Hi everyone, This thing started when i tried to use a KEYGEN or something. So, this is what happens: Whenever I boot my PC (P4,1.6GHZ,256MB SD,WinXPpro) following ERROR MASSAGE APPEARS: It says your system clock appears to have been set back WHEN THIS HAPPENED FOR THE FIRST TIME AND I CHECKED THE CLOCK IN THE CORNER IT WAS SET TO JULY 2007 SO I CHANGED IT BACK TO FEBRUARY. So naw the clock is perfected but the problem persists. I even scanned the MSGSRV 32 file with Anti-Virus(AVG 7.5 UpToDate). So whats going on here If anyone knows a solution or any suggestion will be appreciated please also refer the BEST(If Any) program to solve this problem. THANK YOU IN ADVANCE ANY HELP WILL BE APPRECIATED. P.s They say please contact the author of this program for instructions on correcting this error (duh!)
A Keygen, no doubt an .exe file. Bet more then your clock got changed. When will they learn. You might as well put a sign on you computer that says "Kick me" then tell every hacker in the world how they can't touch you. Strange unknown .exe files have a nasty habit of not being safe.
Yeah! thank you 4 that got it solved had to uninstall the Photoshop (thats what the keygen was for) and scanned my PC with AVG antivirus.
Thanks for that, but they say Warning! This program requires some know-how. You could criple your OS if you don't know what you're doing. If you are unsure, try SpyBot S&D or Ad-Aware instead. I have Spybot S&D. And I used it alongside AVG. Both showed ERRORS in partitions and following files KERNEL32 and sys32 something...Which were FIXED. I WILL POST HJT LOGS SOON. PLEASE KEEP ON WATCH THANK YOU.
So heres the LOG FILE as per PWNed100's Request. Logfile of HijackThis v1.99.1 Scan saved at 8:35:43 PM, on 2/25/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: D:\WINXP\System32\smss.exe D:\WINXP\system32\winlogon.exe D:\WINXP\system32\services.exe D:\WINXP\system32\lsass.exe D:\WINXP\system32\svchost.exe D:\WINXP\System32\svchost.exe D:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe D:\WINXP\Explorer.EXE D:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe D:\WINXP\system32\spoolsv.exe D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe D:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe D:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe D:\PROGRA~1\Grisoft\AVG7\avgemc.exe D:\Program Files\FolderSize\FolderSizeSvc.exe D:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe D:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe D:\PROGRA~1\NORTON~1\NORTON~1\NPROTECT.EXE D:\WINXP\system32\hkcmd.exe D:\WINXP\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe D:\PROGRA~1\Grisoft\AVG7\avgcc.exe D:\Program Files\Picasa2\PicasaMediaDetector.exe D:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\King Kong Software\Capture\KingKongCapture.exe D:\PROGRA~1\NORTON~1\NORTON~1\SPEEDD~1\NOPDB.EXE D:\Program Files\Winamp\winampa.exe D:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe D:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe D:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe D:\Program Files\Google\Google Talk\googletalk.exe D:\Program Files\Messenger\msmsgs.exe D:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe D:\Program Files\Internet Explorer\iexplore.exe D:\WINXP\system32\ctfmon.exe D:\Program Files\Uniblue\Registry Booster\RegistryBooster.exe D:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe d:\progra~1\intern~1\iexplore.exe D:\Program Files\Webshots\WebshotsTray.exe D:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe D:\WINXP\system32\svchost.exe D:\Program Files\Common Files\Teleca Shared\Generic.exe D:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe D:\Program Files\Opera\Opera.exe F:\MyApps\utorrent.exe F:\MyApps\HijackThis_v1.99.1.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://kingkongsearch.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://kingkongsearch.com/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R3 - Default URLSearchHook is missing O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - D:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: XBTB06823 - {BA463437-C3DE-47da-8280-87596824388A} - D:\PROGRA~1\GOOGLE~1\TOOLBA~1.DLL (file missing) O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - D:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: WebManager Class - {D5792AA9-D373-4039-8670-2CDAB6A71F15} - D:\Program Files\Torrent101\TorrentManager.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - D:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - D:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL O4 - HKLM\..\Run: [HotKeysCmds] D:\WINXP\system32\hkcmd.exe O4 - HKLM\..\Run: [pdfFactory Pro Dispatcher v2] "D:\WINXP\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe" /source=HKLM O4 - HKLM\..\Run: [AVG7_CC] D:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [Picasa Media Detector] D:\Program Files\Picasa2\PicasaMediaDetector.exe O4 - HKLM\..\Run: [TkBellExe] "D:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [KingKongCapture] C:\Program Files\King Kong Software\Capture\KingKongCapture.exe O4 - HKLM\..\Run: [WinampAgent] D:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [Google Desktop Search] "D:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "D:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions O4 - HKLM\..\Run: [Multi Fork Itch Fast] D:\Documents and Settings\All Users\Application Data\BAT CORN MULTI FORK\Greatbind.exe O4 - HKCU\..\Run: [googletalk] "D:\Program Files\Google\Google Talk\googletalk.exe" /autostart O4 - HKCU\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] D:\WINXP\system32\ctfmon.exe O4 - HKCU\..\Run: [LTM2] D:\WINXP\litmus\MSGSRV32.exe O4 - HKCU\..\Run: [Uniblue Registry Booster] D:\Program Files\Uniblue\Registry Booster\RegistryBooster.exe /S O4 - HKCU\..\Run: [Cake Size] D:\DOCUME~1\USER\APPLIC~1\CORNDA~1\grey chin.exe O4 - Startup: Webshots.lnk = D:\Program Files\Webshots\WebshotsTray.exe O4 - Global Startup: Microsoft Office.lnk = D:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: &Windows Live Search - res://D:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1170936519203 O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) - O17 - HKLM\System\CCS\Services\Tcpip\..\{8BBD883F-04DB-4972-A282-457D8C2ECFFF}: NameServer = 203.94.227.70,203.94.243.70 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - AppInit_DLLs: D:\PROGRA~1\Google\GOOGLE~4\GOEC62~1.DLL,wbsys.dll D:\PROGRA~1\Google\GOOGLE~4\GOEC62~1.DLL O20 - Winlogon Notify: igfxcui - D:\WINXP\SYSTEM32\igfxsrvc.dll O20 - Winlogon Notify: WBSrv - D:\PROGRA~1\STARDOCK\OBJECT~1\WINDOW~1\wbsrv.dll O20 - Winlogon Notify: WgaLogon - D:\WINXP\ O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - D:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - D:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - D:\PROGRA~1\Grisoft\AVG7\avgemc.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - D:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Folder Size (FolderSize) - Brio - D:\Program Files\FolderSize\FolderSizeSvc.exe O23 - Service: GhostStartService - Symantec Corporation - D:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe O23 - Service: GoogleDesktopManager - Google - D:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - D:\PROGRA~1\NORTON~1\NORTON~1\NPROTECT.EXE O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing) O23 - Service: Speed Disk service - Symantec Corporation - D:\PROGRA~1\NORTON~1\NORTON~1\SPEEDD~1\NOPDB.EXE O23 - Service: Symantec Core LC - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe Please reply with any suggestions........THANK YOU.
