Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Yet another one!


  • This topic is locked This topic is locked

#46
coachwife6

coachwife6

    SuperStar

  • Retired Staff
  • 11,413 posts
Please don't do the bottom half of your log in wraparound. Why was it normal and then started to format that way.

Here is the note from my co-geek

[quote]Yes, I would appreciate it if you have him upload a copy of wininet to thespykiller. Have him label the topic '2000 SP4 wininet'. The new beta should work just fine on that too. thumbsup.gif

http://www.thespykiller.co.uk/forum/
  • 0

Advertisements


#47
BlackVinyl

BlackVinyl

    Member

  • Topic Starter
  • Member
  • PipPip
  • 46 posts
Hi,
I'm not sure why the log was like that. I changed it so that the text wrapped and then CTRL A & CTRL C and then CTRL V in my post, but I am not sure why it cut off portions of the log.

I will upload that wininet file for him as soon as possible.
My question is, will I have access to that file to upload it, if it is infected?
Norton comes up with 'access to the file is denied'.

Anyway, I will try it later and see how it goes.

Do you want me to re-post the HJT log?

Thank you,

BV
  • 0

#48
coachwife6

coachwife6

    SuperStar

  • Retired Staff
  • 11,413 posts
Yes, repost the log.
  • 0

#49
noahdfear

noahdfear

    Malware Expert

  • Expert
  • 1,316 posts
  • MVP
Hi BV!

Uploading that file shouldn't be a problem. Just go to the Uploads section and start a new topic, click the browse button and navigate to and select the file, then add subject and a link to this topic and post.

Thanks!
  • 0

#50
BlackVinyl

BlackVinyl

    Member

  • Topic Starter
  • Member
  • PipPip
  • 46 posts
OK, here's that HJT log again.Logfile of HijackThis v1.99.1
Scan saved at 11:56:50 PM, on 7/07/2005
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v5.00 SP4 (5.00.2920.0000)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\csrss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\wuauclt.exe
C:\WINNT\Explorer.EXE
C:\PROGRA~1\NORTON~1\navapw32.exe
C:\Program Files\SpySweeperV3.2.0.147\SpySweeper.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\trojfix\HJT\HijackThis.exe

O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
O4 - HKCU\..\Run: [SpySweeper] "C:\Program Files\SpySweeperV3.2.0.147\SpySweeper.exe" /0
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoft.../as5/asinst.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{5B6D28B5-5136-4712-B297-27953F1D9DEC}: NameServer = 192.189.54.17 203.8.183.1
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Net Functions Library (Netlib) - Unknown owner - C:\WINNT\system32\Netlib.exe (file missing)
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe


Awaiting your instructions. ;)

BV :tazz:
  • 0

#51
coachwife6

coachwife6

    SuperStar

  • Retired Staff
  • 11,413 posts
Looks fine. How is it running?
  • 0

#52
BlackVinyl

BlackVinyl

    Member

  • Topic Starter
  • Member
  • PipPip
  • 46 posts
Hi,
Well, it has that virus that Norton is picking up, but I have successfully uploaded the file in question to the other forum, so I am waiting on that reply.

The pc in general is much better than it was in my original post, however, it seems to be running very sluggish and in addition to that, what I mentioned in post #30 is still happening...and when the pc has been connected to the internet for about 15-20 mins, I get disconnected.

From post #30...

Ooh! and something else which I may not have mentioned.
Everytime I connect to the net ( I have du connection), the modem does not stop RX & TX information. The 2 little pc icons in the system tray remain on without flashing until I disconnect.


On the flipside, the system alerts seem to have disappeared ;)
and the smitfraud prob seems to have gone...woo hoo :tazz:

If we can just get rid of the other issues I metnioned above, that would be great!

Thank you.

BV ;)
  • 0

#53
coachwife6

coachwife6

    SuperStar

  • Retired Staff
  • 11,413 posts

Ooh! and something else which I may not have mentioned.
Everytime I connect to the net ( I have du connection), the modem does not stop RX & TX information. The 2 little pc icons in the system tray remain on without flashing until I disconnect.


If you've been using cracked programs and even though you've taken it off your system, there's no telling the damage it has done. I have taken it as far as I can go. I have reread our forum guidelines and I feel a strong need to close this topic because of the use - even though it has been in the past, of cracked software.

Good luck.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP