|
|||||||
 |
|
|
LinkBack | Thread Tools | Search this Thread | Rate Thread | Display Modes |
07-02-2004, 11:19 AM
|
#1 |
|
Member (6 bit)
Join Date: Jun 2003
Posts: 58
|
What are these files and this stupid error
C:\WINDOWS\System32\lzgwuot.exe
c:\windows\temp\nLvAXSP.exe %systemroot%\system32\dumprep 0 -k None of them arein task mgr but they all are in my msconfig startup and in regedit under hklm windows/run Also getting error loading bridge.dll at startup I mean adaware and spybot dont pick these up. AVG antivirus doesnt either |
|
|
|
07-02-2004, 11:21 AM
|
#2 |
|
Professional gadfly
Join Date: Jan 2002
Location: Minneapolis, MN
Posts: 6,364
 |
It's spyware. Make sure you have the latest detection definitions for AdAware and Spybot before you run them. Try running these programs in safe mode too. To start out with, I would delete or rename those files and remove the registry keys starting them up.
|
|
|
|
|
07-02-2004, 11:31 AM
|
#3 |
|
Member (6 bit)
Join Date: Jun 2003
Posts: 58
|
the dump one is spyware as well?
|
|
|
|
|
07-02-2004, 11:34 AM
|
#4 |
|
Professional gadfly
Join Date: Jan 2002
Location: Minneapolis, MN
Posts: 6,364
|
It doesn't look like the dumprep is bad, so I would leave it alone for now.
|
|
|
|
|
07-02-2004, 11:40 AM
|
#5 |
|
Member (6 bit)
Join Date: Jun 2003
Posts: 58
|
its funny cause spybot and adaware dont pick up those 2 progs
hers the log Logfile of HijackThis v1.97.7 Scan saved at 12:24:36 PM, on 7/2/2004 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Rage3DTweak\RegTwk.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe C:\Program Files\D-Tools\daemon.exe C:\Program Files\rage3dtweak\gameutil.exe C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\wanmpsvc.exe C:\Progs2\aim\aim.exe C:\Program Files\SpeedFan\speedfan.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\Hijack\Desktop\spyware\Hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://forums.anandtech.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://forums.anandtech.com/ O2 - BHO: (no name) - {00000010-6F7D-442C-93E3-4A4827C2E4C8} - C:\WINDOWS\nem219.dll (file missing) O2 - BHO: (no name) - {0000607D-D204-42C7-8E46-216055BF9918} - (no file) O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r O4 - HKLM\..\Run: [RegTweak] C:\Program Files\Rage3DTweak\RegTwk.exe O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\program files\quicktine\qttask.exe" -atboottime O4 - HKLM\..\Run: [nLvAXSP] c:\windows\temp\nLvAXSP.exe O4 - HKLM\..\Run: [HP Software Update] "c:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe" O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [gplpfxmcmttc] C:\WINDOWS\System32\lzgwuot.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - Global Startup: gameutil.exe.lnk = ? O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: AIM (HKLM) O12 - Plugin for .hlq: C:\Program Files\Internet Explorer\PLUGINS\NpHcd32.dll O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/s...irector/sw.cab O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} - http://download.microsoft.com/downlo...22/wmv9VCM.CAB O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/...eInstaller.exe O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/201254bd...p/RdxIE601.cab O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - http://launch.gamespyarcade.com/soft...ch/alaunch.cab O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - http://www.installengine.com/engine/isetup.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/s...sh/swflash.cab O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/is...85/mcfscan.cab |
|
|
|
|
07-04-2004, 10:01 AM
|
#6 |
|
Forum Administrator
Staff
Premium Member
Join Date: May 2000
Location: Joplin MO
Posts: 37,777
|
The dumprep is just from your last BSOD.
Are you positive you have the latest definitions for Ad-Aware and Spybot? If you are using Spybot 1.2, uninstall it and get 1.3, they stopped updating 1.2 about 6 months ago - and if you have anything other than Ad-Aware 6.0 build 181, you are also not current here. I do NOT see any antivirus software running..........you need to do a virus scan too. Go to housecall.trendmicro.com and get a free online scan. |
|
|
|
|
| Bookmarks |
| Thread Tools | Search this Thread |
| Display Modes | Rate This Thread |
|
|
Linear Mode
