Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

monitor turning black, BIOS update incorrect message, taskmanager has


  • This topic is locked This topic is locked

#1
convergecult

convergecult

    Member

  • Member
  • PipPip
  • 48 posts
hello guys.:)

this started last monday, i was viewing football clips on youtube when my monitor suddenly turned black. nothing is shown. so i restarted the pc and it started up fortunately. this happened for 3 times last monday. i suspect that something is not right with my pc so i decided to do the tasks you have written before starting a new topic, from the ATF cleaner, to Malwarebyte's. malwarebyte's found at least 160 problems from my pc haha.:) i did all of that. then everything went smoothly, my pc didn't show the same problem. until this morning.

my dad used the computer and all of a sudden, the monitor went black again. no picture was shown. but the cpu and monitor's light were on. i tried restarting the pc (as what i did last monday), but it wont turn on!:) i checked all the connections of the monitor (cause i thought it might be some loose connection) but there isn't. i also checked the fan of the cpu but it is working fine. the cpu's light is on but it doesn't start on the screen where the cpu checks the memories (with the flashing numbers, if you can understand me, sorry), after a long time of restarting and restarting, the cpu worked, but there is a message that is shown on the screen before the windows xp logo is shown, BIOS UPDATE INCORRECT. so, i started the pc from the recent settings that worked (i used system restore). i used chkdsk to correct any problem. then because of curiosity, i restarted the computer (in the right manner not pushing the button in the cpu), to see if the message will still be there. unfortunately, it is still there.:)

i'm afraid of turning off my pc after that cause i think it will not start anymore!:)

here is the malwarebytes log (this log was from monday, where it found a number of infections, i scanned my computer this morning with this and it found nothing wrong, so i used this log instead, for i think you might find this more useful):

Malwarebytes' Anti-Malware 1.36
Database version: 2072
Windows 5.1.2600 Service Pack 2

5/4/2009 8:44:49 PM
mbam-log-2009-05-04 (20-44-49).txt

Scan type: Quick Scan
Objects scanned: 84486
Time elapsed: 23 minute(s), 22 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 3
Registry Values Infected: 2
Registry Data Items Infected: 1
Folders Infected: 5
Files Infected: 150

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\CLSID\{1dbd6574-d6d0-4782-94c3-69619e719765} (Spyware.OnlineGames) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\RegTool (Rogue.RegTool) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\RegTool (Rogue.RegTool) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{1dbd6574-d6d0-4782-94c3-69619e719765} (Spyware.OnlineGames) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\ForceClassicControlPanel (Hijack.ControlPanelStyle) -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSMHelp (Hijack.Help) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
C:\Documents and Settings\Administrator\Application Data\RegTool (Rogue.RegTool) -> Delete on reboot.
C:\Documents and Settings\Administrator\Application Data\RegTool\Logs (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290 (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Program Files\RegTool (Rogue.RegTool) -> Quarantined and deleted successfully.

Files Infected:
C:\Documents and Settings\Administrator\Application Data\RegTool\Logs\2009-03-05 13-13-170.log (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\Logs\2009-03-07 11-39-410.log (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\Logs\2009-03-07 11-58-000.log (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\Logs\2009-03-07 12-00-130.log (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\Logs\2009-03-07 12-00-270.log (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\Logs\2009-03-11 14-45-250.log (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\Logs\2009-03-14 19-30-320.log (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\Logs\2009-03-29 12-26-510.log (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\Logs\2009-04-01 07-37-300.log (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\Logs\2009-04-01 07-42-350.log (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\Logs\2009-04-01 14-05-480.log (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\Logs\2009-04-03 12-02-120.log (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\Logs\2009-04-03 12-02-480.log (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\filelist.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-0.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-1.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-10.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-100.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-101.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-102.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-103.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-104.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-105.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-106.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-107.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-108.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-109.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-11.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-110.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-111.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-112.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-113.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-114.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-115.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-116.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-117.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-118.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-119.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-12.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-120.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-121.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-122.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-123.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-124.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-125.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-126.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-127.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-128.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-129.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-13.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-130.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-131.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-132.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-133.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-14.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-15.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-16.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-17.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-18.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-19.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-2.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-20.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-21.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-22.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-23.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-24.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-25.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-26.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-27.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-28.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-29.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-3.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-30.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-31.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-32.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-33.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-34.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-35.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-36.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-37.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-38.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-39.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-4.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-40.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-41.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-42.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-43.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-44.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-45.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-46.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-47.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-48.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-49.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-5.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-50.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-51.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-52.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-53.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-54.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-55.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-56.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-57.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-58.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-59.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-6.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-60.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-61.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-62.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-63.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-64.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-65.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-66.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-67.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-68.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-69.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-7.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-70.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-71.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-72.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-73.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-74.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-75.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-76.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-77.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-78.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-79.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-8.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-80.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-81.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-82.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-83.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-84.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-85.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-86.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-87.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-88.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-89.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-9.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-90.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-91.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-92.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-93.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-94.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-95.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-96.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-97.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-98.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\QuarantineW\2009-03-05 13-46-290\regb-99.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\RegTool\resultsw.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\WINDOWS\Tasks\RegTool Scan.job (Rogue.RegTool) -> Quarantined and deleted successfully.


here is the OTLIST:

OTListIt logfile created on: 5/7/2009 4:33:13 PM - Run 2
OTListIt2 by OldTimer - Version 2.0.15.3 Folder = C:\Documents and Settings\Administrator\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

127.54 Mb Total Physical Memory | 23.07 Mb Available Physical Memory | 18.09% Memory free
494.48 Mb Paging File | 206.00 Mb Available in Paging File | 41.66% Paging File free
Paging file location(s): C:\pagefile.sys 192 384 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 6.00 Gb Total Space | 2.29 Gb Free Space | 38.15% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: RONNIE
Current User Name: Administrator
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On

========== Processes (SafeList) ==========

PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
PRC - C:\Program Files\AVG\AVG8\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
PRC - C:\Program Files\AVG\AVG8\avgemc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG8\avgrsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG8\avgnsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG8\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe (Yahoo! Inc.)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Documents and Settings\Administrator\Desktop\OTListIt2.exe (OldTimer Tools)

========== Win32 Services (SafeList) ==========

SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)
SRV - (avg8emc [Auto | Running]) -- C:\Program Files\AVG\AVG8\avgemc.exe (AVG Technologies CZ, s.r.o.)
SRV - (avg8wd [Auto | Running]) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (UMWdf [On_Demand | Stopped]) -- C:\WINDOWS\system32\wdfmgr.exe (Microsoft Corporation)
SRV - (YahooAUService [Auto | Running]) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)

========== Driver Services (SafeList) ==========

DRV - (AvgLdx86 [System | Running]) -- C:\WINDOWS\System32\Drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgMfx86 [System | Running]) -- C:\WINDOWS\System32\Drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgTdiX [System | Running]) -- C:\WINDOWS\System32\Drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (ess [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\ess.sys (ESS Technology, Inc.)
DRV - (gameenum [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\gameenum.sys (Microsoft Corporation)
DRV - (NtApm [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\NtApm.sys (Microsoft Corporation)
DRV - (nv [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\nv4_mini.sys (NVIDIA Corporation)
DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (rtl8139 [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\RTL8139.SYS (Realtek Semiconductor Corporation)
DRV - (Secdrv [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (USR1806 [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\USR1806.SYS (U.S. Robotics, Inc.)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie_rsearch.html

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\AV, = http://www.altavista...search/web?q=%s
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\FM, = http://www.filemirro...rch.src?file=%s
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\MSKB, = http://support.microsoft.com/?kbid=%s
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\MSN, = http://search.msn.com/results.asp?q=%s
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/"
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:8.5
FF - prefs.js..extensions.enabledItems: {1d5287d1-8a92-0001-1f31-1cec198018d8}:2.1.0.7
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.10


FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\PROGRAM FILES\AVG\AVG8\FIREFOX [2009/05/04 11:27:42 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{1d5287d1-8a92-0001-1f31-1cec198018d8}: C:\PROGRAM FILES\AVG\AVG8\TOOLBARFF [2009/05/04 11:27:42 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [2009/04/29 12:30:03 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [2009/04/29 12:30:03 | 00,000,000 | ---D | M]

[2008/12/26 21:47:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\mozilla\Extensions
[2008/12/26 21:47:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/05/07 01:55:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\mozilla\Firefox\Profiles\qjw13oyk.default\extensions
[2009/05/06 15:23:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\mozilla\Firefox\Profiles\qjw13oyk.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2008/12/26 21:46:02 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/04/29 12:30:03 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/04/29 12:29:40 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/04/29 12:29:40 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009/04/02 23:07:00 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2009/04/02 23:07:00 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2009/04/02 23:07:01 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2009/04/02 23:07:01 | 00,002,343 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2009/04/02 23:07:03 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/04/02 23:07:04 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2009/04/02 23:07:04 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml

O1 HOSTS File: (734 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Security Toolbar) - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Program Files\AVG\AVG8\avgtoolbar.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Program Files\AVG\AVG8\avgtoolbar.dll (AVG Technologies CZ, s.r.o.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Program Files\AVG\AVG8\avgtoolbar.dll (AVG Technologies CZ, s.r.o.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Program Files\AVG\AVG8\avgtoolbar.dll (AVG Technologies CZ, s.r.o.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKCU..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet (Yahoo! Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRemoteRecursiveEvents = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: MemCheckBoxInRunDlg = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableCAD = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoInternetOpenWith = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Main present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSharedDocuments = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClearRecentDocsOnExit = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsMenu = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsHistory = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInstrumentation = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableCAD = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data]
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000 (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.ma...ash/swflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\system32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/10/13 14:10:42 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2008/10/26 21:39:49 | 00,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found

========== Files/Folders - Created Within 30 Days ==========

[3 C:\WINDOWS\*.tmp files]
[2009/05/05 13:13:27 | 00,011,201 | ---- | C] () -- C:\DOCUME~1\ADMINI~1\Desktop\[PSP]Tenchu 4 Shadow Assasins [EUR][ESPALPSP.com].rar [mininova].torrent
[2009/05/04 21:06:39 | 00,501,248 | ---- | C] (OldTimer Tools) -- C:\DOCUME~1\ADMINI~1\Desktop\OTListIt2.exe
[2009/05/04 21:02:56 | 00,000,000 | ---D | C] -- C:\Rooter$
[2009/05/04 21:01:20 | 00,267,612 | ---- | C] () -- C:\DOCUME~1\ADMINI~1\Desktop\Rooter.exe
[2009/05/04 20:49:03 | 00,000,000 | ---D | C] -- C:\Avenger
[2009/05/04 19:49:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Malwarebytes
[2009/05/04 19:49:12 | 00,000,696 | ---- | C] () -- C:\DOCUME~1\ALLUSE~1\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/05/04 19:48:55 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/05/04 19:48:44 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/05/04 19:48:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/05/04 19:48:41 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/05/04 19:46:02 | 02,967,800 | ---- | C] (Malwarebytes Corporation ) -- C:\DOCUME~1\ADMINI~1\Desktop\mbam-setup.exe
[2009/05/04 16:25:10 | 00,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2009/04/24 00:41:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\vlc
[2009/04/24 00:37:31 | 00,000,719 | ---- | C] () -- C:\DOCUME~1\ALLUSE~1\Desktop\VLC media player.lnk
[2009/04/24 00:35:48 | 00,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2009/04/16 14:33:13 | 00,086,272 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\DOCUME~1\ADMINI~1\Desktop\avg8fupg.exe
[2009/04/07 17:40:51 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbccgp.sys
[2008/10/18 01:30:11 | 00,000,106 | ---- | C] () -- C:\WINDOWS\System32\upxshell.ini
[2008/10/13 15:25:46 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/12/01 06:26:21 | 00,000,114 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2005/11/22 00:49:22 | 00,394,240 | ---- | C] () -- C:\WINDOWS\System32\HMTCD.dll
[2004/08/03 18:26:44 | 00,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2001/08/23 10:00:00 | 00,061,440 | ---- | C] () -- C:\WINDOWS\System32\CopyToSendTo.dll
[2001/08/23 10:00:00 | 00,000,486 | ---- | C] () -- C:\WINDOWS\win.ini
[2001/08/23 10:00:00 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini

========== Files - Modified Within 30 Days ==========

[1 C:\WINDOWS\System32\*.tmp files]
[3 C:\WINDOWS\*.tmp files]
[2009/05/07 13:27:55 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/05/07 13:27:17 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\Administrator\Local Settings\desktop.ini
[2009/05/07 13:27:01 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/05/07 10:19:54 | 00,051,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2009/05/07 10:19:49 | 35,862,722 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2009/05/06 15:10:42 | 00,000,812 | ---- | M] () -- C:\DOCUME~1\ALLUSE~1\Desktop\Yahoo! Messenger.lnk
[2009/05/05 13:13:29 | 00,011,201 | ---- | M] () -- C:\DOCUME~1\ADMINI~1\Desktop\[PSP]Tenchu 4 Shadow Assasins [EUR][ESPALPSP.com].rar [mininova].torrent
[2009/05/04 21:06:46 | 00,501,248 | ---- | M] (OldTimer Tools) -- C:\DOCUME~1\ADMINI~1\Desktop\OTListIt2.exe
[2009/05/04 21:01:21 | 00,267,612 | ---- | M] () -- C:\DOCUME~1\ADMINI~1\Desktop\Rooter.exe
[2009/05/04 19:49:12 | 00,000,696 | ---- | M] () -- C:\DOCUME~1\ALLUSE~1\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/05/04 19:47:13 | 02,967,800 | ---- | M] (Malwarebytes Corporation ) -- C:\DOCUME~1\ADMINI~1\Desktop\mbam-setup.exe
[2009/05/04 10:54:55 | 00,011,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2009/05/04 10:54:52 | 00,325,896 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2009/05/04 10:54:52 | 00,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2009/05/04 10:54:10 | 00,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2009/05/03 12:09:50 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/04/24 00:37:31 | 00,000,719 | ---- | M] () -- C:\DOCUME~1\ALLUSE~1\Desktop\VLC media player.lnk
[2009/04/18 16:10:15 | 00,434,673 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg
[2009/04/16 14:33:17 | 00,086,272 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\DOCUME~1\ADMINI~1\Desktop\avg8fupg.exe
< End of report >


the EXTRAS:

OTListIt Extras logfile created on: 5/4/2009 9:40:13 PM - Run 1
OTListIt2 by OldTimer - Version 2.0.15.3 Folder = C:\Documents and Settings\Administrator\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

127.54 Mb Total Physical Memory | 71.60 Mb Available Physical Memory | 56.14% Memory free
307.43 Mb Paging File | 97.84 Mb Available in Paging File | 31.82% Paging File free
Paging file location(s): C:\pagefile.sys 192 384 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 6.00 Gb Total Space | 2.23 Gb Free Space | 37.12% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: RONNIE
Current User Name: Administrator
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.ini [@ = inifile] -- C:\WINDOWS\system32\NOTEPAD2.EXE ()
.txt [@ = txtfile] -- C:\WINDOWS\system32\NOTEPAD2.EXE ()

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
"DisableUnicastResponsesToMulticastBroadcast" = 0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
"DisableUnicastResponsesToMulticastBroadcast" = 0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger (Yahoo! Inc.)
C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe (AVG Technologies CZ, s.r.o.)
C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe (AVG Technologies CZ, s.r.o.)
C:\Program Files\Internet Explorer\IEXPLORE.EXE:*:Enabled:Internet Explorer (Microsoft Corporation)
C:\Program Files\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver (www.sopcast.com)
C:\WINDOWS\system32\ftp.exe:*:Disabled:File Transfer Program (Microsoft Corporation)
C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent (BitTorrent, Inc.)
C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox (Mozilla Corporation)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{3248F0A8-6813-11D6-A77B-00B0D0150050}" = J2SE Runtime Environment 5.0 Update 5
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{90280409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional with FrontPage
"{AC76BA86-7AD7-1033-7B44-A70500000002}" = Adobe Reader 7.0.5
"{F3BBB9B0-7EF7-49B2-ACC1-4A0829C20628}" = iLike Sidebar
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Attribute Changer" = Attribute Changer 5.23
"AVG8Uninstall" = AVG 8.5
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"Mozilla Firefox (3.0.10)" = Mozilla Firefox (3.0.10)
"RegShot" = RegShot 1.7
"SopCast" = SopCast 3.0.3
"VLC media player" = VLC media player 0.9.9
"WinRAR archiver" = WinRAR archiver
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"uTorrent" = µTorrent

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 3/4/2009 3:34:26 PM | Computer Name = RONNIE | Source = Microsoft Office 10 | ID = 2001
Description = Rejected Safe Mode action : Microsoft Word.

Error - 3/29/2009 7:18:36 PM | Computer Name = RONNIE | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 6.0.2900.2180, faulting
module mshtml.dll, version 6.0.2900.2769, fault address 0x000e4f26.

Error - 4/23/2009 11:27:20 PM | Computer Name = RONNIE | Source = Application Error | ID = 1000
Description = Faulting application yahoom~1.exe, version 9.0.0.1912, faulting module
flash10a.ocx, version 10.0.12.36, fault address 0x001b7595.

Error - 4/30/2009 3:32:45 PM | Computer Name = RONNIE | Source = Microsoft Office 10 | ID = 2001
Description = Rejected Safe Mode action : Microsoft PowerPoint.

[ System Events ]
Error - 2/4/2009 9:42:03 PM | Computer Name = RONNIE | Source = Service Control Manager | ID = 7000
Description = The AVG Free8 E-mail Scanner service failed to start due to the following
error: %%1053

Error - 2/5/2009 1:10:56 AM | Computer Name = RONNIE | Source = Windows Update Agent | ID = 16
Description = Unable to Connect: Windows is unable to connect to the automatic updates
service and therefore cannot download and install updates according to the set
schedule. Windows will continue to try to establish a connection.

Error - 2/5/2009 9:50:19 PM | Computer Name = RONNIE | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the AVG Free8 E-mail Scanner
service to connect.

Error - 2/5/2009 9:50:19 PM | Computer Name = RONNIE | Source = Service Control Manager | ID = 7000
Description = The AVG Free8 E-mail Scanner service failed to start due to the following
error: %%1053

Error - 2/7/2009 10:28:27 PM | Computer Name = RONNIE | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the AVG Free8 E-mail Scanner
service to connect.

Error - 2/7/2009 10:28:27 PM | Computer Name = RONNIE | Source = Service Control Manager | ID = 7000
Description = The AVG Free8 E-mail Scanner service failed to start due to the following
error: %%1053

Error - 2/7/2009 10:28:40 PM | Computer Name = RONNIE | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the IMAPI CD-Burning COM
Service service to connect.

Error - 2/7/2009 10:28:40 PM | Computer Name = RONNIE | Source = Service Control Manager | ID = 7000
Description = The IMAPI CD-Burning COM Service service failed to start due to the
following error: %%1053

Error - 2/9/2009 1:16:23 PM | Computer Name = RONNIE | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the AVG Free8 E-mail Scanner
service to connect.

Error - 2/9/2009 1:16:23 PM | Computer Name = RONNIE | Source = Service Control Manager | ID = 7000
Description = The AVG Free8 E-mail Scanner service failed to start due to the following
error: %%1053


< End of report >


here is the ROOTER:

Microsoft Windows XP Professional (5.1.2600) Service Pack 2

A:\ [Removable] (Total:0 Mo/Free:0 Mo)
C:\ [Fixed] - NTFS - (Total:6142 Mo/Free:1898 Mo)
D:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)

Thu 05/07/2009|16:16

----------------------\\ Processes..

--Locked-- [System Process]
---------- System
---------- \SystemRoot\System32\smss.exe
---------- \??\C:\WINDOWS\system32\csrss.exe
---------- \??\C:\WINDOWS\system32\winlogon.exe
---------- C:\WINDOWS\system32\services.exe
---------- C:\WINDOWS\system32\lsass.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\system32\spoolsv.exe
---------- C:\WINDOWS\Explorer.EXE
---------- C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
---------- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
---------- C:\PROGRA~1\AVG\AVG8\avgemc.exe
---------- C:\PROGRA~1\AVG\AVG8\avgrsx.exe
---------- C:\PROGRA~1\AVG\AVG8\avgnsx.exe
---------- C:\Program Files\AVG\AVG8\avgcsrvx.exe
---------- C:\PROGRA~1\AVG\AVG8\avgtray.exe
---------- C:\WINDOWS\System32\alg.exe
---------- C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
---------- C:\WINDOWS\system32\cmd.exe
---------- C:\Rooter$\RK.exe

----------------------\\ Search..

----------------------\\ ROOTKIT !!



1 - "C:\Rooter$\Rooter_1.txt" - Mon 05/04/2009|21:05
2 - "C:\Rooter$\Rooter_2.txt" - Thu 05/07/2009|16:17


thank you guys! sorry for the too detailed story of my pc problem haha.:)

another problem which just started yesterday.:) Task manager has no tabs at the top. when i push ctrl+alt+del, the task manager pops up and I can view the applications that are running, but there are no tabs so I cannot view the processes and the other options. Also, I cannot close it because along with the tabs, the minimize and close buttons are missing. i just right click the icon at the taskbar just to close it.

Edited by convergecult, 11 May 2009 - 12:07 AM.

  • 0

Advertisements


#2
handhfan

handhfan

    Trusted Helper

  • Expert
  • 13,659 posts
Hello, convergecult, and welcome to GeeksToGo! Sorry for the delay, the forums have been pretty busy.

another problem which just started yesterday.sad.gif Task manager has no tabs at the top. when i push ctrl+alt+del, the task manager pops up and I can view the applications that are running, but there are no tabs so I cannot view the processes and the other options. Also, I cannot close it because along with the tabs, the minimize and close buttons are missing. i just right click the icon at the taskbar just to close it.


Double-click on the borders, the menus and tabs should come back. :)

Not seeing much malicious in your logs, let's do a full virus scan.

Posted Image Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version of Java components and upgrade the application. Beware it is NOT supported for use in 9x or ME and probably will not install in those systems

Upgrading Java:
  • Download the latest version of Java SE Runtime Environment (JRE)JRE 6 Update 13.
  • Click the "Download" button to the right.
  • Select your Platform and check the box that says: "I agree to the Java SE Runtime Environment 6 License Agreement.".
  • Click on Continue.
  • Click on the link to download Windows Offline Installation (jre-6u13-windows-i586-p.exe) and save it to your desktop. Do NOT use the Sun Download Manager..
  • Close any programs you may have running - especially your web browser.
  • Go to Start > Control Panel, double-click on Add/Remove programs and remove all older versions of Java.
  • Check any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove each Java version.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on the download to install the newest version.(Vista users, right click on the jre-6u13-windows-i586-p.exe and select "Run as an Administrator.")

Please go to Start > Control Panel > Add/Remove Programs and remove the following (if present):

J2SE Runtime Environment 5.0 Update 5

Please do an online scan with Kaspersky WebScanner

  • Read through the requirements and privacy statement and click on Accept button.
  • It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
  • When the downloads have finished, click on Settings.
  • Make sure the following is checked.
    • Spyware, Adware, Dialers, and other potentially dangerous programs
      Archives
      Mail databases
  • Click on My Computer under Scan.
  • Once the scan is complete, it will display the results. Click on View Scan Report.
  • You will see a list of infected items there. Click on Save Report As....
  • Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button.
  • Please post this log in your next reply.

  • 0

#3
handhfan

handhfan

    Trusted Helper

  • Expert
  • 13,659 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP