1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Solved: Please check Log!!

Discussion in 'Virus & Other Malware Removal' started by sueb_51, Feb 4, 2007.

Thread Status:
Not open for further replies.
Advertisement
  1. sueb_51

    sueb_51 Thread Starter

    Joined:
    May 13, 2004
    Messages:
    1,095
    Hi all!! Could use some help here. Comp has been running great for about 2 months. Suddenly windows just crashes. When i send the error report it says i have a device error. I haven't added anything so i don't know what this could be. Also my AVG suddenly stopped working and i had to delete and reinstall it. i'm including a log. any help would be apppreciated. thanx

    Logfile of HijackThis v1.99.1
    Scan saved at 3:59:14 PM, on 2/4/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
    C:\WINDOWS\System32\snmp.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
    C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\MSI\Common\RaUI.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\WinRAR\WinRAR.exe
    C:\DOCUME~1\Nana\LOCALS~1\Temp\Rar$EX01.317\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ben10.com/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM\blank.htm
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
    O4 - HKLM\..\Run: [Ulead AutoDetector] C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
    O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE USB PC Camera 302
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - Global Startup: MSI Wireless Utility.lnk = C:\Program Files\MSI\Common\RaUI.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: Yahoo! Euchre - http://download2.games.yahoo.com/games/clients/y/et3_x.cab
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1158566750920
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1158684562829
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab
    O16 - DPF: {E473A65C-8087-49A3-AFFD-C5BC4A10669B} (Quantum Streaming IE Player Class) - http://mvnet.xlontech.net/qm/fox/06101102/qsp2ie06101001.cab
    O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
     
  2. sueb_51

    sueb_51 Thread Starter

    Joined:
    May 13, 2004
    Messages:
    1,095
    ummmmm could somebody help me here please!!!
     
  3. sueb_51

    sueb_51 Thread Starter

    Joined:
    May 13, 2004
    Messages:
    1,095
    has anybody had a chance to check this for me yet??
     
  4. sueb_51

    sueb_51 Thread Starter

    Joined:
    May 13, 2004
    Messages:
    1,095
    Is there some reason that nobody is helping me??
     
  5. sueb_51

    sueb_51 Thread Starter

    Joined:
    May 13, 2004
    Messages:
    1,095
    should i go elsewhere for help??
     
  6. ~Candy~

    ~Candy~ Retired Administrator

    Joined:
    Jan 27, 2001
    Messages:
    103,706
    Let me see who I can find Sue.

    I'm on vacation at the moment....thanks for the pm.........
     
  7. Cookiegal

    Cookiegal Administrator Malware Specialist Coordinator

    Joined:
    Aug 27, 2003
    Messages:
    113,285
    Hi Sue,

    Go to Start - Run - type in eventvwr.msc and click OK. Look under "application" and "system" and see if there are recent errors there in red. If so, double click them to open them up and then click on the icon that looks like two pieces of paper. This will copy them to the clipboard. Then paste them here please.
     
  8. ~Candy~

    ~Candy~ Retired Administrator

    Joined:
    Jan 27, 2001
    Messages:
    103,706
    Thanks, Karen (y)

    :)
     
  9. Cookiegal

    Cookiegal Administrator Malware Specialist Coordinator

    Joined:
    Aug 27, 2003
    Messages:
    113,285
    You're welcome Candy. :)
     
  10. sueb_51

    sueb_51 Thread Starter

    Joined:
    May 13, 2004
    Messages:
    1,095
    Thanx as well Candy and Karen. I don't know if i am able now to do what u instructed. The computer has been going haywire on its own for the past 2 days. It just keeps restarting and checking disk then looks like its gonna go then back to the same screen. I tried to boot with the winxp cd but when i clicked on install it said a newer version was already installed on the computer, but it isn't. I was just gonna format and start all over but i can't even do that. I do have another hard drive if i need to install that. any ideas?? thanx
     
  11. sueb_51

    sueb_51 Thread Starter

    Joined:
    May 13, 2004
    Messages:
    1,095
    the only thing that i can get into is the Bios setup
     
  12. sueb_51

    sueb_51 Thread Starter

    Joined:
    May 13, 2004
    Messages:
    1,095
    well it let me get in there but then just froze. but i see alot of events with a warning sign!! I do have access to another computer here. but dont know if i can do anything
     
  13. sueb_51

    sueb_51 Thread Starter

    Joined:
    May 13, 2004
    Messages:
    1,095
    Type Date Time Source Category Event User Computer
    Information 2/7/2007 11:49:02 AM SecurityCenter None 1800 N/A L5H8C4
    Warning 2/7/2007 11:48:23 AM EvntAgnt None 1015 N/A L5H8C4
    Warning 2/7/2007 11:48:23 AM EvntAgnt None 1003 N/A L5H8C4
    Information 2/7/2007 11:47:55 AM AvgEms None 1 N/A L5H8C4
    Information 2/7/2007 11:47:11 AM Avg7UpdSvc None 1 N/A L5H8C4
    Information 2/7/2007 11:32:16 AM Winlogon None 1002 N/A L5H8C4
    Error 2/7/2007 11:32:05 AM Application Hang (101) 1002 N/A L5H8C4
    Error 2/7/2007 11:31:17 AM Application Hang (101) 1002 N/A L5H8C4
    Information 2/7/2007 11:21:46 AM SecurityCenter None 1800 N/A L5H8C4
    Warning 2/7/2007 11:21:28 AM EvntAgnt None 1015 N/A L5H8C4
    Warning 2/7/2007 11:21:28 AM EvntAgnt None 1003 N/A L5H8C4
    Information 2/7/2007 11:21:07 AM AvgEms None 1 N/A L5H8C4
    Information 2/7/2007 11:20:05 AM Avg7UpdSvc None 1 N/A L5H8C4
    Information 2/7/2007 11:19:47 AM Winlogon None 1001 N/A L5H8C4
    Warning 2/6/2007 1:55:08 PM WinMgmt None 34 N/A L5H8C4
    Information 2/6/2007 1:54:18 PM Winlogon None 1002 N/A L5H8C4
    Information 2/6/2007 1:49:39 PM LoadPerf None 1000 N/A L5H8C4
    Information 2/6/2007 1:49:39 PM LoadPerf None 1000 N/A L5H8C4
    Information 2/6/2007 1:49:39 PM LoadPerf None 1000 N/A L5H8C4
    Information 2/6/2007 1:49:38 PM LoadPerf None 1001 N/A L5H8C4
    Information 2/6/2007 1:49:38 PM LoadPerf None 1001 N/A L5H8C4
    Information 2/6/2007 1:49:37 PM LoadPerf None 1001 N/A L5H8C4
    Information 2/6/2007 1:43:37 PM SecurityCenter None 1800 N/A L5H8C4
    Information 2/6/2007 1:42:52 PM AvgEms None 1 N/A L5H8C4
    Warning 2/6/2007 1:41:56 PM EvntAgnt None 1015 N/A L5H8C4
    Warning 2/6/2007 1:41:56 PM EvntAgnt None 1003 N/A L5H8C4
    Information 2/6/2007 1:41:07 PM Avg7UpdSvc None 1 N/A L5H8C4
    Information 2/6/2007 10:33:03 AM SecurityCenter None 1800 N/A L5H8C4
    Information 2/6/2007 10:32:16 AM AvgEms None 1 N/A L5H8C4
    Warning 2/6/2007 10:31:31 AM EvntAgnt None 1015 N/A L5H8C4
    Warning 2/6/2007 10:31:31 AM EvntAgnt None 1003 N/A L5H8C4
    Information 2/6/2007 10:30:31 AM Avg7UpdSvc None 1 N/A L5H8C4
    Information 2/6/2007 10:30:14 AM Winlogon None 1001 N/A L5H8C4
    Error 2/6/2007 10:25:22 AM Application Error None 1000 N/A L5H8C4
    Information 2/6/2007 9:20:56 AM SecurityCenter None 1800 N/A L5H8C4
    Warning 2/6/2007 9:20:09 AM EvntAgnt None 1015 N/A L5H8C4
    Warning 2/6/2007 9:20:09 AM EvntAgnt None 1003 N/A L5H8C4
    Information 2/6/2007 9:19:48 AM AvgEms None 1 N/A L5H8C4
    Information 2/6/2007 9:18:47 AM Avg7UpdSvc None 1 N/A L5H8C4
    Information 2/6/2007 9:14:40 AM SecurityCenter None 1800 N/A L5H8C4
    Error 2/6/2007 9:14:09 AM AVG7 Error 100 SYSTEM L5H8C4
    Warning 2/6/2007 9:13:57 AM EvntAgnt None 1015 N/A L5H8C4
    Warning 2/6/2007 9:13:57 AM EvntAgnt None 1003 N/A L5H8C4
    Information 2/6/2007 9:13:29 AM AvgEms None 1 N/A L5H8C4
    Information 2/6/2007 9:12:36 AM Avg7UpdSvc None 1 N/A L5H8C4
    Error 2/6/2007 9:07:46 AM Application Error None 1000 N/A L5H8C4
    Error 2/6/2007 12:58:19 AM Application Error (100) 1000 N/A L5H8C4
    Error 2/6/2007 12:53:15 AM Application Error (100) 1000 N/A L5H8C4
    Error 2/6/2007 12:48:10 AM Application Error (100) 1000 N/A L5H8C4
    Error 2/6/2007 12:43:05 AM Application Error (100) 1000 N/A L5H8C4
    Error 2/6/2007 12:38:00 AM Application Error (100) 1000 N/A L5H8C4
    Error 2/6/2007 12:32:55 AM Application Error (100) 1000 N/A L5H8C4
    Error 2/6/2007 12:27:50 AM Application Error (100) 1000 N/A L5H8C4
    Error 2/6/2007 12:22:45 AM Application Error (100) 1000 N/A L5H8C4
    Error 2/6/2007 12:17:39 AM Application Error (100) 1000 N/A L5H8C4
    Error 2/6/2007 12:12:34 AM Application Error (100) 1000 N/A L5H8C4
    Error 2/5/2007 11:25:49 PM Application Error None 1000 N/A L5H8C4
    Error 2/5/2007 11:09:00 PM Application Error None 1000 N/A L5H8C4
    Information 2/5/2007 10:05:16 PM SecurityCenter None 1800 N/A L5H8C4
    Warning 2/5/2007 10:04:15 PM EvntAgnt None 1015 N/A L5H8C4
    Warning 2/5/2007 10:04:15 PM EvntAgnt None 1003 N/A L5H8C4
    Information 2/5/2007 10:04:06 PM AvgEms None 1 N/A L5H8C4
    Information 2/5/2007 10:03:19 PM Avg7UpdSvc None 1 N/A L5H8C4
    Information 2/5/2007 10:02:57 PM Winlogon None 1001 N/A L5H8C4
    Warning 2/5/2007 9:53:54 PM EvntAgnt None 1015 N/A L5H8C4
    Warning 2/5/2007 9:53:50 PM EvntAgnt None 1003 N/A L5H8C4
    Information 2/5/2007 9:45:02 PM Avg7UpdSvc None 1 N/A L5H8C4
    Error 2/5/2007 9:43:32 PM Application Error None 1000 N/A L5H8C4
    Error 2/5/2007 9:21:42 PM AVG7 Error 100 Nana L5H8C4
    Error 2/5/2007 9:21:42 PM AVG7 Error 100 Nana L5H8C4
    Information 2/5/2007 9:16:57 PM SecurityCenter None 1800 N/A L5H8C4
    Warning 2/5/2007 9:15:51 PM EvntAgnt None 1015 N/A L5H8C4
    Warning 2/5/2007 9:15:51 PM EvntAgnt None 1003 N/A L5H8C4
    Information 2/5/2007 9:15:28 PM AvgEms None 1 N/A L5H8C4
    Information 2/5/2007 9:14:18 PM Avg7UpdSvc None 1 N/A L5H8C4
    Information 2/5/2007 9:14:02 PM Winlogon None 1001 N/A L5H8C4
    Information 2/5/2007 8:31:17 PM SecurityCenter None 1800 N/A L5H8C4
    Warning 2/5/2007 8:31:08 PM EvntAgnt None 1015 N/A L5H8C4
    Warning 2/5/2007 8:31:08 PM EvntAgnt None 1003 N/A L5H8C4
    Warning 2/5/2007 8:26:59 PM Userenv None 1517 SYSTEM L5H8C4
    Information 2/5/2007 7:53:17 PM SecurityCenter None 1800 N/A L5H8C4
    Warning 2/5/2007 7:53:05 PM EvntAgnt None 1015 N/A L5H8C4
    Warning 2/5/2007 7:53:05 PM EvntAgnt None 1003 N/A L5H8C4
    Information 2/5/2007 7:41:00 PM Winlogon None 1001 N/A L5H8C4
    Error 2/5/2007 7:36:08 PM Application Error None 1000 N/A L5H8C4
    Error 2/5/2007 7:31:30 PM Application Hang (101) 1002 N/A L5H8C4
    Error 2/5/2007 7:29:50 PM Application Hang (101) 1002 N/A L5H8C4
    Information 2/5/2007 7:08:26 PM SecurityCenter None 1800 N/A L5H8C4
    Warning 2/5/2007 7:08:25 PM EvntAgnt None 1015 N/A L5H8C4
    Warning 2/5/2007 7:08:25 PM EvntAgnt None 1003 N/A L5H8C4
    Information 2/5/2007 7:08:09 PM Winlogon None 1001 N/A L5H8C4
    Information 2/5/2007 6:17:14 PM SecurityCenter None 1800 N/A L5H8C4
    Warning 2/5/2007 6:17:13 PM EvntAgnt None 1015 N/A L5H8C4
    Warning 2/5/2007 6:17:13 PM EvntAgnt None 1003 N/A L5H8C4
    Information 2/5/2007 6:16:58 PM Winlogon None 1001 N/A L5H8C4
    Error 2/5/2007 5:49:01 PM Application Error None 1001 N/A L5H8C4
    Error 2/5/2007 5:48:04 PM Application Error (100) 1004 N/A L5H8C4
    Information 2/5/2007 5:47:47 PM SecurityCenter None 1800 N/A L5H8C4
    Warning 2/5/2007 5:47:42 PM EvntAgnt None 1015 N/A L5H8C4
    Warning 2/5/2007 5:47:42 PM EvntAgnt None 1003 N/A L5H8C4
    Information 2/5/2007 5:47:21 PM Winlogon None 1001 N/A L5H8C4
    I managed to get this part done, i'll keep trying. For some reason the puter is running just fine again. touch wood. i really think it has someting to do with avg. i kept getting error msg left and right and it kept shutting itself off. should i do another hijack while i can lol
     
  14. sueb_51

    sueb_51 Thread Starter

    Joined:
    May 13, 2004
    Messages:
    1,095
    Logfile of HijackThis v1.99.1
    Scan saved at 12:40:36 PM, on 2/7/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\VM_STI.EXE
    C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
    C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\MSI\Common\RaUI.exe
    C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
    C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    C:\WINDOWS\System32\snmp.exe
    C:\WINDOWS\System32\svchost.exe
    C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\WinRAR\WinRAR.exe
    C:\DOCUME~1\Nana\LOCALS~1\Temp\Rar$EX00.569\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hotmail.com/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM\blank.htm
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll (file missing)
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll (file missing)
    O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
    O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE USB PC Camera 302
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
    O4 - Global Startup: MSI Wireless Utility.lnk = C:\Program Files\MSI\Common\RaUI.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
    O16 - DPF: Yahoo! Euchre - http://download2.games.yahoo.com/games/clients/y/et3_x.cab
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1158566750920
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1158684562829
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab
    O16 - DPF: {E473A65C-8087-49A3-AFFD-C5BC4A10669B} (Quantum Streaming IE Player Class) - http://mvnet.xlontech.net/qm/fox/06101102/qsp2ie06101001.cab
    O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
    O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    O23 - Service: AVG Firewall (AVGFwSrv) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
    O23 - Service: Google Updater Service (gusvc) - Unknown owner - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing)
     
  15. Cookiegal

    Cookiegal Administrator Malware Specialist Coordinator

    Joined:
    Aug 27, 2003
    Messages:
    113,285
    Can you try doing a system restore to go back to date just before this started happening? If it doesn't help, you can just undo it.
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/541216

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice