Post by: raysdga on May 10, 2005, 08:34:18 PM
Logfile of HijackThis v1.99.1
Scan saved at 8:32:18 PM, on 5/10/2005
Platform: Windows 2000 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\System32\nvsvc32.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\Explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ (http://\"http://www.yahoo.com/\")
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://rl.webtracer.cc/-/?gseka (http://\"http://rl.webtracer.cc/-/?gseka\") (obfuscated)
/mad.gif\' class=\'bbc_emoticon\' alt=\':angry:\' /> O1 - Hosts: 1159680172 auto.search.msn.com
/sad.gif\' class=\'bbc_emoticon\' alt=\':(\' /> O4 - HKCU\..\Run: [HijackThis startup scan] C:\Program Files\HijackThis\HijackThis.exe /startupscan
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINNT\System32\nvsvc32.exe
Here is a startdreck with kernels and binaries checked
StartDreck (build 2.1.7 public stable) - 2005-05-10 @ 20:35:50 (GMT -05:00)
Platform: Windows 2000 (Win NT 5.0.2195 )
Internet Explorer: 6.0.2800.1106
Logged in as ray at WORK-EETZASAVNZ
»Registry
»Files
»System/Drivers
»NT Kernel- and FS-drivers
*Abiosdsk Abiosdsk - disabled
`binary:
*abp480n5 abp480n5 - disabled
`binary:
*Microsoft ACPI Driver ACPI running boot
`binary: \SystemRoot\System32\DRIVERS\ACPI.sys
*ACPIEC ACPIEC - disabled
`binary:
*adpu160m adpu160m - disabled
`binary:
*AFD Networking Support Environment AFD running auto
`binary: \SystemRoot\System32\drivers\afd.sys
*Aha154x Aha154x - disabled
`binary:
*aic116x aic116x - disabled
`binary:
*aic78u2 aic78u2 - disabled
`binary:
*aic78xx aic78xx - disabled
`binary:
*ami0nt ami0nt - disabled
`binary:
*amsint amsint - disabled
`binary:
*asc asc - disabled
`binary:
*asc3350p asc3350p - disabled
`binary:
*asc3550 asc3550 - disabled
`binary:
*RAS Asynchronous Media Driver AsyncMac - on demand
`binary: System32\DRIVERS\asyncmac.sys
*Standard IDE/ESDI Hard Disk Controller atapi running boot
`binary: \SystemRoot\System32\DRIVERS\atapi.sys
*Atdisk Atdisk - disabled
`binary:
*ATM ARP Client Protocol Atmarpc - on demand
`binary: System32\DRIVERS\atmarpc.sys
*Audio Stub Driver audstub running on demand
`binary: System32\DRIVERS\audstub.sys
*AVG7 Kernel Avg7Core running system
`binary: \SystemRoot\System32\Drivers\avg7core.sys
*AVG7 Rezident Driver Avg7RsNT running system
`binary: \SystemRoot\System32\Drivers\avg7rsnt.sys
*AVG7 Wrap Driver Avg7RsW running system
`binary: \SystemRoot\System32\Drivers\avg7rsw.sys
*AVG Network Redirector AvgTdi running auto
`binary: \??\C:\WINNT\System32\Drivers\avgtdi.sys
*bdasupw bdasupw running auto
`binary: \??\C:\WINNT\System32\drivers\bdasupw.sys
*Beep Beep running system
`binary:
*BusLogic BusLogic - disabled
`binary:
*Closed Caption Decoder CCDECODE - on demand
`binary: System32\DRIVERS\CCDECODE.sys
*cd20xrnt cd20xrnt - disabled
`binary:
*Cdaudio Cdaudio - system
`binary:
*Cdfs Cdfs running disabled
`binary:
*Cdr4_2K Cdr4_2K running system
`binary:
*Cdralw2k Cdralw2k running system
`binary:
*CD-ROM Driver Cdrom running system
`binary: System32\DRIVERS\cdrom.sys
*Changer Changer - system
`binary:
*Cpqarray Cpqarray - disabled
`binary:
*cpqarry2 cpqarry2 - disabled
`binary:
*cpqfcalm cpqfcalm - disabled
`binary:
*cpqfws2e cpqfws2e - disabled
`binary:
*Creative Audio Driver (WDM) ctaud2k - on demand
`binary: system32\drivers\ctaud2k.sys
*Game Port for Creative SB Live! ctljystk - on demand
`binary: System32\DRIVERS\ctljystk.sys
*dac960nt dac960nt - disabled
`binary:
*deckzpsx deckzpsx - disabled
`binary:
*Disk Driver Disk running boot
`binary: \SystemRoot\System32\DRIVERS\disk.sys
*Diskperf Diskperf - disabled
`binary:
*D-Link DFE-530TX+ PCI Adapter DLKRTS - on demand
`binary: System32\DRIVERS\DLKRTS.SYS
*dmboot dmboot - disabled
`binary: System32\drivers\dmboot.sys
*Logical Disk Manager Driver dmio running boot
`binary: \SystemRoot\System32\drivers\dmio.sys
*dmload dmload running boot
`binary: \SystemRoot\System32\drivers\dmload.sys
*Microsoft DirectMusic SW Synth (WDM) DMusic - on demand
`binary: system32\drivers\DMusic.sys
*EFS EFS running disabled
`binary:
*Fastfat Fastfat running disabled
`binary:
*Fd16_700 Fd16_700 - disabled
`binary:
*Floppy Disk Controller Driver Fdc running on demand
`binary: System32\DRIVERS\fdc.sys
*VIA Rhine Family Fast Ethernet Adapter Driver S FETNDISB running on demand
`ervice
`binary: System32\DRIVERS\fetnd5b.sys
*fireport fireport - disabled
`binary:
*flashpnt flashpnt - disabled
`binary:
*Floppy Disk Driver Flpydisk running on demand
`binary: System32\DRIVERS\flpydisk.sys
*Volume Manager Driver Ftdisk running boot
`binary: \SystemRoot\System32\DRIVERS\ftdisk.sys
*Game Port Enumerator gameenum - on demand
`binary: System32\DRIVERS\gameenum.sys
*Generic Packet Classifier Gpc running on demand
`binary: System32\DRIVERS\msgpc.sys
*Creative Hardware Abstract Layer Driver ha10kx2k - on demand
`binary: system32\drivers\ha10kx2k.sys
*i8042 Keyboard and PS/2 Mouse Port Driver i8042prt running system
`binary: System32\DRIVERS\i8042prt.sys
*InCD EasyWrite Reader incdrm running system
`binary:
*ini910u ini910u - disabled
`binary:
*IntelIde IntelIde - disabled
`binary:
*IP Traffic Filter Driver IpFilterDriver - on demand
`binary: System32\DRIVERS\ipfltdrv.sys
*IP in IP Tunnel Driver IpInIp - on demand
`binary: System32\DRIVERS\ipinip.sys
*IP Network Address Translator IpNat - on demand
`binary: System32\DRIVERS\ipnat.sys
*IPSEC driver IPSEC running on demand
`binary: System32\DRIVERS\ipsec.sys
*ipsraidn ipsraidn - disabled
`binary:
*PnP ISA/EISA Bus Driver isapnp running boot
`binary: \SystemRoot\System32\DRIVERS\isapnp.sys
*Keyboard Class Driver Kbdclass running system
`binary: System32\DRIVERS\kbdclass.sys
*Microsoft Kernel Wave Audio Mixer kmixer running on demand
`binary: system32\drivers\kmixer.sys
*KSecDD KSecDD running boot
`binary:
*lbrtfdc lbrtfdc - system
`binary:
*lp6nds35 lp6nds35 - disabled
`binary:
*mnmdd mnmdd running system
`binary:
*Modem Modem - on demand
`binary:
*Mouse Class Driver Mouclass running system
`binary: System32\DRIVERS\mouclass.sys
*MountMgr MountMgr running boot
`binary:
*BDA MPE Filter MPE - on demand
`binary: System32\DRIVERS\MPE.sys
*mraid35x mraid35x - disabled
`binary:
*MRxSmb MRxSmb running system
`binary: System32\DRIVERS\mrxsmb.sys
*Msfs Msfs running system
`binary:
*Microsoft Streaming Service Proxy MSKSSRV - on demand
`binary: system32\drivers\MSKSSRV.sys
*Microsoft Streaming Clock Proxy MSPCLOCK - on demand
`binary: system32\drivers\MSPCLOCK.sys
*Microsoft Streaming Quality Manager Proxy MSPQM - on demand
`binary: system32\drivers\MSPQM.sys
*Microsoft Streaming Tee/Sink-to-Sink Converter MSTEE - on demand
`binary: system32\drivers\MSTEE.sys
*Mup Mup running boot
`binary:
*NABTS/FEC VBI Codec NABTSFEC - on demand
`binary: System32\DRIVERS\NABTSFEC.sys
*Ncrc710 Ncrc710 - disabled
`binary:
*NDIS System Driver NDIS running boot
`binary:
*Remote Access NDIS TAPI Driver NdisTapi running on demand
`binary: System32\DRIVERS\ndistapi.sys
*Remote Access NDIS WAN Driver NdisWan running on demand
`binary: System32\DRIVERS\ndiswan.sys
*NDIS Proxy NDProxy running on demand
`binary:
*NetBIOS Interface NetBIOS running system
`binary: System32\DRIVERS\netbios.sys
*NetBios over Tcpip NetBT running system
`binary: System32\DRIVERS\netbt.sys
*NetDetect NetDetect - on demand
`binary: \SystemRoot\system32\drivers\netdtect.sys
*Npfs Npfs running system
`binary:
*Ntfs Ntfs running disabled
`binary:
*Null Null running system
`binary:
*nv nv running on demand
`binary: System32\DRIVERS\nv4_mini.sys
*Service for NVIDIA® nForce(tm) Audio Enumerat nvax running on demand
`or
`binary: system32\drivers\nvax.sys
*Service for NVIDIA® nForce(tm) Audio nvnforce running on demand
`binary: system32\drivers\nvapu.sys
*NVIDIA NForce(tm) ATA RAID Class Driver nvraid running boot
`binary: \SystemRoot\System32\DRIVERS\nvraid.sys
*NVIDIA nForce AGP Bus Filter nv_agp running boot
`binary: \SystemRoot\System32\DRIVERS\nv_agp.sys
*IPX Traffic Filter Driver NwlnkFlt - on demand
`binary: System32\DRIVERS\nwlnkflt.sys
*IPX Traffic Forwarder Driver NwlnkFwd - on demand
`binary: System32\DRIVERS\nwlnkfwd.sys
*Microsoft USB Open Host Controller Driver openhci running on demand
`binary: System32\DRIVERS\openhci.sys
*Creative OS Services Driver ossrv - on demand
`binary: system32\drivers\ctoss2k.sys
*oUltraf oUltraf - on demand
`binary: \??\C:\DOCUME~1\ray\LOCALS~1\Temp\oUltraf.sys
*Parallel class driver Parallel running on demand
`binary: System32\DRIVERS\parallel.sys
*Parallel port driver Parport running system
`binary: System32\DRIVERS\parport.sys
*PartMgr PartMgr running boot
`binary:
*ParVdm ParVdm running auto
`binary:
*PCI Bus Driver PCI running boot
`binary: \SystemRoot\System32\DRIVERS\pci.sys
*PCIDump PCIDump - system
`binary:
*PCIIde PCIIde running boot
`binary: \SystemRoot\System32\DRIVERS\pciide.sys
*Pcmcia Pcmcia - disabled
`binary:
*WAN Miniport (PPTP) PptpMiniport running on demand
`binary: System32\DRIVERS\raspptp.sys
*Direct Parallel Link Driver Ptilink running on demand
`binary: System32\DRIVERS\ptilink.sys
*ql1080 ql1080 - disabled
`binary:
*Ql10wnt Ql10wnt - disabled
`binary:
*ql1240 ql1240 - disabled
`binary:
*ql2100 ql2100 - disabled
`binary:
*Remote Access Auto Connection Driver RasAcd running system
`binary: System32\DRIVERS\rasacd.sys
*WAN Miniport (L2TP) Rasl2tp running on demand
`binary: System32\DRIVERS\rasl2tp.sys
*Direct Parallel Raspti running on demand
`binary: System32\DRIVERS\raspti.sys
*Microsoft Streaming Network Raw Channel Access RCA - on demand
`binary: system32\drivers\RCA.sys
*Rdbss Rdbss running system
`binary: System32\DRIVERS\rdbss.sys
*Digital CD Audio Playback Filter Driver redbook - system
`binary: System32\DRIVERS\redbook.sys
*Serenum Filter Driver serenum running on demand
`binary: System32\DRIVERS\serenum.sys
*Serial port driver Serial running system
`binary: System32\DRIVERS\serial.sys
*Sfloppy Sfloppy - system
`binary:
*sglfb sglfb - system
`binary:
*Simbad Simbad - disabled
`binary:
*BDA Slip De-Framer SLIP - on demand
`binary: System32\DRIVERS\SLIP.sys
*Sparrow Sparrow - disabled
`binary:
*Srv Srv running on demand
`binary: System32\DRIVERS\srv.sys
*BDA IPSink streamip - on demand
`binary: System32\DRIVERS\StreamIP.sys
*Software Bus Driver swenum running on demand
`binary: System32\DRIVERS\swenum.sys
*Microsoft Kernel GS Wavetable Synthesizer swmidi - on demand
`binary: system32\drivers\swmidi.sys
*symc810 symc810 - disabled
`binary:
*symc8xx symc8xx - disabled
`binary:
*sym_hi sym_hi - disabled
`binary:
*Microsoft System Audio Device sysaudio running on demand
`binary: system32\drivers\sysaudio.sys
*TCP/IP Protocol Driver Tcpip running system
`binary: System32\DRIVERS\tcpip.sys
*tga tga - system
`binary:
*Udfs Udfs - disabled
`binary:
*ultra66 ultra66 - disabled
`binary:
*Microcode Update Driver Update running on demand
`binary: System32\DRIVERS\update.sys
*Microsoft USB 2.0 Enhanced Host Controller Mini usbehci running on demand
`port Driver
`binary: System32\DRIVERS\usbehci.sys
*Microsoft USB Standard Hub Driver usbhub running on demand
`binary: System32\DRIVERS\usbhub.sys
*USB 2.0 Root Hub Support usbhub20 running on demand
`binary: System32\DRIVERS\usbhub20.sys
*VgaSave VgaSave running system
`binary: \SystemRoot\System32\drivers\vga.sys
*Remote Access IP ARP Driver Wanarp running on demand
`binary: System32\DRIVERS\wanarp.sys
*Microsoft WINMM WDM Audio Compatibility Driver wdmaud running on demand
`binary: system32\drivers\wdmaud.sys
*WINIO WINIO - on demand
`binary: \??\D:\winio.sys
*World Standard Teletext Codec WSTCODEC - on demand
`binary: System32\DRIVERS\WSTCODEC.SYS
»Application specific
I have locate but don't know how to post that info any help is appreciated.
Post by: raysdga on May 11, 2005, 06:57:05 PM
Here it is if anyone is interested.
[color=\"blue\"]Reboot into Safe Mode - Hit F8 key untill menu shows up
Find:
C:\WINDOWS\System32\drivers\bdasups.sys
And rename it to:bdasups.old
Then run Hijackthis and place a check beside each of the following. Once you have checked them, click fix checked.
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://rl.webtracer.cc/-/?gseka (http://\"http://rl.webtracer.cc/-/?gseka\") (obfuscated)
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://rl.webtracer.cc/-/?gseka (http://\"http://rl.webtracer.cc/-/?gseka\") (obfuscated)
O1 - Hosts: 1159680172 auto.search.msn.com
O19 - User stylesheet: C:\WINDOWS\stsheets.dat
Delete the following files or folders (delete item in bold). Please do not be concerned if
any of the items are not found as they may have been automatically removed by actions I had
you take earlier in the cleaning process.
Start-Search and delete
O19 - User stylesheet: C:\WINDOWS\stsheets.dat
Delete bdasups.old
Reboot and post new hijackthis log[/color]
/rolleyes.gif\' class=\'bbc_emoticon\' alt=\':rolleyes:\' /> heres the link if anyone is interested
[color=\"purple\"]http://www.bullguard.com/forum/10/Utruuhglobe-findercc_13239.h[/color]tml
--------------------------------------------------------------------------------
Post by: guestolo on May 11, 2005, 10:20:36 PM
I'll close this topic as your problems appear resolved
Post by: raysdga on May 14, 2005, 08:29:26 PM
Scan saved at 8:23:25 PM, on 5/14/2005
Platform: Windows 2000 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\ewido\security suite\ewidoguard.exe
C:\WINNT\System32\nvsvc32.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\Explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\HJT\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ (http://\"http://www.yahoo.com/\")
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKCU\..\Run: [HijackThis startup scan] C:\HJT\HijackThis.exe /startupscan
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINNT\System32\nvsvc32.exe
[color=\"blue\"]Here is the new hjt log questolo. I was just curious I have had problems in the past with service pack 4 as soon as I install I lose internet connectivity. I just bought a digital camera and it wants me download the latest available upgrades before I can install the software. What are your thoughts on this.
I'll start a new thread, or direct me towards an old thread that may cover this topic.
I have 2 computers connecting through a linksys router with comcast cable. [/color]
thanks raysdga
Post by: guestolo on May 15, 2005, 09:32:49 AM
Can you do the following
Open Notepad (START>>>RUN>>>type in notepad)
Hit OK
Copy the contents of the CODE box to notepad, not including the word "code"
In Notepad click FILE>>SAVE AS
IMPORTANT>>>Change the Save as Type to All Files.
Name the file as fix.reg
Save this file on the desktop
Code: [Select]
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVG7_EMC"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgemc.exe"
"AVG7_CC"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgcc.exe /STARTUP" Double click on fix.reg and allow to add or merge to the registry
Restart your computer and post a fresh Hijackthis log
Not sure about your Camera software
Never heard of the problem with SP4 and loss of Internet connection
After installing SP4, did you try connecting directly into the modem to see if you had Internet connection
May be a Router problem, but not sure
Any firmware upgrades for your router at Linsky's site?
Post by: raysdga on May 16, 2005, 03:41:02 PM
Scan saved at 3:41:18 PM, on 5/16/2005
Platform: Windows 2000 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\ewido\security suite\ewidoguard.exe
C:\WINNT\System32\nvsvc32.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\Explorer.exe
C:\HJT\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ (http://\"http://www.yahoo.com/\")
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [HijackThis startup scan] C:\HJT\HijackThis.exe /startupscan
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINNT\System32\nvsvc32.exe
Here it is questolo. How does it look?
Post by: guestolo on May 16, 2005, 07:18:27 PM
It looks like the Email scanner isn't running or the Control center
Did you Restart the computer after merging that Reg file?
Can you open AVG and enable the Email scanner?
Or if you find you can't it may be best just to uninstall AVG and reinstall it, just to make sure everything is running properly with your Anti-Virus
Also, this entry in your log
O4 - HKCU\..\Run: [HijackThis startup scan] C:\HJT\HijackThis.exe /startupscan
Are you purposely running Hijackthis on startup?
If you want to disable that Open Hijackthis>>Open Misc tools section
Click MAIN
Uncheck run Hijackthis on Startup
Click BACK and then close Hijackthis
That's optional, totally up to you