Parents and computers are like water and electricity

  • Breeze
  • Photographer
  • Guru
  • User avatar
  • Posts: 1029
  • Loc: Australia

Post 3+ Months Ago

I'm faced with the wrath of the parents ... I wouldn't have the slightest clue what they've done to their computer ...

I don't know if this is in the right section or not ... move if you see neccessary.

To be honest I don't know a lot about the internal workings of computers. I basically stick to the net, build web pages, and do my photography stuff.

My dad has done some weird things to his computer, and i am baffled by them. He's one of those people that types 'ebay.com.au' into google instead of the address bar and he refuses to use tabs, thinking that they are full of viruses.

The first being an issue with typing. Most of the time I can type fine on this computer, then quite randomally something will happen and the keys will change. That is, I'll press a 'B' and an 'X' will come up.

The second thing is to do with some programs. There is an old version of messenger apparently installed on the computer (7.5), it just won't budge and it won't open. If I try to remove it, it comes up with a message saying that it couldn't be removed. This means that I cannot install new versions so I have to resort to webmessenger, which is the second biggest pain-in-the-but on the web (the first being spam). And it's not just messenger - several programs on here just refuse to be uninstalled.

I think the best way around these is to throw SI ('Stupid Idiot', the name I have given to the computer) out the window and start afresh with a new one, but I want to know if there's anything that can be done about these problems, because he uses the computer for his business and there's multitudes of vital files on here that need to be retained.
  • spork
  • Brewmaster
  • Silver Member
  • User avatar
  • Posts: 6254
  • Loc: Seattle, WA

Post 3+ Months Ago

Have you tried scanning with malware scanners and/or HijackThis? We'd be glad to take a look at your log if you post it.
  • Breeze
  • Photographer
  • Guru
  • User avatar
  • Posts: 1029
  • Loc: Australia

Post 3+ Months Ago

There's probably a heap of stuff here that needs to be dealt with:

Code: [ Select ]
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:21:01 PM, on 4/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\UPHClean\uphclean.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\lexpps.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\All Users\Application Data\U3\U3Launcher\LaunchU3.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LMABSTAT.EXE
C:\WINDOWS\system32\LMabcoms.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.optusnet.com.au/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchURL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchURL = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://as.starware.com/dp/search?x=wKX1ILEOi+Vh7AfA98Gm4Me69ZMbubcDmYReEEaH4pXhtxeDe2UDlencRNcHCKwOaG3PMH52HcvK8Zi1pBd732uDuvsTJOycRMjpAEdlW5f3xn7rWTVHGEefk6id9Uax8dpBN3cfGxEdH6rlJA1gXrTrVf9Rr91WuuFEDxRQLbw527Xy6JXkUpzv/O7JyE2k/At+FfVnTKQ=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page_bak = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer from OptusNet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = www.winmx.com:6699
R3 - URLSearchHook: (no name) - {928E0839-CE8E-E871-F7DA-E4CB59E95D91} - blank (file missing)
R3 - URLSearchHook: (no name) - {EF290D6C-9FD0-EE7D-A78F-E13BF67372C1} - blank (file missing)
R3 - URLSearchHook: (no name) - {8A924C82-D839-F3CD-4D83-F45A104D4196} - blank (file missing)
R3 - URLSearchHook: (no name) - {3ED55440-186F-409D-27FE-6F722929CE50} - SAPSTR.dll (file missing)
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {8A924C82-D839-F3CD-4D83-F45A104D4196} - blank (file missing)
O2 - BHO: (no name) - {928E0839-CE8E-E871-F7DA-E4CB59E95D91} - blank (file missing)
O2 - BHO: (no name) - {C8F21DFE-B35C-4274-82EC-1E072D09025E} - C:\WINDOWS\system32\winbrume.dll (file missing)
O2 - BHO: (no name) - {EF290D6C-9FD0-EE7D-A78F-E13BF67372C1} - blank (file missing)
O3 - Toolbar: IE Custom Tools - {EFAF6EA3-615D-4F83-8748-2F7A576FCEA6} - C:\Program Files\Video Add-on\ictmdl.dll (file missing)
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKCU\..\Run: [Ulq] C:\WINDOWS\system32\MIEXEC~1.EXE
O4 - HKCU\..\Run: [Will Power] C:\Program Files\e-Clips\WillPower\WillPower.exe
O4 - HKCU\..\Run: [order_Shell] C:\Documents and Settings\Dave\order_majy.exe
O4 - HKCU\..\Run: [new32] Uint32.exe
O4 - HKCU\..\Run: [DTOURS] prgsys0984.exe
O4 - HKCU\..\Run: [XTermInit] atl_helper.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Coar] "C:\PROGRA~1\RACLE~1\chkdsk.exe" -vt ndrv
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKLM\..\Policies\Explorer\Run: [homepage.monitor.exe] C:\Program Files\strCodec\isamonitor.exe
O4 - HKLM\..\Policies\Explorer\Run: [some] C:\Program Files\Video Add-on\icthis.exe
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: LaunchU3.exe.lnk = ?
O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZN
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\RESA\Start Menu\Programs\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.optusnet.com.au
O15 - Trusted Zone: www.archiviosex.net
O15 - Trusted Zone: www.pacificnational.com.au
O15 - Trusted Zone: www.redfunny.com
O16 - DPF: Yahoo! Chat - http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/c381/chat.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) - http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/v45/yacscom.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://emmymischief.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {56393399-041A-4650-94C7-13DFCB1F4665} (PSFormX Control) - http://www.pestpatrol.com/pestscan/pestscan.cab
O16 - DPF: {88D969C0-F192-11D4-A65F-0040963251E5} (XML DOM Document 4.0) - file://C:\TempEI4\EI40_\msxml4.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B5DD9A64-5C4B-4A48-BE56-97C1A8F85708} - http://www.kjdhendieldiouyu.com/sw/fvp.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = qld.bigpond.net.au
O17 - HKLM\System\CS1\Services\VxD\MSTCP: SearchList = qld.bigpond.net.au
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: SearchList = qld.bigpond.net.au
O17 - HKLM\System\CS2\Services\VxD\MSTCP: SearchList = qld.bigpond.net.au
O17 - HKLM\System\CCS\Services\VxD\MSTCP: SearchList = qld.bigpond.net.au
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = qld.bigpond.net.au
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs:  wucrtupd.dll   C:\WINDOWS\system32\wucrtupd.dll
O20 - Winlogon Notify: directpt - directpt.dll (file missing)
O20 - Winlogon Notify: winmxw32 - winmxw32.dll (file missing)
O21 - SSODL: pAniGf - {ACFDCECA-0657-6460-A82D-35B4A014EA37} - blank (file missing)
O21 - SSODL: hemadynamometer - {6076d2b1-634c-4685-843b-f826045ea5dc} - C:\WINDOWS\system32\syycum.dll (file missing)
O22 - SharedTaskScheduler: hemadynamometer - {6076d2b1-634c-4685-843b-f826045ea5dc} - C:\WINDOWS\system32\syycum.dll (file missing)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Intel(R) Active Monitor (imonNT) - Intel Corp. - C:\Program Files\Intel\Intel(R) Active Monitor\imonnt.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: lmab_device - Unknown owner - C:\WINDOWS\system32\LMabcoms.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O24 - Desktop Component 0: (no name) - C:\Documents and Settings\Dave\My Documents\photo`s images & graphics\0,,2006030074,00.jpg
O24 - Desktop Component 1: My Current Home Page - About:Home

--
End of file - 11538 bytes
  1. Logfile of Trend Micro HijackThis v2.0.2
  2. Scan saved at 2:21:01 PM, on 4/02/2008
  3. Platform: Windows XP SP2 (WinNT 5.01.2600)
  4. MSIE: Internet Explorer v7.00 (7.00.6000.16574)
  5. Boot mode: Normal
  6. Running processes:
  7. C:\WINDOWS\System32\smss.exe
  8. C:\WINDOWS\system32\winlogon.exe
  9. C:\WINDOWS\system32\services.exe
  10. C:\WINDOWS\system32\lsass.exe
  11. C:\WINDOWS\system32\svchost.exe
  12. C:\WINDOWS\System32\svchost.exe
  13. C:\WINDOWS\system32\LEXBCES.EXE
  14. C:\WINDOWS\system32\spoolsv.exe
  15. C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
  16. C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
  17. C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
  18. C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
  19. C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
  20. C:\WINDOWS\system32\drivers\KodakCCS.exe
  21. C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
  22. C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
  23. C:\WINDOWS\System32\svchost.exe
  24. C:\Program Files\UPHClean\uphclean.exe
  25. C:\Program Files\Canon\CAL\CALMAIN.exe
  26. C:\WINDOWS\system32\wscntfy.exe
  27. C:\WINDOWS\Explorer.EXE
  28. C:\WINDOWS\system32\lexpps.exe
  29. C:\WINDOWS\system32\ctfmon.exe
  30. C:\Documents and Settings\All Users\Application Data\U3\U3Launcher\LaunchU3.exe
  31. C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LMABSTAT.EXE
  32. C:\WINDOWS\system32\LMabcoms.exe
  33. C:\Program Files\Mozilla Firefox\firefox.exe
  34. C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
  35. R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.optusnet.com.au/
  36. R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchURL = about:blank
  37. R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
  38. R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
  39. R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
  40. R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
  41. R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchURL = about:blank
  42. R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://as.starware.com/dp/search?x=wKX1ILEOi+Vh7AfA98Gm4Me69ZMbubcDmYReEEaH4pXhtxeDe2UDlencRNcHCKwOaG3PMH52HcvK8Zi1pBd732uDuvsTJOycRMjpAEdlW5f3xn7rWTVHGEefk6id9Uax8dpBN3cfGxEdH6rlJA1gXrTrVf9Rr91WuuFEDxRQLbw527Xy6JXkUpzv/O7JyE2k/At+FfVnTKQ=
  43. R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page_bak = about:blank
  44. R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer from OptusNet
  45. R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = www.winmx.com:6699
  46. R3 - URLSearchHook: (no name) - {928E0839-CE8E-E871-F7DA-E4CB59E95D91} - blank (file missing)
  47. R3 - URLSearchHook: (no name) - {EF290D6C-9FD0-EE7D-A78F-E13BF67372C1} - blank (file missing)
  48. R3 - URLSearchHook: (no name) - {8A924C82-D839-F3CD-4D83-F45A104D4196} - blank (file missing)
  49. R3 - URLSearchHook: (no name) - {3ED55440-186F-409D-27FE-6F722929CE50} - SAPSTR.dll (file missing)
  50. R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
  51. O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
  52. O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
  53. O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
  54. O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
  55. O2 - BHO: (no name) - {8A924C82-D839-F3CD-4D83-F45A104D4196} - blank (file missing)
  56. O2 - BHO: (no name) - {928E0839-CE8E-E871-F7DA-E4CB59E95D91} - blank (file missing)
  57. O2 - BHO: (no name) - {C8F21DFE-B35C-4274-82EC-1E072D09025E} - C:\WINDOWS\system32\winbrume.dll (file missing)
  58. O2 - BHO: (no name) - {EF290D6C-9FD0-EE7D-A78F-E13BF67372C1} - blank (file missing)
  59. O3 - Toolbar: IE Custom Tools - {EFAF6EA3-615D-4F83-8748-2F7A576FCEA6} - C:\Program Files\Video Add-on\ictmdl.dll (file missing)
  60. O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
  61. O4 - HKCU\..\Run: [Ulq] C:\WINDOWS\system32\MIEXEC~1.EXE
  62. O4 - HKCU\..\Run: [Will Power] C:\Program Files\e-Clips\WillPower\WillPower.exe
  63. O4 - HKCU\..\Run: [order_Shell] C:\Documents and Settings\Dave\order_majy.exe
  64. O4 - HKCU\..\Run: [new32] Uint32.exe
  65. O4 - HKCU\..\Run: [DTOURS] prgsys0984.exe
  66. O4 - HKCU\..\Run: [XTermInit] atl_helper.exe
  67. O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
  68. O4 - HKCU\..\Run: [Coar] "C:\PROGRA~1\RACLE~1\chkdsk.exe" -vt ndrv
  69. O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
  70. O4 - HKLM\..\Policies\Explorer\Run: [homepage.monitor.exe] C:\Program Files\strCodec\isamonitor.exe
  71. O4 - HKLM\..\Policies\Explorer\Run: [some] C:\Program Files\Video Add-on\icthis.exe
  72. O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
  73. O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
  74. O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
  75. O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
  76. O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
  77. O4 - Global Startup: LaunchU3.exe.lnk = ?
  78. O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
  79. O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZN
  80. O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
  81. O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
  82. O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
  83. O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
  84. O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
  85. O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\RESA\Start Menu\Programs\IMVU\Run IMVU.lnk (file missing)
  86. O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
  87. O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
  88. O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
  89. O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
  90. O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
  91. O14 - IERESET.INF: START_PAGE_URL=http://www.optusnet.com.au
  92. O15 - Trusted Zone: www.archiviosex.net
  93. O15 - Trusted Zone: www.pacificnational.com.au
  94. O15 - Trusted Zone: www.redfunny.com
  95. O16 - DPF: Yahoo! Chat - http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/c381/chat.cab
  96. O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
  97. O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) - http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/v45/yacscom.cab
  98. O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://emmymischief.spaces.live.com//PhotoUpload/MsnPUpld.cab
  99. O16 - DPF: {56393399-041A-4650-94C7-13DFCB1F4665} (PSFormX Control) - http://www.pestpatrol.com/pestscan/pestscan.cab
  100. O16 - DPF: {88D969C0-F192-11D4-A65F-0040963251E5} (XML DOM Document 4.0) - file://C:\TempEI4\EI40_\msxml4.cab
  101. O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
  102. O16 - DPF: {B5DD9A64-5C4B-4A48-BE56-97C1A8F85708} - http://www.kjdhendieldiouyu.com/sw/fvp.cab
  103. O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
  104. O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
  105. O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = qld.bigpond.net.au
  106. O17 - HKLM\System\CS1\Services\VxD\MSTCP: SearchList = qld.bigpond.net.au
  107. O17 - HKLM\System\CS2\Services\Tcpip\Parameters: SearchList = qld.bigpond.net.au
  108. O17 - HKLM\System\CS2\Services\VxD\MSTCP: SearchList = qld.bigpond.net.au
  109. O17 - HKLM\System\CCS\Services\VxD\MSTCP: SearchList = qld.bigpond.net.au
  110. O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = qld.bigpond.net.au
  111. O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
  112. O20 - AppInit_DLLs:  wucrtupd.dll   C:\WINDOWS\system32\wucrtupd.dll
  113. O20 - Winlogon Notify: directpt - directpt.dll (file missing)
  114. O20 - Winlogon Notify: winmxw32 - winmxw32.dll (file missing)
  115. O21 - SSODL: pAniGf - {ACFDCECA-0657-6460-A82D-35B4A014EA37} - blank (file missing)
  116. O21 - SSODL: hemadynamometer - {6076d2b1-634c-4685-843b-f826045ea5dc} - C:\WINDOWS\system32\syycum.dll (file missing)
  117. O22 - SharedTaskScheduler: hemadynamometer - {6076d2b1-634c-4685-843b-f826045ea5dc} - C:\WINDOWS\system32\syycum.dll (file missing)
  118. O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
  119. O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
  120. O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
  121. O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
  122. O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
  123. O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
  124. O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
  125. O23 - Service: Intel(R) Active Monitor (imonNT) - Intel Corp. - C:\Program Files\Intel\Intel(R) Active Monitor\imonnt.exe
  126. O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
  127. O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
  128. O23 - Service: lmab_device - Unknown owner - C:\WINDOWS\system32\LMabcoms.exe
  129. O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)
  130. O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
  131. O24 - Desktop Component 0: (no name) - C:\Documents and Settings\Dave\My Documents\photo`s images & graphics\0,,2006030074,00.jpg
  132. O24 - Desktop Component 1: My Current Home Page - About:Home
  133. --
  134. End of file - 11538 bytes
  • spork
  • Brewmaster
  • Silver Member
  • User avatar
  • Posts: 6254
  • Loc: Seattle, WA

Post 3+ Months Ago

Fix these in safe mode:
Quote:
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://as.starware.com/dp/search?x=wKX1 ... ZMbubcDmYR eEEaH4pXhtxeDe2UDlencRNcHCKwOaG3PMH52HcvK8Zi1pBd732uDuvsTJOycRMjpAEdlW 5f3xn7rWTVHGEefk6id9Uax8dpBN3cfGxEdH6rlJA1gXrTrVf9Rr91WuuFEDxRQLbw527X y6JXkUpzv/O7JyE2k/At+FfVnTKQ=

R3 - URLSearchHook: (no name) - {928E0839-CE8E-E871-F7DA-E4CB59E95D91} - blank (file missing)

R3 - URLSearchHook: (no name) - {928E0839-CE8E-E871-F7DA-E4CB59E95D91} - blank (file missing)

R3 - URLSearchHook: (no name) - {8A924C82-D839-F3CD-4D83-F45A104D4196} - blank (file missing)

R3 - URLSearchHook: (no name) - {3ED55440-186F-409D-27FE-6F722929CE50} - SAPSTR.dll (file missing)

R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)

O2 - BHO: (no name) - {8A924C82-D839-F3CD-4D83-F45A104D4196} - blank (file missing)

O2 - BHO: (no name) - {928E0839-CE8E-E871-F7DA-E4CB59E95D91} - blank (file missing)

O2 - BHO: (no name) - {C8F21DFE-B35C-4274-82EC-1E072D09025E} - C:\WINDOWS\system32\winbrume.dll (file missing)

O2 - BHO: (no name) - {C8F21DFE-B35C-4274-82EC-1E072D09025E} - C:\WINDOWS\system32\winbrume.dll (file missing)

O3 - Toolbar: IE Custom Tools - {EFAF6EA3-615D-4F83-8748-2F7A576FCEA6} - C:\Program Files\Video Add-on\ictmdl.dll (file missing)

O4 - HKCU\..\Run: [Ulq] C:\WINDOWS\system32\MIEXEC~1.EXE

O4 - HKCU\..\Run: [order_Shell] C:\Documents and Settings\Dave\order_majy.exe

O4 - HKCU\..\Run: [new32] Uint32.exe

O4 - HKCU\..\Run: [DTOURS] prgsys0984.exe

O4 - HKCU\..\Run: [XTermInit] atl_helper.exe

O4 - HKCU\..\Run: [Coar] "C:\PROGRA~1\RACLE~1\chkdsk.exe" -vt ndrv

O4 - HKLM\..\Policies\Explorer\Run: [homepage.monitor.exe] C:\Program Files\strCodec\isamonitor.exe

O4 - HKLM\..\Policies\Explorer\Run: [some] C:\Program Files\Video Add-on\icthis.exe

O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredi ... jhtml?p=ZN

O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\RESA\Start Menu\Programs\IMVU\Run IMVU.lnk (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)

O15 - Trusted Zone: http://www.archiviosex.net

O15 - Trusted Zone: http://www.redfunny.com

O16 - DPF: {B5DD9A64-5C4B-4A48-BE56-97C1A8F85708} - http://www.kjdhendieldiouyu.com/sw/fvp.cab

O20 - AppInit_DLLs: wucrtupd.dll C:\WINDOWS\system32\wucrtupd.dll

O20 - Winlogon Notify: directpt - directpt.dll (file missing)

O20 - Winlogon Notify: winmxw32 - winmxw32.dll (file missing)

O21 - SSODL: pAniGf - {ACFDCECA-0657-6460-A82D-35B4A014EA37} - blank (file missing)

O21 - SSODL: hemadynamometer - {6076d2b1-634c-4685-843b-f826045ea5dc} - C:\WINDOWS\system32\syycum.dll (file missing)

O22 - SharedTaskScheduler: hemadynamometer - {6076d2b1-634c-4685-843b-f826045ea5dc} - C:\WINDOWS\system32\syycum.dll (file missing)

O24 - Desktop Component 1: My Current Home Page - About:Home

I won't lie, that's definitely one of the worst logs I've seen in quite a while, lol

Post Information

  • Total Posts in this topic: 4 posts
  • Users browsing this forum: No registered users and 26 guests
  • You cannot post new topics in this forum
  • You cannot reply to topics in this forum
  • You cannot edit your posts in this forum
  • You cannot delete your posts in this forum
  • You cannot post attachments in this forum
 
 

© 1998-2014. Ozzu® is a registered trademark of Unmelted, LLC.