Author Topic: My Hijack This (Read 3577 times)

Oakland Raiderz · « **on:** April 19, 2008, 11:42:02 PM »

Okay i have a dell inspiron 600m laptop and its getting REALLY slow and i'm having problems with all sorts of things

1. Everytime i go to my computer it says "miscrosoft explorer has encountered an eror" and the my computer window closes
2. I'm not able to play ONE SONG in itunes or my WHOLE computer will freeze and i have to shut down by holding the power button
3 I'm not able to do "Multitask" (have more then 2-3 windows open) because it will really my my computer slow to the point where my mouse will move every 30 seconds
4. My computer takes 5-9 minuts to turn on
5. When my computer boots up the "windows loading page" is really tiny
6. I'm not able to play any sort of dvd because of the "codec"
7. i tryed installing trackmania a couple days ago and got a error when i doubled click to play so i deleted that game
8. everytime i turn on my computer i get a message saying would you like this to be yoru default monitor and it always comes up twice because i have dual monitors (extended desktop)

Just some information to help you out =]

1. Over the past 2-3 years i've reinstalled and unistalled windows xp several times ( i DO have a legal version =D )
2. I did something about 6 months ago that i shoud've posted on here when i first had lots of problems and reinstalled xp
a. i was messing with my computer registry! (i only remember messing with going to hkey local machine- then software - then windows nt - then windows logon ) YES i do know now thats a BIG no no when you dont' know what your doing but its to late now.
b. you know when you go to my computer then c drive - then my documents and settings- then all these "users" come up? well i was trying to fix that... with messing witth the regirsty some website said (don't remember) that didn't work so i reinstalled windows

3. Cont from 2b.. could you help me get rid of some of those users? i'm the ONLY one on this laptop ( its my laptop my dad got me for highschool )
what i meen is that delete everyone except for the user nflraiderz, nehr mobile (i don't even have access to delete it ) and OAKLANDRAIDERZ ( its never used)

anyways i've been typing for 30 minuts trying to help you so you can help me =]. whatever you do will be GREATLY appreciated. i DO relize this may be a BIG and lengthy topic but i hope you help me =]

FInally the Hijack this

http://images.thetechguide.com/forum/public/style_emoticons/<#EMO_DIR#>/wink.gif\' class=\'bbc_emoticon\' alt=\'

\' />

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:04:45 AM, on 4/20/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\Common Files\AOL\Loader\aolload.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Apple Software Update\SoftwareUpdate.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: QFX Software KeyScrambler - {2B9F5787-88A5-4945-90E7-C4B18563BC5E} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll
O9 - Extra 'Tools' menuitem: &KeyScrambler... - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Unknown owner - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe (file missing)
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 4792 bytes

guestolo · « **Reply #1 on:** April 19, 2008, 11:58:53 PM »

Let's see a couple other logs

Download [color=\"#008000\"]Deckard's System Scanner (dss.exe)[/color] to your desktop.
Close all applications and windows.
Double-click on dss.exe to run it and follow the prompts.
When the scan is complete, two text files will open; main.txt, which will be maximized and extra.txt, which will be minimized.

Post back just the Whole contents of Main.txt and Extra.txt

Oakland Raiderz · « **Reply #2 on:** April 20, 2008, 10:01:01 AM »

Deckard's System Scanner v20071014.68
Run by nflraiderz on 2008-04-20 11:18:16
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- HijackThis (run as nflraiderz.exe) ------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:18:27 AM, on 4/20/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Documents and Settings\nflraiderz\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\nflraiderz.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: QFX Software KeyScrambler - {2B9F5787-88A5-4945-90E7-C4B18563BC5E} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll
O9 - Extra 'Tools' menuitem: &KeyScrambler... - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Unknown owner - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe (file missing)
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 4607 bytes

-- Files created between 2008-03-20 and 2008-04-20 -----------------------------

2008-04-20 00:31:07 0 d-------- C:\Program Files\iTunes
2008-04-18 16:41:24 0 d-------- C:\Program Files\Trend Micro
2008-04-04 19:24:19 3120 --a------ C:\WINDOWS\system32\2d2ca2ce-704a-428c-8cbe-0736b29190aa.dll
2008-04-04 19:24:09 0 d-------- C:\Program Files\AARONS CLIKER
2008-04-04 15:39:45 0 d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Protexis
2008-04-04 15:39:39 80 -r-hs---- C:\WINDOWS\system32\3D012A1A79.dll
2008-04-04 15:38:44 0 d-------- C:\Program Files\Shark Software
2008-04-04 06:36:58 0 d-------- C:\Program Files\KeyScrambler
2008-04-03 09:36:51 0 d--h----- C:\Documents and Settings\LogMeInRemoteUser.NFLRAIDERZ\Templates
2008-04-03 09:36:51 0 dr------- C:\Documents and Settings\LogMeInRemoteUser.NFLRAIDERZ\Start Menu
2008-04-03 09:36:51 0 dr-h----- C:\Documents and Settings\LogMeInRemoteUser.NFLRAIDERZ\SendTo
2008-04-03 09:36:51 0 d--h----- C:\Documents and Settings\LogMeInRemoteUser.NFLRAIDERZ\Recent
2008-04-03 09:36:51 0 d--h----- C:\Documents and Settings\LogMeInRemoteUser.NFLRAIDERZ\PrintHood
2008-04-03 09:36:51 0 d--h----- C:\Documents and Settings\LogMeInRemoteUser.NFLRAIDERZ\NetHood
2008-04-03 09:36:51 0 d-------- C:\Documents and Settings\LogMeInRemoteUser.NFLRAIDERZ\My Documents
2008-04-03 09:36:51 0 d--h----- C:\Documents and Settings\LogMeInRemoteUser.NFLRAIDERZ\Local Settings
2008-04-03 09:36:51 0 d-------- C:\Documents and Settings\LogMeInRemoteUser.NFLRAIDERZ\Favorites
2008-04-03 09:36:51 0 d-------- C:\Documents and Settings\LogMeInRemoteUser.NFLRAIDERZ\Desktop
2008-04-03 09:36:51 0 d---s---- C:\Documents and Settings\LogMeInRemoteUser.NFLRAIDERZ\Cookies
2008-04-03 09:36:51 0 dr-h----- C:\Documents and Settings\LogMeInRemoteUser.NFLRAIDERZ\Application Data
2008-04-03 09:36:51 0 d---s---- C:\Documents and Settings\LogMeInRemoteUser.NFLRAIDERZ\Application Data\Microsoft
2008-04-03 09:36:50 229376 --ah----- C:\Documents and Settings\LogMeInRemoteUser.NFLRAIDERZ\NTUSER.DAT
2008-04-02 23:15:37 0 d-------- C:\Program Files\LogMeIn
2008-04-02 20:39:30 0 d-------- C:\Documents and Settings\nflraiderz\.frugoo_file_store_32
2008-03-21 21:44:40 0 d-------- C:\Program Files\Total Video Converter
2008-03-21 21:30:19 0 d-------- C:\WINDOWS\Video to iPod MP4 PSP 3GP Converter
2008-03-21 21:30:19 0 d-------- C:\Program Files\Video to iPod MP4 PSP 3GP Converter
2008-03-21 14:32:09 0 d-------- C:\Program Files\Bonjour

-- Find3M Report ---------------------------------------------------------------

2008-04-20 00:32:36 0 d-------- C:\Program Files\iPod
2008-04-20 00:26:43 0 d-------- C:\Program Files\QuickTime
2008-04-20 00:13:28 0 d-------- C:\Program Files\Apple Software Update
2008-04-20 00:12:55 0 d-------- C:\Program Files\Common Files\Adobe
2008-04-19 08:00:28 0 d-------- C:\Documents and Settings\nflraiderz\Application Data\AVG7
2008-03-21 14:54:43 0 d-------- C:\Documents and Settings\nflraiderz\Application Data\LimeWire
2008-01-26 02:34:30 35363 --a------ C:\WINDOWS\system32\windrvNT.sys

-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="C:\Program Files\Apoint\Apoint.exe" [01/31/2005 05:35 PM]
"LogMeIn GUI"="C:\Program Files\LogMeIn\x86\LogMeInSystray.exe" [08/03/2007 03:09 PM]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [03/28/2008 11:37 PM]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [03/30/2008 10:36 AM]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
LMIinit.dll 11/15/2007 06:46 PM 87352 C:\WINDOWS\system32\LMIinit.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Start Menu^Programs^Startup^YouTube Uploader for CASIO.lnk]
path=C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\YouTube Uploader for CASIO.lnk
backup=C:\WINDOWS\pss\YouTube Uploader for CASIO.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^nflraiderz^Start Menu^Programs^Startup^LimeWire On Startup.lnk]
path=C:\Documents and Settings\nflraiderz\Start Menu\Programs\Startup\LimeWire On Startup.lnk
backup=C:\WINDOWS\pss\LimeWire On Startup.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG7_CC]
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
"C:\Program Files\iTunes\iTunesHelper.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"C:\Program Files\QuickTime\QTTask.exe" -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
"C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
"C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"

-- End of Deckard's System Scanner: finished at 2008-04-20 11:18:44 ------------

Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Home Edition (build 2600) SP 2.0
Architecture: X86; Language: English

CPU 0: Intel® Pentium® M processor 1.50GHz
Percentage of Memory in Use: 48%
Physical Memory (total/avail): 511.23 MiB / 262.15 MiB
Pagefile Memory (total/avail): 1250.21 MiB / 994.68 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1939 MiB

C: is Fixed (NTFS) - 33.6 GiB total, 8.98 GiB free.
D: is CDROM (No Media)

\\.\PHYSICALDRIVE0 - TOSHIBA MK4026GAX - 37.26 GiB - 3 partitions
\PARTITION0 - Unknown - 47.03 MiB
\PARTITION1 (bootable) - Installable File System - 33.6 GiB - C:
\PARTITION2 - Unknown - 3.61 GiB

-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.
Windows Internal Firewall is enabled.

FirstRunDisabled is set.
AntivirusOverride is set.

AV: AVG 7.5.516 v7.5.516 (Grisoft) [color=\"RED\"]Outdated[/color]

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Disabled:Messenger"
"C:\\Program Files\\AIM6\\aim6.exe"="C:\\Program Files\\AIM6\\aim6.exe:*:Enabled:AIM"
"C:\\Program Files\\Grisoft\\AVG7\\avginet.exe"="C:\\Program Files\\Grisoft\\AVG7\\avginet.exe:*:Enabled:avginet.exe"
"C:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe"="C:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe:*:Enabled:avgamsvr.exe"
"C:\\Program Files\\Grisoft\\AVG7\\avgcc.exe"="C:\\Program Files\\Grisoft\\AVG7\\avgcc.exe:*:Enabled:avgcc.exe"
"C:\\Program Files\\Grisoft\\AVG7\\avgemc.exe"="C:\\Program Files\\Grisoft\\AVG7\\avgemc.exe:*:Enabled:avgemc.exe"
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"="C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe:*:Enabled:AOL Loader"
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Documents and Settings\\nflraiderz\\Local Settings\\Temp\\BS2-20080326\\BurningSand2.exe"="C:\\Documents and Settings\\nflraiderz\\Local Settings\\Temp\\BS2-20080326\\BurningSand2.exe:*:Enabled:BurningSand2"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Disabled:LimeWire"
"C:\\WINDOWS\\system32\\sessmgr.exe"="C:\\WINDOWS\\system32\\sessmgr.exe:*:Enabled:@xpsp2res.dll,-22019"

-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users.WINDOWS
APPDATA=C:\Documents and Settings\nflraiderz\Application Data
CLASSPATH=.;C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=NFLRAIDERZ
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\nflraiderz
LOGONSERVER=\\NFLRAIDERZ
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\PROGRA~1\Java\JRE16~1.0_0\bin;C:\PROGRA~1\Java\JRE16~1.0_0\bin;C:\Program Files\Mozilla Firefox;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\QuickTime\QTSystem\;.
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 13 Stepping 8, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0d08
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\NFLRAI~1\LOCALS~1\Temp
TMP=C:\DOCUME~1\NFLRAI~1\LOCALS~1\Temp
ULTRAMON_LANGDIR=C:\Program Files\UltraMon\Resources\en
USERDOMAIN=NFLRAIDERZ
USERNAME=nflraiderz
USERPROFILE=C:\Documents and Settings\nflraiderz
windir=C:\WINDOWS

-- User Profiles ---------------------------------------------------------------

nflraiderz (admin)
LogMeInRemoteUser (new local, admin)
LogMeInRemoteUser.NFLRAIDERZ (admin)

-- Add/Remove Programs ---------------------------------------------------------

--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Aarons Cliker Version 2.89 --> "C:\Program Files\AARONS CLIKER\unins000.exe"
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
AIM 6 --> C:\Program Files\AIM6\uninst.exe
ALPS Touch Pad Driver --> C:\Program Files\Apoint\Uninstap.exe ADDREMOVE
Apple Mobile Device Support --> MsiExec.exe /I{44734179-8A79-4DEE-BB08-73037F065543}
Apple Software Update --> MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}
ATI Display Driver --> rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
Auto Clicker-Image Recognizer --> MsiExec.exe /I{9129C63A-1CD7-419D-A54B-70FFB5295678}
AVG 7.5 --> C:\Program Files\Grisoft\AVG7\setup.exe /UNINSTALL
Bonjour --> MsiExec.exe /I{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}
Conexant D480 MDC V.9x Modem --> C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_8086&DEV_24x6&SUBSYS_542214F1\HXFSETUP.EXE -U -Idel5422k.inf
Folder Lock --> E:\Folder Lock\Uninstall.exe
Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
iTunes --> MsiExec.exe /I{80FD852F-5AAC-4129-B931-06AAFFA43138}
Java(tm) 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
KeyScrambler --> C:\Program Files\KeyScrambler\uninstall.exe
LimeWire 4.16.6 --> "C:\Program Files\LimeWire\uninstall.exe"
LogMeIn --> MsiExec.exe /I{7E7658A2-CD3F-48A7-93EA-0882BCA4FD2A}
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Mozilla Firefox (2.0.0.13) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Photo Transport --> MsiExec.exe /X{63CFD835-FF50-4F8B-91CD-5662A8C640F8}
PowerDVD --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
QuickTime --> MsiExec.exe /I{BFD96B89-B769-4CD6-B11E-E79FFD46F067}
Total Video Converter 3.11 --> "C:\Program Files\Total Video Converter\unins000.exe"
Viewpoint Media Player --> C:\Program Files\Viewpoint\Viewpoint Media Player\mtsAxInstaller.exe /u
Windows Live Messenger --> MsiExec.exe /I{571700F0-DB9D-4B3A-B03D-35A14BB5939F}
Windows Live Sign-in Assistant --> MsiExec.exe /I{49672EC2-171B-47B4-8CE7-50D7806360D7}
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
YouTube Uploader for CASIO --> MsiExec.exe /X{D482AA7B-92FD-490D-A0EA-7A653D2A78E8}

-- Application Event Log -------------------------------------------------------

Event Record #/Type1607 / Error
Event Submitted/Written: 04/06/2008 02:54:37 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application explorer.exe, version 6.0.2900.3156, faulting module unknown, version 0.0.0.0, fault address 0x003680aa.
Processing media-specific event for [explorer.exe!ws!]

Event Record #/Type1605 / Error
Event Submitted/Written: 04/06/2008 02:53:29 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application explorer.exe, version 6.0.2900.3156, faulting module unknown, version 0.0.0.0, fault address 0x0036804f.
Processing media-specific event for [explorer.exe!ws!]

Event Record #/Type1537 / Warning
Event Submitted/Written: 04/02/2008 11:21:03 PM
Event ID/Source: 110 / LogMeIn
Event Description:
Request denied for user ? for URI [/main.html] from IP address 127.0.0.1. Secure (SSL) Connection: Yes

Event Record #/Type1527 / Error
Event Submitted/Written: 04/02/2008 08:40:40 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application firefox.exe, version 1.8.20080.31114, faulting module firefox.exe, version 1.8.20080.31114, fault address 0x0021b5d4.
Processing media-specific event for [firefox.exe!ws!]

Event Record #/Type1471 / Success
Event Submitted/Written: 03/26/2008 00:23:45 AM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.

-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.

-- System Event Log ------------------------------------------------------------

Event Record #/Type11651 / Error
Event Submitted/Written: 04/06/2008 09:58:12 PM
Event ID/Source: 7 / Disk
Event Description:
The device, \Device\Harddisk0\D, has a bad block.

Event Record #/Type11650 / Warning
Event Submitted/Written: 04/06/2008 08:46:09 PM
Event ID/Source: 4226 / Tcpip
Event Description:
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.

Event Record #/Type11649 / Error
Event Submitted/Written: 04/06/2008 05:40:30 PM
Event ID/Source: 7 / Disk
Event Description:
The device, \Device\Harddisk0\D, has a bad block.

Event Record #/Type11648 / Error
Event Submitted/Written: 04/06/2008 05:38:25 PM / 04/06/2008 05:38:26 PM
Event ID/Source: 7 / Disk
Event Description:
The device, \Device\Harddisk0\D, has a bad block.

Event Record #/Type11647 / Error
Event Submitted/Written: 04/06/2008 05:38:10 PM
Event ID/Source: 7 / Disk
Event Description:
The device, \Device\Harddisk0\D, has a bad block.

-- End of Deckard's System Scanner: finished at 2008-04-06 22:00:55 ------------

guestolo · « **Reply #3 on:** April 20, 2008, 10:09:22 AM »

I would like to scan a couple files, I believe on may be related to Aaron's clicker
Not sure about the other however

go to this link

http://www.virustotal.com/flash/index_en.html
Copy and paste the following bold line to the space next to 'Upload a File'

C:\WINDOWS\system32\2d2ca2ce-704a-428c-8cbe-0736b29190aa.dll
Then use the SEND FILE button
Let it finish scanning
Could you post back the results this scan back here please
Or better yet, just link to the results paga

Do the same for this path to the file name
C:\WINDOWS\system32\3D012A1A79.dll

Oakland Raiderz · « **Reply #4 on:** April 20, 2008, 12:11:59 PM »

just to let you know i got aaron's clicker from download.com so i'm hoping it was a safe thing to do

for the first file C:\WINDOWS\system32\2d2ca2ce-704a-428c-8cbe-0736b29190aa.dll
here are the results
http://www.virustotal.com/analisis/af1762f...0e4d12bfe6f7d41

for the second file C:\WINDOWS\system32\3D012A1A79.dll
here are the results
http://www.virustotal.com/analisis/772642f...fc8c27ad33030da

from what i can see they both look "clean"

guestolo · « **Reply #5 on:** April 21, 2008, 06:58:16 PM »

Let's try some cleanup, see how the computer reacts later

Download [color=\"#FF0000\"]ATF-Cleaner[/color] by Atribune.
Save it to your desktop
We'll need it later

I see remnants of Norton's AV still in your logs
Go to the following link
http://service1.symantec.com/SUPPORT/tsgen...&view=docid
Go to STEP 3
Download and Save the uninstaller to desktop
We'll need it in a bit

Your version of Java is outdated and needs to be updated to take advantage of fixes that have eliminated security vulnerabilities.
[color=\"blue\"]Updating Java:[/color]

Download the latest version of Java Runtime Environment (JRE) 6 Update 6.
From that link scroll down to where it says "Java Runtime Environment (JRE) 6 Update 6".
Click the "Download" button to the right.
In the Window that opens, select Windows, your Language, check the "agree" box and click Continue.
Click on the link to download Windows Offline Installation, Multi-language (15.21 MB) and save to your desktop.
Close any programs you may have running - especially your web browser.
Go to Start > Control Panel double-click on Add or Remove Programs and remove all older versions of Java.
Check any item with Java Runtime Environment (JRE or J2SE) in the name.

-In your case remove
Javaâ„¢ 6 Update 3
[/list]

Don't install the new version yet
Don't reboot the computer yet

Instead:
Double-click the Norton Removal Tool icon.

Follow the on-screen instructions.
>> Your computer may be restarted more than once, and you may be asked to repeat some steps after the computer restarts.
====================================
If your computer did not need to be restarted, restart manually anyways

Back in Windows

Double-click ATF-Cleaner.exe to run the program.
Under Main choose: Select All
Click the Empty Selected button.

Wait for the "Done Cleaning" prompt
Hit OK

Click Exit on the Main menu to close the program.
================================================

Afterwards: Install the latest version of Sun Java from the installer on desktop

Reboot the computer one more time

Startup may be slower at reboot, as we have cleared the prefetch folder
Startup time will increase when the Prefetch folder is repopulated

Come back and post a fresh hijackthis log, let me know how things are running

Oakland Raiderz · « **Reply #6 on:** April 21, 2008, 08:23:02 PM »

my computer turns on quicker but most of the problems ini my very first post still are occuring

with my itunes i've reinstalled it and unistalled it several times and everytime i play a song it'll freeze my computer or it will play but no sound ... i went youtube and my speakers do work. so i tryed playing songs in windows media player and it played for like 30 second then my computer went crazy again.

i did find weird though when i restarted my computer before it restarted a window came up and it said "ending process (then random letteres and numbers like this abcdacba53d5aca231acba3dc1a3bbc) so i restarted again and it went away

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:41:57 PM, on 4/21/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: QFX Software KeyScrambler - {2B9F5787-88A5-4945-90E7-C4B18563BC5E} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll
O9 - Extra 'Tools' menuitem: &KeyScrambler... - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe

--
End of file - 4402 bytes

guestolo · « **Reply #7 on:** April 21, 2008, 09:27:47 PM »

Is AVG7 able to update and run a scan
Can you manually check for updates with AVG and ensure it's right up to date

Not sure about your other problems yet
Have you checked in Device manager for any yellow exclamation marks?
Drivers that require attention

Oakland Raiderz · « **Reply #8 on:** April 22, 2008, 05:22:54 AM »

i was able to update my avg and for the heck of it i did a scan it found no viruses but it did find this

C:\\WINDOWS\system32\drivers\etc\hosts

it said the result was change and status was changed

and i also checked my device manager and i found no yellow exclamation marks

guestolo · « **Reply #9 on:** April 22, 2008, 07:37:07 PM »

It's normal to see that with AVG
not to worry

It could be you have a corrupt profile
I only see one Admin account?
Not including the Logmein

According to Deckard's scanner
This is the only seen User profile
nflraiderz

Where are you seeing the other profiles?
In the User accounts in the Control Panel, or is it a Folder in Explorer?

Oakland Raiderz · « **Reply #10 on:** April 22, 2008, 08:45:32 PM »

you are correct i have one accoutn because i'm the only one on this computer and that account is
nflraiderz

i'm seeing these other profiles in folder in explorer under c drive documents and settings theres two other ones that i don't have access to Nehr Mobile and OAKLANDRAIDERZ
maybe i should makea new account? because i agree with you when i mest with my regirsty i can almost promise you i corrupted my profile

just to let you know i now get this message when i open itunes
"itunes cannot run because it has detected a problem with your audio configuration"

jsut to let you know my speakers work and i get sound from runescape and other games =]

guestolo · « **Reply #11 on:** April 22, 2008, 09:02:25 PM »

From Add and remove programs try uninstall Quicktime
Reboot the computer
Do you still get the message from Itunes?

Oakland Raiderz · « **Reply #12 on:** April 22, 2008, 09:20:08 PM »

i clicked on it and it said you need quicktime in order to play itunes i guess they work in unison (spelled that wrong) so i unistalled itunes and quicktime rebooted now i'm downloading itunes and quicktime i'll let you know in the morning whats going on =]

guestolo · « **Reply #13 on:** April 22, 2008, 09:35:06 PM »

Sorry, meant to say uninstall Quicktime then reinstall it

Oakland Raiderz · « **Reply #14 on:** April 23, 2008, 02:14:41 PM »

i've tried installing itunes but i get thig message
"iTunes Installer has encountered a problem and needs to close. We are sorry for the inconvenience."
Heres the error signature
EventType : InPageError P1 : c000009c P2 : 00000003
and heres the following files that will be included in this error report
C:\DOCUME~1\NFLRAI~1\LOCALS~1\Temp\WER9b20.dir00\iTunesSetup.exe.mdmp
C:\DOCUME~1\NFLRAI~1\LOCALS~1\Temp\WER9b20.dir00\appcompat.txt

guestolo · « **Reply #15 on:** April 23, 2008, 07:48:09 PM »

Try and follow all the General troubleshooting steps in this guide
http://docs.info.apple.com/article.html?artnum=93976

Take particular notice of the following steps

Quote

General Installation Troubleshooting
Important: A majority of customers experience successful iTunes installation after completing these troubleshooting procedures. If one does not help, proceed to the next.

Arrow Completely Remove iTunes and QuickTime (Click to show)

Note: Songs you purchased from the iTunes Store or imported from CDs are saved in your My Music folder by default and are not deleted by removing iTunes.

1. Quit iTunes.
2. On the Start menu, click Control Panel.
3. Windows XP and Windows 2000: In Control Panel, open Add or Remove Programs.
Windows Vista: In Control Panel, click Uninstall a program. Alternately, in Classic View of Control Panel, click Programs and Features.
4. Select iTunes from the list of currently installed programs, then click Remove or Uninstall.
5. In Windows XP and Windows 2000, when asked if you would like to remove iTunes, select Yes.
6. In Windows Vista, if your permission is needed to continue, click Continue.
7. After uninstalling iTunes, do not restart if you are prompted to.
8. If other entries were present for iTunes remove those as well.
9. In Add or Remove Programs or Programs and Features, remove any iPod Updater applications that are listed in the same fashion as iTunes was removed.
10. In Add or Remove Programs or Programs and Features, remove any QuickTime installations that are listed in the same fashion as iTunes was removed.
11. Restart your computer.
12. After the computer restarts, open Local Disk C: in My Computer/Computer or whichever disk programs are installed on.
13. Open the Program Files folder.
14. Right-click the iTunes folder and select Delete and choose Yes when asked to confirm the deletion. Note: This folder may have already been deleted if iTunes was successfully removed in steps 1-8.
15. Right click the iPod folder and select Delete and choose Yes when asked to confirm the deletion.
16. Right-click the QuickTime folder and select Delete and choose Yes when asked to confirm the deletion.
17. Delete the QuickTime and QuicktimeVR files located in the C:\\Windows\\system32\\folder.
18. Right-click on the Recycle Bin and on the shortcut menu, click Empty Recycle Bin.
19. Restart your computer.
20. Install the latest version of iTunes from http://www.apple.com/itunes/download.

Arrow Empty your Temp directory and restart (Click for more)

1. On the Start menu, click My Computer/Computer (or double-click My Computer on the Desktop).
2. In My Computer/Computer, open Local Disk C:.
3. Windows XP and Windows 2000: Open Documents and Settings.
4. Windows Vista: Open Users.
5. Double-click the folder that bears your username.
6. Windows Vista only: If you see an AppData folder, double-click it and skip to step 12. If you don't see an AppData folder, skip to step 9.
7. Windows XP only: If you see a Local Settings folder, skip to step 12. If you don't see a Local Settings folder, proceed to the next step.
8. Windows XP and Windows 2000: From the Tools menu, choose Folder Options.
9. Windows Vista: From the Organize menu, choose Folder and Search Options.
10. Select the "Show hidden files and folders" button.
11. Click OK.
12. Double-click Local Settings or Local folder (If on Windows Vista, you must first double-click the AppData folder). If Windows needs your permission to continue, click Continue.
13. Right-click on the Temp folder and on the shortcut menu, choose Delete.
14. In the confirmation dialog that appears, click Yes.
15. If you are unable to delete the Temp folder, close all programs, especially those in the Notification area (system tray) of the Windows Task bar shown below and repeat step 10.
16. Restart your computer.
17. Install the latest version of iTunes from http://www.apple.com/itunes/download.

Arrow Clean up iTunes installer files on the computer (Click to show)

You can download the Windows Installer Cleanup Utility from Microsoft, which will clean up any leftover installer files that may be causing issues with your current installation. To do this:

1. Click here first, and read the important information about the software.
2. Click the "Download the Windows Installer Cleanup Utility package now" link on that page to download a file titled msicuu2.exe.
3. Open the msicuu2.exe file and follow the prompts to install it.
4. On the Start menu, point to All Programs and then click Windows Install Cleanup; the Windows Installer Clean Up Utility window appears, listing software that is currently installed on your computer.
5. Select iTunes from the list and click Remove.
6. Click OK in the confirmation dialog that appears.
7. Repeat steps 5 and 6 if you have multiple iTunes entries listed.
8. Select QuickTime from the list and click Remove.
9. Click OK in the confirmation dialog that appears.
10. Repeat steps 8 and 9 if you have multiple QuickTime entries listed.
11. Click Exit.
12. Restart the computer.
13. Install the latest version of iTunes from http://www.apple.com/itunes/download.

Arrow Download QuickTime Standalone Installer (Click for more)

Try downloading and installing the standalone version of QuickTime from http://www.apple.com/quicktime/download/win.html. Be sure you download the version that does not include iTunes.
Arrow Disable other conflicting software (Click for more)

In Windows, some background processes can cause issues for other programs and processes. These conflicts can prevent applications such as iTunes and QuickTime Player from installing. See "Using MSCONFIG to troubleshoot conflicts in Windows" for assistance disabling conflicting processes.
Arrow Make sure your folder names don't contain strange characters (Click to show)

Let me know what works for you or what didn't

Oakland Raiderz · « **Reply #16 on:** April 23, 2008, 08:54:09 PM »

well now theres even a more seruios problem when i put my computer into safe mode to see if i could search my computer i restarted my computer and now i can't get into normal mode OR safe mode i tried to boot from last known good point but no luck either. i found our xp disc and tryed to repair the settings but i don't think i'm doing it right.

i think i know why my itunes wasn't working.. i don't think i ever put service pack 2 on. >.<

Oakland Raiderz · « **Reply #17 on:** April 23, 2008, 09:00:14 PM »

[quote name=\'Oakland Raiderz\' post=\'427225\' date=\'Apr 23 2008, 07:54 PM\']well now theres even a more seruios problem when i put my computer into safe mode to see if i could search my computer i restarted my computer and now i can't get into normal mode OR safe mode i tried to boot from last known good point but no luck either. i found our xp disc and tryed to repair the settings but i don't think i'm doing it right.

i think i know why my itunes wasn't working.. i don't think i ever put service pack 2 on. >.<[/quote]

IGNORE EVERYTHING I JUST TYPED BEFORE
i just restarted my computer and i got on AND it took like normal time

i'm going to back up a few things and then i'm going to do what yoru post said above about itunes =]
i'll let you know whats going on in a little bit

Oakland Raiderz · « **Reply #18 on:** April 24, 2008, 08:01:19 AM »

I have good news and bad news.

ITUNES WORKS

http://images.thetechguide.com/forum/public/style_emoticons/<#EMO_DIR#>/biggrin.gif\' class=\'bbc_emoticon\' alt=\'

\' /> and my computer doesn't freeze when i play a song.

(i fixed it buy deleting filed in my temp folder and in my application data folder =]

Bad news is that i still have lots of other problems that still need to get fixed >.<
1. like a can't search my computer or i'll get a error message.
2. etc

guestolo · « **Reply #19 on:** April 24, 2008, 08:33:37 AM »

Can you do a couple steps for me
Put your XP disk into the cd/dvd drive
Exit out if it autostarts

Then go to START>>RUN>>type, or copy>paste the next exact command in bold
and hit OK

sfc /scannow

Let this finish, it may take some time

Afterwards,
Download and save to desktop
Dial-a-fix-v0.60.0.24.zip
by djlizard
Extract the contents to it's own folder on desktop
http://www.majorgeeks.com/download4899.html
Open the extracted Dial-a-fix folder and double click on Dial-a-fix.exe
In the main Window put a tick in

Empty temp folders
Adjust time/date
Fix Windows installer
Fix Windows Updates
NOTE: other selections will get selected by default, leave them checked please
In addition, ensure that Everything is ticked under Registration Center

Close down all web browsers then hit GO in dial-a-fix
Let this finish
When done click Exit
Reboot your computer

Let me know how everythings running afterwards

News:

Author Topic: My Hijack This (Read 3577 times)