Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Start Message error, Random music , service pack2

  • This topic is locked This topic is locked
3 replies to this topic

#1 Booh-kitty


  • Members
  • 237 posts
  • Gender:Female
  • Location:La-La Land
  • Local time:03:04 PM

Posted 03 February 2009 - 06:34 PM

1)For about a week now, when I start my computer, i get this message:

EDSLoader.exe not found

Reinstalling Keymanager DLL may fix the problem

2)Since I bought this computer, I have never been able to install service pack 2. Microsoft has been of no help.

3) Yesterday, I began to hear random musical notes on the speakers.

I'm wondering if not being able to download SP2 has anything to do with this. I do have SP1 and SP3. It was my understanding that SP3 included everything in SP1 and SP2, so I didn't worry about it. I was recently told that this is not the case.

Don't know if this is important, but I'm running AVG free edition, Zone Alarm, Malwarbytes, Super Antispyware and Ad-aware.

Yesterday, I downloaded a Keygen, and I also recently downloaded Utorrent.

Please help and thanks in advance


Also, I see in the report that it says I have Internet Explorer. I don't use except to get Windows updates. I also have Mozzilla, but I use Google Chrome. Just thought I'd tell you in case it might happen to be important.

DDS (Ver_09-02-01.01) - NTFSx86
Run by Sherri Taylor at 17:10:16.18 on Tue 02/03/2009
Internet Explorer: 8.0.6001.18241 BrowserJavaVersion: 1.6.0_11
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3062.2286 [GMT -6:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated)
FW: ZoneAlarm Firewall *enabled*

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Intel\AMT\atchksrv.exe
C:\Acer\LANScope Agent\awServ.exe
C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Acer\LANScope Agent\LockKM.exe
C:\Program Files\Java\jre6\bin\jqs.exe
c:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Intel\AMT\LMS.exe
C:\Acer\Empowering Technology\eLock\LockServ.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Intel\AMT\UNS.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
C:\Acer\Empowering Technology\eLock\Monitor\LockMon.exe
C:\Program Files\Intel\AMT\atchk.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program Files\Infineon\Security Platform Software\PSDrt.exe
C:\Program Files\Infineon\Security Platform Software\SpTna.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Documents and Settings\Sherri Taylor\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Documents and Settings\Sherri Taylor\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Sherri Taylor\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Sherri Taylor\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
C:\Documents and Settings\Sherri Taylor\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Sherri Taylor\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Sherri Taylor\Desktop\dds (1).scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\googletoolbar1.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.0.926.3450\swg.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: ZoneAlarm Spy Blocker BHO: {f0d4b231-da4b-4daf-81e4-dfee4931a4aa} - c:\program files\zonealarmsb\bar\2.bin\SPYBLOCK.DLL
TB: Acer eDataSecurity Management: {5cbe3b7c-1e47-477e-a7dd-396db0476e29} - c:\windows\system32\eDStoolbar.dll
TB: {0BF43445-2F28-4351-9252-17FE6E806AA0} - No File
TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar1.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
TB: ZoneAlarm Spy Blocker: {f0d4b239-da4b-4daf-81e4-dfee4931a4aa} - c:\program files\zonealarmsb\bar\2.bin\SPYBLOCK.DLL
EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe
uRun: [Google Update] "c:\documents and settings\sherri taylor\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
uRunOnce: [Shockwave Updater] c:\windows\system32\adobe\shockw~1\SWHELP~1.EXE -Update -1103470 -"Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) AppleWebKit/525.19 (KHTML, like Gecko) Chrome/ Safari/525.19" -"http://www.us.mensa.org/am/games/game_shell.cfm?showPage=UniJig/UniJig.cfm&gameName=Universal%20Jigsaw"
mRun: [LaunchApp] Alaunch
mRun: [Alcmtr] ALCMTR.EXE
mRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe"
mRun: [LanguageShortcut] "c:\program files\cyberlink\powerdvd\language\Language.exe"
mRun: [Acer Empowering Technology Monitor] c:\windows\system32\SysMonitor.exe
mRun: [eLockMonitor] c:\acer\empowering technology\elock\monitor\LaunchMonitor.exe
mRun: [eDataSecurity Loader] c:\acer\empowering technology\edatasecurity\eDSloader.exe 0
mRun: [installnet.exe] "c:\acer\lanscope agent\installnet.exe" "c:\acer\lanscope agent\
mRun: [AdminWorks Tray] "c:\acer\lanscope agent\awtray.exe"
mRun: [atchk] "c:\program files\intel\amt\atchk.exe"
mRun: [IFXSPMGT] c:\windows\system32\ifxspmgt.exe /NotifyLogon
mRun: [IAAnotif] "c:\program files\intel\intel matrix storage manager\Iaanotif.exe"
mRun: [IMJPMIG8.1] "c:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
mRun: [IMEKRMIG6.1] c:\windows\ime\imkr6_1\IMEKRMIG.EXE
mRun: [MSPY2002] c:\windows\system32\ime\pintlgnt\ImScInst.exe /SYNC
mRun: [PHIME2002ASync] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNC
mRun: [PHIME2002A] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMEName
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [eRecoveryService] c:\acer\empowering technology\erecovery\eRAgent.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [Acrobat Assistant 8.0] "c:\program files\adobe\acrobat 8.0\acrobat\Acrotray.exe"
mRun: [<NO NAME>]
mRun: [Adobe_ID0EYTHM] c:\progra~1\common~1\adobe\adobev~1\server\bin\VERSIO~2.EXE
mRun: [ZoneAlarm Client] "c:\program files\zone labs\zonealarm\zlclient.exe"
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [Ad-Watch] c:\program files\lavasoft\ad-aware\AAWTray.exe
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
StartupFolder: c:\docume~1\sherri~1\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\acerem~1.lnk - c:\acer\empowering technology\Acer.Empowering.Framework.Launcher.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpimag~1.lnk - c:\program files\hp\digital imaging\bin\hpqthb08.exe
IE: Append to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: Lookup on CD - c:\ahd4withthesaurus\ahd.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1227921219203
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - hxxp://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
Notify: avgrsstarter - avgrsstx.dll
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\sherri~1\applic~1\mozilla\firefox\profiles\q939yqbg.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - component: c:\program files\avg\avg8\firefox\components\avgssff.dll
FF - plugin: c:\documents and settings\sherri taylor\local settings\application data\google\update\\npGoogleOneClick7.dll
FF - plugin: c:\program files\google\google updater\2.4.1399.3742\npCIDetect13.dll

FF - user.js: yahoo.homepage.dontask - true
============= SERVICES / DRIVERS ===============

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-1-22 64160]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-12-13 325128]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2008-12-13 27656]
R1 OsaFsLoc;OsaFsLoc;c:\windows\system32\drivers\OsaFsLoc.sys [2007-8-24 26768]
R1 PersonalSecureDrive;PersonalSecureDrive;c:\windows\system32\drivers\psd.sys [2007-1-22 39080]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2008-11-17 8944]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2008-11-17 55024]
R1 vsdatant;vsdatant;c:\windows\system32\vsdatant.sys [2008-12-6 353680]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2008-12-13 298264]
R2 AWService;AdminWorks Agent X6;c:\acer\lanscope agent\awServ.exe [2007-4-26 75032]
R2 BcmSqlStartupSvc;Business Contact Manager SQL Server Startup Service;c:\program files\microsoft small business\business contact manager\BcmSqlStartupSvc.exe [2008-1-11 30312]
R2 eLock2BurnerLockDriver;eLock2BurnerLockDriver;c:\windows\system32\eLock2BurnerLockDriver.sys [2006-6-8 17664]
R2 eLock2FSCTLDriver;eLock2FSCTLDriver;c:\windows\system32\eLock2FSCTLDriver.sys [2006-6-6 90112]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2009-1-18 950096]
R2 LockServ;LockServ;c:\acer\empowering technology\elock\lockserv.exe -p --> c:\acer\empowering technology\elock\LockServ.exe -p [?]
R2 netlimiter;netlimiter;c:\windows\system32\drivers\NetLimiter.sys [2006-10-3 18072]
R2 netlock;netlock;c:\windows\system32\drivers\NetLock.sys [2007-5-30 14616]
R2 osaio;osaio;c:\windows\system32\drivers\osaio.sys [2007-6-12 15640]
R2 osanbm;osanbm;c:\windows\system32\drivers\osanbm.sys [2006-11-8 10944]
R2 UNS;Intel® Active Management Technology User Notification Service;c:\program files\intel\amt\UNS.exe [2007-6-6 2521880]
R2 vsmon;TrueVector Internet Monitor;c:\windows\system32\zonelabs\vsmon.exe -service --> c:\windows\system32\zonelabs\vsmon.exe -service [?]
R3 IFXTPM;IFXTPM;c:\windows\system32\drivers\ifxtpm.sys [2007-1-22 36608]
R3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2008-11-17 7408]
S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ);c:\program files\microsoft sql server\mssql.1\mssql\binn\sqlservr.exe [2006-4-14 28933976]

=============== Created Last 30 ================

2009-02-03 13:15 <DIR> --d----- C:\3dsmax9Trial
2009-02-03 13:14 <DIR> --d----- C:\3dsmax9Tutorials
2009-01-30 20:14 <DIR> --d----- c:\program files\Wise Disk Cleaner
2009-01-23 15:10 73,728 a------- c:\windows\system32\javacpl.cpl
2009-01-23 10:15 15,688 a------- c:\windows\system32\lsdelete.exe
2009-01-22 23:25 64,160 a------- c:\windows\system32\drivers\Lbd.sys
2009-01-22 23:20 <DIR> -cd-h--- c:\docume~1\alluse~1\applic~1\{83C91755-2546-441D-AC40-9A6B4B860800}
2009-01-22 23:20 <DIR> --d----- c:\program files\Lavasoft
2009-01-19 13:36 <DIR> --d----- c:\program files\uTorrent
2009-01-19 13:36 <DIR> --d----- c:\docume~1\sherri~1\applic~1\uTorrent
2009-01-19 11:16 <DIR> --d----- c:\program files\CCleaner
2009-01-19 11:15 <DIR> --d----- c:\docume~1\sherri~1\applic~1\Malwarebytes
2009-01-19 11:15 15,504 a------- c:\windows\system32\drivers\mbam.sys
2009-01-19 11:15 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-01-19 11:15 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
2009-01-19 11:15 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes
2009-01-18 17:25 102,664 a------- c:\windows\system32\drivers\tmcomm.sys
2009-01-18 17:19 <DIR> --d----- c:\documents and settings\sherri taylor\.housecall6.6
2009-01-17 17:41 <DIR> --d----- c:\program files\Revit Architecture 2009
2009-01-17 10:11 <DIR> --d----- c:\program files\3ds Max
2009-01-07 20:29 <DIR> --d----- c:\program files\Trend Micro
2009-01-07 12:27 <DIR> --d----- C:\autodesk
2009-01-07 12:27 <DIR> --d----- c:\program files\Autodesk Student Community Download Tool

==================== Find3M ====================

2009-02-03 17:06 4,212 a---h--- c:\windows\system32\zllictbl.dat
2009-02-01 19:57 10,520 a------- c:\windows\system32\avgrsstx.dll
2009-02-01 19:57 325,128 a------- c:\windows\system32\drivers\avgldx86.sys
2009-01-24 13:48 410,984 a------- c:\windows\system32\deploytk.dll
2009-01-03 16:35 112,427 a------- c:\windows\hpoins07.dat
2009-01-03 16:26 71,216 a------- c:\windows\hpqins09.dat
2008-12-11 04:57 333,952 a------- c:\windows\system32\drivers\srv.sys
2008-11-30 16:36 139,264 a------- c:\windows\system32\hpzjrd01.dll
2008-11-28 22:26 86,327 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat
2008-11-13 15:18 1,221,008 a------- c:\windows\system32\zpeng25.dll

============= FINISH: 17:10:29.12 ===============

Attached Files

Edited by Booh-kitty, 03 February 2009 - 06:37 PM.

Whether you think you can or can't, either way you are right.
-Henry Ford

BC AdBot (Login to Remove)


#2 extremeboy


  • Malware Response Team
  • 12,975 posts
  • Gender:Male
  • Local time:04:04 PM

Posted 16 February 2009 - 02:40 PM


Posted ImageCracks and Key Generators Warning

Your system is full of "cracks and keygens", this means You have used cracks or key generators.

Some of the worst types of malware infections can be contracted and spread by visiting crack, keygen, warez and other pirated software sites. In many cases, these sites are infested with a sm?rg?sbord of malware. Those who attempt to get software for free can end up with a computer system so badly damaged that recovery is not possible and it cannot be repaired. When that happens there is nothing you can do besides reformatting and reinstalling Windows.

Merely visiting such sites without downloading ANYTHING is one of the worst things a user can do online. They are illegal. Cracked software is notorious for carrying malware/infections. How do you think these people make their money... they aren't really giving you this software out of the goodness of their hearts.

Also a 'cracked' version of a security suite is obviouslly "bad" for the system. I would like you to agree that you will NOT use any crack/keygens anymore from now on, until we are clean!

Peer-to-Peer Programs Warning

Your log shows that you are using so called peer-to-peer or file-sharing programs. These programs allow to share files between users as the name(s) suggest. In today's world cyber crime has come to an enormous dimension and any means is used to infect personal computers to make use of their stored data or machine power for further propagation of the malware files. A popular means is the use of file-sharing tools as a tremendous amount of prospective victims can be reached through it.

It is therefore possible to be infected by downloading manipulated files via peer-to-peer tools and thus suggested to be used with intense care. Some further readings on this subject, along the included links, are as follows: File-Sharing, otherwise known as Peer To Peer and Risks of File-Sharing Technology.

It is also important to note that sharing entertainment files and proprietary software infringes the copyright laws in many countries over the world and you are putting yourself at risk of being indicted through organizations watching over the rights of the authors of such files (i.e. the RIAA for music files, or the MPAA for movie files in the USA) or the authors of the files themselves.

Naturally there are also legal ways to use these services, such as downloading Linux distributions or office suites such as "Open Office."

I suggest you remove it via add/remove NOW!. If you decide to keep it, please refrain from using them until your computer has been declared clean!
Note: Please do not PM me asking for help, instead please post it in the correct forum requesting for help. Help requests via the PM system will be ignored.

If I'm helping you and I don't reply within 48 hours please feel free to send me a PM.

The help you receive here is always free but if you wish to show your appreciation, you may wish to Posted Image.

#3 extremeboy


  • Malware Response Team
  • 12,975 posts
  • Gender:Male
  • Local time:04:04 PM

Posted 19 February 2009 - 05:20 PM


Are you still there?

If you are please follow the instructions in my previous post.

If you still need help, follow the instructions I have given in my response. If you have since had your problem solved, we would appreciate you letting us know so we can close the topic.

Please reply back telling us so. If you don't reply within 5-7 days the topic will need to be closed.

Thanks for understanding. :thumbup2:

With Regards,
Note: Please do not PM me asking for help, instead please post it in the correct forum requesting for help. Help requests via the PM system will be ignored.

If I'm helping you and I don't reply within 48 hours please feel free to send me a PM.

The help you receive here is always free but if you wish to show your appreciation, you may wish to Posted Image.

#4 extremeboy


  • Malware Response Team
  • 12,975 posts
  • Gender:Male
  • Local time:04:04 PM

Posted 21 February 2009 - 12:31 PM


Due to Lack of feedback, this topic is now Closed.

If you need this topic reopened, please Send Me a Message. In your message please include the address of this thread in your request.
This applies only to the original topic starter.

Everyone else please start a new topic in the Hijackthis-Malware Removal forum.

With Regards,

Note: Please do not PM me asking for help, instead please post it in the correct forum requesting for help. Help requests via the PM system will be ignored.

If I'm helping you and I don't reply within 48 hours please feel free to send me a PM.

The help you receive here is always free but if you wish to show your appreciation, you may wish to Posted Image.

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users