Oh my god what has happened here?!!? (Resolved)

  1. 14-07-2004  #31
    varygoode
    varygoode is offline Elite Member

    Talking Re: Oh my god what has happened here?!!?

    well, good news from this end! i called up the guy who made my computer and he had a certificate of authenticity with a product key and i used that and was able to change my product key to a valid one. sooooo i went to windows update and downloaded all critical updates and bingo bango i have regained all Fast User Switching Functionality. it is oh so wonderful. and owen, here's a present:

    Logfile of HijackThis v1.98.0
    Scan saved at 9:30:09 PM, on 7/13/2004
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\brsvc01a.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\System32\brss01a.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\BRMFRSMG.EXE
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\System32\ctfmon.exe
    C:\WINDOWS\System32\sistray.EXE
    C:\WINDOWS\System32\keyhook.exe
    D:\Program Files\Scansoft\PaperPort\SmartUI\SmartUI.exe
    D:\Program Files\AIM\aim.exe
    C:\WINDOWS\System32\wisptis.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    D:\Program Files\Hijack This\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://baseball.fantasysports.yahoo.com/b1
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = http://localhost;
    F0 - system.ini: Shell=
    F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O4 - HKLM\..\Run: [SiS Tray] C:\WINDOWS\System32\sistray.EXE
    O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\System32\keyhook.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
    O4 - Global Startup: SmartUI.lnk = ?
    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - D:\Program Files\AIM\aim.exe
    O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - D:\PROGRA~1\YAHOO!\MESSEN~1\YPAGER.EXE
    O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - D:\PROGRA~1\YAHOO!\MESSEN~1\YPAGER.EXE
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O12 - Plugin for .mp3: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin4.dll
    O12 - Plugin for .mpeg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll
    O12 - Plugin for .mpg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll
    O12 - Plugin for .wav: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin.dll
    O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yaho.../yinst0401.cab
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2...ll/xscan53.cab
    O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} - http://www.nick.com/common/groove/gx/GrooveAX27.cab
    O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} (Yahoo! Toolbar) - http://us.dl1.yimg.com/download.comp...io5_3_16_0.cab
    O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by99fd.bay99.hotmail.msn.com/...x/HMAtchmt.ocx

  2. 14-07-2004  #32
    owen
    owen is offline D-A-L Team Member (UK)
    Well done, we finally got there. Just when things were looking bleak.

    Nice to see that SP1 is installed, be prepared though, because SP2 will be coming out soon, hopefully sometime in September.

    You now need an Antivirus Program, Firewall and Spyware Protection. Please click the Hijack This Logs post at the top of the forum and read the Preventing It Returning section. I recommend you download AVG, Sygate, SpywareBlaster, Spybot Search And Destroy and Ad-aware. Links can be found to all in the Hijack This Logs post

    (P.S. I don't want to see you again for a while )
  3. 14-07-2004  #33
    varygoode
    varygoode is offline Elite Member
    ok, well, hopefully you won't. here's the thing: i have ad-aware and spybot s&d, i use them often. i'm not putting that firewall on because that's what made me lose my fast user switching functionality. unless of course there is some sort of tutorial or help system or something that can tell me what all the things mean. and i shall get AVG as well as SpywareGuard cause they seem reliable and easy to use. so let me know about that sygate stuff (via e-mail would be loads easier) (varygoode@hotmail.com) as soon as you can .
  4. 14-07-2004  #34
    varygoode
    varygoode is offline Elite Member
    don't put replying to this at the top of your priority list, but i downloaded AVG and i can't install it. i went to the FAQ section but it helped none. i got everything else you said (save Sygate) installed and ready to rumble though. and i don't know if this matters, but i already use TrendMicro HouseCall for virus scanning.
  5. 15-07-2004  #35
    owen
    owen is offline D-A-L Team Member (UK)
    Save 20% on AVG Internet Security 2012 Suite!
    I don't do replys via email, I stick to the forums to ensure that it can help others in future.

    Fair enough you may scan with Housecall, but Housecall can't prevent them accessing your system. What problems are you having with the install? AVG uses a Winzip self extractor that then launches the installation. If the install doesn't work right, then another option is to use an alternative freeware virus scanner called Avast. It is just as good.

    I strongly suggest you do install Sygate. Installing every other piece of protection software and then leaving your doors open to hackers is foolish. The firewall didn't make you lose your fast user switching. There are thousands, if not millions of users of Sygate and they all have fast user switching. You lost your fast user switching because the spyware has affected your system and you needed the Windows XP SP1.

    I'll explain what a firewall does, and hopefully this will encourage you to install it. Without a firewall, software applications such as spyware could be monitoring your computer and sending passwords, credit card details, etc, to there master, you could lose any data you have on your PC, having open ports with no firewall protection leaves you vulnerable to backdoors and trojans which will install on your computer and open up a backdoor in for hackers which can allow them to install software, delete files, etc and your PC could also be taking part in Denial Of Service Attacks against security websites (which are bogus requests from thousands of infected PCs trying to bring a website down) without your slightest bit of knowledge.

    I hope this encourages you to install Sygate and I hope you can see the risk you are at without it.
+ Reply to Thread
Page 4 of 4 FirstFirst 1 2 3 4
« about a blank | hijack this log! help! »