| View previous topic :: View next topic |
| Author |
Message |
deeprty
Member
Joined: 30 Apr 2008
Posts: 5
Points: 0
|
| Posted: Wed 04/30/2008 11:53am [Post #1] |
|
|
i have went through the whole of the instructions on the "get rid of spyware...." page and as i stated "Suspicious entries have been found in your log" is all i get now.
my original problem was that windows update would not install 3 critical security updates but i have noticed that many of my programs are asking for updates a bit too much an example is
.. i installed superanti-spyware as instructed and ran an update but when i log on windows a little window pops up asking me to click on a link to update . so instead of clicking that link i open superantispyware and manually try and update and i am told that i am up to date.
i do not know if this is the correct place to be asking for help concerning the windows update problem or the strange update problem but the suspicous entries is suppose why i am here
anyhelp is greatly appreciated
cpu; c2d e6600 } @2.40ghz
os; xp professional {5.1,build 2600}
antivirus; avira antivir personel
program version 8.1.00.295
firewall ; comodo firewall profesional
version 3.0.22.349
anything else that is needed just ask
i keep up to date with drivers but if anything you think may be relevent then just say
i have a hijackthis log ready also
thanks in advance |
|
| |
This post has: 0 recommendations
|
| Back to top |
|
 |
deeprty
Member
Joined: 30 Apr 2008
Posts: 5
Points: 0
|
| Posted: Wed 04/30/2008 12:02pm [Post #2] |
|
|
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:16:57 PM, on 4/30/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\COMODO\Firewall\cmdagent.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\COMODO\Firewall\cfp.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
C:\Program Files\PeerGuardian2\pg2.exe
C:\Program Files\Java\jre1.5.0_01\bin\jucheck.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
F3 - REG:win.ini: run=
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [GBB36X Configure] C:\WINDOWS\system32\JMRaidTool.exe boot
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -h
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
O4 - HKCU\..\Run: [µTorrent] "E:\progs\stuff for set up\image directx torr\utorrent.exe"
O4 - HKCU\..\Run: [PeerGuardian] C:\Program Files\PeerGuardian2\pg2.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra button: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Documents and Settings\freds\Start Menu\Programs\Absolute Poker\Absolute Poker.lnk
O9 - Extra 'Tools' menuitem: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Documents and Settings\freds\Start Menu\Programs\Absolute Poker\Absolute Poker.lnk
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: CDPoker - {A68FC757-51CF-4f3c-B13A-BFB8CA69BB99} - C:\Poker\CDPoker\casino.exe
O9 - Extra 'Tools' menuitem: CDPoker - {A68FC757-51CF-4f3c-B13A-BFB8CA69BB99} - C:\Poker\CDPoker\casino.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: Ladbrokes Poker - {C2A80015-C447-4dc4-82DD-AED83D6ED57E} - C:\Microgaming\Poker\ladbrokesMPP\MPPoker.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/content.info.ap ple.com/QuickTime/qtactivex/qtplugin.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie. cab
O16 - DPF: {BB383206-6DA1-4E80-B62A-3DF950FCC697} (Create & Print ActiveX Plug-in) - http://ak.imgag.com/imgag/cp/install/AxCtp2.cab
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab
O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\Firewall\cmdagent.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
--
End of file - 7321 bytes |
|
| |
This post has: 0 recommendations
|
| Back to top |
|
|
Canuck
Help2Go Administrator
Joined: 22 May 2003
Posts: 6945
Points: 1425
Location: Edmonton, Alberta, Canada
|
| Posted: Wed 04/30/2008 1:42pm [Post #3] |
|
|
The detective is questioning your 04 entries. Basically the most important programs that should be running are anti virus, anti Spyware and firewall . The rest are probably just using up your RAM (most companies think their programs are so important that they need to be running in the background .. this is not so. For example O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" , there is absolutely no reason for this to be running. When you click on a .pdf file the program will open automatically, it may take a few seconds longer to open, but a few seconds compared with using up your RAM and slowing down your PC is just not worth it .. to me anyway).
I suggest you go through your 04s and check to find out what they are, and if you really need them running. To check startup programs use http://www.castlecops.com/StartupList.html and decide what you need. If you want our opinion an any of them, just let us know which ones. Suggest you keep the Nero one running as this one detects CD/DVDs.
Hope this helps. |
|
| |
This post has: 1 recommendation
|
| Back to top |
|
|
Osc
Help2Go Administrator
Joined: 01 Jan 1999
Posts: 1789
Points: 516
Location: Washington, DC
|
| Posted: Wed 04/30/2008 1:47pm [Post #4] |
|
|
Hi deeprty - run your HJT log through the Help2Go Detective one more time - we fixed a bug in the program.
_________________
Oscar Sodani
Help2Go Administrator |
|
| |
This post has: 1 recommendation
|
| Back to top |
|
|
deeprty
Member
Joined: 30 Apr 2008
Posts: 5
Points: 0
|
| Posted: Wed 04/30/2008 2:57pm [Post #5] |
|
|
ok done and all is good just a couple of questions
where can i find info on the results from hjt eg what 04 entries are (they are programs running in backround?) just so i can learn a bit today
also where should i go to find out about the trouble with my windows update, got no where on microsoft pages
and last but not least does the problem with my other programs asking for updates a bit to much reside in my own head?!?
cheers for the speedy response by the way |
|
| |
This post has: 0 recommendations
|
| Back to top |
|
|
Clark76
Spyware Fighter
Joined: 28 Feb 2006
Posts: 904
Points: 164
Location: Cleveland, Ohio
|
| Posted: Wed 04/30/2008 4:50pm [Post #6] |
|
|
Hello
What programs are asking for updates? It probably is the programs themselves that need updated and not Windows. Look to Canucks previous post for you question on 04 entries 
I see you have Absolute Poker, PokerStars, CDPoker, PartyPoker.com, and Ladbrokes Poker installed.
If you didn't install it with intension to play with, I suggest you uninstall them, because in most cases, these programs are supported by malware, getting installed without asking for it and also lead you to sites where malware is lurking.
If you do play them, then leave it alone.
Open HijackThis and click on 'Do a System Scan Only'. Check the following entries (If they still exist, make sure you do not miss any)
F3 - REG:win.ini: run=
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
Please remember to close all other windows, including browsers then click Fix checked.
-----------------
Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version Java components and update.
- Download the latest version of Java Runtime Environment (JRE) 6 Update 6 and save it to your desktop.
- Scroll down to where it says "Java Runtime Environment (JRE) 6 Update 6. The Java SE Runtime Environment (JRE) allows end-users to run Java applications."
- Click the "Download" button to the right.
- Select the Windows platform from the dropdown menu.
- Read the License Agreement and then check the box that says: "Accept License Agreement". Click on Continue.The page will refresh.
- Click on the link to download Windows Offline Installation and save the file to your desktop.
- Close any programs you may have running - especially your web browser.
- Go to Start > Settings > Control Panel, double-click on Add/Remove Programs and remove all older versions of Java.
- Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
- Click the Remove or Change/Remove button.
- Repeat as many times as necessary to remove each Java versions.
- Reboot your computer once all Java components are removed.
- Then from your desktop double-click on jre-6u6-windows-i586-p.exe to install the newest version.
- After the install is complete, go into the Control Panel (using Classic View) and double-click the Java Icon. (looks like a coffee cup)
- On the General tab, under Temporary Internet Files, click the Settings button.
- Next, click on the Delete Files button
- There are two options in the window to clear the cache - Leave BOTH Checked
Applications and Applets
Trace and Log Files - Click OK on Delete Temporary Files Window
Note: This deletes ALL the Downloaded Applications and Applets from the CACHE. - Click OK to leave the Temporary Files Window
- Click OK to leave the Java Control Panel.
------------------------
Post back with a new Hijackthis log
_________________
Proud Member of ASAP
Proud Member of UNITE |
|
| |
This post has: 2 recommendations
|
| Back to top |
|
|
deeprty
Member
Joined: 30 Apr 2008
Posts: 5
Points: 0
|
| Posted: Thu 05/01/2008 3:35pm [Post #7] |
|
|
ok thanks, i've done what you said and the hjt log is below
i don't think i explained myself last post i'll try again.
i wasn't asking for help on 04 entries in perticular(spelling?) i was meaning a guide to hjt this in general so i could mabye learn to do this myself, but i was being lazy and i suppose i should just google it (sometimes i don't think......... it hurts).
as for the programs updating i have 2 problems.
1. windows automatic update has been trying to install 3 critical updates for a few weeks now with no luck, i went to the ms web page to do it manually and at first it downloaded and then failed to install and now it won't download at all, although automatic update is trying again as i type
2. superantispyware, and java  were asking for updates just after i downloaded and installed them, comodo and deamontools were asking for at the same time and it seemed a little strange,
when i opened superantispyware and manually clicked update it said i was up to date but the little window in the bottom right was still popping up asking for an update, but my brain is working right now and i see that it was asking for a program update and i was checking for a virus defenition update (does this make sense???? i'm tired i work to hard!!)
and theres more...
you said "I see you have Absolute Poker, PokerStars, CDPoker, PartyPoker.com, and Ladbrokes Poker installed.
If you didn't install it with intension to play with, I suggest you uninstall them, because in most cases, these programs are supported by malware, getting installed without asking for it and also lead you to sites where malware is lurking.
If you do play them, then leave it alone. "
i do play them but i am concerned about what sort of malware you think i may be getting should i be worried? i have never been redirected to any web page (or infact went to any web page via a poker site) if this is what you meant.
just another thing what is a global hook and should i be concerned that every program i open comodo informs my that it is trying to install global hook.nview.dll and if i block the alert the program works fine.
ok enough hope this is not to much
thank you, thank you, thank you, here is my hjt log
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:32:53 PM, on 5/1/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\COMODO\Firewall\cmdagent.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\COMODO\Firewall\cfp.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\PeerGuardian2\pg2.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [GBB36X Configure] C:\WINDOWS\system32\JMRaidTool.exe boot
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -h
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKCU\..\Run: [µTorrent] "E:\progs\stuff for set up\image directx torr\utorrent.exe"
O4 - HKCU\..\Run: [PeerGuardian] C:\Program Files\PeerGuardian2\pg2.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Documents and Settings\freds\Start Menu\Programs\Absolute Poker\Absolute Poker.lnk
O9 - Extra 'Tools' menuitem: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Documents and Settings\freds\Start Menu\Programs\Absolute Poker\Absolute Poker.lnk
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: CDPoker - {A68FC757-51CF-4f3c-B13A-BFB8CA69BB99} - C:\Poker\CDPoker\casino.exe
O9 - Extra 'Tools' menuitem: CDPoker - {A68FC757-51CF-4f3c-B13A-BFB8CA69BB99} - C:\Poker\CDPoker\casino.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: Ladbrokes Poker - {C2A80015-C447-4dc4-82DD-AED83D6ED57E} - C:\Microgaming\Poker\ladbrokesMPP\MPPoker.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/content.info.ap ple.com/QuickTime/qtactivex/qtplugin.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie. cab
O16 - DPF: {BB383206-6DA1-4E80-B62A-3DF950FCC697} (Create & Print ActiveX Plug-in) - http://ak.imgag.com/imgag/cp/install/AxCtp2.cab
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab
O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\Firewall\cmdagent.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
--
End of file - 7061 bytes
thank you |
|
| |
This post has: 0 recommendations
|
| Back to top |
|
|
Clark76
Spyware Fighter
Joined: 28 Feb 2006
Posts: 904
Points: 164
Location: Cleveland, Ohio
|
| Posted: Thu 05/01/2008 9:03pm [Post #8] |
|
|
|
|
| |
This post has: 0 recommendations
|
| Back to top |
|
|
Clark76
Spyware Fighter
Joined: 28 Feb 2006
Posts: 904
Points: 164
Location: Cleveland, Ohio
|
| Posted: Thu 05/01/2008 9:16pm [Post #9] |
|
|
Question and answer time
| Quote: | | i wasn't asking for help on 04 entries in perticular(spelling?) i was meaning a guide to hjt this in general so i could mabye learn to do this myself, but i was being lazy and i suppose i should just google it (sometimes i don't think......... it hurts). |
There are a few good schools online that you can sign up with to learn how to read a HJT log. See this link:
http://www.help2go.com/component/option,com_forum/Itemi d,33/page,viewtopic/p,131210/#131210
| Quote: | | windows automatic update has been trying to install 3 critical updates for a few weeks now with no luck, i went to the ms web page to do it manually and at first it downloaded and then failed to install and now it won't download at all, although automatic update is trying again as i type |
I am not sure what is wrong with the updates but I would suggest posting in the Computer Help forum and perhaps one of the techs there might have a suggestion.
| Quote: | superantispyware, and java Laughing were asking for updates just after i downloaded and installed them, comodo and deamontools were asking for at the same time and it seemed a little strange,
when i opened superantispyware and manually clicked update it said i was up to date but the little window in the bottom right was still popping up asking for an update, but my brain is working right now and i see that it was asking for a program update and i was checking for a virus defenition update (does this make sense???? i'm tired i work to hard!!) |
It appears you answered your own question
| Quote: | and theres more...
you said "I see you have Absolute Poker, PokerStars, CDPoker, PartyPoker.com, and Ladbrokes Poker installed.
If you didn't install it with intension to play with, I suggest you uninstall them, because in most cases, these programs are supported by malware, getting installed without asking for it and also lead you to sites where malware is lurking.
If you do play them, then leave it alone. "
i do play them but i am concerned about what sort of malware you think i may be getting should i be worried? i have never been redirected to any web page (or infact went to any web page via a poker site) if this is what you meant. |
I found nothing wrong with any of those programs you have but I always like to give a word of caution when I see them. There are some out there that are bundle with malware 
| Quote: | | just another thing what is a global hook and should i be concerned that every program i open comodo informs my that it is trying to install global hook.nview.dll and if i block the alert the program works fine. |
nview.dll belongs to NVIDIA which you have on your computer
http://www.processlibrary.com/directory/files/nview.dll /
It should be fine to allow it to install. If you would like, ask the opinions of the others in the Computer Help forum and see if any of them have gotten this alert.
_________________
Proud Member of ASAP
Proud Member of UNITE |
|
| |
This post has: 2 recommendations
|
| Back to top |
|
|
deeprty
Member
Joined: 30 Apr 2008
Posts: 5
Points: 0
|
| Posted: Mon 05/05/2008 3:36pm [Post #10] |
|
|
ok cheers for all your help,
will check those links out as soon as i can be bothered
|
|
| |
This post has: 0 recommendations
|
| Back to top |
|
|
Clark76
Spyware Fighter
Joined: 28 Feb 2006
Posts: 904
Points: 164
Location: Cleveland, Ohio
|
| Posted: Mon 05/05/2008 5:37pm [Post #11] |
|
|
From the Help2Go team - Your are Welcome and Happy Surfing 
Since this issue appears resolved ... this Topic is closed.
If you need this topic reopened, please request this by sending a moderator a PM with the address of the thread. This applies only to the original topic starter.
Everyone else please begin a New Topic.
_________________
Proud Member of ASAP
Proud Member of UNITE |
|
| |
This post has: 0 recommendations
|
| Back to top |
|
|
|
