Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Many many problems occurring on my computer.....

Started by markymarkoriginal , Feb 12 2006 05:30 PM

  • Please log in to reply

#1
markymarkoriginal
Posted 12 February 2006 - 05:30 PM

markymarkoriginal

    Member

  • Member
  • PipPip
  • 17 posts
I've just recently fixed a problem with my computer where whenever i was connected to the internet i would constantly be spamming people unknowingly, i think i have this problem fixed now but there's so many other problems that've crept up since then.
First off windows media player crashes quite a bit disabling a few options until i reboot.
I've run countless programs for spyware, malware and virus's in lots of ways i.e: in safe mode, with no other programs running other than the anti-virus program itself, still yeilding no results.
When i try to restore it back to any earlier time it reboots and tells me that's also failed.
When it comes to shutting down or restarting, 6 or 7 programs come up with a display sayin 'program not respoding (ccapp, nview,....) i can't catch the names of the others.
The worse problem is when i'm online and ethier downloading or just browsing the net it randomly crashes and i have to reboot, if when it crashed i try to just close the internet connection pretty much everything i try to do from there out crashes, even trying to restart (altough i can do this through task manager).
I've literally tried everything i know to fix this problem but i'm still learning so i'm totally clueless right now and it's just getting to be a major problem so if anyone could help me out you seeeeriously would be doing me a massive massive favour!





all the best, Mark
  • 0

Advertisements

#2
wannabe1
Posted 12 February 2006 - 05:52 PM

wannabe1

    Tech Staff

  • Technician
  • 16,645 posts
Hi markymarkoriginal...

The two files you mentioned as popping up when you shut down are two of the last applications to close...Norton and your Nvidia video...you can disable the nview if you are not using more than one monitor.

It sounds like you may still have some malware issues. Have you posted a HIJackThis log in the Malware Forum?

Please go to the Malware Forum and follow the instructions at the top....Especially the Start Here.

That will give you several steps that will help you clean up 70 percent of all problems by yourself...then post a hijackthis log in THAT forum. Be patient, the Malware Forum is a very busy place and a two or three day wait is not unusual. DO NOT REPLY TO OR BUMP YOUR OWN LOG. If it shows a reply it may be overlooked as one that is being worked on.

If you are still having problems after getting a clean bill of health from the malware expert, please return to this thread.

wannabe1

Edited by wannabe1, 12 February 2006 - 05:53 PM.

  • 0

#3
markymarkoriginal
Posted 12 February 2006 - 06:11 PM

markymarkoriginal

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
Thanks wannabe1,

I had already posted a hijackthis logfile in that forum about a week or so ago, then i did bump it by mistake because i didn't know the rules then, i still haven't had a reply yet.
The reports on there might be useless now i don't know but is there a way for me to delete the old posts and just start fresh with a new one? (without breaking any of the rules)

Cheers for the help, Mark
  • 0

#4
wannabe1
Posted 12 February 2006 - 06:21 PM

wannabe1

    Tech Staff

  • Technician
  • 16,645 posts
Hello...

You still have an active topic in Malware that does not show a reply...here's the game plan...

Go Here and paste a fresh HJT log in place of the old one using the Edit button. This will not show as a reply.

Then post a link to that topic in The Waiting Room. That will get you on the fast track.

Make sure the machine is clean and come on back to this thread if you are still having problems.

wannabe1

Edited by wannabe1, 12 February 2006 - 06:23 PM.

  • 0

#5
markymarkoriginal
Posted 12 February 2006 - 06:50 PM

markymarkoriginal

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
ok, done and done but just one last thing, when i clicked on the 'waiting room' link it just directs me to the edited post, is this all that needed to be done, there was no obvious place for me to place a link...

last time i'll keep nagging ya for help :tazz:

mark
  • 0

#6
wannabe1
Posted 12 February 2006 - 06:55 PM

wannabe1

    Tech Staff

  • Technician
  • 16,645 posts
Hmmm...took me right to the Waiting Room.

I edited that link, though...just a few seconds after I posted...try refreshing the page and click again.

Work now?
  • 0

#7
markymarkoriginal
Posted 12 February 2006 - 06:58 PM

markymarkoriginal

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
Yeah it's working now, cheers for all that!

Adios amigo
  • 0

#8
wannabe1
Posted 12 February 2006 - 07:23 PM

wannabe1

    Tech Staff

  • Technician
  • 16,645 posts
G;ad to help! :tazz:
  • 0

#9
markymarkoriginal
Posted 17 February 2006 - 02:12 PM

markymarkoriginal

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
Right done them, I get an error message from time to time telling me i'm out of virtual memory which crashes most thnigs, other than that, the internet still slows down then crashes so i have to reboot.


Logfile of HijackThis v1.99.1
Scan saved at 20:05:21, on 17/02/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\System32\CTSvcCDA.EXE
C:\WINDOWS\ehome\ehSched.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\ZyXEL\ZyXEL USB ADSL\CnxDslTb.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\HP\KBD\KBD.EXE
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\System32\hphmon05.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\WINDOWS\ehome\ehmsas.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\lxcecoms.exe
C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Avant Browser\avant.exe
C:\PROGRA~1\NORTON~1\NORTON~1\Navw32.exe
C:\Documents and Settings\Administrator\My Documents\Misc\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://gb10.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-gb10.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-gb10.hpwis.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.myspace.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://gb10.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-gb10.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-gb10.hpwis.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://gb10.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://gb10.hpwis.com/
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: HP View - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\hpdtlk02.dll
O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [CnxDslTaskBar] "C:\Program Files\ZyXEL\ZyXEL USB ADSL\CnxDslTb.exe" "ZyXEL\ZyXEL USB ADSL"
O4 - HKLM\..\Run: [LXCECATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCEtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
O4 - HKLM\..\Run: [CTDVDDet] C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: Add to AD Black List - C:\Program Files\Avant Browser\AddToADBlackList.htm
O8 - Extra context menu item: Block All Images from the Same Server - C:\Program Files\Avant Browser\AddAllToADBlackList.htm
O8 - Extra context menu item: Highlight - C:\Program Files\Avant Browser\Highlight.htm
O8 - Extra context menu item: Open All Links in This Page... - C:\Program Files\Avant Browser\OpenAllLinks.htm
O8 - Extra context menu item: Open In New Avant Browser - C:\Program Files\Avant Browser\OpenInNewBrowser.htm
O8 - Extra context menu item: Search - C:\Program Files\Avant Browser\Search.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn...pDownloader.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0BBF8D17-0AAC-4B01-9C01-7BB27CC0D907}: NameServer = 193.0.249.6 193.0.249.70
O17 - HKLM\System\CS1\Services\Tcpip\..\{0BBF8D17-0AAC-4B01-9C01-7BB27CC0D907}: NameServer = 193.0.249.6 193.0.249.70
O17 - HKLM\System\CS2\Services\Tcpip\..\{0BBF8D17-0AAC-4B01-9C01-7BB27CC0D907}: NameServer = 193.0.249.6 193.0.249.70
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Norton Internet Security\comHost.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTSvcCDA.EXE
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: lxce_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxcecoms.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe




Evido report

---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 18:40:50, 17/02/2006
+ Report-Checksum: 228B1D73

+ Scan result:

:mozilla.6:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\er2szjtu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.7:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\er2szjtu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.19:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\er2szjtu.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.20:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\er2szjtu.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.21:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\er2szjtu.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.22:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\er2szjtu.default\cookies.txt -> TrackingCookie.Com : Cleaned with backup
:mozilla.23:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\er2szjtu.default\cookies.txt -> TrackingCookie.Com : Cleaned with backup
:mozilla.34:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\er2szjtu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.57:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\er2szjtu.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.76:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\er2szjtu.default\cookies.txt -> TrackingCookie.Myaffiliateprogram : Cleaned with backup


::Report End


does this make anything clearer for ya? :tazz:
  • 0

#10
wannabe1
Posted 17 February 2006 - 02:31 PM

wannabe1

    Tech Staff

  • Technician
  • 16,645 posts
Ahem....this needs to go to your topic in the Malware Forum so Antartic-Boy can help you with it.... :tazz:

wannabe1

Edited by wannabe1, 17 February 2006 - 02:31 PM.

  • 0
Back to Windows XP, 2000, 2003, NT · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Retired Forums
  3. Windows XP, 2000, 2003, NT

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP