Author Topic: Nvidia Driver Error (Read 4106 times)

guestolo · « **Reply #20 on:** December 04, 2007, 08:24:06 PM »

Quote

back up and reinstall wat?

Sorry, I related that to another user, if I remember right you use illegal xp version
and you download other illegal software, you MUST be careful in what you install
It appears you have/had a keylogger on your machine

I would change all online passwords immediately

NEXT: Delete your version of Combofix

Redownload this file - Combofix.exe and save it ONLY to your desktop

Leave it there for now,
==Open notepad and copy/paste the text in the quotebox below into it:
Don't use anything else than notepad or the script will not work

Quote

File::
C:\WINDOWS\system32\Vic32.dll
C:\WINDOWS\system32\ctfmondll.dll

Save this as txtfile on your desktop
CFScript

Drag CFScript.txt into ComboFix.exe
Combofix will start, follow the prompts
Don't doubleclick on it, let it complete

When finished, it shall produce a log for you again, with the same name C:\ComboFix.txt..
I'll need to see it later

Again, can you run a fresh scan with Kaspersky's
Post it's log along with the following

Post back the log from Combofix and again a fresh hijackthis log

FIxeL · « **Reply #21 on:** December 05, 2007, 01:04:05 PM »

Ok i changed the passwords.
Here are the logs:

>>>>>>>>>>>>>>>>>>>>>>>>>>ComboFix<<<<<<<<<<<<<<<<<<<<<<<<<<<<<

ComboFix 07-12-04.3 - FIxeL 2007-12-05 15:23:35.9 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1257.1.1033.18.417 [GMT 2:00]
Running from: C:\Documents and Settings\FIxeL\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\FIxeL\Desktop\CFScript
* Created a new restore point

FILE
C:\WINDOWS\system32\ctfmondll.dll
C:\WINDOWS\system32\Vic32.dll
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\system32\ctfmondll.dll
C:\WINDOWS\system32\Vic32.dll

.
((((((((((((((((((((((((( Files Created from 2007-11-05 to 2007-12-05 )))))))))))))))))))))))))))))))
.

2007-12-04 20:46 . 2007-12-04 20:49   <DIR>   d--------   C:\Program Files\eMule
2007-12-04 17:35 . 2007-12-04 17:35   <DIR>   d--------   C:\PSP
2007-12-04 16:59 . 2007-12-04 16:59   <DIR>   d--------   C:\WINDOWS\nview
2007-12-04 16:59 . 2007-12-04 16:59   <DIR>   d--------   C:\Documents and Settings\All Users\Application Data\nView_Profiles
2007-12-04 15:58 . 2007-12-04 15:58   <DIR>   d--------   C:\WINDOWS\nview(4)
2007-12-04 15:58 . 2007-12-05 15:27   161,961   --a------   C:\WINDOWS\system32\nvapps.xml
2007-12-04 15:58 . 2007-11-12 06:51   17,737   --a------   C:\WINDOWS\system32\nvdisp.nvu
2007-12-03 14:33 . 2007-12-03 14:33   <DIR>   d--------   C:\WINDOWS\system32\Kaspersky Lab
2007-12-03 14:33 . 2007-12-03 14:33   <DIR>   d--------   C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2007-12-02 14:06 . 2007-12-02 14:06   <DIR>   d--------   C:\WINDOWS\nview(3)
2007-11-30 16:10 . 2007-11-30 16:10   <DIR>   d--------   C:\Program Files\Ubi Soft
2007-11-30 11:05 . 2007-11-30 11:05   <DIR>   d--------   C:\WINDOWS\Ubisoft
2007-11-27 10:25 . 2007-11-27 10:25   <DIR>   d--------   C:\Deckard
2007-11-26 08:03 . 2007-12-04 21:40   203   --a------   C:\WINDOWS\GSdx9.INI
2007-11-26 07:49 . 2007-11-26 07:58   <DIR>   d--------   C:\Program Files\Pcsx2
2007-11-23 14:53 . 2007-11-23 14:53   <DIR>   d--------   C:\Documents and Settings\FIxeL\Application Data\InstallShield Installation Information
2007-11-23 14:41 . 2007-11-23 14:41   <DIR>   d--------   C:\WINDOWS\system32\AGEIA
2007-11-23 14:41 . 2007-11-23 14:41   <DIR>   d--------   C:\Program Files\AGEIA Technologies
2007-11-23 14:41 . 2007-07-19 18:14   3,727,720   --a------   C:\WINDOWS\system32\d3dx9_35.dll
2007-11-23 14:41 . 2007-07-19 18:14   1,358,192   --a------   C:\WINDOWS\system32\D3DCompiler_35.dll
2007-11-23 14:41 . 2007-07-19 18:14   444,776   --a------   C:\WINDOWS\system32\d3dx10_35.dll
2007-11-21 21:10 . 2007-11-21 21:16   <DIR>   d--------   C:\Program Files\FPS
2007-11-21 20:58 . 2007-11-21 20:58   <DIR>   d--------   C:\FPC
2007-11-17 22:59 . 2007-11-17 23:15   <DIR>   d--------   C:\Program Files\BYOND
2007-11-17 22:59 . 2007-11-18 17:22   <DIR>   d--------   C:\Documents and Settings\FIxeL\Application Data\BYOND
2007-11-16 19:55 . 2007-11-16 19:55   <DIR>   d--------   C:\Documents and Settings\All Users\Application Data\Ulead Systems
2007-11-16 16:50 . 2007-12-04 23:03   2   --a------   C:\WINDOWS\system32\Dvbpws.dll
2007-11-16 16:21 . 2007-11-25 17:56   <DIR>   d--------   C:\WinFast WorkArea
2007-11-16 16:21 . 2007-11-16 16:21   <DIR>   d--------   C:\WFDB
2007-11-16 16:04 . 2007-11-16 16:04   <DIR>   d--------   C:\Program Files\Ulead Systems
2007-11-16 16:04 . 2007-11-16 16:04   <DIR>   d--------   C:\Program Files\Common Files\Ulead Systems
2007-11-16 15:35 . 2007-11-16 16:04   <DIR>   d--------   C:\Program Files\Common Files\Ulead Systems(2)
2007-11-14 18:54 . 2007-11-16 16:05   <DIR>   d--------   C:\Program Files\Hide IP Platinum
2007-11-14 18:54 . 2007-11-14 18:54   32   --a------   C:\WINDOWS\go
2007-11-11 20:52 . 2007-11-11 20:52   <DIR>   d--------   C:\WINDOWS\nview(2)
2007-11-11 20:51 . 2007-11-11 20:51   <DIR>   d--------   C:\NVIDIA
2007-11-11 20:50 . 2007-12-04 15:57   664   --a------   C:\WINDOWS\system32\d3d9caps.dat
2007-11-11 20:50 . 2007-11-11 20:50   552   --a------   C:\WINDOWS\system32\d3d8caps.dat
2007-11-09 14:29 . 2007-11-09 14:29   <DIR>   d--------   C:\Documents and Settings\All Users\Application Data\Lavasoft
2007-11-08 14:34 . 2007-11-12 16:06   22,328   --a------   C:\WINDOWS\system32\drivers\PnkBstrK.sys
2007-11-08 14:34 . 2007-11-08 14:34   22,328   --a------   C:\Documents and Settings\FIxeL\Application Data\PnkBstrK.sys
2007-11-08 14:33 . 2007-11-12 16:05   103,736   --a------   C:\WINDOWS\system32\PnkBstrB.exe
2007-11-08 14:33 . 2007-11-08 18:37   66,872   --a------   C:\WINDOWS\system32\PnkBstrA.exe
2007-11-05 21:23 . 2007-11-05 21:23   <DIR>   d--------   C:\Documents and Settings\FIxeL\Application Data\SystemRequirementsLab
2007-11-05 21:18 . 2007-11-05 21:18   <DIR>   d--------   C:\Program Files\Lavalys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-12-05 13:21   ---------   d-sh--r   C:\Program Files\PSCS
2007-12-04 21:04   ---------   d-----w   C:\Documents and Settings\FIxeL\Application Data\uTorrent
2007-12-04 20:06   ---------   d-----w   C:\Documents and Settings\FIxeL\Application Data\Skype
2007-12-04 18:14   ---------   d-----w   C:\Program Files\HLSW
2007-12-02 14:40   ---------   d-----w   C:\Documents and Settings\FIxeL\Application Data\AVG7
2007-11-30 02:20   ---------   d-s---w   C:\Program Files\Xfire
2007-11-28 22:14   ---------   d-----w   C:\Program Files\Common Files\Wise Installation Wizard
2007-11-26 06:22   ---------   d-----w   C:\Documents and Settings\FIxeL\Application Data\Xfire
2007-11-23 12:41   ---------   d-----w   C:\Program Files\DIFX
2007-11-18 15:21   ---------   d-----w   C:\Program Files\FlashGet
2007-11-18 15:17   ---------   d-----w   C:\Program Files\BitComet
2007-11-16 13:35   ---------   d--h--w   C:\Program Files\InstallShield Installation Information
2007-11-16 13:35   ---------   d-----w   C:\Program Files\WinFast
2007-11-02 11:44   ---------   d-----w   C:\Program Files\Aikido3D
2007-11-02 11:38   ---------   d-----w   C:\Program Files\WinHex
2007-11-01 17:33   ---------   d-----w   C:\Program Files\DAEMON Tools Pro
2007-11-01 17:32   ---------   d-----w   C:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro
2007-11-01 17:10   ---------   d-----w   C:\Documents and Settings\FIxeL\Application Data\DAEMON Tools Pro
2007-11-01 15:27   685,816   ----a-w   C:\WINDOWS\system32\drivers\sptd.sys
2007-10-31 18:38   ---------   d-----w   C:\Program Files\TrojanHunter 5.0
2007-10-31 08:15   ---------   d-----w   C:\Program Files\GZN
2007-10-31 07:40   ---------   d-----w   C:\Documents and Settings\FIxeL\Application Data\TrojanHunter
2007-10-21 18:36   ---------   d-----w   C:\Program Files\Video Converter for Nokia Smartphones
2007-10-21 18:22   ---------   d-----w   C:\Program Files\SpywareBlaster
2007-10-21 17:29   ---------   d-----w   C:\Program Files\eRightSoft
2007-10-16 15:03   ---------   d-----w   C:\Program Files\Nokia
2007-10-16 15:03   ---------   d-----w   C:\Program Files\Common Files\Nokia
2007-10-13 21:02   ---------   d-----w   C:\Program Files\Java
2005-05-13 14:12   217,073   -csha-r   C:\WINDOWS\meta4.exe
2007-04-06 20:40   238,284   -csh--w   C:\WINDOWS\Resources\Themes\DameK UltraBlue\irunin.dat
2005-07-14 09:31   27,648   --sha-r   C:\WINDOWS\system32\AVSredirect.dll
2005-06-26 12:32   616,448   --sha-r   C:\WINDOWS\system32\cygwin1.dll
2005-06-21 19:37   45,568   --sha-r   C:\WINDOWS\system32\cygz.dll
2006-05-03 09:06   163,328   --sha-r   C:\WINDOWS\system32\flvDX.dll
2004-01-24 21:00   70,656   --sha-r   C:\WINDOWS\system32\i420vfw.dll
2007-02-21 10:47   31,232   --sh--r   C:\WINDOWS\system32\msfDX.dll
2005-02-28 10:16   240,128   --sha-r   C:\WINDOWS\system32\x.264.exe
2004-01-24 21:00   70,656   --sha-r   C:\WINDOWS\system32\yv12vfw.dll
.

((((((((((((((((((((((((((((( snapshot@2007-11-29_ 0.20.07.24 )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-11-30 14:14:31   45,056   ----a-r   C:\WINDOWS\Installer\{BAF5914B-5730-4373-B038-9F436AC6A0D6}\ARPPRODUCTICON.exe
+ 2007-11-30 14:14:31   45,056   ----a-r   C:\WINDOWS\Installer\{BAF5914B-5730-4373-B038-9F436AC6A0D6}\Register.exe
+ 2005-05-24 10:27:16   213,048   ----a-w   C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavss.dll
+ 2007-08-29 13:47:20   94,208   ----a-w   C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavuninstall.exe
+ 2007-08-29 13:49:54   950,272   ----a-w   C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavwebscan.dll
+ 2006-06-01 09:22:00   4,529,408   ----a-w   C:\WINDOWS\system32\nv4_disp(4).dll
+ 2006-06-01 09:22:00   35,840   ----a-w   C:\WINDOWS\system32\nvcod(3).dll
+ 2006-06-01 09:22:00   86,016   ----a-w   C:\WINDOWS\system32\nvmctray(3).dll
+ 2006-06-01 09:22:00   155,715   ----a-w   C:\WINDOWS\system32\nvsvc32(3).exe
- 2007-11-16 14:05:40   3,441,700   ----a-w   C:\WINDOWS\system32\Restore\rstrlog.dat
+ 2007-12-04 15:00:29   262,492   ----a-w   C:\WINDOWS\system32\Restore\rstrlog.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:56]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2007-09-13 12:31]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-07-31 11:45]
"PcSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2006-06-27 15:21]
"RocketDock"="C:\Program Files\RocketDock\RocketDock.exe" [2007-03-18 23:05]
"RAMSaverPro"="C:\Program Files\Godlike Developers\RAM Saver Pro\ramsaverpro.exe" [2007-07-19 20:51]
"DAEMON Tools Pro Agent"="C:\Program Files\DAEMON Tools Pro\DTProAgent.exe" [2007-09-06 15:08]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="RUNDLL32.exe" [2004-08-04 00:56 C:\WINDOWS\system32\rundll32.exe]
"nwiz"="nwiz.exe" [2006-06-01 11:22 C:\WINDOWS\system32\nwiz.exe]
"SkyTel"="SkyTel.EXE" [2006-05-16 12:04 C:\WINDOWS\SkyTel.exe]
"RTHDCPL"="RTHDCPL.EXE" [2006-06-28 08:54 C:\WINDOWS\RTHDCPL.exe]
"WinFast Schedule"="C:\Program Files\WinFast\WFDTV\WFWIZ.exe" [2007-10-01 10:10]
"NvMediaCenter"="RunDLL32.exe" [2004-08-04 00:56 C:\WINDOWS\system32\rundll32.exe]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe" [2007-11-16 17:32]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 16:40]
"DU Meter"="C:\Program Files\DU Meter\DUMeter.exe" [2004-08-25 10:26]
"PCSuiteTrayApplication"="C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.exe" [2006-06-15 11:36]
"ZTE ADSL"="" []
"Trust Gaming mouse"="C:\Program Files\Trust\GM-4200 Gamer Mouse Optical\Panel.exe" [2006-12-28 08:20]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11]
"WinFastDTV"="C:\Program Files\WinFast\WFDTV\DTVSchdl.exe" [2007-10-09 10:13]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 00:56]
"AVG7_Run"="C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe" [2007-11-16 17:32]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"RunNarrator"="Narrator.exe" [2004-08-04 00:56 C:\WINDOWS\system32\narrator.exe]

C:\Documents and Settings\FIxeL\Start Menu\Programs\Startup\
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 19:16:50]
Xfire.lnk - C:\Program Files\Xfire\xfire.exe [2007-11-15 03:00:40]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
SnagIt 8.lnk - C:\Program Files\TechSmith\SnagIt 8\SnagIt32.exe [2007-02-16 17:40:52]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"DisableCAD"= 1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"EditLevel"= 0 (0x0)
"NoCommonGroups"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^FIxeL^Start Menu^Programs^Startup^Yahoo! Widget Engine.lnk]
backup=C:\WINDOWS\pss\Yahoo! Widget Engine.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
2005-06-06 22:46   57344   --a------   C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2007-10-10 19:51   39792   --a------   C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BoostSpeed]
         C:\Program Files\AusLogics BoostSpeed\boostspeed.exe /Q

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Flashget]
         C:\Program Files\FlashGet\FlashGet.exe /min

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Hide-The-IP]
         C:\Program Files\Hide The IP\HideTheIP.exe /startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LTemperaturos2]
2006-02-11 13:11   208896   --a------   C:\Program Files\AW\LTemperaturos2\LTemperaturos2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
         C:\Program Files\Messenger\msmsgs.exe /background

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\sXe Injected]
2007-04-09 22:11   594944   --a--c---   C:\Program Files\sXe Injected\sXe Injected.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\THGuard]
2007-10-31 09:41   1046688   --a------   C:\Program Files\TrojanHunter 5.0\THGuard.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2006-11-21 19:38   35328   --a------   C:\Program Files\Winamp\winampa.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ÂµTorrent]
2007-11-21 16:05   219952   --a------   C:\Program Files\uTorrent\utorrent.exe

R2 {09BB444F-B2E2-4009-BAF2-7B727681223E};BuddyVM;\??\C:\Program Files\VMLaunch\BuddyVM.sys
R2 WF23880;WinFast TV2000/DV2000 WDM Video Capture.;C:\WINDOWS\system32\drivers\wf88vcap.sys
R2 WF88XBAR;WinFast TV2000/DV2000 WDM Crossbar.;C:\WINDOWS\system32\drivers\WF88XBAR.sys
R2 WFTUNE;WinFast TV2000/DV2000 WDM Tuner.;C:\WINDOWS\system32\drivers\WF88TUNE.sys
R3 GMFilter Filter;GMFilter Filter;C:\WINDOWS\system32\Drivers\GMFilter.sys
R3 USB_RNDIS_51;ZTE USB Remote NDIS Device Driver;C:\WINDOWS\system32\DRIVERS\usb8023.sys
R3 WFIOCTL;WFIOCTL;\??\C:\Program Files\WinFast\WFTVFM\WFIOCTL.SYS
R3 ZTPPPOE;WAN Miniport (PPP over Ethernet Protocol);C:\WINDOWS\system32\DRIVERS\ztpppoe.sys
S3 EverestDriver;Lavalys EVEREST Kernel Driver;\??\C:\Program Files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt
S3 glauiad;jetSpeed USB LAN Device;C:\WINDOWS\system32\DRIVERS\glauiad.sys
S3 RegVacService;RegVac Registry Service;C:\Program Files\RegVac Registry Cleaner\RegVserv.exe

.
Contents of the 'Scheduled Tasks' folder
"2007-11-29 09:28:47 C:\WINDOWS\Tasks\RegCure.job"
- D:\Prog. Files\RegCure\RegCure.exe
.
**************************************************************************

catchme 0.3.1318 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-05 15:26:44
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2007-12-05 15:28:51 - machine was rebooted
C:\ComboFix2.txt ... 2007-11-29 00:20
.
   --- E O F ---

>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>Kaspersky's<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<

-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Wednesday, December 05, 2007 7:52:48 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 5/12/2007
Kaspersky Anti-Virus database records: 472965
-------------------------------------------------------------------------------

Scan Settings:
   Scan using the following antivirus database: extended
   Scan Archives: true
   Scan Mail Bases: true

Scan Target - My Computer:
   A:\
   C:\
   D:\
   E:\
   F:\
   G:\
   H:\

Scan Statistics:
   Total number of scanned objects: 129377
   Number of viruses found: 7
   Number of infected objects: 25
   Number of suspicious objects: 0
   Duration of the scan process: 02:03:32

Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\All Users\Application Data\avg7\Log\emc.log   Object is locked   skipped
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\avg7log.log   Object is locked   skipped
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\avg7log.log.lck   Object is locked   skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat   Object is locked   skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat   Object is locked   skipped
C:\Documents and Settings\FIxeL\Application Data\Mozilla\Firefox\Profiles\1xhp0zfu.default\cert8.db   Object is locked   skipped
C:\Documents and Settings\FIxeL\Application Data\Mozilla\Firefox\Profiles\1xhp0zfu.default\flashgot.log   Object is locked   skipped
C:\Documents and Settings\FIxeL\Application Data\Mozilla\Firefox\Profiles\1xhp0zfu.default\history.dat   Object is locked   skipped
C:\Documents and Settings\FIxeL\Application Data\Mozilla\Firefox\Profiles\1xhp0zfu.default\key3.db   Object is locked   skipped
C:\Documents and Settings\FIxeL\Application Data\Mozilla\Firefox\Profiles\1xhp0zfu.default\parent.lock   Object is locked   skipped
C:\Documents and Settings\FIxeL\Application Data\Mozilla\Firefox\Profiles\1xhp0zfu.default\search.sqlite   Object is locked   skipped
C:\Documents and Settings\FIxeL\Application Data\Mozilla\Firefox\Profiles\1xhp0zfu.default\urlclassifier2.sqlite   Object is locked   skipped
C:\Documents and Settings\FIxeL\Cookies\index.dat   Object is locked   skipped
C:\Documents and Settings\FIxeL\Local Settings\Application Data\Ahead\Nero Home\bl.db   Object is locked   skipped
C:\Documents and Settings\FIxeL\Local Settings\Application Data\Ahead\Nero Home\bl.db-journal   Object is locked   skipped
C:\Documents and Settings\FIxeL\Local Settings\Application Data\Ahead\Nero Home\is2.db   Object is locked   skipped
C:\Documents and Settings\FIxeL\Local Settings\Application Data\Ahead\Nero Home\is2.db-journal   Object is locked   skipped
C:\Documents and Settings\FIxeL\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat   Object is locked   skipped
C:\Documents and Settings\FIxeL\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat   Object is locked   skipped
C:\Documents and Settings\FIxeL\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG   Object is locked   skipped
C:\Documents and Settings\FIxeL\Local Settings\Application Data\Mozilla\Firefox\Profiles\1xhp0zfu.default\Cache\_CACHE_001_   Object is locked   skipped
C:\Documents and Settings\FIxeL\Local Settings\Application Data\Mozilla\Firefox\Profiles\1xhp0zfu.default\Cache\_CACHE_002_   Object is locked   skipped
C:\Documents and Settings\FIxeL\Local Settings\Application Data\Mozilla\Firefox\Profiles\1xhp0zfu.default\Cache\_CACHE_003_   Object is locked   skipped
C:\Documents and Settings\FIxeL\Local Settings\Application Data\Mozilla\Firefox\Profiles\1xhp0zfu.default\Cache\_CACHE_MAP_   Object is locked   skipped
C:\Documents and Settings\FIxeL\Local Settings\History\History.IE5\index.dat   Object is locked   skipped
C:\Documents and Settings\FIxeL\Local Settings\History\History.IE5\MSHist012007120520071206\index.dat   Object is locked   skipped
C:\Documents and Settings\FIxeL\Local Settings\Temporary Internet Files\Content.IE5\index.dat   Object is locked   skipped
C:\Documents and Settings\FIxeL\NTUSER.DAT   Object is locked   skipped
C:\Documents and Settings\FIxeL\ntuser.dat.LOG   Object is locked   skipped
C:\Documents and Settings\LocalService\Cookies\index.dat   Object is locked   skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat   Object is locked   skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG   Object is locked   skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat   Object is locked   skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat   Object is locked   skipped
C:\Documents and Settings\LocalService\NTUSER.DAT   Object is locked   skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG   Object is locked   skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat   Object is locked   skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG   Object is locked   skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT   Object is locked   skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG   Object is locked   skipped
C:\System Volume Information\MountPointManagerRemoteDatabase   Object is locked   skipped
C:\System Volume Information\_restore{A397AA59-85B3-4605-9425-332FA7D3C50E}\RP333\A0096954.hta   Infected: Trojan.HTA.StartPage.i   skipped
C:\System Volume Information\_restore{A397AA59-85B3-4605-9425-332FA7D3C50E}\RP336\A0099704.dll   Infected: not-a-virus:Monitor.Win32.KeyLogger.w   skipped
C:\System Volume Information\_restore{A397AA59-85B3-4605-9425-332FA7D3C50E}\RP336\A0099705.dll   Infected: not-a-virus:Monitor.Win32.PCSpy.c   skipped
C:\System Volume Information\_restore{A397AA59-85B3-4605-9425-332FA7D3C50E}\RP336\change.log   Object is locked   skipped
C:\WINDOWS\Debug\PASSWD.LOG   Object is locked   skipped
C:\WINDOWS\SchedLgU.Txt   Object is locked   skipped
C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb   Object is locked   skipped
C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log   Object is locked   skipped
C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb   Object is locked   skipped
C:\WINDOWS\SoftwareDistribution\EventCache\{CF1C85E1-2EAB-4CA5-83BB-FB3134207195}.bin   Object is locked   skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log   Object is locked   skipped
C:\WINDOWS\Sti_Trace.log   Object is locked   skipped
C:\WINDOWS\system32\config\AppEvent.Evt   Object is locked   skipped
C:\WINDOWS\system32\config\default   Object is locked   skipped
C:\WINDOWS\system32\config\default.LOG   Object is locked   skipped
C:\WINDOWS\system32\config\Internet.evt   Object is locked   skipped
C:\WINDOWS\system32\config\SAM   Object is locked   skipped
C:\WINDOWS\system32\config\SAM.LOG   Object is locked   skipped
C:\WINDOWS\system32\config\SecEvent.Evt   Object is locked   skipped
C:\WINDOWS\system32\config\SECURITY   Object is locked   skipped
C:\WINDOWS\system32\config\SECURITY.LOG   Object is locked   skipped
C:\WINDOWS\system32\config\software   Object is locked   skipped
C:\WINDOWS\system32\config\software.LOG   Object is locked   skipped
C:\WINDOWS\system32\config\SysEvent.Evt   Object is locked   skipped
C:\WINDOWS\system32\config\system   Object is locked   skipped
C:\WINDOWS\system32\config\system.LOG   Object is locked   skipped
C:\WINDOWS\system32\drivers\sptd.sys   Object is locked   skipped
C:\WINDOWS\system32\h323log.txt   Object is locked   skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR   Object is locked   skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP   Object is locked   skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER   Object is locked   skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP   Object is locked   skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP   Object is locked   skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA   Object is locked   skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP   Object is locked   skipped
C:\WINDOWS\wiadebug.log   Object is locked   skipped
C:\WINDOWS\wiaservc.log   Object is locked   skipped
C:\WINDOWS\WindowsUpdate.log   Object is locked   skipped
D:\System Volume Information\MountPointManagerRemoteDatabase   Object is locked   skipped
D:\System Volume Information\_restore{81A2EC54-EB7D-482B-902B-67F3D40F4430}\RP12\A0001698.exe/stream/data0008   Infected: not-a-virus:AdWare.Win32.Comet.az   skipped
D:\System Volume Information\_restore{81A2EC54-EB7D-482B-902B-67F3D40F4430}\RP12\A0001698.exe/stream   Infected: not-a-virus:AdWare.Win32.Comet.az   skipped
D:\System Volume Information\_restore{81A2EC54-EB7D-482B-902B-67F3D40F4430}\RP12\A0001698.exe   NSIS: infected - 2   skipped
D:\System Volume Information\_restore{A397AA59-85B3-4605-9425-332FA7D3C50E}\RP332\A0096912.exe   Object is locked   skipped
D:\System Volume Information\_restore{A397AA59-85B3-4605-9425-332FA7D3C50E}\RP333\A0096957.exe/data.rar/xpkey.exe   Infected: not-a-virus:PSWTool.Win32.RAS.a   skipped
D:\System Volume Information\_restore{A397AA59-85B3-4605-9425-332FA7D3C50E}\RP333\A0096957.exe/data.rar/officekey.exe   Infected: not-a-virus:PSWTool.Win32.RAS.a   skipped
D:\System Volume Information\_restore{A397AA59-85B3-4605-9425-332FA7D3C50E}\RP333\A0096957.exe/data.rar   Infected: not-a-virus:PSWTool.Win32.RAS.a   skipped
D:\System Volume Information\_restore{A397AA59-85B3-4605-9425-332FA7D3C50E}\RP333\A0096957.exe   RarSFX: infected - 3   skipped
D:\System Volume Information\_restore{A397AA59-85B3-4605-9425-332FA7D3C50E}\RP333\A0096958.exe/data0000.cab/rock.exe/pwdump2/samdump.dll   Infected: not-a-virus:PSWTool.Win32.PWDump.2   skipped
D:\System Volume Information\_restore{A397AA59-85B3-4605-9425-332FA7D3C50E}\RP333\A0096958.exe/data0000.cab/rock.exe/pwdump2/pwdump2.exe   Infected: not-a-virus:PSWTool.Win32.PWDump.2   skipped
D:\System Volume Information\_restore{A397AA59-85B3-4605-9425-332FA7D3C50E}\RP333\A0096958.exe/data0000.cab/rock.exe   Infected: not-a-virus:PSWTool.Win32.PWDump.2   skipped
D:\System Volume Information\_restore{A397AA59-85B3-4605-9425-332FA7D3C50E}\RP333\A0096958.exe/data0000.cab/RockXP4.exe   Infected: not-a-virus:PSWTool.Win32.RAS.a   skipped
D:\System Volume Information\_restore{A397AA59-85B3-4605-9425-332FA7D3C50E}\RP333\A0096958.exe/data0000.cab   Infected: not-a-virus:PSWTool.Win32.RAS.a   skipped
D:\System Volume Information\_restore{A397AA59-85B3-4605-9425-332FA7D3C50E}\RP333\A0096958.exe   Rsrc-Package: infected - 5   skipped
D:\System Volume Information\_restore{A397AA59-85B3-4605-9425-332FA7D3C50E}\RP333\A0096958.exe   UPack: infected - 5   skipped
D:\System Volume Information\_restore{A397AA59-85B3-4605-9425-332FA7D3C50E}\RP333\A0096958.exe   PE_Patch: infected - 5   skipped
D:\System Volume Information\_restore{A397AA59-85B3-4605-9425-332FA7D3C50E}\RP333\A0096960.exe/stream/data0008   Infected: not-a-virus:AdWare.Win32.Comet.az   skipped
D:\System Volume Information\_restore{A397AA59-85B3-4605-9425-332FA7D3C50E}\RP333\A0096960.exe/stream   Infected: not-a-virus:AdWare.Win32.Comet.az   skipped
D:\System Volume Information\_restore{A397AA59-85B3-4605-9425-332FA7D3C50E}\RP333\A0096960.exe   NSIS: infected - 2   skipped
D:\System Volume Information\_restore{A397AA59-85B3-4605-9425-332FA7D3C50E}\RP333\A0096961.exe/lsass.exe   Infected: Backdoor.Win32.MoSucker.dd   skipped
D:\System Volume Information\_restore{A397AA59-85B3-4605-9425-332FA7D3C50E}\RP333\A0096961.exe   nBinder5.0: infected - 1   skipped
D:\System Volume Information\_restore{A397AA59-85B3-4605-9425-332FA7D3C50E}\RP336\change.log   Object is locked   skipped
D:\Torrent Files\In The Realm Of Hackers\In.The.Realm.Of.Hackers.avi   Object is locked   skipped

Scan process completed.

>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>HijackThis<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:03:41, on 2007.12.05
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\WinFast\WFDTV\WFWIZ.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\DU Meter\DUMeter.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
C:\Program Files\Trust\GM-4200 Gamer Mouse Optical\Panel.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Godlike Developers\RAM Saver Pro\ramsaverpro.exe
C:\Program Files\DAEMON Tools Pro\DTProAgent.exe
C:\Program Files\TechSmith\SnagIt 8\SnagIt32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Xfire\xfire.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\TechSmith\SnagIt 8\TSCHelp.exe
C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\TechSmith\SnagIt 8\SnagPriv.exe
C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.3.28.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFDTV\WFWIZ.exe
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [DU Meter] C:\Program Files\DU Meter\DUMeter.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKLM\..\Run: [Trust Gaming mouse] "C:\Program Files\Trust\GM-4200 Gamer Mouse Optical\Panel.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [WinFastDTV] C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [RAMSaverPro] C:\Program Files\Godlike Developers\RAM Saver Pro\ramsaverpro.exe
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\xfire.exe
O4 - Global Startup: SnagIt 8.lnk = C:\Program Files\TechSmith\SnagIt 8\SnagIt32.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab
O16 - DPF: {5F5F9FB8-878E-4455-95E0-F64B2314288A} (ijjiPlugin2 Class) - http://gamedownload.ijjimax.com/gamedownlo...Plugin11USA.cab
O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} (GameLauncher Control) - http://www.acclaim.com/cabs/acclaim_v5.cab
O16 - DPF: {CD995117-98E5-4169-9920-6C12D4C0B548} (HGPlugin9USA Class) - http://gamedownload.ijjimax.com/gamedownlo...GPlugin9USA.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{1F8356AA-547C-4E3F-836C-CA8018695423}: NameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{349FF121-5FF2-46FD-A6FC-869C5FFBAEAD}: NameServer = 212.59.1.1 212.59.2.2
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: RegVac Registry Service (RegVacService) - Super Win Software, Inc. - C:\Program Files\RegVac Registry Cleaner\RegVserv.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 9908 bytes

guestolo · « **Reply #22 on:** December 05, 2007, 08:25:18 PM »

That looks better, you may want to try Drive cleaner pro
Uninstall your Nvidia drivers again, run it then install the latest from Nvidia website
Read the instructions that come with DCP

http://downloads.guru3d.com/download.php?det=745#download

FIxeL · « **Reply #23 on:** December 06, 2007, 10:02:20 AM »

I uninstaled the Nvidia drivers, rebooted, ran the DCP, instaled newest Nvidia drivers, rebooted, uninstaled Winfast, rebooted, downloaded the Newest WinFast PVR2 for WinFast TV2000, installed it, restarted and yet it still doesnt work....

http://images.thetechguide.com/forum/public/style_emoticons/<#EMO_DIR#>/sad.gif\' class=\'bbc_emoticon\' alt=\'

\' />
Wat should i do? maybe i downloaded the wrong Winfast drivers or something?

guestolo · « **Reply #24 on:** December 06, 2007, 10:12:30 PM »

I'm not sure what's happening on your end, sorry
You may want to try at Nvidia forum, they may have some clues

You may want to look into the following
All the following

Code: [Select]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^FIxeL^Start Menu^Programs^Startup^Yahoo! Widget Engine.lnk]
backup=C:\WINDOWS\pss\Yahoo! Widget Engine.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
2005-06-06 22:46 57344 --a------ C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2007-10-10 19:51 39792 --a------ C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BoostSpeed]
C:\Program Files\AusLogics BoostSpeed\boostspeed.exe /Q

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Flashget]
C:\Program Files\FlashGet\FlashGet.exe /min

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Hide-The-IP]
C:\Program Files\Hide The IP\HideTheIP.exe /startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LTemperaturos2]
2006-02-11 13:11 208896 --a------ C:\Program Files\AW\LTemperaturos2\LTemperaturos2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe /background

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\sXe Injected]
2007-04-09 22:11 594944 --a--c--- C:\Program Files\sXe Injected\sXe Injected.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\THGuard]
2007-10-31 09:41 1046688 --a------ C:\Program Files\TrojanHunter 5.0\THGuard.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2006-11-21 19:38 35328 --a------ C:\Program Files\Winamp\winampa.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ÂµTorrent]
2007-11-21 16:05 219952 --a------ C:\Program Files\uTorrent\utorrent.exe

Related to programs you have disabled
Do you use them, or are you planning on uninstalling some of them
May help track down problems

Have you also tried again to clean boot your machine as see if you have problems
Method 2
http://support.microsoft.com/kb/310353

FIxeL · « **Reply #25 on:** December 07, 2007, 06:30:55 AM »

I tryed the clean boot and it didnt help it is still the same, if i update Nvidia drivers, Winfast dont work, tho the newly developed games needs the updated nvidia

http://images.thetechguide.com/forum/public/style_emoticons/<#EMO_DIR#>/sad.gif\' class=\'bbc_emoticon\' alt=\'

\' /> . Maybe if i reinstall windows xp , that would solve the problem?

guestolo · « **Reply #26 on:** December 07, 2007, 09:59:33 PM »

Not sure how to help with your problem
Your trying to run more than up to date games, can your hardware handle it?
You didn't supply EXACT graphics, motherboard, etc...
It sounds like you don't quite meet new standards, I know I can't run most new games on a few of my computers
without updating hardware
My choice, I'm not a gamer
You may also want to ask the guys at GURU.com what they think about the problems

Here's a link
http://forums.guru3d.com/

You might want to try their drivers on your machine and see if you have any luck before you reinstall

FIxeL · « **Reply #27 on:** December 19, 2007, 04:32:33 PM »

hi, sorry for such a delay had some problems at home. I reinstalled the windows and installed the new drivers, now they work with Winfast and they allow to play newly releasted games. Thank you for the help

http://images.thetechguide.com/forum/public/style_emoticons/<#EMO_DIR#>/smile.gif\' class=\'bbc_emoticon\' alt=\'

\' /> Good luck fighting the malware

http://images.thetechguide.com/forum/public/style_emoticons/<#EMO_DIR#>/smile.gif\' class=\'bbc_emoticon\' alt=\'

\' />

guestolo · « **Reply #28 on:** December 20, 2007, 01:23:10 AM »

I'll lock this topic as your problems are resolved

TheTechGuide Forum

News:

Author Topic: Nvidia Driver Error (Read 4106 times)

guestolo

Nvidia Driver Error

FIxeL

Nvidia Driver Error

guestolo

Nvidia Driver Error

FIxeL

Nvidia Driver Error

guestolo

Nvidia Driver Error

FIxeL

Nvidia Driver Error

guestolo

Nvidia Driver Error

FIxeL

Nvidia Driver Error

guestolo

Nvidia Driver Error