Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

DrWatsons Problem


  • Please log in to reply

#166
Pantrwrstl

Pantrwrstl

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 172 posts
word sister...ill talk to ya tomorrow
  • 0

Advertisements


#167
Michelle

Michelle

    Malware Removal Goddess

  • Retired Staff
  • 8,928 posts
One more thing, if you're having any problems at all following those guidelines, do NOT reinstall XP as it could cause data loss and you would have to start all over with that if you don't have backups.
  • 0

#168
Michelle

Michelle

    Malware Removal Goddess

  • Retired Staff
  • 8,928 posts
See ya tomorrow! :tazz:
  • 0

#169
Pantrwrstl

Pantrwrstl

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 172 posts
Ok, XP repaired itself, my sound is back, but i have no internet connection... so i cant install the SP1... i have the disk for SP2 so i can install that, but thats not what you said... soOo.... what to do?
  • 0

#170
Michelle

Michelle

    Malware Removal Goddess

  • Retired Staff
  • 8,928 posts
I would go ahead and install Service Pack 2 since you have the CD. Unless your ISP is having problems you should still have Internet. Go into Start > Control Panel - click on Network Connections. Make sure your connection in enabled. Go into Internet Explorer click on Tools > Internet Options, then click the connections tab to make sure your settings are correct.

Edited by bananafanafo, 12 April 2005 - 07:40 PM.

  • 0

#171
Michelle

Michelle

    Malware Removal Goddess

  • Retired Staff
  • 8,928 posts
Does your computer still crash when you right-click??
  • 0

#172
Pantrwrstl

Pantrwrstl

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 172 posts
OK, wow, annoying, my mouse has gone and ive managed to navagate here with the keyboard, the sounds fixed, SP2 is installed, before i installed it i tried right clicking on the desktop and it just flashed, lost all the desktop icons and start bar and then went back to normal... so i guess drwatsons didnt really crash because i never had to close that, but yes my computer did...anything i can do about my mouse??
  • 0

#173
Michelle

Michelle

    Malware Removal Goddess

  • Retired Staff
  • 8,928 posts
The only thing I would be able to tell you is to make sure it's plugged in :tazz: (I know it is). I would ask the hardware forum about that one.
  • 0

#174
Pantrwrstl

Pantrwrstl

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 172 posts
good news is i got a new mouse and im back to being fully functional.... bad news is i just right clicked my desktop and it crashed again...
  • 0

#175
Michelle

Michelle

    Malware Removal Goddess

  • Retired Staff
  • 8,928 posts
I really do not think this is a current malware problem. I think something is seriously wrong with XP - that the repair install obviously didn't fix. There is one more scan that I want you to run:

First, run CleanUp! (so the scan won't take as long because cleanup will clear temporary files and cookies)

Then, please download Ewido Security Suite, install it, then be sure to update it (it won't scan until it's updated). Let it scan your computer (it may take a little while). Post the results from the scan. along with a new HiJackThis log.
  • 0

Advertisements


#176
Pantrwrstl

Pantrwrstl

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 172 posts
---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------

+ Created on: 4:06:20 PM, 4/25/2005
+ Report-Checksum: F32608C8

+ Date of database: 4/25/2005
+ Version of scan engine: v3.0

+ Duration: 64 min
+ Scanned Files: 45747
+ Speed: 11.88 Files/Second
+ Infected files: 2
+ Removed files: 2
+ Files put in quarantine: 2
+ Files that could not be opened: 0
+ Files that could not be cleaned: 0

+ Binder: Yes
+ Crypter: Yes
+ Archives: No

+ Scanned items:
C:\

+ Scan result:
C:\WINDOWS\SYSTEM32\DRIVERS\etc\HOSTS.bak -> Trojan.Qhost.av -> Cleaned with backup
C:\Program Files\Kazaa Lite\supertrick.txt -> Trojan.Qhost.av -> Cleaned with backup


::Report End
  • 0

#177
Pantrwrstl

Pantrwrstl

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 172 posts
Logfile of HijackThis v1.99.1
Scan saved at 4:08:36 PM, on 4/25/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\KMaestro\KMaestro.exe
C:\Program Files\ewido\security suite\SecuritySuite.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Lexmark X5100 Series\lxbabmgr.exe
C:\Program Files\Lexmark X5100 Series\lxbabmon.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\SYMANT~2\VPTray.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Symantec Client Security\Symantec AntiVirus\DefWatch.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec Client Security\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Symantec Client Security\Symantec Client Firewall\CfgWzSvc.exe
C:\Program Files\Symantec Client Security\Symantec Client Firewall\SymSPort.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\user\Desktop\hijackthis\HijackThis.exe

O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRAM FILES\YAHOO!\COMPANION\INSTALLS\CPN\YCOMP5_5_7_0.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRAM FILES\YAHOO!\COMPANION\INSTALLS\CPN\YCOMP5_5_7_0.DLL
O4 - HKLM\..\Run: [BtcMaestro] C:\Program Files\KMaestro\KMaestro.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [Lexmark X5100 Series] "C:\Program Files\Lexmark X5100 Series\lxbabmgr.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\SYMANT~2\VPTray.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: Yahoo! Poker - http://download.game...nts/y/pt3_x.cab
O16 - DPF: Yahoo! Pool 2 - http://download.game...ts/y/pote_x.cab
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall-bet...all/xscan60.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.c...nst_current.cab
O16 - DPF: {31E68DE2-5548-4B23-88F0-C51E6A0F695E} (Microsoft PID Sniffer) - https://support.micr...ActiveX/odc.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by102fd.bay10...es/MsnPUpld.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefend...can8/oscan8.cab
O16 - DPF: {5DD731E6-D4F0-11D3-BE3F-00105A6FDA50} (V3ProX Control) - http://ahnlabdownloa...n/myv3/myv3.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupd...b?1101264785109
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.syma...n/bin/cabsa.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoft.../as5/asinst.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1....loadManager.ocx
O16 - DPF: {E9348280-2D74-4933-BE25-73D946926795} (DeviceEnum Class) - http://h20270.www2.h...cdetection3.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{E4940B58-3477-435E-9902-34E9FF328239}: NameServer = 209.47.15.118,64.157.143.38,
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec Client Firewall Configuration (CfgWzSvc) - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec Client Firewall\CfgWzSvc.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec AntiVirus\DefWatch.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec Client Security\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec AntiVirus\Rtvscan.exe
O23 - Service: Symantec SecurePort (SymSecurePort) - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec Client Firewall\SymSPort.exe
  • 0

#178
Michelle

Michelle

    Malware Removal Goddess

  • Retired Staff
  • 8,928 posts
There isn't anything malicious in your log. Ewido only found 2 trojans that it got rid of, so if you're still having problems with your computer crashing it isn't something I'll be able to help you with. A clean install of XP is probably going to be next option. I would suggest posting in the XP forum and telling them you have already done a repair install and the problem is still there and that your system has already been cleaned of malware. Hoepfully they will be able to give you some better ideas besides re-formatting. I'm sorry! :tazz:
  • 0

#179
Pantrwrstl

Pantrwrstl

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 172 posts
It's all good michelle, sorry to waste so much of your time on my crappy system, thanks again for all your help
  • 0

#180
Michelle

Michelle

    Malware Removal Goddess

  • Retired Staff
  • 8,928 posts
You didn't waste my time at all! I wish I could have helped more :tazz:
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP