| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 68366 | 2006-04-26 00:29:00 | You may be a victim of software counterfeiting | jamesyboi (6579) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 449551 | 2006-06-03 17:09:00 | Logfile of HijackThis v1.99.1 Scan saved at 5:04:17 μμ, on 3/6/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Symantec AntiVirus\DefWatch.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Symantec AntiVirus\Rtvscan.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\WgaTray.exe C:\WINDOWS\Explorer.EXE C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\acer\epm\epm-dm.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\PROGRA~1\SYMANT~1\VPTray.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe D:\Program Files\D-Tools\daemon.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe D:\FreeRAM XP Pro 1.40.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Macrogaming\SweetIM\SweetIM.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Windows Media Player\wmplayer.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE D:\Program Files\RealPlay.exe C:\Documents and Settings\sotis\Desktop\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = g.msn.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = g.msn.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/ R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = g.msn.com O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: MSN Search Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0001.1119\en-us\msntb.dll O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file) O3 - Toolbar: MSN Search Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0001.1119\en-us\msntb.dll O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [EPM-DM] c:\acer\epm\epm-dm.exe O4 - HKLM\..\Run: [ePowerManagement] C:\Acer\ePM\ePM.exe boot O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [DAEMON Tools-1033] "D:\Program Files\D-Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [FreeRAM XP] "D:\FreeRAM XP Pro 1.40.exe" -win O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [MsnMsgr] ~"C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [VoipBuster] "D:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe" -nosplash -minimized O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe O4 - HKCU\..\Run: [Skype] "D:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1 O4 - HKCU\..\Run: [Octoshape Streaming Services] "C:\Program Files\Octoshape Streaming Services\sotis\OctoshapeClient.exe" -inv:bootrun O4 - Startup: Registration Heroes of Might & Magic 5.LNK = D:\Program Files\Ubisoft\Heroes of Might and Magic V\registration\RegistrationReminder.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\en-us\bin\WindowsSearch.exe O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0001.1119\en-us\msntb.dll/search.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Open in new background tab - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0001.1119\en-us\msntabres.dll/229?5ba5dad1e96745c4929c54822dff33d6 O8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0001.1119\en-us\msntabres.dll/230?5ba5dad1e96745c4929c54822dff33d6 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - ak.imgfarm.com O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - messenger.zone.msn.com O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - spaces.msn.com O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - messenger.zone.msn.com O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - cdn2.zone.msn.com O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} - fdl.msn.com O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - messenger.zone.msn.com O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe |
sot (10290) | ||
| 449552 | 2006-06-03 23:59:00 | And whats this log have to do with counterfeit s/w? Even tho, it looks like u have a file for it. Anyway, run HJT again tick these entries and tick fix checked. (close the browsers). 03 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file) O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [MsnMsgr] ~"C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0001.1119\en-us\msntb.dll/search.htm O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - ak.imgfarm.com |
Speedy Gonzales (78) | ||
| 449553 | 2006-06-04 10:47:00 | Using illegal Windows? Huh, great, now microsoft is acting like Norton making those people who have pirated software to pay for it. Windows Vista security will be tough, I think I'll buy the geniue version one next year rather than using fake one, so far many people managed to hacked into the XP and it won't be easy with Vista. Software companies are getting smarter and hackers need to update their brains too. lol. I'm using legal XP at the moment so far no problem unless I borrow my windows to someone, it'll be you're not using a geniue windows.:D At least stopping pirated Windows is the best way to increase the sales market. Use Linux for who cannot afford it. Windows are expensive usually attacked with viruses and spyware and can't afford this with those anti software use Linux? Mac is quite expensive too, I mean you buy the whole system not like Windows. ;)Choose carefully if you use have financial problems, especially with limited funds from parents. |
MTLance (6768) | ||
| 449554 | 2006-06-04 22:08:00 | Ah, 98SE. How beautiful she is. | SanchoPanza (8775) | ||
| 449555 | 2006-06-08 18:30:00 | A few years ago I had a computer custom built for me. Windows 98 was part of the bundle. As soon as XP appeared I bought it - the Home Edition - and it served me well. The tech who built my system installed it for me - I was too chicken. About a year ago I had a major crash - apparently caused by Spyware. The tech who built it had my computer for about a week and managed to recover my data. He also returned it to me with XP Professional installed instead of my version of XP Home. I thought nothing of it till I discovered that some recent downloads couldn't be obtained without giving my version number. My Home Version number - which I assumed assured my purchase - no longer worked because I was operating from the Professional version. Since it did not affect security updates - of which there are many - I shrugged it off. Now - suddenly - I find a program has been installed on my computer by Microsoft which 'reminds' me - intrusively - that I am operating an 'illegal' version. No - I am not. I may be the only person in the world in this particular circumstance - and of course the REAL illegals have no grounds for moral outrage about this privacy intrusion. I'm working out my own solution. We just had an electrical outlet installed in a guestroom closet and are ordering a smallish desk that will fit. My illegal PC - now nicknamed 'Sneaky' - will be 'in the closet', disconnected from the internet - basically a word processor. In its place in my studio will be a new APPLE computer - with all its bells and whistles. Cost more than re-purchasing XP? Sure - but I should have done this long ago - thank you Microsoft for giving me that push I needed. |
sallieb (10291) | ||
| 449556 | 2006-06-08 18:48:00 | /lock... | roddy_boy (4115) | ||
| 449557 | 2006-06-09 17:33:00 | Now - suddenly - I find a program has been installed on my computer by Microsoft which 'reminds' me - intrusively - that I am operating an 'illegal' version. No - I am not. Actually, yes you are running an illegal priated copy of Windows XP Pro -- and you have known exactly that ever since you got your machine back from the tech who used the shop copy of XP Pro to reload your hard drive instead of using your copy of XP Home. I don't know if the tech did that because he was too lazy to use your legitimate install disk -- or (more likely) because you failed to provide the legitimate install disk and he didn't want to bother telling you that it was needed. The bottom line is the same either way -- the copy of XP on your machine is pirated. There are lots of good reasons to be mad at or disgusted with microsoft, but not this reason. |
n4aof (10292) | ||
| 449558 | 2006-06-09 23:20:00 | This all reminds me of something that happened to me some years ago. I had my computer updated by PCs Unlimited - a firm I had a lot of respect for up to that point. The computer went down and PCs had it back and soon fixed up the actual faults. But it now had a virgin HD and needed my OS replacing. Unfortunately I had just moved house and of course a few things were missing. Including my OS disk. In fact more than one - I have a history of using computers which goes back a fair way. PCs Unlimited refused to help me (maybe they had been warned!), and were content to leave me with a useless computer I had just spent over $2000 with them updating. No way would they put an OS on for me. Fortunately another dealer I told, had spare disks from scrapped computers and quickly got me up and running again. Then this last few years I have been a victim of thefts - 2 laptops - now there's a point. I have all the serial numbers etc.(at least I think I do). Will Microsoft help check these out and prevent the stolen laptops being updated - or even located? I doubt it. Tom |
Thomas01 (317) | ||
| 449559 | 2006-06-09 23:44:00 | And now this (www.betanews.com) Just to make your day. |
Speedy Gonzales (78) | ||
| 449560 | 2006-06-11 05:11:00 | LOL - call me naive - but no - I didn't 'know that'. It never entered my mind - I DID think he was a bit high handed in installing it without asking me first but I figured he thought he was doing me a favor. He knew I had the original Home Edition CD because he installed it for me. Ah well - it will soon be moot. | sallieb (10291) | ||
| 1 2 3 4 5 6 7 8 9 10 11 | |||||