Member Panel

Remember me ?

Forgot password?   

Sponsors and Ads

Noticeboard
PC Forum PC Help Forum » Security & Safety » [Fixed] Hijackthis! Logs » Vista prework help please

[Fixed] Hijackthis! Logs - Vista prework help please posted in the Security & Safety forums; Hi Guys, I can find the prework instructions but not for Vista 32bit, do you have a link for it please, I have a few issues that are getting worse ...

JOIN US NOW to remove these Ads

Post New Thread  Reply
Page 1 of 4 1 2 3 4 >
  #1  
Old 06-02-2008
stee41's Avatar
Bronze Member
  
Join Date: Nov 2005
Posts: 37
stee41 - See this Members User comments on their Profile page
Default Vista prework help please
Hi Guys,
I can find the prework instructions but not for Vista 32bit, do you have a link for it please, I have a few issues that are getting worse and need sorting out, I am willing to do as much prework as I can to assist
best regards
Stee41
  #2  
Old 06-02-2008
Jelly Bean's Avatar
Moderation Team Leader
My PC
 
Join Date: Feb 2008
Location: Swansea
Posts: 6,063
PC Experience: I Try My Best.
Jelly Bean - See this Members User comments on their Profile page Jelly Bean - See this Members User comments on their Profile page Jelly Bean - See this Members User comments on their Profile page Jelly Bean - See this Members User comments on their Profile page Jelly Bean - See this Members User comments on their Profile page Jelly Bean - See this Members User comments on their Profile page Jelly Bean - See this Members User comments on their Profile page Jelly Bean - See this Members User comments on their Profile page Jelly Bean - See this Members User comments on their Profile page Jelly Bean - See this Members User comments on their Profile page Jelly Bean - See this Members User comments on their Profile page
Send a message via MSN to Jelly Bean Send a message via Yahoo to Jelly Bean Send a message via Skype™ to Jelly Bean
Default Re: Vista prework help please
Hello,it is basicly same princibles for XP as for Vista.


__________________
It is all in the hardware..........................................
Sources:
Microsoft Home Page /Seagate Home Page /Petri Home Page

PCHF Rules / Home Page / Prework /Windows Vista Home Page / XBOX360 / Test your Internet Speed
  #3  
Old 06-02-2008
stee41's Avatar
Bronze Member
  
Join Date: Nov 2005
Posts: 37
stee41 - See this Members User comments on their Profile page
Default Re: Vista prework help please
Ok, all prework done,
I have problems with the keyboard not responding for approx 15 seconmds or so, and when I click on new site links or type them into explorer it can take about 30 seconds to open the page and sometimes explorer stops responding,
I have
AMD 4400
2GB RAM
EXPLORER V7.0
and run updates and maintenance regularly, below is my logfile

Deckard's System Scanner v20071014.68
Run by Steven on 2008-06-02 15:13:34
Computer is in Normal Mode.
--------------------------------------------------------------------------------
Backed up registry hives.
Performed disk cleanup.

-- HijackThis (run as Steven.exe) ----------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:15:24, on 02/06/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16643)
Boot mode: Normal
Running processes:
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Winamp Remote\bin\orbtray.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\IObit\Advanced WindowsCare V2\Awcl.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\dvd43\DVD43_Tray.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Common Files\logishrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Creative\Shared Files\CTSched.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\HiYo\Bin\HiYo.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Winamp Remote\bin\Orb.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\IncrediMail\bin\IMApp.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Windows\System32\mobsync.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Users\Steven\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Steven.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = News, Sport, Music, Movies, Money, Cars, Shopping and more from the MSN UK
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: MySidesearch Search Assistant - {1648E328-3E5A-4EA5-A9C6-E5F09EE272DA} - (no file)
O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\s wg.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper
O4 - HKLM\..\Run: [UpdReg] C:\Windows\UpdReg.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [P17RunE] RunDll32 P17RunE.dll,RunDLLEntry
O4 - HKLM\..\Run: [dvd43] C:\Program Files\dvd43\dvd43_tray.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [Gainward] C:\Program Files\XpertVision\TBPanel.exe /A
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [CreativeTaskScheduler] "C:\Program Files\Creative\Shared Files\CTSched.exe" /logon
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [HiYo] C:\Program Files\HiYo\bin\HiYo.exe /RunFromStartup
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
O4 - HKCU\..\Run: [Orb] "C:\Program Files\Winamp Remote\bin\OrbTray.exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe (User 'Default user')
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Winamp Toolbar Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIC273~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Creative ALchemy AL2 Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\AL2Licensing.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe
--
End of file - 10656 bytes
-- File Associations -----------------------------------------------------------
All associations okay.

-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R3 dvd43llh - c:\windows\system32\drivers\dvd43llh.sys <Not Verified; RIF; DVD For Free>

-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 RichVideo (Cyberlink RichVideo Service(CRVS)) - "c:\program files\cyberlink\shared files\richvideo.exe" <Not Verified; ; RichVideo Module>
S3 Creative ALchemy AL2 Licensing Service - "c:\program files\common files\creative labs shared\service\al2licensing.exe" <Not Verified; Creative Labs; Creative ALchemy AL2 Licensing Service>
S3 NBService - c:\program files\nero\nero 7\nero backitup\nbservice.exe
S3 WLSetupSvc (Windows Live Setup Service) - "c:\program files\windows live\installer\wlsetupsvc.exe" <Not Verified; Microsoft Corporation; Windows Live installer>

-- Device Manager: Disabled ----------------------------------------------------
Class GUID: {4d36e96b-e325-11ce-bfc1-08002be10318}
Description: Standard PS/2 Keyboard
Device ID: ACPI\PNP0303\4&17DB1A3&0
Manufacturer: (Standard keyboards)
Name: Standard PS/2 Keyboard
PNP Device ID: ACPI\PNP0303\4&17DB1A3&0
Service: i8042prt

-- Scheduled Tasks -------------------------------------------------------------
2008-06-02 08:44:17 382 --a------ C:\Windows\Tasks\Advanced WindowsCare Personal Startup.job

-- Files created between 2008-05-02 and 2008-06-02 -----------------------------
2008-06-02 14:30:25 0 d-------- C:\Program Files\Trend Micro
2008-05-26 09:37:35 0 d-------- C:\Program Files\HiYo
2008-05-26 07:05:19 0 d-------- C:\Program Files\MSN Messenger
2008-05-25 11:02:32 0 d--h----- C:\$AVG8.VAULT$
2008-05-24 14:56:02 0 d-------- C:\Windows\system32\drivers\Avg
2008-05-24 14:55:59 0 d-------- C:\Program Files\AVG

-- Find3M Report ---------------------------------------------------------------
2008-06-01 17:11:53 0 d-------- C:\Users\Steven\AppData\Roaming\LimeWire
2008-06-01 09:25:47 0 d-------- C:\Program Files\Winamp Remote
2008-05-31 18:40:05 0 d-------- C:\Users\Steven\AppData\Roaming\Azureus
2008-05-31 16:18:46 0 d-------- C:\Users\Steven\AppData\Roaming\BitTorrent
2008-05-26 09:37:50 0 d-------- C:\Users\Steven\AppData\Roaming\HiYo
2008-05-26 09:29:52 0 d-------- C:\Program Files\IncrediMail
2008-05-26 06:49:18 0 d-------- C:\Program Files\Windows Live
2008-05-25 12:18:06 0 d-------- C:\Program Files\LimeWire
2008-05-14 17:40:50 0 d-------- C:\Program Files\Spyware Doctor
2008-05-14 15:33:01 0 d-------- C:\Users\Steven\AppData\Roaming\dvdcss
2008-05-14 14:36:45 0 d-------- C:\Program Files\Windows Mail
2008-05-14 14:10:55 5872 --a------ C:\logfile
2008-05-14 14:01:03 0 d-------- C:\Users\Steven\AppData\Roaming\CyberLink
2008-05-14 12:09:45 0 d-------- C:\Program Files\CyberLink
2008-05-14 12:09:29 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-05-14 12:01:46 0 d-------- C:\Program Files\Digital Photo Navigator 1.5
2008-05-02 19:08:48 0 d-------- C:\Program Files\QuickTime
2008-04-30 11:50:59 0 d-------- C:\Program Files\iPod
2008-04-30 11:43:54 0 d-------- C:\Program Files\Eusing Free Registry Cleaner
2008-04-30 11:43:54 0 d-------- C:\Program Files\Apple Software Update
2008-04-28 17:04:23 0 d-------- C:\Users\Steven\AppData\Roaming\Apple Computer
2008-04-28 17:04:10 0 d-------- C:\Program Files\iTunes
2008-04-28 17:03:34 0 d-------- C:\Program Files\QuickTime(22)
2008-04-28 17:01:21 0 d-------- C:\Program Files\Common Files
2008-04-28 17:01:21 0 d-------- C:\Program Files\Common Files\Apple
2008-04-28 16:59:34 0 d-------- C:\Program Files\Apple Software Update(1)
2008-04-16 12:02:21 0 d-------- C:\Users\Steven\AppData\Roaming\DNA
2008-04-16 12:01:24 0 d-------- C:\Program Files\Incomplete <INCOMP~1>
2008-04-15 18:48:31 0 d-------- C:\Program Files\Ashampoo
2008-04-06 14:38:15 0 d-------- C:\Program Files\Common Files\PX Storage Engine

-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1648E328-3E5A-4EA5-A9C6-E5F09EE272DA}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]
13/12/2007 17:49 1185120 --a------ C:\Program Files\Winamp Toolbar\winamptb.dll
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}"= C:\Program Files\Winamp Toolbar\winamptb.dll [13/12/2007 17:49 1185120]
[-HKEY_CLASSES_ROOT\CLSID\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand.1]
[HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [26/01/2008 18:44]
"P17Helper"="P17.dll" [03/05/2005 12:38 C:\Windows\System32\P17.DLL]
"UpdReg"="C:\Windows\UpdReg.EXE" [11/05/2000 02:00]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [22/02/2008 05:25]
"P17RunE"="P17RunE.dll" [09/04/2007 10:40 C:\Windows\System32\P17RunE.dll]
"dvd43"="C:\Program Files\dvd43\dvd43_tray.exe" [20/11/2007 17:40]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [07/02/2008 15:50]
"CTSysVol"="C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe" [31/10/2005 11:51]
"Gainward"="C:\Program Files\XpertVision\TBPanel.exe" [26/06/2007 16:04]
"NvSvc"="C:\Windows\system32\nvsvc.dll" [12/09/2007 06:28]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [12/09/2007 06:28]
"NvMediaCenter"="C:\Windows\system32\NvMcTray. dll" [12/09/2007 06:28]
"LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [25/07/2007 17:02]
"LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam\Quickcam.exe" [25/07/2007 17:06]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [24/08/2007 07:00]
"CreativeTaskScheduler"="C:\Program Files\Creative\Shared Files\CTSched.exe" [09/01/2006 03:43]
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [24/05/2008 14:56]
"HiYo"="C:\Program Files\HiYo\bin\HiYo.exe" [21/05/2008 12:19]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [26/01/2008 18:36]
"IncrediMail"="C:\Program Files\IncrediMail\bin\IncMail.exe" [18/05/2008 19:44]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [02/11/2006 13:35]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [28/01/2008 12:43]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe" [07/02/2008 13:41]
"Orb"="C:\Program Files\Winamp Remote\bin\OrbTray.exe" [07/01/2008 21:02]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [02/11/2006 13:36]
[HKEY_USERS\.default\software\microsoft\windows\cur rentversion\run]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system]
"ConsentPromptBehaviorAdmin"=2 (0x2)
"NoDispCPL"=0 (0x0)
"NoDispBackgroundPage"=0 (0x0)
"NoDispSettingsPage"=0 (0x0)
"NoDispScrSavPage"=0 (0x0)
"DisableRegistryTools"=0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\explorer]
"NoResolveTrack"=0 (0x0)
"NoPropertiesMyComputer"=0 (0x0)
"NoViewContextMenu"=0 (0x0)
"NoFileAssociate"=0 (0x0)
"NoFind"=0 (0x0)
"NoRun"=0 (0x0)
"NoClose"=0 (0x0)
"StartMenuLogoff"=0 (0x0)
"NoSMHelp"=0 (0x0)
[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\policies\explorer]
"NoRecentDocsHistory"=0 (0x0)
"ClearRecentDocsOnExit"=0 (0x0)
"HideClock"=0 (0x0)
"NoTrayItemsDisplay"=0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=avgrsstx.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\aawservice]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\AppInfo]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\KeyIso]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\NTDS]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\ProfSvc]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\sacsvr]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\SWPRV]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\TabletInputService]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\TBS]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\TrustedInstaller]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\VDS]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\volmgr.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\volmgrx.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
@="IEEE 1394 Bus host controllers"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
@="SBP2 IEEE 1394 Devices"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
@="SecurityDevices"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Micros oft^Windows^Start Menu^Programs^Startup^RAID Manager.lnk]
backup=C:\Windows\pss\RAID Manager.lnk.CommonStartup
backupExtension=.CommonStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
"C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\postSetupCheck]
C:\Windows\System32\Rundll32.exe "C:\Windows\system32\gzmrt.dll" DllStart
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\spa_start]
C:\Windows\System32\Rundll32.exe "C:\Windows\system32\sprt_ads.dll" DllStart
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Vidalia]
"C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalSystemNetworkRestricted hidserv UxSms WdiSystemHost Netman trkwks AudioEndpointBuilder WUDFSvc irmon sysmain IPBusEnum dot3svc PcaSvc EMDMgmt TabletInputService wlansvc WPDBusEnum

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{dc4ae3ab-cba7-11dc-ab9b-806e6f6e6963}]
AutoRun\command- G:\CTRun\Start.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
C:\Windows\system32\unregmp2.exe /ShowWMP
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
%SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI

-- Hosts -----------------------------------------------------------------------
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 Command - Keeping Software Free
127.0.0.1 032439.com
8025 more entries in hosts file.

-- End of Deckard's System Scanner: finished at 2008-06-02 15:16:52 ------------
  #4  
Old 06-02-2008
Jelly Bean's Avatar
Moderation Team Leader
My PC
 
Join Date: Feb 2008
Location: Swansea
Posts: 6,063
PC Experience: I Try My Best.
Jelly Bean - See this Members User comments on their Profile page Jelly Bean - See this Members User comments on their Profile page Jelly Bean - See this Members User comments on their Profile page Jelly Bean - See this Members User comments on their Profile page Jelly Bean - See this Members User comments on their Profile page Jelly Bean - See this Members User comments on their Profile page Jelly Bean - See this Members User comments on their Profile page Jelly Bean - See this Members User comments on their Profile page Jelly Bean - See this Members User comments on their Profile page Jelly Bean - See this Members User comments on their Profile page Jelly Bean - See this Members User comments on their Profile page
Send a message via MSN to Jelly Bean Send a message via Yahoo to Jelly Bean Send a message via Skype™ to Jelly Bean
Default Re: Vista prework help please
I will move your HJT to the right section for you.



__________________
It is all in the hardware..........................................
Sources:
Microsoft Home Page /Seagate Home Page /Petri Home Page

PCHF Rules / Home Page / Prework /Windows Vista Home Page / XBOX360 / Test your Internet Speed
  #5  
Old 06-03-2008
Pancake's Avatar
Senior Security Analyst
  
Join Date: Jun 2006
Location: Victoria, Australia
Posts: 3,590
PC Experience: Elite PC Guru
Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page
Default Re: Vista prework help please
Go into Add/Remove and take out MySidesearch Search Assistant
===================================
Please download the OTMoveIt2 by OldTimer. http://download.bleepingcomputer.com.../OTMoveIt2.exe
Save it to your desktop.
Please double-click OTMoveIt2.exe to run it.
Copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy):

C:\Windows\system32\sprt_ads.dll
C:\Windows\system32\gzmrt.dll
Return to OTMoveIt2, right click on the "Paste List of Files/Folders to be moved" window and choose Paste.
Click the red Moveit! button.
OTMoveit2 will create a log of moved files in the C:\_OTMoveIt\MovedFiles folder. The log's name will appear as the date and time it was created, with the format mmddyyyy_hhmmss.log. Open this log in Notepad and post its contents in your next reply.
Close OTMoveIt2
If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.
====================================
Copy the text the in the code box to notepad. Save it as fixreg.reg to your desktop.
Be sure the "Save as" type is set to "all files"
Once you have saved it double click it and allow it to merge with the registry.

REGEDIT4
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\postSetupCheck]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\spa_start]
After reboot post a new HJT log.


__________________
  • An Australian Member of
  • and
My real name is Eddy
  #6  
Old 06-03-2008
stee41's Avatar
Bronze Member
  
Join Date: Nov 2005
Posts: 37
stee41 - See this Members User comments on their Profile page
Default Re: Vista prework help please
opened with notepad and this is what I found, although it did not show '.log'

File/Folder C:\Windows\system32\sprt_ads.dll not found.
File/Folder C:\Windows\system32\gzmrt.dll not found.

OTMoveIt2 by OldTimer - Version 1.0.4.2 log created on 06032008_085310

see other post below for additional info on this


Last edited by stee41; 06-03-2008 at 09:09 AM.
  #7  
Old 06-03-2008
stee41's Avatar
Bronze Member
  
Join Date: Nov 2005
Posts: 37
stee41 - See this Members User comments on their Profile page
Default Re: Vista prework help please
when I tried to double click this text to save it this is what popped up..........

cannot input c:\users\steven\desktop\fixreg.reg.
file is not a registry script, you can only input binary registry files from within the registry editor

Reply
Satellite TV on your PC - over 3000 Channels! Click Here!
Page 1 of 4 1 2 3 4 >

Bookmarks

« my log... | People make me giggle. »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are On

Contact Us - PC Help Forum - Site Map - Privacy Statement - Top
All times are GMT +1. The time now is 03:28 PM.
Powered by vBulletin
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
SEO by vBSEO 3.2.0 RC7
All Graphics & Content Copyright © 2004-2008 - PC Help Forum.com


Back to Top