Posts by RegalHawk

when ever i play a noise or anything it has a chance of being distorted and whenever i play a song its alwas distorted and if its quite a fast song with lots of things happening in it, it goes slow with crackly noises. Its really Distorted and really annoying. The problem has been going since as long as i can renember. With both of the speakers i have had - Boston ones (they used digital) and X-230 (normal). They both had bass and 2 speakers. i can't renember the problem when the first speakers i used where just two speakers which was before i got the realteck ac97 audio driver. The sound card was inbuilt with mobo (GIGABYTE GA-8n-SLI pro). It didn't do this to the pre owner of the mobo who also used digital. Please help me and if you need to know anything else - just ask. Thanks for any help.

Kyrin

Alright. this is one of the last problems with my new PC. Ever since i got the computer here, we installed a Driver and when i played games, random flickering went across the screen and sometimes it would freeze for a couple of seconds (the game) then continue then sometimes the computer would freeze so i have to restart it. it happens on the two games i have on the computer so far, Counter Strike: source and Quake Wars ET demo. The strange thing is the demo worked fine and everything before we put the drivers on. The graphics card is an nVIDIA GeForce 7800 GT. I am pretty sure the driver that we installed on that day was a Gigabyte audio one for the motherboard (GA-8n-SLI PRO) since then the games were doing all that weird stuff. So i got nVIDIA nTUNE and Gigabyte easy tune pro 5 think one of them might at least help me but so far no. Please help me, my system is so good for gaming its just these flashings and freezings that are stopping it from reaching its full potential as a gaming computer.

Ok here it is. My sneaky cousin (whos spare parts we used to make this computer) stole my 4gb. He put it in is other computer (hes got 2 excluding the one we both made) a dell. He swapped them so he gave me 4x512mb. Very sneaky. cheap cheap cheap. Sorry about this, i must seem very dumb right now.

Ok don't worry. Its fixed. The big cpu cooling fan on the processor was getting a little loose from its traveling and wasn't putting all its wait on the processor so it was over heating. the computer is on its side now so the problem has stopped as the fan is putting all its weight on the processor. Thats it in simple details

Please, please, please help me. My new computer is having a very strange problem ever since i put on easy tune pro 5.0 and nVIDIA nTUNE on it. I put these on it because i was getting strange flashes of white across the screen when i was playing games, which ultimately kept crashing my games when i was playing the games. So i thought it might be a graphics card problem (i have a nVIDIA GeForce 7800 GT). After i got these i went on them had a snoop around them and then when i went onto Easy tune and some weird thing said motherboard fan going into cruise mode - you must restart computer i so i exited that pop-up and then i went to bed. the next morning i turn it on and it freezes at the logon screen. so i restart the computer and it does the same at the windows bootup display. So i am getting confused and i restart it again goes to the very first gigabyte logo (i have a GA-8N-SLI PRO motherboard) and it freezes. so i hold down the on button and turn it off. i check the wiring and all that - nothings wrong here, so i turn it on again does the same thing at the windows bootup display (freezes) so i restart it again and it asks if i want to go into safe mode and i try to move the highlight up but the keyboard isn't working! so …

i have 4 sticks each 1gb (i renember because i helped make i). I don't have a chance to see what the Bios says so i am not sure about that. But this isn't really my biggest concern because something really weird happened to my computer the other day when i put on nTUNE and easytune (because i was having weird flashes across the screen of white when i was playing games and then the game would freeze so i got these to see if i could fix it) and now the computer keeps freezing when it boots up, like some times at the gigabyte logo sometimes at the windows logon or booting display. And so i am going to be focusing more on that as i canot get into safe mode because the keyboard and mouse doesn't seem to work anymore. so i am stuffed for now.

I have been looking the answer to my problem about Microsoft Windows XP saying i have 2gb RAM when i know i put in 4gb. i have been looking around for the answer for quite a while and everything seems to confuse me. Some people have reported only being able to see 3.5gb memory when they have 4gb and i would like to be able to get at least that high in RAM and if not then 4gb. I found this on microsoft and i am not sure what it does or anything: http://support.microsoft.com/kb/181862
My Computer Specs are below;
Gigabyte i-DNA series motherboard GA-8N-SLI PRO
Dual Bios (it also says:) Adward sofware international, inc f4
Pentium 4 CPU 3.4ghz x86 Family 15model 4 stepping 1
nVIDIA GeForce 7800 Graphics Card

Please help me.

VundoFix V6.5.7

Checking Java version...

Java version is 1.4.2.3
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.6
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.9
Old versions of java are exploitable and should be removed.

Scan started at 5:54:28 p.m. 11/08/2007

Listing files found while scanning....

C:\windows\system32\auleqvyc.dll
C:\windows\system32\biomvnur.ini
C:\windows\system32\bioqxisa.dll
C:\windows\system32\bthyelhm.dll
C:\windows\system32\crlbuslx.dll
C:\windows\system32\dhlcruix.dll
C:\windows\system32\eoqcqmmf.ini
C:\windows\system32\eusrgtsu.ini
C:\windows\system32\fmmqcqoe.dll
C:\windows\system32\glroajgh.dll
C:\windows\system32\kuddxdmf.dll
C:\windows\system32\ogdglkmk.dll
C:\windows\system32\oyqmmxbh.dll
C:\WINDOWS\system32\pmnnm.dll
C:\windows\system32\runvmoib.dll
C:\windows\system32\swdlvmwt.dll
C:\windows\system32\trvswbkw.dll
C:\windows\system32\twmvldws.ini
C:\WINDOWS\system32\ustgrsue.dll
C:\WINDOWS\system32\vrxedxto.dll
C:\windows\system32\wkbwsvrt.ini
C:\WINDOWS\system32\xhuvoblj.dll
C:\windows\system32\xiurclhd.ini
C:\windows\system32\xlsublrc.ini

Beginning removal...

Attempting to delete C:\windows\system32\auleqvyc.dll
C:\windows\system32\auleqvyc.dll Has been deleted!

Attempting to delete C:\windows\system32\biomvnur.ini
C:\windows\system32\biomvnur.ini Has been deleted!

Attempting to delete C:\windows\system32\bioqxisa.dll
C:\windows\system32\bioqxisa.dll Has been deleted!

Attempting to delete C:\windows\system32\bthyelhm.dll
C:\windows\system32\bthyelhm.dll Has been deleted!

Attempting to delete C:\windows\system32\crlbuslx.dll
C:\windows\system32\crlbuslx.dll Has been deleted!

Attempting to delete C:\windows\system32\dhlcruix.dll
C:\windows\system32\dhlcruix.dll Has been deleted!

Attempting to delete C:\windows\system32\eoqcqmmf.ini
C:\windows\system32\eoqcqmmf.ini Has been deleted!

Attempting to delete C:\windows\system32\eusrgtsu.ini
C:\windows\system32\eusrgtsu.ini Has been deleted!

Attempting to delete C:\windows\system32\fmmqcqoe.dll
C:\windows\system32\fmmqcqoe.dll Has been deleted!

Attempting to delete C:\windows\system32\glroajgh.dll
C:\windows\system32\glroajgh.dll Has been deleted!

Attempting to delete C:\windows\system32\kuddxdmf.dll
C:\windows\system32\kuddxdmf.dll Has been deleted!

Attempting to delete C:\windows\system32\ogdglkmk.dll
C:\windows\system32\ogdglkmk.dll Has been deleted!

Attempting to delete C:\windows\system32\oyqmmxbh.dll
…

SDFix: Version 1.104

Run by Kyrin on Sat 15/09/2007 at 06:37 p.m.

Microsoft Windows XP [Version 5.1.2600]

Running From: C:\DOCUME~1\Kyrin\Desktop\SDFix

Safe Mode:
Checking Services: 

Name:
DomainService

ImagePath:
C:\WINDOWS\system32\pqhwvwoq.exe /service

DomainService - Deleted



Restoring Windows Registry Values
Restoring Windows Default Hosts File

Rebooting...


Normal Mode:
Checking Files: 

Trojan Files Found:

C:\Program Files\Setup.exe  - Deleted



Removing Temp Files...

ADS Check:

C:\WINDOWS
No streams found. 

C:\WINDOWS\system32
No streams found. 

C:\WINDOWS\system32\svchost.exe
No streams found.

C:\WINDOWS\system32\ntoskrnl.exe
No streams found.



                                 Final Check:

Remaining Services:
------------------




Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\WINDOWS\\system32\\rk.exe"="C:\\WINDOWS\\system32\\rk.exe:*:Enabled:rk.exe"
"C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"C:\\Program Files\\Google\\Google Talk\\googletalk.exe"="C:\\Program Files\\Google\\Google Talk\\googletalk.exe:*:Enabled:Google Talk"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Documents and Settings\\Kyrin\\Local Settings\\Temp\\Temporary Internet Files\\Content.IE5\\1OO92DWY\\incredimail_install[1].exe"="C:\\Documents and Settings\\Kyrin\\Local Settings\\Temp\\Temporary Internet Files\\Content.IE5\\1OO92DWY\\incredimail_install[1].exe:*:Enabled:IncrediMail Installer"
"C:\\Documents and Settings\\Kyrin\\My Documents\\Kyrins Stuff\\WinRAR Files\\incredimail_install.exe"="C:\\Documents and Settings\\Kyrin\\My Documents\\Kyrins Stuff\\WinRAR Files\\incredimail_install.exe:*:Enabled:IncrediMail Installer"
"C:\\Program Files\\IncrediMail\\bin\\IMApp.exe"="C:\\Program Files\\IncrediMail\\bin\\IMApp.exe:*:Enabled:IncrediMail"
"C:\\Program Files\\IncrediMail\\bin\\IncMail.exe"="C:\\Program Files\\IncrediMail\\bin\\IncMail.exe:*:Enabled:IncrediMail"
"C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"="C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe:*:Enabled:IncrediMail"
"C:\\Program Files\\Project Snowblind\\Snowblind.MP"="C:\\Program Files\\Project Snowblind\\Snowblind.MP:*:Enabled:Project: Snowblind (PC)"
"C:\\Documents and Settings\\Kyrin\\My Documents\\bittorrent.exe"="C:\\Documents and Settings\\Kyrin\\My Documents\\bittorrent.exe:*:Enabled:BitTorrent"
"C:\\Program Files\\BitTorrent\\bittorrent.exe"="C:\\Program Files\\BitTorrent\\bittorrent.exe:*:Enabled:BitTorrent"
"C:\\Documents and Settings\\All Users\\Documents\\Empires Dawn of the Modern World\\empires_dmw.exe"="C:\\Documents and Settings\\All Users\\Documents\\Empires Dawn of the Modern World\\empires_dmw.exe:*:Enabled:empires_dmw"
"C:\\Program Files\\Electronic Arts\\The Battle for Middle-earth (tm) II\\game.dat"="C:\\Program Files\\Electronic Arts\\The Battle for Middle-earth (tm) II\\game.dat:*:Enabled:The Battle for Middle-earth(tm) II"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\WINDOWS\\TEMP\\win523.tmp.exe"="C:\\WINDOWS\\TEMP\\win523.tmp.exe:*:Enabled:win523.tmp"
"C:\\Documents and Settings\\Kyrin\\My Documents\\Kyrins Stuff\\WinRAR Files\\utorrent(2).exe"="C:\\Documents and Settings\\Kyrin\\My Documents\\Kyrins Stuff\\WinRAR Files\\utorrent(2).exe:*:Enabled:æTorrent"
"C:\\Documents and Settings\\Kyrin\\My Documents\\Kyrins Stuff\\WinRAR Files\\utorrent(3).exe"="C:\\Documents and Settings\\Kyrin\\My Documents\\Kyrins Stuff\\WinRAR Files\\utorrent(3).exe:*:Enabled:æTorrent"
"C:\\Documents and Settings\\Kyrin\\My Documents\\LimeWire\\LimeWire.exe"="C:\\Documents and Settings\\Kyrin\\My Documents\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"C:\\Documents and Settings\\Kyrin\\My Documents\\The Lord of the Rings Online\\lotroclient.exe"="C:\\Documents …

Norton 360's Auto-Protect won't turn on and when i try and press fix in the problems bar nothing happens ABSOLUTELY NOTHING! I am really getting annoyed because as far as i know the computer is full of spyware and other nasties which could prevent Norton form turning on Auto-Protect. Here is the hijack this log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:35:29 p.m., on 9/09/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\PackethSvc.exe
C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\pqhwvwoq.exe
C:\WINDOWS\system32\E_S00RP2.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\OneStepSearch\onestep.exe
C:\Program Files\Spyware Doctor\svcntaux.exe
C:\Program Files\Spyware Doctor\swdsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\OneStepSearch\onestep.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Documents and Settings\All Users\daemon.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Spyware Doctor\SDTrayApp.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\program files\steam\steam.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Microsoft Office\OFFICE11\POWERPNT.EXE
C:\Program Files\BitLord\BitLord.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Documents and Settings\Kyrin\Desktop\Security Backup\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

can't seem to get rid of rlvknlg.exe... umm my pc is working fine now even before that last post of yours hanks heaps

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 5:54:04 p.m., on 12/08/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\PackethSvc.exe
C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\E_S00RP2.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\OneStepSearch\onestep.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\OneStepSearch\onestep.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Documents and Settings\All Users\daemon.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Kyrin\My Documents\Kyrins Stuff\WinRAR Files\utorrent.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\windows\system32\rlvknlg.exe
C:\Documents and Settings\Kyrin\Desktop\HiJackThis_v2.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.nz/ig?hl=en
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN …

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:17:45 p.m., on 12/08/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\PackethSvc.exe
C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\E_S00RP2.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\OneStepSearch\onestep.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Documents and Settings\All Users\daemon.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\windows\system32\rlvknlg.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Save\Save.exe
C:\Program Files\OneStepSearch\onestep.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Documents and Settings\Kyrin\Desktop\HiJackThis.exe
C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.nz/ig?hl=en
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program …

Logfile of The Avenger version 1, by Swandog46
Running from registry key:
\Registry\Machine\System\CurrentControlSet\Services\ocaliqal

*******************

Script file located at: \??\C:\Program Files\vchnnlcl.txt
Script file opened successfully.

Script file read successfully

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

File C:\WINDOWS\system32\gln.dll not found!
Deletion of file C:\WINDOWS\system32\gln.dll failed!

Could not process line:
C:\WINDOWS\system32\gln.dll
Status: 0xc0000034

File C:\WINDOWS\system32\WinFlyer32.dll deleted successfully.
File C:\WINDOWS\system32\fffdcffe.dll deleted successfully.
File C:\WINDOWS\SYSTEM32\winjyg32.dll deleted successfully.
Folder C:\Program Files\Pouhhwfx deleted successfully.
Folder C:\Program Files\pstgdile deleted successfully.

Folder C:\PROGRA~1\MYWEBS~1 not found!
Deletion of folder C:\PROGRA~1\MYWEBS~1 failed!

Could not process line:
C:\PROGRA~1\MYWEBS~1
Status: 0xc0000034

Completed script processing.

*******************

Finished! Terminate.

ummm alright but one thing! how do i get to add/remove programs without going into control panel??

oh if this is of any help to anyone trying to help me this is in the DEP file included in error report:

C:\DOCUME~1\Kyrin\LOCALS~1\Temp\WER0919.dir00\explorer.exe.mdmp
C:\DOCUME~1\Kyrin\LOCALS~1\Temp\WER0919.dir00\appcompat.txt

ok i had to use that run program in the start section to get this:

VundoFix V6.5.7

Checking Java version...

Java version is 1.4.2.3
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.6
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.9
Old versions of java are exploitable and should be removed.

Scan started at 5:54:28 p.m. 11/08/2007

Listing files found while scanning....

C:\windows\system32\auleqvyc.dll
C:\windows\system32\biomvnur.ini
C:\windows\system32\bioqxisa.dll
C:\windows\system32\bthyelhm.dll
C:\windows\system32\crlbuslx.dll
C:\windows\system32\dhlcruix.dll
C:\windows\system32\eoqcqmmf.ini
C:\windows\system32\eusrgtsu.ini
C:\windows\system32\fmmqcqoe.dll
C:\windows\system32\glroajgh.dll
C:\windows\system32\kuddxdmf.dll
C:\windows\system32\ogdglkmk.dll
C:\windows\system32\oyqmmxbh.dll
C:\WINDOWS\system32\pmnnm.dll
C:\windows\system32\runvmoib.dll
C:\windows\system32\swdlvmwt.dll
C:\windows\system32\trvswbkw.dll
C:\windows\system32\twmvldws.ini
C:\WINDOWS\system32\ustgrsue.dll
C:\WINDOWS\system32\vrxedxto.dll
C:\windows\system32\wkbwsvrt.ini
C:\WINDOWS\system32\xhuvoblj.dll
C:\windows\system32\xiurclhd.ini
C:\windows\system32\xlsublrc.ini

Beginning removal...

Attempting to delete C:\windows\system32\auleqvyc.dll
C:\windows\system32\auleqvyc.dll Has been deleted!

Attempting to delete C:\windows\system32\biomvnur.ini
C:\windows\system32\biomvnur.ini Has been deleted!

Attempting to delete C:\windows\system32\bioqxisa.dll
C:\windows\system32\bioqxisa.dll Has been deleted!

Attempting to delete C:\windows\system32\bthyelhm.dll
C:\windows\system32\bthyelhm.dll Has been deleted!

Attempting to delete C:\windows\system32\crlbuslx.dll
C:\windows\system32\crlbuslx.dll Has been deleted!

Attempting to delete C:\windows\system32\dhlcruix.dll
C:\windows\system32\dhlcruix.dll Has been deleted!

Attempting to delete C:\windows\system32\eoqcqmmf.ini
C:\windows\system32\eoqcqmmf.ini Has been deleted!

Attempting to delete C:\windows\system32\eusrgtsu.ini
C:\windows\system32\eusrgtsu.ini Has been deleted!

Attempting to delete C:\windows\system32\fmmqcqoe.dll
C:\windows\system32\fmmqcqoe.dll Has been deleted!

Attempting to delete C:\windows\system32\glroajgh.dll
C:\windows\system32\glroajgh.dll Has been deleted!

Attempting to delete C:\windows\system32\kuddxdmf.dll
C:\windows\system32\kuddxdmf.dll Has been deleted!

yea! i forgot! the hijackthislog:

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 3:06:59 p.m., on 12/08/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\PackethSvc.exe
C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\E_S00RP2.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Documents and Settings\All Users\daemon.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Kyrin\Desktop\HiJackThis_v2.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.nz/ig?hl=en
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {074277C8-B5FA-461D-8E0E-A9344CB9A260} - (no file)
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll
O2 - BHO: (no name) - {5232C53B-A4B3-CE2F-FB09-029227E0B969} - C:\Program Files\Pouhhwfx\ulcqvvrx.dll
O2 - BHO: (no name) - {5CA3D70E-1895-11CF-8E15-001234567890} - …

if i could just get into the control panel and turn DEP off..

ok i ran vundofix but nothing was found and i still can't get into my files

Mcldev, it not really my computer, but the owner turned off backup on Norton 360 and yeah...

Crunchie i was able to get into a file for once and i did the sdfix thing here it is SDFix: Version 1.97

Run by Kyrin on Sun 12/08/2007 at 02:21 p.m.

Microsoft Windows XP [Version 5.1.2600]

Running From: C:\DOCUME~1\Kyrin\Desktop\SDFix

Safe Mode:
Checking Services:

Restoring Windows Registry Values
Restoring Windows Default Hosts File

Rebooting...

Normal Mode:
Checking Files:

Trojan Files Found:

C:\Program Files\Bifrost\---.exe - Deleted

Folder C:\Program Files\Bifrost - Removed

Removing Temp Files...

ADS Check:

C:\WINDOWS
No streams found.

C:\WINDOWS\system32
No streams found.

C:\WINDOWS\system32\svchost.exe
No streams found.

C:\WINDOWS\system32\ntoskrnl.exe
No streams found.

Final Check:

Remaining Services:
------------------

Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\WINDOWS\\system32\\rk.exe"="C:\\WINDOWS\\system32\\rk.exe:*:Enabled:rk.exe"
"C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"C:\\Program Files\\Google\\Google Talk\\googletalk.exe"="C:\\Program Files\\Google\\Google Talk\\googletalk.exe:*:Enabled:Google Talk"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Documents and Settings\\Kyrin\\Local Settings\\Temp\\Temporary Internet Files\\Content.IE5\\1OO92DWY\\incredimail_install[1].exe"="C:\\Documents and Settings\\Kyrin\\Local Settings\\Temp\\Temporary Internet Files\\Content.IE5\\1OO92DWY\\incredimail_install[1].exe:*:Enabled:IncrediMail Installer"
"C:\\Documents and Settings\\Kyrin\\My Documents\\Kyrins Stuff\\WinRAR Files\\incredimail_install.exe"="C:\\Documents and Settings\\Kyrin\\My Documents\\Kyrins Stuff\\WinRAR Files\\incredimail_install.exe:*:Enabled:IncrediMail Installer"
"C:\\Program Files\\IncrediMail\\bin\\IMApp.exe"="C:\\Program Files\\IncrediMail\\bin\\IMApp.exe:*:Enabled:IncrediMail"
"C:\\Program Files\\IncrediMail\\bin\\IncMail.exe"="C:\\Program Files\\IncrediMail\\bin\\IncMail.exe:*:Enabled:IncrediMail"
"C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"="C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe:*:Enabled:IncrediMail"
"C:\\Program Files\\Project Snowblind\\Snowblind.MP"="C:\\Program Files\\Project Snowblind\\Snowblind.MP:*:Enabled:Project: Snowblind (PC)"
"C:\\Documents and Settings\\Kyrin\\My Documents\\bittorrent.exe"="C:\\Documents and Settings\\Kyrin\\My Documents\\bittorrent.exe:*:Enabled:BitTorrent"
"C:\\Program Files\\BitTorrent\\bittorrent.exe"="C:\\Program Files\\BitTorrent\\bittorrent.exe:*:Enabled:BitTorrent"
"C:\\Documents and Settings\\All Users\\Documents\\Empires Dawn of the Modern …

Help HELP! I can't access any folders like my documents and C: drive and Control Panel or anything like that! i can access games and stuff but i can't get into any folders!!! i don't want to reinstall windows i have to many precious files and heck, i don't even know how to! Every time i try to get in to a file it says this:
Data Execution Prevention - Microsoft Windows
Name: Windows Explorer
Publisher: Microsoft Corporation

Close Message ( and when i click that the: Windows explorer has encountered a problem and needs to close, window! i clicked what the error contained it says:

C:\DOCUME~1\Kyrin\LOCALS~1\Temp\WER3a10.dir00\explorer.exe.mdmp
C:\DOCUME~1\Kyrin\LOCALS~1\Temp\WER3a10.dir00\appcompat.txt

(Kyrin is my account name)

When i try to find out how to turn off DEP it turns out you have to into the control panel! which i can't! i have Norton 360 and spy bot and ccleaner and vundofix and registry mechanic but nothing seems to be working. I have tried older threads and they don't work as to missing links and stuff. internet explorer probably doesn't work but i always use morzilla and due to older threads i have hijack this and this is what it says: oh no! i just tried it then but it didn't work says the DEP window again. DAM but i have an older one aswell:

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 10:57:00 a.m., on 12/08/2007
Platform: Windows XP SP2 …