Author Topic: a computer problem i been having for a long time (Read 1411 times)

nishi · « **on:** August 08, 2006, 12:03:00 PM »

hi, this is my 1st time posting a tread.. my friend say this web is very useful for ppl who keens abt computers..
i been having a problem.. at the choose user part at the starting of my windows, it will pop out a windows and say my comp has been corruptd and this problem i have been troubling for a long.. it is like very 1 or 2 months i format my comp when i got tis trouble.. can u teach me how to get rid of this corrupted bug.. it has been troubling me for close to 1 yr...tnx tnx

http://images.thetechguide.com/forum/public/style_emoticons/<#EMO_DIR#>/sad.gif\' class=\'bbc_emoticon\' alt=\'

\' />

nishi · « **Reply #1 on:** August 08, 2006, 12:23:16 PM »

er sry abt sth i forget to inform tat once i off my comp.. the moment i on my comp all my files will be like gone.. onli some games programs will be left.. tat why i dunno whether i shld install the hijack programme and post it here..cos the moment i rs my comp... everything will like be back to the begining stage.. i dun even know why my comp will crash and when it crash i hafta reformat again..

http://images.thetechguide.com/forum/public/style_emoticons/<#EMO_DIR#>/sad.gif\' class=\'bbc_emoticon\' alt=\'

\' />

guestolo · « **Reply #2 on:** August 08, 2006, 12:24:45 PM »

I'm not quite sure what your saying, but try the following

From my signature below, download and save too a permanent folder of it's own onto your harddrive
Hijackthis 1.99.1
Open Hijackthis.exe

Do a "SCAN and Save a Log file"
A log will open in Notepad
Copy and paste the WHOLE contents of the log here... Don't try and fix anything yet----It is all important

nishi · « **Reply #3 on:** August 08, 2006, 12:37:28 PM »

Logfile of HijackThis v1.99.1
Scan saved at 1:37:03 AM, on 8/9/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\devldr32.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\hijackthis.exe

O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [CTRegRun] C:\WINDOWS\CTRegRun.EXE
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O17 - HKLM\System\CCS\Services\Tcpip\..\{6F24148E-70C8-4F5B-BCDD-E3CC8369D4CA}: NameServer = 165.21.100.88 165.21.83.88
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

guestolo · « **Reply #4 on:** August 08, 2006, 12:51:17 PM »

Can you clearly explain again what issues you are having
What I see is lack of Windows Updates!
You leave your computer wide open for attacks

Immediately, for now, can you ensure your firewall is enabled

Use the below link Scroll down to
To enable or disable Internet Connection Firewall
http://www.microsoft.com/windowsxp/using/n...rnmore/icf.mspx

come back and let me know the exact problem you are having

nishi · « **Reply #5 on:** August 08, 2006, 12:59:08 PM »

yea i just did wad u told me too.. i enable the firewall.. hmm actually i oso dunno how to phrase out the problem i facing.. but i try to describe wad i see when i switch on my comp...

firstly when i switch on my comp.. then at the login windows page(choose urser account) a window will pop up and say my comp files is corrupted.. after i press the 'ok' button another window pop up... and say my comp will run in tempory files or sth.. i cant remember exactly.. after tat my comp will lag the the welcome page.. after a while it prompt me to the desktop... and some of my files was gone.. for eg some movies clip my friend me and i save it at dektop and it is a gone..

hmm this is about it.. if u cant understand which part i trying to say u can msg me again.. i shld be online till 3am.. sorry for the inconvenient causes

http://images.thetechguide.com/forum/public/style_emoticons/<#EMO_DIR#>/tongue.gif\' class=\'bbc_emoticon\' alt=\'

\' />

guestolo · « **Reply #6 on:** August 08, 2006, 01:07:27 PM »

I just realized that you are overseas
I'm here in Canada, so I understand the language barrier now

http://images.thetechguide.com/forum/public/style_emoticons/<#EMO_DIR#>/biggrin.gif\' class=\'bbc_emoticon\' alt=\'

\' />
your doing fine
Do you have your Windows XP CD?
Is this a legit version of XP?

Your log actually looks good, but
Can you do the following please, I just want to check on something
Download this file - Combofix.exe and save it too desktop
Double click combofix.exe & follow the prompts.
When finished, it shall produce a log for you. Post that log in your next reply
Along with a fresh hijackthis log

Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall

nishi · « **Reply #7 on:** August 08, 2006, 01:16:18 PM »

ahaha yea i am from singapore..i used to type in short forms and 'singaporean english' which is mix of language..haha

i think my window cd is not legit..

http://images.thetechguide.com/forum/public/style_emoticons/<#EMO_DIR#>/unsure.gif\' class=\'bbc_emoticon\' alt=\':unsure:\' />

Start Time= Wed 08/09/2006 2:10:57.07
Running from: C:\Documents and Settings\TEMP.PTS-WEIUMFHZ25Z\Desktop

QuickScan did not find any signs of infected files

(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))

2006-08-09 01:37:04 3842 ( A.... ) "C:\Program Files\hijackthis.log"
2006-08-09 01:36:28 218112 ( A.... ) "C:\Program Files\hijackthis.exe"
2006-08-08 20:57:30 ( .D... ) "C:\Documents and Settings\TEMP.PTS-WEIUMFHZ25Z\Application Data\Real"
2006-08-08 19:39:36 ( .D... ) "C:\Documents and Settings\TEMP.PTS-WEIUMFHZ25Z\Application Data\AdobeUM"
2006-08-08 19:38:46 ( .D... ) "C:\Documents and Settings\TEMP.PTS-WEIUMFHZ25Z\Application Data\Adobe"
2006-08-08 13:48:34 ( .D... ) "C:\Documents and Settings\TEMP.PTS-WEIUMFHZ25Z\Application Data\vlc"
2006-08-08 13:16:42 ( .D... ) "C:\Documents and Settings\TEMP.PTS-WEIUMFHZ25Z\Application Data\Macromedia"
2006-08-08 13:15:10 ( .D... ) "C:\Documents and Settings\TEMP.PTS-WEIUMFHZ25Z\Application Data\Google"
2006-08-08 12:56:42 ( .D... ) "C:\Documents and Settings\TEMP.PTS-WEIUMFHZ25Z\Application Data\Identities"
2006-08-08 12:56:10 ( .DS.. ) "C:\Documents and Settings\TEMP.PTS-WEIUMFHZ25Z\Application Data\Microsoft"
2006-08-08 00:17:34 ( .D... ) "C:\Program Files\TVUPlayer"
2006-08-06 11:37:36 ( .D... ) "C:\Program Files\Creative"
2006-08-06 09:49:54 ( .D... ) "C:\Program Files\Microsoft ActiveSync"
2006-08-06 09:49:42 ( .D... ) "C:\Program Files\Common Files\Designer"
2006-08-06 09:48:48 ( .D... ) "C:\Program Files\Microsoft Office"
2006-07-28 23:58:38 5647 ( A.... ) "C:\Program Files\WinKawaks.ini"
2006-07-28 23:58:38 461 ( A.... ) "C:\Program Files\WinKawaks.rom"
2006-07-27 00:57:00 ( .D... ) "C:\Program Files\sshots"
2006-07-27 00:57:00 ( .D... ) "C:\Program Files\saves"
2006-07-27 00:57:00 ( .D... ) "C:\Program Files\roms"
2006-07-27 00:57:00 ( .D... ) "C:\Program Files\recinput"
2006-07-27 00:56:54 ( .D... ) "C:\Program Files\ini"
2006-07-27 00:56:54 ( .D... ) "C:\Program Files\cheats"
2006-07-27 00:56:54 ( .D... ) "C:\Program Files\capture"
2006-07-27 00:55:36 ( .D... ) "C:\Program Files\tracklst"
2006-07-27 00:55:36 ( .D... ) "C:\Program Files\lang"
2006-07-27 00:55:36 ( .D... ) "C:\Program Files\eeprom"
2006-07-27 00:55:36 ( .D... ) "C:\Program Files\blend"
2006-07-27 00:37:34 ( .D... ) "C:\Program Files\Common Files\Adobe"
2006-07-27 00:36:40 ( .D... ) "C:\Program Files\Adobe"
2006-07-25 22:48:28 ( .D... ) "C:\Program Files\K-Lite Codec Pack"
2006-07-25 21:17:16 ( .D... ) "C:\Program Files\DivX"
2006-07-23 22:55:08 ( .D... ) "C:\Program Files\Alwil Software"
2006-07-23 10:55:42 ( .D... ) "C:\Program Files\Power MP3 WMA Converter"
2006-07-19 19:54:08 ( .D... ) "C:\Program Files\SAMSUNG"
2006-07-16 20:00:20 ( .D... ) "C:\Program Files\softnyx"
2006-07-16 06:22:44 ( .D... ) "C:\Program Files\Common Files\ODBC"
2006-07-16 06:22:42 ( .D... ) "C:\Program Files\Common Files\SpeechEngines"
2006-07-16 06:22:42 ( .D... ) "C:\Program Files\Common Files\Microsoft Shared"
2006-07-16 06:22:42 ( .D... ) "C:\Program Files\Common Files"
2006-07-16 06:22:24 62 ( A.SH. ) "C:\Documents and Settings\TEMP.PTS-WEIUMFHZ25Z\Application Data\desktop.ini"
2006-07-16 02:20:52 ( .D.H. ) "C:\Program Files\InstallShield Installation Information"
2006-07-16 02:20:52 ( .D... ) "C:\Program Files\WIZET"
2006-07-16 02:19:58 402603734 ( A.... ) "C:\Program Files\MapleSEA_MSSetup060712a.exe"
2006-07-16 00:08:58 ( .D... ) "C:\Program Files\Lavasoft"
2006-07-16 00:08:34 2855080 ( A.... ) "C:\Program Files\aawsepersonal.exe"
2006-07-15 23:56:36 ( .D... ) "C:\Program Files\Yahoo!"
2006-07-15 23:14:28 139264 ( A.... ) "C:\WINDOWS\War3Unin.exe"
2006-07-15 23:11:50 ( .D... ) "C:\Program Files\Hamachi"
2006-07-15 23:04:22 ( .D... ) "C:\Program Files\MSN Messenger"
2006-07-15 22:46:12 ( .D... ) "C:\Program Files\WinAce"
2006-07-15 22:45:02 ( .D... ) "C:\Program Files\Warcraft III"
2006-07-15 22:44:56 729088 ( A.... ) "C:\WINDOWS\iun6002.exe"
2006-07-15 22:44:14 ( .D... ) "C:\Program Files\Google"
2006-07-15 22:43:30 ( .D... ) "C:\Program Files\Alcohol Soft"
2006-07-15 22:41:10 ( .D... ) "C:\Program Files\Common Files\InstallShield"
2006-07-15 22:38:04 ( .D.H. ) "C:\Program Files\Uninstall Information"
2006-07-15 22:33:52 ( .D... ) "C:\Program Files\xerox"
2006-07-15 22:33:52 ( .D... ) "C:\Program Files\microsoft frontpage"
2006-07-15 22:33:32 0 ( A.... ) "C:\AUTOEXEC.BAT"
2006-07-15 22:31:44 ( .D... ) "C:\Program Files\Movie Maker"
2006-07-15 22:31:24 ( .D... ) "C:\Program Files\Windows Media Player"
2006-07-15 22:31:22 ( .D... ) "C:\Program Files\NetMeeting"
2006-07-15 22:31:20 ( .D... ) "C:\Program Files\Common Files\Services"
2006-07-15 22:31:16 ( .D... ) "C:\Program Files\Outlook Express"
2006-07-15 22:31:14 ( .D... ) "C:\Program Files\Common Files\MSSoap"
2006-07-15 22:31:12 ( .D... ) "C:\Program Files\Common Files\System"
2006-07-15 22:31:08 ( .D... ) "C:\Program Files\Internet Explorer"
2006-07-15 22:30:34 ( .D... ) "C:\Program Files\ComPlus Applications"
2006-07-15 22:30:22 ( .D.H. ) "C:\Program Files\WindowsUpdate"
2006-07-15 22:30:22 ( .D... ) "C:\Program Files\Online Services"
2006-07-15 22:30:18 ( .D... ) "C:\Program Files\Messenger"
2006-07-15 22:30:12 ( .D... ) "C:\Program Files\MSN"
2006-07-15 22:30:10 ( .D... ) "C:\Program Files\MSN Gaming Zone"
2006-07-15 22:30:02 ( .D... ) "C:\Program Files\Windows NT"
2006-06-29 16:56:16 807032 ( A.... ) "C:\WINDOWS\system32\wmv9dmod.dll"
2006-06-02 06:11:08 109568 ( ..... ) "C:\WINDOWS\system32\pxinsi64.exe"
2006-06-02 06:11:08 108544 ( ..... ) "C:\WINDOWS\system32\pxcpyi64.exe"
2006-06-02 06:10:26 3596288 ( A.... ) "C:\WINDOWS\system32\qt-dx331.dll"
2006-06-02 06:09:58 593920 ( A.... ) "C:\WINDOWS\system32\dpuGUI11.dll"
2006-06-02 06:09:58 344064 ( A.... ) "C:\WINDOWS\system32\dpus11.dll"
2006-06-02 06:09:58 294912 ( A.... ) "C:\WINDOWS\system32\dpu11.dll"
2006-06-02 06:09:58 294912 ( A.... ) "C:\WINDOWS\system32\dpu10.dll"
2006-06-02 06:09:58 200704 ( A.... ) "C:\WINDOWS\system32\dtu100.dll"
2006-06-02 06:09:58 90112 ( A.... ) "C:\WINDOWS\system32\dpl100.dll"
2006-06-02 06:09:58 57344 ( A.... ) "C:\WINDOWS\system32\dpv11.dll"
2006-06-02 06:09:58 53248 ( A.... ) "C:\WINDOWS\system32\dpuGUI10.dll"
2006-06-02 06:07:46 536576 ( A.... ) "C:\WINDOWS\system32\DivXsm.exe"
2006-06-02 06:07:38 1044480 ( A.... ) "C:\WINDOWS\system32\libdivx.dll"
2006-06-02 06:07:38 200704 ( A.... ) "C:\WINDOWS\system32\ssldivx.dll"
2006-06-02 06:07:34 245408 ( A.... ) "C:\WINDOWS\system32\unicows.dll"
2006-06-02 06:07:00 778240 ( A.... ) "C:\WINDOWS\system32\divx_xx07.dll"
2006-06-02 06:06:58 778240 ( A.... ) "C:\WINDOWS\system32\divx_xx0c.dll"
2006-06-02 06:06:58 761856 ( A.... ) "C:\WINDOWS\system32\divx_xx11.dll"
2006-06-02 06:06:58 619156 ( A.... ) "C:\WINDOWS\system32\DivX.dll"
2006-06-02 06:06:34 118784 ( A.... ) "C:\WINDOWS\system32\DivXCodecUpdateChecker.exe"
2006-06-02 06:06:34 12288 ( A.... ) "C:\WINDOWS\system32\DivXWMPExtType.dll"
2006-05-31 17:02:04 624640 ( A.... ) "C:\WINDOWS\system32\aswBoot.exe"
2006-05-31 16:54:36 90112 ( A.... ) "C:\WINDOWS\system32\AVASTSS.scr"
2005-12-01 16:47:48 57140 ( A.... ) "C:\Program Files\whatsnew.txt"
2005-12-01 16:38:58 382029 ( A.... ) "C:\Program Files\WinKawaks.exe"
2005-01-06 23:37:10 21401 ( A.... ) "C:\Program Files\faq.txt"
2002-06-07 22:08:26 720498 ( A.... ) "C:\Program Files\Warcraft III Manual.pdf"
2002-06-07 19:43:04 17120711 ( A.... ) "C:\Program Files\Setup.mpq"
2002-06-07 19:08:56 294912 ( A.... ) "C:\Program Files\install.exe"
2002-06-06 07:29:14 420770794 ( A.... ) "C:\Program Files\War3.mpq"
2002-06-06 06:56:50 61440 ( A.... ) "C:\Program Files\autoplay.exe"
2002-05-27 11:09:56 21630 ( A.... ) "C:\Program Files\War3.ico"
2002-02-13 13:52:38 32256 ( A.... ) "C:\Program Files\kailleraclient.dll"
2002-01-30 21:19:44 2298 ( A.... ) "C:\Program Files\defaultkeysCPS.ini"
2002-01-23 16:04:02 2063 ( A.... ) "C:\Program Files\DefaultWinKawaksINI.zip"
2001-08-12 03:00:22 2294 ( A.... ) "C:\Program Files\defaultkeysMVS.ini"
2001-07-25 01:35:24 2324 ( A.... ) "C:\Program Files\sample_ini_files.zip"
2001-07-23 12:25:04 47 ( A.... ) "C:\Program Files\autorun.inf"

(((((((((((((((((((((((((((((((((((((( Files Created - Last 30days )))))))))))))))))))))))))))))))))))))))))))

2006-08-06   11:41   41,984      C:\WINDOWS\Ctregrun.exe
2006-08-06   11:37   997,888      C:\WINDOWS\system32\wmvdmoe2.dll
2006-08-06   11:37   892,416      C:\WINDOWS\system32\wmspdmoe.dll
2006-08-06   11:37   82,432      C:\WINDOWS\system32\drmstor.dll
2006-08-06   11:37   816,264      C:\WINDOWS\system32\wmvdmod.dll
2006-08-06   11:37   81,408      C:\WINDOWS\system32\logagent.exe
2006-08-06   11:37   760,968      C:\WINDOWS\system32\wmsdmod.dll
2006-08-06   11:37   678,912      C:\WINDOWS\system32\drmv2clt.dll
2006-08-06   11:37   670,208      C:\WINDOWS\system32\wmadmoe.dll
2006-08-06   11:37   6,656      C:\WINDOWS\system32\laprxy.dll
2006-08-06   11:37   486,536      C:\WINDOWS\system32\wmspdmod.dll
2006-08-06   11:37   384,512      C:\WINDOWS\system32\mp4sdmod.dll
2006-08-06   11:37   316,040      C:\WINDOWS\system32\mp43dmod.dll
2006-08-06   11:37   301,712      C:\WINDOWS\system32\drmclien.dll
2006-08-06   11:37   253,952      C:\WINDOWS\system32\msnetobj.dll
2006-08-06   11:37   241,664      C:\WINDOWS\system32\qasf.dll
2006-08-06   11:37   241,664      C:\WINDOWS\system32\mpg4dmod.dll
2006-08-06   11:37   232,960      C:\WINDOWS\system32\blackbox.dll
2006-08-06   11:37   143,360      C:\WINDOWS\system32\wmidx.dll
2006-08-06   11:37   1,111,040      C:\WINDOWS\system32\wmsdmoe2.dll
2006-07-25   22:48   774,144      C:\WINDOWS\system32\vsfilter.dll
2006-07-25   22:48   77,824      C:\WINDOWS\system32\vorbisfile.dll
2006-07-25   22:48   75,264      C:\WINDOWS\system32\MACDec.dll
2006-07-25   22:48   679,936      C:\WINDOWS\system32\xvidcore.dll
2006-07-25   22:48   61,440      C:\WINDOWS\system32\ogg.dll
2006-07-25   22:48   6,656      C:\WINDOWS\system32\pndx5016.dll
2006-07-25   22:48   5,632      C:\WINDOWS\system32\pndx5032.dll
2006-07-25   22:48   446,464      C:\WINDOWS\system32\vp31vfw.dll
2006-07-25   22:48   438,272      C:\WINDOWS\system32\vp6vfw.dll
2006-07-25   22:48   421,888      C:\WINDOWS\system32\OpenQuicktimeLib.dll
2006-07-25   22:48   413,760      C:\WINDOWS\system32\mpg4c32.dll
2006-07-25   22:48   39,936      C:\WINDOWS\system32\huffyuv.dll
2006-07-25   22:48   368,640      C:\WINDOWS\system32\vobsub.dll
2006-07-25   22:48   344,064      C:\WINDOWS\system32\msvcr70.dll
2006-07-25   22:48   286,720      C:\WINDOWS\system32\3ivxVfWCodec.dll
2006-07-25   22:48   278,528      C:\WINDOWS\system32\pncrt.dll
2006-07-25   22:48   237,568      C:\WINDOWS\system32\OggDS.dll
2006-07-25   22:48   225,280      C:\WINDOWS\system32\qtmlClient.dll
2006-07-25   22:48   19,968      C:\WINDOWS\system32\cpuinf32.dll
2006-07-25   22:48   176,167      C:\WINDOWS\system32\rmoc3260.dll
2006-07-25   22:48   157,696      C:\WINDOWS\system32\unrar.dll
2006-07-25   22:48   155,648      C:\WINDOWS\system32\xvidvfw.dll
2006-07-25   22:48   1,163,264      C:\WINDOWS\system32\vorbis.dll
2006-07-25   22:48   1,040,384      C:\WINDOWS\system32\vorbisenc.dll
2006-07-25   22:48   1,024,000      C:\WINDOWS\system32\3ivx.dll
2006-07-25   21:17   109,568      C:\WINDOWS\system32\pxinsi64.exe
2006-07-25   21:17   108,544      C:\WINDOWS\system32\pxcpyi64.exe
2006-07-23   22:55   90,112      C:\WINDOWS\system32\AVASTSS.scr
2006-07-23   22:55   624,640      C:\WINDOWS\system32\aswBoot.exe
2006-07-23   22:55   499,712      C:\WINDOWS\system32\MSVCP71.dll
2006-07-23   22:55   348,160      C:\WINDOWS\system32\MSVCR71.dll
2006-07-23   22:55   1,060,864      C:\WINDOWS\system32\MFC71.dll
2006-07-16   20:13   4,682      C:\WINDOWS\system32\npptNT2.sys
2006-07-16   06:24   9,759      C:\WINDOWS\system32\HSF_INST.dll
2006-07-16   06:23   67,072      C:\WINDOWS\system32\usbui.dll
2006-07-16   06:23   51,200      C:\WINDOWS\system32\sfman32.dll
2006-07-16   06:23   495,616      C:\WINDOWS\system32\sblfx.dll
2006-07-16   06:23   4,096      C:\WINDOWS\system32\ksuser.dll
2006-07-16   06:23   4,096      C:\WINDOWS\system32\ctwdm32.dll
2006-07-16   06:23   256,512      C:\WINDOWS\system32\devcon32.dll
2006-07-16   06:23   24,064      C:\WINDOWS\system32\devldr32.exe
2006-07-16   06:22   85,020      C:\WINDOWS\system32\dgsetup.dll
2006-07-16   06:22   8,192      C:\WINDOWS\system32\kbdhept.dll
2006-07-16   06:22   70,656      C:\WINDOWS\system32\storprop.dll
2006-07-16   06:22   7,168      C:\WINDOWS\system32\kbdcz.dll
2006-07-16   06:22   66,048      C:\WINDOWS\NOTEPAD.EXE
2006-07-16   06:22   6,656      C:\WINDOWS\system32\kbdycl.dll
2006-07-16   06:22   6,656      C:\WINDOWS\system32\kbdsl1.dll
2006-07-16   06:22   6,656      C:\WINDOWS\system32\kbdsl.dll
2006-07-16   06:22   6,656      C:\WINDOWS\system32\kbdpl.dll
2006-07-16   06:22   6,656      C:\WINDOWS\system32\kbdhu.dll
2006-07-16   06:22   6,656      C:\WINDOWS\system32\kbdhela3.dll
2006-07-16   06:22   6,656      C:\WINDOWS\system32\kbdcz2.dll
2006-07-16   06:22   6,656      C:\WINDOWS\system32\kbdcz1.dll
2006-07-16   06:22   6,656      C:\WINDOWS\system32\kbdcr.dll
2006-07-16   06:22   6,656      C:\WINDOWS\system32\KBDAL.DLL
2006-07-16   06:22   6,656      C:\WINDOWS\system32\batt.dll
2006-07-16   06:22   6,144      C:\WINDOWS\system32\kbdtuq.dll
2006-07-16   06:22   6,144      C:\WINDOWS\system32\kbdtuf.dll
2006-07-16   06:22   6,144      C:\WINDOWS\system32\kbdlv1.dll
2006-07-16   06:22   6,144      C:\WINDOWS\system32\kbdlv.dll
2006-07-16   06:22   6,144      C:\WINDOWS\system32\kbdhela2.dll
2006-07-16   06:22   6,144      C:\WINDOWS\system32\kbdgkl.dll
2006-07-16   06:22   6,144      C:\WINDOWS\system32\kbdest.dll
2006-07-16   06:22   5,632      C:\WINDOWS\system32\kbdycc.dll
2006-07-16   06:22   5,632      C:\WINDOWS\system32\kbduzb.dll
2006-07-16   06:22   5,632      C:\WINDOWS\system32\kbdur.dll
2006-07-16   06:22   5,632      C:\WINDOWS\system32\kbdtat.dll
2006-07-16   06:22   5,632      C:\WINDOWS\system32\kbdru1.dll
2006-07-16   06:22   5,632      C:\WINDOWS\system32\kbdru.dll
2006-07-16   06:22   5,632      C:\WINDOWS\system32\kbdro.dll
2006-07-16   06:22   5,632      C:\WINDOWS\system32\kbdpl1.dll
2006-07-16   06:22   5,632      C:\WINDOWS\system32\kbdmon.dll
2006-07-16   06:22   5,632      C:\WINDOWS\system32\kbdlt1.dll
2006-07-16   06:22   5,632      C:\WINDOWS\system32\kbdlt.dll
2006-07-16   06:22   5,632      C:\WINDOWS\system32\kbdkyr.dll
2006-07-16   06:22   5,632      C:\WINDOWS\system32\kbdkaz.dll
2006-07-16   06:22   5,632      C:\WINDOWS\system32\kbdhu1.dll
2006-07-16   06:22   5,632      C:\WINDOWS\system32\kbdhe319.dll
2006-07-16   06:22   5,632      C:\WINDOWS\system32\kbdhe220.dll
2006-07-16   06:22   5,632      C:\WINDOWS\system32\kbdhe.dll
2006-07-16   06:22   5,632      C:\WINDOWS\system32\kbdbu.dll
2006-07-16   06:22   5,632      C:\WINDOWS\system32\kbdblr.dll
2006-07-16   06:22   5,632      C:\WINDOWS\system32\kbdazel.dll
2006-07-16   06:22   5,632      C:\WINDOWS\system32\kbdaze.dll
2006-07-16   06:22   24,661      C:\WINDOWS\system32\spxcoins.dll
2006-07-16   06:22   176,157      C:\WINDOWS\system32\dgrpsetu.dll
2006-07-16   06:22   15,360      C:\WINDOWS\TASKMAN.EXE
2006-07-16   06:22   13,312      C:\WINDOWS\system32\irclass.dll
2006-07-16   06:22   103,424      C:\WINDOWS\system32\EqnClass.Dll
2006-07-16   06:18   805,306,368      C:\pagefile.sys
2006-07-15   23:09   139,264      C:\WINDOWS\War3Unin.exe
2006-07-15   22:45   729,088      C:\WINDOWS\iun6002.exe
2006-07-15   22:41   98,304      C:\WINDOWS\system32\nvwrsru.dll
2006-07-15   22:41   98,304      C:\WINDOWS\system32\nvwrsptb.dll
2006-07-15   22:41   98,304      C:\WINDOWS\system32\nvwrspt.dll
2006-07-15   22:41   98,304      C:\WINDOWS\system32\nvwrsit.dll
2006-07-15   22:41   98,304      C:\WINDOWS\system32\nvwrses.dll
2006-07-15   22:41   98,304      C:\WINDOWS\system32\nvwrsde.dll
2006-07-15   22:41   98,304      C:\WINDOWS\system32\nvrsja.dll
2006-07-15   22:41   94,208      C:\WINDOWS\system32\nvwrstr.dll
2006-07-15   22:41   94,208      C:\WINDOWS\system32\nvwrssk.dll
2006-07-15   22:41   94,208      C:\WINDOWS\system32\nvwrspl.dll
2006-07-15   22:41   94,208      C:\WINDOWS\system32\nvwrsnl.dll
2006-07-15   22:41   94,208      C:\WINDOWS\system32\nvwrshu.dll
2006-07-15   22:41   94,208      C:\WINDOWS\system32\nvwrsfr.dll
2006-07-15   22:41   94,208      C:\WINDOWS\system32\nvwrsfi.dll
2006-07-15   22:41   94,208      C:\WINDOWS\system32\nvrsko.dll
2006-07-15   22:41   90,112      C:\WINDOWS\system32\nvwrssv.dll
2006-07-15   22:41   90,112      C:\WINDOWS\system32\nvwrsno.dll
2006-07-15   22:41   90,112      C:\WINDOWS\system32\nvwrsda.dll
2006-07-15   22:41   86,016      C:\WINDOWS\system32\nvwrssl.dll
2006-07-15   22:41   86,016      C:\WINDOWS\system32\nvwrseng.dll
2006-07-15   22:41   86,016      C:\WINDOWS\system32\nvwrscs.dll
2006-07-15   22:41   81,920      C:\WINDOWS\system32\nvwrsar.dll
2006-07-15   22:41   81,920      C:\WINDOWS\system32\nvrszht.dll
2006-07-15   22:41   81,920      C:\WINDOWS\system32\nvrszhc.dll
2006-07-15   22:41   77,824      C:\WINDOWS\system32\nvwrshe.dll
2006-07-15   22:41   622,592      C:\WINDOWS\system32\nvqtwk.dll
2006-07-15   22:41   61,440      C:\WINDOWS\system32\nvwrsko.dll
2006-07-15   22:41   61,440      C:\WINDOWS\system32\nvwrsja.dll
2006-07-15   22:41   61,440      C:\WINDOWS\system32\nvsvc32.exe
2006-07-15   22:41   548,933      C:\WINDOWS\system32\nview.dll
2006-07-15   22:41   49,152      C:\WINDOWS\system32\nvwrszht.dll
2006-07-15   22:41   49,152      C:\WINDOWS\system32\nvwrszhc.dll
2006-07-15   22:41   372,736      C:\WINDOWS\system32\nwiz.exe
2006-07-15   22:41   340,039      C:\WINDOWS\system32\nvshell.dll
2006-07-15   22:41   3,543,642      C:\WINDOWS\system32\nv4_disp.dll
2006-07-15   22:41   278,528      C:\WINDOWS\system32\dmcpl.exe
2006-07-15   22:41   266,240      C:\WINDOWS\system32\nvrshe.dll
2006-07-15   22:41   2,932,736      C:\WINDOWS\system32\nvoglnt.dll
2006-07-15   22:41   2,056,192      C:\WINDOWS\system32\nvcpl.dll
2006-07-15   22:41   139,264      C:\WINDOWS\system32\nvrsel.dll
2006-07-15   22:41   135,168      C:\WINDOWS\system32\nvrspt.dll
2006-07-15   22:41   135,168      C:\WINDOWS\system32\nvrsit.dll
2006-07-15   22:41   135,168      C:\WINDOWS\system32\nvrses.dll
2006-07-15   22:41   131,072      C:\WINDOWS\system32\nvrstr.dll
2006-07-15   22:41   131,072      C:\WINDOWS\system32\nvrssk.dll
2006-07-15   22:41   131,072      C:\WINDOWS\system32\nvrsru.dll
2006-07-15   22:41   131,072      C:\WINDOWS\system32\nvrsptb.dll
2006-07-15   22:41   131,072      C:\WINDOWS\system32\nvrsnl.dll
2006-07-15   22:41   131,072      C:\WINDOWS\system32\nvrshu.dll
2006-07-15   22:41   131,072      C:\WINDOWS\system32\nvrsfr.dll
2006-07-15   22:41   131,072      C:\WINDOWS\system32\nvrsde.dll
2006-07-15   22:41   126,976      C:\WINDOWS\system32\nvrssv.dll
2006-07-15   22:41   126,976      C:\WINDOWS\system32\nvrspl.dll
2006-07-15   22:41   126,976      C:\WINDOWS\system32\nvrsfi.dll
2006-07-15   22:41   126,976      C:\WINDOWS\system32\nvrsda.dll
2006-07-15   22:41   126,976      C:\WINDOWS\system32\nvrscs.dll
2006-07-15   22:41   122,880      C:\WINDOWS\system32\nvrsno.dll
2006-07-15   22:41   122,880      C:\WINDOWS\system32\nvrseng.dll
2006-07-15   22:41   118,784      C:\WINDOWS\system32\nvrsar.dll
2006-07-15   22:41   110,592      C:\WINDOWS\system32\nvinstnt.dll
2006-07-15   22:41   106,496      C:\WINDOWS\system32\nvwrsel.dll
2006-07-15   22:41   1,290,240      C:\WINDOWS\system32\nvrssl.dll
2006-07-15   22:39   98,304      C:\WINDOWS\system32\msir3jp.dll
2006-07-15   22:39   9,216      C:\WINDOWS\system32\kbdnecAT.dll
2006-07-15   22:39   838,144      C:\WINDOWS\system32\chtbrkr.dll
2006-07-15   22:39   827,438      C:\WINDOWS\system32\imjp81k.dll
2006-07-15   22:39   73,216      C:\WINDOWS\system32\uniime.dll
2006-07-15   22:39   70,656      C:\WINDOWS\system32\korwbrkr.dll
2006-07-15   22:39   7,680      C:\WINDOWS\system32\kbdnecNT.dll
2006-07-15   22:39   7,168      C:\WINDOWS\system32\kbdnec95.dll
2006-07-15   22:39   7,168      C:\WINDOWS\system32\kbdibm02.dll
2006-07-15   22:39   7,168      C:\WINDOWS\system32\f3ahvoas.dll
2006-07-15   22:39   6,656      C:\WINDOWS\system32\kbdlk41a.dll
2006-07-15   22:39   6,144      C:\WINDOWS\system32\kbdlk41j.dll
2006-07-15   22:39   6,144      C:\WINDOWS\system32\kbdax2.dll
2006-07-15   22:39   6,144      C:\WINDOWS\system32\kbd106n.dll
2006-07-15   22:39   6,144      C:\WINDOWS\system32\kbd101a.dll
2006-07-15   22:39   6,144      C:\WINDOWS\system32\kbd101.dll
2006-07-15   22:39   218,112      C:\WINDOWS\system32\c_g18030.dll
2006-07-15   22:39   1,677,824      C:\WINDOWS\system32\chsbrkr.dll
2006-07-15   22:38   8,704      C:\WINDOWS\system32\kbdjpn.dll
2006-07-15   22:38   8,192      C:\WINDOWS\system32\kbdkor.dll
2006-07-15   22:38   6,656      C:\WINDOWS\system32\c_is2022.dll
2006-07-15   22:38   6,144      C:\WINDOWS\system32\kbdth3.dll
2006-07-15   22:38   6,144      C:\WINDOWS\system32\kbdth2.dll
2006-07-15   22:38   6,144      C:\WINDOWS\system32\kbdinpun.dll
2006-07-15   22:38   6,144      C:\WINDOWS\system32\kbd106.dll
2006-07-15   22:38   6,144      C:\WINDOWS\system32\kbd101c.dll
2006-07-15   22:38   6,144      C:\WINDOWS\system32\kbd101b.dll
2006-07-15   22:38   6,144      C:\WINDOWS\system32\ftlx041e.dll
2006-07-15   22:38   5,632      C:\WINDOWS\system32\kbdvntc.dll
2006-07-15   22:38   5,632      C:\WINDOWS\system32\kbdusa.dll
2006-07-15   22:38   5,632      C:\WINDOWS\system32\kbdurdu.dll
2006-07-15   22:38   5,632      C:\WINDOWS\system32\kbdth1.dll
2006-07-15   22:38   5,632      C:\WINDOWS\system32\kbdth0.dll
2006-07-15   22:38   5,632      C:\WINDOWS\system32\kbdsyr2.dll
2006-07-15   22:38   5,632      C:\WINDOWS\system32\kbdsyr1.dll
2006-07-15   22:38   5,632      C:\WINDOWS\system32\kbdintel.dll
2006-07-15   22:38   5,632      C:\WINDOWS\system32\kbdintam.dll
2006-07-15   22:38   5,632      C:\WINDOWS\system32\kbdinmar.dll
2006-07-15   22:38   5,632      C:\WINDOWS\system32\kbdinkan.dll
2006-07-15   22:38   5,632      C:\WINDOWS\system32\kbdinhin.dll
2006-07-15   22:38   5,632      C:\WINDOWS\system32\kbdinguj.dll
2006-07-15   22:38   5,632      C:\WINDOWS\system32\kbdindev.dll
2006-07-15   22:38   5,632      C:\WINDOWS\system32\kbdheb.dll
2006-07-15   22:38   5,632      C:\WINDOWS\system32\kbdfa.dll
2006-07-15   22:38   5,632      C:\WINDOWS\system32\kbddiv2.dll
2006-07-15   22:38   5,632      C:\WINDOWS\system32\kbddiv1.dll
2006-07-15   22:38   5,632      C:\WINDOWS\system32\kbda3.dll
2006-07-15   22:38   5,632      C:\WINDOWS\system32\kbda2.dll
2006-07-15   22:38   5,632      C:\WINDOWS\system32\kbda1.dll
2006-07-15   22:38   5,632      C:\WINDOWS\system32\kbd103.dll
2006-07-15   22:38   5,120      C:\WINDOWS\system32\kbdgeo.dll
2006-07-15   22:38   5,120      C:\WINDOWS\system32\kbdarmw.dll
2006-07-15   22:38   5,120      C:\WINDOWS\system32\kbdarme.dll
2006-07-15   22:38   185,344      C:\WINDOWS\system32\Thawbrkr.dll
2006-07-15   22:38   10,752      C:\WINDOWS\system32\c_iscii.dll
2006-07-15   22:33   112,128      C:\WINDOWS\system32\mapi32.dll
2006-07-15   22:33   0      C:\MSDOS.SYS
2006-07-15   22:33   0      C:\IO.SYS
2006-07-15   22:33   0      C:\CONFIG.SYS
2006-07-15   22:33   0      C:\AUTOEXEC.BAT
2006-07-15   22:31   90,624      C:\WINDOWS\system32\msoert2.dll
2006-07-15   22:31   9,728      C:\WINDOWS\system32\mstinit.exe
2006-07-15   22:31   77,824      C:\WINDOWS\system32\isign32.dll
2006-07-15   22:31   73,728      C:\WINDOWS\system32\ils.dll
2006-07-15   22:31   69,632      C:\WINDOWS\system32\icwdial.dll
2006-07-15   22:31   65,536      C:\WINDOWS\system32\msconf.dll
2006-07-15   22:31   64,512      C:\WINDOWS\system32\acctres.dll
2006-07-15   22:31   61,952      C:\WINDOWS\system32\srclient.dll
2006-07-15   22:31   61,440      C:\WINDOWS\system32\icwphbk.dll
2006-07-15   22:31   593,920      C:\WINDOWS\system32\inetcomm.dll
2006-07-15   22:31   47,616      C:\WINDOWS\system32\inetres.dll
2006-07-15   22:31   40,960      C:\WINDOWS\system32\safrslv.dll
2006-07-15   22:31   39,424      C:\WINDOWS\system32\safrcdlg.dll
2006-07-15   22:31   33,280      C:\WINDOWS\system32\racpldlg.dll
2006-07-15   22:31   32,768      C:\WINDOWS\system32\mnmsrvc.exe
2006-07-15   22:31   32,384      C:\WINDOWS\system32\mnmdd.dll
2006-07-15   22:31   28,672      C:\WINDOWS\system32\isrdbg32.dll
2006-07-15   22:31   266,240      C:\WINDOWS\system32\inetcfg.dll
2006-07-15   22:31   26,624      C:\WINDOWS\system32\safrdm.dll
2006-07-15   22:31   249,856      C:\WINDOWS\system32\mstask.dll
2006-07-15   22:31   24,576      C:\WINDOWS\system32\nmmkcert.dll
2006-07-15   22:31   228,864      C:\WINDOWS\system32\msoeacct.dll
2006-07-15   22:31   218,112      C:\WINDOWS\system32\srrstr.dll
2006-07-15   22:31   179,200      C:\WINDOWS\system32\qmgr.dll
2006-07-15   22:31   17,408      C:\WINDOWS\system32\qmgrprxy.dll
2006-07-15   22:31   16,384      C:\WINDOWS\system32\icfgnt5.dll
2006-07-15   22:31   158,720      C:\WINDOWS\system32\schedsvc.dll
2006-07-15   22:31   155,136      C:\WINDOWS\system32\srsvc.dll
2006-07-15   22:31   12,288      C:\WINDOWS\system32\nmevtmsg.dll
2006-07-15   22:31   11,264      C:\WINDOWS\system32\atrace.dll
2006-07-15   22:30   73,216      C:\WINDOWS\system32\avwav.dll
2006-07-15   22:30   5,632      C:\WINDOWS\system32\write.exe
2006-07-15   22:30   489,984      C:\WINDOWS\system32\hypertrm.dll
2006-07-15   22:30   44,544      C:\WINDOWS\system32\hticons.dll
2006-07-15   22:30   35,328      C:\WINDOWS\system32\winchat.exe
2006-07-15   22:30   339,968      C:\WINDOWS\system32\mspaint.exe
2006-07-15   22:30   227,840      C:\WINDOWS\system32\avtapi.dll
2006-07-15   22:30   179,200      C:\WINDOWS\system32\accwiz.exe
2006-07-15   22:30   16,384      C:\WINDOWS\system32\avmeter.dll
2006-07-15   22:30   138,752      C:\WINDOWS\system32\sndvol32.exe
2006-07-15   22:30   124,416      C:\WINDOWS\system32\sndrec32.exe
2006-07-15   22:30   116,736      C:\WINDOWS\system32\mplay32.exe
2006-07-15   22:29   98,816      C:\WINDOWS\system32\clipbrd.exe
2006-07-15   22:29   95,744      C:\WINDOWS\system32\wuaueng.dll
2006-07-15   22:29   9,728      C:\WINDOWS\system32\xolehlp.dll
2006-07-15   22:29   9,728      C:\WINDOWS\system32\reset.exe
2006-07-15   22:29   88,576      C:\WINDOWS\system32\tscfgwmi.dll
2006-07-15   22:29   869,376      C:\WINDOWS\system32\msdtctm.dll
2006-07-15   22:29   85,504      C:\WINDOWS\system32\catsrvps.dll
2006-07-15   22:29   83,968      C:\WINDOWS\system32\mtxoci.dll
2006-07-15   22:29   82,432      C:\WINDOWS\system32\comrepl.dll
2006-07-15   22:29   80,384      C:\WINDOWS\system32\charmap.exe
2006-07-15   22:29   8,704      C:\WINDOWS\system32\icaapi.dll
2006-07-15   22:29   73,864      C:\WINDOWS\system32\rdpwsx.dll
2006-07-15   22:29   61,952      C:\WINDOWS\system32\rdshost.exe
2006-07-15   22:29   605,696      C:\WINDOWS\system32\getuname.dll
2006-07-15   22:29   6,144      C:\WINDOWS\system32\msdtc.exe
2006-07-15   22:29   583,168      C:\WINDOWS\system32\catsrvut.dll
2006-07-15   22:29   57,344      C:\WINDOWS\system32\licwmi.dll
2006-07-15   22:29   56,832      C:\WINDOWS\system32\sol.exe
2006-07-15   22:29   56,832      C:\WINDOWS\system32\colbact.dll
2006-07-15   22:29   56,320      C:\WINDOWS\system32\remotepg.dll
2006-07-15   22:29   55,296      C:\WINDOWS\system32\freecell.exe
2006-07-15   22:29   54,784      C:\WINDOWS\system32\msdtclog.dll
2006-07-15   22:29   54,272      C:\WINDOWS\system32\stclient.dll
2006-07-15   22:29   534,016      C:\WINDOWS\system32\spider.exe
2006-07-15   22:29   53,248      C:\WINDOWS\system32\servdeps.dll
2006-07-15   22:29   503,296      C:\WINDOWS\system32\mstscax.dll
2006-07-15   22:29   5,120      C:\WINDOWS\system32\dcomcnfg.exe
2006-07-15   22:29   495,616      C:\WINDOWS\system32\comuid.dll
2006-07-15   22:29   468,480      C:\WINDOWS\system32\clbcatq.dll
2006-07-15   22:29   41,984      C:\WINDOWS\system32\rdpclip.exe
2006-07-15   22:29   40,448      C:\WINDOWS\system32\tscupgrd.exe
2006-07-15   22:29   4,096      C:\WINDOWS\system32\wuauserv.dll
2006-07-15   22:29   4,096      C:\WINDOWS\system32\rdpcfgex.dll
2006-07-15   22:29   4,096      C:\WINDOWS\system32\mtxex.dll
2006-07-15   22:29   385,536      C:\WINDOWS\system32\mstsc.exe
2006-07-15   22:29   360,960      C:\WINDOWS\system32\msdtcprx.dll
2006-07-15   22:29   33,792      C:\WINDOWS\system32\regini.exe
2006-07-15   22:29   32,768      C:\WINDOWS\system32\cfgbkend.dll
2006-07-15   22:29   25,600      C:\WINDOWS\system32\comaddin.dll
2006-07-15   22:29   25,088      C:\WINDOWS\system32\mtxlegih.dll
2006-07-15   22:29   22,016      C:\WINDOWS\system32\qwinsta.exe
2006-07-15   22:29   215,040      C:\WINDOWS\system32\catsrv.dll
2006-07-15   22:29   20,992      C:\WINDOWS\system32\msg.exe
2006-07-15   22:29   20,480      C:\WINDOWS\system32\mtxdm.dll
2006-07-15   22:29   197,632      C:\WINDOWS\system32\termsrv.dll
2006-07-15   22:29   18,432      C:\WINDOWS\system32\qprocess.exe
2006-07-15   22:29   174,592      C:\WINDOWS\system32\cmprops.dll
2006-07-15   22:29   16,896      C:\WINDOWS\system32\tsshutdn.exe
2006-07-15   22:29   16,896      C:\WINDOWS\system32\qappsrv.exe
2006-07-15   22:29   16,384      C:\WINDOWS\system32\tskill.exe
2006-07-15   22:29   16,384      C:\WINDOWS\system32\mmfutil.dll
2006-07-15   22:29   151,040      C:\WINDOWS\system32\msdtcuiu.dll
2006-07-15   22:29   15,872      C:\WINDOWS\system32\rwinsta.exe
2006-07-15   22:29   15,872      C:\WINDOWS\system32\cdmodem.dll
2006-07-15   22:29   15,360      C:\WINDOWS\system32\logoff.exe
2006-07-15   22:29   147,456      C:\WINDOWS\system32\comsnap.dll
2006-07-15   22:29   14,848      C:\WINDOWS\system32\tsdiscon.exe
2006-07-15   22:29   14,848      C:\WINDOWS\system32\tscon.exe
2006-07-15   22:29   14,848      C:\WINDOWS\system32\shadow.exe
2006-07-15   22:29   14,848      C:\WINDOWS\system32\rdpsnd.dll
2006-07-15   22:29   134,656      C:\WINDOWS\system32\rdchost.dll
2006-07-15   22:29   130,048      C:\WINDOWS\system32\sessmgr.exe
2006-07-15   22:29   126,976      C:\WINDOWS\system32\mshearts.exe
2006-07-15   22:29   12,288      C:\WINDOWS\system32\rdsaddin.exe
2006-07-15   22:29   119,808      C:\WINDOWS\system32\winmine.exe
2006-07-15   22:29   114,688      C:\WINDOWS\system32\calc.exe
2006-07-15   22:29   112,128      C:\WINDOWS\system32\wuauclt.exe
2006-07-15   22:29   100,864      C:\WINDOWS\system32\clbcatex.dll
2006-07-15   22:29   1,161      C:\WINDOWS\system32\usrlogon.cmd
2006-07-15   22:29   1,139,200      C:\WINDOWS\system32\comsvcs.dll
2006-06-29   16:56   807,032      C:\WINDOWS\system32\wmv9dmod.dll

(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries are not shown

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"IMJPMIG8.1"="C:\\WINDOWS\\IME\\imjp8_1\\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32"
"MSPY2002"="C:\\WINDOWS\\System32\\IME\\PINTLGNT\\ImScInst.exe /SYNC"
"PHIME2002ASync"="C:\\WINDOWS\\System32\\IME\\TINTLGNT\\TINTSETP.EXE /SYNC"
"PHIME2002A"="C:\\WINDOWS\\System32\\IME\\TINTLGNT\\TINTSETP.EXE /IMEName"
"NvCplDaemon"="RUNDLL32.EXE NvQTwk,NvCplDaemon initialize"
"nwiz"="nwiz.exe /install"
"avast!"="C:\\PROGRA~1\\ALWILS~1\\Avast4\\ashDisp.exe"
"CTRegRun"="C:\\WINDOWS\\CTRegRun.EXE"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
"ctfmon.exe"="C:\\WINDOWS\\System32\\ctfmon.exe"
"msnmsgr"="\"C:\\Program Files\\MSN Messenger\\msnmsgr.exe\" /background"

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000001

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="My Current Home Page"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,e2,02,00,00,00,\
00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:04,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\
ff,ff,04,00,00,00
"RestoredStateInfo"=hex:18,00,00,00,12,03,00,00,23,00,00,00,dc,00,00,00,d2,00,\
00,00,01,00,00,00

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""

Contents of the 'Scheduled Tasks' folder

Completion time: Wed 08/09/2006 2:11:02.15
ComboFix ver 06.07.15/29 - This logfile is located at C:\ComboFix.txt

and this is the hijack log

Logfile of HijackThis v1.99.1
Scan saved at 2:14:05 AM, on 8/9/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\devldr32.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\hijackthis.exe

O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [CTRegRun] C:\WINDOWS\CTRegRun.EXE
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O17 - HKLM\System\CCS\Services\Tcpip\..\{6F24148E-70C8-4F5B-BCDD-E3CC8369D4CA}: NameServer = 165.21.100.88 165.21.83.88
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

oops.. sry i got my window xp disk with me..

guestolo · « **Reply #8 on:** August 08, 2006, 01:26:34 PM »

Can I see the following please
Download and unzip to your desktop InstalledPrograms.zip
Double click on InstalledPrograms.vbs

Click OK at the IP prompt and click YES to view the results now
A text file will open, can you copy and paste back here the whole contents

When was the last time you ran a repair or reinstalled your system?

nishi · « **Reply #9 on:** August 08, 2006, 01:28:19 PM »

INSTALLED SOFTWARE (30) - PTS-WEIUMFHZ25Z - 8/9/2006 2:27:51 AM

   Ver: 1.9.2.1705   Installed: 7/15/2006
Ad-Aware SE Personal   Ver: 1.06
Adobe Flash Player 9   Ver: 9
Adobe Reader 7.0.8   Ver: 7.0.8   Installed: 7/27/2006
AutoUpdate   Ver: 1.1
avast! Antivirus   Ver: 4.7
Creative System Information
Creative Zen Neeon (512MB, 1GB, 2GB)   Ver: 1.0
DivX   Ver: 6.2.2
DivX Converter   Ver: 6.1.1
DivX Player   Ver: 6.2.0
DivX Web Player   Ver: 1.0.0
Google Toolbar for Internet Explorer
GunboundWC
Hamachi 1.0.0.59
HijackThis 1.99.1   Ver: 1.99.1
Image Editor   Ver: 1.00.0000   Installed: 7/19/2006
K-Lite Mega Codec Pack 1.33   Ver: 1.33
MapleStory   Ver: 1.00.000   Installed: 7/16/2006
Microsoft Office XP Professional   Ver: 10.0.2627.01   Installed: 8/6/2006
mIRC
MSN Messenger 7.5   Ver: 7.5.0324.0   Installed: 7/15/2006
NVIDIA Windows 2000/XP Display Drivers
Power MP3 WMA Converter 2006, (ver 3.51)   Ver: 3.51
TVUPlayer 2.2.0   Ver: 2.2.0
WebFldrs XP   Ver: 9.50.5318   Installed: 7/15/2006
WinAce Archiver   Ver: 2.65
Yahoo! Toolbar
Yahoo! Toolbar
YAWLE 0.5b

guestolo · « **Reply #10 on:** August 08, 2006, 01:43:02 PM »

When was the last time you reinstalled your Operating system or ran a repair?
It looks like it was recently

I still see something that we should see if we can identify

==Download and install Windows CleanUp! 4.5.2
Don't run a scan yet

CleanUp! attempts to delete files from various temporary directories (including download directories/caches),
as well as emptying the Recycle Bins.
If you make a habit of saving files that you wish to keep in any of these places, they will be deleted when CleanUp! is run.
Please move them too a different location before we run this tool if the above is true
Note: It is generally considered poor practice to use temporary folders or the Recycle Bin to store files you intend to keep.

==Download, install, and update Ewido anti-spyware
Load Ewido and then click the Update tab at the top. Under Manual Update click Start update.
After the update finishes (the status bar at the bottom will display "Update successful")
Don't run a scan yet

I recommend that you print the rest of these instructions or save them to a text file too desktop
for use in safe mode without Internet connection

Reboot your computer into Safe Mode. To boot into Safe Mode, please restart your computer. Tap F8 before Windows loads. Select Safe Mode on the screen that appears.

==Open Cleanup! by double-clicking the icon on your desktop (or from the Start > All Programs menu).
Set the program up as follows:
Click "Options..."
Move the arrow down to "Custom CleanUp!"
Put a check next to the following (Make sure nothing else is checked!):

* Empty Recycle Bins
* Delete Cookies
* Delete Prefetch files
* Cleanup! All Users

Click OK
Press the CleanUp! button to start the program.
When it's done>>Click Close
DECLINE to Log off or Restart the computer
NOTE: The first time you run CleanUp! it may prompt to run in Demonstration mode
Deny this, we want to run the actual cleanup!!
Run this twice please

Ewido Scan

Then run Ewido and click on the Scanner tab at the top and then click on Complete System Scan. This scan can take quite a while to run, so be prepared.
Ewido will list any infections found on the left hand side. When the scan has finished, it will automatically set the recommended action. Click the Apply all actions button. Ewido will display "All actions have been applied" on the right hand side.
Click on "Save Report", then "Save Report As". This will create a text file. Make sure you know where to find this file again (like on the Desktop).

Reboot back to Normal mode

Post back the following please
1. Run Hijackthis again and post back a fresh log
2. Post the whole report from Ewido's

nishi · « **Reply #11 on:** August 08, 2006, 02:37:21 PM »

hi pal i needa get a rest brb at 6 hrs time...

er here those stuffs u need..

Logfile of HijackThis v1.99.1
Scan saved at 3:36:03 AM, on 8/9/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\System32\devldr32.exe
C:\WINDOWS\System32\msiexec.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\hijackthis.exe

O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [CTRegRun] C:\WINDOWS\CTRegRun.EXE
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O17 - HKLM\System\CCS\Services\Tcpip\..\{6F24148E-70C8-4F5B-BCDD-E3CC8369D4CA}: NameServer = 165.21.100.88 165.21.83.88
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

the ewido's report

---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------

+ Created at: 3:25:31 AM 8/9/2006

+ Scan result:

C:\Program Files\WinAce\VVSNInst.exe -> Adware.SaveNow : Cleaned with backup (quarantined).
C:\Documents and Settings\Poh\My Documents\My Received Files\mIRC.zip/mIRC/zion/plugins/zion_updater.mrc -> Backdoor.Small.o : Cleaned with backup (quarantined).

::Report end

guestolo · « **Reply #12 on:** August 08, 2006, 02:49:22 PM »

Can you do the following please
Go to either of these links
http://virusscan.jotti.org/
or
http://www.virustotal.com/flash/index_en.html

Use the browse button and navigate to the file on your harddrive if found

C:\Windows\C:\WINDOWS\System32\wininet.dll <-this file

Right click on the file and choose Select
Then use the Submit button
Let it finish scanning
Could you post back the results of the scan back here

Could you also post one last hijackthis log

nishi · « **Reply #13 on:** August 08, 2006, 11:00:19 PM »

Er i dun realli know wad is operating system but... i reoughly guess it is reformat of computer.. i just format my comp ard 1 months ago..

Service load: 0% 100%

File: iun6002.exe
Status: OK (Note: this file has been scanned before. Therefore, this file's scan results will not be stored in the database)
MD5 80e41fbc33b6d5a605e53787de767048
Packers detected: -
Scanner results
AntiVir Found nothing
ArcaVir Found nothing
Avast Found nothing
AVG Antivirus Found nothing
BitDefender Found nothing
ClamAV Found nothing
Dr.Web Found nothing
F-Prot Antivirus Found nothing
Fortinet Found nothing
Kaspersky Anti-Virus Found nothing
NOD32 Found nothing
Norman Virus Control Found nothing
UNA Found nothing
VirusBuster Found nothing
VBA32 Found nothing

i post this first.. ltr i will post again how my things r runing after ti do the sfc /scannow

nishi · « **Reply #14 on:** August 08, 2006, 11:19:33 PM »

After i restart my comp,
as usual i see a pop up window telling me windows cannot load my profile as it is corrupted

after tat another pop saying windows cant find the local profile and is loggin in my tempory folder, and after i switch off my comp.. my files will be lost..

then i am back to the desktop after i click the ' ok ' button

guestolo · « **Reply #15 on:** August 08, 2006, 11:37:03 PM »

Can you create another account?
How many user accounts do you have on this machine?

Log on account that has Admin privileges
I assume yours
Create a new user account with Administrator privileges

If your running XP Pro
1.   Log on as the Administrator or as a user with administrator credentials.
2.   Click Start, and then click Control Panel.
3.   Click User Accounts.
4.   Click the Advanced tab, and then click Advanced.
5.   In the left pane, click the Users folder.
6.   On the Action menu, click New User.
7.   Enter the appropriate user information, and then click Create.

If your running XP Home
1.   Log on as the Administrator or as a user with administrator credentials.
2.   Click Start, and then click Control Panel.
3.   Click User Accounts.
4.   Under Pick a task, click Create a new account.
5.   Type a name for the user information, and then click Next.
6.   Click an account type, and then click Create Account.

Log off your account and into the new one, do you get any error messages?

nishi · « **Reply #16 on:** August 09, 2006, 12:37:18 AM »

i got onli 1 account..

when i log off my account and go to another account i did not get an error messages..

er before i log off my account i created another account..

guestolo · « **Reply #17 on:** August 09, 2006, 12:41:21 AM »

It appears that only your account is corrupt then

I'm going to bed for the night then work tomorrow
I'll be back later tomorrow
Leave that new account you just made alone for now, we'll need it later
I'll help you transfer your folders and files to the new user account
When I get back on

In the meantime, can you create one more Administrative user account
So you will now have 3 admin accounts

1. Your corrupt user account
2. The second account you just made
3. A third account we will need for transferring files and folders

Then post back and let me know that's done and we will carry on tomorrow <--my time anyways

http://images.thetechguide.com/forum/public/style_emoticons/<#EMO_DIR#>/smile.gif\' class=\'bbc_emoticon\' alt=\'

\' />

nishi · « **Reply #18 on:** August 09, 2006, 12:48:26 AM »

yea i create another account..

ok tnx for the help pal

http://images.thetechguide.com/forum/public/style_emoticons/<#EMO_DIR#>/biggrin.gif\' class=\'bbc_emoticon\' alt=\'

\' />

guestolo · « **Reply #19 on:** August 09, 2006, 11:39:48 PM »

Sorry for the delay, can you do the following please

I first recommend backing up any files or folders to be safe

Next: You now have 3 accounts made
#1. Corrupt profile
#2. Profile you created earlier, which will be your new profile
#3. Another new profile
This is the account you will be doing the transferring from

Log off all other accounts then log into the LAST account you made
User profile #3

Set Windows To Show Hidden Files and Folders
* Click Start.
* Open My Computer.
* Select the Tools menu and click Folder Options.
* Select the View Tab.
* Under the Hidden files and folders heading select Show hidden files and folders.
* Uncheck the Hide protected operating system files (recommended) option.
* Uncheck the Hide Extensions for known file types
* Click Yes to confirm.
* Click OK.

Using Windows Explorer
Open MyComputer>>C:\ >>Documents and Settings\Old_Username folder <<This is the corrupted profile

1. Press and hold down the CTRL key while you click each file and subfolder in this folder,
The Old_Username folder, except the following files:
•   Ntuser.dat
•   Ntuser.dat.log
•   Ntuser.ini
I repeat, DO NOT SELECT THE ABOVE 3 FILES, but select everything else

On the Edit menu, click Copy.
Locate the C:\Documents and Settings\New_Username folder, where C is the drive on which Windows XP is installed, and New_Username is the name of the user profile that you created in the "Create a New User Profile" section earlier, the Second account that you made
On the Edit menu, click Paste.
Log off the computer, and then log on as the new user. >>The second account that you made

If you need to backup and import any email accounts thru Outlook Express
See the following link
http://support.microsoft.com/kb/313055/

You can now go into the User accounts in Control Panel and delete the /3rd (last) account that you made

Let me know how everything is running in User profile #2
If everything is running OK, we can remove the corrupt profile #1

News:

Author Topic: a computer problem i been having for a long time (Read 1411 times)