| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 96128 | 2008-12-30 02:50:00 | Help with PC please | greenwoods (14458) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 733579 | 2008-12-30 02:50:00 | Hi Team i have a fault with my pc I have video cameras around my place that all come back to my PC but now the program that supposed to record doesnt i have tried uninstalling and reinstalling but to no avail i have even downloaded the current updates for it. i also keep geting strange emails from myself supposably... they have been sent with high importance. i have installed malaware and that picked up nothing but i am still getting these strange things happen. i have read through a few of the posts on this forum but still have no joy :( i have run hijack this as well and if you'd like i can post that up as well. any help other than throwing my toys out of my cot and formating this machine would be a great help. Cheers |
greenwoods (14458) | ||
| 733580 | 2008-12-30 02:52:00 | I would post the hijack log here anyway at least it's a start | gary67 (56) | ||
| 733581 | 2008-12-30 02:53:00 | What is "Malaware" and where did you get from? Do you mean Adaware? Post the Hijackthis log - someone will have a look at it :) Welcome to PressF1 too :) |
jwil1 (65) | ||
| 733582 | 2008-12-30 03:53:00 | Hi guys thanks for the heads u here is the hijackthis log (oh and the anti spy ware thing is malware bytes) Logfile of Trend Micro HijackThis v2 . 0 . 2 Scan saved at 3:35:25 p . m . , on 30/12/2008 Platform: Windows XP SP3 (WinNT 5 . 01 . 2600) MSIE: Internet Explorer v7 . 00 (7 . 00 . 6000 . 16762) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss . exe C:\WINDOWS\system32\winlogon . exe C:\WINDOWS\system32\services . exe C:\WINDOWS\system32\lsass . exe C:\WINDOWS\system32\Ati2evxx . exe C:\WINDOWS\system32\svchost . exe C:\WINDOWS\System32\svchost . exe C:\WINDOWS\system32\Ati2evxx . exe C:\WINDOWS\system32\spoolsv . exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr . exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc . exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc . exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService . exe C:\WINDOWS\System32\svchost . exe C:\WINDOWS\System32\svchost . exe C:\WINDOWS\Explorer . EXE C:\Program Files\D-Tools\daemon . exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc . exe C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4 . exe C:\WINDOWS\system32\ctfmon . exe C:\Program Files\LiveUpdate\LiveUpdate . exe C:\Program Files\NoBrand\54Mbps 802 . 11g PCI Adapter\Installer\WINXP\NB11GMonitor . exe C:\Program Files\Internet Explorer\iexplore . exe F:\apps\malawarebytes\HiJackThis . exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = . microsoft . com/fwlink/?LinkId=69157" target="_blank">go . microsoft . com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = . microsoft . com/fwlink/?LinkId=54896" target="_blank">go . microsoft . com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = . microsoft . com/fwlink/?LinkId=54896" target="_blank">go . microsoft . com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = . microsoft . com/fwlink/?LinkId=69157" target="_blank">go . microsoft . com O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim . dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4 . 1 . 805 . 4472\sw g . dll O4 - HKLM\ . . \Run: [BootSkin Startup Jobs] "C:\PROGRA~1\Stardock\WINCUS~1\BootSkin\BootSkin . ex e" /StartupJobs O4 - HKLM\ . . \Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon . exe" -lang 1033 O4 - HKLM\ . . \Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask . exe" -atboottime O4 - HKLM\ . . \Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc . exe /STARTUP O4 - HKLM\ . . \Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck . exe O4 - HKLM\ . . \Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate . exe" -Embedding -boot O4 - HKLM\ . . \Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4 . exe" O4 - HKLM\ . . \Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9 . 0\Reader\Reader_sl . exe" O4 - HKLM\ . . \RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui . exe /install /silent O4 - HKCU\ . . \Run: [ctfmon . exe] C:\WINDOWS\system32\ctfmon . exe O4 - HKCU\ . . \Run: [BTCLiveUpdate] "C:\Program Files\LiveUpdate\LiveUpdate . exe" /autostart O4 - HKUS\S-1-5-19\ . . \Run: [CTFMON . EXE] C:\WINDOWS\System32\CTFMON . EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\ . . \Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw . exe /RUNONCE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\ . . \Run: [CTFMON . EXE] C:\WINDOWS\System32\CTFMON . EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\ . . \Run: [CTFMON . EXE] C:\WINDOWS\System32\CTFMON . EXE (User 'SYSTEM') O4 - HKUS\ . DEFAULT\ . . \Run: [CTFMON . EXE] C:\WINDOWS\System32\CTFMON . EXE (User 'Default user') O4 - Startup: PowerReg Scheduler . exe O4 - Startup: Registration Ghost Recon Advanced Warfighter® 2 . LNK = F:\games\GHOST RECON\Ghost Recon Advanced Warfighter 2\Support\Register\RegistrationReminder . exe O4 - Global Startup: 54Mbps 802 . 11g PCI Adapter Utility . lnk = C:\Program Files\NoBrand\54Mbps 802 . 11g PCI Adapter\Installer\WINXP\NB11GMonitor . exe O4 - Global Startup: Microsoft Office . lnk = C:\Program Files\Microsoft Office\Office10\OSA . EXE O8 - Extra context menu item: Add to AD Black List - C:\Program Files\Avant Browser\AddToADBlackList . htm O8 - Extra context menu item: Block All Images from the Same Server - C:\Program Files\Avant Browser\AddAllToADBlackList . htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL . EXE/3000 O8 - Extra context menu item: Highlight - C:\Program Files\Avant Browser\Highlight . htm O8 - Extra context menu item: Open All Links in This Page . . . - C:\Program Files\Avant Browser\OpenAllLinks . htm O8 - Extra context menu item: Search - C:\Program Files\Avant Browser\Search . htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag . exe O9 - Extra 'Tools' menuitem: @xpsp3res . dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag . exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs . exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs . exe O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - . zone . msn . com/binary/MessengerStatsClient . ca" target="_blank">messenger . zone . msn . com b31267 . cab O16 - DPF: {9059F30F-4EB1-4BD2-9FDC-36F43A218F4A} (Microsoft RDP Client Control (redist)) - . servicehonda . com/TSWeb/msrdp . cab" target="_blank">www . servicehonda . com O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - . msn . com/download/MsnMessengerSetupDownloade" target="_blank">messenger . msn . com r . cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - . zone . msn . com/binary/SolitaireShowdown . cab31" target="_blank">messenger . zone . msn . com 267 . cab O23 - Service: Ati HotKey Poller - ATI Technologies Inc . - C:\WINDOWS\system32\Ati2evxx . exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag . exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s . r . o . - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr . exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s . r . o . - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc . exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s . r . o . - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc . exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService . exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService . exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService . exe -- End of file - 6656 bytes |
greenwoods (14458) | ||
| 733583 | 2008-12-30 04:03:00 | Hi Team i have a fault with my pc I have video cameras around my place that all come back to my PC but now the program that supposed to record doesnt i have tried uninstalling and reinstalling but to no avail i have even downloaded the current updates for it. i also keep geting strange emails from myself supposably... they have been sent with high importance. i have installed malaware and that picked up nothing but i am still getting these strange things happen. i have read through a few of the posts on this forum but still have no joy :( i have run hijack this as well and if you'd like i can post that up as well. any help other than throwing my toys out of my cot and formating this machine would be a great help. Cheers 1) disk space? 2) phishing....not your doing, could be a friend with your address in their address has been compromised.. |
SolMiester (139) | ||
| 733584 | 2008-12-30 04:34:00 | Thanks SolMiester thats interesting it maybe the mother in law... she sends through crap that i dont bother opening. so i may have a word to her and see if she has run a spy ware program and see what she has.. I have over 80 gb free at the moment i am tring to rip all my photos and what have you off of it at the moment in case something dire goes wrong and i couldnt stand not having my photos... |
greenwoods (14458) | ||
| 1 | |||||