« previous next »
Pages: [1] 2

Author Topic: Nvidia Driver Error  (Read 4107 times)

Offline FIxeL

  • Full Member
  • ***
  • Posts: 145
  • Karma: +0/-0
    • View Profile
Nvidia Driver Error
« on: November 23, 2007, 11:03:46 AM »
Hello again questolo :)
Im having some problems. When i try to play a newly developed games , after game start it crashes or asks for video card update. So i downloaded and updated my Nvidie GeForce GS7600 video card from the official site. When i did that all games started to work, but then when i try to run WinFast2000 PVR it crashes and show the classic error mesage were you can chose send or dont send. So i tryed to update the WinFast PVR but it didnt worked got the same message, i even tryed to download the newer version  WinFast PVR2 but it still the same error message occured :( . Do you know what could i do , or do you have any ideas wat to do?
Heres the HJT log just in case:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:01, on 2007-11-23
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\WinFast\WFDTV\WFWIZ.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\DU Meter\DUMeter.exe
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
C:\Program Files\Trust\GM-4200 Gamer Mouse Optical\Panel.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\Godlike Developers\RAM Saver Pro\ramsaverpro.exe
C:\Program Files\DAEMON Tools Pro\DTProAgent.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\PSCS\data\eventwin.exe
C:\Program Files\TechSmith\SnagIt 8\SnagIt32.exe
C:\Program Files\Xfire\xfire.exe
C:\Program Files\PSCS\data\symserv.exe
C:\Program Files\TechSmith\SnagIt 8\TSCHelp.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\TechSmith\SnagIt 8\SnagPriv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.serial99.com/?a
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.3.28.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFDTV\WFWIZ.exe
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [bdmreg] C:\WINDOWS\system32\bdmreg.exe
O4 - HKLM\..\Run: [DU Meter] C:\Program Files\DU Meter\DUMeter.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKLM\..\Run: [Trust Gaming mouse] "C:\Program Files\Trust\GM-4200 Gamer Mouse Optical\Panel.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [WinFastDTV] C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [RAMSaverPro] C:\Program Files\Godlike Developers\RAM Saver Pro\ramsaverpro.exe
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\xfire.exe
O4 - Global Startup: SnagIt 8.lnk = C:\Program Files\TechSmith\SnagIt 8\SnagIt32.exe
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O13 - WWW Prefix: http://www.serial99.com/?
O16 - DPF: {5F5F9FB8-878E-4455-95E0-F64B2314288A} (ijjiPlugin2 Class) - http://gamedownload.ijjimax.com/gamedownlo...Plugin11USA.cab
O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} (GameLauncher Control) - http://www.acclaim.com/cabs/acclaim_v5.cab
O16 - DPF: {CD995117-98E5-4169-9920-6C12D4C0B548} (HGPlugin9USA Class) - http://gamedownload.ijjimax.com/gamedownlo...GPlugin9USA.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{1F8356AA-547C-4E3F-836C-CA8018695423}: NameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{349FF121-5FF2-46FD-A6FC-869C5FFBAEAD}: NameServer = 212.59.1.1 212.59.2.2
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: RegVac Registry Service (RegVacService) - Super Win Software, Inc. - C:\Program Files\RegVac Registry Cleaner\RegVserv.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 10509 bytes

Hope it Helps
« Last Edit: November 23, 2007, 11:07:41 AM by FIxeL »
Logged

Offline guestolo

  • Site Donator
  • Administrator
  • Hero Member
  • *****
  • Posts: 16034
  • Karma: +1/-0
    • View Profile
    • http://
Nvidia Driver Error
« Reply #1 on: November 24, 2007, 11:18:12 AM »
Do a "System scan only" with Hijackthis and put a check next to these entries:

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.serial99.com/?a
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O13 - WWW Prefix: http://www.serial99.com/?


After you have ticked the above entries, close All other open windows
Including this one
Leave Hijackthis open and click FIX CHECKED
OK the prompt and exit Hijackthis

Reboot the computer

Come back here and post a fresh hijackthis log

Did you uninstall old Nvidia drivers from Add/remove programs before installing the new ones?
Logged

Do you want to post your own logs from FRST?

Follow the instructions posted http://www.thetechguide.com/forum/index.php/topic/22942-please-read-how-to-post-logs-from-frst/\'>Click Here

Offline FIxeL

  • Full Member
  • ***
  • Posts: 145
  • Karma: +0/-0
    • View Profile
Nvidia Driver Error
« Reply #2 on: November 24, 2007, 03:53:37 PM »
Ok i fixed the computer and restarted it, but after restart whenn i run HJT and press the do a system scan it scans till the ,,04-Registry and Start menu autoruns" and after that ann erro rmessage comes out telling that HJT has encountered a problem and needs to close. What should i do?

Quote
Did you uninstall old Nvidia drivers from Add/remove programs before installing the new ones?

Yes i uninstaled the old driver, restarted PC and then instaled the new driver.
Logged

Offline guestolo

  • Site Donator
  • Administrator
  • Hero Member
  • *****
  • Posts: 16034
  • Karma: +1/-0
    • View Profile
    • http://
Nvidia Driver Error
« Reply #3 on: November 24, 2007, 04:00:38 PM »
Let's check out other possibilities
If you have an older version of combofix. Delete it

Then
Download this file - Combofix.exe and save it ONLY to your desktop
Double click combofix.exe & follow the prompts.
When finished, it shall produce a log for you.
It's default location is C:\Combofix.txt

Note:
Do not mouseclick combofix's window while it's running. That may cause it to stall

Post that log back please

Also, try running hijackthis again and post it's log too
Logged

Do you want to post your own logs from FRST?

Follow the instructions posted http://www.thetechguide.com/forum/index.php/topic/22942-please-read-how-to-post-logs-from-frst/\'>Click Here

Offline FIxeL

  • Full Member
  • ***
  • Posts: 145
  • Karma: +0/-0
    • View Profile
Nvidia Driver Error
« Reply #4 on: November 24, 2007, 05:31:54 PM »
i downloaded combofix and ran a scan but when it should prepare a log report it stops waited for quite a while and it didnt make a  log, so i exited it. After that i tryed to use HJS and it didnt crash heres the report:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:31, on 2007-11-25
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\WinFast\WFDTV\WFWIZ.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\DU Meter\DUMeter.exe
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
C:\Program Files\Trust\GM-4200 Gamer Mouse Optical\Panel.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\Godlike Developers\RAM Saver Pro\ramsaverpro.exe
C:\Program Files\DAEMON Tools Pro\DTProAgent.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\PSCS\data\eventwin.exe
C:\Program Files\TechSmith\SnagIt 8\SnagIt32.exe
C:\Program Files\TechSmith\SnagIt 8\TSCHelp.exe
C:\Program Files\Xfire\xfire.exe
C:\Program Files\TechSmith\SnagIt 8\SnagPriv.exe
C:\Program Files\PSCS\data\symserv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\WinFast\WFDTV\DVBTAP.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\catchme.exe
C:\ComboFix\sed.cfexe
C:\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.3.28.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFDTV\WFWIZ.exe
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [bdmreg] C:\WINDOWS\system32\bdmreg.exe
O4 - HKLM\..\Run: [DU Meter] C:\Program Files\DU Meter\DUMeter.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKLM\..\Run: [Trust Gaming mouse] "C:\Program Files\Trust\GM-4200 Gamer Mouse Optical\Panel.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [WinFastDTV] C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [RAMSaverPro] C:\Program Files\Godlike Developers\RAM Saver Pro\ramsaverpro.exe
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\xfire.exe
O4 - Global Startup: SnagIt 8.lnk = C:\Program Files\TechSmith\SnagIt 8\SnagIt32.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5F5F9FB8-878E-4455-95E0-F64B2314288A} (ijjiPlugin2 Class) - http://gamedownload.ijjimax.com/gamedownlo...Plugin11USA.cab
O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} (GameLauncher Control) - http://www.acclaim.com/cabs/acclaim_v5.cab
O16 - DPF: {CD995117-98E5-4169-9920-6C12D4C0B548} (HGPlugin9USA Class) - http://gamedownload.ijjimax.com/gamedownlo...GPlugin9USA.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{1F8356AA-547C-4E3F-836C-CA8018695423}: NameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{349FF121-5FF2-46FD-A6FC-869C5FFBAEAD}: NameServer = 212.59.1.1 212.59.2.2
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: RegVac Registry Service (RegVacService) - Super Win Software, Inc. - C:\Program Files\RegVac Registry Cleaner\RegVserv.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 10266 bytes
Logged

Offline guestolo

  • Site Donator
  • Administrator
  • Hero Member
  • *****
  • Posts: 16034
  • Karma: +1/-0
    • View Profile
    • http://
Nvidia Driver Error
« Reply #5 on: November 25, 2007, 10:47:59 AM »
Reboot the computer

Then look here and see if there is a log
C:\Combofix.txt
If there is post the contents

Also, look for this log
C:\ComboFix-quarantined-files.txt
If it's there, post it also
Logged

Do you want to post your own logs from FRST?

Follow the instructions posted http://www.thetechguide.com/forum/index.php/topic/22942-please-read-how-to-post-logs-from-frst/\'>Click Here

Offline FIxeL

  • Full Member
  • ***
  • Posts: 145
  • Karma: +0/-0
    • View Profile
Nvidia Driver Error
« Reply #6 on: November 25, 2007, 01:42:28 PM »
[quote name=\'questolo\']Then look here and see if there is a log
C:\ Combofix.txt[/quote]

I rebooted and checked it and there isnt such a file

[quote name=\'questolo\']Also, look for this log
C:\ComboFix-quarantined-files.txt[/quote]

There isnt such a file either
« Last Edit: November 25, 2007, 01:42:56 PM by FIxeL »
Logged

Offline guestolo

  • Site Donator
  • Administrator
  • Hero Member
  • *****
  • Posts: 16034
  • Karma: +1/-0
    • View Profile
    • http://
Nvidia Driver Error
« Reply #7 on: November 25, 2007, 01:47:21 PM »
Can you reboot into safe mode
Sign in with your Normal user account
Run combofix from safe mode

Reboot back to Normal windows After it's done

Post the combofix.txt log if it will finish
Logged

Do you want to post your own logs from FRST?

Follow the instructions posted http://www.thetechguide.com/forum/index.php/topic/22942-please-read-how-to-post-logs-from-frst/\'>Click Here

Offline FIxeL

  • Full Member
  • ***
  • Posts: 145
  • Karma: +0/-0
    • View Profile
Nvidia Driver Error
« Reply #8 on: November 26, 2007, 02:06:56 AM »
I ran a scan in safe mode, but still it didnt create a log, stoped at the creating report point
Logged

Offline guestolo

  • Site Donator
  • Administrator
  • Hero Member
  • *****
  • Posts: 16034
  • Karma: +1/-0
    • View Profile
    • http://
Nvidia Driver Error
« Reply #9 on: November 26, 2007, 11:56:08 PM »
Can you try the following,
Download [color=\"#008000\"]Deckard's System Scanner (dss.exe)[/color] to your desktop.
Close all applications and windows.
Double-click on dss.exe to run it and follow the prompts.
When the scan is complete, two text files will open; main.txt, which will be maximized and extra.txt, which will be minimized.

Post the contents of  main.txt and extra.txt
Logged

Do you want to post your own logs from FRST?

Follow the instructions posted http://www.thetechguide.com/forum/index.php/topic/22942-please-read-how-to-post-logs-from-frst/\'>Click Here

Offline FIxeL

  • Full Member
  • ***
  • Posts: 145
  • Karma: +0/-0
    • View Profile
Nvidia Driver Error
« Reply #10 on: November 27, 2007, 03:31:10 AM »
Oki, i did the scan, heres the result:

Main:

Deckard's System Scanner v20071014.68
Run by FIxeL on 2007-11-27 10:25:35
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
5: 2007-11-27 08:25:43 UTC - RP323 - Deckard's System Scanner Restore Point
4: 2007-11-27 05:38:07 UTC - RP322 - Installed DirectX
3: 2007-11-27 00:50:34 UTC - RP321 - System Checkpoint
2: 2007-11-25 23:54:06 UTC - RP320 - System Checkpoint
1: 2007-11-24 23:32:30 UTC - RP319 - System Checkpoint


Backed up registry hives.
Performed disk cleanup.



-- HijackThis (run as FIxeL.exe) -----------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:27, on 2007-11-27
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\WinFast\WFDTV\WFWIZ.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\PSCS\data\eventwin.exe
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
C:\Program Files\Trust\GM-4200 Gamer Mouse Optical\Panel.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\Godlike Developers\RAM Saver Pro\ramsaverpro.exe
C:\Program Files\DAEMON Tools Pro\DTProAgent.exe
C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
C:\Program Files\PSCS\data\symserv.exe
C:\Documents and Settings\FIxeL\Desktop\dss.exe
C:\HIJACK~1\FIxeL.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.3.28.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFDTV\WFWIZ.exe
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [bdmreg] C:\WINDOWS\system32\bdmreg.exe
O4 - HKLM\..\Run: [DU Meter] C:\Program Files\DU Meter\DUMeter.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKLM\..\Run: [Trust Gaming mouse] "C:\Program Files\Trust\GM-4200 Gamer Mouse Optical\Panel.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [WinFastDTV] C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [RAMSaverPro] C:\Program Files\Godlike Developers\RAM Saver Pro\ramsaverpro.exe
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\xfire.exe
O4 - Global Startup: SnagIt 8.lnk = C:\Program Files\TechSmith\SnagIt 8\SnagIt32.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5F5F9FB8-878E-4455-95E0-F64B2314288A} (ijjiPlugin2 Class) - http://gamedownload.ijjimax.com/gamedownlo...Plugin11USA.cab
O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} (GameLauncher Control) - http://www.acclaim.com/cabs/acclaim_v5.cab
O16 - DPF: {CD995117-98E5-4169-9920-6C12D4C0B548} (HGPlugin9USA Class) - http://gamedownload.ijjimax.com/gamedownlo...GPlugin9USA.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{1F8356AA-547C-4E3F-836C-CA8018695423}: NameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{349FF121-5FF2-46FD-A6FC-869C5FFBAEAD}: NameServer = 212.59.1.1 212.59.2.2
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: RegVac Registry Service (RegVacService) - Super Win Software, Inc. - C:\Program Files\RegVac Registry Cleaner\RegVserv.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 9782 bytes

-- HijackThis Fixed Entries (C:\HIJACK~1\backups\) -----------------------------

backup-20071124-224448-105 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.serial99.com/?a
backup-20071124-224448-280 O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
backup-20071124-224448-719 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
backup-20071124-224448-885 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
backup-20071124-224449-133 O13 - WWW Prefix: http://www.serial99.com/?

-- File Associations -----------------------------------------------------------

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R1 PQNTDrv - c:\windows\system32\drivers\pqntdrv.sys <Not Verified; PowerQuest Corporation; PowerQuest product>
R2 {09BB444F-B2E2-4009-BAF2-7B727681223E} (BuddyVM) - c:\program files\vmlaunch\buddyvm.sys <Not Verified; Interlex Inc.; BUDDY for Virtual-Mate>
R2 WF23880 (WinFast TV2000/DV2000 WDM Video Capture.) - c:\windows\system32\drivers\wf88vcap.sys <Not Verified; Copyright @2000-2006 Leadtek Research Inc.; wf88vcap.sys>
R2 WF88XBAR (WinFast TV2000/DV2000 WDM Crossbar.) - c:\windows\system32\drivers\wf88xbar.sys <Not Verified; Copyright @2000-2006 Leadtek Research Inc.; wf88xbar.sys>
R2 WFTUNE (WinFast TV2000/DV2000 WDM Tuner.) - c:\windows\system32\drivers\wf88tune.sys <Not Verified; Copyright @2000-2006 Leadtek Research Inc.; wf88tune.sys>
R3 GMFilter Filter - c:\windows\system32\drivers\gmfilter.sys <Not Verified; Game; Gaming Mouse>
R3 WFIOCTL - c:\program files\winfast\wftvfm\wfioctl.sys <Not Verified; Leadtek Research Inc.; WinFast MultiMedia Device Driver (Windows 2000/XP)>
R3 ZTPPPOE (WAN Miniport (PPP over Ethernet Protocol)) - c:\windows\system32\drivers\ztpppoe.sys <Not Verified; ZTEIC Corporation; PPP over Ethernet Protocol>

S3 catchme - c:\docume~1\fixel\locals~1\temp\catchme.sys (file missing)
S3 ENTECH - c:\windows\system32\drivers\entech.sys <Not Verified; EnTech Taiwan; PowerStrip>
S3 glauiad (jetSpeed USB LAN Device) - c:\windows\system32\drivers\glauiad.sys <Not Verified; GlobespanVirata Inc.; GlobespanVirata USB to Ethernet (LAN) Viking Modem>
S3 GMSIPCI - e:\install\gmsipci.sys (file missing)


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R3 ServiceLayer - "c:\program files\common files\pcsuite\services\servicelayer.exe" <Not Verified; Nokia.; PC Connectivity Solution>

S3 NBService - c:\program files\nero\nero 7\nero backitup\nbservice.exe
S3 RegVacService (RegVac Registry Service) - c:\program files\regvac registry cleaner\regvserv.exe <Not Verified; Super Win Software, Inc.; RegVac>


-- Device Manager: Disabled ----------------------------------------------------

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: NVIDIA nForce Networking Controller
Device ID: {1A3E09BE-1E45-494B-9174-D7385B45BBF5}\NVNET_DEV0373\4&E0244F4&0&00
Manufacturer: NVIDIA
Name: NVIDIA nForce Networking Controller
PNP Device ID: {1A3E09BE-1E45-494B-9174-D7385B45BBF5}\NVNET_DEV0373\4&E0244F4&0&00
Service: NVENETFD


-- Scheduled Tasks -------------------------------------------------------------

2007-11-22 08:34:51       364 --a------ C:\WINDOWS\Tasks\RegCure.job


-- Files created between 2007-10-27 and 2007-11-27 -----------------------------

2007-11-27 07:38:18         0 d-------- C:\WINDOWS\LastGood
2007-11-26 07:49:58         0 d-------- C:\Program Files\Pcsx2
2007-11-23 14:53:10         0 d-------- C:\Documents and Settings\FIxeL\Application Data\InstallShield Installation Information
2007-11-23 14:41:07         0 d-------- C:\WINDOWS\system32\AGEIA
2007-11-23 14:41:06         0 d-------- C:\Program Files\AGEIA Technologies
2007-11-21 21:10:27         0 d-------- C:\Program Files\FPS
2007-11-21 20:58:50         0 d-------- C:\FPC
2007-11-17 22:59:19         0 d-------- C:\Documents and Settings\FIxeL\Application Data\BYOND
2007-11-17 22:59:09         0 d-------- C:\Program Files\BYOND
2007-11-16 19:55:29         0 d-------- C:\Documents and Settings\All Users\Application Data\Ulead Systems
2007-11-16 16:50:57         2 --a------ C:\WINDOWS\system32\Dvbpws.dll
2007-11-16 16:21:33         0 d-------- C:\WinFast WorkArea
2007-11-16 16:21:15         0 d-------- C:\WFDB
2007-11-16 16:04:23         0 d-------- C:\Program Files\Ulead Systems
2007-11-16 16:04:22         0 d-------- C:\Program Files\Common Files\Ulead Systems
2007-11-16 15:35:52         0 d-------- C:\Program Files\Common Files\Ulead Systems(2)
2007-11-14 18:54:09        32 --a------ C:\WINDOWS\go
2007-11-14 18:54:04         0 d-------- C:\Program Files\Hide IP Platinum
2007-11-11 22:00:08         0 d-------- C:\WINDOWS\nview
2007-11-11 22:00:08         0 d-------- C:\Documents and Settings\All Users\Application Data\nView_Profiles
2007-11-11 20:52:29         0 d-------- C:\WINDOWS\nview(2)
2007-11-11 20:51:18         0 d-------- C:\NVIDIA
2007-11-11 20:50:53       664 --a------ C:\WINDOWS\system32\d3d9caps.dat
2007-11-11 20:50:51       552 --a------ C:\WINDOWS\system32\d3d8caps.dat
2007-11-09 14:29:47         0 d-------- C:\Program Files\Lavasoft
2007-11-09 14:29:47         0 d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2007-11-05 21:23:16         0 d-------- C:\Documents and Settings\FIxeL\Application Data\SystemRequirementsLab
2007-11-05 21:18:01         0 d-------- C:\Program Files\Lavalys
2007-11-02 13:37:52         0 d-------- C:\Program Files\WinHex
2007-11-02 13:36:59         0 d-------- C:\Program Files\Aikido3D
2007-11-01 19:32:07         0 d-------- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro
2007-11-01 19:29:40         0 d-------- C:\Program Files\DAEMON Tools Pro
2007-11-01 19:09:50         0 d-------- C:\Documents and Settings\FIxeL\Application Data\DAEMON Tools Pro
2007-10-31 22:26:31         0 d-------- C:\beta
2007-10-31 09:40:42         0 d-------- C:\Documents and Settings\FIxeL\Application Data\TrojanHunter
2007-10-31 09:35:35         0 d-------- C:\Program Files\TrojanHunter 5.0


-- Find3M Report ---------------------------------------------------------------

2007-11-27 07:39:00         0 d-------- C:\Documents and Settings\FIxeL\Application Data\uTorrent
2007-11-26 19:38:52         0 d-------- C:\Program Files\HLSW
2007-11-26 08:22:25         0 d-------- C:\Documents and Settings\FIxeL\Application Data\Xfire
2007-11-26 07:48:25         0 d-------- C:\Documents and Settings\FIxeL\Application Data\Skype
2007-11-23 14:41:38         0 d-------- C:\Program Files\DIFX
2007-11-23 14:40:58         0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-11-21 05:15:17         0 d---s---- C:\Program Files\Xfire
2007-11-20 23:05:40         0 d-------- C:\Documents and Settings\FIxeL\Application Data\AVG7
2007-11-18 17:21:49         0 d-------- C:\Program Files\FlashGet
2007-11-18 17:17:15         0 d-------- C:\Program Files\BitComet
2007-11-16 16:04:20         0 d-------- C:\Program Files\Common Files
2007-11-16 15:35:52         0 d--h----- C:\Program Files\InstallShield Installation Information
2007-11-16 15:35:37         0 d-------- C:\Program Files\WinFast
2007-10-31 10:15:52         0 d-------- C:\Program Files\GZN
2007-10-21 20:36:56         0 d-------- C:\Program Files\Video Converter for Nokia Smartphones
2007-10-21 20:22:59         0 d-------- C:\Program Files\SpywareBlaster
2007-10-21 19:29:26         0 d-------- C:\Program Files\eRightSoft
2007-10-16 17:03:46         0 d-------- C:\Program Files\Common Files\Nokia
2007-10-16 17:03:45         0 d-------- C:\Program Files\Nokia
2007-10-13 23:02:43         0 d-------- C:\Program Files\Java
2007-10-13 18:42:11      3546 --a------ C:\WINDOWS\system32\tmp.reg


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-06-01 11:22]
"nwiz"="nwiz.exe" [2006-06-01 11:22 C:\WINDOWS\system32\nwiz.exe]
"SkyTel"="SkyTel.EXE" [2006-05-16 12:04 C:\WINDOWS\SkyTel.exe]
"RTHDCPL"="RTHDCPL.EXE" [2006-06-28 08:54 C:\WINDOWS\RTHDCPL.exe]
"WinFast Schedule"="C:\Program Files\WinFast\WFDTV\WFWIZ.exe" [2007-10-01 10:10]
"NvMediaCenter"="NvMCTray.dll" [2006-06-01 11:22 C:\WINDOWS\system32\nvmctray.dll]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe" [2007-11-16 17:32]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 16:40]
"bdmreg"="C:\WINDOWS\system32\bdmreg.exe" [2007-02-08 05:51]
"DU Meter"="C:\Program Files\DU Meter\DUMeter.exe" [2004-08-25 10:26]
"PCSuiteTrayApplication"="C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.exe" [2006-06-15 11:36]
"ZTE ADSL"="" []
"Trust Gaming mouse"="C:\Program Files\Trust\GM-4200 Gamer Mouse Optical\Panel.exe" [2006-12-28 08:20]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11]
"WinFastDTV"="C:\Program Files\WinFast\WFDTV\DTVSchdl.exe" [2007-10-09 10:13]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:56]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2007-09-13 12:31]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-07-31 11:45]
"PcSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2006-06-27 15:21]
"RocketDock"="C:\Program Files\RocketDock\RocketDock.exe" [2007-03-18 23:05]
"RAMSaverPro"="C:\Program Files\Godlike Developers\RAM Saver Pro\ramsaverpro.exe" [2007-07-19 20:51]
"DAEMON Tools Pro Agent"="C:\Program Files\DAEMON Tools Pro\DTProAgent.exe" [2007-09-06 15:08]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
"RunNarrator"=Narrator.exe

C:\Documents and Settings\FIxeL\Start Menu\Programs\Startup\
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 19:16:50]
Xfire.lnk - C:\Program Files\Xfire\xfire.exe [2007-11-15 03:00:40]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
SnagIt 8.lnk - C:\Program Files\TechSmith\SnagIt 8\SnagIt32.exe [2007-02-16 17:40:52]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"DisableCAD"=1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"EditLevel"=0 (0x0)
"NoFileMenu"=0 (0x0)
"NoCommonGroups"=0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^FIxeL^Start Menu^Programs^Startup^Yahoo! Widget Engine.lnk]
backup=C:\WINDOWS\pss\Yahoo! Widget Engine.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
"C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
"C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BoostSpeed]
"C:\Program Files\AusLogics BoostSpeed\boostspeed.exe" /Q

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Flashget]
"C:\Program Files\FlashGet\FlashGet.exe" /min

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Hide-The-IP]
"C:\Program Files\Hide The IP\HideTheIP.exe" /startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LTemperaturos2]
C:\Program Files\AW\LTemperaturos2\LTemperaturos2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
"C:\Program Files\Messenger\msmsgs.exe" /background

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\sXe Injected]
C:\Program Files\sXe Injected\sXe Injected.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\THGuard]
"C:\Program Files\TrojanHunter 5.0\THGuard.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files\Winamp\winampa.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\µTorrent]
"C:\Program Files\uTorrent\utorrent.exe"




-- End of Deckard's System Scanner: finished at 2007-11-27 10:27:48 ------------


Extra:

Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: English

CPU 0: AMD Athlon(tm) 64 Processor 3500+
Percentage of Memory in Use: 35%
Physical Memory (total/avail): 1023.36 MiB / 665.07 MiB
Pagefile Memory (total/avail): 2459.8 MiB / 2054.82 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1916.72 MiB

A: is Removable (No Media)
C: is Fixed (NTFS) - 54.49 GiB total, 19.74 GiB free.
D: is Fixed (NTFS) - 178.4 GiB total, 11.25 GiB free.
E: is CDROM (No Media)
F: is CDROM (No Media)
G: is CDROM (No Media)
H: is CDROM (No Media)

\\.\PHYSICALDRIVE0 - SAMSUNG SP2504C - 232.88 GiB - 2 partitions
  \PARTITION0 (bootable) - Installable File System - 54.49 GiB - C:
  \PARTITION1 - Extended w/Extended Int 13 - 178.4 GiB - D:



-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.
Windows Internal Firewall is enabled.

FirstRunDisabled is set.

AV: AVG 7.5.503 v7.5.503 (Grisoft) [color=\"RED\"]Outdated[/color]

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\\Program Files\\uTorrent\\utorrent.exe"="C:\\Program Files\\uTorrent\\utorrent.exe:*:Enabled:utorrent"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype. Take a deep breath "
"C:\\Program Files\\Xfire\\xfire.exe"="C:\\Program Files\\Xfire\\xfire.exe:*:Enabled:Xfire"
"D:\\Games\\Counter-Strike 1.6 2\\cstrike.exe"="D:\\Games\\Counter-Strike 1.6 2\\cstrike.exe:*:Enabled:Counter-Strike Launcher"
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"="C:\\Program Files\\Mozilla Firefox\\firefox.exe:*:Enabled:Firefox"
"C:\\Program Files\\HLSW\\hlsw.exe"="C:\\Program Files\\HLSW\\hlsw.exe:*:Enabled:HLSW"


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\FIxeL\Application Data
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=PC
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HellgateEnv=D:\Games\Hellgate London\
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\FIxeL
LOGONSERVER=\\PC
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\wbem;C:\Program Files\Common Files\Adobe\AGL;;C:\FPC\2.2.0\bin\i386-Win32
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 79 Stepping 2, AuthenticAMD
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=4f02
ProgramFiles=C:\Program Files
PROMPT=$P$G
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\FIxeL\LOCALS~1\Temp
TMP=C:\DOCUME~1\FIxeL\LOCALS~1\Temp
USERDOMAIN=PC
USERNAME=FIxeL
USERPROFILE=C:\Documents and Settings\FIxeL
windir=C:\WINDOWS


-- User Profiles ---------------------------------------------------------------

FIxeL (admin)


-- Add/Remove Programs ---------------------------------------------------------

 --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
 --> C:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL
 --> C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
 --> C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
 --> C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
 --> C:\WINDOWS\UNNeroVision.exe /UNINSTALL
 --> C:\WINDOWS\UNRecode.exe /UNINSTALL
 --> MsiExec /X{45235788-142C-44BE-8A4D-DDE9A84492E5}
 --> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
2Moons --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1BD67531-A957-4592-9743-A2761BB4AC28}\setup.exe" -l0x9  -removeonly
Ad-Aware 2007 --> MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Bridge 1.0 --> MsiExec.exe /I{B74D4E10-6884-0000-0000-000000000103}
Adobe Common File Installer --> MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5B39}
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Help Center 1.0 --> MsiExec.exe /I{E9787678-1033-0000-8E67-000000000001}
Adobe Photoshop CS2 --> msiexec /I {236BB7C4-4419-42FD-0409-1E257A25E34D}
Adobe Reader 8.1.1 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81000000003}
Adobe Shockwave Player --> C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Adobe Stock Photos 1.0 --> MsiExec.exe /I{EE0D5DCD-2B97-4473-98DF-E93C0BD92F7A}
Adobe® Photoshop® Album Starter Edition 3.0 --> MsiExec.exe /I{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}
AGEIA PhysX v7.09.13 --> MsiExec.exe /X{45235788-142C-44BE-8A4D-DDE9A84492E5}
Aikido3D 1.0 --> C:\Program Files\Aikido3D\uninst.exe
AltDesk.1.8 --> C:\Program Files\AltDesk\uninst.exe
AMX Mod X Installer 1.76d --> C:\Documents and Settings\FIxeL\Desktop\AMX Mod X\uninst.exe
Any Video Converter 2.0.7 --> "C:\Program Files\Any Video Converter\unins000.exe"
ApexDC --> MsiExec.exe /I{C9A3170F-D09F-4BFE-8620-4560BD76B4CF}
Archlord --> "D:\Games\Archlord\unins000.exe"
µTorrent --> "C:\Program Files\uTorrent\uninstall.exe"
µTorrent --> "C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
AusLogics BoostSpeed --> "C:\Program Files\AusLogics BoostSpeed\unins000.exe"
AVG Anti-Spyware 7.5 --> C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe
AVG Free Edition --> C:\Program Files\Grisoft\AVG Free\setup.exe /UNINSTALL
BioShock --> C:\Program Files\InstallShield Installation Information\{E280923D-C5D9-4728-8C79-AC9A0DC75875}\Setup.exe -runfromtemp -l0x0009 -removeonly
BitComet 0.86 --> C:\Program Files\BitComet\uninst.exe
Black & White® 2 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D9E52CD1-9DF1-4A8A-9BDC-1E5E53982F2B}\setup.exe" -l0x9  -removeonly
Black & White® 2 Battle of the Gods --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{10631C28-62E5-477C-9B40-40C5EA8219BE}\setup.exe" -l0x9  -removeonly
Build Your Own Net Dream (remove only) --> C:\Program Files\BYOND\Uninst.exe
Call of Duty® 4 - Modern Warfare(tm) --> C:\Program Files\InstallShield Installation Information\{E48469CC-635E-4FD5-A122-1497C286D217}\setup.exe -runfromtemp -l0x0409
Canon i250 --> C:\WINDOWS\system32\CNMCP50.exe "-PRINTERNAMECanon i250" "-HELPERDLLC:\BJPrinter\CNMWINDOWS\Canon i250 Installer\Inst2\cnmis.dll" "-RCDLLC:\BJPrinter\CNMWINDOWS\Canon i250 Installer\Inst2\cnmi0409.dll"
CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe"
CheMax 6.9 --> "C:\Program Files\CheMax\unins000.exe"
Complete Japanese --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\TLI\Complete Japanese V2\Uninst.isu"
ConTEXT --> "C:\Program Files\ConTEXT\unins000.exe"
CuteFTP 8 Professional --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{91F34319-08DE-457A-99C0-0BCDFAC145B9}\Setup.exe" -l0x9
DameK UltraBlue --> C:\WINDOWS\iun6002.exe "C:\WINDOWS\Resources\Themes\DameK UltraBlue\irunin.ini"
Delete Virtual-Mate Launcher --> "C:\Program Files\VMLaunch\unins000.exe"
Devil May Cry 3 Special Edition --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D4A8FCAB-9D30-4509-A3F1-D0B7E1BE9F00}\setup.exe" -l0x9  -removeonly
DFX 8 for Winamp --> "C:\Program Files\Winamp\uninstall_dfx.exe"
DynGate --> "C:\Program Files\DynGate\uninstall.exe"
DU Meter --> "C:\Program Files\DU Meter\unins000.exe"
eMusic - 50 Free MP3 offer --> "C:\Program Files\Winamp\eMusic\Uninst-eMusic-promotion.exe"
EVEREST Ultimate Edition v4.00 --> "C:\Program Files\Lavalys\EVEREST Ultimate Edition\unins000.exe"
FileZilla (remove only) --> "C:\Program Files\FileZilla\uninstall.exe"
FlashGet 1.8.8.1009 --> C:\Program Files\FlashGet\uninst.exe
FPS 0.6.4a --> C:\Program Files\FPS\uninst.exe
Free Download Manager 2.1 --> "C:\Program Files\Free Download Manager\unins000.exe"
Free Pascal 2.2.0 --> "C:\FPC\2.2.0\unins000.exe"
GameCenter --> C:\Program Files\Cyanide\GameCenter\uninstall.exe
GM-4200 Gamer Mouse Optical --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{235C3A50-559F-4CAA-BAC3-4CC9ABF51976}\setup.exe" -l0x9  -removeonly
Google Earth --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3DE5E7D4-7B88-403C-A3FD-2017A8240C5B}\setup.exe" -l0x9  -removeonly
Guard Shield --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{47E235BB-2CB0-4D8D-A95C-A2F723691173}\setup.exe"
Hamachi 1.0.2.1 --> C:\Program Files\Hamachi\uninstall.exe
Hellgate: London --> MsiExec.exe /X{A2B4455D-1046-4732-BFBC-0821BEFC07BC}
Hide The IP --> C:\Program Files\Hide The IP\Uninstal.exe
HijackThis 2.0.2 --> "C:\HijackThis\HijackThis.exe" /uninstall
HLSW v1.1.0 --> "C:\Program Files\HLSW\unins000.exe"
Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
ijji - Gunz --> D:\Games\Gunz\Uninstall.exe
iZotope Ozone 1.0 for Winamp2 and Winamp3 --> "C:\Program Files\iZotope\Ozone\Winamp\unins000.exe"
Yahoo! Widget Engine --> C:\Program Files\Yahoo!\Yahoo! Widget Engine\uninstall.exe
Java(tm) 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
jetSpeed 520 ADSL Modem --> C:\Program Files\jetSpeed520\Adsl\uninstall.exe
K-Lite Codec Pack 2.77 Full --> "C:\Program Files\K-Lite Codec Pack\unins000.exe"
Kaiba Corp Virtual Duel System 1.4 --> "D:\Games\Kaiba Corp VDS\unins001.exe"
LIVE gaming on Windows Runtime Version 1.0.6027 --> MsiExec.exe /X{839916F4-D8B5-4407-BE6D-6D4EB9D96AF4}
Lost Planet Extreme Condition --> MsiExec.exe /I{AD281A87-2AD3-4CEB-AF85-468FD84698D8}
LTemperaturos2 --> MsiExec.exe /I{7F55FA18-DA8C-477B-97C7-1E985AE47B3D}
Marvel(tm) - Ultimate Alliance --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1150\INTEL3~1\IDriver.exe /M{932FB3F3-594D-4600-ABFA-F2DE80A14214}
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Office Professional Edition 2003 --> MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9}
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mozilla Firefox (2.0.0.9) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 6.0 Parser (KB933579) --> MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
Need for Speedâ„¢ ProStreet Demo --> MsiExec.exe /X{6E384346-CD1C-4A00-9885-BC8E6A50ECB5}
Nero 7 Premium --> MsiExec.exe /I{11439F51-B8D2-4736-9CDF-8889FEBE1033}
Nero Sipps --> C:\WINDOWS\UNNeroSipps.exe /UNINSTALL
Nokia Connectivity Cable Driver --> MsiExec.exe /X{11964613-805F-432D-A12B-169554B793E7}
Nokia Lifeblog 2.1 --> MsiExec.exe /I{EE565795-2776-415A-B31C-EB3A8D7C6FA4}
Nokia MTP driver --> MsiExec.exe /I{59359B3D-ABE7-46BF-AB55-43B67A64DC68}
Nokia N73 highlights --> MsiExec.exe /I{02B71D92-A84B-4DFB-9A10-D12BB01AC1F2}
Nokia PC Connectivity Solution --> MsiExec.exe /I{0D80391C-0A72-43BB-9BC2-143F63CC111D}
Nokia PC Suite --> MsiExec.exe /I{531317A5-586A-4E36-87C1-CA823447B375}
Nokia Software Updater --> MsiExec.exe /X{FE5D756F-71E1-47C4-972A-D6775344B40B}
Nokia themes for your device --> MsiExec.exe /I{77F5816C-64A6-4FBE-BBE5-52EFE5EB84E8}
NVIDIA Drivers --> C:\WINDOWS\system32\nvudisp.exe UninstallGUI
Pcsx2 0.9.2 Watermoose --> "C:\Program Files\Pcsx2\unins000.exe"
Plato Video To 3GP Converter Free 3.35 --> "C:\Program Files\Plato Video To 3GP Converter\unins000.exe"
PowerQuest PartitionMagic 8.0 --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}
Psi Ops --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F168AFC5-B8C9-4165-A23E-E3EA1BE5531E}\Setup.exe" -l0x9  -removeonly
QuickTime --> C:\WINDOWS\unvise32qt.exe C:\WINDOWS\system32\QuickTime\Uninstall.log
RAM Saver Pro version 7.0 --> "c:\Program Files\Godlike Developers\RAM Saver Pro\uninstall.exe"
Rappelz_USA --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E144A786-D2DD-428B-9C1A-0EE3FA3515EA}\setup.exe" -l0x9  -removeonly
RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Realtek High Definition Audio Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x9  -removeonly
RegVac Registry Cleaner 4.02 (Registered Version) --> "C:\Program Files\RegVac Registry Cleaner\unins000.exe"
RYL2 - Incomplete Union v1.6.0.2 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{81493ECE-6BD4-4972-B7DB-A0134C0A0D3F}\Setup.exe" -l0x9
RocketDock 1.3.1 --> "C:\Program Files\RocketDock\unins000.exe"
Skypeâ„¢ 3.5 --> MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
SnagIt 8 --> MsiExec.exe /I{B6F0BE9B-41D7-45A2-9A76-D3DB1A89EC6A}
Sony Ericsson Themes Creator 3.06 --> C:\Program Files\Sony Ericsson\Themes Creator\Uninstall.exe
SpaceCowboy --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{52A690A0-DC0A-4B80-B4D2-4E6D5C1C9B9C}\Setup.exe" -l0x9
SpywareBlaster v3.5.1 --> "C:\Program Files\SpywareBlaster\unins000.exe"
sXe Injected --> "C:\Program Files\sXe Injected\uninstall.exe"
TimeShift --> C:\Program Files\InstallShield Installation Information\{1367FA2F-2B3D-430F-872F-588B93420BFC}\setup.exe -runfromtemp -l0x0009 -removeonly
Tom Clancy's Ghost Recon Advanced Warfighter® 2 --> "C:\Program Files\InstallShield Installation Information\{F78AC3C0-578C-49AB-BD4E-3107A6036A13}\Setup.exe" -runfromtemp -l0x0009 -removeonly
TrojanHunter 5.0 --> "C:\Program Files\TrojanHunter 5.0\unins000.exe"
Turf Battles --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B6BEBF04-C1A3-4D48-BB70-31F73349638E}\setup.exe" -l0x9  -removeonly
Ulead Disc-Direct SDK --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0700\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8D2C1E44-7685-4D05-8342-B0DC6422FA47}\Setup.exe" -l0x9
Unreal Tournament 3 --> "C:\Documents and Settings\FIxeL\Application Data\InstallShield Installation Information\{BFA90209-7AFF-4DB6-8E4B-E57305751AD7}\SetupUT3.exe" -runfromtemp -l0x0409 -removeonly
Unreal Tournament 3 --> MsiExec.exe /X{BFA90209-7AFF-4DB6-8E4B-E57305751AD7}
Uplink --> C:\WINDOWS\IsUninst.exe -fd:\games\Uplink\Uninst.isu
UserBar Generator 1.2 --> "C:\Program Files\AmitySource\UserBar Generator 2.2\unins000.exe"
Ventrilo Client --> MsiExec.exe /I{789289CA-F73A-4A16-A331-54D498CE069F}
Ventrilo Server --> MsiExec.exe /I{85DD724B-15E5-4572-81BF-CF9031D83848}
Video Converter for Nokia Smartphones 1.2 --> "C:\Program Files\Video Converter for Nokia Smartphones\unins000.exe"
Web Page Maker Resource Pack 1.0 --> "C:\Program Files\Web Page Maker V2\WPM\unins000.exe"
Web Page Maker V2 --> "C:\Program Files\Web Page Maker V2\unins000.exe"
Winamp (remove only) --> "C:\Program Files\Winamp\UninstWA.exe"
WinAVIVideoConverter --> "C:\Program Files\WinAVIVideoConverter\unins000.exe"
Windows Driver Package - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0) --> C:\PROGRA~1\DIFX\7B44739871F4D539FA473F57A832EA4B6A59EF06\DPInst.exe /d /u C:\WINDOWS\system32\DRVSTORE\amdk8_C074F64CC74B03BC354BB5DC973CCF768D5A7194\amdk8.inf
Windows Driver Package - Nokia Modem (06/12/2006 6.81.0.21) --> C:\PROGRA~1\DIFX\D6ACC4BE676423A2B130B78A4B627FC457D98997\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_62A340731F8930057B44B8864F236850B0D49D65\nokbtmdm.inf
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
WinFast PVR --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C882DE6B-1482-42D6-A7C2-A9F946EDBAF6}\setup.exe"
WinFast PVR2 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C92C584E-C781-475E-A8E2-C67D993A6B95}\setup.exe" -l0x9  -removeonly
WinFast TV USB II(Driver) --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BE4AA694-815A-4045-BD49-C94F2BED7458}\setup.exe"
WinHex --> C:\Program Files\WinHex\WinHex.exe uninst
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe
World of Warcraft --> C:\Program Files\Common Files\Blizzard Entertainment\World of Warcraft\Uninstall.exe
Xfire (remove only) --> "C:\Program Files\Xfire\uninst.exe"
Zip Recovery Toolbox 1.0 --> "C:\Program Files\Zip Recovery Toolbox\unins000.exe"
Zip Repair Pro --> "C:\Program Files\GetData\Zip Repair Pro\unins000.exe"
ZTE ADSL Dialer 1.0j_EN --> "C:\Program Files\ZTE\ADSLDIAL\unins000.exe"


-- Application Event Log -------------------------------------------------------

Event Record #/Type3104 / Error
Event Submitted/Written: 11/27/2007 10:27:21 AM
Event ID/Source: 11 / crypt32
Event Description:
Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Event Record #/Type3103 / Error
Event Submitted/Written: 11/27/2007 10:27:21 AM
Event ID/Source: 11 / crypt32
Event Description:
Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Event Record #/Type3102 / Error
Event Submitted/Written: 11/26/2007 08:22:10 AM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application skype.exe, version 3.5.0.239, faulting module skype.exe, version 3.5.0.239, fault address 0x008c1a6c.
Processing media-specific event for [skype.exe!ws!]

Event Record #/Type3089 / Error
Event Submitted/Written: 11/24/2007 10:49:26 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application hijackthis.exe, version 2.0.0.2, faulting module wbemdisp.dll, version 5.1.2600.2180, fault address 0x0000f1b6.
Processing media-specific event for [hijackthis.exe!ws!]

Event Record #/Type3088 / Error
Event Submitted/Written: 11/24/2007 10:49:21 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application hijackthis.exe, version 2.0.0.2, faulting module wbemdisp.dll, version 5.1.2600.2180, fault address 0x0000f1b6.
Processing media-specific event for [hijackthis.exe!ws!]



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type22739 / Error
Event Submitted/Written: 11/27/2007 09:54:24 AM
Event ID/Source: 31008 / ipnathlp
Event Description:
The DNS proxy agent was unable to read the local list of name-resolution
servers from the registry.
The data is the error code.

Event Record #/Type22737 / Warning
Event Submitted/Written: 11/27/2007 05:14:21 AM
Event ID/Source: 4226 / Tcpip
Event Description:
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.

Event Record #/Type22736 / Warning
Event Submitted/Written: 11/26/2007 09:57:26 PM
Event ID/Source: 4226 / Tcpip
Event Description:
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.

Event Record #/Type22733 / Error
Event Submitted/Written: 11/26/2007 09:37:38 PM
Event ID/Source: 31008 / ipnathlp
Event Description:
The DNS proxy agent was unable to read the local list of name-resolution
servers from the registry.
The data is the error code.

Event Record #/Type22729 / Error
Event Submitted/Written: 11/26/2007 05:58:48 PM
Event ID/Source: 31008 / ipnathlp
Event Description:
The DNS proxy agent was unable to read the local list of name-resolution
servers from the registry.
The data is the error code.



-- End of Deckard's System Scanner: finished at 2007-11-27 10:27:48 ------------
Logged

Offline FIxeL

  • Full Member
  • ***
  • Posts: 145
  • Karma: +0/-0
    • View Profile
Nvidia Driver Error
« Reply #11 on: November 27, 2007, 01:39:53 PM »
By the way, i have another problem and maybe you could look in to it also after/while solwing this problem. Latly my internet conection started to disconect by it self very often, before it was like 1 time in 24 h ( dissconect) but now it dissconects from 20 min to 6-7 h, a very random time of discconect. It is very annoying becouse i like to leave PC on during night to download movies, games and such.
If you can please check on it.
Logged

Offline guestolo

  • Site Donator
  • Administrator
  • Hero Member
  • *****
  • Posts: 16034
  • Karma: +1/-0
    • View Profile
    • http://
Nvidia Driver Error
« Reply #12 on: November 28, 2007, 10:39:09 AM »
Do a "System scan only" with Hijackthis and put a check next to these entries:

O4 - HKLM\..\Run: [bdmreg] C:\WINDOWS\system32\bdmreg.exe


After you have ticked the above entries, close All other open windows
Including this one
Leave Hijackthis open and click FIX CHECKED
OK the prompt and exit Hijackthis

Reboot the computer and post a fresh hijackthis log
Logged

Do you want to post your own logs from FRST?

Follow the instructions posted http://www.thetechguide.com/forum/index.php/topic/22942-please-read-how-to-post-logs-from-frst/\'>Click Here

Offline FIxeL

  • Full Member
  • ***
  • Posts: 145
  • Karma: +0/-0
    • View Profile
Nvidia Driver Error
« Reply #13 on: November 28, 2007, 01:19:50 PM »
i scaned and selected it and after that closed all programs but after restart it is stillthere.... maybe i should do it in safe mode? here the result after restart :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:17, on 2007-11-28
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\WinFast\WFDTV\WFWIZ.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\DU Meter\DUMeter.exe
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
C:\Program Files\Trust\GM-4200 Gamer Mouse Optical\Panel.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\Godlike Developers\RAM Saver Pro\ramsaverpro.exe
C:\Program Files\DAEMON Tools Pro\DTProAgent.exe
C:\Program Files\PSCS\data\eventwin.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\Program Files\TechSmith\SnagIt 8\SnagIt32.exe
C:\Program Files\Xfire\xfire.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\PSCS\data\symserv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\TechSmith\SnagIt 8\TSCHelp.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\TechSmith\SnagIt 8\SnagPriv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.3.28.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFDTV\WFWIZ.exe
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [DU Meter] C:\Program Files\DU Meter\DUMeter.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKLM\..\Run: [Trust Gaming mouse] "C:\Program Files\Trust\GM-4200 Gamer Mouse Optical\Panel.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [WinFastDTV] C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
O4 - HKLM\..\Run: [bdmreg] C:\WINDOWS\system32\bdmreg.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [RAMSaverPro] C:\Program Files\Godlike Developers\RAM Saver Pro\ramsaverpro.exe
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\xfire.exe
O4 - Global Startup: SnagIt 8.lnk = C:\Program Files\TechSmith\SnagIt 8\SnagIt32.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5F5F9FB8-878E-4455-95E0-F64B2314288A} (ijjiPlugin2 Class) - http://gamedownload.ijjimax.com/gamedownlo...Plugin11USA.cab
O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} (GameLauncher Control) - http://www.acclaim.com/cabs/acclaim_v5.cab
O16 - DPF: {CD995117-98E5-4169-9920-6C12D4C0B548} (HGPlugin9USA Class) - http://gamedownload.ijjimax.com/gamedownlo...GPlugin9USA.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{1F8356AA-547C-4E3F-836C-CA8018695423}: NameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{349FF121-5FF2-46FD-A6FC-869C5FFBAEAD}: NameServer = 212.59.1.1 212.59.2.2
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: RegVac Registry Service (RegVacService) - Super Win Software, Inc. - C:\Program Files\RegVac Registry Cleaner\RegVserv.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 10234 bytes
Logged

Offline guestolo

  • Site Donator
  • Administrator
  • Hero Member
  • *****
  • Posts: 16034
  • Karma: +1/-0
    • View Profile
    • http://
Nvidia Driver Error
« Reply #14 on: November 28, 2007, 03:42:31 PM »
Something is interfering with the removal of that entry, and possibly running combofix also

I suggest that for now, you access your add/remove programs and uninstall
Ad-Aware 2007
Also, uninstall AVG Anti-Spyware 7.5
Reboot the computer

Back in Windows
Double click on the AVG icon by the clock
Right click on Resident Shield>>Properties>>
Uncheck "Turn on AVG Free Resident....."
Apply and OK out of there

Delete your version of Combofix

ONLY dowload combofix from the following location
Download this file - Combofix.exe and save it ONLY to your desktop
Double click combofix.exe & follow the prompts.
When finished, it shall produce a log for you.
It's default location is C:\Combofix.txt

Note:
Do not mouseclick combofix's window while it's running. That may cause it to stall

Post that log back please
Logged

Do you want to post your own logs from FRST?

Follow the instructions posted http://www.thetechguide.com/forum/index.php/topic/22942-please-read-how-to-post-logs-from-frst/\'>Click Here

Offline FIxeL

  • Full Member
  • ***
  • Posts: 145
  • Karma: +0/-0
    • View Profile
Nvidia Driver Error
« Reply #15 on: November 28, 2007, 05:22:33 PM »
This time it worked heres the report:

ComboFix 07-11-29.2 - FIxeL 2007-11-29  0:18:26.8 - NTFSx86
Microsoft Windows XP Professional  5.1.2600.2.1257.1.1033.18.507 [GMT 2:00]
Running from: C:\Documents and Settings\FIxeL\Desktop\ComboFix.exe
 * Created a new restore point
.

(((((((((((((((((((((((((   Files Created from 2007-10-28 to 2007-11-29  )))))))))))))))))))))))))))))))
.

2007-11-27 10:25 . 2007-11-27 10:25   <DIR>   d--------   C:\Deckard
2007-11-26 07:49 . 2007-11-26 07:58   <DIR>   d--------   C:\Program Files\Pcsx2
2007-11-23 14:53 . 2007-11-23 14:53   <DIR>   d--------   C:\Documents and Settings\FIxeL\Application Data\InstallShield Installation Information
2007-11-23 14:41 . 2007-11-23 14:41   <DIR>   d--------   C:\Program Files\AGEIA Technologies
2007-11-23 14:41 . 2007-07-19 18:14   3,727,720   --a------   C:\WINDOWS\system32\d3dx9_35.dll
2007-11-23 14:41 . 2007-07-19 18:14   1,358,192   --a------   C:\WINDOWS\system32\D3DCompiler_35.dll
2007-11-23 14:41 . 2007-07-19 18:14   444,776   --a------   C:\WINDOWS\system32\d3dx10_35.dll
2007-11-21 21:10 . 2007-11-21 21:16   <DIR>   d--------   C:\Program Files\FPS
2007-11-21 20:58 . 2007-11-21 20:58   <DIR>   d--------   C:\FPC
2007-11-17 22:59 . 2007-11-17 23:15   <DIR>   d--------   C:\Program Files\BYOND
2007-11-17 22:59 . 2007-11-18 17:22   <DIR>   d--------   C:\Documents and Settings\FIxeL\Application Data\BYOND
2007-11-16 19:55 . 2007-11-16 19:55   <DIR>   d--------   C:\Documents and Settings\All Users\Application Data\Ulead Systems
2007-11-16 16:50 . 2007-11-29 00:15   2   --a------   C:\WINDOWS\system32\Dvbpws.dll
2007-11-16 16:21 . 2007-11-25 17:56   <DIR>   d--------   C:\WinFast WorkArea
2007-11-16 16:21 . 2007-11-16 16:21   <DIR>   d--------   C:\WFDB
2007-11-16 16:04 . 2007-11-16 16:04   <DIR>   d--------   C:\Program Files\Ulead Systems
2007-11-16 16:04 . 2007-11-16 16:04   <DIR>   d--------   C:\Program Files\Common Files\Ulead Systems
2007-11-16 15:35 . 2007-11-16 16:04   <DIR>   d--------   C:\Program Files\Common Files\Ulead Systems(2)
2007-11-14 18:54 . 2007-11-16 16:05   <DIR>   d--------   C:\Program Files\Hide IP Platinum
2007-11-11 22:00 . 2007-11-11 22:00   <DIR>   d--------   C:\Documents and Settings\All Users\Application Data\nView_Profiles
2007-11-11 20:51 . 2007-11-11 20:51   <DIR>   d--------   C:\NVIDIA
2007-11-11 20:50 . 2007-11-11 20:50   664   --a------   C:\WINDOWS\system32\d3d9caps.dat
2007-11-11 20:50 . 2007-11-11 20:50   552   --a------   C:\WINDOWS\system32\d3d8caps.dat
2007-11-09 14:29 . 2007-11-09 14:29   <DIR>   d--------   C:\Documents and Settings\All Users\Application Data\Lavasoft
2007-11-08 14:34 . 2007-11-12 16:06   22,328   --a------   C:\WINDOWS\system32\drivers\PnkBstrK.sys
2007-11-08 14:34 . 2007-11-08 14:34   22,328   --a------   C:\Documents and Settings\FIxeL\Application Data\PnkBstrK.sys
2007-11-05 21:23 . 2007-11-05 21:23   <DIR>   d--------   C:\Documents and Settings\FIxeL\Application Data\SystemRequirementsLab
2007-11-05 21:18 . 2007-11-05 21:18   <DIR>   d--------   C:\Program Files\Lavalys
2007-11-02 13:37 . 2007-11-02 13:38   <DIR>   d--------   C:\Program Files\WinHex
2007-11-02 13:36 . 2007-11-02 13:44   <DIR>   d--------   C:\Program Files\Aikido3D
2007-11-01 19:32 . 2007-11-01 19:32   <DIR>   d--------   C:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro
2007-11-01 19:29 . 2007-11-01 19:33   <DIR>   d--------   C:\Program Files\DAEMON Tools Pro
2007-11-01 19:09 . 2007-11-01 19:10   <DIR>   d--------   C:\Documents and Settings\FIxeL\Application Data\DAEMON Tools Pro
2007-10-31 22:28 . 2007-10-31 22:28   887   --a------   C:\func.php
2007-10-31 22:26 . 2007-10-31 22:26   <DIR>   d--------   C:\beta
2007-10-31 09:40 . 2007-10-31 09:40   <DIR>   d--------   C:\Documents and Settings\FIxeL\Application Data\TrojanHunter
2007-10-31 09:35 . 2007-10-31 20:38   <DIR>   d--------   C:\Program Files\TrojanHunter 5.0

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-11-28 22:19   ---------   d-----w   C:\Documents and Settings\FIxeL\Application Data\Skype
2007-11-28 22:14   ---------   d-----w   C:\Program Files\Common Files\Wise Installation Wizard
2007-11-28 18:12   ---------   d-----w   C:\Documents and Settings\FIxeL\Application Data\uTorrent
2007-11-28 14:43   ---------   d-----w   C:\Documents and Settings\FIxeL\Application Data\AVG7
2007-11-26 17:38   ---------   d-----w   C:\Program Files\HLSW
2007-11-26 06:22   ---------   d-----w   C:\Documents and Settings\FIxeL\Application Data\Xfire
2007-11-23 12:41   ---------   d-----w   C:\Program Files\DIFX
2007-11-21 03:15   ---------   d-s---w   C:\Program Files\Xfire
2007-11-18 15:21   ---------   d-----w   C:\Program Files\FlashGet
2007-11-18 15:17   ---------   d-----w   C:\Program Files\BitComet
2007-11-16 13:35   ---------   d--h--w   C:\Program Files\InstallShield Installation Information
2007-11-16 13:35   ---------   d-----w   C:\Program Files\WinFast
2007-11-12 14:05   103,736   ----a-w   C:\WINDOWS\system32\PnkBstrB.exe
2007-11-08 16:37   66,872   ----a-w   C:\WINDOWS\system32\PnkBstrA.exe
2007-11-01 15:27   685,816   ----a-w   C:\WINDOWS\system32\drivers\sptd.sys
2007-10-31 08:15   ---------   d-----w   C:\Program Files\GZN
2007-10-21 18:36   ---------   d-----w   C:\Program Files\Video Converter for Nokia Smartphones
2007-10-21 18:22   ---------   d-----w   C:\Program Files\SpywareBlaster
2007-10-21 17:29   ---------   d-----w   C:\Program Files\eRightSoft
2007-10-16 15:03   ---------   d-----w   C:\Program Files\Nokia
2007-10-16 15:03   ---------   d-----w   C:\Program Files\Common Files\Nokia
2007-10-13 21:02   ---------   d-----w   C:\Program Files\Java
2007-10-13 16:42   3,546   ----a-w   C:\WINDOWS\system32\tmp.reg
2007-09-13 07:45   70,944   ----a-w   C:\WINDOWS\system32\PhysXLoader.dll
2005-05-13 14:12   217,073   -csha-r   C:\WINDOWS\meta4.exe
2007-04-06 20:40   238,284   -csh--w   C:\WINDOWS\Resources\Themes\DameK UltraBlue\irunin.dat
2005-07-14 09:31   27,648   --sha-r   C:\WINDOWS\system32\AVSredirect.dll
2005-06-26 12:32   616,448   --sha-r   C:\WINDOWS\system32\cygwin1.dll
2005-06-21 19:37   45,568   --sha-r   C:\WINDOWS\system32\cygz.dll
2006-05-03 09:06   163,328   --sha-r   C:\WINDOWS\system32\flvDX.dll
2004-01-24 21:00   70,656   --sha-r   C:\WINDOWS\system32\i420vfw.dll
2007-02-21 10:47   31,232   --sh--r   C:\WINDOWS\system32\msfDX.dll
2005-02-28 10:16   240,128   --sha-r   C:\WINDOWS\system32\x.264.exe
2004-01-24 21:00   70,656   --sha-r   C:\WINDOWS\system32\yv12vfw.dll
.

(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:56]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2007-09-13 12:31]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-07-31 11:45]
"PcSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2006-06-27 15:21]
"RocketDock"="C:\Program Files\RocketDock\RocketDock.exe" [2007-03-18 23:05]
"RAMSaverPro"="C:\Program Files\Godlike Developers\RAM Saver Pro\ramsaverpro.exe" [2007-07-19 20:51]
"DAEMON Tools Pro Agent"="C:\Program Files\DAEMON Tools Pro\DTProAgent.exe" [2007-09-06 15:08]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="RUNDLL32.exe" [2004-08-04 00:56 C:\WINDOWS\system32\rundll32.exe]
"nwiz"="nwiz.exe" [2006-06-01 11:22 C:\WINDOWS\system32\nwiz.exe]
"SkyTel"="SkyTel.EXE" [2006-05-16 12:04 C:\WINDOWS\SkyTel.exe]
"RTHDCPL"="RTHDCPL.EXE" [2006-06-28 08:54 C:\WINDOWS\RTHDCPL.exe]
"WinFast Schedule"="C:\Program Files\WinFast\WFDTV\WFWIZ.exe" [2007-10-01 10:10]
"NvMediaCenter"="RunDLL32.exe" [2004-08-04 00:56 C:\WINDOWS\system32\rundll32.exe]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe" [2007-11-16 17:32]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 16:40]
"DU Meter"="C:\Program Files\DU Meter\DUMeter.exe" [2004-08-25 10:26]
"PCSuiteTrayApplication"="C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.exe" [2006-06-15 11:36]
"ZTE ADSL"="" []
"Trust Gaming mouse"="C:\Program Files\Trust\GM-4200 Gamer Mouse Optical\Panel.exe" [2006-12-28 08:20]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11]
"WinFastDTV"="C:\Program Files\WinFast\WFDTV\DTVSchdl.exe" [2007-10-09 10:13]
"bdmreg"="C:\WINDOWS\system32\bdmreg.exe" [2007-02-08 05:51]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 00:56]
"AVG7_Run"="C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe" [2007-11-16 17:32]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"RunNarrator"="Narrator.exe" [2004-08-04 00:56 C:\WINDOWS\system32\narrator.exe]

C:\Documents and Settings\FIxeL\Start Menu\Programs\Startup\
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 19:16:50]
Xfire.lnk - C:\Program Files\Xfire\xfire.exe [2007-11-15 03:00:40]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
SnagIt 8.lnk - C:\Program Files\TechSmith\SnagIt 8\SnagIt32.exe [2007-02-16 17:40:52]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"DisableCAD"= 1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"EditLevel"= 0 (0x0)
"NoCommonGroups"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^FIxeL^Start Menu^Programs^Startup^Yahoo! Widget Engine.lnk]
backup=C:\WINDOWS\pss\Yahoo! Widget Engine.lnkStartup
         
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
2005-06-06 22:46   57344   --a------   C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
         
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2007-10-10 19:51   39792   --a------   C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
         
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BoostSpeed]
         C:\Program Files\AusLogics BoostSpeed\boostspeed.exe /Q
         
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Flashget]
         C:\Program Files\FlashGet\FlashGet.exe /min
         
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Hide-The-IP]
         C:\Program Files\Hide The IP\HideTheIP.exe /startup
         
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LTemperaturos2]
2006-02-11 13:11   208896   --a------   C:\Program Files\AW\LTemperaturos2\LTemperaturos2.exe
         
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
         C:\Program Files\Messenger\msmsgs.exe /background
         
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\sXe Injected]
2007-04-09 22:11   594944   --a--c---   C:\Program Files\sXe Injected\sXe Injected.exe
         
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\THGuard]
2007-10-31 09:41   1046688   --a------   C:\Program Files\TrojanHunter 5.0\THGuard.exe
         
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2006-11-21 19:38   35328   --a------   C:\Program Files\Winamp\winampa.exe
         
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\µTorrent]
2007-11-21 16:05   219952   --a------   C:\Program Files\uTorrent\utorrent.exe

R2 {09BB444F-B2E2-4009-BAF2-7B727681223E};BuddyVM;\??\C:\Program Files\VMLaunch\BuddyVM.sys
R2 WF23880;WinFast TV2000/DV2000 WDM Video Capture.;C:\WINDOWS\system32\drivers\wf88vcap.sys
R2 WF88XBAR;WinFast TV2000/DV2000 WDM Crossbar.;C:\WINDOWS\system32\drivers\WF88XBAR.sys
R2 WFTUNE;WinFast TV2000/DV2000 WDM Tuner.;C:\WINDOWS\system32\drivers\WF88TUNE.sys
R3 GMFilter Filter;GMFilter Filter;C:\WINDOWS\system32\Drivers\GMFilter.sys
R3 USB_RNDIS_51;ZTE USB Remote NDIS Device Driver;C:\WINDOWS\system32\DRIVERS\usb8023.sys
R3 WFIOCTL;WFIOCTL;\??\C:\Program Files\WinFast\WFTVFM\WFIOCTL.SYS
R3 ZTPPPOE;WAN Miniport (PPP over Ethernet Protocol);C:\WINDOWS\system32\DRIVERS\ztpppoe.sys
S3 EverestDriver;Lavalys EVEREST Kernel Driver;\??\C:\Program Files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt
S3 glauiad;jetSpeed USB LAN Device;C:\WINDOWS\system32\DRIVERS\glauiad.sys
S3 RegVacService;RegVac Registry Service;C:\Program Files\RegVac Registry Cleaner\RegVserv.exe

.
Contents of the 'Scheduled Tasks' folder
"2007-11-22 06:34:51 C:\WINDOWS\Tasks\RegCure.job"
- D:\Prog. Files\RegCure\RegCure.exe
.
**************************************************************************

catchme 0.3.1318 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-11-29 00:20:04
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2007-11-29  0:20:57
.
   --- E O F ---
Logged

Offline guestolo

  • Site Donator
  • Administrator
  • Hero Member
  • *****
  • Posts: 16034
  • Karma: +1/-0
    • View Profile
    • http://
Nvidia Driver Error
« Reply #16 on: December 02, 2007, 11:37:40 PM »
Sorry for the delay
Can you run a scan for me please
Using browser Internet Explorer
Run an online virus scan at [color=\"#2E8B57\"]Kaspersky's[/color]
At the link click the button Kaspersky Online Scanner
Accept the prompt at the Welcome screen
You will be promted to install an ActiveX component from Kaspersky, Click Yes.

   
  • The program will launch and then begin downloading the latest definition files:
  • Once the files have been downloaded click on NEXT
       
       
  • Now under select a target to scan:

            Select My Computer
   
  • This program will start and scan your system.
  • The scan will take a while so be patient and let it run.
  • Once the scan is complete it will display if your system has been infected.

        ***Now click on the Save as Text button:
   
  • Save the file to your desktop. I will need to see it later


Post back that report please
Logged

Do you want to post your own logs from FRST?

Follow the instructions posted http://www.thetechguide.com/forum/index.php/topic/22942-please-read-how-to-post-logs-from-frst/\'>Click Here

Offline FIxeL

  • Full Member
  • ***
  • Posts: 145
  • Karma: +0/-0
    • View Profile
Nvidia Driver Error
« Reply #17 on: December 03, 2007, 02:47:24 PM »
Heres the result:

-------------------------------------------------------------------------------
 KASPERSKY ONLINE SCANNER REPORT
 Monday, December 03, 2007 9:43:34 PM
 Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
 Kaspersky Online Scanner version: 5.0.98.0
 Kaspersky Anti-Virus database last update:  3/12/2007
 Kaspersky Anti-Virus database records: 471044
-------------------------------------------------------------------------------

Scan Settings:
   Scan using the following antivirus database: extended
   Scan Archives: true
   Scan Mail Bases: true

Scan Target - My Computer:
   A:\
   C:\
   D:\
   E:\
   F:\
   G:\
   H:\

Scan Statistics:
   Total number of scanned objects: 126296
   Number of viruses found: 15
   Number of infected objects: 39
   Number of suspicious objects: 0
   Duration of the scan process: 02:55:43

Infected Object Name / Virus Name / Last Action
C:\autoexec.hta   Infected: Trojan.HTA.StartPage.i   skipped
C:\Documents and Settings\All Users\Application Data\avg7\Log\emc.log   Object is locked   skipped
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\avg7log.log   Object is locked   skipped
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\avg7log.log.lck   Object is locked   skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat   Object is locked   skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat   Object is locked   skipped
C:\Documents and Settings\FIxeL\Application Data\Mozilla\Firefox\Profiles\1xhp0zfu.default\cert8.db   Object is locked   skipped
C:\Documents and Settings\FIxeL\Application Data\Mozilla\Firefox\Profiles\1xhp0zfu.default\flashgot.log   Object is locked   skipped
C:\Documents and Settings\FIxeL\Application Data\Mozilla\Firefox\Profiles\1xhp0zfu.default\history.dat   Object is locked   skipped
C:\Documents and Settings\FIxeL\Application Data\Mozilla\Firefox\Profiles\1xhp0zfu.default\key3.db   Object is locked   skipped
C:\Documents and Settings\FIxeL\Application Data\Mozilla\Firefox\Profiles\1xhp0zfu.default\parent.lock   Object is locked   skipped
C:\Documents and Settings\FIxeL\Application Data\Mozilla\Firefox\Profiles\1xhp0zfu.default\search.sqlite   Object is locked   skipped
C:\Documents and Settings\FIxeL\Application Data\Mozilla\Firefox\Profiles\1xhp0zfu.default\urlclassifier2.sqlite   Object is locked   skipped
C:\Documents and Settings\FIxeL\Application Data\Skype\fixel2\call256.dbb   Object is locked   skipped
C:\Documents and Settings\FIxeL\Application Data\Skype\fixel2\callmember256.dbb   Object is locked   skipped
C:\Documents and Settings\FIxeL\Application Data\Skype\fixel2\chat1024.dbb   Object is locked   skipped
C:\Documents and Settings\FIxeL\Application Data\Skype\fixel2\chat16384.dbb   Object is locked   skipped
C:\Documents and Settings\FIxeL\Application Data\Skype\fixel2\chat2048.dbb   Object is locked   skipped
C:\Documents and Settings\FIxeL\Application Data\Skype\fixel2\chat256.dbb   Object is locked   skipped
C:\Documents and Settings\FIxeL\Application Data\Skype\fixel2\chat4096.dbb   Object is locked   skipped
C:\Documents and Settings\FIxeL\Application Data\Skype\fixel2\chat512.dbb   Object is locked   skipped
C:\Documents and Settings\FIxeL\Application Data\Skype\fixel2\chat8192.dbb   Object is locked   skipped
C:\Documents and Settings\FIxeL\Application Data\Skype\fixel2\chatmember256.dbb   Object is locked   skipped
C:\Documents and Settings\FIxeL\Application Data\Skype\fixel2\chatmsg1024.dbb   Object is locked   skipped
C:\Documents and Settings\FIxeL\Application Data\Skype\fixel2\chatmsg16384.dbb   Object is locked   skipped
C:\Documents and Settings\FIxeL\Application Data\Skype\fixel2\chatmsg2048.dbb   Object is locked   skipped
C:\Documents and Settings\FIxeL\Application Data\Skype\fixel2\chatmsg256.dbb   Object is locked   skipped
C:\Documents and Settings\FIxeL\Application Data\Skype\fixel2\chatmsg32768.dbb   Object is locked   skipped
C:\Documents and Settings\FIxeL\Application Data\Skype\fixel2\chatmsg4096.dbb   Object is locked   skipped
C:\Documents and Settings\FIxeL\Application Data\Skype\fixel2\chatmsg512.dbb   Object is locked   skipped
C:\Documents and Settings\FIxeL\Application Data\Skype\fixel2\chatmsg8192.dbb   Object is locked   skipped
C:\Documents and Settings\FIxeL\Application Data\Skype\fixel2\contactgroup256.dbb   Object is locked   skipped
C:\Documents and Settings\FIxeL\Application Data\Skype\fixel2\dyncontent\bundle.dat   Object is locked   skipped
C:\Documents and Settings\FIxeL\Application Data\Skype\fixel2\index2.dat   Object is locked   skipped
C:\Documents and Settings\FIxeL\Application Data\Skype\fixel2\profile4096.dbb   Object is locked   skipped
C:\Documents and Settings\FIxeL\Application Data\Skype\fixel2\transfer256.dbb   Object is locked   skipped
C:\Documents and Settings\FIxeL\Application Data\Skype\fixel2\transfer512.dbb   Object is locked   skipped
C:\Documents and Settings\FIxeL\Application Data\Skype\fixel2\user1024.dbb   Object is locked   skipped
C:\Documents and Settings\FIxeL\Application Data\Skype\fixel2\user16384.dbb   Object is locked   skipped
C:\Documents and Settings\FIxeL\Application Data\Skype\fixel2\user256.dbb   Object is locked   skipped
C:\Documents and Settings\FIxeL\Application Data\Skype\fixel2\user32768.dbb   Object is locked   skipped
C:\Documents and Settings\FIxeL\Application Data\Skype\fixel2\user4096.dbb   Object is locked   skipped
C:\Documents and Settings\FIxeL\Application Data\Skype\fixel2\voicemail256.dbb   Object is locked   skipped
C:\Documents and Settings\FIxeL\Cookies\index.dat   Object is locked   skipped
C:\Documents and Settings\FIxeL\Desktop\SmitfraudFix.zip/SmitfraudFix/Reboot.exe   Infected: not-a-virus:RiskTool.Win32.Reboot.f   skipped
C:\Documents and Settings\FIxeL\Desktop\SmitfraudFix.zip   ZIP: infected - 1   skipped
C:\Documents and Settings\FIxeL\Local Settings\Application Data\Ahead\Nero Home\bl.db   Object is locked   skipped
C:\Documents and Settings\FIxeL\Local Settings\Application Data\Ahead\Nero Home\bl.db-journal   Object is locked   skipped
C:\Documents and Settings\FIxeL\Local Settings\Application Data\Ahead\Nero Home\is2.db   Object is locked   skipped
C:\Documents and Settings\FIxeL\Local Settings\Application Data\Ahead\Nero Home\is2.db-journal   Object is locked   skipped
C:\Documents and Settings\FIxeL\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat   Object is locked   skipped
C:\Documents and Settings\FIxeL\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat   Object is locked   skipped
C:\Documents and Settings\FIxeL\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG   Object is locked   skipped
C:\Documents and Settings\FIxeL\Local Settings\Application Data\Mozilla\Firefox\Profiles\1xhp0zfu.default\Cache\_CACHE_001_   Object is locked   skipped
C:\Documents and Settings\FIxeL\Local Settings\Application Data\Mozilla\Firefox\Profiles\1xhp0zfu.default\Cache\_CACHE_002_   Object is locked   skipped
C:\Documents and Settings\FIxeL\Local Settings\Application Data\Mozilla\Firefox\Profiles\1xhp0zfu.default\Cache\_CACHE_003_   Object is locked   skipped
C:\Documents and Settings\FIxeL\Local Settings\Application Data\Mozilla\Firefox\Profiles\1xhp0zfu.default\Cache\_CACHE_MAP_   Object is locked   skipped
C:\Documents and Settings\FIxeL\Local Settings\History\History.IE5\index.dat   Object is locked   skipped
C:\Documents and Settings\FIxeL\Local Settings\History\History.IE5\MSHist012007120320071204\index.dat   Object is locked   skipped
C:\Documents and Settings\FIxeL\Local Settings\Temp\fla2F4B.tmp   Object is locked   skipped
C:\Documents and Settings\FIxeL\Local Settings\Temp\~DF29BC.tmp   Object is locked   skipped
C:\Documents and Settings\FIxeL\Local Settings\Temp\~DFA897.tmp   Object is locked   skipped
C:\Documents and Settings\FIxeL\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat   Object is locked   skipped
C:\Documents and Settings\FIxeL\Local Settings\Temporary Internet Files\Content.IE5\index.dat   Object is locked   skipped
C:\Documents and Settings\FIxeL\NTUSER.DAT   Object is locked   skipped
C:\Documents and Settings\FIxeL\ntuser.dat.LOG   Object is locked   skipped
C:\Documents and Settings\LocalService\Cookies\index.dat   Object is locked   skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat   Object is locked   skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG   Object is locked   skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat   Object is locked   skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat   Object is locked   skipped
C:\Documents and Settings\LocalService\NTUSER.DAT   Object is locked   skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG   Object is locked   skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat   Object is locked   skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG   Object is locked   skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT   Object is locked   skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG   Object is locked   skipped
C:\System Volume Information\MountPointManagerRemoteDatabase   Object is locked   skipped
C:\System Volume Information\_restore{A397AA59-85B3-4605-9425-332FA7D3C50E}\RP332\change.log   Object is locked   skipped
C:\WINDOWS\Debug\PASSWD.LOG   Object is locked   skipped
C:\WINDOWS\SchedLgU.Txt   Object is locked   skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log   Object is locked   skipped
C:\WINDOWS\Sti_Trace.log   Object is locked   skipped
C:\WINDOWS\system32\CatRoot2\edb.log   Object is locked   skipped
C:\WINDOWS\system32\CatRoot2\edbtmp.log   Object is locked   skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb   Object is locked   skipped
C:\WINDOWS\system32\config\AppEvent.Evt   Object is locked   skipped
C:\WINDOWS\system32\config\default   Object is locked   skipped
C:\WINDOWS\system32\config\default.LOG   Object is locked   skipped
C:\WINDOWS\system32\config\Internet.evt   Object is locked   skipped
C:\WINDOWS\system32\config\SAM   Object is locked   skipped
C:\WINDOWS\system32\config\SAM.LOG   Object is locked   skipped
C:\WINDOWS\system32\config\SecEvent.Evt   Object is locked   skipped
C:\WINDOWS\system32\config\SECURITY   Object is locked   skipped
C:\WINDOWS\system32\config\SECURITY.LOG   Object is locked   skipped
C:\WINDOWS\system32\config\software   Object is locked   skipped
C:\WINDOWS\system32\config\software.LOG   Object is locked   skipped
C:\WINDOWS\system32\config\SysEvent.Evt   Object is locked   skipped
C:\WINDOWS\system32\config\system   Object is locked   skipped
C:\WINDOWS\system32\config\system.LOG   Object is locked   skipped
C:\WINDOWS\system32\ctfmondll.dll   Infected: not-a-virus:Monitor.Win32.KeyLogger.w   skipped
C:\WINDOWS\system32\drivers\sptd.sys   Object is locked   skipped
C:\WINDOWS\system32\h323log.txt   Object is locked   skipped
C:\WINDOWS\system32\Vic32.dll   Infected: not-a-virus:Monitor.Win32.PCSpy.c   skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR   Object is locked   skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP   Object is locked   skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER   Object is locked   skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP   Object is locked   skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP   Object is locked   skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA   Object is locked   skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP   Object is locked   skipped
C:\WINDOWS\wiadebug.log   Object is locked   skipped
C:\WINDOWS\wiaservc.log   Object is locked   skipped
C:\WINDOWS\WindowsUpdate.log   Object is locked   skipped
D:\Games\Warcraft III\maps.exe/stream/data0008   Infected: not-a-virus:AdWare.Win32.Comet.az   skipped
D:\Games\Warcraft III\maps.exe/stream   Infected: not-a-virus:AdWare.Win32.Comet.az   skipped
D:\Games\Warcraft III\maps.exe   NSIS: infected - 2   skipped
D:\System Volume Information\MountPointManagerRemoteDatabase   Object is locked   skipped
D:\System Volume Information\_restore{81A2EC54-EB7D-482B-902B-67F3D40F4430}\RP12\A0001698.exe/stream/data0008   Infected: not-a-virus:AdWare.Win32.Comet.az   skipped
D:\System Volume Information\_restore{81A2EC54-EB7D-482B-902B-67F3D40F4430}\RP12\A0001698.exe/stream   Infected: not-a-virus:AdWare.Win32.Comet.az   skipped
D:\System Volume Information\_restore{81A2EC54-EB7D-482B-902B-67F3D40F4430}\RP12\A0001698.exe   NSIS: infected - 2   skipped
D:\System Volume Information\_restore{A397AA59-85B3-4605-9425-332FA7D3C50E}\RP332\A0096912.exe   Object is locked   skipped
D:\System Volume Information\_restore{A397AA59-85B3-4605-9425-332FA7D3C50E}\RP332\change.log   Object is locked   skipped
D:\Torrent Files\CW_AIO_RapidShare_Hack_Pack\Rapidshare Premium Pack 2006 v4.exe/lsass.exe   Infected: Backdoor.Win32.MoSucker.dd   skipped
D:\Torrent Files\CW_AIO_RapidShare_Hack_Pack\Rapidshare Premium Pack 2006 v4.exe   nBinder5.0: infected - 1   skipped
D:\Torrent Files\Legalizuok savo windowsus per 2 sekundes!_by_FiS0\keyfinder.exe/data.rar/xpkey.exe   Infected: not-a-virus:PSWTool.Win32.RAS.a   skipped
D:\Torrent Files\Legalizuok savo windowsus per 2 sekundes!_by_FiS0\keyfinder.exe/data.rar/officekey.exe   Infected: not-a-virus:PSWTool.Win32.RAS.a   skipped
D:\Torrent Files\Legalizuok savo windowsus per 2 sekundes!_by_FiS0\keyfinder.exe/data.rar   Infected: not-a-virus:PSWTool.Win32.RAS.a   skipped
D:\Torrent Files\Legalizuok savo windowsus per 2 sekundes!_by_FiS0\keyfinder.exe   RarSFX: infected - 3   skipped
D:\Torrent Files\Legalizuok savo windowsus per 2 sekundes!_by_FiS0\Port_RockXP_v4.exe/data0000.cab/rock.exe/pwdump2/samdump.dll   Infected: not-a-virus:PSWTool.Win32.PWDump.2   skipped
D:\Torrent Files\Legalizuok savo windowsus per 2 sekundes!_by_FiS0\Port_RockXP_v4.exe/data0000.cab/rock.exe/pwdump2/pwdump2.exe   Infected: not-a-virus:PSWTool.Win32.PWDump.2   skipped
D:\Torrent Files\Legalizuok savo windowsus per 2 sekundes!_by_FiS0\Port_RockXP_v4.exe/data0000.cab/rock.exe   Infected: not-a-virus:PSWTool.Win32.PWDump.2   skipped
D:\Torrent Files\Legalizuok savo windowsus per 2 sekundes!_by_FiS0\Port_RockXP_v4.exe/data0000.cab/RockXP4.exe   Infected: not-a-virus:PSWTool.Win32.RAS.a   skipped
D:\Torrent Files\Legalizuok savo windowsus per 2 sekundes!_by_FiS0\Port_RockXP_v4.exe/data0000.cab   Infected: not-a-virus:PSWTool.Win32.RAS.a   skipped
D:\Torrent Files\Legalizuok savo windowsus per 2 sekundes!_by_FiS0\Port_RockXP_v4.exe   Rsrc-Package: infected - 5   skipped
D:\Torrent Files\Legalizuok savo windowsus per 2 sekundes!_by_FiS0\Port_RockXP_v4.exe   UPack: infected - 5   skipped
D:\Torrent Files\Legalizuok savo windowsus per 2 sekundes!_by_FiS0\Port_RockXP_v4.exe   PE_Patch: infected - 5   skipped
D:\Torrent Files\Office 2003\kita.iso/Kita/AcdSee.Powerpack.v7.0.43.Incl.Keygen[Zaiza]/AcdSee.Powerpack.v7.0.43.Incl.Keygen-CORE.zip/cr_acds70.exe   Infected: Trojan-Dropper.Win32.Delf.fd   skipped
D:\Torrent Files\Office 2003\kita.iso/Kita/AcdSee.Powerpack.v7.0.43.Incl.Keygen[Zaiza]/AcdSee.Powerpack.v7.0.43.Incl.Keygen-CORE.zip   Infected: Trojan-Dropper.Win32.Delf.fd   skipped
D:\Torrent Files\Office 2003\kita.iso/Kita/setupneoaudio.exe/data0033/data0001.cab/Save.exe   Infected: not-a-virus:AdWare.Win32.SaveNow.e   skipped
D:\Torrent Files\Office 2003\kita.iso/Kita/setupneoaudio.exe/data0033/data0001.cab/SaveUninst.exe   Infected: not-a-virus:AdWare.Win32.SaveNow.bl   skipped
D:\Torrent Files\Office 2003\kita.iso/Kita/setupneoaudio.exe/data0033/data0001.cab/Weather/Weather.exe   Infected: not-a-virus:AdWare.Win32.SaveNow   skipped
D:\Torrent Files\Office 2003\kita.iso/Kita/setupneoaudio.exe/data0033/data0001.cab/Weather/Uninst.exe   Infected: not-a-virus:AdWare.Win32.SaveNow.bl   skipped
D:\Torrent Files\Office 2003\kita.iso/Kita/setupneoaudio.exe/data0033/data0001.cab   Infected: not-a-virus:AdWare.Win32.SaveNow.bl   skipped
D:\Torrent Files\Office 2003\kita.iso/Kita/setupneoaudio.exe/data0033   Infected: not-a-virus:AdWare.Win32.SaveNow.bl   skipped
D:\Torrent Files\Office 2003\kita.iso/Kita/setupneoaudio.exe/data0034   Infected: not-a-virus:AdWare.Win32.EZula.d   skipped
D:\Torrent Files\Office 2003\kita.iso/Kita/setupneoaudio.exe/data0035/data0002   Infected: not-a-virus:AdWare.Win32.BargainBuddy.v   skipped
D:\Torrent Files\Office 2003\kita.iso/Kita/setupneoaudio.exe/data0035/data0003   Infected: not-a-virus:AdWare.Win32.BargainBuddy.a   skipped
D:\Torrent Files\Office 2003\kita.iso/Kita/setupneoaudio.exe/data0035   Infected: not-a-virus:AdWare.Win32.BargainBuddy.a   skipped
D:\Torrent Files\Office 2003\kita.iso/Kita/setupneoaudio.exe   Infected: not-a-virus:AdWare.Win32.BargainBuddy.a   skipped
D:\Torrent Files\Office 2003\kita.iso   ISO image: infected - 13   skipped

Scan process completed.
Logged

Offline guestolo

  • Site Donator
  • Administrator
  • Hero Member
  • *****
  • Posts: 16034
  • Karma: +1/-0
    • View Profile
    • http://
Nvidia Driver Error
« Reply #18 on: December 03, 2007, 10:23:10 PM »
Delete the infected files found by Kaspersky's

Take a close look at the log, your the downloader, what is clean and what do you find you can remove

As an XP user you have left yourself open for infections from the downloads you have used
I personally would backup and reinstall, your choice
That was the chance you took
Let me know what files/folders you could not delete and we'll go from there
« Last Edit: December 03, 2007, 10:24:22 PM by guestolo »
Logged

Do you want to post your own logs from FRST?

Follow the instructions posted http://www.thetechguide.com/forum/index.php/topic/22942-please-read-how-to-post-logs-from-frst/\'>Click Here

Offline FIxeL

  • Full Member
  • ***
  • Posts: 145
  • Karma: +0/-0
    • View Profile
Nvidia Driver Error
« Reply #19 on: December 04, 2007, 07:56:24 AM »
Ok i mostly deleted all the infections  left only the ones that were beeing used

[quote name=\'questolo\']I personally would backup and reinstall[/quote]

back up and reinstall wat?

the files that i couldnt delete :

C:\Documents and Settings\All Users\Application Data\avg7\Log\emc.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\avg7log.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\avg7log.log.lck Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\FIxeL\Application Data\Mozilla\Firefox\Profiles\1xhp0zfu.default\cert8.db Object is locked skipped
C:\Documents and Settings\FIxeL\Application Data\Mozilla\Firefox\Profiles\1xhp0zfu.default\flashgot.log Object is locked skipped
C:\Documents and Settings\FIxeL\Application Data\Mozilla\Firefox\Profiles\1xhp0zfu.default\history.dat Object is locked skipped
C:\Documents and Settings\FIxeL\Application Data\Mozilla\Firefox\Profiles\1xhp0zfu.default\key3.db Object is locked skipped
C:\Documents and Settings\FIxeL\Application Data\Mozilla\Firefox\Profiles\1xhp0zfu.default\parent.lock Object is locked skipped
C:\Documents and Settings\FIxeL\Application Data\Mozilla\Firefox\Profiles\1xhp0zfu.default\search.sqlite Object is locked skipped
C:\Documents and Settings\FIxeL\Application Data\Mozilla\Firefox\Profiles\1xhp0zfu.default\urlclassifier2.sqlite Object is locked skipped
C:\Documents and Settings\FIxeL\Local Settings\Application Data\Ahead\Nero Home\bl.db Object is locked skipped
C:\Documents and Settings\FIxeL\Local Settings\Application Data\Ahead\Nero Home\bl.db-journal Object is locked skipped
C:\Documents and Settings\FIxeL\Local Settings\Application Data\Ahead\Nero Home\is2.db Object is locked skipped
C:\Documents and Settings\FIxeL\Local Settings\Application Data\Ahead\Nero Home\is2.db-journal Object is locked skipped
C:\Documents and Settings\FIxeL\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat Object is locked skipped
C:\Documents and Settings\FIxeL\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\FIxeL\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{A397AA59-85B3-4605-9425-332FA7D3C50E}\RP332\change.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\Internet.evt Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\ctfmondll.dll Infected: not-a-virus:Monitor.Win32.KeyLogger.w skipped
C:\WINDOWS\system32\drivers\sptd.sys Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
C:\WINDOWS\system32\Vic32.dll Infected: not-a-virus:Monitor.Win32.PCSpy.c skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
Logged
Pages: [1] 2
« previous next »