Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Spyware Blaster


  • Please log in to reply

#1
realapp

realapp

    Member

  • Member
  • PipPipPip
  • 338 posts
I installed Spyware Blaster and CWshredder yesterday and now I can not access the internet. I have and Dell running XP wirelessly networked to a Compaq running 98. However, I know it's not the router or connection because I am online right now with the Compaq (problem is on the Dell with XP. Anyway, the address it pulls up evertime is 404ads.net.8000/redirect. Have no idea what this is but I think it has something to do with me not being able to pull up any other websites. Any help would be greatly appreciated! Thanks!!!!
  • 0

Advertisements


#2
Smokey

Smokey

    Member 1K

  • Retired Staff
  • 1,423 posts
Please download the WinSockXP fix on a PC with the internet:

http://www.geekstogo...ction=show&id=7

Save it to a floppy, CD, or thumbdrive, and run it on the infected computer. Your troubled computer will restart, then see if you can get back on the internet. <_<
  • 0

#3
realapp

realapp

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 338 posts
Ok, call me stupid, but I clicked on the link you suggested and can't figure out how to download it. It shows a thumbnail and some other info. What exactly is the download?
  • 0

#4
-=jonnyrotten=-

-=jonnyrotten=-

    Member 2k

  • Retired Staff
  • 2,678 posts
No, you're not stupid, there's just some stuff gettin worked out right now. Hold tight and It will be fixed soon.

-=jonnyrotten=- <_<
  • 0

#5
realapp

realapp

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 338 posts

No, you're not stupid, there's just some stuff gettin worked out right now.  Hold tight and It will be fixed soon.

-=jonnyrotten=- <_<

View Post





ANy NEWS?
  • 0

#6
-=jonnyrotten=-

-=jonnyrotten=-

    Member 2k

  • Retired Staff
  • 2,678 posts
None yet, it might take a day or two for the code to be fixed.

-=jonnyrotten=- <_<
  • 0

#7
realapp

realapp

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 338 posts
Ok, any other suggestions in the mean time? Thanks !
  • 0

#8
-=jonnyrotten=-

-=jonnyrotten=-

    Member 2k

  • Retired Staff
  • 2,678 posts
2 things, the first one might not fix the problem, but maybe. The second one you will probably be asked sooner or later, so lets just do it now.


Which computer is connected to the internet service? If it is the xp computer follow this first step and see if that gets you connected.
First go to the broken xp machine and go to control panel, network and internet connections, network connections. Right click on your local area connection, click properties, select Internet Protocol (tcp/ip) and click properties. Make sure obtain IP address automatically is selected and obtain dns server address automatically is selected too. Click the alternate configuration tab up at the top and make sure automatic private ip address is selected. Click start, run, type cmd hit enter. Type each line and hit enter after each one.

ipconfig /release
ipconfig /renew
ipconfig /all

Write down what it says after you type ipconfig /all. I may need to get that information from you in a little while. Now this is all assuming you are on a broadband connection. If you are not then what type do you have.

Next step.
Let us take a closer look at what is running on your PC. We'll need you to use a free diagnostic tool (HiJackThis) and post a log back here with the results.

Click the HijackThis Guide in my signature, download it and follow the instructions in the guide.

Most of what it lists will be harmless or even essential, DO NOT delete or modify anything yet! Someone will be along to tell you what steps to take after you post the contents of the scan results.

Run this program on the broken pc, if you cannot connect to the internet with it by now then copy the program file to a disk and put it on the other comupter so we can see what is on it.

-=jonnyrotten=- <_<
  • 0

#9
admin

admin

    Founder Geek

  • Administrator
  • 24,504 posts
Here's a direct link to the download. <_<

http://www.geekstogo...insockXPFix.exe
  • 0

#10
realapp

realapp

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 338 posts

2 things, the first one might not fix the problem, but maybe.  The second one you will probably be asked sooner or later, so lets just do it now. 


Which computer is connected to the internet service? If it is the xp computer follow this first step and see if that gets you connected. 
First go to the broken xp machine and go to control panel, network and internet connections, network connections.  Right click on your local area connection, click properties,  select Internet Protocol (tcp/ip) and click properties.  Make sure obtain IP address automatically is selected and obtain dns server address automatically is selected too.  Click the alternate configuration tab up at the top and make sure automatic private ip address is selected.  Click start, run, type cmd hit enter.  Type each line and hit enter after each one.

ipconfig /release
ipconfig /renew
ipconfig /all

Write down what it says after you type ipconfig /all.  I may need to get that information from you in a little while.  Now this is all assuming you are on a broadband connection.    If you are not then what type do you have.

Next step.
Let us take a closer look at what is running on your PC. We'll need you to use a free diagnostic tool (HiJackThis) and post a log back here with the results.

Click the HijackThis Guide in my signature, download it and follow the instructions in the guide.

Most of what it lists will be harmless or even essential, DO NOT delete or modify anything yet! Someone will be along to tell you what steps to take after you post the contents of the scan results.

Run this program on the broken pc, if you cannot connect to the internet with it by now then copy the program file to a disk and put it on the other comupter so we can see what is on it.

-=jonnyrotten=- <_<

View Post







Ok, I did the 1st step and just so you know I have a wireless connection, but I recently ( after all this happened) attached an ethernet cable because initially it was thought that I needed to update my firmware and I did not have the computer hooked up with a cable. Anyway, here is what it said


After ipconfig/release

Ethernet Adapter Local Area Connection2
Autoconfig IP Address : 169.254.176.16
Subnet Mask 255.255.0.0
Default Gateway

Ethernet Wireless Network Connection5
IPAddress : 192.168.0.98
Subnet Mask 255.255.0.0
Default


After ipconfig/renew

An error occured while renewing interface LAN2: An operation was attempted on something that is not a socket


After ipconfig/all

WIN IP Config

Host Name: Teresa
Primary DNSSuffix
Node Type: Hybrid
IP Routing Enabled: No
WINS Proxy Enable: NO

Ethernet Adapter LAN2
Connection specific DNS Suffix Descprtion- Linksys LNE1GCTX Fast Ethernet Adapter
Physical Address 00-0C-41-25-DB-AP
dhcp Enabled: yes
Autoconfig Enabled : yes
Autoconfig IP Address: 168.254.176.16
Subnet Mask: 255.255.00
Default Gateway

Ethernet Wireless Connection
Physical 00-46-05-CB-F3-4E
dhcp enabled : NO
IP Address: 192.168.6.98
Subnet Mask: 255.255.00
Default Gateway 192.168.6.98
DNS: 192.168.6.98
4.2.2.2
  • 0

Advertisements


#11
realapp

realapp

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 338 posts

2 things, the first one might not fix the problem, but maybe.  The second one you will probably be asked sooner or later, so lets just do it now. 


Which computer is connected to the internet service? If it is the xp computer follow this first step and see if that gets you connected. 
First go to the broken xp machine and go to control panel, network and internet connections, network connections.  Right click on your local area connection, click properties,  select Internet Protocol (tcp/ip) and click properties.  Make sure obtain IP address automatically is selected and obtain dns server address automatically is selected too.  Click the alternate configuration tab up at the top and make sure automatic private ip address is selected.  Click start, run, type cmd hit enter.  Type each line and hit enter after each one.

ipconfig /release
ipconfig /renew
ipconfig /all

Write down what it says after you type ipconfig /all.  I may need to get that information from you in a little while.  Now this is all assuming you are on a broadband connection.    If you are not then what type do you have.

Next step.
Let us take a closer look at what is running on your PC. We'll need you to use a free diagnostic tool (HiJackThis) and post a log back here with the results.

Click the HijackThis Guide in my signature, download it and follow the instructions in the guide.

Most of what it lists will be harmless or even essential, DO NOT delete or modify anything yet! Someone will be along to tell you what steps to take after you post the contents of the scan results.

Run this program on the broken pc, if you cannot connect to the internet with it by now then copy the program file to a disk and put it on the other comupter so we can see what is on it.

-=jonnyrotten=- <_<

View Post


  • 0

#12
realapp

realapp

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 338 posts

2 things, the first one might not fix the problem, but maybe.  The second one you will probably be asked sooner or later, so lets just do it now. 


Which computer is connected to the internet service? If it is the xp computer follow this first step and see if that gets you connected. 
First go to the broken xp machine and go to control panel, network and internet connections, network connections.  Right click on your local area connection, click properties,  select Internet Protocol (tcp/ip) and click properties.  Make sure obtain IP address automatically is selected and obtain dns server address automatically is selected too.  Click the alternate configuration tab up at the top and make sure automatic private ip address is selected.  Click start, run, type cmd hit enter.  Type each line and hit enter after each one.

ipconfig /release
ipconfig /renew
ipconfig /all








Ok I'm trying to do  a HiJack this , but it says I don't have permission. I am logged in?
Write down what it says after you type ipconfig /all.  I may need to get that information from you in a little while.  Now this is all assuming you are on a broadband connection.    If you are not then what type do you have.

Next step.
Let us take a closer look at what is running on your PC. We'll need you to use a free diagnostic tool (HiJackThis) and post a log back here with the results.

Click the HijackThis Guide in my signature, download it and follow the instructions in the guide.

Most of what it lists will be harmless or even essential, DO NOT delete or modify anything yet! Someone will be along to tell you what steps to take after you post the contents of the scan results.

Run this program on the broken pc, if you cannot connect to the internet with it by now then copy the program file to a disk and put it on the other comupter so we can see what is on it.

-=jonnyrotten=- <_<

View Post

View Post


  • 0

#13
realapp

realapp

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 338 posts
OK, I was able to get Winsock on my computer with XP ( the one with the problem) and now am back on line. However, I noticed I know have a bunch of unwanted Spyware and icons on my desktop again. Which was the reason I loaded Spyblaster, etc in the first place. Any suggestions?
  • 0

#14
-=jonnyrotten=-

-=jonnyrotten=-

    Member 2k

  • Retired Staff
  • 2,678 posts
Let us take a closer look at what is running on your PC. We'll need you to use a free diagnostic tool (HiJackThis) and post a log back here with the results.

Click the HijackThis Guide in my signature, download it and follow the instructions in the guide.

Most of what it lists will be harmless or even essential, DO NOT delete or modify anything yet! Someone will be along to tell you what steps to take after you post the contents of the scan results.

-=jonnyrotten=- <_<
  • 0

#15
realapp

realapp

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 338 posts
Logfile of HijackThis v1.98.2
Scan saved at 3:00:54 PM, on 9/30/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Nhksrv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
C:\PROGRA~1\NORTON~2\SPEEDD~1\nopdb.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\DELLMMKB.EXE
C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\VVSN\VVSN.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
C:\WIN2000\guru.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Tracker Software\PDF-XChange 3\pdfSaver\pdfSaver3.exe
C:\PROGRA~1\Web Offer\wo.exe
C:\Program Files\Netropa\OSD.exe
C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
C:\Program Files\D-Link AirPlus\AirPlus.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\Web_Rebates\WebRebates1.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Web_Rebates\WebRebates0.exe
C:\Documents and Settings\Teresa L\Desktop\HijackThis.exe
C:\WINDOWS\System32\tapi3.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.begin2sea...sidesearch.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://smbusiness.dellnet.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.begin2sea...sidesearch.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.begin2sea...sidesearch.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mchsi.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://searchassista...om/srchlft.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.eznsearch.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://smbusiness.dellnet.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.begin2sea...sidesearch.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.begin2sea...sidesearch.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.eznsearch.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Mediacom Online
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = sas.r21.mchsi.com:8000
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.r21.mchsi.com
R3 - URLSearchHook: (no name) - {20EC3D2D-33C1-4C9D-BC37-C2D500688DA2} - (no file)
O1 - Hosts: 216.130.185.143 websearch.com
O1 - Hosts: 216.130.185.143 www.adwave.com
O1 - Hosts: 216.130.185.143 adwave.com
O1 - Hosts: 216.130.185.143 www.xzoomy.com
O1 - Hosts: 216.130.185.143 xzoomy.com
O1 - Hosts: 216.130.185.143 www.advnt01.com
O1 - Hosts: 216.130.185.143 advnt01.com
O2 - BHO: (no name) - {00320615-B6C2-40A6-8F99-F1C52D674FAD} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Acrobat\ActiveX\AcroIEHelper.ocx
O2 - BHO: Zedd4Proj.clsUnoOne - {08227B4B-54FE-4C4D-809F-BCA46292FC5B} - C:\WINDOWS\System32\AANTX.dll
O2 - BHO: (no name) - {22D34420-FEE3-D2AD-CDBA-C11BF1E35FD4} - C:\WINDOWS\Dzugtnie.dll
O2 - BHO: Setup.Setup1 - {2E65A557-173C-4DE9-860B-28FC5CACA542} - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Setup\Setup.dll
O2 - BHO: ohb - {4D568F0F-8AC9-40AB-88B7-415134C78777} - C:\WINDOWS\SYSTEM32\winb2s32.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O2 - BHO: CB UrlCatcher Class - {CE188402-6EE7-4022-8868-AB25173A3E14} - C:\WINDOWS\System32\mscb.dll
O2 - BHO: ADP UrlCatcher Class - {F4E04583-354E-4076-BE7D-ED6A80FD66DA} - C:\WINDOWS\System32\msbe.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Search - {6C3FA15A-7573-E65B-A6B1-8D0AB5E42387} - C:\WINDOWS\Dzugtnie.dll
O3 - Toolbar: Begin2Search.com Bar - {52FE5233-367C-4EFB-BDD7-0BE4D212C107} - C:\WINDOWS\SYSTEM32\winb2s32.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [Ink Monitor] C:\Program Files\EPSON\Ink Monitor\InkMonitor.exe
O4 - HKLM\..\Run: [DellTouch] C:\WINDOWS\DELLMMKB.EXE
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [VVSN] C:\Program Files\VVSN\VVSN.exe
O4 - HKLM\..\Run: [WebRebates0] "C:\Program Files\Web_Rebates\WebRebates0.exe"
O4 - HKLM\..\Run: [TV Media] C:\Program Files\TV Media\Tvm.exe
O4 - HKLM\..\Run: [updater] C:\Program Files\Common files\updater\wupdater.exe
O4 - HKLM\..\Run: [intdctrr] C:\WINDOWS\System32\idctup20.exe
O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
O4 - HKCU\..\Run: [WinTOTAL Scheduler] C:\WIN2000\guru.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [itss] C:\WINDOWS\System32\itss.exe
O4 - HKCU\..\Run: [pdfSaver3] "C:\Program Files\Tracker Software\PDF-XChange 3\pdfSaver\pdfSaver3.exe"
O4 - HKCU\..\Run: [eZWO] C:\PROGRA~1\Web Offer\wo.exe
O4 - HKCU\..\Run: [ltdis11n] C:\WINDOWS\System32\ltdis11n.exe
O4 - HKCU\..\Run: [tapi3] C:\WINDOWS\System32\tapi3.exe
O4 - Startup: RemMcKissock.lnk = C:\Program Files\McKissock Data Systems\VC\RemMcKissock.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
O4 - Global Startup: Camio Viewer 2000.lnk = C:\Program Files\Sierra Imaging\Image Expert 2000\IXApplet.exe
O4 - Global Startup: D-Link AirPlus.lnk = ?
O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\E_SRCV02.EXE
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?
O8 - Extra context menu item: Web Rebates - file://C:\Program Files\Web_Rebates\Sy1150\Tp1150\scri1150a.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.mchsi.com
O16 - DPF: {1D0D9077-3798-49BB-9058-393499174D5D} - file://c:\counter.cab
O16 - DPF: {2C15848B-21C0-406A-9902-56C8D90684F3} (alaWeb.clsGetStats) - file://C:\WIN2000\CONTENT\cabs\alaWeb.CAB
O16 - DPF: {4989312D-58CF-11D5-A7D7-00E02911103E} (Interealty MultiSelect) - http://iow.mlxchange...ectComboBox.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.r...ip/RdxIE601.cab
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akama...meInstaller.exe
O16 - DPF: {6D251D8B-FD68-4BA2-83D5-1A0A245830C3} (alaWeb.clsSolutionCenter) - file://C:\WIN2000\CONTENT\cabs\alaWeb.CAB
O16 - DPF: {6FD482A3-7B57-438B-B040-52CAA30147EE} (MLXchange Client Utils) - http://iow.mlxchange...ClientUtils.cab
O16 - DPF: {83AB6E4D-CDD7-11D3-B5E7-00104B9AFF6E} (GeacRevw Control) - http://iow.mlxchange...ol/IRCSharc.cab
O16 - DPF: {CA034DCC-A580-4333-B52F-15F98C42E04C} (Downloader Class) - http://www.stopzilla...ller/dwnldr.cab
O16 - DPF: {ED29A481-CD46-43D9-85AA-E6E869DF2214} (MercStats.cStats) - file://C:\Program Files\Mercury\Content\cabs\MercStats.CAB
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP