AVG/Vista Problems

I am having problems with my AVG program. It was working fine up until about a week ago.

Basically, my security center tells me my virus software isn't on; i click the button to turn it on and nothing happens.

I've tried running AVG from my start menu. I get the basci Vista screen that asks are you sure you want to do this, i say yes, but then nothing ever pops up.

I thought i'd uninstall the program and I get an error message:

Local machine: installation failed
Initialization:
Warning: Checking of state of the item file PendingConnection.bin failed.
File opening failed. %FILE% = "a
\Program Files\AVG\AVG8\Scripts\IM\MSN\PendingConnection.bin"
Error 0xe001042c
Warning: Checking of state of the item file SwitchBoardConnection13.bin failed.
File opening failed. %FILE% = "«\Program Files\AVG\AVG8\Scripts\IM\MSN\SwitchBoardConnection13.bin"
Error 0xe001042c
Warning: Checking of state of the item file imcontrol.bin failed.
File opening failed. %FILE% = ""
Error 0xe001042c
Installation:
Error: Action failed for file PendingConnection.bin: creating backup....
Error 0x80070570 %DESTINATION% = "C:\Program Files\AVG\AVG8\Scripts\IM\MSN\PendingConnection.bin.install_backup", %SOURCE% = "C:\Program Files\AVG\AVG8\Scripts\IM\MSN\PendingConnection.bin"


I don't know what to do so i'd like some suggestions.

 

download hijackthis, scan your pc and paste your log here.
I wouldn't feel too safe using AVG.

 

ok heres the log i must say, i have no problems getting RID of AVG -- but i cant even uninstall it

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:20:31 PM, on 7/1/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Common Files\logishrd\LComMgr\Communications_Helper.exe
C:\Program Files\Common Files\logishrd\LComMgr\LVComSX.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Chattage\Chattage.exe
C:\Program Files\Trillian\trillian.exe
C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\icuii\ICUII.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 9\SnagItBHO.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 9\SnagItIEAddin.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe -expressboot
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MSServer] rundll32.exe C:\Users\BRIANE~1.TOB\AppData\Local\Temp\hgGxVPJa.dll,#1
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Windows\system32\AERTSrv.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

--
End of file - 8678 bytes

 

Fix the below entry:

O4 - HKCU\..\Run: [MSServer] rundll32.exe C:\Users\BRIANE~1.TOB\AppData\Local\Temp\hgGxVPJa.dll,#1

Also check the following:

O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Windows\system32\AERTSrv.exe

C:\Program Files\Chattage\Chattage.exe

 

im not sure what you mean fix or check LOL

that dll file has been coming up every time i start. i have no idea how to fix it!

 

When you did your scan with hijackthis the program displays a list of processes currently on your pc. Each entry has a check box next to it. Do another scan and look down the list for the entry I specified, tick the box and at the bottom there is a button you click to fix that entry.

When I say check the entry I mean check to see if that software is being used or you regard it as safe. The top entry I copied is nasty but the other two are questionable.

 

ill do that. thansk for the help.

chattage i know and use. the other one, i dont know

 

If you are still unsure download these two programs. Make sure you get the online updates prior to doing full system scan.

http://www.sunbelt-software.com/Home-Home-Office/Anti-Spyware/Download/

http://www.nod32.com.au/download/trial.html

Download the middle file NOD32 ANTIVIRUS 3.0

 

hey -- at least the dll file was fixed.

otherwise, NOTHING -- still cannot uninstall AVG

 

If you download and install CCleaner and go to the tools menu on the left, look up AVG in the list and click on run uninstaller. If that does not work install AVG over the top of the old installation and restart the pc and then try to uninstall it again. When you try installing over the top you may be given the option to repair or uninstall first. Try that first.

Let me know how it goes.

 

alas, i have already tried to "reinstall" and both repair and just install over new. I still get the same error message that i originally posted.

I tried uninstalling with CCleaner -- same error message.

I appreciate your attempts to help me!

 

Best way would be to start your computer in safe mode. press the reset button and keep pressing the F8 key while the dos startup appears. You should be given the option to start in safe mode from here. Once running in safe mode try uninstalling avg again.

 

Use ccleaner to clean your windows and registry by running it in "cleaner" mode and "registry" mode both on the left panel. Reboot after this and do the same again until you get no exceptions displayed.

 

You may be infected by the bagle worm. Please scan your pc with hjt and paste your log here.

 

ran ccleaner as instructed. still got the error.
started computer in safe mode. tried to uninstall. still got the error.

Here is the most recent log from HiJackThis (which i assume is what hjt is).

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:24:21 PM, on 7/3/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Common Files\logishrd\LComMgr\Communications_Helper.exe
C:\Program Files\Common Files\logishrd\LComMgr\LVComSX.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\rundll32.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 9\SnagItBHO.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 9\SnagItIEAddin.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe -expressboot
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Windows\system32\AERTSrv.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

--
End of file - 8040 bytes

 

Is counterspy and nod32 still installed on your PC? If so uninstall all other security software except avg of course.

 

http://www.trendmicro.com/ftp/products/tsc/sysclean.com

http://www.trendmicro.com/ftp/products/pattern/lpt383.zip

http://www.trendmicro.com/ftp/products/pattern/spyware/ssapi/ssapiptn663.zip


Download all three files to a folder on your desktop. Extract both zip files to the same folder. double click the sysclean file and follow the prompt.

We'll get to the bottom if it soon!!

 

OK. ran the files as suggested. it showed up clean, as you'll see.



/--------------------------------------------------------------\
| Trend Micro System Cleaner |
| Copyright 2006-2007, Trend Micro, Inc. |
| http://www.antivirus.com |
\--------------------------------------------------------------/


2008-07-04, 12:10:51, Auto-clean mode specified.
2008-07-04, 12:10:51, Failed to initialize Rootkit Driver.
2008-07-04, 12:10:51, Running scanner "C:\Users\Brian E. Toberman\Desktop\AVG FIxes\TSC.BIN"...
2008-07-04, 12:11:03, Scanner "C:\Users\Brian E. Toberman\Desktop\AVG FIxes\TSC.BIN" has finished running.
2008-07-04, 12:11:03, TSC Log:

Damage Cleanup Engine (DCE) 5.32(Build 1011)
Windows Vista(Build 6001: Service Pack 1)

Start time : Fri Jul 04 2008 12:10:52

Load Damage Cleanup Template (DCT) "C:\Users\Brian E. Toberman\Desktop\AVG FIxes\TMRDCT.ptn" (version ) [fail]
Load Damage Cleanup Template (DCT) "C:\Users\Brian E. Toberman\Desktop\AVG FIxes\tsc.ptn" (version 966) [success]

Complete time : Fri Jul 04 2008 12:11:00
Execute pattern count(3014), Virus found count(0), Virus clean count(0), Clean failed count(0)

2008-07-04, 12:11:03, Running scanner "C:\Users\Brian E. Toberman\Desktop\AVG FIxes\VSCANTM.BIN"...
2008-07-04, 12:37:12, Scanner "C:\Users\Brian E. Toberman\Desktop\AVG FIxes\VSCANTM.BIN" has finished running.
2008-07-04, 12:37:12, VSCANTM Log:

2008-07-04, 12:37:12, Files Detected:
Copyright (c) 1990 - 2006 Trend Micro Inc.
Report Date : 7/4/2008 12:11:04
VSAPI Engine Version : 8.700-1004
VSCANTM Version : 3.00-1014 (Official Build)

VSGetVirusPatternInformation is invoked

Virus Pattern Version : 383 (296100/296100 Patterns) (2008/07/03) (538300)

Command Line: C:\Users\Brian E. Toberman\Desktop\AVG FIxes\VSCANTM.BIN /NBPM /S /CLEANALL /LD /LC /LCF /NM /NB /DCEGENCLEAN /C /ACTIVEACTION=5 /VSBKENC+ /HOSPITAL=.\BACKUP /LR C:\*.* /P=C:\Users\Brian E. Toberman\Desktop\AVG FIxes\lpt$vpn.383

78622 files have been read.
78622 files have been checked.
78150 files have been scanned.
121239 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At: 7/4/2008 12:37:12 26 minutes 6 seconds (1565.96 seconds) has elapsed.(19.918 msec/file)
---------*---------*---------*---------*---------*---------*---------*---------*
2008-07-04, 12:37:12, Files Clean:
Copyright (c) 1990 - 2006 Trend Micro Inc.
Report Date : 7/4/2008 12:11:04
VSAPI Engine Version : 8.700-1004
VSCANTM Version : 3.00-1014 (Official Build)

VSGetVirusPatternInformation is invoked

Virus Pattern Version : 383 (296100/296100 Patterns) (2008/07/03) (538300)

Command Line: C:\Users\Brian E. Toberman\Desktop\AVG FIxes\VSCANTM.BIN /NBPM /S /CLEANALL /LD /LC /LCF /NM /NB /DCEGENCLEAN /C /ACTIVEACTION=5 /VSBKENC+ /HOSPITAL=.\BACKUP /LR C:\*.* /P=C:\Users\Brian E. Toberman\Desktop\AVG FIxes\lpt$vpn.383

78622 files have been read.
78622 files have been checked.
78150 files have been scanned.
121239 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At: 7/4/2008 12:37:12 26 minutes 6 seconds (1565.96 seconds) has elapsed.(19.918 msec/file)
---------*---------*---------*---------*---------*---------*---------*---------*
2008-07-04, 12:37:12, Clean Fail:
Copyright (c) 1990 - 2006 Trend Micro Inc.
Report Date : 7/4/2008 12:11:04
VSAPI Engine Version : 8.700-1004
VSCANTM Version : 3.00-1014 (Official Build)

VSGetVirusPatternInformation is invoked

Virus Pattern Version : 383 (296100/296100 Patterns) (2008/07/03) (538300)

Command Line: C:\Users\Brian E. Toberman\Desktop\AVG FIxes\VSCANTM.BIN /NBPM /S /CLEANALL /LD /LC /LCF /NM /NB /DCEGENCLEAN /C /ACTIVEACTION=5 /VSBKENC+ /HOSPITAL=.\BACKUP /LR C:\*.* /P=C:\Users\Brian E. Toberman\Desktop\AVG FIxes\lpt$vpn.383

78622 files have been read.
78622 files have been checked.
78150 files have been scanned.
121239 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At: 7/4/2008 12:37:12 26 minutes 6 seconds (1565.96 seconds) has elapsed.(19.918 msec/file)
---------*---------*---------*---------*---------*---------*---------*---------*
2008-07-04, 12:37:12, Running scanner "C:\Users\Brian E. Toberman\Desktop\AVG FIxes\VSCANTM.BIN"...
2008-07-04, 12:37:21, Scanner "C:\Users\Brian E. Toberman\Desktop\AVG FIxes\VSCANTM.BIN" has finished running.
2008-07-04, 12:37:21, VSCANTM Log:

2008-07-04, 12:37:21, Files Detected:
Copyright (c) 1990 - 2006 Trend Micro Inc.
Report Date : 7/4/2008 12:37:15
VSAPI Engine Version : 8.700-1004
VSCANTM Version : 3.00-1014 (Official Build)

VSGetVirusPatternInformation is invoked

Virus Pattern Version : 383 (296100/296100 Patterns) (2008/07/03) (538300)

Command Line: C:\Users\Brian E. Toberman\Desktop\AVG FIxes\VSCANTM.BIN /NBPM /S /CLEANALL /LD /LC /LCF /NM /NB /DCEGENCLEAN /C /ACTIVEACTION=5 /VSBKENC+ /HOSPITAL=.\BACKUP /LR /LAPPEND G:\*.* /P=C:\Users\Brian E. Toberman\Desktop\AVG FIxes\lpt$vpn.383

525 files have been read.
525 files have been checked.
525 files have been scanned.
525 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At: 7/4/2008 12:37:21 4 seconds (4.07 seconds) has elapsed.(7.747 msec/file)
---------*---------*---------*---------*---------*---------*---------*---------*
2008-07-04, 12:37:21, Running scanner "C:\Users\Brian E. Toberman\Desktop\AVG FIxes\VSCANTM.BIN"...
2008-07-04, 12:37:43, Scanner "C:\Users\Brian E. Toberman\Desktop\AVG FIxes\VSCANTM.BIN" has finished running.
2008-07-04, 12:37:43, VSCANTM Log:

2008-07-04, 12:37:43, Files Detected:
Copyright (c) 1990 - 2006 Trend Micro Inc.
Report Date : 7/4/2008 12:37:21
VSAPI Engine Version : 8.700-1004
VSCANTM Version : 3.00-1014 (Official Build)

VSGetVirusPatternInformation is invoked

Virus Pattern Version : 383 (296100/296100 Patterns) (2008/07/03) (538300)

Command Line: C:\Users\Brian E. Toberman\Desktop\AVG FIxes\VSCANTM.BIN /NBPM /S /CLEANALL /LD /LC /LCF /NM /NB /DCEGENCLEAN /C /ACTIVEACTION=5 /VSBKENC+ /HOSPITAL=.\BACKUP /LR /LAPPEND P:\*.* /P=C:\Users\Brian E. Toberman\Desktop\AVG FIxes\lpt$vpn.383

2163 files have been read.
2163 files have been checked.
2163 files have been scanned.
2480 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At: 7/4/2008 12:37:43 21 seconds (20.39 seconds) has elapsed.(9.427 msec/file)
---------*---------*---------*---------*---------*---------*---------*---------*
2008-07-04, 12:37:43, Running scanner "C:\Users\Brian E. Toberman\Desktop\AVG FIxes\VSCANTM.BIN"...
2008-07-04, 12:39:52, Scanner "C:\Users\Brian E. Toberman\Desktop\AVG FIxes\VSCANTM.BIN" has finished running.
2008-07-04, 12:39:52, VSCANTM Log:

2008-07-04, 12:39:52, Files Detected:
Copyright (c) 1990 - 2006 Trend Micro Inc.
Report Date : 7/4/2008 12:37:43
VSAPI Engine Version : 8.700-1004
VSCANTM Version : 3.00-1014 (Official Build)

VSGetVirusPatternInformation is invoked

Virus Pattern Version : 383 (296100/296100 Patterns) (2008/07/03) (538300)

Command Line: C:\Users\Brian E. Toberman\Desktop\AVG FIxes\VSCANTM.BIN /NBPM /S /CLEANALL /LD /LC /LCF /NM /NB /DCEGENCLEAN /C /ACTIVEACTION=5 /VSBKENC+ /HOSPITAL=.\BACKUP /LR /LAPPEND S:\*.* /P=C:\Users\Brian E. Toberman\Desktop\AVG FIxes\lpt$vpn.383

997 files have been read.
997 files have been checked.
996 files have been scanned.
26148 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At: 7/4/2008 12:39:52 2 minutes 8 seconds (128.67 seconds) has elapsed.(129.058 msec/file)
---------*---------*---------*---------*---------*---------*---------*---------*
2008-07-04, 12:39:52, Running scanner "C:\Users\Brian E. Toberman\Desktop\AVG FIxes\VSCANTM.BIN"...
2008-07-04, 12:40:01, Scanner "C:\Users\Brian E. Toberman\Desktop\AVG FIxes\VSCANTM.BIN" has finished running.
2008-07-04, 12:40:01, VSCANTM Log:

2008-07-04, 12:40:01, Files Detected:
Copyright (c) 1990 - 2006 Trend Micro Inc.
Report Date : 7/4/2008 12:39:53
VSAPI Engine Version : 8.700-1004
VSCANTM Version : 3.00-1014 (Official Build)

VSGetVirusPatternInformation is invoked

Virus Pattern Version : 383 (296100/296100 Patterns) (2008/07/03) (538300)

Command Line: C:\Users\Brian E. Toberman\Desktop\AVG FIxes\VSCANTM.BIN /NBPM /S /CLEANALL /LD /LC /LCF /NM /NB /DCEGENCLEAN /C /ACTIVEACTION=5 /VSBKENC+ /HOSPITAL=.\BACKUP /LR /LAPPEND X:\*.* /P=C:\Users\Brian E. Toberman\Desktop\AVG FIxes\lpt$vpn.383

1109 files have been read.
1109 files have been checked.
1109 files have been scanned.
1109 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At: 7/4/2008 12:40:01 8 seconds (7.63 seconds) has elapsed.(6.884 msec/file)
---------*---------*---------*---------*---------*---------*---------*---------*
2008-07-04, 12:40:01, Running scanner "C:\Users\Brian E. Toberman\Desktop\AVG FIxes\VSCANTM.BIN"...
2008-07-04, 12:40:52, Scanner "C:\Users\Brian E. Toberman\Desktop\AVG FIxes\VSCANTM.BIN" has finished running.
2008-07-04, 12:40:52, VSCANTM Log:

2008-07-04, 12:40:52, Files Detected:
Copyright (c) 1990 - 2006 Trend Micro Inc.
Report Date : 7/4/2008 12:40:01
VSAPI Engine Version : 8.700-1004
VSCANTM Version : 3.00-1014 (Official Build)

VSGetVirusPatternInformation is invoked

Virus Pattern Version : 383 (296100/296100 Patterns) (2008/07/03) (538300)

Command Line: C:\Users\Brian E. Toberman\Desktop\AVG FIxes\VSCANTM.BIN /NBPM /S /CLEANALL /LD /LC /LCF /NM /NB /DCEGENCLEAN /C /ACTIVEACTION=5 /VSBKENC+ /HOSPITAL=.\BACKUP /LR /LAPPEND Y:\*.* /P=C:\Users\Brian E. Toberman\Desktop\AVG FIxes\lpt$vpn.383

2594 files have been read.
2594 files have been checked.
2594 files have been scanned.
2594 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At: 7/4/2008 12:40:52 50 seconds (50.09 seconds) has elapsed.(19.308 msec/file)
---------*---------*---------*---------*---------*---------*---------*---------*
2008-07-04, 12:40:52, Running SSAPI scanner ""...
2008-07-04, 12:59:24, SSAPI Log:

SSAPI Scanner Version: 1.0.1003
SSAPI Engine Version: 5.2.1032
SSAPI Pattern Version: 6.63
SSAPI Anti-Rootkit Version: <Failed>

Spyware Scan Started: 07/04/2008 12:40:54

Detected: 0 items.

Spyware Scan Ended: 07/04/2008 12:59:24
Scan Complete. Time=1111.638428.


you mentioned counterspy and nod in a previous program. I didnt install any other software, so those are new to me. they dont show up in my program files, so .... what made you think i had them?

 

Try this one.

10. Next you can do a quick Spyware Audit which won’t actually install any program but just check the system for infection to see where we are in the fight against Spyware/Viruses

a. Go here and follow the prompts. If you have no internet, skip this step.
http://www.webroot.com/services/entaudit/auditbegin.php
b. Click on the link and save the file to your “Desktop”
c. Run the file and wait for all 5 steps to finish
d. View the displayed results. If your system only shows cookies then you’re OK. If your system has any other one of three groups then more work needs to be done.

 

When finished. If your system is still suspect uninstall your current anti-virus and antispyware and follow the next steps.

3. Download CCleaner and save the file to your desktop. http://download.piriform.com/ccsetup209.exe
a. Double click the install file
b. Select the language and click OK
c. Click next
d. Click “I Agree”
e. Click Next
f. Untick the bottom checkbox and click install
g. Click Finish
h. You can delete the install file now or save it for future installations
i. Open CCleaner from the desktop shortcut
j. Click on the “Applications” tab and make sure all are ticked
k. Click on “Analyze” at bottom
l. Once finished scan click on run cleaner, bottom right
m. Click on thr “Registry” button on the left panel
n. Select “Scan for Issues”
o. Click “Fix selected Issues” When asked to make a backup click YES and save the file somewhere safe
p. Click on “Fix All Selected Issues”
q. Click OK, Click close
r. Repeat steps from letter “K” to “Q”
s. Close the program.


Then do the following

6. Download Trial version of Nod32 Anti-Virus 3.0
for Windows XP/2000/Vista (32-bit)
http://download1.eset.com/eval/win/eav/eav_nt32_enu.msi

for Windows XP/2000/Vista (64-bit ONLY)
http://download1.eset.com/eval/win/eav/eav_nt64_enu.msi


Installation mode: Typical
Enable threatsense early warning system
Enable Detection of potentially unwanted applications

You have now finished the install. Restart the computer and then right click on the Nod32 bottom toolbar icon and select “update”.
Now you can scan your pc so again right click on the toolbar icon and select “computer scan”. Select “My Computer” and then select “Scan” at the bottom right.
Wait for scan to finish to review results making sure any Bad files are Quarantined.

7. Download and install Counterspy v2 trial version for 15 day fully functional.
http://go.sunbelt-software.com/?linkid=410
a. Click Next
b. Agree to the license agreement
c. Click Next
d. Click Next again
e. Click Install
f. Click Finish – The check box above should be ticked to open the program.
g. Click next – Getting Started
h. Click next if using demo version
i. Click next to enable automatic updates
j. Select “YES” and Select “CAUTIOUS” then Next
k. Select “YES” then Finish
l. Select “Enter Counterspy Now”

To update the CounterSpy application and security risk definitions Click Updates on the toolbar or select File - Check for updates... from the menu bar. The Update Services window opens and downloads the available updates. After it is complete, click Close.

m. Now you are ready for a full system scan
n. Select “System Scan” from the left menu
o. Select “Full System”
p. Select “Low Risk Programs”
q. Select “Cookies”
r. Select “Save Options”
s. Above Select “Scan Now”

Please wait for scan to complete. To be on the safe side “Quarantine All Objects”.

Now click on “System Tools” and click “My PC Checkup” and Click “Start”.
Click Continue and “OK”.

Now go back into “System Tools” and select “PC Explorer”. Here you can check startup programs, ActiveX controls, BHO files, and much more. If unsure how to use leave as is for now.

8. Restart your PC.
9. You can do a scan with CCleaner again.