Post by: Oakland Raiderz on April 19, 2008, 11:42:02 PM
1. Everytime i go to my computer it says "miscrosoft explorer has encountered an eror" and the my computer window closes
2. I'm not able to play ONE SONG in itunes or my WHOLE computer will freeze and i have to shut down by holding the power button
3 I'm not able to do "Multitask" (have more then 2-3 windows open) because it will really my my computer slow to the point where my mouse will move every 30 seconds
4. My computer takes 5-9 minuts to turn on
5. When my computer boots up the "windows loading page" is really tiny
6. I'm not able to play any sort of dvd because of the "codec"
7. i tryed installing trackmania a couple days ago and got a error when i doubled click to play so i deleted that game
8. everytime i turn on my computer i get a message saying would you like this to be yoru default monitor and it always comes up twice because i have dual monitors (extended desktop)
Just some information to help you out =]
1. Over the past 2-3 years i've reinstalled and unistalled windows xp several times ( i DO have a legal version =D )
2. I did something about 6 months ago that i shoud've posted on here when i first had lots of problems and reinstalled xp
a. i was messing with my computer registry! (i only remember messing with going to hkey local machine- then software - then windows nt - then windows logon ) YES i do know now thats a BIG no no when you dont' know what your doing but its to late now.
b. you know when you go to my computer then c drive - then my documents and settings- then all these "users" come up? well i was trying to fix that... with messing witth the regirsty some website said (don't remember) that didn't work so i reinstalled windows
3. Cont from 2b.. could you help me get rid of some of those users? i'm the ONLY one on this laptop ( its my laptop my dad got me for highschool )
what i meen is that delete everyone except for the user nflraiderz, nehr mobile (i don't even have access to delete it ) and OAKLANDRAIDERZ ( its never used)
anyways i've been typing for 30 minuts trying to help you so you can help me =]. whatever you do will be GREATLY appreciated. i DO relize this may be a BIG and lengthy topic but i hope you help me =]
FInally the Hijack this
/wink.gif\' class=\'bbc_emoticon\' alt=\';)\' /> Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:04:45 AM, on 4/20/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\Common Files\AOL\Loader\aolload.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Apple Software Update\SoftwareUpdate.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: QFX Software KeyScrambler - {2B9F5787-88A5-4945-90E7-C4B18563BC5E} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll
O9 - Extra 'Tools' menuitem: &KeyScrambler... - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Unknown owner - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe (file missing)
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
--
End of file - 4792 bytes
Post by: guestolo on April 19, 2008, 11:58:53 PM
Download [color=\"#008000\"]Deckard's System Scanner (dss.exe)[/color] (http://\"http://deckard.geekstogo.com/dss.exe\") to your desktop.
Close all applications and windows.
Double-click on dss.exe to run it and follow the prompts.
When the scan is complete, two text files will open; main.txt, which will be maximized and extra.txt, which will be minimized.
Post back just the Whole contents of Main.txt and Extra.txt
Post by: Oakland Raiderz on April 20, 2008, 10:01:01 AM
Run by nflraiderz on 2008-04-20 11:18:16
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- HijackThis (run as nflraiderz.exe) ------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:18:27 AM, on 4/20/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Documents and Settings\nflraiderz\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\nflraiderz.exe
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: QFX Software KeyScrambler - {2B9F5787-88A5-4945-90E7-C4B18563BC5E} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll
O9 - Extra 'Tools' menuitem: &KeyScrambler... - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Unknown owner - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe (file missing)
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
--
End of file - 4607 bytes
-- Files created between 2008-03-20 and 2008-04-20 -----------------------------
2008-04-20 00:31:07 0 d-------- C:\Program Files\iTunes
2008-04-18 16:41:24 0 d-------- C:\Program Files\Trend Micro
2008-04-04 19:24:19 3120 --a------ C:\WINDOWS\system32\2d2ca2ce-704a-428c-8cbe-0736b29190aa.dll
2008-04-04 19:24:09 0 d-------- C:\Program Files\AARONS CLIKER
2008-04-04 15:39:45 0 d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Protexis
2008-04-04 15:39:39 80 -r-hs---- C:\WINDOWS\system32\3D012A1A79.dll
2008-04-04 15:38:44 0 d-------- C:\Program Files\Shark Software
2008-04-04 06:36:58 0 d-------- C:\Program Files\KeyScrambler
2008-04-03 09:36:51 0 d--h----- C:\Documents and Settings\LogMeInRemoteUser.NFLRAIDERZ\Templates
2008-04-03 09:36:51 0 dr------- C:\Documents and Settings\LogMeInRemoteUser.NFLRAIDERZ\Start Menu
2008-04-03 09:36:51 0 dr-h----- C:\Documents and Settings\LogMeInRemoteUser.NFLRAIDERZ\SendTo
2008-04-03 09:36:51 0 d--h----- C:\Documents and Settings\LogMeInRemoteUser.NFLRAIDERZ\Recent
2008-04-03 09:36:51 0 d--h----- C:\Documents and Settings\LogMeInRemoteUser.NFLRAIDERZ\PrintHood
2008-04-03 09:36:51 0 d--h----- C:\Documents and Settings\LogMeInRemoteUser.NFLRAIDERZ\NetHood
2008-04-03 09:36:51 0 d-------- C:\Documents and Settings\LogMeInRemoteUser.NFLRAIDERZ\My Documents
2008-04-03 09:36:51 0 d--h----- C:\Documents and Settings\LogMeInRemoteUser.NFLRAIDERZ\Local Settings
2008-04-03 09:36:51 0 d-------- C:\Documents and Settings\LogMeInRemoteUser.NFLRAIDERZ\Favorites
2008-04-03 09:36:51 0 d-------- C:\Documents and Settings\LogMeInRemoteUser.NFLRAIDERZ\Desktop
2008-04-03 09:36:51 0 d---s---- C:\Documents and Settings\LogMeInRemoteUser.NFLRAIDERZ\Cookies
2008-04-03 09:36:51 0 dr-h----- C:\Documents and Settings\LogMeInRemoteUser.NFLRAIDERZ\Application Data
2008-04-03 09:36:51 0 d---s---- C:\Documents and Settings\LogMeInRemoteUser.NFLRAIDERZ\Application Data\Microsoft
2008-04-03 09:36:50 229376 --ah----- C:\Documents and Settings\LogMeInRemoteUser.NFLRAIDERZ\NTUSER.DAT
2008-04-02 23:15:37 0 d-------- C:\Program Files\LogMeIn
2008-04-02 20:39:30 0 d-------- C:\Documents and Settings\nflraiderz\.frugoo_file_store_32
2008-03-21 21:44:40 0 d-------- C:\Program Files\Total Video Converter
2008-03-21 21:30:19 0 d-------- C:\WINDOWS\Video to iPod MP4 PSP 3GP Converter
2008-03-21 21:30:19 0 d-------- C:\Program Files\Video to iPod MP4 PSP 3GP Converter
2008-03-21 14:32:09 0 d-------- C:\Program Files\Bonjour
-- Find3M Report ---------------------------------------------------------------
2008-04-20 00:32:36 0 d-------- C:\Program Files\iPod
2008-04-20 00:26:43 0 d-------- C:\Program Files\QuickTime
2008-04-20 00:13:28 0 d-------- C:\Program Files\Apple Software Update
2008-04-20 00:12:55 0 d-------- C:\Program Files\Common Files\Adobe
2008-04-19 08:00:28 0 d-------- C:\Documents and Settings\nflraiderz\Application Data\AVG7
2008-03-21 14:54:43 0 d-------- C:\Documents and Settings\nflraiderz\Application Data\LimeWire
2008-01-26 02:34:30 35363 --a------ C:\WINDOWS\system32\windrvNT.sys
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="C:\Program Files\Apoint\Apoint.exe" [01/31/2005 05:35 PM]
"LogMeIn GUI"="C:\Program Files\LogMeIn\x86\LogMeInSystray.exe" [08/03/2007 03:09 PM]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [03/28/2008 11:37 PM]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [03/30/2008 10:36 AM]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
LMIinit.dll 11/15/2007 06:46 PM 87352 C:\WINDOWS\system32\LMIinit.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Start Menu^Programs^Startup^YouTube Uploader for CASIO.lnk]
path=C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\YouTube Uploader for CASIO.lnk
backup=C:\WINDOWS\pss\YouTube Uploader for CASIO.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^nflraiderz^Start Menu^Programs^Startup^LimeWire On Startup.lnk]
path=C:\Documents and Settings\nflraiderz\Start Menu\Programs\Startup\LimeWire On Startup.lnk
backup=C:\WINDOWS\pss\LimeWire On Startup.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG7_CC]
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
"C:\Program Files\iTunes\iTunesHelper.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"C:\Program Files\QuickTime\QTTask.exe" -atboottime
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
"C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
"C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
-- End of Deckard's System Scanner: finished at 2008-04-20 11:18:44 ------------
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft Windows XP Home Edition (build 2600) SP 2.0
Architecture: X86; Language: English
CPU 0: Intel® Pentium® M processor 1.50GHz
Percentage of Memory in Use: 48%
Physical Memory (total/avail): 511.23 MiB / 262.15 MiB
Pagefile Memory (total/avail): 1250.21 MiB / 994.68 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1939 MiB
C: is Fixed (NTFS) - 33.6 GiB total, 8.98 GiB free.
D: is CDROM (No Media)
\\.\PHYSICALDRIVE0 - TOSHIBA MK4026GAX - 37.26 GiB - 3 partitions
\PARTITION0 - Unknown - 47.03 MiB
\PARTITION1 (bootable) - Installable File System - 33.6 GiB - C:
\PARTITION2 - Unknown - 3.61 GiB
-- Security Center -------------------------------------------------------------
AUOptions is scheduled to auto-install.
Windows Internal Firewall is enabled.
FirstRunDisabled is set.
AntivirusOverride is set.
AV: AVG 7.5.516 v7.5.516 (Grisoft) [color=\"RED\"]Outdated[/color]
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Disabled:Messenger"
"C:\\Program Files\\AIM6\\aim6.exe"="C:\\Program Files\\AIM6\\aim6.exe:*:Enabled:AIM"
"C:\\Program Files\\Grisoft\\AVG7\\avginet.exe"="C:\\Program Files\\Grisoft\\AVG7\\avginet.exe:*:Enabled:avginet.exe"
"C:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe"="C:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe:*:Enabled:avgamsvr.exe"
"C:\\Program Files\\Grisoft\\AVG7\\avgcc.exe"="C:\\Program Files\\Grisoft\\AVG7\\avgcc.exe:*:Enabled:avgcc.exe"
"C:\\Program Files\\Grisoft\\AVG7\\avgemc.exe"="C:\\Program Files\\Grisoft\\AVG7\\avgemc.exe:*:Enabled:avgemc.exe"
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"="C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe:*:Enabled:AOL Loader"
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Documents and Settings\\nflraiderz\\Local Settings\\Temp\\BS2-20080326\\BurningSand2.exe"="C:\\Documents and Settings\\nflraiderz\\Local Settings\\Temp\\BS2-20080326\\BurningSand2.exe:*:Enabled:BurningSand2"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Disabled:LimeWire"
"C:\\WINDOWS\\system32\\sessmgr.exe"="C:\\WINDOWS\\system32\\sessmgr.exe:*:Enabled:@xpsp2res.dll,-22019"
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\Documents and Settings\All Users.WINDOWS
APPDATA=C:\Documents and Settings\nflraiderz\Application Data
CLASSPATH=.;C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=NFLRAIDERZ
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\nflraiderz
LOGONSERVER=\\NFLRAIDERZ
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\PROGRA~1\Java\JRE16~1.0_0\bin;C:\PROGRA~1\Java\JRE16~1.0_0\bin;C:\Program Files\Mozilla Firefox;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\QuickTime\QTSystem\;.
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 13 Stepping 8, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0d08
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\NFLRAI~1\LOCALS~1\Temp
TMP=C:\DOCUME~1\NFLRAI~1\LOCALS~1\Temp
ULTRAMON_LANGDIR=C:\Program Files\UltraMon\Resources\en
USERDOMAIN=NFLRAIDERZ
USERNAME=nflraiderz
USERPROFILE=C:\Documents and Settings\nflraiderz
windir=C:\WINDOWS
-- User Profiles ---------------------------------------------------------------
nflraiderz (admin)
LogMeInRemoteUser (new local, admin)
LogMeInRemoteUser.NFLRAIDERZ (admin)
-- Add/Remove Programs ---------------------------------------------------------
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Aarons Cliker Version 2.89 --> "C:\Program Files\AARONS CLIKER\unins000.exe"
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
AIM 6 --> C:\Program Files\AIM6\uninst.exe
ALPS Touch Pad Driver --> C:\Program Files\Apoint\Uninstap.exe ADDREMOVE
Apple Mobile Device Support --> MsiExec.exe /I{44734179-8A79-4DEE-BB08-73037F065543}
Apple Software Update --> MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}
ATI Display Driver --> rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
Auto Clicker-Image Recognizer --> MsiExec.exe /I{9129C63A-1CD7-419D-A54B-70FFB5295678}
AVG 7.5 --> C:\Program Files\Grisoft\AVG7\setup.exe /UNINSTALL
Bonjour --> MsiExec.exe /I{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}
Conexant D480 MDC V.9x Modem --> C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_8086&DEV_24x6&SUBSYS_542214F1\HXFSETUP.EXE -U -Idel5422k.inf
Folder Lock --> E:\Folder Lock\Uninstall.exe
Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
iTunes --> MsiExec.exe /I{80FD852F-5AAC-4129-B931-06AAFFA43138}
Java(tm) 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
KeyScrambler --> C:\Program Files\KeyScrambler\uninstall.exe
LimeWire 4.16.6 --> "C:\Program Files\LimeWire\uninstall.exe"
LogMeIn --> MsiExec.exe /I{7E7658A2-CD3F-48A7-93EA-0882BCA4FD2A}
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Mozilla Firefox (2.0.0.13) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Photo Transport --> MsiExec.exe /X{63CFD835-FF50-4F8B-91CD-5662A8C640F8}
PowerDVD --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
QuickTime --> MsiExec.exe /I{BFD96B89-B769-4CD6-B11E-E79FFD46F067}
Total Video Converter 3.11 --> "C:\Program Files\Total Video Converter\unins000.exe"
Viewpoint Media Player --> C:\Program Files\Viewpoint\Viewpoint Media Player\mtsAxInstaller.exe /u
Windows Live Messenger --> MsiExec.exe /I{571700F0-DB9D-4B3A-B03D-35A14BB5939F}
Windows Live Sign-in Assistant --> MsiExec.exe /I{49672EC2-171B-47B4-8CE7-50D7806360D7}
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
YouTube Uploader for CASIO --> MsiExec.exe /X{D482AA7B-92FD-490D-A0EA-7A653D2A78E8}
-- Application Event Log -------------------------------------------------------
Event Record #/Type1607 / Error
Event Submitted/Written: 04/06/2008 02:54:37 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application explorer.exe, version 6.0.2900.3156, faulting module unknown, version 0.0.0.0, fault address 0x003680aa.
Processing media-specific event for [explorer.exe!ws!]
Event Record #/Type1605 / Error
Event Submitted/Written: 04/06/2008 02:53:29 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application explorer.exe, version 6.0.2900.3156, faulting module unknown, version 0.0.0.0, fault address 0x0036804f.
Processing media-specific event for [explorer.exe!ws!]
Event Record #/Type1537 / Warning
Event Submitted/Written: 04/02/2008 11:21:03 PM
Event ID/Source: 110 / LogMeIn
Event Description:
Request denied for user ? for URI [/main.html] from IP address 127.0.0.1. Secure (SSL) Connection: Yes
Event Record #/Type1527 / Error
Event Submitted/Written: 04/02/2008 08:40:40 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application firefox.exe, version 1.8.20080.31114, faulting module firefox.exe, version 1.8.20080.31114, fault address 0x0021b5d4.
Processing media-specific event for [firefox.exe!ws!]
Event Record #/Type1471 / Success
Event Submitted/Written: 03/26/2008 00:23:45 AM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.
-- Security Event Log ----------------------------------------------------------
No Errors/Warnings found.
-- System Event Log ------------------------------------------------------------
Event Record #/Type11651 / Error
Event Submitted/Written: 04/06/2008 09:58:12 PM
Event ID/Source: 7 / Disk
Event Description:
The device, \Device\Harddisk0\D, has a bad block.
Event Record #/Type11650 / Warning
Event Submitted/Written: 04/06/2008 08:46:09 PM
Event ID/Source: 4226 / Tcpip
Event Description:
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.
Event Record #/Type11649 / Error
Event Submitted/Written: 04/06/2008 05:40:30 PM
Event ID/Source: 7 / Disk
Event Description:
The device, \Device\Harddisk0\D, has a bad block.
Event Record #/Type11648 / Error
Event Submitted/Written: 04/06/2008 05:38:25 PM / 04/06/2008 05:38:26 PM
Event ID/Source: 7 / Disk
Event Description:
The device, \Device\Harddisk0\D, has a bad block.
Event Record #/Type11647 / Error
Event Submitted/Written: 04/06/2008 05:38:10 PM
Event ID/Source: 7 / Disk
Event Description:
The device, \Device\Harddisk0\D, has a bad block.
-- End of Deckard's System Scanner: finished at 2008-04-06 22:00:55 ------------
Post by: guestolo on April 20, 2008, 10:09:22 AM
Not sure about the other however
go to this link
http://www.virustotal.com/flash/index_en.html (http://\"http://www.virustotal.com/flash/index_en.html\")
Copy and paste the following bold line to the space next to 'Upload a File'
C:\WINDOWS\system32\2d2ca2ce-704a-428c-8cbe-0736b29190aa.dll
Then use the SEND FILE button
Let it finish scanning
Could you post back the results this scan back here please
Or better yet, just link to the results paga
Do the same for this path to the file name
C:\WINDOWS\system32\3D012A1A79.dll
Post by: Oakland Raiderz on April 20, 2008, 12:11:59 PM
for the first file C:\WINDOWS\system32\2d2ca2ce-704a-428c-8cbe-0736b29190aa.dll
here are the results
http://www.virustotal.com/analisis/af1762f...0e4d12bfe6f7d41 (http://\"http://www.virustotal.com/analisis/af1762ff2d69a46e00e4d12bfe6f7d41\")
for the second file C:\WINDOWS\system32\3D012A1A79.dll
here are the results
http://www.virustotal.com/analisis/772642f...fc8c27ad33030da (http://\"http://www.virustotal.com/analisis/772642f9742bde256fc8c27ad33030da\")
from what i can see they both look "clean"
Post by: guestolo on April 21, 2008, 06:58:16 PM
Download [color=\"#FF0000\"]ATF-Cleaner[/color] (http://\"http://www.atribune.org/ccount/click.php?id=1\") by Atribune.
Save it to your desktop
We'll need it later
I see remnants of Norton's AV still in your logs
Go to the following link
http://service1.symantec.com/SUPPORT/tsgen...&view=docid (http://\"http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/2007080716254939?Open&docid=2005033108162039&nsf=tsgeninfo.nsf&view=docid\")
Go to STEP 3
Download and Save the uninstaller to desktop
We'll need it in a bit
Your version of Java is outdated and needs to be updated to take advantage of fixes that have eliminated security vulnerabilities.
[color=\"blue\"]Updating Java:[/color]
- Download the latest version of Java Runtime Environment (JRE) 6 Update 6 (http://\"http://java.sun.com/javase/downloads/index.jsp\").
- From that link scroll down to where it says "Java Runtime Environment (JRE) 6 Update 6".
- Click the "Download" button to the right.
- In the Window that opens, select Windows, your Language, check the "agree" box and click Continue.
- Click on the link to download Windows Offline Installation, Multi-language (15.21 MB) and save to your desktop.
- Close any programs you may have running - especially your web browser.
- Go to Start > Control Panel double-click on Add or Remove Programs and remove all older versions of Java.
- Check any item with Java Runtime Environment (JRE or J2SE) in the name.
-In your case remove
Javaâ„¢ 6 Update 3
[/list]
Don't install the new version yet
Don't reboot the computer yet
Instead:
Double-click the Norton Removal Tool icon.
Follow the on-screen instructions.
>> Your computer may be restarted more than once, and you may be asked to repeat some steps after the computer restarts.
====================================
If your computer did not need to be restarted, restart manually anyways
Back in Windows
Double-click ATF-Cleaner.exe to run the program.
Under Main choose: Select All
Click the Empty Selected button.
Wait for the "Done Cleaning" prompt
Hit OK
Click Exit on the Main menu to close the program.
================================================
Afterwards: Install the latest version of Sun Java from the installer on desktop
Reboot the computer one more time
Startup may be slower at reboot, as we have cleared the prefetch folder
Startup time will increase when the Prefetch folder is repopulated
Come back and post a fresh hijackthis log, let me know how things are running
Post by: Oakland Raiderz on April 21, 2008, 08:23:02 PM
with my itunes i've reinstalled it and unistalled it several times and everytime i play a song it'll freeze my computer or it will play but no sound ... i went youtube and my speakers do work. so i tryed playing songs in windows media player and it played for like 30 second then my computer went crazy again.
i did find weird though when i restarted my computer before it restarted a window came up and it said "ending process (then random letteres and numbers like this abcdacba53d5aca231acba3dc1a3bbc) so i restarted again and it went away
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:41:57 PM, on 4/21/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: QFX Software KeyScrambler - {2B9F5787-88A5-4945-90E7-C4B18563BC5E} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll
O9 - Extra 'Tools' menuitem: &KeyScrambler... - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
--
End of file - 4402 bytes
Post by: guestolo on April 21, 2008, 09:27:47 PM
Can you manually check for updates with AVG and ensure it's right up to date
Not sure about your other problems yet
Have you checked in Device manager for any yellow exclamation marks?
Drivers that require attention
Post by: Oakland Raiderz on April 22, 2008, 05:22:54 AM
C:\\WINDOWS\system32\drivers\etc\hosts
it said the result was change and status was changed
and i also checked my device manager and i found no yellow exclamation marks
Post by: guestolo on April 22, 2008, 07:37:07 PM
not to worry
It could be you have a corrupt profile
I only see one Admin account?
Not including the Logmein
According to Deckard's scanner
This is the only seen User profile
nflraiderz
Where are you seeing the other profiles?
In the User accounts in the Control Panel, or is it a Folder in Explorer?
Post by: Oakland Raiderz on April 22, 2008, 08:45:32 PM
nflraiderz
i'm seeing these other profiles in folder in explorer under c drive documents and settings theres two other ones that i don't have access to Nehr Mobile and OAKLANDRAIDERZ
maybe i should makea new account? because i agree with you when i mest with my regirsty i can almost promise you i corrupted my profile
just to let you know i now get this message when i open itunes
"itunes cannot run because it has detected a problem with your audio configuration"
jsut to let you know my speakers work and i get sound from runescape and other games =]
Post by: guestolo on April 22, 2008, 09:02:25 PM
Reboot the computer
Do you still get the message from Itunes?
Post by: Oakland Raiderz on April 22, 2008, 09:20:08 PM
Post by: guestolo on April 22, 2008, 09:35:06 PM
Post by: Oakland Raiderz on April 23, 2008, 02:14:41 PM
"iTunes Installer has encountered a problem and needs to close. We are sorry for the inconvenience."
Heres the error signature
EventType : InPageError P1 : c000009c P2 : 00000003
and heres the following files that will be included in this error report
C:\DOCUME~1\NFLRAI~1\LOCALS~1\Temp\WER9b20.dir00\iTunesSetup.exe.mdmp
C:\DOCUME~1\NFLRAI~1\LOCALS~1\Temp\WER9b20.dir00\appcompat.txt
Post by: guestolo on April 23, 2008, 07:48:09 PM
http://docs.info.apple.com/article.html?artnum=93976 (http://\"http://docs.info.apple.com/article.html?artnum=93976\")
Take particular notice of the following steps
Quote
General Installation Troubleshooting
Important: A majority of customers experience successful iTunes installation after completing these troubleshooting procedures. If one does not help, proceed to the next.
Arrow Completely Remove iTunes and QuickTime (Click to show)
Note: Songs you purchased from the iTunes Store or imported from CDs are saved in your My Music folder by default and are not deleted by removing iTunes.
1. Quit iTunes.
2. On the Start menu, click Control Panel.
3. Windows XP and Windows 2000: In Control Panel, open Add or Remove Programs.
Windows Vista: In Control Panel, click Uninstall a program. Alternately, in Classic View of Control Panel, click Programs and Features.
4. Select iTunes from the list of currently installed programs, then click Remove or Uninstall.
5. In Windows XP and Windows 2000, when asked if you would like to remove iTunes, select Yes.
6. In Windows Vista, if your permission is needed to continue, click Continue.
7. After uninstalling iTunes, do not restart if you are prompted to.
8. If other entries were present for iTunes remove those as well.
9. In Add or Remove Programs or Programs and Features, remove any iPod Updater applications that are listed in the same fashion as iTunes was removed.
10. In Add or Remove Programs or Programs and Features, remove any QuickTime installations that are listed in the same fashion as iTunes was removed.
11. Restart your computer.
12. After the computer restarts, open Local Disk C: in My Computer/Computer or whichever disk programs are installed on.
13. Open the Program Files folder.
14. Right-click the iTunes folder and select Delete and choose Yes when asked to confirm the deletion. Note: This folder may have already been deleted if iTunes was successfully removed in steps 1-8.
15. Right click the iPod folder and select Delete and choose Yes when asked to confirm the deletion.
16. Right-click the QuickTime folder and select Delete and choose Yes when asked to confirm the deletion.
17. Delete the QuickTime and QuicktimeVR files located in the C:\\Windows\\system32\\folder.
18. Right-click on the Recycle Bin and on the shortcut menu, click Empty Recycle Bin.
19. Restart your computer.
20. Install the latest version of iTunes from http://www.apple.com/itunes/download (http://\"http://www.apple.com/itunes/download\").
Arrow Empty your Temp directory and restart (Click for more)
1. On the Start menu, click My Computer/Computer (or double-click My Computer on the Desktop).
2. In My Computer/Computer, open Local Disk C:.
3. Windows XP and Windows 2000: Open Documents and Settings.
4. Windows Vista: Open Users.
5. Double-click the folder that bears your username.
6. Windows Vista only: If you see an AppData folder, double-click it and skip to step 12. If you don't see an AppData folder, skip to step 9.
7. Windows XP only: If you see a Local Settings folder, skip to step 12. If you don't see a Local Settings folder, proceed to the next step.
8. Windows XP and Windows 2000: From the Tools menu, choose Folder Options.
9. Windows Vista: From the Organize menu, choose Folder and Search Options.
10. Select the "Show hidden files and folders" button.
11. Click OK.
12. Double-click Local Settings or Local folder (If on Windows Vista, you must first double-click the AppData folder). If Windows needs your permission to continue, click Continue.
13. Right-click on the Temp folder and on the shortcut menu, choose Delete.
14. In the confirmation dialog that appears, click Yes.
15. If you are unable to delete the Temp folder, close all programs, especially those in the Notification area (system tray) of the Windows Task bar shown below and repeat step 10.
16. Restart your computer.
17. Install the latest version of iTunes from http://www.apple.com/itunes/download (http://\"http://www.apple.com/itunes/download\").
Arrow Clean up iTunes installer files on the computer (Click to show)
You can download the Windows Installer Cleanup Utility from Microsoft, which will clean up any leftover installer files that may be causing issues with your current installation. To do this:
1. Click here first, and read the important information about the software.
2. Click the "Download the Windows Installer Cleanup Utility package now" link on that page to download a file titled msicuu2.exe.
3. Open the msicuu2.exe file and follow the prompts to install it.
4. On the Start menu, point to All Programs and then click Windows Install Cleanup; the Windows Installer Clean Up Utility window appears, listing software that is currently installed on your computer.
5. Select iTunes from the list and click Remove.
6. Click OK in the confirmation dialog that appears.
7. Repeat steps 5 and 6 if you have multiple iTunes entries listed.
8. Select QuickTime from the list and click Remove.
9. Click OK in the confirmation dialog that appears.
10. Repeat steps 8 and 9 if you have multiple QuickTime entries listed.
11. Click Exit.
12. Restart the computer.
13. Install the latest version of iTunes from http://www.apple.com/itunes/download (http://\"http://www.apple.com/itunes/download\").
Arrow Download QuickTime Standalone Installer (Click for more)
Try downloading and installing the standalone version of QuickTime from http://www.apple.com/quicktime/download/win.html (http://\"http://www.apple.com/quicktime/download/win.html\"). Be sure you download the version that does not include iTunes.
Arrow Disable other conflicting software (Click for more)
In Windows, some background processes can cause issues for other programs and processes. These conflicts can prevent applications such as iTunes and QuickTime Player from installing. See "Using MSCONFIG to troubleshoot conflicts in Windows" for assistance disabling conflicting processes.
Arrow Make sure your folder names don't contain strange characters (Click to show)
Let me know what works for you or what didn't
Post by: Oakland Raiderz on April 23, 2008, 08:54:09 PM
i think i know why my itunes wasn't working.. i don't think i ever put service pack 2 on. >.<
Post by: Oakland Raiderz on April 23, 2008, 09:00:14 PM
i think i know why my itunes wasn't working.. i don't think i ever put service pack 2 on. >.<[/quote]
IGNORE EVERYTHING I JUST TYPED BEFORE
i just restarted my computer and i got on AND it took like normal time
i'm going to back up a few things and then i'm going to do what yoru post said above about itunes =]
i'll let you know whats going on in a little bit
Post by: Oakland Raiderz on April 24, 2008, 08:01:19 AM
ITUNES WORKS
/biggrin.gif\' class=\'bbc_emoticon\' alt=\':D\' /> and my computer doesn't freeze when i play a song.(i fixed it buy deleting filed in my temp folder and in my application data folder =]
Bad news is that i still have lots of other problems that still need to get fixed >.<
1. like a can't search my computer or i'll get a error message.
2. etc
Post by: guestolo on April 24, 2008, 08:33:37 AM
Put your XP disk into the cd/dvd drive
Exit out if it autostarts
Then go to START>>RUN>>type, or copy>paste the next exact command in bold
and hit OK
sfc /scannow
Let this finish, it may take some time
Afterwards,
Download and save to desktop
Dial-a-fix-v0.60.0.24.zip
by djlizard
Extract the contents to it's own folder on desktop
http://www.majorgeeks.com/download4899.html (http://\"http://www.majorgeeks.com/download4899.html\")
Open the extracted Dial-a-fix folder and double click on Dial-a-fix.exe
In the main Window put a tick in
Empty temp folders
Adjust time/date
Fix Windows installer
Fix Windows Updates
NOTE: other selections will get selected by default, leave them checked please
In addition, ensure that Everything is ticked under Registration Center
Close down all web browsers then hit GO in dial-a-fix
Let this finish
When done click Exit
Reboot your computer
Let me know how everythings running afterwards
Post by: Oakland Raiderz on April 24, 2008, 03:34:03 PM
the only other thing is i'm not able to play a dvd in this computer because i get an error message then it shuts off. i tryed unistalling it but i can't because i get this message "error reading setup initilization file" so maybe thats why it won't.?
how do i get PowerDVD off this computer and what FREE software would you suggest so i can watch my dvd's?
Post by: guestolo on April 24, 2008, 11:39:28 PM
Try klite codecs
Or better yet, try a different viewer, one of my favorites is Gom player
Installs with more used codecs
Take a look and try your movie with this player
http://www.gomlab.com/eng/ (http://\"http://www.gomlab.com/eng/\")
Afterwards, we can remove your older user profiles
Let me know how it goes
Post by: Oakland Raiderz on April 26, 2008, 12:21:49 PM
i am getting a message everytime i turn on my computer saying "would you like to make this your defulat monitor"
i 'm pretty sure it has to do with logmein
Post by: guestolo on April 26, 2008, 12:27:43 PM
How many are you capable of hooking to it?
Can you check Device manager>>Right click MyComputer
Select Properties>>Hardware>>Device Manager
Expand (+) on Monitors
How many listed?
Post by: Oakland Raiderz on April 26, 2008, 10:23:49 PM
/tongue.gif\' class=\'bbc_emoticon\' alt=\':P\' /> and one other one) i can only add one monitor to this latop
it shows 4 monitors
1. one defualt monitor
2. 2 monitors with yellow exclamation marks
3 and one other monitor with (DPMS) next to it (the manufacter for this monitor is logmein just to let you know)
Post by: guestolo on April 27, 2008, 11:04:10 AM
Quote
2 monitors with yellow exclamation marksCan you remove those 2, reboot the computer
Do you still get a prompt on startup?
Post by: Oakland Raiderz on April 27, 2008, 09:21:18 PM
Post by: guestolo on April 27, 2008, 09:24:13 PM
Is Default Monitor selected under Display?
When it prompts to make default monitor, do you have a choice?
Can you select one and have it go away?
Post by: Oakland Raiderz on April 29, 2008, 03:08:16 PM
Is Default Monitor selected under Display?
When it prompts to make default monitor, do you have a choice?
Can you select one and have it go away?[/quote]
i now have 4 monitors with all yellow exclamation marks.
when i go to properties then settings tab the two options under display are
(multiple monitors) on ATI MOBILITY RADEON 9000
(multiple monitors) on ATI MOBILITY RADEON 9000
the little box that says "use this device as the primary monitor " is always grey so i don't have a choicce
Post by: guestolo on April 29, 2008, 09:19:26 PM
from safe mode, remove (uninstall all monitors) from device manager
Reboot back to Normal windows, let Windows detect your monitor(s)
Reboot again
Let me know how it goes
Post by: Oakland Raiderz on April 30, 2008, 07:06:56 PM
Post by: guestolo on April 30, 2008, 07:24:54 PM
Are you allowing it enough time, sometimes it appears to have froze, but will continue after a couple minutes
Also, did you ensure you ran File checker before
sfc /scannow
Post by: Oakland Raiderz on May 01, 2008, 03:52:24 PM
Are you allowing it enough time, sometimes it appears to have froze, but will continue after a couple minutes
Also, did you ensure you ran File checker before
sfc /scannow[/quote]
nvm it doesn't freeze you were right it jsut takes a couple minuts
what do you meen run file checker before
sfc /scannow
can you give me the directions on how to do that again ?
also the only thing that shows under monitor now under device manager is
vidoe converter (vga compatible) and its yellow
Post by: Oakland Raiderz on May 01, 2008, 09:29:24 PM
what do you meen run file checker before
sfc /scannow
can you give me the directions on how to do that again ?
also the only thing that shows under monitor now under device manager is
vidoe converter (vga compatible) and its yellow[/quote]
i wasn't able to edit my last post for some odd reason heres the latest things i have to tell you
1.first off i've been busy so sorry i haven't been replying fast i will try harder
2 under display adapters i have ati mobility radeon 9000 thats it but there is NO yellow mark =]
3. i'm able to use both of my monitors ( the one attacted to this laptop and the extended one)
4. maybe i should do that svc scannow thing still?
5 i made a restore point because everything is kinda better
/happy.gif\' class=\'bbc_emoticon\' alt=\'^_^\' /> 6 i've unistalled logmein completely because i didn't use it anyways (but files still appear in some places like proccesses)
7 i've unistalled limewire but some limewire stuff still shows
8 i found this think on my computer called mrstub.exe and deleted because it appeared to be melware ( was that a good move?)
9 my computers fate lays in yoru hand what should we do next =]
10. i've unistalled powerdvd and stuff still shows that i can't delete (for example in the unistall area in windows"
10.5 Itunes freezez again >.<
11.
/wub.gif\' class=\'bbc_emoticon\' alt=\':wub:\' /> YOUR AMAZING! =]Just incase you want to see a hijack this it wouldn't hurt to post one
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:28:57 PM, on 5/1/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\CASIO\YouTube Uploader for CASIO\YStart.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\mmc.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/ (http://\"http://google.com/\")
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: QFX Software KeyScrambler - {2B9F5787-88A5-4945-90E7-C4B18563BC5E} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - Global Startup: YouTube Uploader for CASIO.lnk = C:\Program Files\CASIO\YouTube Uploader for CASIO\YStart.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll
O9 - Extra 'Tools' menuitem: &KeyScrambler... - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - Unknown owner - C:\Program Files\LogMeIn\x86\RaMaint.exe (file missing)
O23 - Service: LogMeIn - Unknown owner - C:\Program Files\LogMeIn\x86\LogMeIn.exe (file missing)
--
End of file - 5615 bytes
Post by: guestolo on May 01, 2008, 11:48:46 PM
Do the following
Go to START>>>RUN>>>type in services.msc
Hit OK
In the next window, look on the right hand side for this service
name---- LogMeIn Maintenance Service
Double click on it--- STOP the service--If running
In the drop down menu, change the startup type to Disabled
Apply and OK it
Do the same for the following service name
LogMeIn
Reboot the computer
Come back and let me know how things are running then
Post by: Oakland Raiderz on May 02, 2008, 02:38:42 PM
i just need help with my itunes freezing
after you had me do svc /scannow that one time it worked now it doesn't
so i just need help on my itunes
and the other profiles and thats it =]
i had task manager on one monitor and itunes on the other and when i have itunes open and i don' tdo anything its cpu ussage is 00 percent but when i just scroll threw my music it will go up to 77-90 i only have 2.84gb (669)
Post by: guestolo on May 02, 2008, 09:02:40 PM
Quote
after you had me do svc /scannow that one time it worked now it doesn't
If you look over my last reply, it's not svc /scannow
It is sfc /scannow notice the f instead of the v
Quote
i had task manager on one monitor and itunes on the other and when i have itunes open and i don' tdo anything its cpu ussage is 00 percent but when i just scroll threw my music it will go up to 77-90 i only have 2.84gb (669)I'm not sure if I understand what you said there???
Post by: Oakland Raiderz on May 03, 2008, 01:58:16 PM
It is sfc /scannow notice the f instead of the v
I'm not sure if I understand what you said there???[/quote]
i knew it was sfc (that was a typo)
i now know why itunes kept on freezing ( it was because some songs i tryed to play the file was gone) but thats all fixed
Post by: guestolo on May 04, 2008, 11:43:52 AM
Post by: Oakland Raiderz on May 05, 2008, 07:31:09 PM
Post by: guestolo on May 05, 2008, 10:13:37 PM
Try the following
Print these instructions, or save them to desktop for reference
Reboot the computer into SAFE MODE
Sign in with this account since it has Admin privileges
Once in safe mode
Use Explore and navigate to the folders your having trouble deleting
Go to START>>MyComputer>>Local disk C:>>Documents and Settings>>User NAME>
Eg..
C:\Documents and Settings\<User Name>
RIGHT CLICK on the folder and select PROPERTIES
Then select the SECURITY tab
Select ADVANCED by special permissions....
Select OWNER tab
Highlight YOUR Admin account and select "Replace owner on subcontainers and objects"
Then click APPLY and OK out of there
Now try and delete the User profile(s) folder you had trouble with before
Reboot back to Normal windows
Come back here and post one last fresh hijackthis log
Don't wait a week, I would like to see a fresh one now for final cleanup
Then you can wait out the week to see how it's running
Post by: Oakland Raiderz on May 11, 2008, 12:26:39 PM
Scan saved at 1:28:22 PM, on 5/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Apoint\Apntex.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/ (http://\"http://google.com/\")
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: QFX Software KeyScrambler - {2B9F5787-88A5-4945-90E7-C4B18563BC5E} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll
O9 - Extra 'Tools' menuitem: &KeyScrambler... - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - Unknown owner - C:\Program Files\LogMeIn\x86\RaMaint.exe (file missing)
O23 - Service: LogMeIn - Unknown owner - C:\Program Files\LogMeIn\x86\LogMeIn.exe (file missing)
Post by: guestolo on May 11, 2008, 12:30:31 PM
Did you install AVG 8 and then uninstall it?
Have you removed LogmeIn?
Please supply an uninstall list from Hijackthis
Open Hijackthis>>Open MISC TOOLS SECTION>>Open UNINSTALL MANAGER
Click the SAVE LIST... button
Save the list to your desktop then copy>>Paste back here the Whole contents
Post by: Oakland Raiderz on May 11, 2008, 03:56:52 PM
Did you install AVG 8 and then uninstall it?
Have you removed LogmeIn?
Please supply an uninstall list from Hijackthis
Open Hijackthis>>Open MISC TOOLS SECTION>>Open UNINSTALL MANAGER
Click the SAVE LIST... button
Save the list to your desktop then copy>>Paste back here the Whole contents[/quote]
i have unistalled logmein
i' also installed avg then unistalled it because it froze in the middle of scans and froze my computer.
i have no anitvirus so i'm only going on safe websites taht i know are safe
Adobe Flash Player ActiveX
AIM 6
ALPS Touch Pad Driver
Apple Mobile Device Support
Apple Software Update
ATI - Software Uninstall Utility
ATI Control Panel
ATI Display Driver
Bonjour
Conexant D480 MDC V.9x Modem
HijackThis 2.0.2
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB926239)
iTunes
Java(tm) 6 Update 6
KeyScrambler
K-Lite Mega Codec Pack 3.6.5
LimeWire 4.16.7
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Mozilla Firefox (2.0.0.14)
QuickTime
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows Media Player 9 (KB936782)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921503)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB929123)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB932168)
Security Update for Windows XP (KB933729)
Security Update for Windows XP (KB935839)
Security Update for Windows XP (KB935840)
Security Update for Windows XP (KB936021)
Security Update for Windows XP (KB938127)
Security Update for Windows XP (KB938829)
Security Update for Windows XP (KB939653)
Security Update for Windows XP (KB941202)
Security Update for Windows XP (KB941568)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB941644)
Security Update for Windows XP (KB941693)
Security Update for Windows XP (KB942615)
Security Update for Windows XP (KB943055)
Security Update for Windows XP (KB943460)
Security Update for Windows XP (KB943485)
Security Update for Windows XP (KB944338)
Security Update for Windows XP (KB944533)
Security Update for Windows XP (KB944653)
Security Update for Windows XP (KB945553)
Security Update for Windows XP (KB946026)
Security Update for Windows XP (KB947864)
Security Update for Windows XP (KB948590)
Security Update for Windows XP (KB948881)
Update for Windows XP (KB894391)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB908531)
Update for Windows XP (KB910437)
Update for Windows XP (KB911280)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB927891)
Update for Windows XP (KB930916)
Update for Windows XP (KB933360)
Update for Windows XP (KB936357)
Update for Windows XP (KB938828)
Update for Windows XP (KB942763)
Update for Windows XP (KB942840)
Update for Windows XP (KB946627)
Windows Installer 3.1 (KB893803)
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player 11
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
Post by: guestolo on May 11, 2008, 07:47:14 PM
Hit OK
In the next window, look on the right hand side for this service
name---- LogMeIn
Double click on it--- STOP the service--If running
In the drop down menu, change the startup type to Disabled
Apply and OK it
Do the same for the following
LogMeIn Maintenance Service
Do a "System scan only" with Hijackthis and put a check next to these entries:
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} -
After you have ticked the above entries, close All other open windows
Including this one
Leave Hijackthis open and click FIX CHECKED
OK the prompt and exit Hijackthis
Reboot the computer
Back in Windows, you should try another AntiVirus software, others have reported problems with AVG8 as well
Try the following
Download and save to your Desktop
Avira AntiVir (http://\"http://www.free-av.com/en/download/1/download_avira_antivir_personal__free_antivirus.html\")
Install Avira AntiVir from desktop
Ensure that you have it check for Updates
If it starts to run a scan, just exit out of it for now
After updating, reboot the computer, this ensures Windows sees it is fully up to date
Back in Windows
Time to run your first scan
Double click the Avira icon by the clock (the red Umbrella icon)
Click on Scan System now
The scan will begin
Quarantine or delete everything it finds
When the scan is finished, if it finds anything
Can you reboot the computer one last time
Then come back here and post one last hijackthis log
In addition
Open Avira again (Double click on the red Umbrella icon by the clock)
Click on REPORTS under Overview
Double click on the Scan report you just made
Then click on "Report File"
Post the contents of this report please
In addition post one last fresh hijackthis log
Keep me informed how things are running afterwards
Post by: guestolo on July 06, 2008, 08:00:12 PM
Take care