please please please HELP !!!

Hi all, i was just on the net the other day when my computer clicked off i didnt know what to do with it so i just turned it back on and left it 15 minutes later turned off again so i thought i would restore my computer back to factory default.... did that still the same i keep getting error messages saying i have 55 critical system errors and it says for me to download registry repair run it and then reboot my computer did all that still not working every 15-20 mins it just flicks its self off to a dark blue screen, or just restarts its self???????

i remember one error message it says

SYSTEM ERROR!

System error detected in C:/WINDOWS/system32 windows suggests visiting www.cleanthispc.com to download free reapair tool
Which is just the same as registry repair

Can any one please help me to sort it out thanks

What OS do you run? My guess is that it is spyware or a virus.

its a virus you need to go to microsoft.com and download patch thing..
pi$$ed me off when i had that 2 do you have sbc by any chance? (internet)

I am on windows XP, where can i download a free anti virus that is good, im using microsoft anti spyware

hancocmc01 said:

I am on windows XP, where can i download a free anti virus that is good, im using microsoft anti spyware

Click to expand...

Well thats a good start, M$ Anti-Spyware is good. Look for AVG Free Edition, Spybot SD, and AdAware 6.0 on www.google.com they are all free and effective.

That's definetly a spyware problem though. I suggest you get hijackthis and post your log up to be analyzed.

I will second that.

Got hijackthis - did not work :S

How do you mean it didn't work? Try renaming it something else.

got AVG free version already, that didnt find anything, Microsoft anti spyware seem to be bringing up the same spyware results each time IST.IST ????

just brought up an error message - i will try downloading from a differant websyt

I found out where the file was iinstaller in C:\DOCUME~1\Mike\LOCALS~1\Temp\ so i just simply deleted it i dont know if it will work hopefully it will i am running a spyware scan and adware scan and anti virus scan to see what it comes up with i will post the results in a tic tac

HIJACKTHIS RESULTS!!!!!


Logfile of HijackThis v1.99.1
Scan saved at 19:12:52, on 01/11/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\brsvc01a.exe
C:\WINDOWS\System32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\Pinnacle\InstantCDDVD\InstantWrite\iwctrl.exe
C:\WINDOWS\system32\Brmfrmps.exe
C:\Program Files\FSI\F-Prot\fpavupdm.exe
C:\Program Files\Zoom\CnxDslTb.exe
C:\Program Files\Scansoft\PaperPort\pptd40nt.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\winocx.exe
C:\prz1.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\WINDOWS\vsnpstd.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\WINDOWS\System32\msmsgss.exe
C:\WINDOWS\System32\BRMFRSMG.EXE
C:\WINDOWS\System32\winPE.exe
C:\Program Files\FSI\F-Prot\F-Sched.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\System32\RUNDLL32.EXE
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Wireless Device\Wireless Keyboard\Magickey.exe
C:\Program Files\Wireless Device\Wireless Mouse\MouseAp.exe
C:\Program Files\Wireless Device\Wireless Keyboard\osd.exe
C:\Program Files\Scansoft\PaperPort\SmartUI\SmartUI.exe
c:\msdcOm912.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\LAVASOFT\AD-AWA~1\AD-AWARE.EXE
C:\Program Files\Microsoft AntiSpyware\GIANTAntiSpywareMain.exe
C:\Documents and Settings\Mike\Desktop\hijackthis\Michael.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.timecomputers.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.timecomputers.com/
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SUPASTATUS] C:\Program Files\Internet Explorer\Connection Wizard\status.exe
O4 - HKLM\..\Run: [IW ControlCenter] C:\Program Files\Pinnacle\InstantCDDVD\InstantWrite\iwctrl.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe
O4 - HKLM\..\Run: [CnxDslTaskBar] C:\Program Files\Zoom\CnxDslTb.exe
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\Scansoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\Scansoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [PP8 SE Reminder] "C:\Program Files\Scansoft\PaperPort\WebEreg\NAVBrowser.exe" -r "C:\Program Files\Scansoft\PaperPort\WebEreg\navLoad.ini"
O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl03a\BrStDvPt.exe
O4 - HKLM\..\Run: [Windows Ocx Service] winocx.exe
O4 - HKLM\..\Run: [Windows Automatic Updates] C:\prz1.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe
O4 - HKLM\..\Run: [msmsgr] msmsgss.exe
O4 - HKLM\..\Run: [ms ownage] winPE.exe
O4 - HKLM\..\Run: [FRISK FP-Scheduler] C:\Program Files\FSI\F-Prot\F-Sched.exe STARTUP
O4 - HKLM\..\Run: [F-StopW] C:\Program Files\FSI\F-Prot\F-StopW.EXE
O4 - HKLM\..\Run: [FDh$vùõš/‚²ÆßfÏNbC:\Program Files\ISTsvc\istsvc.exe] C:\WINDOWS\fxkyylit.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\RunServices: [Windows Ocx Service] winocx.exe
O4 - HKLM\..\RunServices: [msmsgr] msmsgss.exe
O4 - HKLM\..\RunServices: [ms ownage] winPE.exe
O4 - HKLM\..\RunOnce: [MicrosoftAntiSpywareCleaner] C:\Program Files\Microsoft AntiSpyware\gcASCleaner.exe
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Windows Ocx Service] winocx.exe
O4 - HKCU\..\RunServices: [Windows Ocx Service] winocx.exe
O4 - Global Startup: Enable Wireless Keyboard Driver.lnk = C:\Program Files\Wireless Device\Wireless Keyboard\Magickey.exe
O4 - Global Startup: Enable Wireless Optical Mouse Driver.lnk = C:\Program Files\Wireless Device\Wireless Mouse\MouseAp.exe
O4 - Global Startup: SmartUI.lnk = ?
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O14 - IERESET.INF: START_PAGE_URL=http://www.timecomputers.com
O15 - Trusted Zone: http://ny.contentmatch.net (HKLM)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1130694623225
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{323D5754-CA3C-4FC9-B334-C7A9DB0B6F0C}: NameServer = 213.40.66.126 213.40.130.126
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Brother Popup Suspend service for Resource manager (brmfrmps) - Unknown owner - C:\WINDOWS\system32\Brmfrmps.exe" -service (file missing)
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\System32\brsvc01a.exe
O23 - Service: F-Prot Antivirus Update Monitor - FRISK Software - C:\Program Files\FSI\F-Prot\fpavupdm.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

Let's clean up a bit first.
Download Ewido.
http://download.ewido.net/ewido-setup.exe
Update it and run a full scan, remove anything it finds.
Then reboot and post a new log

will do m8 thanks

ewido security suite - Scan report
---------------------------------------------------------

+ Created on: 19:54:23, 01/11/2005
+ Report-Checksum: ABA29581

+ Scan result:

HKLM\SOFTWARE\Classes\CLSID\{014DA6C9-189F-421a-88CD-07CFE51CFF10} -> Spyware.MySearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{3f4d4f88-0198-4921-b630-957f3eb814e0} -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} -> Spyware.Need2Find : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{4D1C4E89-A32A-416b-BCDB-33B3EF3617D3} -> Spyware.Need2Find : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{4D1C4E8B-A32A-416b-BCDB-33B3EF3617D3} -> Spyware.Need2Find : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{630D6140-04C5-4db0-B27A-020D766FF09B} -> Spyware.Need2Find : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{F78B32D6-D6D8-4137-A18F-91EBE1A4AEDB}\TreatAs\\ -> Spyware.Need2Find : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{258A3625-183B-4477-AEE2-EA54DF6D878D} -> Spyware.TOPicks : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{258A3625-183B-4477-AEE2-EA54DF6D878D}\TypeLib\\ -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{4D1C4E8A-A32A-416B-BCDB-33B3EF3617D3} -> Spyware.Need2Find : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{4D1C4E8C-A32A-416B-BCDB-33B3EF3617D3} -> Spyware.Need2Find : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{D273D427-57C6-4B12-860F-BBB8195F6E2A} -> Spyware.TOPicks : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{D273D427-57C6-4B12-860F-BBB8195F6E2A}\TypeLib\\ -> Spyware.P2PNetworking : Cleaned with backup
HKLM\SOFTWARE\Classes\Need2FindBar.SettingsPlugin -> Spyware.Need2Find : Cleaned with backup
HKLM\SOFTWARE\Classes\Need2FindBar.SettingsPlugin\CLSID -> Spyware.Need2Find : Cleaned with backup
HKLM\SOFTWARE\Classes\Need2FindBar.SettingsPlugin\CLSID\\ -> Spyware.Need2Find : Cleaned with backup
HKLM\SOFTWARE\Classes\Need2FindBar.SettingsPlugin\CurVer -> Spyware.Need2Find : Cleaned with backup
HKLM\SOFTWARE\Classes\Need2FindBar.SettingsPlugin.1 -> Spyware.Need2Find : Cleaned with backup
HKLM\SOFTWARE\Classes\Need2FindBar.SettingsPlugin.1\CLSID\\ -> Spyware.Need2Find : Cleaned with backup
HKLM\SOFTWARE\Classes\Need2FindBar.ToolbarPlugin -> Spyware.Need2Find : Cleaned with backup
HKLM\SOFTWARE\Classes\Need2FindBar.ToolbarPlugin\CLSID -> Spyware.Need2Find : Cleaned with backup
HKLM\SOFTWARE\Classes\Need2FindBar.ToolbarPlugin\CLSID\\ -> Spyware.Need2Find : Cleaned with backup
HKLM\SOFTWARE\Classes\Need2FindBar.ToolbarPlugin\CurVer -> Spyware.Need2Find : Cleaned with backup
HKLM\SOFTWARE\Classes\Need2FindBar.ToolbarPlugin.1 -> Spyware.Need2Find : Cleaned with backup
HKLM\SOFTWARE\Classes\Need2FindBar.ToolbarPlugin.1\CLSID\\ -> Spyware.Need2Find : Cleaned with backup
HKLM\SOFTWARE\Classes\TypeLib\{F720B40F-3A38-4B22-B30D-DCF095D42498} -> Spyware.P2PNetworking : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Need2FindBar Uninstall -> Spyware.Need2Find : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Need2FindBar Uninstall -> Spyware.Need2Find : Cleaned with backup
HKLM\SOFTWARE\Need2Find -> Spyware.Need2Find : Cleaned with backup
HKLM\SOFTWARE\Need2Find\bar -> Spyware.Need2Find : Cleaned with backup
HKLM\SOFTWARE\Need2Find\bar\Partner -> Spyware.Need2Find : Cleaned with backup
C:\WINDOWS\system32\winPE.exe -> Backdoor.Rbot : Cleaned with backup
C:\WINDOWS\system32\bingoo.exe -> Worm.Mytob.t : Cleaned with backup
C:\WINDOWS\system32\service.exe -> Backdoor.Rbot.ul : Cleaned with backup
C:\Documents and Settings\Mike\Local Settings\Temp\~DF9581.tmp -> Trojan.Rootkit.h : Cleaned with backup
C:\Documents and Settings\Mike\Cookies\mike@com[2].txt -> Spyware.Cookie.Com : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\1AE389F3-C810-4B5E-8BD1-B51C9A\2973FF16-D332-4D99-BF33-371A58 -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\1AE389F3-C810-4B5E-8BD1-B51C9A\49FAC7E6-A741-421E-89B0-865C15 -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\1AE389F3-C810-4B5E-8BD1-B51C9A\274F43B2-244D-43DB-8C34-A67F4E -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\1AE389F3-C810-4B5E-8BD1-B51C9A\72956A71-FBA5-4F77-A59F-73E775 -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\1AE389F3-C810-4B5E-8BD1-B51C9A\1F5E9AD2-7DA7-42E4-860C-D2B696 -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\1AE389F3-C810-4B5E-8BD1-B51C9A\C42E470C-CB94-4FF1-A1C1-AA493D -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\1AE389F3-C810-4B5E-8BD1-B51C9A\EEE544B4-7E31-4471-B2F7-2CA89D -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\1AE389F3-C810-4B5E-8BD1-B51C9A\ECEF19AD-5763-4437-BA65-A826E1 -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\1AE389F3-C810-4B5E-8BD1-B51C9A\7B0D976A-8AD6-4AA7-8B53-4339D8 -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\1AE389F3-C810-4B5E-8BD1-B51C9A\0FF9B9F6-E305-4644-8C4A-683FE7 -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\1AE389F3-C810-4B5E-8BD1-B51C9A\62C36D22-A7E0-4CCA-A26D-CD7558 -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\1AE389F3-C810-4B5E-8BD1-B51C9A\9AE70DC2-3CDF-40DB-928F-AC67F2 -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\1AE389F3-C810-4B5E-8BD1-B51C9A\C36156AD-EB84-44E2-872B-648921 -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\1AE389F3-C810-4B5E-8BD1-B51C9A\2BA36734-5D30-4663-A643-B253A6/mySetp.exe -> Spyware.MyWebSearch : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\1AE389F3-C810-4B5E-8BD1-B51C9A\FAC546DD-7B4A-4742-9FE1-8F87BA -> Spyware.Altnet : Cleaned with backup
C:\Program Files\Need2Find -> Spyware.Need2Find : Cleaned with backup
C:\Program Files\Need2Find\bar -> Spyware.Need2Find : Cleaned with backup
C:\Program Files\Need2Find\bar\1.bin -> Spyware.Need2Find : Cleaned with backup
C:\Program Files\Need2Find\bar\1.bin\N2FFXTBR.JAR -> Spyware.Need2Find : Cleaned with backup
C:\Program Files\Need2Find\bar\1.bin\N2NTSTBR.JAR -> Spyware.Need2Find : Cleaned with backup
C:\Program Files\Need2Find\bar\1.bin\N2PLUGIN.DLL -> Spyware.Need2Find : Cleaned with backup
C:\Program Files\Need2Find\bar\1.bin\ND2FNBAR.DLL -> Spyware.Need2Find : Cleaned with backup
C:\Program Files\Need2Find\bar\1.bin\NPND2FN.DLL -> Spyware.Need2Find : Cleaned with backup
C:\Program Files\Need2Find\bar\1.bin\PARTNER.DAT -> Spyware.Need2Find : Cleaned with backup
C:\Program Files\Need2Find\bar\Cache -> Spyware.Need2Find : Cleaned with backup
C:\Program Files\Need2Find\bar\Cache\files.ini -> Spyware.Need2Find : Cleaned with backup


::Report End

Ok, post a new Hijackthis log after a reboot.

try
http://www.download.com/3001-8022_4-10399602.html

ad-aware 1.06

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\brsvc01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\brss01a.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\system32\Brmfrmps.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\ewido\security suite\ewidoguard.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\BRMFRSMG.EXE
C:\Program Files\Pinnacle\InstantCDDVD\InstantWrite\iwctrl.exe
C:\Program Files\Zoom\CnxDslTb.exe
C:\Program Files\Scansoft\PaperPort\pptd40nt.exe
C:\Program Files\Scansoft\PaperPort\WebEreg\NAVBrowser.exe
C:\Program Files\Brother\Brmfl03a\BrStDvPt.exe
C:\prz1.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\WINDOWS\vsnpstd.exe
C:\WINDOWS\System32\msmsgss.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\System32\RUNDLL32.EXE
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Wireless Device\Wireless Keyboard\Magickey.exe
C:\Program Files\Wireless Device\Wireless Mouse\MouseAp.exe
C:\Program Files\Scansoft\PaperPort\SmartUI\SmartUI.exe
C:\Program Files\Wireless Device\Wireless Keyboard\osd.exe
C:\Documents and Settings\Mike\Desktop\Anti Virus - Anti spyware\Hijack this.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.timecomputers.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.timecomputers.com/
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SUPASTATUS] C:\Program Files\Internet Explorer\Connection Wizard\status.exe
O4 - HKLM\..\Run: [IW ControlCenter] C:\Program Files\Pinnacle\InstantCDDVD\InstantWrite\iwctrl.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe
O4 - HKLM\..\Run: [CnxDslTaskBar] C:\Program Files\Zoom\CnxDslTb.exe
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\Scansoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\Scansoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [PP8 SE Reminder] "C:\Program Files\Scansoft\PaperPort\WebEreg\NAVBrowser.exe" -r "C:\Program Files\Scansoft\PaperPort\WebEreg\navLoad.ini"
O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl03a\BrStDvPt.exe
O4 - HKLM\..\Run: [Windows Automatic Updates] C:\prz1.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe
O4 - HKLM\..\Run: [msmsgr] msmsgss.exe
O4 - HKLM\..\Run: [FDh$vùõš/‚²ÆßfÏNbC:\Program Files\ISTsvc\istsvc.exe] C:\WINDOWS\fxkyylit.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\RunServices: [msmsgr] msmsgss.exe
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Windows Ocx Service] winocx.exe
O4 - HKCU\..\RunServices: [Windows Ocx Service] winocx.exe
O4 - Global Startup: Enable Wireless Keyboard Driver.lnk = C:\Program Files\Wireless Device\Wireless Keyboard\Magickey.exe
O4 - Global Startup: Enable Wireless Optical Mouse Driver.lnk = C:\Program Files\Wireless Device\Wireless Mouse\MouseAp.exe
O4 - Global Startup: SmartUI.lnk = ?
O14 - IERESET.INF: START_PAGE_URL=http://www.timecomputers.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1130694623225
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{323D5754-CA3C-4FC9-B334-C7A9DB0B6F0C}: NameServer = 213.40.66.126 213.40.130.126
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Brother Popup Suspend service for Resource manager (brmfrmps) - Unknown owner - C:\WINDOWS\system32\Brmfrmps.exe" -service (file missing)
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\System32\brsvc01a.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

got Ad-Aware SE Personal do you want a log from that as well?

Download the Killbox.
http://www.downloads.subratam.org/KillBox.zip
Unzip it to the desktop.

Open notepad and copy these lines to a new document, save it where you know where to find it.

C:\prz1.exe
C:\WINDOWS\System32\msmsgss.exe
C:\Program Files\ISTsvc\istsvc.exe
C:\WINDOWS\fxkyylit.exe
C:\WINDOWS\System32\winocx.exe
C:\msdcOm912.exe

Then boot into safemode (tap f8 on startup).

Once in safemode, run the killbox and select "delete on reboot".

Open the notepad document you saved earlier, highlight the text and hit Ctrl + C to copy it to the clipboard.

Go back to the killbox, select "file" and "paste from clipboard". Check the entries are in the "full path of file to delete" box.

Hit the red button with a white X, if it asks if you want to reboot, select "no".

Run Hijackthis and select "Do a system scan only", place a check by the following entries.

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O4 - HKLM\..\Run: [Windows Automatic Updates] C:\prz1.exe
O4 - HKLM\..\Run: [msmsgr] msmsgss.exe
O4 - HKLM\..\Run: [FDh$vùõš/‚²ÆßfÏNbC:\Program Files\ISTsvc\istsvc.exe] C:\WINDOWS\fxkyylit.exe
O4 - HKLM\..\RunServices: [msmsgr] msmsgss.exe
O4 - HKCU\..\Run: [Windows Ocx Service] winocx.exe
O4 - HKCU\..\RunServices: [Windows Ocx Service] winocx.exe

Close all open windows and browsers, and hit "Fix Checked".

Then reboot to normal mode and post a new Hijackthis log.