Main Menu
Main Page
Forums
Recent changes
Random page
Help

Databases
GlitchDex
AttackDex
ItemDex
TypeDex
UnownDex
More

Major Glitches
Trainer escape glitch
Old man trick
Celebi trick
Select glitches (Japan)
SRAM glitch
CoolTrainer♀ corruption
LOL glitch
Rival LOL glitch
Super Glitch
ZZAZZ glitch
Pomeg corruption glitch (Glitzer Popping)
Tweaking
Elite Four door glitch (Japan)
Pokémon merge glitch
Pokémon cloning
Time Capsule exploit
Arbitrary code execution
Coin Case glitch
More

Other Glitch Categories
Glitches by generation
Glitches between two generations
Japan-only/language specific glitches
Music glitches
Natural glitches
Non-core series glitches
Non-Pokémon glitches
Officially acknowledged glitches
Recurring glitches
Dead glitches

References
Pokémon GameShark codes
The Big HEX List
GB programming
Curiosities
Debugging features
Easter eggs
Error traps
Glitch areas
Glitch myths
Non-glitch exploits
Placeholder texts
Pokémon glitch terminology
Unused content and prerelease information

Useful Tools
8F Helper
GBz80 to Items
Old man trick name generator
PATH (Prama's Advanced Tweaking Heaven)
Save file editors
Special stat/Pokémon converter
Trainer escape Trainer Pokémon finder

Affiliates
Legendary Star Blob 2 (Hakuda)
Pokémon Speedruns wiki
PRAMA Initiative
Become an affiliate!

Search Wiki

 

Search Forums

 

Author Topic: Vista Troubles  (Read 5172 times)

0 Members and 1 Guest are viewing this topic.

Lauryn the Arisen

  • A Shadow Of My Formerself...
  • Member+
  • *
  • Offline Offline
  • Gender: Female
  • "That is just offensive what they do." - Ellis
    • View Profile
    • The Hellgar Pack
Vista Troubles
« on: February 16, 2010, 03:12:11 pm »
Gah, Vista gets worse, I can't use Linix as it doesn't seem to agree with my Vista anymore, but now yesterday my Vista got infected with a virus (found it today), and I did a System Restore back to the day before the virs happened, but now I can't use the option for my System Restore to go back five days before, and now I'm losing hard drive space, unable to undo other restores, because an "unknown error with the restore" happens, and I'm out of options. If I do a system recovery, and Fujitsu system (my original laptop's orginal system), says personal data may be lost (as in all my music, and such and I don't have a portable hard drive, and I don't have any CDs), so what can I do? I need to undo all this problem with the virus and the system restore (it happened when I accidently downloaded something, I thought it was a torrent (it seemed like one), and now it comes up as BC1.exe, but I keep getting a a fake .TMP file that keep's saying it's being used by something esle, so I've run out of options, what can I do? I don't have another system, (still paying off my laptop and now the £400 vet bill). Also IE8 has been running on its down and being shut down by the Problems and Solutions Center (twice) because it suffered an APPCRASH, and I don't even use IE8, (no doubt the same virus from my XP but no doubt under another name). I'm going to have to reinstall Avast, it's not working and my Windows Defender has been turned off and I can't bring it back online, saying it's  been turned off by a policy group.
« Last Edit: February 16, 2010, 03:25:40 pm by Mutou Yami »
R.I.P. Paul Gray - April 8, 1972 – May 24, 2010.
Aishiteru Mutou Yami-Sama. ♥
Poets of the Fall Addict.
-Trainer Card Coming Soon-
"They are no longer... Human." ~ Yao Hisako [Siren 1/Forbidden Siren]

"Come Arisen... Forge in my fire the next link in the endless chain..." - Grigori the Dragon.

Fivex

  • Member+
  • *
  • Offline Offline
  • Gender: Male
    • View Profile
Re: Vista Troubles
« Reply #1 on: February 16, 2010, 03:43:10 pm »
First thing's first
http://free.antivirus.com/hijackthis/
Run the executable version of 2.0.2
Click do a system scan and save a log file. Wait for it to finish.
It will generate a hijackthis.log file. Close hijackthis and open up the log with notepad. Paste the contents here

Lauryn the Arisen

  • A Shadow Of My Formerself...
  • Member+
  • *
  • Offline Offline
  • Gender: Female
  • "That is just offensive what they do." - Ellis
    • View Profile
    • The Hellgar Pack
Re: Vista Troubles
« Reply #2 on: February 16, 2010, 03:48:03 pm »
At the moment, I'm saving what I can and may have to do the system recovery. Everytime I own a Windows-based System I always get something wrong with it. My original stuff is still on my parent's computer, but a lot has changed since so I've sent most of my stuff (what I could save) to my Hotmail address, and hope this works. I've had to uninstalled avast (it's gotten turned off and refuses to turn back on, and won't even run in Safe Mode).

Edit: That was a bit quick. It says (I maybe offline for a bit, I've installed Free Edtion of Avira (it's great, I've used it before on my XP a month before it died, so it's found a false .EXE called msa.exe but it's being "used" so I'll head into Safe Mode and allow Avira to scan):

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:46:25, on 16/02/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18882)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Fujitsu OSD Utility\OSDUtility.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Google\Google EULA\GoogleEULALauncher.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Users\Mutou Yami\AppData\Local\Google\Update\1.2.183.13\GoogleCrashHandler.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\taskeng.exe
C:\Windows\msa.exe
C:\Windows\system32\ctfmon.exe
C:\Users\Mutou Yami\Desktop\setup_ais_eng.exe
C:\Program Files\Alwil Software\Avast5\Setup\Sfx\avast.setup
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Users\Mutou Yami\AppData\Local\Temp\Bc1.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://forums.glitchcity.info/index.php
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: FrostWire Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (file missing)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [Fujitsu OSD Utility] c:\PROGRA~1\FUJITS~1\OSDUTI~1.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [FSCRecovery] c:\Program Files\Fujitsu\System Recovery\FSCRecoveryReminder.exe
O4 - HKLM\..\Run: [Google EULA Launcher] c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe IE PA
O4 - HKLM\..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKCU\..\Run: [fts-reg] C:\fts-reg\ftsreg.exe 20100208
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Mutou Yami\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [TOY5KNQ8OC] C:\Users\Mutou Yami\AppData\Local\Temp\Bc1.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O17 - HKLM\System\CCS\Services\Tcpip\..\{0D618457-EDC9-4FE7-A52C-79767B07B4DA}: NameServer = 93.188.162.10,93.188.166.94
O17 - HKLM\System\CCS\Services\Tcpip\..\{63AE4334-CFC3-47DA-BF27-87D50DB1BDE4}: NameServer = 93.188.162.10,93.188.166.94
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 93.188.162.10,93.188.166.94
O17 - HKLM\System\CS1\Services\Tcpip\..\{0D618457-EDC9-4FE7-A52C-79767B07B4DA}: NameServer = 93.188.162.10,93.188.166.94
O17 - HKLM\System\CS4\Services\Tcpip\Parameters: NameServer = 93.188.162.10,93.188.166.94
O17 - HKLM\System\CS4\Services\Tcpip\..\{0D618457-EDC9-4FE7-A52C-79767B07B4DA}: NameServer = 93.188.162.10,93.188.166.94
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 93.188.162.10,93.188.166.94
O20 - AppInit_DLLs: AVGRSSTX.DLL C:\PROGRA~1\GOOGLE\GOOGLE~2\GOEC62~1.DLL
O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: Norton Internet Security - Unknown owner - C:\Program Files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe (file missing)
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: Fujitsu Diagnostic Testhandler (TestHandler) - Fujitsu Technology Solutions - C:\Program Files\Fujitsu\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

--
End of file - 8704 bytes
« Last Edit: February 16, 2010, 04:12:51 pm by Mutou Yami »
R.I.P. Paul Gray - April 8, 1972 – May 24, 2010.
Aishiteru Mutou Yami-Sama. ♥
Poets of the Fall Addict.
-Trainer Card Coming Soon-
"They are no longer... Human." ~ Yao Hisako [Siren 1/Forbidden Siren]

"Come Arisen... Forge in my fire the next link in the endless chain..." - Grigori the Dragon.

Fivex

  • Member+
  • *
  • Offline Offline
  • Gender: Male
    • View Profile
Re: Vista Troubles
« Reply #3 on: February 16, 2010, 04:09:30 pm »
The only virus that I  can find from that list is a downloader. So it's best to remove it ASAP.
Anyways, C:/Windows/msa.exe is the main source of problems. Go into task manager and kill msa.exe
Now then open up regedit and navigate to
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Do you see anything labled NordBull in there?

Lauryn the Arisen

  • A Shadow Of My Formerself...
  • Member+
  • *
  • Offline Offline
  • Gender: Female
  • "That is just offensive what they do." - Ellis
    • View Profile
    • The Hellgar Pack
Re: Vista Troubles
« Reply #4 on: February 16, 2010, 04:14:14 pm »
I just found msa (from Avria's noice), and the fucker won't die so I'll try and rid of it and jump to Safe Mode to make sure nothing else is lurking.
« Last Edit: February 16, 2010, 04:14:27 pm by Mutou Yami »
R.I.P. Paul Gray - April 8, 1972 – May 24, 2010.
Aishiteru Mutou Yami-Sama. ♥
Poets of the Fall Addict.
-Trainer Card Coming Soon-
"They are no longer... Human." ~ Yao Hisako [Siren 1/Forbidden Siren]

"Come Arisen... Forge in my fire the next link in the endless chain..." - Grigori the Dragon.

Fivex

  • Member+
  • *
  • Offline Offline
  • Gender: Male
    • View Profile
Re: Vista Troubles
« Reply #5 on: February 16, 2010, 04:18:16 pm »
I just found msa (from Avria's noice), and the fucker won't die so I'll try and rid of it and jump to Safe Mode to make sure nothing else is lurking.
No, restarting will make it stat up again.
Wait, you can't kill it fom task manager or avira?  Odd. Well, open up regedit and navigate to the location I said.

Lauryn the Arisen

  • A Shadow Of My Formerself...
  • Member+
  • *
  • Offline Offline
  • Gender: Female
  • "That is just offensive what they do." - Ellis
    • View Profile
    • The Hellgar Pack
Re: Vista Troubles
« Reply #6 on: February 16, 2010, 04:22:20 pm »
I tried to remove it from Windows the first time and it didn't work, but it's gone now, but I can't remove ~DF7005.tmp as Windows claims it's being used by another programe. The date made was yesterday the 15th, same day as the virus. My hard drive space is still down, it's down to 28.7 GB, I had 35.6 yesterday but it's dropped down because of the failed System Restores I can't remove and no thanks to the virus.
« Last Edit: February 16, 2010, 04:23:54 pm by Mutou Yami »
R.I.P. Paul Gray - April 8, 1972 – May 24, 2010.
Aishiteru Mutou Yami-Sama. ♥
Poets of the Fall Addict.
-Trainer Card Coming Soon-
"They are no longer... Human." ~ Yao Hisako [Siren 1/Forbidden Siren]

"Come Arisen... Forge in my fire the next link in the endless chain..." - Grigori the Dragon.

Fivex

  • Member+
  • *
  • Offline Offline
  • Gender: Male
    • View Profile
Re: Vista Troubles
« Reply #7 on: February 16, 2010, 04:36:50 pm »
I tried to remove it from Windows the first time and it didn't work, but it's gone now, but I can't remove ~DF7005.tmp as Windows claims it's being used by another programe. The date made was yesterday the 15th, same day as the virus. My hard drive space is still down, it's down to 28.7 GB, I had 35.6 yesterday but it's dropped down because of the failed System Restores I can't remove and no thanks to the virus.
Turn off system restore and turn it back on. That should remove the boken system restore points.
Anyways, make a new hijack this log in safe mode.

Lauryn the Arisen

  • A Shadow Of My Formerself...
  • Member+
  • *
  • Offline Offline
  • Gender: Female
  • "That is just offensive what they do." - Ellis
    • View Profile
    • The Hellgar Pack
Re: Vista Troubles
« Reply #8 on: February 16, 2010, 04:42:27 pm »
Right, okay I'll do so when Avria has finished the scan. Got a scan going at the moment, so waiting for that to complete.
R.I.P. Paul Gray - April 8, 1972 – May 24, 2010.
Aishiteru Mutou Yami-Sama. ♥
Poets of the Fall Addict.
-Trainer Card Coming Soon-
"They are no longer... Human." ~ Yao Hisako [Siren 1/Forbidden Siren]

"Come Arisen... Forge in my fire the next link in the endless chain..." - Grigori the Dragon.

Chaos Hiruko

  • Lord of Destruction
  • Oldbie
  • *
  • Offline Offline
  • Gender: Male
  • Pharaoh Robotnik demands fried chicken!
    • View Profile
Re: Vista Troubles
« Reply #9 on: February 16, 2010, 07:42:43 pm »
Vista is one of the WORST Operating Systems you can use.
XP is a lot better, and there are ones that are better than that, but I stick with XP.
[size=9]3.14[/size][/b][/glow]

My trainer card, thanks to Epgpwpx
Need a new one soon.....
GETS in the Count to One Million: 5300, 5400, 5900, 6400, 6500, 7600, 8300, 8500

Awesome banner made by the equally awesome FooBot!

Lauryn the Arisen

  • A Shadow Of My Formerself...
  • Member+
  • *
  • Offline Offline
  • Gender: Female
  • "That is just offensive what they do." - Ellis
    • View Profile
    • The Hellgar Pack
Re: Vista Troubles
« Reply #10 on: February 16, 2010, 08:11:14 pm »
I hate any Winows system. The only one I thought that was more stable, relyable, and useful was Windows 98. Nine years I'd used Windows 98, and it ran a game called Rome Total War just fine, other than the battles (where you're in battle against your enemies on a map, that would just make the computer crash as the graphics card/video card wasn't strong enough for that), but the game ran smoothly it was a great game. I have the Hijack This Safe Mode log, just need to find it. s**t, it's gone gah! I'll have to get it again later, I'm sick of Fireox "hanging". My hardrive space has jumped back up,  (I've uninstalled Guild Wars, the game has grown boring), but the Restores ate still sitting there, so either something else is up, or it's something else.
R.I.P. Paul Gray - April 8, 1972 – May 24, 2010.
Aishiteru Mutou Yami-Sama. ♥
Poets of the Fall Addict.
-Trainer Card Coming Soon-
"They are no longer... Human." ~ Yao Hisako [Siren 1/Forbidden Siren]

"Come Arisen... Forge in my fire the next link in the endless chain..." - Grigori the Dragon.

Chaos Hiruko

  • Lord of Destruction
  • Oldbie
  • *
  • Offline Offline
  • Gender: Male
  • Pharaoh Robotnik demands fried chicken!
    • View Profile
Re: Vista Troubles
« Reply #11 on: February 16, 2010, 08:27:54 pm »
Usually, if you have a Backdoor Trojan or any type of Malware, it prevents you from activating the System Restore. It shows you have them, but you can't use them.
[size=9]3.14[/size][/b][/glow]

My trainer card, thanks to Epgpwpx
Need a new one soon.....
GETS in the Count to One Million: 5300, 5400, 5900, 6400, 6500, 7600, 8300, 8500

Awesome banner made by the equally awesome FooBot!

Fivex

  • Member+
  • *
  • Offline Offline
  • Gender: Male
    • View Profile
Re: Vista Troubles
« Reply #12 on: February 16, 2010, 10:02:37 pm »
Usually, if you have a Backdoor Trojan or any type of Malware, it prevents you from activating the System Restore. It shows you have them, but you can't use them.
I know what he has. It's not a backdoor trojan(or not yet atleast), it's a downloader

Chaos Hiruko

  • Lord of Destruction
  • Oldbie
  • *
  • Offline Offline
  • Gender: Male
  • Pharaoh Robotnik demands fried chicken!
    • View Profile
Re: Vista Troubles
« Reply #13 on: February 16, 2010, 10:43:35 pm »
Usually, if you have a Backdoor Trojan or any type of Malware, it prevents you from activating the System Restore. It shows you have them, but you can't use them.
I know what he has. It's not a backdoor trojan(or not yet atleast), it's a downloader
SHE
[size=9]3.14[/size][/b][/glow]

My trainer card, thanks to Epgpwpx
Need a new one soon.....
GETS in the Count to One Million: 5300, 5400, 5900, 6400, 6500, 7600, 8300, 8500

Awesome banner made by the equally awesome FooBot!

Lauryn the Arisen

  • A Shadow Of My Formerself...
  • Member+
  • *
  • Offline Offline
  • Gender: Female
  • "That is just offensive what they do." - Ellis
    • View Profile
    • The Hellgar Pack
Re: Vista Troubles
« Reply #14 on: February 17, 2010, 06:28:42 am »
How many times has people, got my gender wrong. It's clear I'm a girl, and if I was a guy, I'd be loving a girl, not a boy. *Sighs* At the moment Vista has completely crashed on me twice, it did so last night, and again a few seconds ago. I got a strong feeling that this laptop is going to die exactly the same way my original shitty Vista laptop did. That died after one year of having it, where a lot of things would suffer an APPHANG (Firefox), or an APPCRASH - Windows Exporer - System Tray, and Windows Media Player. I don't have Conficker I know that for sure, since my other stuff would of been disabled/killed, but Windows Defender is offline and I am unable to bring it back online, I keep getting a stupid message saying, it's been turned off by the group policy. I don't even know what a fucking group policy even is. I've used an old, and out dated system for 9 years, even with Windows XP brand new at the time, but asll this new Windows Systems s**t is just pointless, Windows 7 is Windows Vista - masked over any Vista problems, in which has been a lot of reports here in England about how Windows 7 sucks. At the moment I've got Avria scanning again, and it found no viruses in Safe Mode, which is good, and 6 detections, two from FrostWire (I barely use it), AskBar (Damn thing might of came with FrostWire when I didn't want the AskBar installed as it's a virus), and the other two I think were viruses from somewhere else on my laptop. I'll get that HijackThis Log from Safe Mode when my Vista has finished fucking about.

Hijack this log from Safe Mode:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:03:58, on 17/02/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18882)
Boot mode: Safe mode with network support

Running processes:
C:\Windows\Explorer.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Mozilla Firefox\firefox.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://forums.glitchcity.info/index.php
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: FrostWire Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (file missing)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [Fujitsu OSD Utility] c:\PROGRA~1\FUJITS~1\OSDUTI~1.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [FSCRecovery] c:\Program Files\Fujitsu\System Recovery\FSCRecoveryReminder.exe
O4 - HKLM\..\Run: [Google EULA Launcher] c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe IE PA
O4 - HKLM\..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKCU\..\Run: [fts-reg] C:\fts-reg\ftsreg.exe 20100208
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Mutou Yami\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [TOY5KNQ8OC] C:\Users\Mutou Yami\AppData\Local\Temp\Bc1.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O17 - HKLM\System\CCS\Services\Tcpip\..\{0D618457-EDC9-4FE7-A52C-79767B07B4DA}: NameServer = 93.188.162.10,93.188.166.94
O17 - HKLM\System\CCS\Services\Tcpip\..\{63AE4334-CFC3-47DA-BF27-87D50DB1BDE4}: NameServer = 93.188.162.10,93.188.166.94
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 93.188.162.10,93.188.166.94
O17 - HKLM\System\CS1\Services\Tcpip\..\{0D618457-EDC9-4FE7-A52C-79767B07B4DA}: NameServer = 93.188.162.10,93.188.166.94
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 93.188.162.10,93.188.166.94
O20 - AppInit_DLLs: AVGRSSTX.DLL C:\PROGRA~1\GOOGLE\GOOGLE~2\GOEC62~1.DLL
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: Norton Internet Security - Unknown owner - C:\Program Files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe (file missing)
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: Fujitsu Diagnostic Testhandler (TestHandler) - Fujitsu Technology Solutions - C:\Program Files\Fujitsu\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

--
End of file - 7662 bytes
« Last Edit: February 17, 2010, 01:29:56 pm by Mutou Yami »
R.I.P. Paul Gray - April 8, 1972 – May 24, 2010.
Aishiteru Mutou Yami-Sama. ♥
Poets of the Fall Addict.
-Trainer Card Coming Soon-
"They are no longer... Human." ~ Yao Hisako [Siren 1/Forbidden Siren]

"Come Arisen... Forge in my fire the next link in the endless chain..." - Grigori the Dragon.