just2good4u3434 Posted September 26, 2005 Report Share Posted September 26, 2005 Logfile of HijackThis v1.99.1Scan saved at 1:23:53 PM, on 9/26/2005Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\csrss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Sygate\SPF\smc.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Common Files\Symantec Shared\ccSetMgr.exeC:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Microsoft Hardware\Keyboard\type32.exeC:\WINDOWS\system32\hkcmd.exeC:\Program Files\Common Files\Symantec Shared\ccApp.exeC:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exeC:\WINDOWS\AGRSMMSG.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Alwil Software\Avast4\aswUpdSv.exeC:\Program Files\Alwil Software\Avast4\ashServ.exeC:\WINDOWS\System32\GEARSec.exeC:\Program Files\Norton SystemWorks\Norton Ghost\Agent\PQV2iSvc.exeC:\PROGRA~1\NORTON~2\NORTON~1\NPROTECT.EXEC:\PROGRA~1\NORTON~2\NORTON~1\SPEEDD~1\NOPDB.EXEC:\WINDOWS\system32\svchost.exeC:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exeC:\WINDOWS\system32\wbem\wmiprvse.exeC:\Program Files\Alwil Software\Avast4\ashMaiSv.exeC:\Program Files\Alwil Software\Avast4\ashWebSv.exeC:\WINDOWS\System32\alg.exeD:\Program Files\SpywareBlaster\spywareblaster.exeD:\Program Files\Trillian\trillian.exeC:\Program Files\Windows Media Player\wmplayer.exeC:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXEC:\HiJackThis\HijackThis.exeR0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: (no name) - {785941D5-01F2-503C-A00D-25A211F9AE74} - C:\DOCUME~1\Justin\APPLIC~1\AtomElse\baitpoll.exeO2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dllO3 - Toolbar: AIM Search - {40D41A8B-D79B-43d7-99A7-9EE0F344C385} - C:\Program Files\AIM Toolbar\AIMBar.dllO3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dllO4 - HKLM\..\Run: [smcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startguiO4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -kO4 - HKLM\..\Run: [intelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe"O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exeO4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exeO4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exeO4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exeO4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exeO4 - HKCU\..\Run: [Norton SystemWorks] "C:\Program Files\Norton SystemWorks\cfgwiz.exe" /GUID {05858CFD-5CC4-4ceb-AAAF-CF00BF39736A} /MODE CfgWizO4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /backgroundO4 - Startup: Sygate Personal Firewall.lnk = C:\Program Files\Sygate\SPF\Smc.exeO4 - Global Startup: Spy Sweeper Fix.lnk = C:\Program Files\Webroot\Spy Sweeper\SpySweeperFix.batO9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dllO9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dllO9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLLO9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - D:\Program Files\AIM\aim.exeO9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO16 - DPF: RaptisoftGameLoader - http://www.miniclip.com/hamsterball/raptisoftgameloader.cabO16 - DPF: {3FE16C08-D6A7-4133-84FC-D5BFB4F7D886} (WebGameLoader Class) - http://www.miniclip.com/ricochet/ReflexiveWebGameLoader.cabO16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cabO16 - DPF: {D7BF3304-138B-4DD5-86EE-491BB6A2286C} - http://toolbar.azesearch.com/install/azesearch.cabO17 - HKLM\System\CCS\Services\Tcpip\..\{DE796CC3-AB02-4F4C-BD03-B177ADDBBA9A}: NameServer = 205.152.37.23 205.152.144.23O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dllO23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exeO23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exeO23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exeO23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exeO23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exeO23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exeO23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exeO23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exeO23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Ghost\Agent\PQV2iSvc.exeO23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~2\NORTON~1\NPROTECT.EXEO23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exeO23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exeO23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~2\NORTON~1\SPEEDD~1\NOPDB.EXEO23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exeO23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exeTHANKS VERY MUCH FOR YOUR HELP!! Link to post Share on other sites
Besttechie Posted September 27, 2005 Report Share Posted September 27, 2005 Hi and Welcome,What problems are you having exactly? Can you please do the following, I would like to get a little more on this file. Jotti File Submission:Please go to Jotti's malware scanCopy and paste the following file path into the "File to upload & scan"box on the top of the page:C:\Documents and Settings\Justin\Application Data\AtomElse\baitpoll.exe[*] Click on the submit button[*] Please post the results in your next reply.B Link to post Share on other sites
just2good4u3434 Posted September 30, 2005 Author Report Share Posted September 30, 2005 Service load: 0% 100% File: baitpoll.exe Status: INFECTED/MALWARE MD5 ccfc90910a5d64970cf832078db2bc0b Packers detected: PE_PATCH.UPC, UPC Scanner results AntiVir Found nothing ArcaVir Found nothing Avast Found nothing AVG Antivirus Found nothing BitDefender Found Trojan.Downloader.Swizzor.BO ClamAV Found Trojan.Crypt-5 Dr.Web Found nothing F-Prot Antivirus Found W32/Swizzor.DE@dl Fortinet Found W32/Swizzor.BO-tr Kaspersky Anti-Virus Found Trojan-Downloader.Win32.Swizzor.bo NOD32 Found nothing Norman Virus Control Found nothing UNA Found nothing VBA32 Found Trojan-Downloader.Win32.Swizzor.bo Link to post Share on other sites
just2good4u3434 Posted September 30, 2005 Author Report Share Posted September 30, 2005 and thanks for any help u can give me, some problems ive been having r spybot search and destroy stops scanning halfway through the scan process and im getting pop ups every 2 seconds and theres a really annoying search bar on Ineternet Explorer Link to post Share on other sites
Besttechie Posted September 30, 2005 Report Share Posted September 30, 2005 Hi and Welcome Back, First unhide hidden files and folders, as shown how to do here:http://www.xtra.co.nz/help/0,,4155-1916458,00.html#5Then do the following:Close all browsers and windows except HJT, and have it fix the following:O2 - BHO: (no name) - {785941D5-01F2-503C-A00D-25A211F9AE74} - C:\DOCUME~1\Justin\APPLIC~1\AtomElse\baitpoll.exeThen reboot, into safe mode and delete the following folder in red (if present)How to boot to safe mode:http://www.computerhope.com/issues/chsafe.htm#02C:\Documents and Settings\Justin\Application Data\AtomElse <-- delete the folder and everything in it.After that, reboot into normal mode and run this free online virus scan.1. Run an online virus scan http://housecall.trendmicro.com/ select the auto clean option.2. Then post a new Hijackthis log here in a reply.Good luck! B Link to post Share on other sites
just2good4u3434 Posted September 30, 2005 Author Report Share Posted September 30, 2005 i couldnt find the file that u specified when i ran HJT. i closed all running processes and everything and i unhid hidden files and folders. the only file with the 02- bho was "O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll" i might have already got rid of the file when i ran A-Squared. I ran A-Squared and it got rid of some malware. Link to post Share on other sites
just2good4u3434 Posted September 30, 2005 Author Report Share Posted September 30, 2005 sorry i just also went to <C:\Documents and Settings\Justin\Application Data\AtomElse> and the files were still there. does this mean i still have the virus?? Link to post Share on other sites
Besttechie Posted September 30, 2005 Report Share Posted September 30, 2005 Can you post another HJT log please? B Link to post Share on other sites
just2good4u3434 Posted September 30, 2005 Author Report Share Posted September 30, 2005 Logfile of HijackThis v1.99.1Scan saved at 5:52:31 PM, on 9/30/2005Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\csrss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\savedump.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Sygate\SPF\smc.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Common Files\Symantec Shared\ccSetMgr.exeC:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Microsoft Hardware\Keyboard\type32.exeC:\WINDOWS\system32\hkcmd.exeC:\Program Files\Common Files\Symantec Shared\ccApp.exeC:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exeC:\WINDOWS\AGRSMMSG.exeC:\WINDOWS\etb\pokapoka70.exeD:\Program Files\ProcessGuard\pgaccount.exeC:\Program Files\Common Files\Real\Update_OB\realsched.exeC:\Program Files\Real\RealPlayer\RealPlay.exeD:\Program Files\ProcessGuard\procguard.exeC:\Program Files\SpywareGuard\sgmain.exeC:\Program Files\SpywareGuard\sgbhp.exeC:\Program Files\Alwil Software\Avast4\aswUpdSv.exeC:\Program Files\Alwil Software\Avast4\ashServ.exeD:\Program Files\ProcessGuard\dcsuserprot.exeC:\WINDOWS\System32\GEARSec.exeC:\Program Files\Norton SystemWorks\Norton Ghost\Agent\PQV2iSvc.exeC:\PROGRA~1\NORTON~2\NORTON~1\NPROTECT.EXEC:\PROGRA~1\NORTON~2\NORTON~1\SPEEDD~1\NOPDB.EXEC:\WINDOWS\system32\svchost.exeC:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exeC:\WINDOWS\system32\wdfmgr.exeC:\WINDOWS\system32\wbem\wmiprvse.exeC:\Program Files\Alwil Software\Avast4\ashMaiSv.exeC:\Program Files\Alwil Software\Avast4\ashWebSv.exeC:\WINDOWS\System32\alg.exeC:\Program Files\Spybot - Search & Destroy\SpybotSD.exeC:\WINDOWS\system32\wuauclt.exeD:\Program Files\SpywareBlaster\spywareblaster.exeC:\Program Files\Internet Explorer\IEXPLORE.EXEC:\HiJackThis\HijackThis.exeR1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.searchwebzone.com/sp2.phpR1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.searchwebzone.com/sp2.phpR0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dllO3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dllO4 - HKLM\..\Run: [smcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startguiO4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -kO4 - HKLM\..\Run: [intelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe"O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exeO4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exeO4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exeO4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exeO4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exeO4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" -atboottimeO4 - HKLM\..\Run: [Microsoft Windows DLL Services Configuration] windir32.exeO4 - HKLM\..\Run: [system service70] C:\WINDOWS\etb\pokapoka70.exeO4 - HKLM\..\Run: [!1_pgaccount] "D:\Program Files\ProcessGuard\pgaccount.exe"O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osbootO4 - HKLM\..\RunServices: [Microsoft Windows DLL Services Configuration] windir32.exeO4 - HKCU\..\Run: [Norton SystemWorks] "C:\Program Files\Norton SystemWorks\cfgwiz.exe" /GUID {05858CFD-5CC4-4ceb-AAAF-CF00BF39736A} /MODE CfgWizO4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /backgroundO4 - HKCU\..\Run: [Microsoft Windows DLL Services Configuration] windir32.exeO4 - HKCU\..\Run: [!1_ProcessGuard_Startup] "D:\Program Files\ProcessGuard\procguard.exe" -minimizeO4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exeO4 - Startup: Sygate Personal Firewall.lnk = C:\Program Files\Sygate\SPF\Smc.exeO9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dllO9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dllO9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLLO9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - D:\Program Files\AIM\aim.exeO9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO16 - DPF: RaptisoftGameLoader - http://www.miniclip.com/hamsterball/raptisoftgameloader.cabO16 - DPF: {3FE16C08-D6A7-4133-84FC-D5BFB4F7D886} (WebGameLoader Class) - http://www.miniclip.com/ricochet/ReflexiveWebGameLoader.cabO16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cabO16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (ASquaredScanForm Element) - http://www.windowsecurity.com/trojanscan/axscan.cabO16 - DPF: {D7BF3304-138B-4DD5-86EE-491BB6A2286C} - http://toolbar.azesearch.com/install/azesearch.cabO17 - HKLM\System\CCS\Services\Tcpip\..\{DE796CC3-AB02-4F4C-BD03-B177ADDBBA9A}: NameServer = 205.152.37.23 205.152.144.23O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dllO23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exeO23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exeO23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exeO23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exeO23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exeO23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exeO23 - Service: DiamondCS Process Guard Service v3.000 (DCSPGSRV) - DiamondCS - D:\Program Files\ProcessGuard\dcsuserprot.exeO23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exeO23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exeO23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Ghost\Agent\PQV2iSvc.exeO23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~2\NORTON~1\NPROTECT.EXEO23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exeO23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exeO23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~2\NORTON~1\SPEEDD~1\NOPDB.EXEO23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exeO23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe Link to post Share on other sites
Besttechie Posted October 1, 2005 Report Share Posted October 1, 2005 Ok, few questions...1. Did you set these as your homepage/search engine? If you didn't set that as your homepage, close all windows and have HJT fix them. Then reboot and post a new log.R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.searchwebzone.com/sp2.phpR1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.searchwebzone.com/sp2.php2. I notice you havr Norton Systemworks and avast. Norton Systemworks comes with a firewall doesn't it? (unless you disable it) but in any case it is never a good idea to run two firewalls. Running two firewalls is not good because they will most likely conflict with each other. Same goes for the firewall, I see Sygate and Norton firewall, not a good idea to run two as they will conflict. 3. After doing all this are you still experiencing any problems at all and if so, what are they exactly? How is everything running?B Link to post Share on other sites
just2good4u3434 Posted October 12, 2005 Author Report Share Posted October 12, 2005 wow about a week ago my computer froze and rebooted and nothing worked. i couldnt even connect to the internet. (thats why ive taken so long to reply) i reformated and reinstalled XP. now everything is running fine. i got rid of norton and i only use avast and sygate now. norton is a memory hogger. Link to post Share on other sites
Besttechie Posted October 13, 2005 Report Share Posted October 13, 2005 Since this appears to be resolved, I will be closing the thread and moving it to the resolved section. If you need it reopened, PM a moderator or admin asking to reopen it.The following is a list of tools and utilities that I like to suggest to people. This list is full of great tools and utilities to help you understand how you got infected and how to keep from getting infected again.Spybot Search & Destroy - Uber powerful tool which can search and annhilate nasties that make it onto your system. Now with an Immunize section that will help prevent future infections.AdAware - Another very powerful tool which searches and kills nasties that infect your system. AdAware and Spybot Search & Destroy compliment each other very well.SpywareBlaster - Great prevention tool to keep nasties from installing on your system.SpywareGuard - Works as a Spyware "Shield" to protect your computer from getting malware in the first place.IE-SpyAd - puts over 5000 sites in your restricted zone so you'll be protected when you visit innocent-looking sites that aren't actually innocent at all.CleanUP! - Cleans temporary files from IE and Windows, empties the recycle bin and more. Great tool to help speed up your computer and knock out those nasties that like to reside in the temp folders.Windows Updates - It is very important to make sure that both Internet Explorer and Windows are kept current with the latest critical security patches from Microsoft. To do this just start Internet Explorer and select Tools > Windows Update, and follow the online instructions from there.Google Toolbar - Free google toolbar that allows you to use the powerful Google search engine from the bar, but also blocks pop up windows.Trillian or Miranda-IM - These are Malware free Instant Messenger programs which allow you to connect to multiple IM services in one program! (AOL, Yahoo, ICQ, IRC, MSN)Weather Watcher - Free taskbar weather program that is free, malware free, and resource light.To find out more information about how you got infected in the first place and some great guidelines to follow to prevent future infections you can read this article by Tony KleinGood luck! B Link to post Share on other sites
Recommended Posts