Welcome guest. Before posting on our computer help forum, you must register. Click here it's easy and free.

Author Topic: help,help,security, viruses, spyware, worms,adware  (Read 5223 times)

0 Members and 1 Guest are viewing this topic.

2FNFAST

    Topic Starter


    Beginner
    help,help,security, viruses, spyware, worms,adware
    « on: February 16, 2007, 02:45:15 PM »
    ok,i had dialup for a long-time,then i got highspeed,which not i have spyware,and the whole bunch


    sometimes when i click on a link,it takes me 2  some  WINDOWS SEARCH BAR,and some other search bars

    its pissing me off,i can't get rid if it,so,help me out,remember

    i don't want any demo antivius *censored*,or i can find a key for the demo :P


    i also had winantivirus,which is hard 2 get rid of,but,it barely pop's up anymore,
    my computer, window xp pro version 2002,AMD Athlon(tm),1.20GHz,1.00 GB RAM,GeForce fx 5500,custom computer

    fffreak



      Adviser

    • That's right I am a final fantasy freak.
    • Thanked: 3
      • Yes
      • JSPCRepair
    • Certifications: List
    • Experience: Guru
    • OS: Windows 7
    Re: help,help,security, viruses, spyware, worms,ad
    « Reply #1 on: February 16, 2007, 03:00:37 PM »
    Ok, what kind of malware protection software do you have? If you do not have any, I recommend seeing this article. Second thing download HijackThis! and post a log here.

    8-)fffreak
    Computers are the future, not us. Learn everything you can about them while you still can, soon they will be learning about us... Every bit of advice that I give you is best guess, it is your choice whether or not you listen to it.

    2FNFAST

      Topic Starter


      Beginner
      Re: help,help,security, viruses, spyware, worms,ad
      « Reply #2 on: February 16, 2007, 03:48:54 PM »
      i have alot,like adaware,norton,and like 4 otherone's,im just goign 2 uninstall them all,


      Logfile of HijackThis v1.99.1
      Scan saved at 3:46:57 PM, on 2/16/2007
      Platform: Windows XP  (WinNT 5.01.2600)
      MSIE: Internet Explorer v6.00 (6.00.2600.0000)

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
      C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
      C:\WINDOWS\Explorer.EXE
      C:\Program Files\MSN Messenger\msnmsgr.exe
      C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe
      C:\WINDOWS\System32\regscan.exe
      C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
      C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\Program Files\Internet Explorer\iexplore.exe
      C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
      C:\Program Files\Norton AntiVirus\navapsvc.exe
      C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
      C:\WINDOWS\System32\nvsvc32.exe
      C:\WINDOWS\System32\svchost.exe
      C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwsoemon.exe
      C:\Program Files\Internet Explorer\iexplore.exe
      C:\Documents and Settings\kyle.HOME-AER5SZYWM9.000\Local Settings\Temp\Temporary Directory 10 for hijackthis.zip\HijackThis.exe

      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
      R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\2.bin\MWSSRCAS.DLL
      O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\2.bin\MWSSRCAS.DLL
      O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
      O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\2.bin\MWSBAR.DLL
      O2 - BHO: X1IEHook Class - {52706EF7-D7A2-49AD-A615-E903858CF284} - C:\Program Files\Juno\qsacc\X1IEBHO.dll
      O2 - BHO: (no name) - {6A14CC37-451B-CF27-B79B-0127865D7548} - C:\WINDOWS\System32\rueakde.dll
      O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
      O2 - BHO: (no name) - {EFBFE8F4-9C2C-454B-AD24-F58D19405561} - C:\WINDOWS\System32\xxyxvur.dll (file missing)
      O2 - BHO: (no name) - {F717C649-06A8-0B5F-DB4E-5F9099D06F9C} - (no file)
      O2 - BHO: (no name) - {FA5A2B36-DBE2-4E96-843A-81F12675F618} - C:\WINDOWS\System32\nnnll.dll (file missing)
      O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
      O4 - HKLM\..\Run: [My Web Search Bar] rundll32 C:\PROGRA~1\MYWEBS~1\bar\2.bin\MWSBAR.DLL,S
      O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwsoemon.exe
      O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
      O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe"
      O4 - HKCU\..\Run: [Regscan] C:\WINDOWS\System32\regscan.exe
      O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwsoemon.exe
      O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=zuzed004YYUS_ZZzer000
      O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei/MyFunCardsFWBInitialSetup1.0.0.15-3.cab
      O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by129fd.bay129.hotmail.msn.com/resources/MsnPUpld.cab
      O20 - Winlogon Notify: winigd32 - C:\WINDOWS\SYSTEM32\winigd32.dll
      O20 - Winlogon Notify: winvjv32 - C:\WINDOWS\SYSTEM32\winvjv32.dll
      O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
      O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
      O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
      O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
      O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
      O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
      O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
      O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
      O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
      O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
      O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe

      my computer, window xp pro version 2002,AMD Athlon(tm),1.20GHz,1.00 GB RAM,GeForce fx 5500,custom computer

      GX1_Man

      • Guest
      Re: help,help,security, viruses, spyware, worms,ad
      « Reply #3 on: February 16, 2007, 08:32:35 PM »
      Quote
      ok,i had dialup for a long-time,then i got highspeed,which not i have spyware,and the whole bunch


      sometimes when i click on a link,it takes me 2  some  WINDOWS SEARCH BAR,and some other search bars

      its pissing me off,i can't get rid if it,so,help me out,remember

      i don't want any demo antivius *censored*,or i can find a key for the demo :P


      i also had winantivirus,which is hard 2 get rid of,but,it barely pop's up anymore,

      Fortunately we remember you:

      http://www.computerhope.com/cgi-bin/yabb/YaBB.cgi?num=1163974193/0#0

      and I am assuming you got this from stealing your neighbor's internet:

      http://www.computerhope.com/cgi-bin/yabb/YaBB.cgi?num=1167464788/0#0

      So have a read, watch your language and we'll see you later.

      http://www.computerhope.com/cgi-bin/yabb/YaBB.cgi?num=1149948530


      Here's some good reading for you and others about your past for those who do not know what you are all about:

      http://www.computerhope.com/cgi-bin/yabb/YaBB.cgi?action=usersrecentposts;username=2FNFAST:

      http://www.computerhope.com/cgi-bin/yabb/YaBB.cgi?num=1170447669/0#0

       ::)
      « Last Edit: February 16, 2007, 08:37:29 PM by GX1_Man »

      oddjob

      • Moderator


      • Hopeful

        Thanked: 4
        • Experience: Beginner
        • OS: Windows 7
        Re: help,help,security, viruses, spyware, worms,ad
        « Reply #4 on: February 16, 2007, 09:03:52 PM »
        GX1_Man .... thanks for the heads up.

        2FNFAST ... is this a Dell machine?

        This HJT log and the computer are a complete and utter mess. I'm surprised you can even get the machine to boot up.

        The computer has ...

        > an out of date and insecure operating system. It has no Service Packs BUT DO NOT install SP2 on to an infected computer. Only install SP1 or, better, SP1a from here...

        http://www.microsoft.com/windowsxp/downloads/updates/sp1/default.mspx

        > HijackThis in a temporary location. It must be somewhere permanent so backups are not lost.

        > MywebSearch malware.

        > MyWaySearch malware.

        > the Look2Me infection.

        > the ConHook-N Trojan.

        > the OPTIX-SE Trojan.

        > the W32/Rbot-HA worm.

        > an Adlogix adware infection.


        I also see you have been visiting FunWebProducts. This is a bad site and will infect your machine with all manner of malware.

        You have no trace of an up to date java installation.

        I cannot be certain your Norton antivirus or a firewall is fully up to date or operational here.


        To fix everything you have could take hours of work. I personally cannot spent that kind of time on this as you clearly are not interested in protecting yourself or others by using your computer safely with decent protection.

        Even if this time is spent trying to clean up this computer I could not guarantee the fix would be completely successful.

        In  my view you have only one sensible option. I recommend you save all your important data, reformat the hard drive and reinstall from the beginning.

        When you have done this make sure you have proper protection on your computer before going back online.


        OJ
        « Last Edit: February 16, 2007, 10:04:00 PM by oddjob »