Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Problem With Annoying Popups


  • This topic is locked This topic is locked
4 replies to this topic

#1 JiggaZed

JiggaZed

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:48 AM

Posted 25 May 2006 - 05:54 PM

I had SSK3 but thanks to quietman7's help and Grinler's guide I got rid of it. Ever since then, I've been getting these annoying popups that come up even when Mozilla FireFox isn't running. Well, quietman7 suggested that I post a HijackThis log. For more information on my problem, check here.




Logfile of HijackThis v1.99.1
Scan saved at 3:34:06 PM, on 5/25/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbload.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\gearsec.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\PROGRA~1\Stardock\OBJECT~1\DesktopX\dxwidget.exe
C:\PROGRA~1\Stardock\OBJECT~1\DesktopX\dxwidget.exe
C:\PROGRA~1\Stardock\OBJECT~1\DesktopX\dxwidget.exe
C:\PROGRA~1\Stardock\OBJECT~1\DesktopX\dxwidget.exe
C:\WINDOWS\system32\BRMFRSMG.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Documents and Settings\Gurtaj\Desktop\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = dynhost.inetcam.com;register.inetcam.com;;localhost
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: Core Weather.lnk = C:\DesktopX\CoreWeather\CoreWeather.exe
O4 - Startup: OMNI Analogue.lnk = C:\DesktopX\OMNIAnalogue\OMNI Analogue.exe
O4 - Startup: PowerReg SchedulerV2.exe
O4 - Startup: Silica RAM Meter.lnk = C:\DesktopX\SilicaRAMMeter\Silica_RAM_Meter\Silica RAM Meter.exe
O4 - Startup: Tronnix Drives.lnk = C:\DesktopX\TronnixDrives\TronnixDrives.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyPoker.net\partypokernet.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyPoker.net\partypokernet.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: WebControlDeploy - https://grouper.com/v1/GrouperSetup.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab27571.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab27571.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_1_0_0_44.cab
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52/200404...meInstaller.exe
O16 - DPF: {665585FD-2068-4C5E-A6D3-53AC3270ECD4} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppD...sharingctrl.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab27571.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab32846.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab27571.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: MsgPlusLoader.dll
O20 - Winlogon Notify: Installer - C:\WINDOWS\system32\q868liju18o8.dll
O20 - Winlogon Notify: MCPClient - C:\PROGRA~1\COMMON~1\Stardock\mcpstub.dll
O20 - Winlogon Notify: WB - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\fastload.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: gearsec - GEAR Software - C:\WINDOWS\system32\gearsec.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

BC AdBot (Login to Remove)

 


#2 Jag11

Jag11

  • Members
  • 1,027 posts
  • OFFLINE
  •  
  • Location:127.0.0.1
  • Local time:11:48 PM

Posted 26 May 2006 - 01:34 AM

Please download Look2Me-Destroyer.exe to your desktop.
  • Close all windows before continuing.
  • Double-click Look2Me-Destroyer.exe to run it.
  • Put a check next to Run this program as a task.
  • You will receive a message saying Look2Me-Destroyer will close and re-open in approximately 10 seconds. Click OK
  • When Look2Me-Destroyer re-opens, click the Scan for L2M button, your desktop icons will disappear, this is normal.
  • Once it's done scanning, click the Remove L2M button.
  • You will receive a Done Scanning message, click OK.
  • When completed, you will receive this message: Done removing infected files! Look2Me-Destroyer will now shutdown your computer, click OK.
  • Your computer will then shutdown.
  • Turn your computer back on.
  • Please post the contents of C:\Look2Me-Destroyer.txt in your next reply and a new Hijackthis log.
NOTES:
  • If you receive a message from your firewall about this program accessing the internet please allow it.
  • If you receive a runtime error '339' please download MSWINSCK.OCX from this link and place it in your C:\Windows\System32 Directory.

Posted Image
Proud member of ASAP and UNITE since 2006.
Everyone wants to go to heaven, but no one wants to die.

.

#3 JiggaZed

JiggaZed
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:48 AM

Posted 26 May 2006 - 05:04 PM

Look2Me-Destroyer V1.0.12

Scanning for infected files.....
Scan started at 5/26/2006 2:11:04 PM

Infected! C:\WINDOWS\system32\q868liju18o8.dll
Infected! C:\System Volume Information\_restore{0C9C4ECB-B1DF-4121-B45E-DEC613BD12BF}\RP828\A0132113.dll
Infected! C:\System Volume Information\_restore{0C9C4ECB-B1DF-4121-B45E-DEC613BD12BF}\RP829\A0132167.dll
Infected! C:\System Volume Information\_restore{0C9C4ECB-B1DF-4121-B45E-DEC613BD12BF}\RP849\A0133466.dll
Infected! C:\System Volume Information\_restore{0C9C4ECB-B1DF-4121-B45E-DEC613BD12BF}\RP849\A0133469.dll
Infected! C:\System Volume Information\_restore{0C9C4ECB-B1DF-4121-B45E-DEC613BD12BF}\RP849\A0133484.dll
Infected! C:\System Volume Information\_restore{0C9C4ECB-B1DF-4121-B45E-DEC613BD12BF}\RP849\A0133485.dll
Infected! C:\System Volume Information\_restore{0C9C4ECB-B1DF-4121-B45E-DEC613BD12BF}\RP849\A0133606.dll
Infected! C:\System Volume Information\_restore{0C9C4ECB-B1DF-4121-B45E-DEC613BD12BF}\RP849\A0133623.dll
Infected! C:\WINDOWS\system32\hbsetup.dll
Infected! C:\WINDOWS\system32\l8n40i5qe8.dll
Infected! C:\WINDOWS\system32\guard.tmp

Attempting to delete infected files...

Attempting to delete: C:\WINDOWS\system32\q868liju18o8.dll
C:\WINDOWS\system32\q868liju18o8.dll could not be deleted!

Attempting to delete: C:\System Volume Information\_restore{0C9C4ECB-B1DF-4121-B45E-DEC613BD12BF}\RP828\A0132113.dll
C:\System Volume Information\_restore{0C9C4ECB-B1DF-4121-B45E-DEC613BD12BF}\RP828\A0132113.dll could not be deleted!

Attempting to delete: C:\System Volume Information\_restore{0C9C4ECB-B1DF-4121-B45E-DEC613BD12BF}\RP829\A0132167.dll
C:\System Volume Information\_restore{0C9C4ECB-B1DF-4121-B45E-DEC613BD12BF}\RP829\A0132167.dll could not be deleted!

Attempting to delete: C:\System Volume Information\_restore{0C9C4ECB-B1DF-4121-B45E-DEC613BD12BF}\RP849\A0133466.dll
C:\System Volume Information\_restore{0C9C4ECB-B1DF-4121-B45E-DEC613BD12BF}\RP849\A0133466.dll could not be deleted!

Attempting to delete: C:\System Volume Information\_restore{0C9C4ECB-B1DF-4121-B45E-DEC613BD12BF}\RP849\A0133469.dll
C:\System Volume Information\_restore{0C9C4ECB-B1DF-4121-B45E-DEC613BD12BF}\RP849\A0133469.dll could not be deleted!

Attempting to delete: C:\System Volume Information\_restore{0C9C4ECB-B1DF-4121-B45E-DEC613BD12BF}\RP849\A0133484.dll
C:\System Volume Information\_restore{0C9C4ECB-B1DF-4121-B45E-DEC613BD12BF}\RP849\A0133484.dll could not be deleted!

Attempting to delete: C:\System Volume Information\_restore{0C9C4ECB-B1DF-4121-B45E-DEC613BD12BF}\RP849\A0133485.dll
C:\System Volume Information\_restore{0C9C4ECB-B1DF-4121-B45E-DEC613BD12BF}\RP849\A0133485.dll could not be deleted!

Attempting to delete: C:\System Volume Information\_restore{0C9C4ECB-B1DF-4121-B45E-DEC613BD12BF}\RP849\A0133606.dll
C:\System Volume Information\_restore{0C9C4ECB-B1DF-4121-B45E-DEC613BD12BF}\RP849\A0133606.dll could not be deleted!

Attempting to delete: C:\System Volume Information\_restore{0C9C4ECB-B1DF-4121-B45E-DEC613BD12BF}\RP849\A0133623.dll
C:\System Volume Information\_restore{0C9C4ECB-B1DF-4121-B45E-DEC613BD12BF}\RP849\A0133623.dll could not be deleted!

Attempting to delete: C:\WINDOWS\system32\hbsetup.dll
C:\WINDOWS\system32\hbsetup.dll could not be deleted!

Attempting to delete: C:\WINDOWS\system32\l8n40i5qe8.dll
C:\WINDOWS\system32\l8n40i5qe8.dll could not be deleted!

Attempting to delete: C:\WINDOWS\system32\guard.tmp
C:\WINDOWS\system32\guard.tmp could not be deleted!

Making registry repairs.

Removing: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Installer

Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{294E4C0D-0BA2-4756-9BA8-567D62EADA3C}"
HKCR\Clsid\{294E4C0D-0BA2-4756-9BA8-567D62EADA3C}

Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{6CFEABD4-F123-4F8D-9430-2BC81F5D3E24}"
HKCR\Clsid\{6CFEABD4-F123-4F8D-9430-2BC81F5D3E24}

Restoring Windows certificates.

Replaced hosts file with default windows hosts file


Restoring SeDebugPrivilege for Administrators - Succeeded




-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------




Logfile of HijackThis v1.99.1
Scan saved at 2:56:38 PM, on 5/26/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbload.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\gearsec.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\Stardock\OBJECT~1\DesktopX\dxwidget.exe
C:\PROGRA~1\Stardock\OBJECT~1\DesktopX\dxwidget.exe
C:\PROGRA~1\Stardock\OBJECT~1\DesktopX\dxwidget.exe
C:\PROGRA~1\Stardock\OBJECT~1\DesktopX\dxwidget.exe
C:\WINDOWS\system32\BRMFRSMG.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Gurtaj\Desktop\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = dynhost.inetcam.com;register.inetcam.com;;localhost
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: Core Weather.lnk = C:\DesktopX\CoreWeather\CoreWeather.exe
O4 - Startup: OMNI Analogue.lnk = C:\DesktopX\OMNIAnalogue\OMNI Analogue.exe
O4 - Startup: PowerReg SchedulerV2.exe
O4 - Startup: Silica RAM Meter.lnk = C:\DesktopX\SilicaRAMMeter\Silica_RAM_Meter\Silica RAM Meter.exe
O4 - Startup: Tronnix Drives.lnk = C:\DesktopX\TronnixDrives\TronnixDrives.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyPoker.net\partypokernet.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyPoker.net\partypokernet.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: WebControlDeploy - https://grouper.com/v1/GrouperSetup.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab27571.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab27571.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_1_0_0_44.cab
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52/200404...meInstaller.exe
O16 - DPF: {665585FD-2068-4C5E-A6D3-53AC3270ECD4} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppD...sharingctrl.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab27571.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab32846.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab27571.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: MsgPlusLoader.dll
O20 - Winlogon Notify: MCPClient - C:\PROGRA~1\COMMON~1\Stardock\mcpstub.dll
O20 - Winlogon Notify: WB - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\fastload.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: gearsec - GEAR Software - C:\WINDOWS\system32\gearsec.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

#4 Jag11

Jag11

  • Members
  • 1,027 posts
  • OFFLINE
  •  
  • Location:127.0.0.1
  • Local time:11:48 PM

Posted 28 May 2006 - 09:25 PM

Download L2Mfix
  • Save it to your Desktop
  • Double-click on it.
  • Click Install, and follow the prompts.
  • Open the newly created l2mfix folder on your Desktop.
  • Double-click l2mfix.bat and press 1 (Run Find Log) on your keyboard and then press Enter.
    It will now start scanning your computer, it may appear nothing is happening.
  • When it finishes, Notepad will open, with a log. (results)
  • I need that log, so save it first to your Desktop.
NOTES :
  • Do not run option #2 OR any other files in the l2mfix folder until you are asked to do so!
  • If you receive, while running option #1, an error similar like: ''C:\windows\system32\cmd.exe,
    C:\windows\system32\autoexec.nt the system file is not suitable for running ms-dos and microsoft windows applications. choose close to terminate the application.."...then please use option 5 or the web page link in the l2mfix folder to solve this error condition. do not run the fix portion without fixing this first.

Posted Image
Proud member of ASAP and UNITE since 2006.
Everyone wants to go to heaven, but no one wants to die.

.

#5 Jag11

Jag11

  • Members
  • 1,027 posts
  • OFFLINE
  •  
  • Location:127.0.0.1
  • Local time:11:48 PM

Posted 05 June 2006 - 02:26 AM

Due to the lack of feedback, this topic is closed.

If you need this topic reopened, please request this by sending the moderating team
a PM with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic.

Regards,
Jet Ian

Posted Image
Proud member of ASAP and UNITE since 2006.
Everyone wants to go to heaven, but no one wants to die.

.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users