/07/22 19:16:35 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/07/22 19:16:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/07/21 21:45:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\uealgoipr
[2010/07/21 21:45:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Sun
[2010/07/21 21:45:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2010/07/21 20:32:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dave\Local Settings\Application Data\xetblruxy
[2010/07/21 20:32:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dave\Application Data\8926D9C51CB41E81AD43AAED097E3035
[2010/07/21 19:31:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2010/07/17 17:06:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dave\Desktop\videos
[2010/07/17 09:29:17 | 000,012,536 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2010/07/16 15:37:42 | 000,401,484 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Msvcrtd.dll
[2010/07/16 15:37:42 | 000,322,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Mfc30.dll
[2010/07/16 15:37:42 | 000,133,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Mfco30.dll
[2010/07/16 15:37:42 | 000,094,285 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Msvcirtd.dll
[2010/07/16 15:37:42 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\W95fiber.dll
[2010/07/16 15:37:41 | 000,212,480 | ---- | C] (Eastman Kodak) -- C:\WINDOWS\Pcdlib32.dll
[2010/07/16 15:33:43 | 000,327,168 | ---- | C] (InstallShield Software Corporation) -- C:\WINDOWS\IsUninst.exe
[2010/07/16 15:29:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\_ISTMP2.DIR
[2010/07/16 15:29:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\_ISTMP1.DIR
[2010/07/14 17:00:29 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe
[2010/07/11 16:10:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dave\Desktop\hl
[2010/07/06 19:19:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dave\Desktop\New Folder
[2010/07/03 16:07:07 | 000,000,000 | ---D | C] -- C:\Program Files\etax2010

========== Files - Modified Within 30 Days ==========

[2010/08/01 22:07:17 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2010/08/01 22:07:01 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/08/01 22:07:01 | 000,000,436 | ---- | M] () -- C:\WINDOWS\tasks\RegCure Program Check.job
[2010/08/01 22:06:55 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/08/01 22:06:53 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/08/01 22:06:03 | 009,437,184 | -H-- | M] () -- C:\Documents and Settings\Dave\NTUSER.DAT
[2010/08/01 22:06:03 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\Dave\ntuser.ini
[2010/08/01 22:05:53 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2010/08/01 21:38:57 | 004,312,184 | -H-- | M] () -- C:\Documents and Settings\Dave\Local Settings\Application Data\IconCache.db
[2010/08/01 21:34:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/08/01 19:50:07 | 000,028,672 | ---- | M] () -- C:\Documents and Settings\Dave\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/08/01 18:31:01 | 000,000,212 | ---- | M] () -- C:\Documents and Settings\Dave\Desktop\fixme.zip
[2010/08/01 17:38:27 | 000,111,115 | ---- | M] () -- C:\Documents and Settings\Dave\Desktop\Silent Runners.zip
[2010/08/01 16:22:40 | 000,000,161 | ---- | M] () -- C:\Documents and Settings\Dave\Desktop\fixme.reg
[2010/08/01 14:23:04 | 000,000,370 | ---- | M] () -- C:\WINDOWS\tasks\RegCure.job
[2010/08/01 14:18:12 | 000,000,481 | ---- | M] () -- C:\Documents and Settings\Dave\Desktop\DrWeb.csv
[2010/08/01 09:43:28 | 062,815,507 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010/07/31 22:19:59 | 048,022,216 | ---- | M] () -- C:\Documents and Settings\Dave\Desktop\drweb-cureit.exe
[2010/07/31 19:34:52 | 000,284,915 | ---- | M] () -- C:\Documents and Settings\Dave\Desktop\gmer.zip
[2010/07/31 15:38:07 | 000,001,432 | ---- | M] () -- C:\Documents and Settings\Dave\Desktop\to use.inf
[2010/07/31 13:31:55 | 000,050,688 | ---- | M] (Atribune.org) -- C:\Documents and Settings\Dave\Desktop\ATF-Cleaner.exe
[2010/07/31 10:16:08 | 000,001,383 | ---- | M] () -- C:\Documents and Settings\Dave\Desktop\RegSrch.zip
[2010/07/30 20:30:57 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/07/27 20:51:23 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2010/07/26 18:15:26 | 000,051,334 | ---- | M] () -- C:\Documents and Settings\Dave\Desktop\29856_1412723292538_1666219019_995475_2027858_n.jpg
[2010/07/26 16:57:27 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/07/25 13:55:50 | 000,109,184 | ---- | M] () -- C:\Documents and Settings\Dave\My Documents\DAVE 2010.TAX
[2010/07/25 13:50:37 | 000,108,120 | ---- | M] () -- C:\Documents and Settings\Dave\My Documents\DAVE 2010.BAK
[2010/07/25 13:03:41 | 000,001,704 | ---- | M] () -- C:\Documents and Settings\Dave\Desktop\e-tax 2010.lnk
[2010/07/23 22:17:42 | 000,100,908 | ---- | M] () -- C:\Documents and Settings\Dave\Desktop\SystemLook.exe
[2010/07/23 18:10:41 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dave\Desktop\OTL.exe
[2010/07/23 16:46:42 | 000,525,824 | ---- | M] () -- C:\Documents and Settings\Dave\Desktop\dds.scr
[2010/07/22 21:24:58 | 000,001,165 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/07/22 21:24:58 | 000,000,281 | ---- | M] () -- C:\Boot.bak
[2010/07/19 21:48:49 | 000,000,668 | ---- | M] () -- C:\Documents and Settings\Dave\Application Data\vso_ts_preview.xml
[2010/07/19 14:58:04 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\Dave\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Microsoft Outlook.lnk
[2010/07/19 12:39:25 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010/07/17 13:11:18 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2010/07/17 09:29:19 | 000,243,024 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2010/07/17 09:29:17 | 000,012,536 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2010/07/17 09:28:18 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2010/07/16 16:07:04 | 000,000,000 | ---- | M] () -- C:\WINDOWS\MSPublisher_Quark Converter.INI
[2010/07/16 15:57:08 | 000,001,901 | ---- | M] () -- C:\WINDOWS\panose.bin
[2010/07/15 16:18:27 | 001,778,547 | ---- | M] () -- C:\Documents and Settings\Dave\Desktop\DemolitionCall1.wmv
[2010/07/08 16:27:49 | 004,054,198 | ---- | M] () -- C:\Documents and Settings\Dave\Desktop\Mitre 10 Advert.wmv
[2010/07/05 13:02:21 | 000,058,257 | ---- | M] () -- C:\Documents and Settings\Dave\Desktop\31446_1372203959580_1666219019_9055.jpg
[2010/07/05 12:59:28 | 000,097,912 | ---- | M] () -- C:\Documents and Settings\Dave\Desktop\31446_1372203959580_1666219019_9-1.jpg
[2010/07/05 12:41:36 | 000,064,813 | ---- | M] () -- C:\Documents and Settings\Dave\Desktop\31446_1372203959580_1666219019_905554_8123457_n.jpg
[2010/07/05 12:08:43 | 000,074,169 | ---- | M] () -- C:\Documents and Settings\Dave\Desktop\31856_1416476466365_1666219019_1004698_8228200_n.jpg
[2010/07/05 11:48:23 | 000,181,419 | ---- | M] () -- C:\Documents and Settings\Dave\Desktop\31856_1418535677844_1666219019_1010374_2621558_n.jpg
[2010/07/05 11:48:18 | 000,170,467 | ---- | M] () -- C:\Documents and Settings\Dave\Desktop\31856_1418535597842_1666219019_1010373_3420771_n.jpg
[2010/07/04 16:18:41 | 000,004,096 | ---- | M] () -- C:\WINDOWS\System32\crash
[2010/07/04 13:43:13 | 004,744,640 | ---- | M] () -- C:\Documents and Settings\Dave\Desktop\TEXASFLASHLIGHT_.WMV
[2010/07/03 14:59:56 | 006,778,880 | ---- | M] () -- C:\Documents and Settings\Dave\Desktop\etax2010_1.msi

========== Files Created - No Company Name ==========

[2010/08/01 18:31:15 | 000,000,161 | ---- | C] () -- C:\Documents and Settings\Dave\Desktop\fixme.reg
[2010/08/01 18:31:01 | 000,000,212 | ---- | C] () -- C:\Documents and Settings\Dave\Desktop\fixme.zip
[2010/08/01 17:38:44 | 000,462,445 | ---- | C] () -- C:\Documents and Settings\Dave\Desktop\Silent Runners.vbs
[2010/08/01 17:38:27 | 000,111,115 | ---- | C] () -- C:\Documents and Settings\Dave\Desktop\Silent Runners.zip
[2010/08/01 14:18:12 | 000,000,481 | ---- | C] () -- C:\Documents and Settings\Dave\Desktop\DrWeb.csv
[2010/07/31 22:14:12 | 048,022,216 | ---- | C] () -- C:\Documents and Settings\Dave\Desktop\drweb-cureit.exe
[2010/07/31 19:35:24 | 000,293,376 | ---- | C] () -- C:\Documents and Settings\Dave\Desktop\gmer.exe
[2010/07/31 19:34:52 | 000,284,915 | ---- | C] () -- C:\Documents and Settings\Dave\Desktop\gmer.zip
[2010/07/31 15:38:26 | 000,001,432 | ---- | C] () -- C:\Documents and Settings\Dave\Desktop\to use.inf
[2010/07/31 10:16:45 | 000,003,254 | ---- | C] () -- C:\Documents and Settings\Dave\Desktop\RegSrch.vbs
[2010/07/31 10:16:08 | 000,001,383 | ---- | C] () -- C:\Documents and Settings\Dave\Desktop\RegSrch.zip
[2010/07/26 18:15:33 | 000,051,334 | ---- | C] () -- C:\Documents and Settings\Dave\Desktop\29856_1412723292538_1666219019_995475_2027858_n.jpg
[2010/07/23 22:17:42 | 000,100,908 | ---- | C] () -- C:\Documents and Settings\Dave\Desktop\SystemLook.exe
[2010/07/23 16:46:42 | 000,525,824 | ---- | C] () -- C:\Documents and Settings\Dave\Desktop\dds.scr
[2010/07/20 21:50:54 | 000,002,235 | ---- | C] () -- C:\Documents and Settings\Dave\avgrep.txt
[2010/07/20 20:45:14 | 000,012,395 | ---- | C] () -- C:\Documents and Settings\Dave\hs_err_pid3200.log
[2010/07/19 20:10:44 | 000,000,668 | ---- | C] () -- C:\Documents and Settings\Dave\Application Data\vso_ts_preview.xml
[2010/07/17 13:11:18 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2010/07/16 16:07:04 | 000,000,000 | ---- | C] () -- C:\WINDOWS\MSPublisher_Quark Converter.INI
[2010/07/16 15:45:35 | 000,001,901 | ---- | C] () -- C:\WINDOWS\panose.bin
[2010/07/16 15:37:42 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\Msvcrt10.dll
[2010/07/15 16:18:17 | 001,778,547 | ---- | C] () -- C:\Documents and Settings\Dave\Desktop\DemolitionCall1.wmv
[2010/07/08 16:27:26 | 004,054,198 | ---- | C] () -- C:\Documents and Settings\Dave\Desktop\Mitre 10 Advert.wmv
[2010/07/05 13:02:21 | 000,058,257 | ---- | C] () -- C:\Documents and Settings\Dave\Desktop\31446_1372203959580_1666219019_9055.jpg
[2010/07/05 12:59:28 | 000,097,912 | ---- | C] () -- C:\Documents and Settings\Dave\Desktop\31446_1372203959580_1666219019_9-1.jpg
[2010/07/05 12:41:36 | 000,064,813 | ---- | C] () -- C:\Documents and Settings\Dave\Desktop\31446_1372203959580_1666219019_905554_8123457_n.jpg
[2010/07/05 12:08:43 | 000,074,169 | ---- | C] () -- C:\Documents and Settings\Dave\Desktop\31856_1416476466365_1666219019_1004698_8228200_n.jpg
[2010/07/05 11:48:23 | 000,181,419 | ---- | C] () -- C:\Documents and Settings\Dave\Desktop\31856_1418535677844_1666219019_1010374_2621558_n.jpg
[2010/07/05 11:48:18 | 000,170,467 | ---- | C] () -- C:\Documents and Settings\Dave\Desktop\31856_1418535597842_1666219019_1010373_3420771_n.jpg
[2010/07/04 16:18:41 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\crash
[2010/07/04 13:42:35 | 004,744,640 | ---- | C] () -- C:\Documents and Settings\Dave\Desktop\TEXASFLASHLIGHT_.WMV
[2010/07/03 16:08:06 | 000,109,184 | ---- | C] () -- C:\Documents and Settings\Dave\My Documents\DAVE 2010.TAX
[2010/07/03 16:08:06 | 000,108,120 | ---- | C] () -- C:\Documents and Settings\Dave\My Documents\DAVE 2010.BAK
[2010/07/03 16:07:13 | 000,001,704 | ---- | C] () -- C:\Documents and Settings\Dave\Desktop\e-tax 2010.lnk
[2010/07/03 14:59:16 | 006,778,880 | ---- | C] () -- C:\Documents and Settings\Dave\Desktop\etax2010_1.msi
[2010/02/15 16:54:27 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010/01/30 14:44:55 | 000,108,032 | ---- | C] () -- C:\WINDOWS\System32\sh33w32.dll
[2009/12/01 17:42:12 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\CNMVS6e.DLL
[2009/10/19 20:06:48 | 000,000,010 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2009/07/04 14:14:28 | 000,032,397 | ---- | C] () -- C:\WINDOWS\SGTBox.INI
[2009/07/04 14:09:29 | 000,000,035 | ---- | C] () -- C:\WINDOWS\A4W.INI
[2009/05/04 17:00:39 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2009/04/28 07:39:51 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2009/04/18 13:59:26 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009/04/10 15:05:45 | 000,000,169 | ---- | C] () -- C:\WINDOWS\RtlRack.ini
[2009/04/10 13:16:51 | 000,156,672 | R--- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2009/04/10 13:16:39 | 000,000,164 | R--- | C] () -- C:\WINDOWS\avrack.ini
[2009/04/10 12:15:49 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/12/07 11:31:00 | 000,202,752 | R--- | C] () -- C:\WINDOWS\System32\CddbCdda.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 194 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A31FAD21
< End of report >

crunchie · 2010/08/01

It would be what you set them too when you got the router . They should be set to your ISP's servers.
If you still have the router manual, it should be able to run you through how it is done.
Don't forget your username and password for the ISP .
Router password is usually left blank or is 'admin' IIRC.

Still being re-directed?

My sleep time has arrived, so I will check back in before I leave for work .

davee · 2010/08/01

ok my time has arrived to i have an early start so i will try n check back tomorrow afternoon with a clear head too thnx again i have the manuals i can also get get tech help from them too so we will go from there cheers

davee · 2010/08/02

Hi crunchie well i got into my router page but couldnt at first then tried through IE but couldnt get there either so just switched router off then on and was able to , but when i went on IE i got a new random tab come up there so thats the first time its happened in IE so i guess we can figure its just not opera now , but getting back to router it listed in there the same dns , numbers so i guess thats good yes ? cheers

crunchie · 2010/08/02

Please download [color= "#FF0000"]GooredFix[/color] from one of the locations below and save it to your Desktop
Download Mirror #1
Download Mirror #2

Ensure all Firefox windows are closed.

To run the tool, double-click it (XP), or right-click and select Run As Administrator (Vista).

When prompted to run the scan, click Yes.

GooredFix will check for infections, and then a log will appear. Please post the contents of that log in your next reply (it can also be found on your desktop, called GooredFix.txt).

davee · 2010/08/03

hi here is log
GooredFix by jpshortstuff (03.07.10.1)
Log created at 16:47 on 03/08/2010 (Dave)
Firefox version [Unable to determine]

========== GooredScan ==========

========== GooredLog ==========

C:\Program Files\Mozilla Firefox\extensions\
(none)

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{20a82645-c095-46ed-80e3-08825760534b} "= "c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\" [01:11 22/08/2009]
"{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70} "= "C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\" [04:00 26/06/2010]
"jqs@sun.com "= "C:\Program Files\Java\jre6\lib\deploy\jqs\ff" [05:23 21/04/2009]

-=E.O.F=-

crunchie · 2010/08/03

[color= "#FF0000"]Please read carefully and follow these steps.[/color]

Download TDSSKiller and save it to your Desktop.

Extract its contents to your desktop.

Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.

If an infected file is detected, the default action will be Cure, click on Continue.

If a suspicious file is detected, the default action will be Skip, click on Continue.

It may ask you to reboot the computer to complete the process. Click on Reboot Now.

If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.

If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt ". Please copy and paste the contents of that file here.

davee · 2010/08/03

hi crunchie TDSSKiller found no threats so i i didnt receive a report , i still get redirected occasiionally

crunchie · 2010/08/03

Download [color= "blue"]random's system information tool (RSIT)[/color] by [color= "#6600cc"]random/random[/color] from >>[color= "red"]here[/color]<< and save it to your desktop.

Double click on RSIT.exe to launch program.

Click Continue at the disclaimer screen.

Your firewall may alert you that RSIT is requesting Internet access. Please allow it.

Once it has finished, two logs will open: log.txt[color= "red"]<-- this will be maximized[/color] and info.txt[color= "red"]<-- this will be minimized[/color].

davee · 2010/08/03

ok did that i assume you want me to post logs
here is info :
info.txt logfile of random's system information tool 1.08 2010-08-03 20:32:46

======Uninstall list======

-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNNMP.exe /UNINSTALL
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Acrobat.com-->MsiExec.exe /X{6D8D64BE-F500-55B6-705D-DFD08AFE0624}
Adobe AIR-->c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Download Manager--> "C:\WINDOWS\system32\rundll32.exe" "C:\Program Files\NOS\bin\getPlus_Helper.dll ",Uninstall /IE2883E8F-472F-4fb0-9522-AC9BF37916A7 /Get1
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\System32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil10h_Plugin.exe -maintain plugin
Adobe Reader 9.3.3-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A93000000001}
Adobe Shockwave Player 11.5--> "C:\WINDOWS\system32\Adobe\Shockwave 11\uninstaller.exe "
AnyDVD--> "C:\Program Files\SlySoft\AnyDVD\AnyDVD-uninst.exe" /D= "C:\Program Files\SlySoft\AnyDVD "
ATI - Software Uninstall Utility-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Catalyst Control Center-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe" -l0x0
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_classISPLAY -clean
AVG Free 9.0-->C:\Program Files\AVG\AVG9\setup.exe /UNINSTALL
Canon ScanGear Toolbox CS 2.2-->C:\WINDOWS\IsUninst.exe -f "C:\Program Files\Canon\ScanGear Toolbox CS\Uninst.isu" -c "C:\Program Files\Canon\ScanGear Toolbox CS\uninst.dll "
Catalyst Control Center - Branding-->MsiExec.exe /I{8D7133DE-27D2-47E5-B248-4180278D32AA}
CCleaner (remove only)--> "C:\Program Files\CCleaner\uninst.exe "
Cooliris for Internet Explorer-->MsiExec.exe /I{08600859-216F-3011-999A-58B7A1509851}
Corel Uninstaller-->C:\WINDOWS\Corel\uninst32.exe
D-Link VGA Webcam-->C:\WINDOWS\CleanDev.exe C:\WINDOWS\ov519.TXT
DVD Photo Slideshow Pro 7.97-->C:\Program Files\DVD Photo Slideshow Professional\uninst.exe
DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile/Blu-ray/Mov--> "C:\Program Files\DVDFab 5\unins000.exe "
ESET Online Scanner v3-->C:\Program Files\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
e-tax 2009-->MsiExec.exe /X{0A8C7880-F199-4807-ABD4-6E695B71A3D7}
e-tax 2010-->MsiExec.exe /X{FBE569CA-BFEB-4E57-A674-F94D938E1AEF}
Google Earth-->MsiExec.exe /X{F7B0939E-58DF-11DF-B3A6-005056806466}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Google Updater--> "C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=" "
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=" "
Hotfix for Windows Media Format 11 SDK (KB929399)--> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe "
Hotfix for Windows XP (KB932716-v2)--> "C:\WINDOWS\$NtUninstallKB932716-v2$\spuninst\spuninst.exe "
Hotfix for Windows XP (KB952287)--> "C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe "
Hotfix for Windows XP (KB961118)--> "C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe "
Hotfix for Windows XP (KB970653-v3)--> "C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe "
Hotfix for Windows XP (KB976098-v2)--> "C:\WINDOWS\$NtUninstallKB976098-v2$\spuninst\spuninst.exe "
Hotfix for Windows XP (KB979306)--> "C:\WINDOWS\$NtUninstallKB979306$\spuninst\spuninst.exe "
IrfanView (remove only)-->C:\Program Files\IrfanView\iv_uninstall.exe
Java(TM) 6 Update 21-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216013FF}
LimeWire 5.3.6--> "C:\Program Files\LimeWire\uninstall.exe "
Malwarebytes' Anti-Malware--> "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe "
Microsoft .NET Framework 1.1 Security Update (KB979906)--> "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M979906\M979906Uninstall.msp "
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Internationalized Domain Names Mitigation APIs--> "C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe "
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7--> "C:\WINDOWS\$NtUninstallWdf01007$\spuninst\spuninst.exe "
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9--> "C:\WINDOWS\$NtUninstallWdf01009$\spuninst\spuninst.exe "
Microsoft National Language Support Downlevel APIs--> "C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe "
Microsoft Office XP Professional with FrontPage-->MsiExec.exe /I{90280409-6000-11D3-8CFE-0050048383C9}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft User-Mode Driver Framework Feature Pack 1.9--> "C:\WINDOWS\$NtUninstallWudf01009$\spuninst\spuninst.exe "
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft WinUsb 1.0--> "C:\WINDOWS\$NtUninstallwinusb0100$\spuninst\spuninst.exe "
MSVC80_x86_v2-->MsiExec.exe /I{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}
MSVC80_x86-->MsiExec.exe /I{212748BB-0DA5-46DE-82A1-403736DC9F27}
MSVC90_x86-->MsiExec.exe /I{AF111648-99A1-453E-81DD-80DBBF6DAD0D}
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Nero Suite-->C:\Program Files\Common Files\Nero\Uninstall\setupx.exe /uninstall ExtraUninstallID=" "
NETGEAR WG311v3 PCI Adapter-->C:\Program Files\InstallShield Installation Information\{70014586-7BBA-4A92-A610-CDC896C48F8F}\setup.exe -runfromtemp -l0x0409
Nokia Connectivity Cable Driver-->MsiExec.exe /I{1B9B5B3B-28E7-4E59-A80D-D670AA984514}
Nokia Ovi Suite Software Updater-->MsiExec.exe /X{A0D65C73-F2C5-432F-8788-90F8A2E99B98}
Nokia Ovi Suite-->C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer.exe
Nokia Ovi Suite-->MsiExec.exe /X{7B01FD07-1790-4EE9-B5E0-149527D70C7D}
Nokia PC Suite-->C:\Documents and Settings\All Users\Application Data\Installations\{57A48477-92F0-4C1F-ADF9-4806C4EC3CF2}\Nokia_PC_Suite_683_rel_14_1_APAC.exe /LANG= "2057 "
Nokia PC Suite-->MsiExec.exe /I{57A48477-92F0-4C1F-ADF9-4806C4EC3CF2}
Opera 10.60-->MsiExec.exe /X{1D2C96C3-A3F3-49E7-B839-95279DED837F}
Ovi Desktop Sync Engine-->MsiExec.exe /X{2D10FC46-1D96-44C4-8855-85F21B9B011E}
OviMPlatform-->MsiExec.exe /I{1373559F-6DC6-44EA-9079-6ABDCCE8CDAD}
PC Connectivity Solution-->MsiExec.exe /I{089DD780-DB3F-4CDB-A0C2-111360247298}
PowerDVD-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" -l0x9 REMOVE -removeonly
REALTEK Gigabit and Fast Ethernet NIC Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{94FB906A-CF42-4128-A509-D353026A607E}\setup.exe" -l0x9 REMOVE
RegCure 1.5.2.7-->C:\Program Files\RegCure\uninst.exe
Security Update for Windows Internet Explorer 7 (KB938127-v2)--> "C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe "
Security Update for Windows Internet Explorer 7 (KB956390)--> "C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe "
Security Update for Windows Internet Explorer 7 (KB961260)--> "C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe "
Security Update for Windows Internet Explorer 7 (KB963027)--> "C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe "
Security Update for Windows Internet Explorer 7 (KB969897)--> "C:\WINDOWS\ie7updates\KB969897-IE7\spuninst\spuninst.exe "
Security Update for Windows Internet Explorer 8 (KB969897)--> "C:\WINDOWS\ie8updates\KB969897-IE8\spuninst\spuninst.exe "
Security Update for Windows Internet Explorer 8 (KB971961)--> "C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe "
Security Update for Windows Internet Explorer 8 (KB972260)--> "C:\WINDOWS\ie8updates\KB972260-IE8\spuninst\spuninst.exe "
Security Update for Windows Internet Explorer 8 (KB974455)--> "C:\WINDOWS\ie8updates\KB974455-IE8\spuninst\spuninst.exe "
Security Update for Windows Internet Explorer 8 (KB976325)--> "C:\WINDOWS\ie8updates\KB976325-IE8\spuninst\spuninst.exe "
Security Update for Windows Internet Explorer 8 (KB978207)--> "C:\WINDOWS\ie8updates\KB978207-IE8\spuninst\spuninst.exe "
Security Update for Windows Internet Explorer 8 (KB981332)--> "C:\WINDOWS\ie8updates\KB981332-IE8\spuninst\spuninst.exe "
Security Update for Windows Internet Explorer 8 (KB982381)--> "C:\WINDOWS\ie8updates\KB982381-IE8\spuninst\spuninst.exe "
Security Update for Windows Media Player (KB952069)--> "C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe "
Security Update for Windows Media Player (KB954155)--> "C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe "
Security Update for Windows Media Player (KB968816)--> "C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe "
Security Update for Windows Media Player (KB973540)--> "C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe "
Security Update for Windows Media Player (KB978695)--> "C:\WINDOWS\$NtUninstallKB978695_WM9$\spuninst\spuninst.exe "
Security Update for Windows XP (KB2229593)--> "C:\WINDOWS\$NtUninstallKB2229593$\spuninst\spuninst.exe "
Security Update for Windows XP (KB923561)--> "C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe "
Security Update for Windows XP (KB938464-v2)--> "C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe "
Security Update for Windows XP (KB941569)--> "C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe "
Security Update for Windows XP (KB946648)--> "C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe "
Security Update for Windows XP (KB950760)--> "C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe "
Security Update for Windows XP (KB950762)--> "C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe "
Security Update for Windows XP (KB950974)--> "C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe "
Security Update for Windows XP (KB951066)--> "C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe "
Security Update for Windows XP (KB951376-v2)--> "C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe "
Security Update for Windows XP (KB951698)--> "C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe "
Security Update for Windows XP (KB951748)--> "C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe "
Security Update for Windows XP (KB952004)--> "C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe "
Security Update for Windows XP (KB952954)--> "C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe "
Security Update for Windows XP (KB954459)--> "C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe "
Security Update for Windows XP (KB954600)--> "C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe "
Security Update for Windows XP (KB955069)--> "C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe "
Security Update for Windows XP (KB956572)--> "C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe "
Security Update for Windows XP (KB956744)--> "C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe "
Security Update for Windows XP (KB956802)--> "C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe "
Security Update for Windows XP (KB956803)--> "C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe "
Security Update for Windows XP (KB956841)--> "C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe "
Security Update for Windows XP (KB956844)--> "C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe "
Security Update for Windows XP (KB957097)--> "C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe "
Security Update for Windows XP (KB958215)--> "C:\WINDOWS\$NtUninstallKB958215$\spuninst\spuninst.exe "
Security Update for Windows XP (KB958644)--> "C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe "
Security Update for Windows XP (KB958687)--> "C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe "
Security Update for Windows XP (KB958690)--> "C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe "
Security Update for Windows XP (KB958869)--> "C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe "
Security Update for Windows XP (KB959426)--> "C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe "
Security Update for Windows XP (KB960225)--> "C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe "
Security Update for Windows XP (KB960714)--> "C:\WINDOWS\$NtUninstallKB960714$\spuninst\spuninst.exe "
Security Update for Windows XP (KB960715)--> "C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe "
Security Update for Windows XP (KB960803)--> "C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe "
Security Update for Windows XP (KB960859)--> "C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe "
Security Update for Windows XP (KB961371)--> "C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe "
Security Update for Windows XP (KB961373)--> "C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe "
Security Update for Windows XP (KB961501)--> "C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe "
Security Update for Windows XP (KB968537)--> "C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe "
Security Update for Windows XP (KB969059)--> "C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe "
Security Update for Windows XP (KB969898)--> "C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe "
Security Update for Windows XP (KB969947)--> "C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe "
Security Update for Windows XP (KB970238)--> "C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe "
Security Update for Windows XP (KB970430)--> "C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe "
Security Update for Windows XP (KB971468)--> "C:\WINDOWS\$NtUninstallKB971468$\spuninst\spuninst.exe "
Security Update for Windows XP (KB971486)--> "C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe "
Security Update for Windows XP (KB971557)--> "C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe "
Security Update for Windows XP (KB971633)--> "C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe "
Security Update for Windows XP (KB971657)--> "C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe "
Security Update for Windows XP (KB972270)--> "C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe "
Security Update for Windows XP (KB973346)--> "C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe "
Security Update for Windows XP (KB973354)--> "C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe "
Security Update for Windows XP (KB973507)--> "C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe "
Security Update for Windows XP (KB973525)--> "C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe "
Security Update for Windows XP (KB973869)--> "C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe "
Security Update for Windows XP (KB973904)--> "C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe "
Security Update for Windows XP (KB974112)--> "C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe "
Security Update for Windows XP (KB974318)--> "C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe "
Security Update for Windows XP (KB974392)--> "C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe "
Security Update for Windows XP (KB974571)--> "C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe "
Security Update for Windows XP (KB975025)--> "C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe "
Security Update for Windows XP (KB975467)--> "C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe "
Security Update for Windows XP (KB975560)--> "C:\WINDOWS\$NtUninstallKB975560$\spuninst\spuninst.exe "
Security Update for Windows XP (KB975561)--> "C:\WINDOWS\$NtUninstallKB975561$\spuninst\spuninst.exe "
Security Update for Windows XP (KB975562)--> "C:\WINDOWS\$NtUninstallKB975562$\spuninst\spuninst.exe "
Security Update for Windows XP (KB975713)--> "C:\WINDOWS\$NtUninstallKB975713$\spuninst\spuninst.exe "
Security Update for Windows XP (KB977165)--> "C:\WINDOWS\$NtUninstallKB977165$\spuninst\spuninst.exe "
Security Update for Windows XP (KB977816)--> "C:\WINDOWS\$NtUninstallKB977816$\spuninst\spuninst.exe "
Security Update for Windows XP (KB977914)--> "C:\WINDOWS\$NtUninstallKB977914$\spuninst\spuninst.exe "
Security Update for Windows XP (KB978037)--> "C:\WINDOWS\$NtUninstallKB978037$\spuninst\spuninst.exe "
Security Update for Windows XP (KB978251)--> "C:\WINDOWS\$NtUninstallKB978251$\spuninst\spuninst.exe "
Security Update for Windows XP (KB978262)--> "C:\WINDOWS\$NtUninstallKB978262$\spuninst\spuninst.exe "
Security Update for Windows XP (KB978338)--> "C:\WINDOWS\$NtUninstallKB978338$\spuninst\spuninst.exe "
Security Update for Windows XP (KB978542)--> "C:\WINDOWS\$NtUninstallKB978542$\spuninst\spuninst.exe "
Security Update for Windows XP (KB978601)--> "C:\WINDOWS\$NtUninstallKB978601$\spuninst\spuninst.exe "
Security Update for Windows XP (KB978706)--> "C:\WINDOWS\$NtUninstallKB978706$\spuninst\spuninst.exe "
Security Update for Windows XP (KB979309)--> "C:\WINDOWS\$NtUninstallKB979309$\spuninst\spuninst.exe "
Security Update for Windows XP (KB979482)--> "C:\WINDOWS\$NtUninstallKB979482$\spuninst\spuninst.exe "
Security Update for Windows XP (KB979559)--> "C:\WINDOWS\$NtUninstallKB979559$\spuninst\spuninst.exe "
Security Update for Windows XP (KB979683)--> "C:\WINDOWS\$NtUninstallKB979683$\spuninst\spuninst.exe "
Security Update for Windows XP (KB980195)--> "C:\WINDOWS\$NtUninstallKB980195$\spuninst\spuninst.exe "
Security Update for Windows XP (KB980218)--> "C:\WINDOWS\$NtUninstallKB980218$\spuninst\spuninst.exe "
Security Update for Windows XP (KB980232)--> "C:\WINDOWS\$NtUninstallKB980232$\spuninst\spuninst.exe "
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
Spybot - Search & Destroy 1.4--> "C:\Program Files\Spybot - Search & Destroy\unins000.exe "
Spybot - Search & Destroy--> "C:\Program Files\Spybot - Search & Destroy\unins001.exe "
SUPERAntiSpyware Free Edition-->MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=" "
Update for Windows Internet Explorer 8 (KB971180)--> "C:\WINDOWS\ie8updates\KB971180-IE8\spuninst\spuninst.exe "
Update for Windows Internet Explorer 8 (KB976662)--> "C:\WINDOWS\ie8updates\KB976662-IE8\spuninst\spuninst.exe "
Update for Windows Internet Explorer 8 (KB976749)--> "C:\WINDOWS\ie8updates\KB976749-IE8\spuninst\spuninst.exe "
Update for Windows Internet Explorer 8 (KB980182)--> "C:\WINDOWS\ie8updates\KB980182-IE8\spuninst\spuninst.exe "
Update for Windows XP (KB951978)--> "C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe "
Update for Windows XP (KB955759)--> "C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe "
Update for Windows XP (KB955839)--> "C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe "
Update for Windows XP (KB961503)--> "C:\WINDOWS\$NtUninstallKB961503$\spuninst\spuninst.exe "
Update for Windows XP (KB967715)--> "C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe "
Update for Windows XP (KB968389)--> "C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe "
Update for Windows XP (KB973687)--> "C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe "
Update for Windows XP (KB973815)--> "C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe "
VIA Platform Device Manager-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{20D4A895-748C-4D88-871C-FDB1695B0169}
Who Wants To Be A Millionaire-->MsiExec.exe /I{27CFF85F-01A0-4091-ADE5-F41DB2990CFE}
Winamp--> "C:\Program Files\Winamp\UninstWA.exe "
Windows Driver Package - Nokia Modem (11/03/2006 6.82.0.1)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_4EFFAAE27A08EDFDE145390033D8EF099DA65567\nokbtmdm.inf
Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)-->C:\PROGRA~1\DIFX\B4723E9A0713E5B1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294\pccsmcfd.inf
Windows Installer Clean Up-->MsiExec.exe /X{121634B0-2F4B-11D3-ADA3-00C04F52DD52}
Windows Internet Explorer 8--> "C:\WINDOWS\ie8\spuninst\spuninst.exe "
Windows Live Call-->MsiExec.exe /I{F6BD194C-4190-4D73-B1B1-C48C99921BFE}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Essentials-->C:\Program Files\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}
Windows Live Messenger-->MsiExec.exe /X{A85FD55B-891B-4314-97A5-EA96C0BD80B5}
Windows Live Sign-in Assistant-->MsiExec.exe /I{45338B07-A236-4270-9A77-EBB4115517B5}
Windows Live Upload Tool-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Windows Media Format 11 runtime--> "C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime--> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe "
Windows XP Service Pack 3--> "C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe "
WinZip--> "C:\Program Files\WinZip\WINZIP32.EXE" /uninstall
Yahoo!7 Messenger-->C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG
Zune Language Pack (DE)-->MsiExec.exe /X{370BCBBA-67D7-4535-ADCD-58CD1C8DEC99}
Zune Language Pack (ES)-->MsiExec.exe /X{EE4ACABF-531E-419A-9225-B8E0FA4955AF}
Zune Language Pack (FR)-->MsiExec.exe /X{0076E1AC-9E7B-4B9F-A62A-4CC9511AD8E3}
Zune Language Pack (IT)-->MsiExec.exe /X{40EC6323-497B-44DA-8A88-74578622D9B3}
Zune-->c:\Program Files\Zune\ZuneSetup.exe /x
Zune-->MsiExec.exe /X{888FFC82-688D-46AB-A776-B417885432B6}

======Hosts File======

::1 localhost

======Security center information======

AV: AVG Anti-Virus Free

======System event log======

Computer Name: HOME-8WI9D3OO4Q
Event Code: 7000
Message: The Avira AntiVir Guard service failed to start due to the following error:
The system cannot find the path specified.

Record Number: 34532
Source Name: Service Control Manager
Time Written: 20100714163147.000000+600
Event Type: error
User:

Computer Name: HOME-8WI9D3OO4Q
Event Code: 7000
Message: The Avira AntiVir Scheduler service failed to start due to the following error:
The system cannot find the path specified.

Record Number: 34531
Source Name: Service Control Manager
Time Written: 20100714163147.000000+600
Event Type: error
User:

Computer Name: HOME-8WI9D3OO4Q
Event Code: 4226
Message: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.

Record Number: 34526
Source Name: Tcpip
Time Written: 20100713192350.000000+600
Event Type: warning
User:

Computer Name: HOME-8WI9D3OO4Q
Event Code: 4226
Message: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.

Record Number: 34525
Source Name: Tcpip
Time Written: 20100713184654.000000+600
Event Type: warning
User:

Computer Name: HOME-8WI9D3OO4Q
Event Code: 4226
Message: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.

Record Number: 34524
Source Name: Tcpip
Time Written: 20100713182417.000000+600
Event Type: warning
User:

=====Application event log=====

Computer Name: HOME-8WI9D3OO4Q
Event Code: 1
Message:
Record Number: 10733
Source Name: OviSuite
Time Written: 20100626140708.000000+600
Event Type: error
User:

Computer Name: HOME-8WI9D3OO4Q
Event Code: 1
Message:
Record Number: 10732
Source Name: OviSuite
Time Written: 20100626140708.000000+600
Event Type: error
User:

Computer Name: HOME-8WI9D3OO4Q
Event Code: 1
Message:
Record Number: 10731
Source Name: OviSuite
Time Written: 20100626140708.000000+600
Event Type: error
User:

Computer Name: HOME-8WI9D3OO4Q
Event Code: 1
Message:
Record Number: 10730
Source Name: OviSuite
Time Written: 20100626140708.000000+600
Event Type: error
User:

Computer Name: HOME-8WI9D3OO4Q
Event Code: 1
Message:
Record Number: 10729
Source Name: OviSuite
Time Written: 20100626140708.000000+600
Event Type: error
User:

======Environment variables======

"ComSpec "=%SystemRoot%\system32\cmd.exe
"Path "=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Program Files\PC Connectivity Solution;C:\Program Files\ATI Technologies\ATI.ACE;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static
"windir "=%SystemRoot%
"OS "=Windows_NT
"PROCESSOR_ARCHITECTURE "=x86
"PROCESSOR_LEVEL "=15
"PROCESSOR_IDENTIFIER "=x86 Family 15 Model 4 Stepping 9, GenuineIntel
"PROCESSOR_REVISION "=0409
"NUMBER_OF_PROCESSORS "=2
"PATHEXT "=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP "=%SystemRoot%\TEMP
"TMP "=%SystemRoot%\TEMP
"FP_NO_HOST_CHECK "=NO

-----------------EOF-----------------

davee · 2010/08/03

here is log :
info.txt logfile of random's system information tool 1.08 2010-08-03 20:32:46

======Uninstall list======

-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNNMP.exe /UNINSTALL
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Acrobat.com-->MsiExec.exe /X{6D8D64BE-F500-55B6-705D-DFD08AFE0624}
Adobe AIR-->c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Download Manager--> "C:\WINDOWS\system32\rundll32.exe" "C:\Program Files\NOS\bin\getPlus_Helper.dll ",Uninstall /IE2883E8F-472F-4fb0-9522-AC9BF37916A7 /Get1
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\System32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil10h_Plugin.exe -maintain plugin
Adobe Reader 9.3.3-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A93000000001}
Adobe Shockwave Player 11.5--> "C:\WINDOWS\system32\Adobe\Shockwave 11\uninstaller.exe "
AnyDVD--> "C:\Program Files\SlySoft\AnyDVD\AnyDVD-uninst.exe" /D= "C:\Program Files\SlySoft\AnyDVD "
ATI - Software Uninstall Utility-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Catalyst Control Center-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe" -l0x0
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_classISPLAY -clean
AVG Free 9.0-->C:\Program Files\AVG\AVG9\setup.exe /UNINSTALL
Canon ScanGear Toolbox CS 2.2-->C:\WINDOWS\IsUninst.exe -f "C:\Program Files\Canon\ScanGear Toolbox CS\Uninst.isu" -c "C:\Program Files\Canon\ScanGear Toolbox CS\uninst.dll "
Catalyst Control Center - Branding-->MsiExec.exe /I{8D7133DE-27D2-47E5-B248-4180278D32AA}
CCleaner (remove only)--> "C:\Program Files\CCleaner\uninst.exe "
Cooliris for Internet Explorer-->MsiExec.exe /I{08600859-216F-3011-999A-58B7A1509851}
Corel Uninstaller-->C:\WINDOWS\Corel\uninst32.exe
D-Link VGA Webcam-->C:\WINDOWS\CleanDev.exe C:\WINDOWS\ov519.TXT
DVD Photo Slideshow Pro 7.97-->C:\Program Files\DVD Photo Slideshow Professional\uninst.exe
DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile/Blu-ray/Mov--> "C:\Program Files\DVDFab 5\unins000.exe "
ESET Online Scanner v3-->C:\Program Files\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
e-tax 2009-->MsiExec.exe /X{0A8C7880-F199-4807-ABD4-6E695B71A3D7}
e-tax 2010-->MsiExec.exe /X{FBE569CA-BFEB-4E57-A674-F94D938E1AEF}
Google Earth-->MsiExec.exe /X{F7B0939E-58DF-11DF-B3A6-005056806466}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Google Updater--> "C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=" "
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=" "
Hotfix for Windows Media Format 11 SDK (KB929399)--> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe "
Hotfix for Windows XP (KB932716-v2)--> "C:\WINDOWS\$NtUninstallKB932716-v2$\spuninst\spuninst.exe "
Hotfix for Windows XP (KB952287)--> "C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe "
Hotfix for Windows XP (KB961118)--> "C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe "
Hotfix for Windows XP (KB970653-v3)--> "C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe "
Hotfix for Windows XP (KB976098-v2)--> "C:\WINDOWS\$NtUninstallKB976098-v2$\spuninst\spuninst.exe "
Hotfix for Windows XP (KB979306)--> "C:\WINDOWS\$NtUninstallKB979306$\spuninst\spuninst.exe "
IrfanView (remove only)-->C:\Program Files\IrfanView\iv_uninstall.exe
Java(TM) 6 Update 21-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216013FF}
LimeWire 5.3.6--> "C:\Program Files\LimeWire\uninstall.exe "
Malwarebytes' Anti-Malware--> "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe "
Microsoft .NET Framework 1.1 Security Update (KB979906)--> "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M979906\M979906Uninstall.msp "
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Internationalized Domain Names Mitigation APIs--> "C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe "
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7--> "C:\WINDOWS\$NtUninstallWdf01007$\spuninst\spuninst.exe "
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9--> "C:\WINDOWS\$NtUninstallWdf01009$\spuninst\spuninst.exe "
Microsoft National Language Support Downlevel APIs--> "C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe "
Microsoft Office XP Professional with FrontPage-->MsiExec.exe /I{90280409-6000-11D3-8CFE-0050048383C9}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft User-Mode Driver Framework Feature Pack 1.9--> "C:\WINDOWS\$NtUninstallWudf01009$\spuninst\spuninst.exe "
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft WinUsb 1.0--> "C:\WINDOWS\$NtUninstallwinusb0100$\spuninst\spuninst.exe "
MSVC80_x86_v2-->MsiExec.exe /I{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}
MSVC80_x86-->MsiExec.exe /I{212748BB-0DA5-46DE-82A1-403736DC9F27}
MSVC90_x86-->MsiExec.exe /I{AF111648-99A1-453E-81DD-80DBBF6DAD0D}
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Nero Suite-->C:\Program Files\Common Files\Nero\Uninstall\setupx.exe /uninstall ExtraUninstallID=" "
NETGEAR WG311v3 PCI Adapter-->C:\Program Files\InstallShield Installation Information\{70014586-7BBA-4A92-A610-CDC896C48F8F}\setup.exe -runfromtemp -l0x0409
Nokia Connectivity Cable Driver-->MsiExec.exe /I{1B9B5B3B-28E7-4E59-A80D-D670AA984514}
Nokia Ovi Suite Software Updater-->MsiExec.exe /X{A0D65C73-F2C5-432F-8788-90F8A2E99B98}
Nokia Ovi Suite-->C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer.exe
Nokia Ovi Suite-->MsiExec.exe /X{7B01FD07-1790-4EE9-B5E0-149527D70C7D}
Nokia PC Suite-->C:\Documents and Settings\All Users\Application Data\Installations\{57A48477-92F0-4C1F-ADF9-4806C4EC3CF2}\Nokia_PC_Suite_683_rel_14_1_APAC.exe /LANG= "2057 "
Nokia PC Suite-->MsiExec.exe /I{57A48477-92F0-4C1F-ADF9-4806C4EC3CF2}
Opera 10.60-->MsiExec.exe /X{1D2C96C3-A3F3-49E7-B839-95279DED837F}
Ovi Desktop Sync Engine-->MsiExec.exe /X{2D10FC46-1D96-44C4-8855-85F21B9B011E}
OviMPlatform-->MsiExec.exe /I{1373559F-6DC6-44EA-9079-6ABDCCE8CDAD}
PC Connectivity Solution-->MsiExec.exe /I{089DD780-DB3F-4CDB-A0C2-111360247298}
PowerDVD-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" -l0x9 REMOVE -removeonly
REALTEK Gigabit and Fast Ethernet NIC Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{94FB906A-CF42-4128-A509-D353026A607E}\setup.exe" -l0x9 REMOVE
RegCure 1.5.2.7-->C:\Program Files\RegCure\uninst.exe
Security Update for Windows Internet Explorer 7 (KB938127-v2)--> "C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe "
Security Update for Windows Internet Explorer 7 (KB956390)--> "C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe "
Security Update for Windows Internet Explorer 7 (KB961260)--> "C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe "
Security Update for Windows Internet Explorer 7 (KB963027)--> "C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe "
Security Update for Windows Internet Explorer 7 (KB969897)--> "C:\WINDOWS\ie7updates\KB969897-IE7\spuninst\spuninst.exe "
Security Update for Windows Internet Explorer 8 (KB969897)--> "C:\WINDOWS\ie8updates\KB969897-IE8\spuninst\spuninst.exe "
Security Update for Windows Internet Explorer 8 (KB971961)--> "C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe "
Security Update for Windows Internet Explorer 8 (KB972260)--> "C:\WINDOWS\ie8updates\KB972260-IE8\spuninst\spuninst.exe "
Security Update for Windows Internet Explorer 8 (KB974455)--> "C:\WINDOWS\ie8updates\KB974455-IE8\spuninst\spuninst.exe "
Security Update for Windows Internet Explorer 8 (KB976325)--> "C:\WINDOWS\ie8updates\KB976325-IE8\spuninst\spuninst.exe "
Security Update for Windows Internet Explorer 8 (KB978207)--> "C:\WINDOWS\ie8updates\KB978207-IE8\spuninst\spuninst.exe "
Security Update for Windows Internet Explorer 8 (KB981332)--> "C:\WINDOWS\ie8updates\KB981332-IE8\spuninst\spuninst.exe "
Security Update for Windows Internet Explorer 8 (KB982381)--> "C:\WINDOWS\ie8updates\KB982381-IE8\spuninst\spuninst.exe "
Security Update for Windows Media Player (KB952069)--> "C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe "
Security Update for Windows Media Player (KB954155)--> "C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe "
Security Update for Windows Media Player (KB968816)--> "C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe "
Security Update for Windows Media Player (KB973540)--> "C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe "
Security Update for Windows Media Player (KB978695)--> "C:\WINDOWS\$NtUninstallKB978695_WM9$\spuninst\spuninst.exe "
Security Update for Windows XP (KB2229593)--> "C:\WINDOWS\$NtUninstallKB2229593$\spuninst\spuninst.exe "
Security Update for Windows XP (KB923561)--> "C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe "
Security Update for Windows XP (KB938464-v2)--> "C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe "
Security Update for Windows XP (KB941569)--> "C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe "
Security Update for Windows XP (KB946648)--> "C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe "
Security Update for Windows XP (KB950760)--> "C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe "
Security Update for Windows XP (KB950762)--> "C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe "
Security Update for Windows XP (KB950974)--> "C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe "
Security Update for Windows XP (KB951066)--> "C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe "
Security Update for Windows XP (KB951376-v2)--> "C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe "
Security Update for Windows XP (KB951698)--> "C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe "
Security Update for Windows XP (KB951748)--> "C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe "
Security Update for Windows XP (KB952004)--> "C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe "
Security Update for Windows XP (KB952954)--> "C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe "
Security Update for Windows XP (KB954459)--> "C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe "
Security Update for Windows XP (KB954600)--> "C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe "
Security Update for Windows XP (KB955069)--> "C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe "
Security Update for Windows XP (KB956572)--> "C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe "
Security Update for Windows XP (KB956744)--> "C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe "
Security Update for Windows XP (KB956802)--> "C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe "
Security Update for Windows XP (KB956803)--> "C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe "
Security Update for Windows XP (KB956841)--> "C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe "
Security Update for Windows XP (KB956844)--> "C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe "
Security Update for Windows XP (KB957097)--> "C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe "
Security Update for Windows XP (KB958215)--> "C:\WINDOWS\$NtUninstallKB958215$\spuninst\spuninst.exe "
Security Update for Windows XP (KB958644)--> "C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe "
Security Update for Windows XP (KB958687)--> "C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe "
Security Update for Windows XP (KB958690)--> "C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe "
Security Update for Windows XP (KB958869)--> "C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe "
Security Update for Windows XP (KB959426)--> "C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe "
Security Update for Windows XP (KB960225)--> "C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe "
Security Update for Windows XP (KB960714)--> "C:\WINDOWS\$NtUninstallKB960714$\spuninst\spuninst.exe "
Security Update for Windows XP (KB960715)--> "C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe "
Security Update for Windows XP (KB960803)--> "C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe "
Security Update for Windows XP (KB960859)--> "C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe "
Security Update for Windows XP (KB961371)--> "C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe "
Security Update for Windows XP (KB961373)--> "C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe "
Security Update for Windows XP (KB961501)--> "C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe "
Security Update for Windows XP (KB968537)--> "C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe "
Security Update for Windows XP (KB969059)--> "C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe "
Security Update for Windows XP (KB969898)--> "C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe "
Security Update for Windows XP (KB969947)--> "C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe "
Security Update for Windows XP (KB970238)--> "C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe "
Security Update for Windows XP (KB970430)--> "C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe "
Security Update for Windows XP (KB971468)--> "C:\WINDOWS\$NtUninstallKB971468$\spuninst\spuninst.exe "
Security Update for Windows XP (KB971486)--> "C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe "
Security Update for Windows XP (KB971557)--> "C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe "
Security Update for Windows XP (KB971633)--> "C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe "
Security Update for Windows XP (KB971657)--> "C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe "
Security Update for Windows XP (KB972270)--> "C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe "
Security Update for Windows XP (KB973346)--> "C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe "
Security Update for Windows XP (KB973354)--> "C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe "
Security Update for Windows XP (KB973507)--> "C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe "
Security Update for Windows XP (KB973525)--> "C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe "
Security Update for Windows XP (KB973869)--> "C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe "
Security Update for Windows XP (KB973904)--> "C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe "
Security Update for Windows XP (KB974112)--> "C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe "
Security Update for Windows XP (KB974318)--> "C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe "
Security Update for Windows XP (KB974392)--> "C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe "
Security Update for Windows XP (KB974571)--> "C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe "
Security Update for Windows XP (KB975025)--> "C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe "
Security Update for Windows XP (KB975467)--> "C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe "
Security Update for Windows XP (KB975560)--> "C:\WINDOWS\$NtUninstallKB975560$\spuninst\spuninst.exe "
Security Update for Windows XP (KB975561)--> "C:\WINDOWS\$NtUninstallKB975561$\spuninst\spuninst.exe "
Security Update for Windows XP (KB975562)--> "C:\WINDOWS\$NtUninstallKB975562$\spuninst\spuninst.exe "
Security Update for Windows XP (KB975713)--> "C:\WINDOWS\$NtUninstallKB975713$\spuninst\spuninst.exe "
Security Update for Windows XP (KB977165)--> "C:\WINDOWS\$NtUninstallKB977165$\spuninst\spuninst.exe "
Security Update for Windows XP (KB977816)--> "C:\WINDOWS\$NtUninstallKB977816$\spuninst\spuninst.exe "
Security Update for Windows XP (KB977914)--> "C:\WINDOWS\$NtUninstallKB977914$\spuninst\spuninst.exe "
Security Update for Windows XP (KB978037)--> "C:\WINDOWS\$NtUninstallKB978037$\spuninst\spuninst.exe "
Security Update for Windows XP (KB978251)--> "C:\WINDOWS\$NtUninstallKB978251$\spuninst\spuninst.exe "
Security Update for Windows XP (KB978262)--> "C:\WINDOWS\$NtUninstallKB978262$\spuninst\spuninst.exe "
Security Update for Windows XP (KB978338)--> "C:\WINDOWS\$NtUninstallKB978338$\spuninst\spuninst.exe "
Security Update for Windows XP (KB978542)--> "C:\WINDOWS\$NtUninstallKB978542$\spuninst\spuninst.exe "
Security Update for Windows XP (KB978601)--> "C:\WINDOWS\$NtUninstallKB978601$\spuninst\spuninst.exe "
Security Update for Windows XP (KB978706)--> "C:\WINDOWS\$NtUninstallKB978706$\spuninst\spuninst.exe "
Security Update for Windows XP (KB979309)--> "C:\WINDOWS\$NtUninstallKB979309$\spuninst\spuninst.exe "
Security Update for Windows XP (KB979482)--> "C:\WINDOWS\$NtUninstallKB979482$\spuninst\spuninst.exe "
Security Update for Windows XP (KB979559)--> "C:\WINDOWS\$NtUninstallKB979559$\spuninst\spuninst.exe "
Security Update for Windows XP (KB979683)--> "C:\WINDOWS\$NtUninstallKB979683$\spuninst\spuninst.exe "
Security Update for Windows XP (KB980195)--> "C:\WINDOWS\$NtUninstallKB980195$\spuninst\spuninst.exe "
Security Update for Windows XP (KB980218)--> "C:\WINDOWS\$NtUninstallKB980218$\spuninst\spuninst.exe "
Security Update for Windows XP (KB980232)--> "C:\WINDOWS\$NtUninstallKB980232$\spuninst\spuninst.exe "
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
Spybot - Search & Destroy 1.4--> "C:\Program Files\Spybot - Search & Destroy\unins000.exe "
Spybot - Search & Destroy--> "C:\Program Files\Spybot - Search & Destroy\unins001.exe "
SUPERAntiSpyware Free Edition-->MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=" "
Update for Windows Internet Explorer 8 (KB971180)--> "C:\WINDOWS\ie8updates\KB971180-IE8\spuninst\spuninst.exe "
Update for Windows Internet Explorer 8 (KB976662)--> "C:\WINDOWS\ie8updates\KB976662-IE8\spuninst\spuninst.exe "
Update for Windows Internet Explorer 8 (KB976749)--> "C:\WINDOWS\ie8updates\KB976749-IE8\spuninst\spuninst.exe "
Update for Windows Internet Explorer 8 (KB980182)--> "C:\WINDOWS\ie8updates\KB980182-IE8\spuninst\spuninst.exe "
Update for Windows XP (KB951978)--> "C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe "
Update for Windows XP (KB955759)--> "C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe "
Update for Windows XP (KB955839)--> "C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe "
Update for Windows XP (KB961503)--> "C:\WINDOWS\$NtUninstallKB961503$\spuninst\spuninst.exe "
Update for Windows XP (KB967715)--> "C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe "
Update for Windows XP (KB968389)--> "C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe "
Update for Windows XP (KB973687)--> "C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe "
Update for Windows XP (KB973815)--> "C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe "
VIA Platform Device Manager-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{20D4A895-748C-4D88-871C-FDB1695B0169}
Who Wants To Be A Millionaire-->MsiExec.exe /I{27CFF85F-01A0-4091-ADE5-F41DB2990CFE}
Winamp--> "C:\Program Files\Winamp\UninstWA.exe "
Windows Driver Package - Nokia Modem (11/03/2006 6.82.0.1)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_4EFFAAE27A08EDFDE145390033D8EF099DA65567\nokbtmdm.inf
Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)-->C:\PROGRA~1\DIFX\B4723E9A0713E5B1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294\pccsmcfd.inf
Windows Installer Clean Up-->MsiExec.exe /X{121634B0-2F4B-11D3-ADA3-00C04F52DD52}
Windows Internet Explorer 8--> "C:\WINDOWS\ie8\spuninst\spuninst.exe "
Windows Live Call-->MsiExec.exe /I{F6BD194C-4190-4D73-B1B1-C48C99921BFE}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Essentials-->C:\Program Files\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}
Windows Live Messenger-->MsiExec.exe /X{A85FD55B-891B-4314-97A5-EA96C0BD80B5}
Windows Live Sign-in Assistant-->MsiExec.exe /I{45338B07-A236-4270-9A77-EBB4115517B5}
Windows Live Upload Tool-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Windows Media Format 11 runtime--> "C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime--> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe "
Windows XP Service Pack 3--> "C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe "
WinZip--> "C:\Program Files\WinZip\WINZIP32.EXE" /uninstall
Yahoo!7 Messenger-->C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG
Zune Language Pack (DE)-->MsiExec.exe /X{370BCBBA-67D7-4535-ADCD-58CD1C8DEC99}
Zune Language Pack (ES)-->MsiExec.exe /X{EE4ACABF-531E-419A-9225-B8E0FA4955AF}
Zune Language Pack (FR)-->MsiExec.exe /X{0076E1AC-9E7B-4B9F-A62A-4CC9511AD8E3}
Zune Language Pack (IT)-->MsiExec.exe /X{40EC6323-497B-44DA-8A88-74578622D9B3}
Zune-->c:\Program Files\Zune\ZuneSetup.exe /x
Zune-->MsiExec.exe /X{888FFC82-688D-46AB-A776-B417885432B6}

======Hosts File======

::1 localhost

======Security center information======

AV: AVG Anti-Virus Free

======System event log======

Computer Name: HOME-8WI9D3OO4Q
Event Code: 7000
Message: The Avira AntiVir Guard service failed to start due to the following error:
The system cannot find the path specified.

Record Number: 34532
Source Name: Service Control Manager
Time Written: 20100714163147.000000+600
Event Type: error
User:

Computer Name: HOME-8WI9D3OO4Q
Event Code: 7000
Message: The Avira AntiVir Scheduler service failed to start due to the following error:
The system cannot find the path specified.

Record Number: 34531
Source Name: Service Control Manager
Time Written: 20100714163147.000000+600
Event Type: error
User:

Computer Name: HOME-8WI9D3OO4Q
Event Code: 4226
Message: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.

Record Number: 34526
Source Name: Tcpip
Time Written: 20100713192350.000000+600
Event Type: warning
User:

Computer Name: HOME-8WI9D3OO4Q
Event Code: 4226
Message: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.

Record Number: 34525
Source Name: Tcpip
Time Written: 20100713184654.000000+600
Event Type: warning
User:

Computer Name: HOME-8WI9D3OO4Q
Event Code: 4226
Message: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.

Record Number: 34524
Source Name: Tcpip
Time Written: 20100713182417.000000+600
Event Type: warning
User:

=====Application event log=====

Computer Name: HOME-8WI9D3OO4Q
Event Code: 1
Message:
Record Number: 10733
Source Name: OviSuite
Time Written: 20100626140708.000000+600
Event Type: error
User:

Computer Name: HOME-8WI9D3OO4Q
Event Code: 1
Message:
Record Number: 10732
Source Name: OviSuite
Time Written: 20100626140708.000000+600
Event Type: error
User:

Computer Name: HOME-8WI9D3OO4Q
Event Code: 1
Message:
Record Number: 10731
Source Name: OviSuite
Time Written: 20100626140708.000000+600
Event Type: error
User:

Computer Name: HOME-8WI9D3OO4Q
Event Code: 1
Message:
Record Number: 10730
Source Name: OviSuite
Time Written: 20100626140708.000000+600
Event Type: error
User:

Computer Name: HOME-8WI9D3OO4Q
Event Code: 1
Message:
Record Number: 10729
Source Name: OviSuite
Time Written: 20100626140708.000000+600
Event Type: error
User:

======Environment variables======

"ComSpec "=%SystemRoot%\system32\cmd.exe
"Path "=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Program Files\PC Connectivity Solution;C:\Program Files\ATI Technologies\ATI.ACE;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static
"windir "=%SystemRoot%
"OS "=Windows_NT
"PROCESSOR_ARCHITECTURE "=x86
"PROCESSOR_LEVEL "=15
"PROCESSOR_IDENTIFIER "=x86 Family 15 Model 4 Stepping 9, GenuineIntel
"PROCESSOR_REVISION "=0409
"NUMBER_OF_PROCESSORS "=2
"PATHEXT "=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP "=%SystemRoot%\TEMP
"TMP "=%SystemRoot%\TEMP
"FP_NO_HOST_CHECK "=NO

-----------------EOF-----------------

crunchie · 2010/08/03

You posted the same log twice

davee · 2010/08/03

ooops i guess uve got enuf to look through with an extra log sooory :-

crunchie · 2010/08/03

Not really. You didn't post the log.txt

davee · 2010/08/03

ok sry i thought it was it so i ran it again here it is i think ...
Logfile of random's system information tool 1.08 (written by random/random)
Run by Dave at 2010-08-03 21:21:11
Microsoft Windows XP Professional Service Pack 3
System drive C: has 18 GB (45%) free of 40 GB
Total RAM: 2047 MB (55% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:21:23 PM, on 8/3/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\NETGEAR\WG311v3\wlancfg5.exe
C:\WINDOWS\system32\ZuneBusEnum.exe
C:\WINDOWS\System32\dmadmin.exe
C:\Program Files\AVG\AVG9\avgemc.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Opera\opera.exe
C:\Documents and Settings\Dave\Desktop\RSIT.exe
C:\Program Files\trend micro\Dave.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O1 - Hosts: Ã¿Ã¾127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: (no name) - {81fdd779-57e9-0539-b8cd-d06cb867e3fd} - (no file)
O2 - BHO: (no name) - {8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Cooliris Plug-In for Internet Explorer - {EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA} - C:\Program Files\PicLensIE\cooliris.dll
O2 - BHO: (no name) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - (no file)
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe "
O4 - Global Startup: NETGEAR WG311v3 Smart Wizard.lnk = C:\Program Files\NETGEAR\WG311v3\wlancfg5.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: Launch Cooliris - {3437D640-C91A-458f-89F5-B9095EA4C28B} - C:\Program Files\PicLensIE\cooliris.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Plugin Control) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader2.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Google Update Service (gupdate1c9c932a0f8aaae) (gupdate1c9c932a0f8aaae) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 6986 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Google Software Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\RegCure Program Check.job
C:\WINDOWS\tasks\RegCure.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-20 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG9\avgssie.dll [2010-07-21 1619296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{81fdd779-57e9-0539-b8cd-d06cb867e3fd}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2010-04-21 764912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-06-22 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-06-22 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA}]
C:\Program Files\PicLensIE\cooliris.dll [2009-07-06 4683744]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AVG9_TRAY "=C:\PROGRA~1\AVG\AVG9\avgtray.exe [2010-07-17 2065760]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware "=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2010-07-22 2403568]
"SpybotSD TeaTimer "=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"swg "=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-04-30 39408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICCC]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon]
C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Messenger (Yahoo!)]
C:\PROGRA~1\Yahoo!\Messenger\YahooMessenger.exe [2010-03-19 5248312]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBJ]
C:\Program Files\Ahead\Nero BackItUp\NBJ.exe [2005-10-11 1961984]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck]
C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe [2007-03-23 227328]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2009-09-10 417792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RaidTool]
C:\Program Files\VIA\RAID\raid_tool.exe [2005-04-26 589824]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\raid_tool]
C:\Program Files\VIA\RAID\raid_tool.exe [2005-04-26 589824]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2005-01-12 32768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
C:\WINDOWS\SOUNDMAN.EXE [2005-05-17 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-02-10 61440]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-04-30 39408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zune Launcher]
c:\Program Files\Zune\ZuneLauncher.exe [2010-01-07 158448]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Corel Family & Friends Reminders.LNK]
C:\PROGRA~1\Corel\PRINTH~1\cffrem.exe [1999-01-07 493056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
C:\PROGRA~1\MICROS~4\Office10\OSA.EXE [2001-02-13 83360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"AntiVirService "=2
"AntiVirSchedulerService "=2

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
NETGEAR WG311v3 Smart Wizard.lnk - C:\Program Files\NETGEAR\WG311v3\wlancfg5.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [2009-09-06 548352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2010-02-11 155648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2010-07-17 12536]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername "=0
"legalnoticecaption "=
"legalnoticetext "=
"shutdownwithoutlogon "=1
"undockwithoutlogon "=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun "=323
"NoDriveAutoRun "=67108863
"NoDrives "=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun "=67108863
"NoDriveTypeAutoRun "=323
"NoDrives "=0
"HonorAutoRunSetting "=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe "= "%windir%\system32\sessmgr.exe:*:enabledxpsp2res.dll,-22019 "
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe "= "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger "
"%windir%\Network Diagnostic\xpnetdiag.exe "= "%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000 "
"C:\Program Files\Messenger\msmsgs.exe "= "C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger "
"C:\Program Files\Opera\opera.exe "= "C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser "
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe "= "C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call "
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe "= "C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger "
"C:\Program Files\AVG\AVG9\avgemc.exe "= "C:\Program Files\AVG\AVG9\avgemc.exe:*:Enabled:avgemc.exe "
"C:\Program Files\AVG\AVG9\avgupd.exe "= "C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe "
"C:\Program Files\AVG\AVG9\avgnsx.exe "= "C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe "
"C:\Program Files\LimeWire\LimeWire.exe "= "C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire "
"C:\Program Files\Java\jre6\bin\java.exe "= "C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary "
"C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe "= "C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe:*:Enabled:Nokia Ovi Suite 2 "
"C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe "= "C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe "= "%windir%\system32\sessmgr.exe:*:enabledxpsp2res.dll,-22019 "
"%windir%\Network Diagnostic\xpnetdiag.exe "= "%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000 "
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe "= "C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call "
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe "= "C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger "

======List of files/folders created in the last 1 months======

2010-08-03 20:32:31 ----D---- C:\Program Files\trend micro
2010-08-03 20:32:30 ----D---- C:\rsit
2010-08-03 20:19:00 ----A---- C:\TDSSKiller.2.4.0.0_03.08.2010_20.19.00_log.txt
2010-07-31 21:06:10 ----D---- C:\Program Files\ESET
2010-07-31 13:35:46 ----SHD---- C:\RECYCLER
2010-07-30 20:35:47 ----A---- C:\ComboFix.txt
2010-07-30 20:27:06 ----D---- C:\WINDOWS\temp
2010-07-30 16:07:34 ----A---- C:\WINDOWS\ntbtlog.txt
2010-07-27 20:51:16 ----RASHD---- C:\cmdcons
2010-07-26 16:59:15 ----D---- C:\Documents and Settings\All Users\Application Data\Socusoft
2010-07-25 10:36:14 ----D---- C:\Documents and Settings\All Users\Application Data\vsosdk
2010-07-23 22:48:35 ----D---- C:\Documents and Settings\All Users\Application Data\Sun
2010-07-23 22:48:33 ----D---- C:\Program Files\Common Files\Java
2010-07-23 22:48:04 ----A---- C:\WINDOWS\system32\javaws.exe
2010-07-23 22:48:04 ----A---- C:\WINDOWS\system32\javaw.exe
2010-07-23 22:48:04 ----A---- C:\WINDOWS\system32\java.exe
2010-07-23 22:48:04 ----A---- C:\WINDOWS\system32\deployJava1.dll
2010-07-23 21:05:25 ----D---- C:\_OTL
2010-07-22 19:16:48 ----D---- C:\Documents and Settings\Dave\Application Data\Malwarebytes
2010-07-22 19:16:36 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2010-07-22 19:16:35 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-07-22 19:16:35 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2010-07-22 19:16:35 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2010-07-21 20:32:18 ----D---- C:\Documents and Settings\Dave\Application Data\8926D9C51CB41E81AD43AAED097E3035
2010-07-21 18:36:37 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-07-17 09:29:17 ----A---- C:\WINDOWS\system32\avgrsstx.dll
2010-07-16 16:07:04 ----A---- C:\WINDOWS\MSPublisher_Quark Converter.INI
2010-07-16 15:37:42 ----A---- C:\WINDOWS\system32\W95fiber.dll
2010-07-16 15:37:42 ----A---- C:\WINDOWS\system32\Msvcrtd.dll
2010-07-16 15:37:42 ----A---- C:\WINDOWS\system32\Msvcrt10.dll
2010-07-16 15:37:42 ----A---- C:\WINDOWS\system32\Msvcirtd.dll
2010-07-16 15:37:42 ----A---- C:\WINDOWS\system32\Mfco30.dll
2010-07-16 15:37:42 ----A---- C:\WINDOWS\system32\Mfc30.dll
2010-07-16 15:37:41 ----A---- C:\WINDOWS\Pcdlib32.dll
2010-07-16 15:33:43 ----A---- C:\WINDOWS\IsUninst.exe
2010-07-16 15:29:04 ----D---- C:\WINDOWS\_ISTMP2.DIR
2010-07-16 15:29:04 ----D---- C:\WINDOWS\_ISTMP1.DIR
2010-07-14 17:23:48 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593$

======List of files/folders modified in the last 1 months======

2010-08-03 20:32:44 ----D---- C:\WINDOWS\Prefetch
2010-08-03 20:32:31 ----RD---- C:\Program Files
2010-08-03 20:19:51 ----D---- C:\WINDOWS\system32\drivers
2010-08-03 19:04:04 ----D---- C:\Documents and Settings\All Users\Application Data\DVD Shrink
2010-08-03 17:55:20 ----SD---- C:\WINDOWS\Tasks
2010-08-03 17:55:13 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater
2010-08-03 16:44:48 ----D---- C:\WINDOWS\system32\CatRoot2
2010-08-03 16:41:44 ----D---- C:\WINDOWS\system32\drivers\Avg
2010-08-02 18:11:19 ----D---- C:\WINDOWS\system32
2010-08-01 22:05:53 ----D---- C:\WINDOWS\system32\drivers\etc
2010-07-31 21:06:12 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-07-31 21:06:12 ----D---- C:\WINDOWS
2010-07-31 20:15:27 ----D---- C:\WINDOWS\Minidump
2010-07-31 15:56:39 ----D---- C:\Program Files\SUPERAntiSpyware
2010-07-31 15:55:50 ----SHD---- C:\System Volume Information
2010-07-31 15:55:50 ----D---- C:\WINDOWS\system32\Restore
2010-07-31 15:29:44 ----D---- C:\WINDOWS\ERDNT
2010-07-30 20:30:57 ----A---- C:\WINDOWS\system.ini
2010-07-30 20:23:28 ----D---- C:\WINDOWS\AppPatch
2010-07-30 20:23:25 ----D---- C:\Program Files\Common Files
2010-07-29 06:48:49 ----D---- C:\WINDOWS\network diagnostic
2010-07-27 20:51:23 ----RASH---- C:\boot.ini
2010-07-26 20:58:45 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2010-07-26 20:54:38 ----D---- C:\Program Files\Adobe
2010-07-26 20:53:48 ----D---- C:\Program Files\Common Files\Adobe
2010-07-26 20:53:41 ----D---- C:\WINDOWS\ShellNew
2010-07-26 17:00:07 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2010-07-25 17:36:42 ----D---- C:\Documents and Settings\Dave\Application Data\LimeWire
2010-07-25 13:03:44 ----SHD---- C:\WINDOWS\Installer
2010-07-25 13:03:42 ----D---- C:\Program Files\etax2010
2010-07-24 23:56:32 ----D---- C:\WINDOWS\system32\config
2010-07-23 22:48:00 ----D---- C:\Program Files\Java
2010-07-22 21:24:58 ----A---- C:\WINDOWS\win.ini
2010-07-22 21:24:58 ----A---- C:\Boot.bak
2010-07-22 20:33:33 ----HDC---- C:\WINDOWS\$NtUninstallKB978695_WM9$
2010-07-22 19:26:47 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2010-07-21 20:32:19 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-07-21 18:11:51 ----D---- C:\Documents and Settings\Dave\Application Data\Vso
2010-07-20 21:48:09 ----D---- C:\WINDOWS\Debug
2010-07-19 12:39:25 ----A---- C:\WINDOWS\NeroDigital.ini
2010-07-16 15:41:13 ----RSD---- C:\WINDOWS\Fonts
2010-07-14 17:23:53 ----HD---- C:\WINDOWS\inf
2010-07-14 17:23:38 ----HD---- C:\WINDOWS\$hf_mig$

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2009-04-29 44944]
R0 viaagp1;VIA AGP Filter; C:\WINDOWS\System32\DRIVERS\viaagp1.sys [2003-07-02 27904]
R0 viamraid;viamraid; C:\WINDOWS\System32\DRIVERS\viamraid.sys [2005-04-26 60928]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-07-13 91904]
R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2010-07-17 216400]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2010-06-03 29584]
R1 AvgTdiX;AVG Free8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2010-07-17 243024]
R1 avipbb;avipbb; C:\WINDOWS\System32\DRIVERS\avipbb.sys [2009-02-13 95576]
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2010-01-02 26024]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 36352]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
R2 zumbus;Zune Bus Enumerator Driver; C:\WINDOWS\system32\DRIVERS\zumbus.sys [2010-01-07 40832]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-05-18 2319680]
R3 AnyDVD;AnyDVD; C:\WINDOWS\System32\Drivers\AnyDVD.sys [2010-04-24 106432]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2010-02-11 3565056]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-23 12160]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2009-05-26 47360]
R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\System32\DRIVERS\Rtlnicxp.sys [2005-03-04 74496]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2010-02-26 18176]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2010-02-26 22528]
S3 ovt519;D-Link VGA Webcam; C:\WINDOWS\System32\Drivers\ov519vid.sys [2003-10-15 174530]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
S3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2010-02-26 8192]
S3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-14 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2010-02-26 8192]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 usbvideo;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-14 121984]
S3 W8335XP;NETGEAR WG311v3 802.11g Wireless PCI Adapter for Windows XP (8335); C:\WINDOWS\system32\DRIVERS\WG311v3XP.sys [2005-10-06 280576]
S3 WinUSB;WinUSB; C:\WINDOWS\system32\DRIVERS\WinUSB.sys [2006-11-02 39368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2010-02-11 602112]
R2 avg9emc;AVG Free E-mail Scanner; C:\Program Files\AVG\AVG9\avgemc.exe [2010-07-21 921952]
R2 avg9wd;AVG Free WatchDog; C:\Program Files\AVG\AVG9\avgwdsvc.exe [2010-07-17 308136]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-06-22 153376]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 ZuneBusEnum;Zune Bus Enumerator; C:\WINDOWS\system32\ZuneBusEnum.exe [2010-01-07 58592]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2010-02-10 593920]
S2 gupdate1c9c932a0f8aaae;Google Update Service (gupdate1c9c932a0f8aaae); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-04-30 133104]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-30 183280]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 getPlusHelper;getPlus(R) Helper; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-06-14 615936]
S3 ZuneNetworkSvc;Zune Network Sharing Service; C:\Program Files\Zune\ZuneNss.exe [2010-01-07 5950704]
S3 ZuneWlanCfgSvc;Zune Wireless Configuration Service; C:\WINDOWS\system32\ZuneWlanCfgSvc.exe [2010-01-07 447216]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

crunchie · 2010/08/03

I'll get you to upload a file for a scan, but I suspect it will come back clear.

Please go to Jotti's or to virustotal and have this file scanned. Post the results back here.

C:\WINDOWS\System32\DRIVERS\avipbb.sys

==

This thing is invisible

davee · 2010/08/03

your suspicions were right nothing found . it seems to be invisible . its strange cause it dosent happen in all google seaches when clicking on the link and the random tab poping up is iregular too it a doozy alright

Log in or Sign up

Solved trojan / "Object is inaccessible."

crunchie Inactive

davee Inactive Thread Starter

davee Inactive Thread Starter

davee Inactive Thread Starter

crunchie Inactive

davee Inactive Thread Starter

davee Inactive Thread Starter

crunchie Inactive

davee Inactive Thread Starter

crunchie Inactive

davee Inactive Thread Starter

crunchie Inactive

davee Inactive Thread Starter

davee Inactive Thread Starter

crunchie Inactive

davee Inactive Thread Starter

crunchie Inactive

davee Inactive Thread Starter

crunchie Inactive

davee Inactive Thread Starter

Share This Page

Log in or Sign up

Solved trojan / "Object is inaccessible."

crunchie Inactive

davee Inactive Thread Starter

davee Inactive Thread Starter

davee Inactive Thread Starter

crunchie Inactive

davee Inactive Thread Starter

davee Inactive Thread Starter

crunchie Inactive

davee Inactive Thread Starter

crunchie Inactive

davee Inactive Thread Starter

crunchie Inactive

davee Inactive Thread Starter

davee Inactive Thread Starter

crunchie Inactive

davee Inactive Thread Starter

crunchie Inactive

davee Inactive Thread Starter

crunchie Inactive

davee Inactive Thread Starter

Share This Page

Useful Searches