Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

What Does This Mean


  • This topic is locked This topic is locked
24 replies to this topic

#1 joker5667

joker5667

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:12:19 PM

Posted 25 November 2006 - 08:10 AM

Export SharedTaskScheduler key
------------------------------
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"


i did the 'How to remove virusburst' already and it told me to post here because i keep getting system alerts for trojan-spy.win32@mx and other things

BC AdBot (Login to Remove)

 


#2 jamielaw

jamielaw

    Malware Ass-Kicker!


  • Members
  • 878 posts
  • OFFLINE
  •  
  • Local time:08:19 PM

Posted 25 November 2006 - 09:58 AM

Hey joker5667

Please print out or copy this page to Notepad in order to assist you when carrying out the following instructions. Whilst completing the fix please use the Internet as little as posssible. Do not install any programs whilst we fix your computer - even the smallest of programs can wreak havoc.

SmitFraudFix:

Please download SmitfraudFix (by S!Ri)
Extract the content (a folder named SmitfraudFix) to your Desktop.

Open the SmitfraudFix folder and double-click smitfraudfix.cmd
Select option #1 - Search by typing 1 and press "Enter"; a text file will appear, which lists infected files (if present).
Please copy/paste the content of that report into your next reply.

Note : process.exe is detected by some antivirus programs (AntiVir, Dr.Web, Kaspersky) as a "RiskTool"; it is not a virus, but a program used to stop system processes. Antivirus programs cannot distinguish between "good" and "malicious" use of such programs, therefore they may alert the user.
http://www.beyondlogic.org/consulting/proc...processutil.htm


Uninstall List:

1. Open Hijackthis and select: Open the Misc Tools section.
2. Then choose: Open Uninstall Manager and click Save List.
3. Save the list to your computer.
4. Then copy the contents of the list back to this thread in your next reply.

Download Hijackthis:

1. Please go here and download Hijackthis.
2. Unzip Hijackthis into its own folder (e.g. C:\HJT\Hijackthis.exe)
3. Open Hijackthis and select:Do a system scan and save a logfile
4. Let Hijackthis run its course
5. Then once notepad pops up with your logfile, copy/paste it back into this thread.
My Website!

"The ultimate measure of a man is not where he stands in moments of comfort and convenience, but where he stands at times of challenge and controversy." - Martin Luther King, Jr.

Posted Image

#3 joker5667

joker5667
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:12:19 PM

Posted 25 November 2006 - 03:57 PM

SmitFraudFix v2.124

Scan done at 12:51:20.37, Sat 11/25/2006
Run from C:\Documents and Settings\Mark\Desktop\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
Fix run in normal mode

C:\


C:\WINDOWS


C:\WINDOWS\system


C:\WINDOWS\Web


C:\WINDOWS\system32


C:\Documents and Settings\Mark


C:\Documents and Settings\Mark\Application Data


Start Menu




HJT list


AbsoluteShield Internet Eraser Pro
Acer eManager for Notebook
Acer ePowerManagement
Acer GridVista
Ad-Aware SE Personal
Adobe Flash Player 9 ActiveX
Adobe Reader 7.0.8
Adobe Shockwave Player
Adobe SVG Viewer 3.0
Agere Systems HDA Modem
AOL Instant Messenger
ATI Control Panel
ATI Display Driver
AviSynth 2.5
Big Biz Tycoon
BitTorrent 5.0.1
Broadcom Gigabit Integrated Controller
Comcast High-Speed Internet Install Wizard
Cruise Ship Tycoon
DC++ 0.698
Desktop Doctor
Eraser 5.8
FastStone Image Viewer 2.5
Google Earth
High Definition Audio Driver Package - KB835221
HijackThis 1.99.1
Hotfix for Windows XP (KB914440)
Hotfix for Windows XP (KB915865)
HP Image Zone 4.0
HP Software Update
ImageMixer VCD/DVD2 for OLYMPUS
InterActual Player
IrfanView (remove only)
iTunes
J2SE Runtime Environment 5.0 Update 9
Launch Manager
LimeWire PRO 4.10.9
Linksys EasyLink Advisor 1.5 (1032)
LiveUpdate 2.6 (Symantec Corporation)
McAfee VirusScan Enterprise
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB886903)
Microsoft Age of Empires II
Microsoft Age of Empires II: The Conquerors Expansion
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office XP Professional with FrontPage
Microsoft Windows Journal Viewer
MSN Money Investment Toolbox
MSXML 4.0 SP2 (KB925672)
MSXML 4.0 SP2 (KB927978)
Norton WMI Update
NTI Backup NOW! 3
NTI CD & DVD-Maker Gold
O2Micro MemoryCardBus & Smart Card Reader Windows Driver
OLYMPUS Master
OpenMG AAC Add-on Module 1.0.00
OpenMG Limited Patch 4.5-06-05-12-01
OpenMG Secure Module 4.5.01
overland
Panda ActiveScan
Photosmart 320,370,7400,8100,8400 Series
PowerDVD
PSP Video 9 1.74
Quicken 2005
QuickTime
Quintessential Player
Realtek High Definition Audio Driver
Roguescanfix 1.5
Roll
Safety Alert 2006
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows XP (KB883939)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893066)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB896688)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899588)
Security Update for Windows XP (KB899589)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901190)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB905915)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB908531)
Security Update for Windows XP (KB911280)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912812)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913446)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB916281)
Security Update for Windows XP (KB917159)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB918899)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920214)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921883)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB925486)
SonicStage 4.0
Spybot - Search & Destroy 1.4
Star Wars Empire at War
Starport GE v1.0
Superpower 2
Synaptics Pointing Device Driver
TurboTax ItsDeductible 2005
TurboTax Premier 2005
Update for Windows XP (KB894391)
Update for Windows XP (KB896727)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB904942)
Update for Windows XP (KB910437)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Viewpoint Manager (Remove Only)
Viewpoint Media Player
WavePad Uninstall
WexTech AnswerWorks
Windows Driver Package - MSN (usbccgp) USB (04/19/2006 1.1.0.2)
Windows Genuine Advantage v1.3.0254.0
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Live Messenger
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Media Format Runtime
Windows Media Player 10
Windows XP Hotfix - KB873333
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB885884
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
Windows XP Hotfix - KB893086
WinZip
Yahoo! Browser Services
Yahoo! Install Manager
Yahoo! Mail
Yahoo! Messenger
Yahoo! Toolbar

#4 joker5667

joker5667
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:12:19 PM

Posted 25 November 2006 - 04:00 PM

Logfile of HijackThis v1.99.1
Scan saved at 12:56:10 PM, on 11/25/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Acer\eManager\anbmServ.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Gold Codec\pmsngr.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Gold Codec\pmmon.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\acer\epm\epm-dm.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Support.com\bin\tgcmd.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Network Associates\VirusScan\mcshield.exe
C:\Program Files\Network Associates\VirusScan\vstskmgr.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\BitTorrent\bittorrent.exe
C:\WINDOWS\srvany.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\PCard.exe
C:\Program Files\SysShield Tools\Internet Eraser\cseraser.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\acer\eRecovery\Monitor.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\HJT\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wwu.edu/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer presented by Comcast
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SysShield IE Popup Blocker - {9A23B8A4-C6C9-4A68-8FA6-5F905DC8FF80} - C:\Program Files\SysShield Tools\Internet Eraser\pkext.dll
O2 - BHO: (no name) - {ae18da4e-be15-4925-81bb-890c04af0200} - C:\Program Files\Gold Codec\isaddon.dll
O3 - Toolbar: AbsoluteShield - {EE9DD090-902D-4623-9360-FB7D8666202B} - C:\Program Files\SysShield Tools\Internet Eraser\AbsoluteBar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O3 - Toolbar: Protection Bar - {96ebbe6a-2864-4345-b32b-26ee9be524b5} - C:\Program Files\Gold Codec\iesplugin.dll
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [EPM-DM] c:\acer\epm\epm-dm.exe
O4 - HKLM\..\Run: [ePowerManagement] C:\Acer\ePM\ePM.exe boot
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE
O4 - HKLM\..\Run: [eRecoveryService] C:\Windows\System32\Check.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe
O4 - HKLM\..\Run: [HPHUPD06] C:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [tgcmd] C:\Program Files\Support.com\bin\tgcmd.exe /server /startmonitor /deaf
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Easy SpyRemover] C:\Program Files\Easy SpyRemover\EasySpyRemover.exe /smart
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: PowerReg Scheduler.exe
O4 - Startup: AbsoluteShield Internet Eraser.lnk = C:\Program Files\SysShield Tools\Internet Eraser\cseraser.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\digital imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\digital imaging\bin\hpqthb08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Display All Images with Full Quality - res://C:\Program Files\NetZero\qsacc\appres.dll/228
O8 - Extra context menu item: Display Image with Full Quality - res://C:\Program Files\NetZero\qsacc\appres.dll/227
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - AutorunsDisabled - (no file)
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Facebo...otoUploader.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.5.0) - http://javadl-esd.sun.com/update/1.5.0/jin...ows-i586-jc.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} - http://cam01.atus.wwu.edu/activex/AMC.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\vstskmgr.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PSecret - Unknown owner - C:\WINDOWS\srvany.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

#5 jamielaw

jamielaw

    Malware Ass-Kicker!


  • Members
  • 878 posts
  • OFFLINE
  •  
  • Local time:08:19 PM

Posted 25 November 2006 - 04:02 PM

Please could you re-post the SmitFraudFix log as some of it got cut off.

Thanks.
My Website!

"The ultimate measure of a man is not where he stands in moments of comfort and convenience, but where he stands at times of challenge and controversy." - Martin Luther King, Jr.

Posted Image

#6 joker5667

joker5667
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:12:19 PM

Posted 25 November 2006 - 04:31 PM

SmitFraudFix v2.124

Scan done at 13:27:07.07, Sat 11/25/2006
Run from C:\Documents and Settings\Mark\Desktop\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
Fix run in normal mode

C:\


C:\WINDOWS


C:\WINDOWS\system


C:\WINDOWS\Web


C:\WINDOWS\system32


C:\Documents and Settings\Mark


C:\Documents and Settings\Mark\Application Data


Start Menu


C:\DOCUME~1\MARK\FAVORI~1


Desktop


C:\Program Files

C:\Program Files\Gold Codec\ FOUND !
C:\Program Files\Virus-Bursters\ FOUND !

Corrupted keys


Desktop Components

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="My Current Home Page"


Sharedtaskscheduler
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


AppInit_DLLs
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""


pe386-msguard-lzx32


Scanning wininet.dll infection


End

#7 jamielaw

jamielaw

    Malware Ass-Kicker!


  • Members
  • 878 posts
  • OFFLINE
  •  
  • Local time:08:19 PM

Posted 25 November 2006 - 04:58 PM

Hey joker5667

Please print out or copy this page to Notepad in order to assist you when carrying out the following instructions. Whilst completing the fix please use the Internet as little as posssible. Do not install any programs whilst we fix your computer - even the smallest of programs can wreak havoc.

Two Anti-Virus Programs:

I do not recommend that you have more than one anti virus product installed and running on your computer at a time. The reason for this is that if both products have their automatic (Real-Time) protection switched on, then those products which do not encrypt the virus strings within them can cause other anti virus products to cause "false alarms". It can also lead to a clash as both products fight for access to files which are opened again this is the resident/automatic protection. In general terms, the two programs may conflict and cause:
  • False Alarms: When the anti virus software tells you that your PC has a virus when it actually doesn't.
  • System Performance Problems: Your system may lock up due to both software products attempting to access the same file at the same time.
Therefore please go to add/remove in the control panel and remove either Symantec or Mcafee

SmitFraudFix:

Next, please reboot your computer in Safe Mode by doing the following :
  • Restart your computer
  • After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
  • Instead of Windows loading as normal, a menu with options should appear;
  • Select the first option, to run Windows in Safe Mode, then press "Enter".
  • Choose your usual account.
Once in Safe Mode, open the SmitfraudFix folder again and double-click smitfraudfix.cmd
Select option #2 - Clean by typing 2 and press "Enter" to delete infected files.

You will be prompted : "Registry cleaning - Do you want to clean the registry ?"; answer "Yes" by typing Y and press "Enter" in order to remove the Desktop background and clean registry keys associated with the infection.

The tool will now check if wininet.dll is infected. You may be prompted to replace the infected file (if found); answer "Yes" by typing Y and press "Enter".

The tool may need to restart your computer to finish the cleaning process; if it doesn't, please restart it into Normal Windows.
A text file will appear onscreen, with results from the cleaning process; please copy/paste the content of that report into your next reply.
The report can also be found at the root of the system drive, usually at C:\rapport.txt

Warning : running option #2 on a non infected computer will remove your Desktop background.

Uninstall Bad Programs:

1. Click Start >> Control Panel >> Add/Remove Programs
2. Select each of these programs, click Remove and follow the prompts to uninstall them:

BitTorrent 5.0.1
LimeWire PRO 4.10.9
Safety Alert 2006
Viewpoint Manager (Remove Only)


Please can you then post a fresh Hijackthis log.
My Website!

"The ultimate measure of a man is not where he stands in moments of comfort and convenience, but where he stands at times of challenge and controversy." - Martin Luther King, Jr.

Posted Image

#8 joker5667

joker5667
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:12:19 PM

Posted 25 November 2006 - 07:34 PM

SmitFraudFix v2.124

Scan done at 16:18:30.76, Sat 11/25/2006
Run from C:\Documents and Settings\Mark\Desktop\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
Fix run in safe mode

Before SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

Killing process


Generic Renos Fix

GenericRenosFix by S!Ri


Deleting infected files

C:\Program Files\Gold Codec\ Deleted
C:\Program Files\Virus-Bursters\ Deleted

Deleting Temp Files


Registry Cleaning

Registry Cleaning done.

After SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


End




Logfile of HijackThis v1.99.1
Scan saved at 4:30:20 PM, on

11/25/2006
Platform: Windows XP SP2 (WinNT

5.01.2600)
MSIE: Internet Explorer v7.00

(7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Acer\eManager\anbmServ.exe
C:\Program Files\ATI

Technologies\ATI Control

Panel\atiptaxx.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program

Files\Synaptics\SynTP\SynTPEnh.ex

e
C:\WINDOWS\SOUNDMAN.EXE
C:\Program

Files\CyberLink\PowerDVD\PDVDServ

.exe
C:\Program Files\Network

Associates\Common

Framework\FrameworkService.exe
C:\acer\epm\epm-dm.exe
C:\Program Files\Network

Associates\VirusScan\mcshield.exe
C:\Program Files\Network

Associates\VirusScan\vstskmgr.exe
C:\Program Files\Launch

Manager\QtZgAcer.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32

\spool\drivers\w32x86\3

\hpztsb11.exe
C:\Program

Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\hphmon06.exe
C:\Program Files\Microsoft

IntelliType Pro\type32.exe
C:\Program Files\Microsoft

IntelliPoint\point32.exe
C:\Program Files\Network

Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network

Associates\Common

Framework\UpdaterUI.exe
C:\Program

Files\QuickTime\qttask.exe
C:\Program

Files\Support.com\bin\tgcmd.exe
C:\PROGRA~1\Sony\SONICS~1

\SsAAD.exe
C:\Program Files\HP\HP Software

Update\HPWuSchd2.exe
C:\Program

Files\Java\jre1.5.0_09

\bin\jusched.exe
C:\Program Files\MSN

Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SysShield

Tools\Internet

Eraser\cseraser.exe
C:\WINDOWS\srvany.exe
C:\WINDOWS\PCard.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program

Files\acer\eRecovery\Monitor.exe
C:\Program Files\Internet

Explorer\iexplore.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\HJT\HijackThis.exe

R1 -

HKCU\Software\Microsoft\Internet

Explorer\Main,Window Title =

Microsoft Internet Explorer

presented by Comcast
R1 -

HKCU\Software\Microsoft\Windows\C

urrentVersion\Internet

Settings,ProxyServer = :0
R3 - URLSearchHook: Yahoo!

Toolbar - {EF99BD32-C1FB-11D2-

892F-0090271D4F88} - C:\Program

Files\Yahoo!

\Companion\Installs\cpn\yt.dll

(file missing)
O2 - BHO: Adobe PDF Reader Link

Helper - {06849E9F-C8D7-4D59-

B87D-784B7D6BE0B3} - C:\Program

Files\Adobe\Acrobat 7.0

\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class -

{761497BB-D6F0-462C-B6EB-

D4DAF1D92D43} - C:\Program

Files\Java\jre1.5.0_09

\bin\ssv.dll
O2 - BHO: Windows Live Sign-in

Helper - {9030D464-4C02-4ABF-

8ECC-5164760863C6} - C:\Program

Files\Common Files\Microsoft

Shared\Windows

Live\WindowsLiveLogin.dll
O2 - BHO: SysShield IE Popup

Blocker - {9A23B8A4-C6C9-4A68-

8FA6-5F905DC8FF80} - C:\Program

Files\SysShield Tools\Internet

Eraser\pkext.dll
O3 - Toolbar: AbsoluteShield -

{EE9DD090-902D-4623-9360-

FB7D8666202B} - C:\Program

Files\SysShield Tools\Internet

Eraser\AbsoluteBar.dll
O3 - Toolbar: Yahoo! Toolbar -

{EF99BD32-C1FB-11D2-892F-

0090271D4F88} - C:\Program

Files\Yahoo!

\Companion\Installs\cpn\yt.dll

(file missing)
O4 - HKLM\..\Run: [LaunchApp]

Alaunch
O4 - HKLM\..\Run: [ATIPTA]

C:\Program Files\ATI

Technologies\ATI Control

Panel\atiptaxx.exe
O4 - HKLM\..\Run: [High

Definition Audio Property Page

Shortcut] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [AGRSMMSG]

AGRSMMSG.exe
O4 - HKLM\..\Run: [SynTPLpr]

C:\Program

Files\Synaptics\SynTP\SynTPLpr.ex

e
O4 - HKLM\..\Run: [SynTPEnh]

C:\Program

Files\Synaptics\SynTP\SynTPEnh.ex

e
O4 - HKLM\..\Run: [SoundMan]

SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd]

ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr]

ALCMTR.EXE
O4 - HKLM\..\Run: [RemoteControl]

"C:\Program

Files\CyberLink\PowerDVD\PDVDServ

.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1]

"C:\WINDOWS\IME\imjp8_1

\IMJPMIG.EXE" /Spoil /RemAdvDef

/Migration32
O4 - HKLM\..\Run: [MSPY2002]

C:\WINDOWS\system32

\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run:

[PHIME2002ASync]

C:\WINDOWS\system32

\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A]

C:\WINDOWS\system32

\IME\TINTLGNT\TINTSETP.EXE

/IMEName
O4 - HKLM\..\Run: [EPM-DM]

c:\acer\epm\epm-dm.exe
O4 - HKLM\..\Run:

[ePowerManagement]

C:\Acer\ePM\ePM.exe boot
O4 - HKLM\..\Run: [LManager]

C:\Program Files\Launch

Manager\QtZgAcer.EXE
O4 - HKLM\..\Run:

[eRecoveryService]

C:\Windows\System32\Check.exe
O4 - HKLM\..\Run:

[BluetoothAuthenticationAgent]

rundll32.exe

bthprops.cpl,,BluetoothAuthentica

tionAgent
O4 - HKLM\..\Run: [HPDJ Taskbar

Utility] C:\WINDOWS\system32

\spool\drivers\w32x86\3

\hpztsb11.exe
O4 - HKLM\..\Run: [HPHUPD06]

C:\Program Files\HP\{AAC4FC36-

8F89-4587-8DD3-EBC57C83374D}

\hphupd06.exe
O4 - HKLM\..\Run: [HP Component

Manager] "C:\Program

Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPHmon06]

C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [type32]

"C:\Program Files\Microsoft

IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [IntelliPoint]

"C:\Program Files\Microsoft

IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [ShStatEXE]

"C:\Program Files\Network

Associates\VirusScan\SHSTAT.EXE"

/STANDALONE
O4 - HKLM\..\Run:

[McAfeeUpdaterUI] "C:\Program

Files\Network Associates\Common

Framework\UpdaterUI.exe"
O4 - HKLM\..\Run: [QuickTime

Task] "C:\Program

Files\QuickTime\qttask.exe" -

atboottime
O4 - HKLM\..\Run: [tgcmd]

C:\Program

Files\Support.com\bin\tgcmd.exe

/server /startmonitor /deaf
O4 - HKLM\..\Run: [SsAAD.exe]

C:\PROGRA~1\Sony\SONICS~1

\SsAAD.exe
O4 - HKLM\..\Run: [HP Software

Update] C:\Program Files\HP\HP

Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run:

[KernelFaultCheck] %systemroot%

\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Easy

SpyRemover] C:\Program Files\Easy

SpyRemover\EasySpyRemover.exe

/smart
O4 - HKLM\..\Run:

[SunJavaUpdateSched] "C:\Program

Files\Java\jre1.5.0_09

\bin\jusched.exe"
O4 - HKCU\..\Run: [msnmsgr]

"C:\Program Files\MSN

Messenger\msnmsgr.exe"

/background
O4 - HKCU\..\Run: [BitTorrent]

"C:\Program

Files\BitTorrent\bittorrent.exe"

--force_start_minimized
O4 - HKCU\..\Run: [ctfmon.exe]

C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: PowerReg

Scheduler.exe
O4 - Startup: AbsoluteShield

Internet Eraser.lnk = C:\Program

Files\SysShield Tools\Internet

Eraser\cseraser.exe
O4 - Global Startup: HP Digital

Imaging Monitor.lnk = C:\Program

Files\HP\digital

imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image

Zone Fast Start.lnk = C:\Program

Files\HP\digital

imaging\bin\hpqthb08.exe
O4 - Global Startup: Microsoft

Office.lnk = C:\Program

Files\Microsoft Office\Office10

\OSA.EXE
O4 - Global Startup: Adobe Reader

Speed Launch.lnk = C:\Program

Files\Adobe\Acrobat 7.0

\Reader\reader_sl.exe
O8 - Extra context menu item:

&Yahoo! Search -

file:///C:\Program Files\Yahoo!

\Common/ycsrch.htm
O8 - Extra context menu item:

Display All Images with Full

Quality - res://C:\Program

Files\NetZero\qsacc\appres.dll/22

8
O8 - Extra context menu item:

Display Image with Full Quality -

res://C:\Program

Files\NetZero\qsacc\appres.dll/22

7
O8 - Extra context menu item:

E&xport to Microsoft Excel -

res://C:\PROGRA~1\MI1933~1

\Office10\EXCEL.EXE/3000
O8 - Extra context menu item:

Yahoo! &Dictionary -

file:///C:\Program Files\Yahoo!

\Common/ycdict.htm
O8 - Extra context menu item:

Yahoo! &Maps - file:///C:\Program

Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item:

Yahoo! &SMS - file:///C:\Program

Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) -

AutorunsDisabled - (no file)
O9 - Extra button: (no name) -

{08B0E5C0-4FCB-11CF-AAA5-

00401C608501} - C:\Program

Files\Java\jre1.5.0_09

\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun

Java Console - {08B0E5C0-4FCB-

11CF-AAA5-00401C608501} -

C:\Program

Files\Java\jre1.5.0_09

\bin\ssv.dll
O9 - Extra button: Yahoo!

Services - {5BAB4B5B-68BC-4B02-

94D6-2FC0DE4A7897} -

C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: AIM -

{AC9E2541-2814-11d5-BC6D-

00B0D0A1DE45} - C:\Program

Files\AIM\aim.exe
O9 - Extra button: (no name) -

{e2e2dd38-d088-4134-82b7-

f2ba38496583} - %windir%\Network

Diagnostic\xpnetdiag.exe (file

missing)
O9 - Extra 'Tools' menuitem:

@xpsp3res.dll,-20001 - {e2e2dd38

-d088-4134-82b7-f2ba38496583} -

%windir%\Network

Diagnostic\xpnetdiag.exe (file

missing)
O9 - Extra button: Yahoo!

Messenger - {E5D12C4E-7B4F-11D3-

B5C9-0050045C3C96} - C:\Program

Files\Yahoo!

\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem:

Yahoo! Messenger - {E5D12C4E-

7B4F-11D3-B5C9-0050045C3C96} -

C:\Program Files\Yahoo!

\Messenger\YahooMessenger.exe
O11 - Options group:

[INTERNATIONAL] International*
O16 - DPF: {14B87622-7E19-4EA8-

93B3-97215F77A6BC}

(MessengerStatsClient Class) -

http://messenger.zone.msn.com/bin

ary/MessengerStatsPAClient.cab312

67.cab
O16 - DPF: {5F8469B4-B055-49DD-

83F7-62B522420ECC} (Facebook

Photo Uploader Control) -

http://upload.facebook.com/contro

ls/FacebookPhotoUploader.cab
O16 - DPF: {8AD9C840-044E-11D1-

B3E9-00805F499D93} (Java Runtime

Environment 1.5.0) -

http://javadl-

esd.sun.com/update/1.5.0/jinstall

-1_5_0_09-windows-i586-jc.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-

B042-5009F29E09E1} (ActiveScan

Installer Class) -

http://acs.pandasoftware.com/acti

vescan/as5free/asinst.cab
O16 - DPF: {B8BE5E93-A60C-4D26-

A2DC-220313175592} (ZoneIntro

Class) -

http://messenger.zone.msn.com/bin

ary/ZIntro.cab47946.cab
O16 - DPF: {DE625294-70E6-45ED-

B895-CFFA13AEB044} -

http://cam01.atus.wwu.edu/activex

/AMC.cab
O18 - Protocol: livecall -

{828030A1-22C1-4009-854F-

8E305202313F} - C:\PROGRA~1

\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim -

{828030A1-22C1-4009-854F-

8E305202313F} - C:\PROGRA~1

\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon -

C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Notebook Manager

Service (anbmService) - OSA

Technologies Inc. -

C:\Acer\eManager\anbmServ.exe
O23 - Service: Ati HotKey Poller

- ATI Technologies Inc. -

C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: InstallDriver

Table Manager (IDriverT) -

Macrovision Corporation -

C:\Program Files\Common

Files\InstallShield\Driver\11

\Intel 32\IDriverT.exe
O23 - Service: McAfee Framework

Service (McAfeeFramework) -

Network Associates, Inc. -

C:\Program Files\Network

Associates\Common

Framework\FrameworkService.exe
O23 - Service: Network Associates

McShield (McShield) - Network

Associates, Inc. - C:\Program

Files\Network

Associates\VirusScan\mcshield.exe
O23 - Service: Network Associates

Task Manager (McTaskManager) -

Network Associates, Inc. -

C:\Program Files\Network

Associates\VirusScan\vstskmgr.exe
O23 - Service: MSCSPTISRV - Sony

Corporation - C:\Program

Files\Common Files\Sony

Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Sony

Corporation - C:\Program

Files\Common Files\Sony

Shared\AVLib\PACSPTISVR.exe
O23 - Service: Pml Driver HPZ12 -

HP - C:\WINDOWS\system32

\HPZipm12.exe
O23 - Service: PSecret - Unknown

owner - C:\WINDOWS\srvany.exe

#9 joker5667

joker5667
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:12:19 PM

Posted 25 November 2006 - 07:36 PM

AbsoluteShield Internet Eraser Pro
Acer eManager for Notebook
Acer ePowerManagement
Acer GridVista
Ad-Aware SE Personal
Adobe Flash Player 9 ActiveX
Adobe Reader 7.0.8
Adobe Shockwave Player
Adobe SVG Viewer 3.0
Agere Systems HDA Modem
AOL Instant Messenger
ATI Control Panel
ATI Display Driver
AviSynth 2.5
Big Biz Tycoon
Broadcom Gigabit Integrated Controller
Comcast High-Speed Internet Install Wizard
Cruise Ship Tycoon
DC++ 0.698
Desktop Doctor
Eraser 5.8
FastStone Image Viewer 2.5
Google Earth
High Definition Audio Driver Package - KB835221
HijackThis 1.99.1
Hotfix for Windows XP (KB914440)
Hotfix for Windows XP (KB915865)
HP Image Zone 4.0
HP Software Update
ImageMixer VCD/DVD2 for OLYMPUS
InterActual Player
IrfanView (remove only)
iTunes
J2SE Runtime Environment 5.0 Update 9
Launch Manager
Linksys EasyLink Advisor 1.5 (1032)
McAfee VirusScan Enterprise
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB886903)
Microsoft Age of Empires II
Microsoft Age of Empires II: The Conquerors Expansion
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office XP Professional with FrontPage
Microsoft Windows Journal Viewer
MSN Money Investment Toolbox
MSXML 4.0 SP2 (KB925672)
MSXML 4.0 SP2 (KB927978)
NTI Backup NOW! 3
NTI CD & DVD-Maker Gold
O2Micro MemoryCardBus & Smart Card Reader Windows Driver
OLYMPUS Master
OpenMG AAC Add-on Module 1.0.00
OpenMG Limited Patch 4.5-06-05-12-01
OpenMG Secure Module 4.5.01
overland
Panda ActiveScan
Photosmart 320,370,7400,8100,8400 Series
PowerDVD
PSP Video 9 1.74
Quicken 2005
QuickTime
Quintessential Player
Realtek High Definition Audio Driver
Roguescanfix 1.5
Roll
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows XP (KB883939)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893066)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB896688)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899588)
Security Update for Windows XP (KB899589)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901190)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB905915)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB908531)
Security Update for Windows XP (KB911280)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912812)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913446)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB916281)
Security Update for Windows XP (KB917159)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB918899)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920214)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921883)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB925486)
SonicStage 4.0
Spybot - Search & Destroy 1.4
Star Wars Empire at War
Starport GE v1.0
Superpower 2
Synaptics Pointing Device Driver
TurboTax ItsDeductible 2005
TurboTax Premier 2005
Update for Windows XP (KB894391)
Update for Windows XP (KB896727)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB904942)
Update for Windows XP (KB910437)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Viewpoint Manager (Remove Only)
Viewpoint Media Player
WavePad Uninstall
WexTech AnswerWorks
Windows Driver Package - MSN (usbccgp) USB (04/19/2006 1.1.0.2)
Windows Genuine Advantage v1.3.0254.0
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Live Messenger
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Media Format Runtime
Windows Media Player 10
Windows XP Hotfix - KB873333
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB885884
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
Windows XP Hotfix - KB893086
WinZip
Yahoo! Browser Services
Yahoo! Install Manager
Yahoo! Mail
Yahoo! Messenger
Yahoo! Toolbar

#10 jamielaw

jamielaw

    Malware Ass-Kicker!


  • Members
  • 878 posts
  • OFFLINE
  •  
  • Local time:08:19 PM

Posted 26 November 2006 - 05:19 AM

WordWrap:

The formatting of your post is messed up. This is caused by not having Word Wrap checked.

1. Click Start > All Programs > Accessories > Notepad
2. On the menu bar in Notepad select Format and click on WordWrap so it appears checked.

Once you have done this please can you post a fresh Hijackthis log.
My Website!

"The ultimate measure of a man is not where he stands in moments of comfort and convenience, but where he stands at times of challenge and controversy." - Martin Luther King, Jr.

Posted Image

#11 joker5667

joker5667
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:12:19 PM

Posted 26 November 2006 - 01:31 PM

Logfile of HijackThis v1.99.1
Scan saved at 10:27:29 AM, on 11/26/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\eManager\anbmServ.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\mcshield.exe
C:\Program Files\Network Associates\VirusScan\vstskmgr.exe
C:\WINDOWS\srvany.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\PCard.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\acer\epm\epm-dm.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Support.com\bin\tgcmd.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SysShield Tools\Internet Eraser\cseraser.exe
C:\Program Files\acer\eRecovery\Monitor.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\notepad.exe
C:\HJT\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer presented by Comcast
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SysShield IE Popup Blocker - {9A23B8A4-C6C9-4A68-8FA6-5F905DC8FF80} - C:\Program Files\SysShield Tools\Internet Eraser\pkext.dll
O3 - Toolbar: AbsoluteShield - {EE9DD090-902D-4623-9360-FB7D8666202B} - C:\Program Files\SysShield Tools\Internet Eraser\AbsoluteBar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [EPM-DM] c:\acer\epm\epm-dm.exe
O4 - HKLM\..\Run: [ePowerManagement] C:\Acer\ePM\ePM.exe boot
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE
O4 - HKLM\..\Run: [eRecoveryService] C:\Windows\System32\Check.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe
O4 - HKLM\..\Run: [HPHUPD06] C:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [tgcmd] C:\Program Files\Support.com\bin\tgcmd.exe /server /startmonitor /deaf
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Easy SpyRemover] C:\Program Files\Easy SpyRemover\EasySpyRemover.exe /smart
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: PowerReg Scheduler.exe
O4 - Startup: AbsoluteShield Internet Eraser.lnk = C:\Program Files\SysShield Tools\Internet Eraser\cseraser.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\digital imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\digital imaging\bin\hpqthb08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Display All Images with Full Quality - res://C:\Program Files\NetZero\qsacc\appres.dll/228
O8 - Extra context menu item: Display Image with Full Quality - res://C:\Program Files\NetZero\qsacc\appres.dll/227
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - AutorunsDisabled - (no file)
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Facebo...otoUploader.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.5.0) - http://javadl-esd.sun.com/update/1.5.0/jin...ows-i586-jc.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} - http://cam01.atus.wwu.edu/activex/AMC.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\vstskmgr.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PSecret - Unknown owner - C:\WINDOWS\srvany.exe

#12 jamielaw

jamielaw

    Malware Ass-Kicker!


  • Members
  • 878 posts
  • OFFLINE
  •  
  • Local time:08:19 PM

Posted 26 November 2006 - 01:39 PM

Hey joker5667

How is your computer running - any problems?
My Website!

"The ultimate measure of a man is not where he stands in moments of comfort and convenience, but where he stands at times of challenge and controversy." - Martin Luther King, Jr.

Posted Image

#13 joker5667

joker5667
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:12:19 PM

Posted 26 November 2006 - 03:03 PM

most of the problems are now gone. but when i start up my computer i get three different messages:
1. an error message pops up and says:
hpqthb08.exe application error
the application failed to initialize properly (0xc0000135).
2. another window pops up and starts to try to install something called instantshare
3. And finally a third window pops up as some kind of windows installer
when i hit the cancel button another of the same window pops up for the instantshare program so i hit control alt delete and hit end task and they stop.

#14 jamielaw

jamielaw

    Malware Ass-Kicker!


  • Members
  • 878 posts
  • OFFLINE
  •  
  • Local time:08:19 PM

Posted 26 November 2006 - 04:39 PM

Hey joker5667

All of those problems you describe are related to your HP (Hewlett-Packard) software - either the printer or camera. I recommend you uninstall them. If you need them then try inserting the HP cd when it asks for it and allow it to install - it should prevent it from asking for it again.

Let me know how you get on.
My Website!

"The ultimate measure of a man is not where he stands in moments of comfort and convenience, but where he stands at times of challenge and controversy." - Martin Luther King, Jr.

Posted Image

#15 joker5667

joker5667
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:12:19 PM

Posted 28 November 2006 - 04:46 PM

my computer was left in the cold overnight and now it won't turn on or respond to anything i do to it. I let it warm back up and i plugged the power back in and nothing happens. i took out the battery and still nothing happens.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users