Enter your search terms

Web www.linabbs.com

Submit search form
Linabbs's blog
Categories
- Virus
- Windows7
- Zonealarm
Recent Comments
- punji on programs on my pc will not open. they say can not connect to the internet
- kymodoce on [Resolved] can’t open antivirus site and update antivirus
Recent Posts
Archives
Blogroll
- Linabbs
Pages
- About
Meta
Spam Blocked

343 spam comments

blocked by
Akismet

Feb

18

svnhost

Filed Under Virus |

hello i have some type of virus that will not me goto any secerity website im on aq old lap top atm using a usb key to x-fer the rsit file to post here ive tried using my hijackthis and under config tried to shut dont some startup entries with a odd name but the end is the same mubled letters then hideinme at the end of the letters ive tried doing same in safe mode ive donloaded synanetes tool for this virus but it says my system is clean theses is a red X in my box beside my clock thats says system msg self restoring trojan virus that can lead to total system crash has been deteced on your pc click here to install latest antivirus protection software and remove all viruses on ur pc , the process svnhost.exe is running in my task manger with a squiggle line over the n windows defender does not find anything neither does ad aware but adaware will not update and spybot will not even open ive tried reading all post simular to mine and it seems as if this thing is mutating and changing fro computer to computer ive opend regedit and looked under hosts but i only have the 1 entry well i probly left somthing out but so much is going on , on my computer im sure im leaving somthing out oh yea my A: drive keeps trying to run but no floppy is in it every few seconds imo m probly gonna have to try and reinstall windows but would really reaLLY hope i do not have to any help would be appriceated

Hi,

Read this post as indicated at the top of this forum & follow the instructions.

OMG soory about that i had the rst log loaded on my mem stick and brain farted and forgot to upload it would not let me get the hijackthis log info.txt logfile of random’s system information tool 1.05 2009-01-09 14:40:46

======Uninstall list======

–>"C:\Program Files\Creative\SBAudigy\Program\Setup.exe" /S /U /W

–>MsiExec /X{A7E07C2B-2220-4415-87E3-784D5814BC93}

–>RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,Launc hSetup "C:\Program Files\InstallShield Installation Information\{32B4B536-4443-42F0-9676-98373BE9114F}\setup.exe" -l0×9

–>RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,Launc hSetup "C:\Program Files\InstallShield Installation Information\{34EBD418-B8E6-4E86-89C4-33B72CF5663F}\setup.exe" -l0×9

–>RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,Launc hSetup "C:\Program Files\InstallShield Installation Information\{52338F65-A1C3-4CDC-B733-50051682B297}\setup.exe" -l0×9

–>RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,Launc hSetup "C:\Program Files\InstallShield Installation Information\{569A9538-86EC-44C3-8EE4-C68B165F2A75}\setup.exe" -l0×9

–>RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,Launc hSetup "C:\Program Files\InstallShield Installation Information\{5B17E626-7885-4FC3-A66A-73548A4F01FD}\setup.exe" -l0×9

–>RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,Launc hSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0×9

–>RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,Launc hSetup "C:\Program Files\InstallShield Installation Information\{73919E2B-725C-4FAA-8473-45E063A3575F}\setup.exe" -l0×9

–>RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,Launc hSetup "C:\Program Files\InstallShield Installation Information\{84F573D3-0F71-4768-978A-D35310E3FBA6}\setup.exe" -l0×9

–>RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,Launc hSetup "C:\Program Files\InstallShield Installation Information\{9194237B-7B58-40B4-A739-184AD59531A2}\setup.exe" -l0×9

–>RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,Launc hSetup "C:\Program Files\InstallShield Installation Information\{A82F10CB-18B5-4EAC-AEF2-FA49CD565626}\setup.exe" -l0×9

–>RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,Launc hSetup "C:\Program Files\InstallShield Installation Information\{BD6928A2-9F8F-4AA7-9A3A-FD4A271712EE}\setup.exe" -l0×9

–>RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,Launc hSetup "C:\Program Files\InstallShield Installation Information\{DE4A4C48-2232-4CCB-AD61-490ACD29BA85}\setup.exe" -l0×9

–>rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf

2MOONS–>MsiExec.exe /I{688E07FE-9832-4FB9-8666-FB198D86ADC6}

Ad-Aware SE Personal–>C:\PROGRA~1\Lavasoft\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\INSTALL.LOG

Adobe Download Manager 2.0 (Remove Only)–>"C:\Program Files\Common Files\Adobe\ESD\uninst.exe"

Adobe Flash Player 10 ActiveX–>C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe

Adobe Flash Player 10 Plugin–>C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe

Adobe Reader 7.0.9–>MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70900000002}

Adobe� Photoshop� Album Starter Edition 3.0–>MsiExec.exe /I{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}

Apple Software Update–>MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}

Archlord Episode 3–>"C:\Program Files\Codemasters\Archlord\unins000.exe"

AXIS Media Control SDK–>C:\PROGRA~1\AXISCO~1\AXISME~1\UNWISE.EXE C:\PROGRA~1\AXISCO~1\AXISME~1\INSTALL.LOG

CABAL Online–>"C:\Program Files\OGPlanet\CABAL Online\unins000.exe"

Dual-Core Optimizer–>MsiExec.exe /X{BCA02FAD-2C86-4C8C-A815-51C09F4E51FF}

Dungeon Runners–>C:\Program Files\InstallShield Installation Information\{2B4FD441-3A6A-4897-92B7-42B3B59DA4D2}\setup.exe -runfromtemp -l0×0009 -removeonly

Fable - The Lost Chapters–>C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{C3C9EB3D-24FA-4462-B784-0EC6AAFCD2DD}

FEAR–>RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,Launc hSetup "C:\Program Files\InstallShield Installation Information\{2B653229-9854-4989-B780-D978F5F13EAB}\setup.exe" -l0×9 /zU -removeonly

GTK 2.8.18-1 runtime environment–>"C:\gimp\2.0\unins000.exe"

Guild Wars–>"C:\Program Files\Guild Wars\Gw.exe" -uninstall

Hellgate: London–>MsiExec.exe /X{A2B4455D-1046-4732-BFBC-0821BEFC07BC}

HijackThis 1.99.1–>C:\hijackthis\HijackThis.exe /uninstall

Hotfix for Windows Internet Explorer 7 (KB947864)–>"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"

Hotfix for Windows Media Player 10 (KB903157)–>"C:\WINDOWS\$NtUninstallKB903157$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB952287)–>"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"

Install(US)2–>C:\Program Files\InstallShield Installation Information\{8A4D41F3-3EDA-4DAC-9403-839708EA0667}\setup.exe -runfromtemp -l0×0009 -removeonly

iTunes–>MsiExec.exe /I{446DBFFA-4088-48E3-8932-74316BA4CAE4}

J2SE Runtime Environment 5.0 Update 7–>MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150070}

Java(TM) 6 Update 3–>MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}

Libronix Digital Library System–>C:\Program Files\Libronix DLS\System\Unsetup.exe

LimeWire PRO 4.12.11–>"C:\Program Files\LimeWire\uninstall.exe"

Logitech G-series Keyboard Software–>MsiExec.exe /X{5A080213-5AEC-4BF2-BB32-796EB0E421EC}

Microsoft .NET Framework 1.1 Hotfix (KB928366)–>"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninst all.msp"

Microsoft .NET Framework 1.1–>msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}

Microsoft .NET Framework 1.1–>MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}

Microsoft .NET Framework 2.0 Service Pack 1–>MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}

Microsoft .NET Framework 3.0–>C:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setup.exe

Microsoft .NET Framework 3.0–>MsiExec.exe /X{15095BF3-A3D7-4DDF-B193-3A496881E003}

Microsoft Base Smart Card Cryptographic Service Provider Package–>"C:\WINDOWS\$NtUninstallbasecsp$\spuninst\spuninst.exe"

Microsoft Internationalized Domain Names Mitigation APIs–>"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.ex e"

Microsoft National Language Support Downlevel APIs–>"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst. exe"

Microsoft Silverlight–>MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}

Microsoft Visual C 2005 Redistributable–>MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}

mIRC–>C:\Program Files\mIRC\uninstall.exe _?=C:\Program Files\mIRC

Mozilla Firefox (3.0.5)–>C:\Program Files\Mozilla Firefox\uninstall\helper.exe

Mozilla Thunderbird (2.0.0.17)–>C:\Program Files\Mozilla Thunderbird\uninstall\helper.exe

MSXML 4.0 SP2 (KB936181)–>MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}

MSXML 4.0 SP2 (KB954430)–>MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}

MSXML 6.0 Parser (KB933579)–>MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}

Neffy 1,2,0,22–>C:\Program Files\Neffy\uninst.exe

Nero OEM–>C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL

NVIDIA Drivers–>C:\WINDOWS\system32\nvuninst.exe UninstallGUI

NVIDIA PhysX v8.09.04–>MsiExec.exe /X{A7E07C2B-2220-4415-87E3-784D5814BC93}

Pando Media Booster–>C:\Program Files\Pando Networks\Media Booster\uninst.exe

Playboy - The Mansion–>RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,Launc hSetup "C:\Program Files\InstallShield Installation Information\{B59E23A5-B3C5-4589-AE7A-EDC4793EF951}\setup.exe" -l0×9 -removeonly

PlayLinc–>MsiExec.exe /I{2158685C-E2B3-4026-B0A1-0FFE31837AFD}

PlayNC Launcher–>C:\Program Files\InstallShield Installation Information\{5F8E2CBB-949D-4175-AC98-5ADE7F6C9697}\setup.exe -runfromtemp -l0×0009 -removeonly

PowerDVD–>RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall

PSP Max Media Manager–>"C:\Program Files\Datel\PSP Max Media Manager\unins000.exe"

QuickTime–>MsiExec.exe /I{BFD96B89-B769-4CD6-B11E-E79FFD46F067}

Realtek AC’97 Audio–>RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,Launc hSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" -l0×9 REMOVE -removeonly

RegCure 1.5.1.3–>C:\Program Files\RegCure\uninst.exe

Rohan_USA–>C:\Rohan\GoUninstUSA.exe

Runes of Magic–>"C:\Runes_of_Magic_beta\Runes of Magic\unins000.exe"

Security Update for Windows Internet Explorer 7 (KB928090)–>"C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB929969)–>"C:\WINDOWS\ie7updates\KB929969\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB931768)–>"C:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB933566)–>"C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB937143)–>"C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB938127)–>"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB939653)–>"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB942615)–>"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB944533)–>"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB950759)–>"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB953838)–>"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB956390)–>"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB958215)–>"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB960714)–>"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"

Security Update for Windows Media Player (KB952069)–>"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"

Security Update for Windows Media Player 10 (KB911565)–>"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"

Security Update for Windows Media Player 10 (KB917734)–>"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"

Security Update for Windows Media Player 10 (KB936782)–>"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"

Security Update for Windows XP (KB938464)–>"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"

Security Update for Windows XP (KB941569)–>"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"

Security Update for Windows XP (KB946648)–>"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"

Security Update for Windows XP (KB950760)–>"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"

Security Update for Windows XP (KB950762)–>"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"

Security Update for Windows XP (KB950974)–>"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"

Security Update for Windows XP (KB951066)–>"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"

Security Update for Windows XP (KB951376)–>"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"

Security Update for Windows XP (KB951376-v2)–>"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"

Security Update for Windows XP (KB951698)–>"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"

Security Update for Windows XP (KB951748)–>"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"

Security Update for Windows XP (KB952954)–>"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"

Security Update for Windows XP (KB953839)–>"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"

Security Update for Windows XP (KB954211)–>"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"

Security Update for Windows XP (KB954459)–>"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"

Security Update for Windows XP (KB954600)–>"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"

Security Update for Windows XP (KB955069)–>"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"

Security Update for Windows XP (KB956391)–>"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"

Security Update for Windows XP (KB956802)–>"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"

Security Update for Windows XP (KB956803)–>"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"

Security Update for Windows XP (KB956841)–>"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"

Security Update for Windows XP (KB957095)–>"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"

Security Update for Windows XP (KB957097)–>"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"

Security Update for Windows XP (KB958644)–>"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"

Sound Blaster Audigy–>RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,Launc hSetup "C:\Program Files\InstallShield Installation Information\{1B1DDAD2-C704-49F8-8FC2-18DAAD9A87C5}\SETUP.EXE" -l0×9 /remove

Spybot - Search & Destroy–>"C:\Program Files\Spybot - Search & Destroy\unins001.exe"

Steam–>MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}

System Requirements Lab–>C:\Program Files\SystemRequirementsLab\Uninstall.exe

System Spyware Interrogator–>C:\PROGRA~1\TRISNA~1\SSI\UNWISE.EXE C:\PROGRA~1\TRISNA~1\SSI\INSTALL.LOG

Tantra–>C:\Games\Tantra\uninstall.exe

TeamSpeak 2 RC2–>"C:\Program Files\Teamspeak2_RC2\unins000.exe"

The Chronicles of Spellborn–>"C:\Program Files\The Chronicles of Spellborn\unins000.exe"

Titan Quest–>RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,Launc hSetup "C:\Program Files\InstallShield Installation Information\{412B69AF-C352-4F6F-A318-B92B3CB9ACC6}\setup.exe" -l0×9 -removeonly

Update for Windows Media Player 10 (KB910393)–>"C:\WINDOWS\$NtUninstallKB910393$\spuninst\spuninst.exe"

Update for Windows Media Player 10 (KB913800)–>"C:\WINDOWS\$NtUninstallKB913800$\spuninst\spuninst.exe"

Update for Windows Media Player 10 (KB926251)–>"C:\WINDOWS\$NtUninstallKB926251$\spuninst\spuninst.exe"

Update for Windows XP (KB951072-v2)–>"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"

Update for Windows XP (KB951978)–>"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"

Update for Windows XP (KB955839)–>"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"

Update Rollup 2 for Windows XP Media Center Edition 2005–>C:\WINDOWS\$NtUninstallKB900325$\spuninst\spuninst.exe

Vampire - The Masquerade Bloodlines–>C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{08F8FD7C-44A5-4423-B87C-EBD3D94C9F87} /l1033 /x

Ventrilo Client–>MsiExec.exe /I{789289CA-F73A-4A16-A331-54D498CE069F}

WebEx Support Manager for Internet Explorer–>MsiExec.exe /I{C34FAEF3-4241-4C4E-9CFF-7BBD8BCEABE7}

Winamp–>"F:\Winamp\UninstWA.exe"

Windows Communication Foundation–>MsiExec.exe /X{491DD792-AD81-429C-9EB4-86DD3D22E333}

Windows Defender Signatures–>MsiExec.exe /I{A5CC2A09-E9D3-49EC-923D-03874BBD4C2C}

Windows Defender–>MsiExec.exe /I{A06275F4-324B-4E85-95E6-87B2CD729401}

Windows Driver Package - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)–>C:\PROGRA~1\DIFX\7B44739871F4D539FA473F57A832EA4B6A59EF06\DPInst.exe /d /u C:\WINDOWS\system32\DRVSTORE\amdk8_C074F64CC74B03BC354BB5DC973CCF768D5A7194 \amdk8.inf

Windows Media Format Runtime–>"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll

Windows Presentation Foundation–>MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}

Windows Workflow Foundation–>MsiExec.exe /I{7D1B85BD-AA07-48B8-808D-67A4067FC6BD}

Windows XP Media Center Edition 2005 KB925766–>"C:\WINDOWS\$NtUninstallKB925766$\spuninst\spuninst.exe"

Windows XP Service Pack 3–>"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"

WinRAR archiver–>C:\Program Files\WinRAR\uninstall.exe

Xfire (remove only)–>"C:\Program Files\Xfire\uninst.exe"

Yahoo! Music Engine–>"C:\Program Files\Yahoo!\Yahoo! Music Engine\Uninstall.exe"

Yahoo! Toolbar–>C:\PROGRA~1\Yahoo!\Common\unyt.exe

=====HijackThis Backups=====

O4 - HKCU\..\Run: [License Manager] "C:\Program Files\License_Manager\license_manager.exe " /silent

O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

R3 - Default URLSearchHook is missing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O16 - DPF: {7030CC6C-1A88-4591-BB5A-651B9F7F0C30} (WMVHDRatingCtrl Class) - file://D:\components\wmvhdrating.ocx

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O9 - Extra ‘Tools’ menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O4 - HKLM\..\Run: [ymetray] "C:\Program Files\Yahoo!\Yahoo! Music Engine\YahooMusicEngine.exe" -preload

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE

O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"

O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" -r (file missing)

O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - http://www.activation.rr.com/install…ad/tgctlcm.cab

O11 - Options group: [INTERNATIONAL] International*

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O16 - DPF: {22E5D91F-89E6-4405-AD9C-0AF27BA6F06B} (HidInputMonitorX Control) - file://D:\components\hidinputmonitorx.ocx

O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} (GameLauncher Control) - http://www.acclaim.com/cabs/acclaim_v5.cab

O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://www.driveragent.com/files/driveragent.cab

O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/…toUploader.cab

O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1

O20 - Winlogon Notify: dimsntfy - C:\WINDOWS\

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper

O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O16 - DPF: {AA07EBD2-EBDD-4BD6-9F8F-114BD513492C} (NeffyLauncherCtl Class) - http://disteng.nefficient.com/disten…fyLauncher.cab

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1

O20 - Winlogon Notify: opnnklIa - opnnklIa.dll (file missing)

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O20 - Winlogon Notify: urqRIcyA - urqRIcyA.dll (file missing)

O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O4 - HKLM\..\Run: [LELA] "C:\Program Files\Linksys\Linksys EasyLink Advisor\Linksys EasyLink Advisor.exe" /minimized

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

System event log

Computer Name: CHADFOWLER

Event Code: 4202

Message: The system detected that network adapter PlayLinc Adapter - Packet Scheduler Miniport was disconnected from the network,

and the adapter’s network configuration has been released. If the network

adapter was not disconnected, this may indicate that it has malfunctioned.

Please contact your vendor for updated drivers.

Record Number: 6430

Source Name: Tcpip

Time Written: 20090102152623.000000-300

Event Type: information

User:

Computer Name: CHADFOWLER

Event Code: 4201

Message: The system detected that network adapter NVIDIA…Controller - Packet Scheduler Miniport was connected to the network,

and has initiated normal operation over the network adapter.

Record Number: 6429

Source Name: Tcpip

Time Written: 20090102152623.000000-300

Event Type: information

User:

Computer Name: CHADFOWLER

Event Code: 2

Message: Device identified.

Record Number: 6428

Source Name: nvata

Time Written: 20090102152623.000000-300

Event Type: information

User:

Computer Name: CHADFOWLER

Event Code: 6005

Message: The Event log service was started.

Record Number: 6427

Source Name: EventLog

Time Written: 20090102152611.000000-300

Event Type: information

User:

Computer Name: CHADFOWLER

Event Code: 6009

Message: Microsoft (R) Windows (R) 5.01. 2600 Service Pack 3 Multiprocessor Free.

Record Number: 6426

Source Name: EventLog

Time Written: 20090102152611.000000-300

Event Type: information

User:

Application event log

Computer Name: CHADFOWLER

Event Code: 1524

Message: Windows cannot unload your classes registry file - it is still in use by other applications or services. The file will be unloaded when it is no longer in use.

Record Number: 5

Source Name: Userenv

Time Written: 20080629133752.000000-240

Event Type: warning

User: CHADFOWLER\user

Computer Name: CHADFOWLER

Event Code: 1800

Message: The Windows Security Center Service has started.

Record Number: 4

Source Name: SecurityCenter

Time Written: 20080629103557.000000-240

Event Type: information

User:

Computer Name: CHADFOWLER

Event Code: 1800

Message: The Windows Security Center Service has started.

Record Number: 3

Source Name: SecurityCenter

Time Written: 20080629085719.000000-240

Event Type: information

User:

Computer Name: CHADFOWLER

Event Code: 1517

Message: Windows saved user CHADFOWLER\user registry while an application or service was still using the registry during log off. The memory used by the user’s registry has not been freed. The registry will be unloaded when it is no longer in use.

This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.

Record Number: 2

Source Name: Userenv

Time Written: 20080628224425.000000-240

Event Type: warning

User: NT AUTHORITY\SYSTEM

Computer Name: CHADFOWLER

Event Code: 5000

Message: EventType mptelemetry, P1 8024402c, P2 endsearch, P3 search, P4 1.1.1593.0, P5 mpsigdwn.dll, P6 1.1.1593.0, P7 windows defender, P8 NIL, P9 NIL, P10 NIL.

Record Number: 1

Source Name: MPSampleSubmission

Time Written: 20080628204726.000000-240

Event Type: error

User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe

"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\gim p\2.0\bin;C:\Program Files\QuickTime\QTSystem\

"windir"=%SystemRoot%

"FP_NO_HOST_CHECK"=NO

"OS"=Windows_NT

"PROCESSOR_ARCHITECTURE"=x86

"PROCESSOR_LEVEL"=15

"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 43 Stepping 1, AuthenticAMD

"PROCESSOR_REVISION"=2b01

"NUMBER_OF_PROCESSORS"=2

"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH

"TEMP"=%SystemRoot%\TEMP

"TMP"=%SystemRoot%\TEMP

"LANG"=C

"HellgateEnv"=C:\Program Files\Flagship Studios\Hellgate London\

"CLASSPATH"=.;C:\Program Files\Java\jre1.5.0_07\lib\ext\QTJava.zip

"QTJAVA"=C:\Program Files\Java\jre1.5.0_07\lib\ext\QTJava.zip

—————–EOF—————–

Welcome to linabbs fowlerc23

For the record, a bit of punctuation in your posting would help me to sort out where sentences begin and end.

What happened with the RSIT log.txt?

Try running RSIT again. It should produce only the log.txt this time.

Failing that, please run HijackThis and save the log, then post it here.

March 3, 2009 -- services.exe infected (TROJAN HORSE)
March 3, 2009 -- Generic Host Process for Win32 Services has encountered a problem
March 3, 2009 -- Generic Host Process for Win32 Services has encountered a problem
February 18, 2009 -- infostealer.gampass please help me remove it.
February 17, 2009 -- Infected with trojan/virus and windows will not boot anymore
February 17, 2009 -- Another case of google links redirected, anti-spam sites blocked!
February 15, 2009 -- I cannot open antivirus sites.
February 15, 2009 -- Please help: Virus [after downloading from piratebay.org]
February 15, 2009 -- Generic Host process for win32
February 14, 2009 -- Malware disabled windows xp startup process

written by lina \\ tags: Active, cleanup, configuration, crashes, free, help, hijackthis, increasing performance, microsoft windows support, network, networking, security, spyware removal, svnhost, technical support, troubleshooting, windows problems, windows vista, windows xp, [Active] svnhost

Comments

You must be logged in to post a comment.

Linabbs's blog

Categories

Recent Comments

Recent Posts

Archives

Blogroll

Pages

Meta

Spam Blocked

Feb

18

svnhost

Related Posts:

Comments

Leave a Reply