Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Need a Miracle


  • Please log in to reply

#1
L0$t

L0$t

    Member

  • Member
  • PipPip
  • 15 posts
I have a huge problem, I bought a dell.....anyway, guess i might have contracted a virus while surfing the net. After I got off the net, I tried to run Norton SystemWorks cause I had a lot of pop-ups and also Norton kept informing me about Trojan prgrams it kept deleting. Norton would not come up no matter how i tried to start it. I ran Ad-Aware SE to rid any spyware and that was successful but still no norton. Then i started to get the "Explorer experienced an error and needs to shut down, do you want to send the error code...blablabla" block even if i clicked "Do not send". Basicly the laptop was in a loop, so i rebooted. It started just fine, loaded all my start up programs than the error messege came up again. After clicking "do not send" the page reboots itself and so do all the applications. Nothing works except for a few apps.........HELP ME>>>>>>.
  • 0

Advertisements


#2
kool808

kool808

    Visiting Staff

  • Member
  • PipPipPipPip
  • 1,690 posts
Hello and welcome to Geeks to Go! :tazz: I'm kool808 .Even the best antispyware programs are only able to remove about 70% of infections. Also, the line between spyware and trojans is getting blurred. You can never be too careful with these, I recommend at least one online scan.

Now, REBOOT in Normal Mode and have an On-line scan at this sites: Trend Micro or Panda Scan or BitDefender.

REBOOT again.

Lets see how it goes. ;)
  • 0

#3
L0$t

L0$t

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts
can't log on, I use sprint wireless internet, so it's not recognising my cell phone. Also that windows explorer error screen keeps popping up and after i hit "don't send" the "Active Desktop recovery" screen comes up and the explorer error screen soon after that.... stuck in a loop......need help.....

also, when i drag box across the screen it leave a trail...don't know if it helps..

Edited by L0$t, 16 June 2005 - 08:53 AM.

  • 0

#4
gerryf

gerryf

    Retired Staff

  • Retired Staff
  • 11,365 posts
does that mean you followed the advice above...or cannot?
  • 0

#5
L0$t

L0$t

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts

does that mean you followed the advice above...or cannot?

View Post


i can't get online (using work pc right now), the only thing i did was run Ad-Aware SE and luckly i got NSWorks to come up, doing a one button checkup but the repair is taking forever.....don't know if doing a virus scan will help but running it anyway....norton cleanup scan showed 8804 errors but i think it froze up when started the fix....

Edited by L0$t, 16 June 2005 - 09:12 AM.

  • 0

#6
kool808

kool808

    Visiting Staff

  • Member
  • PipPipPipPip
  • 1,690 posts
Did you mean you lost your Internet connections? Or its just your PC wont recognize a connection?

Download and run WINSockFixXP, if you lost your internet connections due to malware.
  • 0

#7
L0$t

L0$t

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts

Did you mean you lost your Internet connections? Or its just your PC wont recognize a connection?

Download and run WINSockFixXP, if you lost your internet connections due to malware.

View Post



i connect on my laptop through my cell phone, but right now the program i use for connecting will not recognise the cellphone and will not link it to the laptop... also at start up "Ware-out" program comes on, even though i never downloaded it....says it's a spyware program....
  • 0

#8
gerryf

gerryf

    Retired Staff

  • Retired Staff
  • 11,365 posts
lost, get a copy of hijackthis and put it on a floppy....run it from a floppy and save a log.

Then post a log in the malware forum in my signature and explain that you cannot follow the instructions in the READ THIS FIRST thread because your machine cannot get online. They will do some triage fixes to get you up and running to the point where they can get you functional, then take it to the next level.

Then, if any problems remain after you get a clean bill of health, return to this thread.
  • 0

#9
L0$t

L0$t

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts

lost, get a copy of hijackthis and put it on a floppy....run it from a floppy and save a log.

Then post a log in the malware forum in my signature and explain that you cannot follow the instructions in the READ THIS FIRST thread because your machine cannot get online. They will do some triage fixes to get you up and running to the point where they can get you functional, then take it to the next level.

Then, if any problems remain after you get a clean bill of health, return to this thread.

View Post



i'll try it......thanks much :tazz:
  • 0

#10
L0$t

L0$t

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts
ok, got a copy of hijackthis but can't access my cd-rom drive....so i can't get to it...
finished a norton virus scan, found multiple trojan droppers and download.trojan but couldn't delete, not even manually cause i can't access many thigs suck as My Computer....

also when i tried to get on line it gave me this address "http://securityrespo...jan_horse.html"

what now?
  • 0

Advertisements


#11
gerryf

gerryf

    Retired Staff

  • Retired Staff
  • 11,365 posts
no floppy?
  • 0

#12
L0$t

L0$t

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts
no, i only have a cd/dvd-rom.....but i can't even get to my drives.....also can't turn the pc off unless i use task manager and log off and then after i log off i can restart of turn off....

Edited by L0$t, 16 June 2005 - 01:24 PM.

  • 0

#13
gerryf

gerryf

    Retired Staff

  • Retired Staff
  • 11,365 posts
Step 1

Start > Run, type
msconfig
<enter>

On the general tab, select SELECTIVE START UP then uncheck
load system.ini
load win.ini
load startup services
load startup items

Reboot.
Does the error repeat? If not, continue with the next part. If so, go to STEP 2.


If not, Start > Run, type
msconfig
<enter>

check load startup items
Reboot.
Does the error repeat? If not, continue with the next part. If so, go to STEP 2.


If not, Start > Run, type
msconfig
<enter>

check load startup services
Reboot.
Does the error repeat? If not, continue with the next part. If so, go to STEP 2.


If not, Start > Run, type
msconfig
<enter>

check load win.ini
Reboot.
Does the error repeat? If not, continue with the next part. If so, go to STEP 2.


If not, Start > Run, type
msconfig
<enter>

check load system.ini
Reboot.
Does the error repeat? If not, continue with the next part. If so, go to STEP 2.

Report back

-------------------------------------

STEP 2

When you find the error, repeating, you have arrived at the group that is causing the problem.

Leave everything as is and go to the tab with the same name as the one you just re-enabled and uncheck everything you find within the tab....reboot.

Does the probelm recur? If not, check one item and reboot, continuing until you discover the offending application/service

Then report back
  • 0

#14
L0$t

L0$t

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts
ok, i got into task manager and ended the "explorer.exe" process, since it was the error i kept getting....but my toolbar at the bottom of the screen dissappeared....so i used the "new task" button to open everything i needed and got Hijackthis to run.....
here is the log....
  • 0

#15
L0$t

L0$t

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts
Logfile of HijackThis v1.99.1
Scan saved at 2:33:55 PM, on 6/16/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton SystemWorks\Norton Ghost\Agent\PQV2iSvc.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Norton SystemWorks\Norton AntiVirus\IWP\NPFMntor.exe
C:\PROGRA~1\NORTON~1\NORTON~1\NPROTECT.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\PROGRA~1\NORTON~1\NORTON~1\SPEEDD~1\NOPDB.EXE
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\System32\taskmgr.exe
C:\Documents and Settings\Sebastian\My Documents\HijackThis1991.exe

R3 - URLSearchHook: (no name) - {5857ADAC-BDD8-C990-D4B5-F024204BBF0F} - (no file)
O2 - BHO: SearchToolbar - {08BEC6AA-49FC-4379-3587-4B21E286C19E} - C:\WINDOWS\System32\fixos.dll (file missing)
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: SearchToolbar - {08BEC6AA-49FC-4379-3587-4B21E286C19E} - C:\WINDOWS\System32\fixos.dll (file missing)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [Norton Ghost 9.0] C:\Program Files\Norton SystemWorks\Norton Ghost\Agent\GhostTray.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Norton SystemWorks] "C:\Program Files\Norton SystemWorks\cfgwiz.exe" /GUID {05858CFD-5CC4-4ceb-AAAF-CF00BF39736A} /MODE CfgWiz
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Start spyware remover - {BF69DF00-2734-477F-8257-27CD04F88779} - C:\Program Files\WareOut\WareOut.exe (HKCU)
O9 - Extra 'Tools' menuitem: Start spyware remover - {BF69DF00-2734-477F-8257-27CD04F88779} - C:\Program Files\WareOut\WareOut.exe (HKCU)
O16 - DPF: {11212111-2121-1311-1141-115611111222} - ms-its:mhtml:file://d: oo.mht!http://195.95.218.82...hm::/update.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupd...b?1118500768382
O17 - HKLM\System\CCS\Services\Tcpip\..\{996E5203-07DF-4B04-8B9D-D5830113ECF2}: NameServer = 69.50.184.84,195.225.176.37
O17 - HKLM\System\CCS\Services\Tcpip\..\{B86B46F6-0654-4568-9627-3BBD0AA885B7}: NameServer = 69.50.184.84,195.225.176.37
O20 - Winlogon Notify: style2 - C:\WINDOWS\q375663968_disk.dll
O23 - Service: CA ISafe (CAISafe) - Computer Associates International, Inc. - C:\WINDOWS\System32\ZoneLabs\isafe.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Ghost\Agent\PQV2iSvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~1\NPROTECT.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~1\SPEEDD~1\NOPDB.EXE
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP