Malware Removal Upto Can't Open CW shredder, spy bot or any online, Possibly Sufside kick Malware??? |
Need a geek? Geeks to Go offers free, quality tech support -- in terms anyone can understand. Volunteers are waiting to help, friendly, technology experts who have knowledge to share, and enjoy helping others. Feel free to browse the site as a guest. However, you must log in to reply to existing topics, or to start a new topic. Other benefits of joining include richer forum features, and removal of all advertising. Learn more in our Welcome Guide Infected? Malware and Spyware Cleaning Guide. What are you waiting for? Click here to join for free today!
  |
 Aug 30 2006, 04:12 PM
Post
#1
|
|
|
New Member  Posts: 1 OS: Windows 2000 Professional  |
I think i may have some Malware/spyware/virus on my PC. I few days ago I noticed more and more pop up adverts and eventually discovered 'Surf Side Kick3'. I have followed numerous posts on various sites to remove this and it does appear to be gone now. However I can no longer open my Norton Anti Virus. The subsription did run out last week but I can't open it to update it. I have also followed the 'must read this before posting a hijack log' post but when i get to the stage to use CW shredder I cannot open this tool. I also can't open Spybot, download or even get on any of the online virus scanners or the trojan hunter. Below is my Hijack this log. I am on Windows 200 professional. I hoep someone can help.
Logfile of HijackThis v1.99.1 Scan saved at 11:06:58 PM, on 8/30/2006 Platform: Windows 2000 SP4 (WinNT 5.00.2195) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINNT\System32\smss.exe C:\WINNT\system32\winlogon.exe C:\WINNT\system32\services.exe C:\WINNT\system32\lsass.exe C:\WINNT\system32\svchost.exe C:\WINNT\system32\spoolsv.exe C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\WINNT\System32\svchost.exe C:\Program Files\Norton AntiVirus\navapsvc.exe C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe C:\WINNT\system32\regsvc.exe C:\WINNT\system32\MSTask.exe C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe C:\WINNT\system32\stisvc.exe C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe C:\WINNT\System32\WBEM\WinMgmt.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\WINNT\system32\winservnt32.exe C:\WINNT\Explorer.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\WINNT\system32\RUNDLL32.EXE C:\PROGRA~1\PANICW~1\POP-UP~1\PSFREE.EXE C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\HijackThis\HijackThis.exe R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://uk.yahoo.com R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com F2 - REG:system.ini: Shell=Explorer.exe winservnt32.exe F2 - REG:system.ini: UserInit=C:\WINNT\system32\userinit.exe,winservnt32.exe O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon O4 - HKLM\..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [defender] C:\\dfndrff_14.exe O4 - HKLM\..\Run: [keyboard] C:\\kybrdff_14.exe O4 - HKLM\..\Run: [bhxbaf2e] RUNDLL32.EXE w0f7ddc7.dll,n 003baf2b0000000a0f7ddc7 O4 - HKLM\..\Run: [newname] C:\\nwnmff_14.exe O4 - HKLM\..\Run: [ntdll.dll] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Ms Update WinServices NT/XP] winservnt32.exe O4 - HKLM\..\RunServices: [System Services] pah.exe O4 - HKLM\..\RunServices: [SP2 Firewall/Internet Updater] crssrs.exe O4 - HKLM\..\RunServices: [Windows Kernel System Service] wkssvc.exe O4 - HKLM\..\RunServices: [MS Java for Windows XP & NT] javanet.exe O4 - HKCU\..\Run: [PopUpStopperFreeEdition] C:\PROGRA~1\PANICW~1\POP-UP~1\PSFREE.EXE O4 - HKCU\..\Run: [Atrl] C:\Documents and Settings\Administrator\Application Data\basa.exe O4 - HKCU\..\Run: [Ms Update WinServices NT/XP] winservnt32.exe O4 - HKCU\..\RunServices: [Windows Kernel System Service] wkssvc.exe O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe O15 - ProtocolDefaults: 'http' protocol is in My Computer Zone, should be Internet Zone O16 - DPF: {56393399-041A-4650-94C7-13DFCB1F4665} (PSFormX Control) - http://www3.ca.com/securityadvisor/pestscan/pestscan.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{894C8480-0E9F-4439-9E62-FE7DD2902920}: NameServer = 212.74.114.129 212.74.112.66 O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe (file missing) O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe PLease let me know if tehr eis anything else I need to post. |
 |
 
|
|
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:
Similar Topics
| Topic Title | Replies / Views | Topic Information | |||||
|---|---|---|---|---|---|---|---|
 |
0 / 306 | 18th June 2005 - 05:07 PM tommybahama started - last by tommybahama |
|||||
|
5 / 483 | 16th August 2006 - 09:06 AM lhasa86 started - last by RiP |
|||||
 |
15 / 1,632 | 10th March 2008 - 06:28 PM paysismom started - last by RatHat |
|||||
|
43 / 986 | 16th August 2009 - 08:11 PM guitarroman1 started - last by handhfan |
|||||
|
Time is now: 8th November 2009 - 02:41 AM |
Advertisements do not imply our endorsement of that product or service. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks mentioned on this page are the property of their respective owners.
© Geeks to Go, Inc. | All Rights Reserved | Privacy Policy | Advertising