1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Vista Ultimate problems

Discussion in 'Virus & Other Malware Removal' started by axagirl, Jan 4, 2011.

Thread Status:
Not open for further replies.
  1. axagirl

    axagirl Thread Starter

    Joined:
    Mar 7, 2006
    Messages:
    145
    I was advised on another thread to post this here. Had some problems on New Year's Eve with sluggishness, unresponsiveness, and freezing up of my HP dv6000 running Vista Ultimate 64 bit. Ran MWBAM in safe mode and found no problems. In checking the AVG 9.0 scan records, I saw that it was showing 6 infections from Dec. 3 - 20, all Trojan horse Generic 20.ZKQ and all in files relating to Vongo. On Dec. 20, the scan showed that all these infections were healed. I had noticed no problems with the computer during that time, but only found this in checking after problems occurred on New Year's Eve. Subsequent scans with AVG, MWBAM, and Superantispyware all show no problems. Did a System Health Report yesterday which showed that a service was stopped, the CLScheduler. I restarted it, and today everything has seemed normal.

    I'm including the HJT scan log, but will have to wait until tomorrow to complete the other downloads as requested. Thanks.

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 9:05:06 PM, on 1/4/2011
    Platform: Windows Vista SP1 (WinNT 6.00.1905)
    MSIE: Internet Explorer v7.00 (7.00.6001.18542)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files (x86)\Hp\QuickPlay\QPService.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
    C:\Program Files (x86)\AVG\AVG9\avgtray.exe
    C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
    C:\Program Files (x86)\Hewlett-Packard\Shared\HpqToaster.exe
    C:\Program Files (x86)\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ycomp/defaults/sb/*http://www.yahoo.com/search/ie.html
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ycomp/defaults/sp/*http://www.yahoo.com
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll
    R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
    R3 - URLSearchHook: (no name) - *{EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
    O1 - Hosts: ::1 localhost
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - (no file)
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
    O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
    O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O3 - Toolbar: Foxit Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
    O4 - HKLM\..\Run: [QPService] "C:\Program Files (x86)\HP\QuickPlay\QPService.exe"
    O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles(x86)%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
    O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~2\AVG\AVG9\avgtray.exe
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
    O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files (x86)\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
    O13 - Gopher Prefix:
    O16 - DPF: {1C8066CB-47D0-4904-B982-6DB6B56D655A} (NVSViewerCtrl Control) - http://www.oceanclubresorts.com/cam/nvs.cab
    O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
    O16 - DPF: {A3256902-51FA-45A0-8A97-FC1143C169D9} (Diagnostics ActiveX WebControl) - http://support.microsoft.com/mats/DiagWebControl.cab
    O16 - DPF: {A93B47FD-9BF6-4DA8-97FC-9270B9D64A6C} (VaPgCtrl Class) - http://65.40.94.11:81/plugin/h263ctrl.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgpp.dll
    O20 - Winlogon Notify: !SASWinLogon - C:\Program Files (x86)\SUPERAntiSpyware\SASWINLO.dll
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files (x86)\AVG\AVG9\Toolbar\ToolbarBroker.exe
    O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG9\avgemc.exe
    O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe
    O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
    O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\CLSched.exe
    O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
    O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
    O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Roxio\Roxio MyDVD Basic v9\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
    O23 - Service: Remote Procedure Call (RPC) Locator (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
    O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: Vongo Service - Starz Entertainment Group LLC - C:\Program Files (x86)\Vongo\VongoService.exe
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
    O23 - Service: XAudioService - Unknown owner - C:\Windows\system32\DRIVERS\xaudio64.exe (file missing)

    --
    End of file - 11924 bytes
     
  2. axagirl

    axagirl Thread Starter

    Joined:
    Mar 7, 2006
    Messages:
    145
    Here are the other scans:

    GMER 1.0.15.15530 - http://www.gmer.net
    Rootkit scan 2011-01-04 21:59:36
    Windows 6.0.6001 Service Pack 1
    Running: znw3lw44[1].exe


    ---- Registry - GMER 1.0.15 ----

    Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\001a6b852e0a
    Reg HKLM\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\001a6b852e0a (not active ControlSet)

    ---- EOF - GMER 1.0.15 ----



    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT

    DDS (Ver_10-12-12.02)

    Microsoft® Windows Vista™ Ultimate
    Boot Device: \Device\HarddiskVolume1
    Install Date: 12/3/2009 2:10:03 PM
    System Uptime: 1/1/2011 12:42:01 AM (93 hours ago)

    Motherboard: Quanta | | 30B7
    Processor: AMD Turion(tm) 64 X2 Mobile Technology TL-56 | Socket S1 | 800/200mhz

    ==== Disk Partitions =========================

    C: is FIXED (NTFS) - 233 GiB total, 183.212 GiB free.
    D: is CDROM ()

    ==== Disabled Device Manager Items =============

    ==== System Restore Points ===================

    RP492: 1/3/2011 12:00:01 AM - Scheduled Checkpoint
    RP493: 1/4/2011 12:00:01 AM - Scheduled Checkpoint
    RP494: 1/4/2011 1:57:14 PM - Installed Google SketchUp 8
    RP495: 1/4/2011 2:05:29 PM - Windows Update

    ==== Installed Programs ======================

    µTorrent
    Activation Assistant for the 2007 Microsoft Office suites
    ActiveCheck component for HP Active Support Library
    Adobe Flash Player 10 ActiveX
    Ask Toolbar
    AVG Free 9.0
    Color LaserJet 2600n
    ESU for Microsoft Vista
    Foxit Reader
    Google Chrome
    Google Earth
    Google SketchUp 8
    Google Toolbar for Internet Explorer
    Google Update Helper
    HijackThis 2.0.2
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    HP Active Support Library
    HP Customer Experience Enhancements
    HP Easy Setup - Frontend
    HP Help and Support
    HP Photosmart Essential2.5
    HP Quick Launch Buttons 6.20 B1
    HP QuickPlay 3.2
    HP Update
    HP User Guides 0041
    HP Wireless Assistant
    HPAsset component for HP Active Support Library
    ImgBurn
    Java Auto Updater
    Java(TM) 6 Update 21
    LightScribe 1.4.136.1
    Malwarebytes' Anti-Malware
    Microsoft Application Error Reporting
    Microsoft Office 2003 Web Components
    Microsoft Office 2007 Primary Interop Assemblies
    Microsoft Office Access MUI (English) 2007
    Microsoft Office Access Setup Metadata MUI (English) 2007
    Microsoft Office Accounting 2008
    Microsoft Office Excel MUI (English) 2007
    Microsoft Office Outlook MUI (English) 2007
    Microsoft Office PowerPoint MUI (English) 2007
    Microsoft Office Professional 2007
    Microsoft Office Proof (English) 2007
    Microsoft Office Proof (French) 2007
    Microsoft Office Proof (Spanish) 2007
    Microsoft Office Proofing (English) 2007
    Microsoft Office Publisher MUI (English) 2007
    Microsoft Office Shared MUI (English) 2007
    Microsoft Office Shared Setup Metadata MUI (English) 2007
    Microsoft Office Small Business Connectivity Components
    Microsoft Office Word MUI (English) 2007
    Microsoft SQL Server 2005
    Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
    Microsoft SQL Server Setup Support Files (English)
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Works
    Mozilla Firefox (3.6.3)
    MSCU for Microsoft Vista
    MSXML 4.0 SP2 (KB973688)
    muvee autoProducer 6.0
    My HP Games
    PSSWCORE
    Roxio Activation Module
    Roxio Creator Audio
    Roxio Creator Basic v9
    Roxio Creator Copy
    Roxio Creator Data
    Roxio Creator EasyArchive
    Roxio Creator Tools
    Roxio Express Labeler 3
    Roxio MyDVD Basic v9
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
    Spybot - Search & Destroy
    SUPERAntiSpyware Free Edition
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    Update for Microsoft Office Word 2007 (KB974631)
    Visual C++ 8.0 Runtime Setup Package (x64)
    Vongo
    Yahoo! Toolbar
    Yahoo! Toolbar for Internet Explorer

    ==== Event Viewer Messages From Past Week ========

    12/31/2010 9:11:34 PM, Error: Service Control Manager [7022] - The CyberLink Background Capture Service (CBCS) service hung on starting.
    12/31/2010 9:11:34 PM, Error: Service Control Manager [7001] - The CyberLink Task Scheduler (CTS) service depends on the CyberLink Background Capture Service (CBCS) service which failed to start because of the following error: After starting, the service hung in a start-pending state.
    12/31/2010 8:30:29 PM, Error: Service Control Manager [7043] - The Windows Update service did not shut down properly after receiving a preshutdown control.
    12/31/2010 8:00:22 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service CLCapSvc with arguments "-Service" in order to run the server: {3FD8285E-1F88-4BEB-9D38-4205F8D965E5}
    12/31/2010 7:59:30 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: SASDIFSV SASKUTIL
    12/31/2010 7:59:30 PM, Error: Service Control Manager [7000] - The SASKUTIL service failed to start due to the following error: This driver has been blocked from loading
    12/31/2010 7:59:30 PM, Error: Service Control Manager [7000] - The SASDIFSV service failed to start due to the following error: This driver has been blocked from loading
    12/31/2010 7:59:12 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the CyberLink Background Capture Service (CBCS) service to connect.
    12/31/2010 7:59:12 PM, Error: Service Control Manager [7001] - The CyberLink Task Scheduler (CTS) service depends on the CyberLink Background Capture Service (CBCS) service which failed to start because of the following error: The service did not respond to the start or control request in a timely fashion.
    12/31/2010 7:59:12 PM, Error: Service Control Manager [7000] - The CyberLink Background Capture Service (CBCS) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    12/31/2010 7:55:58 PM, Error: EventLog [6008] - The previous system shutdown at 6:56:40 PM on 12/31/2010 was unexpected.
    12/31/2010 7:49:57 PM, Error: Application Popup [1060] - \??\C:\Program Files (x86)\SUPERAntiSpyware\SASKUTIL.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
    12/31/2010 7:49:57 PM, Error: Application Popup [1060] - \??\C:\Program Files (x86)\SUPERAntiSpyware\SASDIFSV.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
    12/31/2010 11:34:22 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
    12/31/2010 11:34:21 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
    12/31/2010 11:34:08 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD AvgLdx64 AvgMfx64 AvgTdiA CSC DfsC NetBIOS netbt nsiproxy PSched RasAcd rdbss SASDIFSV SASKUTIL Smb spldr tdx Wanarpv6
    12/31/2010 11:34:08 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
    12/31/2010 11:34:08 PM, Error: Service Control Manager [7001] - The WebDav Client Redirector Driver service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
    12/31/2010 11:34:08 PM, Error: Service Control Manager [7001] - The WebClient service depends on the WebDav Client Redirector Driver service which failed to start because of the following error: The dependency service or group failed to start.
    12/31/2010 11:34:08 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancilliary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
    12/31/2010 11:34:08 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
    12/31/2010 11:34:08 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
    12/31/2010 11:34:08 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
    12/31/2010 11:34:08 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service service which failed to start because of the following error: A device attached to the system is not functioning.
    12/31/2010 11:34:08 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
    12/31/2010 11:34:08 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
    12/31/2010 11:34:08 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
    12/31/2010 11:34:08 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
    12/31/2010 11:34:08 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancilliary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
    12/31/2010 11:34:08 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
    12/31/2010 11:33:46 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
    12/31/2010 11:33:46 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
    12/31/2010 11:33:46 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF}
    12/31/2010 11:33:42 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
    12/31/2010 11:33:34 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
    12/31/2010 11:33:05 PM, Error: EventLog [6008] - The previous system shutdown at 10:16:43 PM on 12/31/2010 was unexpected.
    1/1/2011 2:29:01 AM, Error: volsnap [14] - The shadow copies of volume C: were aborted because of an IO failure on volume C:.
    1/1/2011 12:53:54 AM, Error: Microsoft-Windows-Windows Defender [2004] - Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures. Signatures Attempted: Current Error Code: 0x8050a001 Error description: The program can't find definition files that help detect unwanted software. Check for updates to the definition files, and then try again. For information on installing updates, see Help and Support. Signatures loading: Backup Loading signature version: 1.95.2903.0 Loading engine version: 1.1.6402.0

    ==== End Of File ===========================



    DDS (Ver_10-12-12.02) - NTFS_AMD64
    Run by Administrator at 21:24:24.71 on Tue 01/04/2011
    Internet Explorer: 7.0.6001.18000 BrowserJavaVersion: 1.6.0_21
    Microsoft® Windows Vista™ Ultimate 6.0.6001.1.1252.1.1033.18.1982.740 [GMT -5:00]

    AV: AVG Anti-Virus Free *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
    SP: AVG Anti-Virus Free *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    ============== Running Processes ===============

    C:\Windows\system32\wininit.exe
    C:\Program Files (x86)\AVG\AVG9\avgchsva.exe
    C:\Program Files (x86)\AVG\AVG9\avgrsa.exe
    C:\Windows\system32\lsm.exe
    C:\Program Files (x86)\AVG\AVG9\avgcsrva.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k rpcss
    C:\Windows\System32\svchost.exe -k secsvcs
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\SLsvc.exe
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe
    C:\Windows\system32\svchost.exe -k bthsvcs
    C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
    C:\Program Files (x86)\AVG\AVG9\avgnsa.exe
    C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
    c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\system32\locator.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files (x86)\Vongo\VongoService.exe
    C:\Windows\System32\svchost.exe -k WerSvcGroup
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\system32\DRIVERS\xaudio64.exe
    C:\Program Files (x86)\AVG\AVG9\avgemc.exe
    C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
    C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
    C:\Program Files (x86)\AVG\AVG9\avgcsrvx.exe
    C:\Windows\system32\taskeng.exe
    c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
    C:\Windows\ehome\ehtray.exe
    C:\Program Files (x86)\Hp\QuickPlay\QPService.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
    C:\Program Files (x86)\AVG\AVG9\avgtray.exe
    C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Program Files (x86)\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
    C:\Windows\System32\rundll32.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Program Files (x86)\Hewlett-Packard\Shared\HpqToaster.exe
    C:\Program Files (x86)\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
    C:\Windows\Explorer.EXE
    C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\CLSched.exe
    C:\Windows\splwow64.exe
    C:\Windows\system32\Dwm.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Windows\system32\taskmgr.exe
    C:\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W2LD1BO2\dds[1].scr
    C:\Windows\system32\wbem\wmiprvse.exe

    ============== Pseudo HJT Report ===============

    uStart Page = hxxp://www.yahoo.com
    uSEARCH PAGE = hxxp://us.rd.yahoo.com/customize/ycomp/defaults/sp/*http://www.yahoo.com
    uSearch Bar = hxxp://us.rd.yahoo.com/customize/ycomp/defaults/sb/*http://www.yahoo.com/search/ie.html
    uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
    mStart Page = hxxp://www.yahoo.com
    mDefault_Page_URL = hxxp://www.yahoo.com
    uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
    uURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll
    uURLSearchHooks: H - No File
    uURLSearchHooks: H - No File
    mURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll
    BHO: Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
    BHO: {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - No File
    BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll
    BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
    BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll
    BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
    BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
    BHO: Foxit Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
    TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll
    TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    TB: Foxit Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
    uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
    uRun: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    uRun: [SUPERAntiSpyware] C:\Program Files (x86)\SUPERAntiSpyware\SUPERAntiSpyware.exe
    mRun: [QPService] "C:\Program Files (x86)\HP\QuickPlay\QPService.exe"
    mRun: [QlbCtrl] %ProgramFiles(x86)%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
    mRun: [AVG9_TRAY] C:\PROGRA~2\AVG\AVG9\avgtray.exe
    mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
    mRun: [<NO NAME>]
    mRun: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
    mRun: [hpWirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
    mPolicies-explorer: NoActiveDesktop = 1 (0x1)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
    IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
    DPF: {1C8066CB-47D0-4904-B982-6DB6B56D655A} - hxxp://www.oceanclubresorts.com/cam/nvs.cab
    DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
    DPF: {A3256902-51FA-45A0-8A97-FC1143C169D9} - hxxp://support.microsoft.com/mats/DiagWebControl.cab
    DPF: {A93B47FD-9BF6-4DA8-97FC-9270B9D64A6C} - hxxp://65.40.94.11:81/plugin/h263ctrl.cab
    DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll
    Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgpp.dll
    Notify: !SASWinLogon - C:\Program Files (x86)\SUPERAntiSpyware\SASWINLO.dll
    SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - C:\Program Files (x86)\SUPERAntiSpyware\SASSEH.DLL
    BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssiea.dll
    BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File
    BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll
    TB-X64: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
    TB-X64: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
    TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
    mRun-x64: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    mRun-x64: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    mRun-x64: [HP Health Check Scheduler] C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
    mRun-x64: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc64.dll,nvsvcStart
    mRun-x64: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    mRun-x64: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    AppInit_DLLs-X64: avgrssta.dll
    Hosts: 127.0.0.1 www.spywareinfo.com

    ================= FIREFOX ===================

    FF - ProfilePath - C:\Users\ADMINI~1\AppData\Roaming\Mozilla\Firefox\Profiles\mfogx6h9.default\
    FF - prefs.js: browser.search.selectedEngine - AVG Secure Search
    FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
    FF - prefs.js: keyword.URL - hxxp://search.avg.com/route/?d=4b18bf7c&v=6.010.006.004&i=23&tp=ab&iy=&ychte=us&lng=en-US&q=
    FF - component: C:\Program Files (x86)\AVG\AVG9\Toolbar\Firefox\[email protected]\components\IGeared_tavgp_xputils2.dll
    FF - component: C:\Program Files (x86)\AVG\AVG9\Toolbar\Firefox\[email protected]\components\IGeared_tavgp_xputils3.dll
    FF - component: C:\Program Files (x86)\AVG\AVG9\Toolbar\Firefox\[email protected]\components\IGeared_tavgp_xputils35.dll
    FF - component: C:\Program Files (x86)\AVG\AVG9\Toolbar\Firefox\[email protected]\components\xpavgtbapi.dll
    FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
    FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
    FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
    FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
    FF - Ext: AVG Security Toolbar em:version=6.010.006.004 em:displayname=AVG Security Toolbar em:iconURL=chrome://tavgp/skin/logo.ico em:creator=AVG Technologies em:description=AVG Security Toolbar em:homepageURL=http://www.avg.com >: [email protected] - C:\Program Files (x86)\AVG\AVG9\Toolbar\Firefox\[email protected]
    FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
    FF - Ext: Foxit Toolbar: [email protected] - %profile%\extensions\[email protected]

    ============= SERVICES / DRIVERS ===============

    R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2009-12-3 52856]
    R1 AvgLdx64;AVG Free AVI Loader Driver x64;C:\Windows\System32\drivers\avgldx64.sys [2009-12-4 269904]
    R1 AvgMfx64;AVG Free On-access Scanner Minifilter Driver x64;C:\Windows\System32\drivers\avgmfx64.sys [2009-12-4 35536]
    R1 AvgTdiA;AVG Free Network Redirector x64;C:\Windows\System32\drivers\avgtdia.sys [2009-12-4 317520]
    R2 avg9emc;AVG Free E-mail Scanner;C:\Program Files (x86)\AVG\AVG9\avgemc.exe [2010-7-16 921952]
    R2 avg9wd;AVG Free WatchDog;C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe [2010-7-16 308136]
    R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-12-4 1153368]
    R3 CAXHWAZL;CAXHWAZL;C:\Windows\System32\drivers\CAXHWAZL.sys [2006-10-18 296448]
    S1 SASDIFSV;SASDIFSV;C:\Program Files (x86)\SUPERAntiSpyware\sasdifsv.sys [2010-2-17 12872]
    S1 SASKUTIL;SASKUTIL;C:\Program Files (x86)\SUPERAntiSpyware\SASKUTIL.SYS [2010-4-27 67656]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-12-18 136176]
    S3 AVG Security Toolbar Service;AVG Security Toolbar Service;C:\Program Files (x86)\AVG\AVG9\Toolbar\ToolbarBroker.exe [2010-10-26 517448]
    S3 PerfHost;Performance Counter DLL Host;C:\Windows\SysWOW64\perfhost.exe [2009-12-17 19968]
    S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-3-18 1020768]
    S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-12-14 93184]

    =============== Created Last 30 ================

    2011-01-04 19:05:49 8199504 ----a-w- C:\PROGRA~3\Microsoft\Windows Defender\Definition Updates\{286E554D-C5B7-4AD4-AF71-D03F582E3CD6}\mpengine.dll
    2010-12-15 08:04:51 -------- d-----w- C:\7cee18796d5ad01e591da3f0c2
    2010-12-14 22:19:28 96256 ----a-w- C:\Windows\System32\fontsub.dll
    2010-12-14 22:19:28 48128 ----a-w- C:\Windows\System32\atmlib.dll
    2010-12-14 22:19:28 367104 ----a-w- C:\Windows\System32\atmfd.dll
    2010-12-14 22:19:28 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
    2010-12-14 22:19:28 292352 ----a-w- C:\Windows\SysWow64\atmfd.dll
    2010-12-14 22:19:27 72704 ----a-w- C:\Windows\SysWow64\fontsub.dll
    2010-12-14 22:19:22 2409784 ----a-w- C:\Program Files\Windows Mail\OESpamFilter.dat
    2010-12-14 22:19:22 2409784 ----a-w- C:\Program Files (x86)\Windows Mail\OESpamFilter.dat
    2010-12-14 22:19:17 87552 ----a-w- C:\Windows\System32\consent.exe
    2010-12-14 22:19:02 2751488 ----a-w- C:\Windows\System32\win32k.sys
    2010-12-14 22:18:36 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
    2010-12-14 22:18:36 2048 ----a-w- C:\Windows\System32\tzres.dll
    2010-12-14 22:17:14 516096 ----a-w- C:\Program Files\Windows Mail\wab.exe
    2010-12-14 22:17:14 515584 ----a-w- C:\Program Files (x86)\Windows Mail\wab.exe
    2010-12-14 22:17:13 68096 ----a-w- C:\Program Files\Windows Mail\wabmig.exe
    2010-12-14 22:17:13 66048 ----a-w- C:\Program Files (x86)\Windows Mail\wabmig.exe
    2010-12-14 22:17:13 35328 ----a-w- C:\Program Files\Windows Mail\wabfind.dll
    2010-12-14 22:17:13 33280 ----a-w- C:\Program Files (x86)\Windows Mail\wabfind.dll
    2010-12-14 01:16:55 749832 ----a-w- C:\PROGRA~3\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll

    ==================== Find3M ====================

    2010-11-06 11:10:13 357376 ----a-w- C:\Windows\SysWow64\taskschd.dll
    2010-11-06 11:10:13 270336 ----a-w- C:\Windows\SysWow64\taskcomp.dll
    2010-11-06 04:35:53 499712 ----a-w- C:\Windows\System32\wmicmiplugin.dll
    2010-11-06 04:35:30 655872 ----a-w- C:\Windows\System32\taskschd.dll
    2010-11-06 04:35:30 410112 ----a-w- C:\Windows\System32\taskcomp.dll
    2010-11-06 04:35:16 854528 ----a-w- C:\Windows\System32\schedsvc.dll
    2010-11-05 00:53:47 171520 ----a-w- C:\Windows\SysWow64\taskeng.exe
    2010-11-04 21:16:05 267776 ----a-w- C:\Windows\System32\taskeng.exe
    2010-10-20 18:25:57 1032704 ----a-w- C:\Windows\System32\wininet.dll
    2010-10-20 18:19:25 86528 ----a-w- C:\Windows\System32\ieencode.dll
    2010-10-20 17:45:29 833024 ----a-w- C:\Windows\SysWow64\wininet.dll
    2010-10-20 17:41:28 78336 ----a-w- C:\Windows\SysWow64\ieencode.dll
    2010-10-20 16:48:16 485376 ----a-w- C:\Windows\System32\html.iec
    2010-10-20 16:17:46 1383424 ----a-w- C:\Windows\System32\mshtml.tlb
    2010-10-20 16:16:50 389632 ----a-w- C:\Windows\SysWow64\html.iec
    2010-10-20 15:51:56 1383424 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    2010-10-19 15:41:44 270720 ------w- C:\Windows\System32\MpSigStub.exe

    ============= FINISH: 21:25:46.67 ===============
     
  3. axagirl

    axagirl Thread Starter

    Joined:
    Mar 7, 2006
    Messages:
    145
    Can anyone offer any suggestions? My computer is acting up again today. It had been working normally since my last post. Thanks.
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/972726

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice