« previous next »
Pages: [1]

Author Topic: Task Manager  (Read 929 times)

Offline FIxeL

  • Full Member
  • ***
  • Posts: 145
  • Karma: +0/-0
    • View Profile
Task Manager
« on: October 12, 2007, 09:15:34 AM »
Hi all, i got a problem here,  not long ago when i tryed to press alt+ctrl+del and error occured and contained the folowing: The Task Manager has been disabled by your administrator. The Comptuer is in home, so almsot no body uses but me, i have no idea how it can be disabled.... Could someone tell me how to enable it again ?
Logged

Offline guestolo

  • Site Donator
  • Administrator
  • Hero Member
  • *****
  • Posts: 16034
  • Karma: +1/-0
    • View Profile
    • http://
Task Manager
« Reply #1 on: October 12, 2007, 08:34:10 PM »
Hi again Fixel
Can you do the following, If you have an older version of Hijackthis
Uninstall it from Add/remove programs
Then
Download Hijackthis Installer from [color=\"#FF0000\"]HERE[/color]
For an alternate download location, you can try HERE
SAVE it to your desktop
Double click on HJTInstall.exe to run it
Choose Install

Hijackthis v2.0.2 will open

Under Main Menu, Select
Do a system scan and save a Log file
A log will open in Notepad
Copy and Paste the Whole log back here to the forum
Logged

Do you want to post your own logs from FRST?

Follow the instructions posted http://www.thetechguide.com/forum/index.php/topic/22942-please-read-how-to-post-logs-from-frst/\'>Click Here

Offline FIxeL

  • Full Member
  • ***
  • Posts: 145
  • Karma: +0/-0
    • View Profile
Task Manager
« Reply #2 on: October 13, 2007, 01:08:00 AM »
Oki i did the hjkthis scan and heres the result:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:03:43, on 2007.10.13
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\WinFast\WFTVFM\WFWIZ.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\DU Meter\DUMeter.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\Winamp\winampa.exe
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
C:\Program Files\FlashGet\FlashGet.exe
C:\Program Files\Hide The IP\HideTheIP.exe
C:\Program Files\Trust\GM-4200 Gamer Mouse Optical\Panel.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\PSCS\data\eventwin.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\Godlike Developers\RAM Saver Pro\ramsaverpro.exe
C:\Program Files\WinPop\winpop.exe
C:\Program Files\TechSmith\SnagIt 8\SnagIt32.exe
C:\Program Files\Xfire\xfire.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\TechSmith\SnagIt 8\TSCHelp.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\TechSmith\SnagIt 8\SnagPriv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Skype\Plugin Manager\SkypePM.exe
C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\PSCS\data\symserv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\DOCUME~1\FIxeL\LOCALS~1\Temp\SkypeSetup.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.lt/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.3.28.dll
O2 - BHO: MSVPS System - {428FA4A4-C8EC-427C-85DE-11C80F67893A} - C:\WINDOWS\div32.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFTVFM\WFWIZ.exe
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [bdmreg] C:\WINDOWS\system32\bdmreg.exe
O4 - HKLM\..\Run: [DU Meter] C:\Program Files\DU Meter\DUMeter.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKLM\..\Run: [Flashget] "C:\Program Files\FlashGet\FlashGet.exe" /min
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Hide-The-IP] "C:\Program Files\Hide The IP\HideTheIP.exe" /startup
O4 - HKLM\..\Run: [Trust Gaming mouse] "C:\Program Files\Trust\GM-4200 Gamer Mouse Optical\Panel.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [RAMSaverPro] C:\Program Files\Godlike Developers\RAM Saver Pro\ramsaverpro.exe
O4 - HKCU\..\Run: [WinPop] C:\Program Files\WinPop\winpop.exe
O4 - HKCU\..\Run: [µTorrent] "C:\Program Files\uTorrent\utorrent.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\xfire.exe
O4 - Global Startup: SnagIt 8.lnk = C:\Program Files\TechSmith\SnagIt 8\SnagIt32.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5F5F9FB8-878E-4455-95E0-F64B2314288A} (ijjiPlugin2 Class) - http://gamedownload.ijjimax.com/gamedownlo...Plugin11USA.cab
O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} (GameLauncher Control) - http://www.acclaim.com/cabs/acclaim_v5.cab
O16 - DPF: {CD995117-98E5-4169-9920-6C12D4C0B548} (HGPlugin9USA Class) - http://gamedownload.ijjimax.com/gamedownlo...GPlugin9USA.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{1F8356AA-547C-4E3F-836C-CA8018695423}: NameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{349FF121-5FF2-46FD-A6FC-869C5FFBAEAD}: NameServer = 212.59.1.1 212.59.2.2
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O21 - SSODL: mssql - {1B26D8B1-E27F-44A7-B78D-4F5AD482A5BE} - C:\WINDOWS\mssql.dll
O21 - SSODL: syscore - {62EBD1CE-7E5C-43FB-870B-AFDFB9D9BBA9} - (no file)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: RegVac Registry Service (RegVacService) - Super Win Software, Inc. - C:\Program Files\RegVac Registry Cleaner\RegVserv.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe

--
End of file - 11321 bytes
Logged

Offline guestolo

  • Site Donator
  • Administrator
  • Hero Member
  • *****
  • Posts: 16034
  • Karma: +1/-0
    • View Profile
    • http://
Task Manager
« Reply #3 on: October 13, 2007, 10:11:27 AM »
Can you supply 2 other logs for me please

Download this file - Combofix.exe and save it ONLY to your desktop
Double click combofix.exe & follow the prompts.
When finished, it shall produce a log for you.
Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Post that log from combofix

Afterwards: Can you also do the following
Download [color=\"red\"]SmitfraudFix[/color][/url] (by S!Ri)
Extract the contents (a folder named SmitfraudFix) to your Desktop.

Open the SmitfraudFix folder and double-click smitfraudfix.cmd
Select option #1 - Search by typing 1 and press "Enter"; a text file will appear, which lists infected files (if present).
Please copy/paste the content of that report into your next reply.

Recap:
1. Post the log from combofix
2. Post the log from Smitfraudfix
3. Can you also post a fresh hijackthis log

Note: It may take more than one reply to post all that info, do so if needed please
Logged

Do you want to post your own logs from FRST?

Follow the instructions posted http://www.thetechguide.com/forum/index.php/topic/22942-please-read-how-to-post-logs-from-frst/\'>Click Here

Offline FIxeL

  • Full Member
  • ***
  • Posts: 145
  • Karma: +0/-0
    • View Profile
Task Manager
« Reply #4 on: October 13, 2007, 11:45:42 AM »
Oki i did all the scans , and after i did the combofix it fixed everythin and task manager started to work again http://images.thetechguide.com/forum/public/style_emoticons/<#EMO_DIR#>/smile.gif\' class=\'bbc_emoticon\' alt=\':)\' /> thank you  a lot http://images.thetechguide.com/forum/public/style_emoticons/<#EMO_DIR#>/smile.gif\' class=\'bbc_emoticon\' alt=\':)\' />
just in case here are the logs:


           ---------------------------------------------CombiFix---------------------------------------------------

ComboFix 07-10-12.4 - FIxeL 2007-10-13 19:33:33.1 - NTFSx86
Microsoft Windows XP Professional  5.1.2600.2.1257.1.1033.18.597 [GMT 3:00]
Running from: C:\Documents and Settings\FIxeL\Desktop\ComboFix.exe
 * Created a new restore point
.

(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\FIxeL\Start Menu\Programs\moviebox
C:\Documents and Settings\FIxeL\Start Menu\Programs\moviebox\Uninstall.lnk
C:\Program Files\inetget2
C:\Program Files\inetget2\popinstall.exe
C:\Program Files\moviebox
C:\Program Files\moviebox\Uninstall.exe
C:\Program Files\VideoAccessCodec
C:\Program Files\VideoAccessCodec\install.ico
C:\Program Files\VideoAccessCodec\Uninstall.exe
C:\Program Files\VideoAccessCodec\VideoAccessCodec.ocx
C:\Program Files\winpop
C:\Program Files\winpop\winpop.exe
C:\WINDOWS\div32.dll
C:\WINDOWS\div32.dll
C:\WINDOWS\main_uninstaller.exe
C:\WINDOWS\mssql.dll
C:\WINDOWS\wr.txt

.
(((((((((((((((((((((((((   Files Created from 2007-09-13 to 2007-10-13  )))))))))))))))))))))))))))))))
.

2007-10-13 19:32   51,200   --a------   C:\WINDOWS\NirCmd.exe
2007-10-13 09:03   <DIR>   d--------   C:\HijackThis
2007-10-12 16:55   <DIR>   d--h-----   C:\WINDOWS\system32\GroupPolicy
2007-10-11 19:44   63,488   -----c---   C:\WINDOWS\system32\dllcache\icardie.dll
2007-09-27 21:25   118,272   --a------   C:\WINDOWS\system32\SX5363S.DLL
2007-09-27 21:25   102,400   --a------   C:\WINDOWS\system32\RV32RTP.dll
2007-09-17 18:11   <DIR>   d--------   C:\Program Files\Trust
2007-09-17 18:11   2,637,824   --a------   C:\WINDOWS\system32\XWheel.dll
2007-09-17 18:11   1,146,880   --a------   C:\WINDOWS\system32\MousePage.dll
2007-09-17 18:11   679,936   --a------   C:\WINDOWS\system32\XIndicator.dll
2007-09-17 18:11   229,376   --a------   C:\WINDOWS\system32\Hook.dll
2007-09-17 18:11   27,648   --a------   C:\WINDOWS\system32\drivers\GMFilter.sys
2007-09-13 22:10   <DIR>   d--------   C:\Program Files\Video Converter for Nokia Smartphones

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-10-13 16:35   ---------   d-----w   C:\Program Files\FlashGet
2007-10-13 16:32   ---------   d-----w   C:\Documents and Settings\FIxeL\Application Data\uTorrent
2007-10-13 16:05   ---------   d-----w   C:\Documents and Settings\FIxeL\Application Data\Skype
2007-10-13 01:58   ---------   d-s---w   C:\Program Files\Xfire
2007-10-09 12:24   ---------   d-----w   C:\Program Files\Java
2007-10-08 22:40   ---------   d-----w   C:\Documents and Settings\FIxeL\Application Data\Xfire
2007-10-07 07:14   ---------   d-----w   C:\Documents and Settings\FIxeL\Application Data\AVG7
2007-10-03 12:44   ---------   d--h--w   C:\Program Files\InstallShield Installation Information
2007-10-02 16:34   ---------   d-----w   C:\Program Files\HLSW
2007-09-17 14:43   ---------   d-----w   C:\Program Files\Common Files\Wise Installation Wizard
2007-09-10 20:40   ---------   d-----w   C:\Program Files\Nokia
2007-09-10 20:40   ---------   d-----w   C:\Program Files\Common Files\Nokia
2007-09-07 10:37   278,728   ----a-w   C:\WINDOWS\system32\drivers\atksgt.sys
2007-09-07 10:37   25,416   ----a-w   C:\WINDOWS\system32\drivers\lirsgt.sys
2007-09-02 15:07   ---------   d-----w   C:\Documents and Settings\FIxeL\Application Data\Bioshock
2007-08-24 22:07   ---------   d-----w   C:\Program Files\directx
2007-08-21 08:00   ---------   d-----w   C:\Documents and Settings\FIxeL\Application Data\Hamachi
2007-08-18 08:25   ---------   d-----w   C:\Program Files\Any Video Converter
2007-08-16 00:04   ---------   d-----w   C:\Program Files\MSXML 6.0
2007-04-06 20:40:08   238,284   -csh--w   C:\WINDOWS\Resources\Themes\DameK UltraBlue\irunin.dat
2006-05-03 09:06:54   163,328   --sh--r   C:\WINDOWS\system32\flvDX.dll
2007-02-21 10:47:16   31,232   --sh--r   C:\WINDOWS\system32\msfDX.dll
.

(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-06-01 12:22]
"nwiz"="nwiz.exe" [2006-06-01 12:22 C:\WINDOWS\system32\nwiz.exe]
"SkyTel"="SkyTel.EXE" [2006-05-16 13:04 C:\WINDOWS\SkyTel.exe]
"RTHDCPL"="RTHDCPL.EXE" [2006-06-28 09:54 C:\WINDOWS\RTHDCPL.exe]
"WinFast Schedule"="C:\Program Files\WinFast\WFTVFM\WFWIZ.exe" [2003-12-09 18:21]
"NvMediaCenter"="NvMCTray.dll" [2006-06-01 12:22 C:\WINDOWS\system32\nvmctray.dll]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe" [2007-10-03 16:30]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 17:40]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11]
"bdmreg"="C:\WINDOWS\system32\bdmreg.exe" [2007-02-08 06:51]
"DU Meter"="C:\Program Files\DU Meter\DUMeter.exe" [2004-08-25 11:26]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-06-06 23:46]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2006-11-21 20:38]
"PCSuiteTrayApplication"="C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.exe" [2006-06-15 12:36]
"Flashget"="C:\Program Files\FlashGet\FlashGet.exe" [2007-06-15 09:45]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 03:06]
"Hide-The-IP"="C:\Program Files\Hide The IP\HideTheIP.exe" [2007-03-01 18:48]
"ZTE ADSL"="" []
"Trust Gaming mouse"="C:\Program Files\Trust\GM-4200 Gamer Mouse Optical\Panel.exe" [2006-12-28 09:20]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 01:56]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2007-09-13 13:31]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-07-31 12:45]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2006-08-16 00:23]
"PcSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2006-06-27 16:21]
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2007-04-04 01:29]
"RocketDock"="C:\Program Files\RocketDock\RocketDock.exe" [2007-03-19 00:05]
"RAMSaverPro"="C:\Program Files\Godlike Developers\RAM Saver Pro\ramsaverpro.exe" [2007-07-19 21:51]
"µTorrent"="C:\Program Files\uTorrent\utorrent.exe" [2006-07-02 01:31]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
"RunNarrator"=Narrator.exe

C:\Documents and Settings\FIxeL\Start Menu\Programs\Startup\
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 20:16:50]
Xfire.lnk - C:\Program Files\Xfire\xfire.exe [2007-10-03 02:56:04]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
SnagIt 8.lnk - C:\Program Files\TechSmith\SnagIt 8\SnagIt32.exe [2007-02-16 18:40:52]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"DisableCAD"=1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"EditLevel"=0 (0x0)
"NoCommonGroups"=0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^FIxeL^Start Menu^Programs^Startup^Yahoo! Widget Engine.lnk]
backup=C:\WINDOWS\pss\Yahoo! Widget Engine.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BoostSpeed]
"C:\Program Files\AusLogics BoostSpeed\boostspeed.exe" /Q

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LTemperaturos2]
C:\Program Files\AW\LTemperaturos2\LTemperaturos2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\sXe Injected]
C:\Program Files\sXe Injected\sXe Injected.exe

R2 {09BB444F-B2E2-4009-BAF2-7B727681223E};BuddyVM;\??\C:\Program Files\VMLaunch\BuddyVM.sys
R2 WF23880;WinFast TV2000/DV2000 WDM Video Capture.;C:\WINDOWS\system32\drivers\wf88vcap.sys
R2 WF88XBAR;WinFast TV2000/DV2000 WDM Crossbar.;C:\WINDOWS\system32\drivers\WF88XBAR.sys
R2 WFTUNE;WinFast TV2000/DV2000 WDM Tuner.;C:\WINDOWS\system32\drivers\WF88TUNE.sys
R3 GMFilter Filter;GMFilter Filter;C:\WINDOWS\system32\Drivers\GMFilter.sys
R3 USB_RNDIS_51;ZTE USB Remote NDIS Device Driver;C:\WINDOWS\system32\DRIVERS\usb8023.sys
R3 WFIOCTL;WFIOCTL;\??\C:\Program Files\WinFast\WFTVFM\WFIOCTL.SYS
R3 ZTPPPOE;WAN Miniport (PPP over Ethernet Protocol);C:\WINDOWS\system32\DRIVERS\ztpppoe.sys
S3 glauiad;jetSpeed USB LAN Device;C:\WINDOWS\system32\DRIVERS\glauiad.sys
S3 RegVacService;RegVac Registry Service;C:\Program Files\RegVac Registry Cleaner\RegVserv.exe

.
Contents of the 'Scheduled Tasks' folder
"2007-10-11 00:08:25 C:\WINDOWS\Tasks\RegCure.job"
.
**************************************************************************

catchme 0.3.1169 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-10-13 19:37:53
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2007-10-13 19:40:16 - machine was rebooted
C:\ComboFix2.txt ... 2007-01-02 04:56
.
   --- E O F ---


----------------------------------------------------------SmitFraudFix---------------------------------------------------

SmitFraudFix v2.240

Scan done at 19:42:08,14, 2007.10.13
Run from C:\Documents and Settings\FIxeL\Desktop\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
The filesystem type is NTFS
Fix run in normal mode

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\WinFast\WFTVFM\WFWIZ.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\DU Meter\DUMeter.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\Winamp\winampa.exe
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
C:\Program Files\FlashGet\FlashGet.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Program Files\Hide The IP\HideTheIP.exe
C:\Program Files\PSCS\data\eventwin.exe
C:\Program Files\Trust\GM-4200 Gamer Mouse Optical\Panel.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\Godlike Developers\RAM Saver Pro\ramsaverpro.exe
C:\Program Files\TechSmith\SnagIt 8\SnagIt32.exe
C:\Program Files\Xfire\xfire.exe
C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\PSCS\data\symserv.exe
C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
C:\Program Files\TechSmith\SnagIt 8\TSCHelp.exe
C:\Program Files\TechSmith\SnagIt 8\SnagPriv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\cmd.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts


»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\FIxeL


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\FIxeL\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Start Menu


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\FIxeL\FAVORI~1


»»»»»»»»»»»»»»»»»»»»»»»» Desktop


»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files


»»»»»»»»»»»»»»»»»»»»»»»» Corrupted keys


»»»»»»»»»»»»»»»»»»»»»»»» Desktop Components
 
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="My Current Home Page"
 

»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» Rustock



»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: WAN (PPP/SLIP) Interface
DNS Server Search Order: 212.59.1.1
DNS Server Search Order: 212.59.2.2

Description: ZTE USB Remote NDIS Device - Packet Scheduler Miniport
DNS Server Search Order: 192.168.2.1

HKLM\SYSTEM\CCS\Services\Tcpip\..\{1F8356AA-547C-4E3F-836C-CA8018695423}: NameServer=192.168.2.1
HKLM\SYSTEM\CCS\Services\Tcpip\..\{349FF121-5FF2-46FD-A6FC-869C5FFBAEAD}: NameServer=212.59.1.1 212.59.2.2
HKLM\SYSTEM\CS1\Services\Tcpip\..\{1F8356AA-547C-4E3F-836C-CA8018695423}: NameServer=192.168.2.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{349FF121-5FF2-46FD-A6FC-869C5FFBAEAD}: NameServer=212.59.1.1 212.59.2.2
HKLM\SYSTEM\CS2\Services\Tcpip\..\{1F8356AA-547C-4E3F-836C-CA8018695423}: NameServer=192.168.2.1
HKLM\SYSTEM\CS2\Services\Tcpip\..\{349FF121-5FF2-46FD-A6FC-869C5FFBAEAD}: NameServer=212.59.1.1 212.59.2.2


»»»»»»»»»»»»»»»»»»»»»»»» Scanning for wininet.dll infection


»»»»»»»»»»»»»»»»»»»»»»»» End


 --------------------------------------------------------HJKTHIS-------------------------------------------------


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:45:12, on 2007.10.13
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\WinFast\WFTVFM\WFWIZ.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\DU Meter\DUMeter.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\Winamp\winampa.exe
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
C:\Program Files\FlashGet\FlashGet.exe
C:\Program Files\Hide The IP\HideTheIP.exe
C:\Program Files\PSCS\data\eventwin.exe
C:\Program Files\Trust\GM-4200 Gamer Mouse Optical\Panel.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\Godlike Developers\RAM Saver Pro\ramsaverpro.exe
C:\Program Files\TechSmith\SnagIt 8\SnagIt32.exe
C:\Program Files\Xfire\xfire.exe
C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\PSCS\data\symserv.exe
C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
C:\Program Files\TechSmith\SnagIt 8\TSCHelp.exe
C:\Program Files\TechSmith\SnagIt 8\SnagPriv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\NOTEPAD.EXE
C:\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.lt/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.3.28.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFTVFM\WFWIZ.exe
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [bdmreg] C:\WINDOWS\system32\bdmreg.exe
O4 - HKLM\..\Run: [DU Meter] C:\Program Files\DU Meter\DUMeter.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKLM\..\Run: [Flashget] "C:\Program Files\FlashGet\FlashGet.exe" /min
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Hide-The-IP] "C:\Program Files\Hide The IP\HideTheIP.exe" /startup
O4 - HKLM\..\Run: [Trust Gaming mouse] "C:\Program Files\Trust\GM-4200 Gamer Mouse Optical\Panel.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [RAMSaverPro] C:\Program Files\Godlike Developers\RAM Saver Pro\ramsaverpro.exe
O4 - HKCU\..\Run: [µTorrent] "C:\Program Files\uTorrent\utorrent.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\xfire.exe
O4 - Global Startup: SnagIt 8.lnk = C:\Program Files\TechSmith\SnagIt 8\SnagIt32.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5F5F9FB8-878E-4455-95E0-F64B2314288A} (ijjiPlugin2 Class) - http://gamedownload.ijjimax.com/gamedownlo...Plugin11USA.cab
O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} (GameLauncher Control) - http://www.acclaim.com/cabs/acclaim_v5.cab
O16 - DPF: {CD995117-98E5-4169-9920-6C12D4C0B548} (HGPlugin9USA Class) - http://gamedownload.ijjimax.com/gamedownlo...GPlugin9USA.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{1F8356AA-547C-4E3F-836C-CA8018695423}: NameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{349FF121-5FF2-46FD-A6FC-869C5FFBAEAD}: NameServer = 212.59.1.1 212.59.2.2
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: RegVac Registry Service (RegVacService) - Super Win Software, Inc. - C:\Program Files\RegVac Registry Cleaner\RegVserv.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe

--
End of file - 10663 bytes
Logged

Offline guestolo

  • Site Donator
  • Administrator
  • Hero Member
  • *****
  • Posts: 16034
  • Karma: +1/-0
    • View Profile
    • http://
Task Manager
« Reply #5 on: October 13, 2007, 12:11:54 PM »
Can I see another log please
Download and unzip to your desktop InstalledPrograms.zip
Double click on InstalledPrograms.vbs

Click OK at the IP prompt and click YES to view the results now
A text file will open, can you copy and paste back here the whole contents

ALLOW this script to run if prompted by your AntiVirus
Logged

Do you want to post your own logs from FRST?

Follow the instructions posted http://www.thetechguide.com/forum/index.php/topic/22942-please-read-how-to-post-logs-from-frst/\'>Click Here

Offline FIxeL

  • Full Member
  • ***
  • Posts: 145
  • Karma: +0/-0
    • View Profile
Task Manager
« Reply #6 on: October 13, 2007, 01:52:28 PM »
Ok, heres the result :

INSTALLED SOFTWARE (194) - PC - 2007.10.13 21:50:21

2Moons   Ver: 1.00.0000   Installed: 2007.07.31
Adobe Bridge 1.0   Ver: 001.000.004   Installed: 2007.03.31
Adobe Common File Installer   Ver: 1.00.0000   Installed: 2007.02.21
Adobe Flash Player ActiveX   Ver: 9.0.47.0
Adobe Help Center 1.0   Ver: 001.000.000   Installed: 2007.02.21
Adobe Photoshop CS2   Ver: 9.0
Adobe Photoshop CS2   Ver: 9.0   Installed: 2007.02.21
Adobe Reader 8.1.0   Ver: 8.1.0   Installed: 2007.06.22
Adobe Shockwave Player   
Adobe Stock Photos 1.0   Ver: 1.0.8   Installed: 2007.03.31
Adobe® Photoshop® Album Starter Edition 3.0   Ver: 3.00.000   Installed: 2007.04.06
AltDesk.1.8   Ver: 1.8
AMX Mod X Installer 1.76d   Ver: 1.76d
Any Video Converter 2.0.7      Installed: 2007.08.18
ApexDC   Ver: 1.1.0   Installed: 2007.03.04
AusLogics BoostSpeed   Ver: version 3.6   Installed: 2007.06.23
AVG Anti-Spyware 7.5   
AVG Free Edition   
BioShock   Ver: 2.5.0000   Installed: 2007.09.02
BitComet 0.86   Ver: 0.86
Black & White® 2   Ver: 1.00.0000   Installed: 2007.09.22
Black & White® 2 Battle of the Gods   Ver: 1.00.0000   Installed: 2007.09.22
Canon i250   
CCleaner (remove only)   
CheMax 6.9   Ver: 6.9
Complete Japanese   
ConTEXT   Ver: 0.98.0   Installed: 2007.05.11
CuteFTP 8 Professional   Ver: 8.0.5
DameK UltraBlue   
Delete Virtual-Mate Launcher   Ver: 1.0.1
Devil May Cry 3 Special Edition   Ver: 1.00.000   Installed: 2007.08.21
DFX 8 for Winamp   Ver: 8
DFX 8 for Windows Media Player   Ver: 8.349   Installed: 2007.07.30
DU Meter   
DynGate   
eMusic - 50 Free MP3 offer   
FileZilla (remove only)   
FlashGet 1.8.8.1009   Ver: 1.8.8.1009
Free Download Manager 2.1   
GameCenter   
GM-4200 Gamer Mouse Optical   Ver: 1.0.5   Installed: 2007.09.17
Google Earth   Ver: 4.0.2722   Installed: 2007.05.13
Guard Shield   
GZN   
Hamachi 1.0.2.1   
Hide The IP   
HijackThis 2.0.2   Ver: 2.0.2
HLSW v1.1.0   
Hotfix for Windows Media Format 11 SDK (KB929399)      Installed: 2007.04.10
Hotfix for Windows Media Player 11 (KB939683)      Installed: 2007.09.01
Hotfix for Windows XP (KB915865)   Ver: 10   Installed: 2006.12.29
Hotfix for Windows XP (KB926239)   Ver: 2   Installed: 2007.04.09
Hotfix for Windows XP (KB935448)   Ver: 1   Installed: 2007.04.12
ijji - Gunz   
iZotope Ozone 1.0 for Winamp2 and Winamp3   Ver: 1.0
J2SE Runtime Environment 5.0 Update 10   Ver: 1.5.0.100   Installed: 2006.12.29
J2SE Runtime Environment 5.0 Update 11   Ver: 1.5.0.110   Installed: 2007.02.10
J2SE Runtime Environment 5.0 Update 9   Ver: 1.5.0.90   Installed: 2006.12.22
Java(tm) 6 Update 2   Ver: 1.6.0.20   Installed: 2007.08.09
Java(tm) 6 Update 3   Ver: 1.6.0.30   Installed: 2007.10.09
Java(tm) SE Runtime Environment 6 Update 1   Ver: 1.6.0.10   Installed: 2007.05.09
jetSpeed 520 ADSL Modem   
K-Lite Codec Pack 2.77 Full   Ver: 2.77
Kaiba Corp Virtual Duel System 1.4      Installed: 2007.06.03
LIVE gaming on Windows Runtime Version 1.0.6027   Ver: 1.0.6027   Installed: 2007.06.25
Lost Planet Extreme Condition   Ver: 1.0.0.1   Installed: 2007.07.02
LTemperaturos2   Ver: 2.0.0   Installed: 2007.06.01
Marvel(tm) - Ultimate Alliance   Ver: 1.00.0000   Installed: 2007.08.06
Marvel(tm) - Ultimate Alliance   Ver: 1.00.0000   Installed: 2007.08.06
Microsoft .NET Framework 2.0   
Microsoft .NET Framework 2.0   Ver: 2.0.50727   Installed: 2007.07.12
Microsoft Compression Client Pack 1.0 for Windows XP   Ver: 1   Installed: 2007.04.09
Microsoft Internationalized Domain Names Mitigation APIs      Installed: 2006.12.29
Microsoft National Language Support Downlevel APIs      Installed: 2006.12.29
Microsoft Office Professional Edition 2003   Ver: 11.0.7969.0   Installed: 2007.10.11
Microsoft User-Mode Driver Framework Feature Pack 1.0      Installed: 2006.12.18
Microsoft Visual C++ 2005 Redistributable   Ver: 8.0.56336   Installed: 2007.06.25
Mozilla Firefox (2.0.0.2)   Ver: 2.0.0.2 (en-US)
Mozilla Firefox (2.0.0.7)   Ver: 2.0.0.7 (en-US)
MSXML 4.0 SP2 (KB925672)   Ver: 4.20.9839.0   Installed: 2006.12.19
MSXML 4.0 SP2 (KB927978)   Ver: 4.20.9841.0   Installed: 2006.12.19
MSXML 4.0 SP2 (KB936181)   Ver: 4.20.9848.0   Installed: 2007.08.16
MSXML 6.0 Parser (KB933579)   Ver: 6.10.1200.0   Installed: 2007.08.16
Nero 7 Premium   Ver: 7.01.7728   Installed: 2006.12.17
Nero Sipps   
Nokia Connectivity Cable Driver   Ver: 6.84.4.0   Installed: 2007.09.10
Nokia Lifeblog 2.1   Ver: 2.1.131   Installed: 2007.05.07
Nokia MTP driver   Ver: 1.0.0   Installed: 2007.05.07
Nokia N73 highlights   Ver: 1.0.6   Installed: 2007.05.07
Nokia Nseries Skin for Microsoft Windows Media Player   Ver: 1.0.4   Installed: 2007.05.07
Nokia PC Connectivity Solution   Ver: 6.23.9.0   Installed: 2007.05.07
Nokia PC Suite   Ver: 6.81.13.0   Installed: 2007.05.07
Nokia Software Updater   Ver: 01.03.095.29303   Installed: 2007.09.10
Nokia themes for your device   Ver: 1.0.5   Installed: 2007.05.07
NVIDIA Drivers   
PartitionMagic   Ver: 8.00.000   Installed: 2006.12.17
Plato Video To 3GP Converter Free 3.35      Installed: 2007.01.10
PowerQuest PartitionMagic 8.0   Ver: 8.00.000   Installed: 2006.12.17
QuickTime   
RAM Saver Pro version 7.0   
Rappelz_USA   Ver: 1.00.0000   Installed: 2007.10.03
RealPlayer   
Realtek High Definition Audio Driver   Ver: 5.10.0.5273   Installed: 2006.12.17
RegVac Registry Cleaner 4.02 (Registered Version)      Installed: 2006.12.21
RocketDock 1.3.1      Installed: 2007.06.27
RYL2 - Incomplete Union v1.6.0.2   Ver: 1.6.0.2
Security Update for Microsoft .NET Framework 2.0 (KB928365)   Ver: 2
Security Update for Windows Internet Explorer 7 (KB928090)   Ver: 20070117.120000   Installed: 2007.02.14
Security Update for Windows Internet Explorer 7 (KB929969)   Ver: 20061222.120000   Installed: 2007.01.11
Security Update for Windows Internet Explorer 7 (KB931768)   Ver: 1   Installed: 2007.05.10
Security Update for Windows Internet Explorer 7 (KB933566)   Ver: 1   Installed: 2007.06.13
Security Update for Windows Internet Explorer 7 (KB937143)   Ver: 1   Installed: 2007.08.16
Security Update for Windows Internet Explorer 7 (KB938127)   Ver: 1   Installed: 2007.08.16
Security Update for Windows Internet Explorer 7 (KB939653)   Ver: 1   Installed: 2007.10.12
Security Update for Windows Media Player 11 (KB936782)      Installed: 2007.08.16
Security Update for Windows Media Player 6.4 (KB925398)      Installed: 2006.12.19
Security Update for Windows XP (KB918118)   Ver: 1   Installed: 2007.02.14
Security Update for Windows XP (KB919007)   Ver: 1   Installed: 2006.12.19
Security Update for Windows XP (KB920213)   Ver: 1   Installed: 2006.12.19
Security Update for Windows XP (KB920685)   Ver: 1   Installed: 2006.12.19
Security Update for Windows XP (KB921503)   Ver: 1   Installed: 2007.08.16
Security Update for Windows XP (KB922819)   Ver: 1   Installed: 2006.12.19
Security Update for Windows XP (KB923191)   Ver: 1   Installed: 2006.12.19
Security Update for Windows XP (KB923414)   Ver: 1   Installed: 2006.12.19
Security Update for Windows XP (KB923694)   Ver: 1   Installed: 2006.12.19
Security Update for Windows XP (KB923980)   Ver: 1   Installed: 2006.12.19
Security Update for Windows XP (KB924191)   Ver: 1   Installed: 2006.12.19
Security Update for Windows XP (KB924270)   Ver: 1   Installed: 2006.12.19
Security Update for Windows XP (KB924496)   Ver: 1   Installed: 2006.12.19
Security Update for Windows XP (KB924667)   Ver: 1   Installed: 2007.02.14
Security Update for Windows XP (KB925454)   Ver: 1   Installed: 2006.12.19
Security Update for Windows XP (KB925486)   Ver: 1   Installed: 2006.12.19
Security Update for Windows XP (KB925902)   Ver: 1   Installed: 2007.04.05
Security Update for Windows XP (KB926255)   Ver: 1   Installed: 2006.12.19
Security Update for Windows XP (KB926436)   Ver: 1   Installed: 2007.02.14
Security Update for Windows XP (KB927779)   Ver: 1   Installed: 2007.02.14
Security Update for Windows XP (KB927802)   Ver: 1   Installed: 2007.02.14
Security Update for Windows XP (KB928255)   Ver: 1   Installed: 2007.02.14
Security Update for Windows XP (KB928843)   Ver: 1   Installed: 2007.02.14
Security Update for Windows XP (KB929123)   Ver: 1   Installed: 2007.06.13
Security Update for Windows XP (KB930178)   Ver: 1   Installed: 2007.04.12
Security Update for Windows XP (KB931261)   Ver: 1   Installed: 2007.04.12
Security Update for Windows XP (KB931784)   Ver: 1   Installed: 2007.04.12
Security Update for Windows XP (KB932168)   Ver: 1   Installed: 2007.04.12
Security Update for Windows XP (KB933729)   Ver: 1   Installed: 2007.10.11
Security Update for Windows XP (KB935839)   Ver: 1   Installed: 2007.06.13
Security Update for Windows XP (KB935840)   Ver: 1   Installed: 2007.06.13
Security Update for Windows XP (KB936021)   Ver: 1   Installed: 2007.08.16
Security Update for Windows XP (KB938829)   Ver: 1   Installed: 2007.08.16
Security Update for Windows XP (KB941202)   Ver: 1   Installed: 2007.10.12
Shockwave Director 10.1.4   
Skypeâ„¢ 3.5   Ver: 3.5.239   Installed: 2007.10.13
SnagIt 8   Ver: 8.2.2   Installed: 2007.07.18
Software Update for Web Folders   Ver: 9.60.6715.0   Installed: 2006.12.17
Sony Ericsson Themes Creator 3.06   Ver: 3.06
SpaceCowboy   Ver: 0.3.3.74
SUPER © Version 2007.bld.22 (Mar 14, 2007)   Ver: Version 2007.bld.22 (Mar 14, 2007)   Installed: 2007.01.01
sXe Injected   
Tom Clancy's Ghost Recon Advanced Warfighter® 2   Ver: 1.00.0000   Installed: 2007.07.09
Turf Battles   Ver: 1.0.0   Installed: 2007.07.24
Ulead Disc-Direct SDK   Ver: 1.0
Update for Windows XP (KB920872)   Ver: 1   Installed: 2006.12.19
Update for Windows XP (KB922582)   Ver: 1   Installed: 2006.12.19
Update for Windows XP (KB927891)   Ver: 3   Installed: 2007.05.23
Update for Windows XP (KB929338)   Ver: 1   Installed: 2007.03.15
Update for Windows XP (KB930916)   Ver: 1   Installed: 2007.05.10
Update for Windows XP (KB931836)   Ver: 1   Installed: 2007.02.14
Update for Windows XP (KB933360)   Ver: 1   Installed: 2007.08.29
Update for Windows XP (KB938828)   Ver: 1   Installed: 2007.08.16
Uplink   
UserBar Generator 1.2   
Ventrilo Client   Ver: 2.3.0   Installed: 2006.12.17
Ventrilo Server   Ver: 2.3.1   Installed: 2006.12.23
Video Converter for Nokia Smartphones 1.2   
Web Page Maker Resource Pack 1.0   
Web Page Maker V2   
Winamp (remove only)   
WinAVIVideoConverter   
Windows Driver Package - Nokia Modem  (06/12/2006 6.81.0.21)   Ver: 06/12/2006 6.81.0.21
Windows Internet Explorer 7   Ver: 20061107.210142   Installed: 2006.12.29
Windows Media Format 11 runtime   
Windows Media Format 11 runtime      Installed: 2006.12.18
Windows Media Player 11   
Windows Media Player 11      Installed: 2006.12.17
WinFast PVR   
WinFast TV USB II(Driver)   
WinRAR archiver   
World of Warcraft   
Xfire (remove only)   
Yahoo! Widget Engine   
Zip Recovery Toolbox 1.0      Installed: 2007.06.19
Zip Repair Pro   Ver: 3.1.0.284
ZTE ADSL Dialer  1.0j_EN   
µTorrent   Ver: 1.6
Logged

Offline guestolo

  • Site Donator
  • Administrator
  • Hero Member
  • *****
  • Posts: 16034
  • Karma: +1/-0
    • View Profile
    • http://
Task Manager
« Reply #7 on: October 13, 2007, 03:27:02 PM »
You should uninstall older versions of Java from add/remove programs

This includes:
J2SE Runtime Environment 5.0 Update 10
J2SE Runtime Environment 5.0 Update 11
J2SE Runtime Environment 5.0 Update 9
Java 6 Update 2
Java SE Runtime Environment 6 Update 1

Did you intentionally install the next set of software?
Not that there's anything wrong with them, just checking

Hide The IP
RAM Saver Pro
sXe Injected

NOTE: Your option, but I wouldn't run Utorrent on startup, using valuable bandwidth at bootup if you are sharing files
This is your option
You can disable Utorrent from running on startup by opening the program
Select OPTIONS>>Preferences>>General>>Uncheck Start uTorrent on system startup
« Last Edit: October 13, 2007, 03:32:25 PM by guestolo »
Logged

Do you want to post your own logs from FRST?

Follow the instructions posted http://www.thetechguide.com/forum/index.php/topic/22942-please-read-how-to-post-logs-from-frst/\'>Click Here

Offline FIxeL

  • Full Member
  • ***
  • Posts: 145
  • Karma: +0/-0
    • View Profile
Task Manager
« Reply #8 on: October 13, 2007, 04:05:29 PM »
Oki i removed old versions of java , and yes i installed thouse programs intentionally. The u torrent i puted on start becosue i usually come home and then leave very fast so i just turn on pc and it will turn on utorrent that starts to dowload safes some time for me http://images.thetechguide.com/forum/public/style_emoticons/<#EMO_DIR#>/smile.gif\' class=\'bbc_emoticon\' alt=\':)\' />
Logged

Offline guestolo

  • Site Donator
  • Administrator
  • Hero Member
  • *****
  • Posts: 16034
  • Karma: +1/-0
    • View Profile
    • http://
Task Manager
« Reply #9 on: October 14, 2007, 02:54:50 AM »
I can't understand why you don't have SpywareBlaster in your arsenal
It's a free download and install
Do the following
add SpywareBlaster to your protection software
SpywareBlaster 3.5.1 by JavaCool  
    *Will block bad ActiveX Controls
    *Block Malevolent cookies in Internet Explorer and Firefox
    *Restrict actions of potentially dangerous sites in Internet Explorer
After installation, Check for updates
After updating, select "Protection" on the Left
Then select "Enable all Protection"
"Check for updates every couple of weeks"
after every update just simply click the "enable protection on all unprotected items"

Let's remove some tools we used earlier
Download this tool:
[color=\"blue\"]OTMoveIt[/color] by OldTimer:
  • Save it to your desktop.
  • Please double-click OTMoveIt.exe to run it.
    Click the Cleanup! button
    A list will be downloaded>>Allow it Internet access if prompted by your Firewall
    Don't change anything in this list
    Select Yes at the prompt
    Wait for the confirmation box to open to reboot the computer, don't mouseclick during the wait as you may cause the tool to stall
    Select Yes to reboot Now
After reboot you can empty your recycle bin

I hope everthing is well, I'll lock this topic if you have no further problems
Logged

Do you want to post your own logs from FRST?

Follow the instructions posted http://www.thetechguide.com/forum/index.php/topic/22942-please-read-how-to-post-logs-from-frst/\'>Click Here

Offline FIxeL

  • Full Member
  • ***
  • Posts: 145
  • Karma: +0/-0
    • View Profile
Task Manager
« Reply #10 on: October 14, 2007, 11:18:47 AM »
ok i did everythin thx for the help http://images.thetechguide.com/forum/public/style_emoticons/<#EMO_DIR#>/smile.gif\' class=\'bbc_emoticon\' alt=\':)\' /> last question , do i have to run spywareblaster every time i turn on computer?
Logged

Offline guestolo

  • Site Donator
  • Administrator
  • Hero Member
  • *****
  • Posts: 16034
  • Karma: +1/-0
    • View Profile
    • http://
Task Manager
« Reply #11 on: October 14, 2007, 12:24:50 PM »
No you don't, here's what I said

"Check for updates every couple of weeks"
after every update just simply click the "enable protection on all unprotected items"
Logged

Do you want to post your own logs from FRST?

Follow the instructions posted http://www.thetechguide.com/forum/index.php/topic/22942-please-read-how-to-post-logs-from-frst/\'>Click Here

Offline FIxeL

  • Full Member
  • ***
  • Posts: 145
  • Karma: +0/-0
    • View Profile
Task Manager
« Reply #12 on: October 14, 2007, 01:30:49 PM »
oh ok http://images.thetechguide.com/forum/public/style_emoticons/<#EMO_DIR#>/smile.gif\' class=\'bbc_emoticon\' alt=\':)\' /> thank you for the help http://images.thetechguide.com/forum/public/style_emoticons/<#EMO_DIR#>/smile.gif\' class=\'bbc_emoticon\' alt=\':)\' />
Logged

Offline guestolo

  • Site Donator
  • Administrator
  • Hero Member
  • *****
  • Posts: 16034
  • Karma: +1/-0
    • View Profile
    • http://
Task Manager
« Reply #13 on: October 14, 2007, 06:14:37 PM »
Your welcome, I'll lock this topic then as your problems are resolved
Take care  http://images.thetechguide.com/forum/public/style_emoticons/<#EMO_DIR#>/smile.gif\' class=\'bbc_emoticon\' alt=\':)\' />
Logged

Do you want to post your own logs from FRST?

Follow the instructions posted http://www.thetechguide.com/forum/index.php/topic/22942-please-read-how-to-post-logs-from-frst/\'>Click Here

Pages: [1]
« previous next »