1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Do you have Adware, Spyware, Virus/Trojan or a Browser Hijacker?

Discussion in 'Windows - Virus and spyware problems' started by CJC, Nov 21, 2004.

Thread Status:
Not open for further replies.
  1. geestar20

    geestar20 Active member

    Joined:
    Mar 5, 2004
    Messages:
    2,995
    Likes Received:
    0
    Trophy Points:
    66
    @-camstuf-
    Norton is for catching viruses not popup's (though it would be nice)
    Its garbage...get rid of it! And as far as anti-spy goes..I havn't a clue as I don't use or need it.
    I would highly recommend switching web browsers from IE to firefox web browser as firefox stopps pretty much every single popup.
     
  2. izzysmom

    izzysmom Guest

    Please help me - I just downloaded and ran hijack this and got a lot of entries. I had run adaware, spybot, and housecall scan (housecall came up clean) but I found out my adware away trial had ended (I loved that one!)and I can't afford it right now. I got hijack this for more protection, but I don't know what the log entries mean and am afraid to try to sort them myself (but I am trying to learn). Unfortunately, I don't even know how to post the log in this thread reply. Can someone please tell me how to do this? Thanks
    P.S. Also, my computer is running veeeery slowly and microsoft antispy daily check says I have nothing. Does anyone have any ideas?
     
    Last edited by a moderator: Apr 6, 2005
  3. izzysmom

    izzysmom Guest

    Also, NAV said there was only one item and it couldn't remove it "AdwareP2P...something" I do use two P2P programs, Shareaza and Ares - could they be sending spyware the programs can't yet detect? (I update regularly). I had Kazaa, and removed it, but could the port still be open in my firewall? I had windows SP2, heard bad things, got rid of it because computer was really slow and constantly crashing - removing it didn't seem to change anything, so when it came up as a regular update I put it back in - problem? A little off the subject, I only have 7GB free of an 80GB hard drive, could that be slowing me down? This is very frustrating, because when I originally ran the scans CJC recommended at the beginning of this thread my computer was like new - behaving like it did after I had reformatted. I really don't want to do that again, as I have a lot more stuff on the computer now that I would have to back up. I also considered using system restore (I've never used it) to go back to the point after the initial scan when the machine was running well. Should I? Thank you to whoever reads this for putting up with the ramblings of some computer silly newbie, and if anyone has any suggestions I would really appreciate them - thanks
     
  4. ddp

    ddp Moderator Staff Member

    Joined:
    Oct 15, 2004
    Messages:
    39,309
    Likes Received:
    120
    Trophy Points:
    143
    have you run adaware se to get rid of the spyware?? also do an online scan with www.antivirus.com free housecall to see if your system is virus & spyware clean
     
  5. izzysmom

    izzysmom Guest

    Yes, adaware, spybot, and trendmicro online virus check - all clean - and still my computer is paging very slowly on explorer, and occasionally freezing up
     
  6. izzysmom

    izzysmom Guest

    Yes, adaware, spybot, and trendmicro online virus check - all clean - and still my computer is paging very slowly on explorer, and occasionally freezing up, difficulty launching programs
     
    Last edited by a moderator: Apr 6, 2005
  7. izzysmom

    izzysmom Guest

    Sorry about that last post, guys - I reread it and realized iI went [bold]way[bold] off the topic, so after searching I started a new thread - if there is anyone who is willing to help me but did not want to continue off the threads topic, can you reply to me on
     
  8. kanum

    kanum Member

    Joined:
    Jan 10, 2005
    Messages:
    25
    Likes Received:
    0
    Trophy Points:
    11
    personally i think spy bot is a horrible program i would use microsoft anti spyware and lava softs ad-aware only spy bot is horribly sloooow plus it dosnet get all spyware every time
     
  9. coolins

    coolins Guest

    i need help with my computer.. I dont know where to start, so I'll just tell you the problem. I can't open google.com or hotmail.com. Its horribly annoying. I ran adaware and search and destroy and it still isn't working. What should i try next? THanks for your help
     
  10. eLeCTR0n

    eLeCTR0n Regular member

    Joined:
    Mar 26, 2003
    Messages:
    129
    Likes Received:
    0
    Trophy Points:
    26
    camstuf
    ya you should definately use Firefox. With Firefox you almost NEVER get any popups and it even protects you from most of adware/spyware/virus/trojan/hijacks you get from web sites.

    [bold]www.getfirefox.com[/bold]
     
  11. eLeCTR0n

    eLeCTR0n Regular member

    Joined:
    Mar 26, 2003
    Messages:
    129
    Likes Received:
    0
    Trophy Points:
    26
    coolins:

    You also need to use antivirus software’ there are even some free ones. I recommend doing a scan here:
    http://housecall.trendmicro.com/

    That will check for all kinds of malicious software.
    Also, delete all your temp files and cookies and your internet temp files. And go in the Add/Remove Programs in the Control Panel and check the list of all the programs installed, and remove anything you don’t recognize. Last but not least make sure you have the latest Windows updates and if you're using IE you need to switch right now to Firefox.
    Hope that helps :)




     
  12. ddp

    ddp Moderator Staff Member

    Joined:
    Oct 15, 2004
    Messages:
    39,309
    Likes Received:
    120
    Trophy Points:
    143
    download & run ccleaner from www.ccleaner.com to clean the crap out of your windoes like cookies & whatever. what antivirus program are you using??
     
  13. zognogin

    zognogin Member

    Joined:
    May 3, 2005
    Messages:
    8
    Likes Received:
    0
    Trophy Points:
    11
    Hi i need help i went on a virus infested website i was reading some forums on how to delete it i saw that hijack this was a good program so i downloaded it and i got a log but it was far to complex for me and i was wondering if anyone could help thanks jon.

    Logfile of HijackThis v1.99.1
    Scan saved at 22:24:22, on 03/05/2005
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\LEXBCES.EXE
    C:\WINDOWS\system32\LEXPPS.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\Firewall\PavFires.exe
    C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\PavFnSvr.exe
    C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\Pavkre.exe
    C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\PavProt.exe
    C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\pavsrv51.exe
    C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\AVENGINE.EXE
    C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\prevsrv.exe
    C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\psimsvc.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\apvxdwin.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
    C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
    C:\net2plug\tools\wait4IP.exe
    C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
    C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\WebProxy.exe
    C:\WINDOWS\System32\n?lookup.exe
    C:\Program Files\Ares Lite Edition\Ares.exe
    C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\WINDOWS\System32\wuauclt.exe
    C:\WINDOWS\explorer.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\WINDOWS\System32\rundll32.exe
    C:\WINDOWS\System32\rundll32.exe
    C:\WINDOWS\loadclean.exe
    C:\Program Files\3B Software\3B Spyware Protection Pro\SpyGuard.exe
    C:\Documents and Settings\The Saxbys\Local Settings\Temp\Temporary Directory 1 for hijackthis.zip\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
    R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Wanadoo
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - Default URLSearchHook is missing
    F2 - REG:system.ini: UserInit=C:\WINDOWS\System32\Userinit.exe
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {0A8D0092-6F79-27C0-3B9C-D542A7FC6907} - C:\WINDOWS\system32\javanb32.dll (file missing)
    O2 - BHO: (no name) - {FD064786-0540-EDEF-EB58-211A5DA521D0} - C:\WINDOWS\system32\mfcos.dll (file missing)
    O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O4 - HKLM\..\Run: [SUPASTATUS] C:\Program Files\Internet Explorer\Connection Wizard\Status.exe
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
    O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
    O4 - HKLM\..\Run: [phatdmrkir] C:\WINDOWS\System32\zczghsfb.exe
    O4 - HKLM\..\Run: [dale bold curb joy] C:\Documents and Settings\All Users\Application Data\Shim Move Dale Bold\move idle.exe
    O4 - HKLM\..\Run: [wait4ip] c:\net2plug\tools\wait4IP.exe
    O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
    O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
    O4 - HKLM\..\Run: [Security iGuard] C:\Program Files\Security iGuard\Security iGuard.exe
    O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\APVXDWIN.EXE" /s
    O4 - HKLM\..\Run: [ControlPanel] C:\WINDOWS\System32\cmd32.exe internat.dll,LoadKeyboardProfile
    O4 - HKCU\..\Run: [Spyware Vanisher] c:\spywarevanisher-free\FreeScanner.exe -FastScan
    O4 - HKCU\..\Run: [Wex] C:\WINDOWS\System32\n?lookup.exe
    O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares Lite Edition\Ares.exe" -h
    O4 - HKCU\..\RunServices: [logon.exe] C:\WINDOWS\System32\logon.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O4 - Global Startup: Ulead Photo Express 4.0 SE Calendar Checker .lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O8 - Extra context menu item: Search with Wanadoo - res://C:\PROGRA~1\Wanadoo\WSBar\WSBar.dll/VSearch.htm
    O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O9 - Extra button: Microsoft AntiSpyware helper - {8AA9C867-1BAE-4A0F-8684-A38CAB9C6A50} - (no file) (HKCU)
    O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {8AA9C867-1BAE-4A0F-8684-A38CAB9C6A50} - (no file) (HKCU)
    O14 - IERESET.INF: START_PAGE_URL=http://www.wanadoo.co.uk
    O15 - Trusted IP range:
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
    O16 - DPF: {11010101-1001-1111-1000-110112345678} - ms-its:mhtml:file://C: oo.mht!http://198.88.20.155/targ.chm::/win32.exe
    O16 - DPF: {11111111-1111-1111-1111-111111113457} - file://c:\ied_s7.cab
    O16 - DPF: {11111111-1111-1111-1111-111191113457} - file://c:\ied_s7.cab
    O16 - DPF: {11111111-1111-1111-1111-511111113457} - file://c:\x.cab
    O16 - DPF: {11111111-1111-1111-1111-511111113458} - file://c:\x.cab
    O16 - DPF: {11111111-1111-1111-1111-511111193457} - file://c:\x.cab
    O16 - DPF: {11111111-1111-1111-1111-511111193458} - file://c:\x.cab
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
    O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/6247971CanadaInc/ie/bridge-c7.cab
    O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei-2/SmileyCentralFWBInitialSetup1.0.0.8-2.cab
    O16 - DPF: {23232323-2323-2323-2323-232323291122} - file://c:\x.cab
    O16 - DPF: {24311111-1111-1121-1111-111191113457} - file://c:\eied_s7.cab
    O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F98} - http://www.miniclip.com/platypus/miniclipGameLoader.dll
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
    O16 - DPF: {33331111-1111-1111-1111-611111193457} - file://c:\ex.cab
    O16 - DPF: {33331111-1111-1111-1111-611111193458} - file://c:\ex.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
    O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} - http://fdl.msn.com/zone/datafiles/heartbeat.cab
    O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab
    O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
    O16 - DPF: {FCF289D4-0AC8-4ED8-BE31-E8AF09606AB5} (download_35mb_com.applet) - http://download.35mb.com/images/downloadapplet.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{D4C6E551-033A-47D1-9B0B-BF7C2E82AA88}: NameServer = 195.92.195.94 195.92.195.95
    O21 - SSODL: SystemCheck2 - {54645654-2225-4455-44A1-9F4543D34545} - (no file)
    O23 - Service: Network Security Service (NSS) ( 11Fßä#·ºÄÖ`I) - Unknown owner - C:\WINDOWS\system32\addee32.exe (file missing)
    O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
    O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
    O23 - Service: Panda Firewall Service (PAVFIRES) - Panda Software - C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\Firewall\PavFires.exe
    O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software - C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\PavFnSvr.exe
    O23 - Service: Panda Pavkre (Pavkre) - Panda Software - C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\Pavkre.exe
    O23 - Service: Panda PavProt (PavProt) - Panda Software - C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\PavProt.exe
    O23 - Service: Panda Process Protection Service (PavPrSrv) - Unknown owner - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe (file missing)
    O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software - C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\pavsrv51.exe
    O23 - Service: Panda Preventium+ Service (PREVSRV) - Panda Software - C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\prevsrv.exe
    O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software Internacional - C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\psimsvc.exe
     
  14. zhs90

    zhs90 Member

    Joined:
    May 3, 2005
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    11
    Help! I think I might have a virus and some spyware on my computer!

    I have downloaded HijackThis. her is my log (please tell me what to fix!!!):

    Logfile of HijackThis v1.99.1
    Scan saved at 10:12:14 PM, on 5/3/2005
    Platform: Windows 2000 SP4 (WinNT 5.00.2195)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINNT\System32\smss.exe
    C:\WINNT\system32\winlogon.exe
    C:\WINNT\system32\services.exe
    C:\WINNT\system32\lsass.exe
    C:\WINNT\system32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\WINNT\system32\LEXBCES.EXE
    C:\WINNT\system32\spoolsv.exe
    C:\WINNT\system32\LEXPPS.EXE
    C:\WINNT\System32\svchost.exe
    C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
    C:\Program Files\Norton SystemWorks\Norton AntiVirus\IWP\NPFMntor.exe
    C:\WINNT\system32\regsvc.exe
    C:\WINNT\system32\MSTask.exe
    C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    C:\WINNT\System32\WBEM\WinMgmt.exe
    C:\WINNT\system32\svchost.exe
    C:\WINNT\Explorer.EXE
    C:\WINNT\System32\svchost.exe
    C:\WINNT\system32\spool\DRIVERS\W32X86\2\printray.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\WINNT\system32\ctfmon.exe
    C:\Program Files\AIM\aim.exe
    C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
    C:\Program Files\Norton SystemWorks\Norton GoBack\GBTray.exe
    C:\Program Files\Microsoft Office\Office\1033\OLFSNT40.EXE
    C:\Program Files\WinZip\WZQKPICK.EXE
    C:\WINNT\system32\rundll32.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Documents and Settings\Bo Sammons\Local Settings\Temp\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
    R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINNT\about.htm
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINNT\about.htm
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\ycomp5_6_0_0.dll
    O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
    O4 - HKLM\..\Run: [PrinTray] C:\WINNT\system32\spool\DRIVERS\W32X86\2\printray.exe
    O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [SymTray - Norton SystemWorks] C:\Program Files\Common Files\Symantec Shared\Symtray.exe SetReg
    O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
    O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe
    O4 - HKCU\..\Run: [SpyKiller] C:\Program Files\SpyKiller\spykiller.exe /startup
    O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
    O4 - HKCU\..\Run: [Norton SystemWorks] "C:\Program Files\Norton SystemWorks\cfgwiz.exe" /GUID {05858CFD-5CC4-4ceb-AAAF-CF00BF39736A} /MODE CfgWiz
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O4 - Global Startup: Norton GoBack.lnk = C:\Program Files\Norton SystemWorks\Norton GoBack\GBTray.exe
    O4 - Global Startup: Symantec Fax Starter Edition Port.lnk = C:\Program Files\Microsoft Office\Office\1033\OLFSNT40.EXE
    O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
    O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
    O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.00.0001.1203\en-us\msntb.dll/search.htm
    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
    O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
    O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\Program Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU)
    O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/download/ipixx.cab
    O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} - http://www.musicnotes.com/download/mnviewer.cab
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
    O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - http://www.symantec.com/techsupp/asa/LSSupCtl.cab
    O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yinst20040510.cab
    O16 - DPF: {94B82441-A413-4E43-8422-D49930E69764} (TLIEFlashObj Class) - https://echat.us.dell.com/Media/VisitorChat/TLIEFlash.CAB
    O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - http://www.symantec.com/techsupp/asa/SymAData.cab
    O16 - DPF: {EE8B6D5F-FEF2-11D0-B13F-00A024798EF3} (Microsoft Search Settings Control) - http://lg.home.microsoft.com/search/lobby/searchsettings.cab
    O16 - DPF: {F5C90925-ABBF-4475-88F5-8622B452BA9E} (Compaq System Data Class) - http://wwemail.support.hp.com/fd2/objects/SysQuery.cab
    O16 - DPF: {FA3662C3-B8E8-11D6-A667-0010B556D978} (IWinAmpActiveX Class) - http://cdn.digitalcity.com/_media/dalaillama/ampx.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{AD19E7E6-65B3-4009-9BCE-A1EE061E5F48}: NameServer = 209.244.0.3 209.244.0.4
    O20 - Winlogon Notify: nwprovau - C:\WINNT\SYSTEM32\nwprovau.dll
    O20 - Winlogon Notify: Telephony - C:\WINNT\system32\fp2203foe.dll
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
    O23 - Service: GoBack Polling Service (GBPoll) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe
    O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINNT\system32\LEXBCES.EXE
    O23 - Service: Microsoft NetWork FireWall Services - Unknown owner - NetServices.exe (file missing)
    O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
    O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\IWP\NPFMntor.exe
    O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\SAVScan.exe
    O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

     
  15. camstuf

    camstuf Guest

    @eLeCTR0n
    Last time I used Firefox, none of my bookmarks/favorites worked anymore. And my WIFI would not work on my laptop.
     
  16. eLeCTR0n

    eLeCTR0n Regular member

    Joined:
    Mar 26, 2003
    Messages:
    129
    Likes Received:
    0
    Trophy Points:
    26
    @camstuf

    When you install Firefox the first time you open it, it will ask you if want to import your bookmarks from Internet Explorer or other browsers. You can even use the importing wizard to import them later if you don't import them the first time you run it. If you don't import your bookmarks then they obviously wouldn't be there.

    Now Firefox is only a web browsing software. It has nothing to do with network connections whether it's a LAN, WAN, Internet, or WiFi. Firefox only uses the connection to communicate with servers nothing more. So Firefox had nothing to do with your WiFi problem.
     
    Last edited: May 5, 2005
  17. camstuf

    camstuf Guest

    @eLeCTR0n, Thanks for the great info, I may try it.
     
  18. rx29

    rx29 Member

    Joined:
    Mar 12, 2005
    Messages:
    37
    Likes Received:
    0
    Trophy Points:
    16
    hi! two nights ago, everything,(and I mean EVERYTHING), deleted off my computer in less than 15 seconds. I couldn't exit, all system programs, files and registry were sucked down the vortex. I rebooted with the manufacturers disc. However, since that time I can't get on the internet for half of the time, and applications freeze, end program doesn't work. I scaned with every program I could get my hands on, all are clear, no spyware found,virus,cookies, temp files, all compatable. I use gateway 505 with windows XP. Tried avast,sygate,adaware,spybot search and destroy,peerguardian,nod,mru blocker,ect..any ideas, other than "boy, are you screwed!?"
     
  19. eLeCTR0n

    eLeCTR0n Regular member

    Joined:
    Mar 26, 2003
    Messages:
    129
    Likes Received:
    0
    Trophy Points:
    26
    rx29

    Since everything got deleted already, you should just do a fresh install and reinstall everything. Boot with Windows XP cd or the cd that came with your computer then choose New/Fresh install and format you harddrive with NTFS (not quick), Your computer will go back to how it was when you first bought it. Afterwards, make sure this doesn't happen again by doing the following:

    1) don't go online with an administrator account, create a restricted/normal user and use that for the Internet
    2) always have an antivirus running and check [bold]housecall.trendmicro.com[/bold] regularly to check for malicious software
    3) have at least 1 firewall enabled if you don't have any 3rd party firewalls just turn on the windows xp firewall
    4) update windows at least weekly or turn on auto-updates
    5) use [bold]Firefox[/bold] and never use IE unless you must
    6) delete temp files, cookies and web files regularly
    7) use an anti-spyware/adware program like Webroot spysweeper
    8) never run an executable (.exe) program u get in an email or from internet unless you exactly what it is and what it's going to do

    These are just some things i can think of right now.
    let me know what happens with you
     
    Last edited: May 16, 2005
  20. ddp

    ddp Moderator Staff Member

    Joined:
    Oct 15, 2004
    Messages:
    39,309
    Likes Received:
    120
    Trophy Points:
    143
Thread Status:
Not open for further replies.

Share This Page