Landesher

:shock: :shock: :shock: :shock: :shock: :shock: unless you are 1) Vincent Van Goghs re-incarnation 2) Picasso's great great great grandaughter/son 3) A proffesional artist 4) Blind i suggest rethinkin 6/10...lets see some of your work? http://www.conceptart.com

They're pretty much ok. Nothing unseen or "unbelievable" though. Seen alot better. Veeeery sketchy & undetailed. Moderate brushing. 6/10.

512 ram And, i think it has all the scans on at all times, yes.. //EDIT I also have a worse fps then most of the other players on helbreath (which is a game that has 256 ram and no video card recommended[no need for video card]). When i ask about their computers it comes out that I have a better computer then most of them..

BUMP Could anyone at least tell me if the problem of lagging is ecause there's trash in my computer or is the cause of all this somewhere else?

Umm, I'm not sure, but I don't think so :/. Ares is a P2P program.

Ok I sent a picture file to a friend and he said he got a worm with it. I found it rather impossible but just in case it's not - here's the log. Oh, and WoW has started to run slowly lately. Actually everything is kind of slower, although i have 114 GB of space left Logfile of HijackThis v1.99.1 Scan saved at 21:53:20, on 24.01.2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: I:\WINDOWS\System32\smss[Caution: ExecutableFile] I:\WINDOWS\system32\winlogon[Caution: ExecutableFile] I:\WINDOWS\system32\services[Caution: ExecutableFile] I:\WINDOWS\system32\lsass[Caution: ExecutableFile] I:\WINDOWS\system32\svchost[Caution: ExecutableFile] I:\WINDOWS\System32\svchost[Caution: ExecutableFile] I:\WINDOWS\system32\spoolsv[Caution: ExecutableFile] I:\WINDOWS\Explorer[Caution: ExecutableFile] I:\Program Files\Analog Devices\SoundMAX\SMax4PNP[Caution: ExecutableFile] I:\Program Files\Analog Devices\SoundMAX\Smax4[Caution: ExecutableFile] I:\PROGRA~1\ALWILS~1\Avast4\ashDisp[Caution: ExecutableFile] I:\Program Files\SlySoft\AnyDVD\AnyDVD[Caution: ExecutableFile] I:\Program Files\CyberLink\PowerCinema\PCMService[Caution: ExecutableFile] I:\Program Files\Java\jre1.5.0_06\bin\jusched[Caution: ExecutableFile] I:\WINDOWS\system32\RUNDLL32[Caution: ExecutableFile] I:\Program Files\iTunes\iTunesHelper[Caution: ExecutableFile] I:\Program Files\QuickTime\qttask[Caution: ExecutableFile] I:\Program Files\Real\RealPlayer\RealPlay[Caution: ExecutableFile] I:\Program Files\Common Files\Logitech\QCDriver\LVCOMS[Caution: ExecutableFile] I:\Program Files\Messenger\msmsgs[Caution: ExecutableFile] I:\Program Files\MSN Messenger\MsnMsgr[Caution: ExecutableFile] I:\Program Files\Alwil Software\Avast4\aswUpdSv[Caution: ExecutableFile] I:\Program Files\Alwil Software\Avast4\ashServ[Caution: ExecutableFile] I:\WINDOWS\system32\nvsvc32[Caution: ExecutableFile] I:\Program Files\Analog Devices\SoundMAX\SMAgent[Caution: ExecutableFile] I:\WINDOWS\system32\svchost[Caution: ExecutableFile] I:\Program Files\iPod\bin\iPodService[Caution: ExecutableFile] I:\Program Files\Alwil Software\Avast4\ashMaiSv[Caution: ExecutableFile] I:\Program Files\Alwil Software\Avast4\ashWebSv[Caution: ExecutableFile] I:\WINDOWS\system32\wisptis[Caution: ExecutableFile] I:\MÃÆÃâÃâängud\World of Warcraft\Launcher[Caution: ExecutableFile] I:\Documents and Settings\Herki\Desktop\HijackThis[Caution: ExecutableFile] R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.delfi.ee/ O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - I:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - I:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O4 - HKLM\..\Run: [soundMAXPnP] I:\Program Files\Analog Devices\SoundMAX\SMax4PNP[Caution: ExecutableFile] O4 - HKLM\..\Run: [soundMAX] "I:\Program Files\Analog Devices\SoundMAX\Smax4[Caution: ExecutableFile]" /tray O4 - HKLM\..\Run: [avast!] I:\PROGRA~1\ALWILS~1\Avast4\ashDisp[Caution: ExecutableFile] O4 - HKLM\..\Run: [AnyDVD] "I:\Program Files\SlySoft\AnyDVD\AnyDVD[Caution: ExecutableFile]" O4 - HKLM\..\Run: [NeroFilterCheck] I:\WINDOWS\system32\NeroCheck[Caution: ExecutableFile] O4 - HKLM\..\Run: [PCMService] "I:\Program Files\CyberLink\PowerCinema\PCMService[Caution: ExecutableFile]" O4 - HKLM\..\Run: [sunJavaUpdateSched] I:\Program Files\Java\jre1.5.0_06\bin\jusched[Caution: ExecutableFile] O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32[Caution: ExecutableFile] I:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz[Caution: ExecutableFile] /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32[Caution: ExecutableFile] I:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [iTunesHelper] "I:\Program Files\iTunes\iTunesHelper[Caution: ExecutableFile]" O4 - HKLM\..\Run: [QuickTime Task] "I:\Program Files\QuickTime\qttask[Caution: ExecutableFile]" -atboottime O4 - HKLM\..\Run: [RealTray] I:\Program Files\Real\RealPlayer\RealPlay[Caution: ExecutableFile] SYSTEMBOOTHIDEPLAYER O4 - HKLM\..\Run: [LVCOMS] I:\Program Files\Common Files\Logitech\QCDriver\LVCOMS[Caution: ExecutableFile] O4 - HKCU\..\Run: [MSMSGS] "I:\Program Files\Messenger\msmsgs[Caution: ExecutableFile]" /background O4 - HKCU\..\Run: [MsnMsgr] "I:\Program Files\MSN Messenger\MsnMsgr[Caution: ExecutableFile]" /background O4 - HKCU\..\Run: [ares] "I:\Program Files\Ares\Ares[Caution: ExecutableFile]" -h O4 - Global Startup: Adobe Gamma Loader.lnk = I:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader[Caution: ExecutableFile] O4 - Global Startup: Adobe Reader Speed Launch.lnk = I:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl[Caution: ExecutableFile] O4 - Global Startup: Microsoft Office.lnk = I:\Program Files\Microsoft Office\Office10\OSA[Caution: ExecutableFile] O8 - Extra context menu item: E&xport to Microsoft Excel - res://I:\PROGRA~1\MICROS~2\Office10\EXCEL[Caution: ExecutableFile]/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - I:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - I:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - I:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs[Caution: ExecutableFile] O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs[Caution: ExecutableFile] O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1134995091703 O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "I:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - I:\Program Files\Alwil Software\Avast4\aswUpdSv[Caution: ExecutableFile] O23 - Service: avast! Antivirus - Unknown owner - I:\Program Files\Alwil Software\Avast4\ashServ[Caution: ExecutableFile] O23 - Service: avast! Mail Scanner - Unknown owner - I:\Program Files\Alwil Software\Avast4\ashMaiSv[Caution: ExecutableFile]" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - I:\Program Files\Alwil Software\Avast4\ashWebSv[Caution: ExecutableFile]" /service (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - I:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT[Caution: ExecutableFile] O23 - Service: iPodService - Apple Computer, Inc. - I:\Program Files\iPod\bin\iPodService[Caution: ExecutableFile] O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - I:\WINDOWS\system32\nvsvc32[Caution: ExecutableFile] O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - I:\Program Files\Analog Devices\SoundMAX\SMAgent[Caution: ExecutableFile] Btw I noticed something called iPodService up there. I don't have an iPod or any software that it comes with, so should I delete that?

oh, + the screen doesn't fit here. the mouse and the text on startup goes about 5 cm's off screen ._. It's really annoying. Any help PLEASE?

bump :cry:

not yet it hasn't :/... seems to me it makes a bit more noise then usually, i ca n hear it with my headset on :S. Erm, and am having a new problem :P. I got a new monitor for christmas & after installing it... the contrast is 80/100 and i can't lower it, it looks ugly & it's too bright, feels bad to look at it for a long time. I think it might be because of the drivers. It told me to choose the model I have, it's 730 BF which had 2 choices: 730 bf analog & 730 bf digital. Now, i have no idea if i have analog or digital, but i choose digital. Don't know if that made any difference. In games, like helbreath, the screen keeps going slow every few seconds.. like, the screen can't catch my character or smth, the char runs out of center. Help please? :oops:

yes, the ie homepage is supposed to be http://www.delfi.ee. But.... since i had hjt in the temp folder - no backups made :(.

i fixed it ._. erm, guess that wasn't a smart thing to do :P Anyways, it wasn't too important, was it? And why the hell is it called like a spyware or smth... and, i opened hjt from the zip file so i could just save the log. and, i have no idea what motherboard i have :/ //EDIT I read your sig. Guess I'm 1 of those 99% of people.. :(

I got a new computer, and i dont really remember downloading anything suspicious. but today out of nowhere 70 e-mail tabs to my gmail address popped up & i found a process called SlowDownCPU :x I'd appreciate it if someone checked this log. ty. Logfile of HijackThis v1.99.1 Scan saved at 9:47:00, on 22.12.2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: I:\WINDOWS\System32\smss[Caution: ExecutableFile] I:\WINDOWS\system32\winlogon[Caution: ExecutableFile] I:\WINDOWS\system32\services[Caution: ExecutableFile] I:\WINDOWS\system32\lsass[Caution: ExecutableFile] I:\WINDOWS\system32\svchost[Caution: ExecutableFile] I:\WINDOWS\System32\svchost[Caution: ExecutableFile] I:\WINDOWS\system32\spoolsv[Caution: ExecutableFile] I:\WINDOWS\Explorer[Caution: ExecutableFile] I:\Program Files\Analog Devices\SoundMAX\SMax4PNP[Caution: ExecutableFile] I:\Program Files\Analog Devices\SoundMAX\Smax4[Caution: ExecutableFile] I:\PROGRA~1\ALWILS~1\Avast4\ashDisp[Caution: ExecutableFile] I:\Program Files\SlySoft\AnyDVD\AnyDVD[Caution: ExecutableFile] I:\Program Files\CyberLink\PowerCinema\PCMService[Caution: ExecutableFile] I:\Program Files\Java\jre1.5.0_06\bin\jusched[Caution: ExecutableFile] I:\WINDOWS\system32\RUNDLL32[Caution: ExecutableFile] I:\Program Files\Messenger\msmsgs[Caution: ExecutableFile] I:\Program Files\MSN Messenger\MsnMsgr[Caution: ExecutableFile] I:\Program Files\Ares\Ares[Caution: ExecutableFile] I:\Program Files\Alwil Software\Avast4\aswUpdSv[Caution: ExecutableFile] I:\Program Files\Alwil Software\Avast4\ashServ[Caution: ExecutableFile] I:\WINDOWS\system32\nvsvc32[Caution: ExecutableFile] I:\Program Files\Analog Devices\SoundMAX\SMAgent[Caution: ExecutableFile] I:\Program Files\Alwil Software\Avast4\ashMaiSv[Caution: ExecutableFile] I:\Program Files\Alwil Software\Avast4\ashWebSv[Caution: ExecutableFile] I:\Program Files\Mozilla Firefox\firefox[Caution: ExecutableFile] I:\Program Files\WinRAR\WinRAR[Caution: ExecutableFile] I:\DOCUME~1\Herki\LOCALS~1\Temp\Rar$EX00.172\HijackThis[Caution: ExecutableFile] R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.delfi.ee/ O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - I:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - I:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O4 - HKLM\..\Run: [slowDownCPU] I:\WINDOWS\INF\MSI\SlowDownCPU\SlowDownCPU[Caution: ExecutableFile] O4 - HKLM\..\Run: [soundMAXPnP] I:\Program Files\Analog Devices\SoundMAX\SMax4PNP[Caution: ExecutableFile] O4 - HKLM\..\Run: [soundMAX] "I:\Program Files\Analog Devices\SoundMAX\Smax4[Caution: ExecutableFile]" /tray O4 - HKLM\..\Run: [avast!] I:\PROGRA~1\ALWILS~1\Avast4\ashDisp[Caution: ExecutableFile] O4 - HKLM\..\Run: [AnyDVD] "I:\Program Files\SlySoft\AnyDVD\AnyDVD[Caution: ExecutableFile]" O4 - HKLM\..\Run: [NeroFilterCheck] I:\WINDOWS\system32\NeroCheck[Caution: ExecutableFile] O4 - HKLM\..\Run: [PCMService] "I:\Program Files\CyberLink\PowerCinema\PCMService[Caution: ExecutableFile]" O4 - HKLM\..\Run: [sunJavaUpdateSched] I:\Program Files\Java\jre1.5.0_06\bin\jusched[Caution: ExecutableFile] O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32[Caution: ExecutableFile] I:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz[Caution: ExecutableFile] /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32[Caution: ExecutableFile] I:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKCU\..\Run: [MSMSGS] "I:\Program Files\Messenger\msmsgs[Caution: ExecutableFile]" /background O4 - HKCU\..\Run: [MsnMsgr] "I:\Program Files\MSN Messenger\MsnMsgr[Caution: ExecutableFile]" /background O4 - HKCU\..\Run: [ares] "I:\Program Files\Ares\Ares[Caution: ExecutableFile]" -h O4 - Global Startup: Adobe Gamma Loader.lnk = I:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader[Caution: ExecutableFile] O4 - Global Startup: Adobe Reader Speed Launch.lnk = I:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl[Caution: ExecutableFile] O4 - Global Startup: Microsoft Office.lnk = I:\Program Files\Microsoft Office\Office10\OSA[Caution: ExecutableFile] O8 - Extra context menu item: E&xport to Microsoft Excel - res://I:\PROGRA~1\MICROS~2\Office10\EXCEL[Caution: ExecutableFile]/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - I:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - I:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs[Caution: ExecutableFile] O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs[Caution: ExecutableFile] O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1134995091703 O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "I:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - I:\Program Files\Alwil Software\Avast4\aswUpdSv[Caution: ExecutableFile] O23 - Service: avast! Antivirus - Unknown owner - I:\Program Files\Alwil Software\Avast4\ashServ[Caution: ExecutableFile] O23 - Service: avast! Mail Scanner - Unknown owner - I:\Program Files\Alwil Software\Avast4\ashMaiSv[Caution: ExecutableFile]" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - I:\Program Files\Alwil Software\Avast4\ashWebSv[Caution: ExecutableFile]" /service (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - I:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT[Caution: ExecutableFile] O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - I:\WINDOWS\system32\nvsvc32[Caution: ExecutableFile] O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - I:\Program Files\Analog Devices\SoundMAX\SMAgent[Caution: ExecutableFile]

Logfile of HijackThis v1.99.1 Scan saved at 21:30:14, on 10.11.2005 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss[Caution: ExecutableFile] C:\WINDOWS\system32\winlogon[Caution: ExecutableFile] C:\WINDOWS\system32\services[Caution: ExecutableFile] C:\WINDOWS\system32\lsass[Caution: ExecutableFile] C:\WINDOWS\system32\svchost[Caution: ExecutableFile] C:\WINDOWS\System32\svchost[Caution: ExecutableFile] C:\Program Files\Common Files\Symantec Shared\ccSetMgr[Caution: ExecutableFile] C:\Program Files\Common Files\Symantec Shared\SNDSrvc[Caution: ExecutableFile] C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc[Caution: ExecutableFile] C:\Program Files\Common Files\Symantec Shared\ccEvtMgr[Caution: ExecutableFile] C:\WINDOWS\system32\spoolsv[Caution: ExecutableFile] C:\PROGRA~1\COMMON~1\Stardock\SDMCP[Caution: ExecutableFile] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbload[Caution: ExecutableFile] C:\WINDOWS\Explorer[Caution: ExecutableFile] C:\Program Files\Java\jre1.5.0_04\bin\jusched[Caution: ExecutableFile] C:\WINDOWS\System32\RUNDLL32[Caution: ExecutableFile] C:\Program Files\D-Tools\daemon[Caution: ExecutableFile] C:\Program Files\Common Files\Symantec Shared\ccApp[Caution: ExecutableFile] C:\Program Files\CursorXP\CursorXP[Caution: ExecutableFile] C:\spywarebegone\SpywareBeGone[Caution: ExecutableFile] C:\Program Files\Norton AntiVirus\navapsvc[Caution: ExecutableFile] C:\Program Files\Norton AntiVirus\IWP\NPFMntor[Caution: ExecutableFile] C:\WINDOWS\System32\nvsvc32[Caution: ExecutableFile] C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService[Caution: ExecutableFile] C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc[Caution: ExecutableFile] C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr[Caution: ExecutableFile] C:\Program Files\Webroot\Spy Sweeper\SpySweeper[Caution: ExecutableFile] C:\Program Files\Webroot\Spy Sweeper\WRSSSDK[Caution: ExecutableFile] C:\Program Files\MSN Messenger\msnmsgr[Caution: ExecutableFile] C:\Program Files\Internet Explorer\iexplore[Caution: ExecutableFile] C:\Program Files\WinRAR\WinRAR[Caution: ExecutableFile] C:\DOCUME~1\Sander\LOCALS~1\Temp\Rar$EX00.062\HijackThis[Caution: ExecutableFile] O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck[Caution: ExecutableFile] O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched[Caution: ExecutableFile] O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32[Caution: ExecutableFile] C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz[Caution: ExecutableFile] /install O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05[Caution: ExecutableFile] O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32[Caution: ExecutableFile] C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Program Files\Browser MOUSE\mouse32a[Caution: ExecutableFile] O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon[Caution: ExecutableFile]" -lang 1033 O4 - HKLM\..\Run: [bootSkin Startup Jobs] "C:\PROGRA~1\Stardock\WINCUS~1\BootSkin\BootSkin[Caution: ExecutableFile]" /StartupJobs O4 - HKLM\..\Run: [LogonStudio] "C:\Program Files\WinCustomize\LogonStudio\logonstudio[Caution: ExecutableFile]" /RANDOM O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp[Caution: ExecutableFile]" O4 - HKLM\..\Run: [sSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt[Caution: ExecutableFile] O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon[Caution: ExecutableFile] /Consumer O4 - HKLM\..\Run: [spySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper[Caution: ExecutableFile]" /startintray O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs[Caution: ExecutableFile]" /background O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr[Caution: ExecutableFile]" /background O4 - HKCU\..\Run: [areslite] "C:\Documents and Settings\Sander\Desktop\ares\Ares Lite Edition\AresLite[Caution: ExecutableFile]" -h O4 - HKCU\..\Run: [CursorXP] "C:\Program Files\CursorXP\CursorXP[Caution: ExecutableFile]" -s O4 - HKCU\..\Run: [spyware Begone] "C:\spywarebegone\SpywareBeGone[Caution: ExecutableFile]" -FastScan O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire[Caution: ExecutableFile] O4 - Global Startup: Adobe Gamma Loader[Caution: ExecutableFile].lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader[Caution: ExecutableFile] O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader[Caution: ExecutableFile] O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA[Caution: ExecutableFile] O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL[Caution: ExecutableFile]/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {27527D31-447B-11D5-A46E-0001023B4289} (CoGSManager Class) - http://gamingzone.ubisoft.com/dev/packages/GSManager.cab O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_1_0_0_44.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1120852228669 O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab O16 - DPF: {D3A7982E-915D-4589-8ECE-249F70D0C941} (Launch Control) - http://aaotracker.4players.de/LaunchGame.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{F28B19E0-2F1A-4189-97C7-CF3FDED1F881}: NameServer = 194.126.115.18 194.126.101.34 O20 - Winlogon Notify: MCPClient - C:\PROGRA~1\COMMON~1\Stardock\mcpstub.dll O20 - Winlogon Notify: msctl32.dll - C:\WINDOWS\system32\msctl32.dll O20 - Winlogon Notify: WB - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\fastload.dll O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr[Caution: ExecutableFile] O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc[Caution: ExecutableFile] O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr[Caution: ExecutableFile] O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc[Caution: ExecutableFile] O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor[Caution: ExecutableFile] O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32[Caution: ExecutableFile] O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan[Caution: ExecutableFile] O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ[Caution: ExecutableFile] O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc[Caution: ExecutableFile] O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc[Caution: ExecutableFile] O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService[Caution: ExecutableFile] O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK[Caution: ExecutableFile] O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc[Caution: ExecutableFile] O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr[Caution: ExecutableFile] Hi, a friend of mine is having trouble with spyware / viruses so i suggested him to download hijackthis & make a log. So this is the log. Help would be appreciated.

Theres no need to download MS Anti Spy if hes already got Ad-aware, Spybot and SpyDoctor. It would only waste memory running another one. I dont know what the following processes are C:\WINDOWS\DESKTOP\TOOLS\ITEMNUMBER\HBXTOOLS.e3e (CAUTION - executable file) C:\WINDOWS\DESKTOP\K̵̮̉̉IK MUU\COPY OF HB\351B.e3e (CAUTION - executable file) But the rest are all legit. Just because you had those processes also when you had spyware doesnt mean that he has too. The processes in the HijackThis log are not foistware those 2 are ok. Alright thanks for the help everyone :D.

ok i got rid of what you said i should, - i also ran a spyware doctor and an adaware scan and this is what i've got for now : Logfile of HijackThis v1.99.1 Scan saved at 20:26:35, on 04.07.05 Platform: Windows 98 Gold (Win9x 4.10.1998) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\SYSTEM\KERNEL32.DLL C:\WINDOWS\SYSTEM\MSGSRV32[Caution: ExecutableFile] C:\WINDOWS\SYSTEM\MPREXE[Caution: ExecutableFile] C:\WINDOWS\SYSTEM\mmtask.tsk C:\WINDOWS\SYSTEM\MSTASK[Caution: ExecutableFile] C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCEVTMGR[Caution: ExecutableFile] C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCSETMGR[Caution: ExecutableFile] C:\WINDOWS\SYSTEM\KB891711\KB891711[Caution: ExecutableFile] C:\WINDOWS\SYSTEM\PGPSDKSERV[Caution: ExecutableFile] C:\WINDOWS\EXPLORER[Caution: ExecutableFile] C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCPD-LC\SYMLCSVC[Caution: ExecutableFile] C:\WINDOWS\SYSTEM\LVCOMS[Caution: ExecutableFile] C:\PROGRAM FILES\EFFICIENT NETWORKS\ENTERNET 300\APP\ENTERNET[Caution: ExecutableFile] C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR[Caution: ExecutableFile] C:\WINDOWS\SYSTEM\INTERNAT[Caution: ExecutableFile] C:\PROGRAM FILES\MOZILLA FIREFOX\FIREFOX[Caution: ExecutableFile] C:\WINDOWS\DESKTOP\SPYWARE DOCTOR\SWDOCTOR[Caution: ExecutableFile] C:\WINDOWS\DESKTOP\TOOLS\ITEMNUMBER\HBXTOOLS[Caution: ExecutableFile] C:\WINDOWS\DESKTOP\KÃÆÃâÃâõIK MUU\COPY OF HB\351B[Caution: ExecutableFile] C:\WINDOWS\SYSTEM\DDHELP[Caution: ExecutableFile] C:\WINDOWS\DESKTOP\TOOLS\HIJACKTHIS[Caution: ExecutableFile] R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 66.38.191.241:80 O2 - BHO: WsftpBrowserHelper Class - {601ED020-FB6C-11D3-87D8-0050DA59922B} - C:\PROGRAM FILES\IPSWITCH\WS_FTP PRO\WSBHO2K0.DLL O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\WINDOWS\DESKTOP\SPYWAR~1\TOOLS\IESDPB.DLL O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\WINDOWS\DESKTOP\SPYWAR~1\TOOLS\IESDSG.DLL O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32[Caution: ExecutableFile] powrprof.dll,LoadCurrentPwrScheme O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp[Caution: ExecutableFile]" O4 - HKLM\..\Run: [symantec Core LC] C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc[Caution: ExecutableFile] start O4 - HKLM\..\Run: [LVCOMS] C:\WINDOWS\SYSTEM\LVCOMS[Caution: ExecutableFile] O4 - HKLM\..\Run: [$EnterNet] C:\PROGRAM FILES\EFFICIENT NETWORKS\ENTERNET 300\APP\EnterNet[Caution: ExecutableFile] -AutoStart O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32[Caution: ExecutableFile] powrprof.dll,LoadCurrentPwrScheme O4 - HKLM\..\RunServices: [schedulingAgent] mstask[Caution: ExecutableFile] O4 - HKLM\..\RunServices: [ccEvtMgr] "C:\Program Files\Common Files\Symantec Shared\ccEvtMgr[Caution: ExecutableFile]" O4 - HKLM\..\RunServices: [ccSetMgr] "C:\Program Files\Common Files\Symantec Shared\ccSetMgr[Caution: ExecutableFile]" O4 - HKLM\..\RunServices: [KB891711] C:\WINDOWS\SYSTEM\KB891711\KB891711[Caution: ExecutableFile] O4 - HKLM\..\RunServices: [PGPSDKSVC] C:\WINDOWS\SYSTEM\PGPsdkServ[Caution: ExecutableFile] O4 - HKLM\..\RunServices: [PGPSERVICE] C:\WINDOWS\Desktop\PCP\PGP for Windows 98\PGPservice[Caution: ExecutableFile] O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr[Caution: ExecutableFile]" /background O4 - HKCU\..\Run: [spyware Doctor] "C:\WINDOWS\DESKTOP\SPYWARE DOCTOR\SWDOCTOR[Caution: ExecutableFile]" /Q O4 - Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader[Caution: ExecutableFile] O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\SYSTEM\Shdocvw.dll O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\WINDOWS\DESKTOP\SPYWAR~1\TOOLS\IESDPB.DLL O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll Ummmm, about the firewall & antivirii. Could you suggest any good ones? Adding where i could get those would be cool aswell. Since piracy is most liklely prohibited on these forums you could pm me or add [email protected] to your msn. thx.