|
Do you have Adware, Spyware, Virus/Trojan or a Browser Hijacker?
|
|
|
scoomp
Newbie
|
10. February 2005 @ 17:18 |
Link to this message
|
|
good evening all. as you can see this is my first post. and doubtfullty it will be the last. when ever i run the lavasoft se program for spy ware it says 33 processes. what exactly are 33 processes. are the programs running in the background????? if so how do you remove those programs? and if thats not it how do you remove programs running in the background? i am operating off of windows 2000 pro. well i do know that my first mistake is windows. but.........
HOME BUILT COMPUTER (screw all hp and dell and crap)
AMD 3200+ CPU
ABIT K8T800 PRO 754 PIN
NvIDEA 5300 VGA 256mb
KINGSTON 1024MB RAM PC3200
MAXTOR 160 GIG HDD
Seagate 160 GIG HDD
Maxtor 80 GIG HDD
SONY 710A DVD R-RW
SONY CDR-RW
17" KDS FLAT PANEL MONITOR
|
|
Advertisement
|
  |
|
|
Senior Member
|
10. February 2005 @ 23:51 |
Link to this message
|
|
Hey
Every computer has processes running, if they didnt, they wouldnt work.
33 processes is pretty good.
To check to see what they are, since you are running Windows 2000
Hit ALT+CTRL+DEL at the same time, then click on the Task Manager button that comes up.
Click on the processes tab
Now you will see all the proceses running.
Most of the ones that you have running would be either programs that you have open or windows.
CJC
|
|
helpb
Newbie
|
12. February 2005 @ 17:39 |
Link to this message
|
|
hey does anyone no how to unblock websites if you have norton security
|
|
Mahogany
Suspended due to non-functional email address
|
15. February 2005 @ 18:52 |
Link to this message
|
|
how do I get badurl.grandstreetinteractive out of my system I can't get on the internet because of this hacker help please this is my firsttime getting this virus
|
|
Mahogany
Suspended due to non-functional email address
|
15. February 2005 @ 18:53 |
Link to this message
|
|
how do I get badurl.grandstreetinteractive out of my system I can't get on the internet because of this hacker help please this is my firsttime getting this virus
|
|
Mahogany
Suspended due to non-functional email address
|
15. February 2005 @ 19:00 |
Link to this message
|
|
does anyone know how i can get rid of badurl.grandstreetinteractive from my system it's a virus that takes over your internet icon and will not let you go on the internet help please
|
|
scoomp
Newbie
|
16. February 2005 @ 02:22 |
Link to this message
|
|
i had that badurl.grandstreetinteractive bug once before.
i think all i did was go to tools and internet options tab. it was set as the homepage. and i never had a problem with it again.
HOME BUILT COMPUTER (screw all hp and dell and crap)
AMD 3200+ CPU
ABIT K8T800 PRO 754 PIN
NvIDEA 5300 VGA 256mb
KINGSTON 1024MB RAM PC3200
MAXTOR 160 GIG HDD
Seagate 160 GIG HDD
Maxtor 80 GIG HDD
SONY 710A DVD R-RW
SONY CDR-RW
17" KDS FLAT PANEL MONITOR
|
|
scoomp
Newbie
|
16. February 2005 @ 02:28 |
Link to this message
|
|
LET ME KNOW IF THAT WORKS OR NOT
HOME BUILT COMPUTER (screw all hp and dell and crap)
AMD 3200+ CPU
ABIT K8T800 PRO 754 PIN
NvIDEA 5300 VGA 256mb
KINGSTON 1024MB RAM PC3200
MAXTOR 160 GIG HDD
Seagate 160 GIG HDD
Maxtor 80 GIG HDD
SONY 710A DVD R-RW
SONY CDR-RW
17" KDS FLAT PANEL MONITOR
|
|
Mahogany
Suspended due to non-functional email address
|
17. February 2005 @ 02:21 |
Link to this message
|
|
Unfortunately that didn't work I tried everything even to software fix from lavasoft what should I do next help please I don't want to erase my hd
|
Senior Member
|
18. February 2005 @ 15:52 |
Link to this message
|
|
everytime i run adaware i recieve about 15 items called ISTsvc. i delete them but they always seen to come bakc. can anyone help me?
|
AfterDawn Addict
|
18. February 2005 @ 16:08 |
Link to this message
|
|
|
Senior Member
|
28. February 2005 @ 21:12 |
Link to this message
|
|
i had over 300 adware showing. nothing wpould get rid of it .i tried everything(adware se,spybot,spywaredoctor).then a friend suggested microsoft.com.i down loaded there beta version for free.it worked great. this is for spyware attached to your browser or toolbar.
|
|
woody4565
Suspended due to non-functional email address
|
5. March 2005 @ 17:46 |
Link to this message
|
|
I have a pc that can't connect to NetZero. When I try to login, I get the following:
"You have requested information from sysupdate.grandstreet interactive.com"
or
"You have requested information from florganizer.com"
These show up BEFORE I can connect. It then gives a list of my possible connections. There is no button get around it. If I click cancel, it goes away and the Netzero app goes through the authentication process. Then it (NetZero) show "you are logged on" but a few seconds later I get "could not connect to server". Does anyone have any ideas on how to fix this? Thanks!
woody4565
|
|
ddp
Moderator
|
5. March 2005 @ 17:56 |
Link to this message
|
|
|
|
sacagowea
Suspended due to non-functional email address
|
6. March 2005 @ 01:12 |
Link to this message
|
|
hello there..im not too good at this other than clicking scan on whatever i have. i just DLed AVG trial and it found Trojan horse Dropper.agent.2.AM and its in an archive file c:counter.cab/counter.exe which i cant get to...anyhow says cannot delete (why not?) also have some stupid virus W32/Dyfuca.DO@dl located in C:\Program Files\Internet optimizer\optimize.exe and of course i can get to this folder but not delete it..because i dont have access UGH i dont get it. Im running freedom from adelphia.net and now AVG ... anyhow any help in a language i can understand would be VERY VERY appriciated. oh yeah i cant find any information about these viruses either..grr
~Alida
|
|
shdwsfall
Member
|
23. March 2005 @ 12:14 |
Link to this message
|
Hey all, I really hope someone can help me...I have been pulling my hair out with this.
First off, I was cleaning up my files and all, deleting ones I have no use for anymore. Somewhere in there I came across counter.cab(or counter.exe...dont remember which it was1) But I deleted it. It had shown up in norton anitivirus scans, so I knew it was bad.
Now, the file is in my recycle bin. No problem, so I empty my recycle bin. Then the file goes to C:/RECYCLER
Now this is where I am totally lost. I have system and hidden files viewable. Inside C:/RECYCLER, there are 2 recycler folders, all named something like: S-1-5-21-1757981266-1788223648-839522115-1003
Now, if I open these it takes me into a folder with nothing to be displayed. However, if I go back and right-click on the recycler folder..it says there is 100MB worth of files in here. This is also where norton says the infected file is.
Norton says: The compressed file counter.exe within C:\RECYCLER\S-1-5-21-1757981266-1788223648-839522115-1003\Dc180.cab is infected with the Download.Trojan virus.
I dont understand though, I have hidden files, and system files viewable, yet I cannont see these files for the life of me. I have tried in safe mode...still cant see them. Norton cannont delete, or quarentine this either. I figured I would run a system restore to get the file back out of the recycler...however...my system restore had been turned of, when I was 100% sure it was on >_< So, no restore dates for me.
Ad-aware and spybot S&D do not even find this file.
I will post my hijack-this log, as well as link to some screenshots I took for your viewing pleasure.
Screens:
http://img9.exs.cx/img9/4808/screen10el.jpg
http://img9.exs.cx/img9/4236/screen29cz.jpg
http://img9.exs.cx/img9/9796/screen30vl.jpg
Hijack-This Log:
Logfile of HijackThis v1.97.7
Scan saved at 5:17:41 PM, on 3/23/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Utopia\Angel\Angel.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.40607\aspnet_admin.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Chris\My Documents\Install apps\HijackThis.exe
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 68.21.81.001
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {39AF3357-E436-0BBB-830A-67550D87781F} - C:\WINDOWS\system32\pso.dll (file missing)
O2 - BHO: (no name) - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [MediaFace Integration] C:\Program Files\Fellowes\MediaFACE 4.0\SetHook.exe
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [EleFunAnimatedWallpaper] "C:\Program Files\EleFun Multimedia\Amazing Waterfall Wallpaper\Amazing Waterfall.exe" DO_NOT_START
O4 - HKLM\..\Run: [DeadAIM] rundll32.exe "C:\PROGRA~1\AIM\\DeadAIM.ocm",ExportedCheckODLs
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKCU\..\Run: [Utopia Angel] "C:\Utopia\Angel\Angel.exe"
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = ?
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: AIM (HKLM)
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
Please help!!!
***Edit***
I have windows XP
I have tried to set my recycle bin to hold 0% of my hard drive space...still didnt work.
<embed src="http://www.shatterock.com/products/software/qryspree/flash_sig.swf?gamertag=DreadShackal" allowScriptAccess="always" quality="high" bgcolor="#124269" width="425" height="90" name="user_sig" align="middle" type="application/x-shockwave-flash" pluginspage="http://www.macromedia.com/go/getflashplayer" /> This message has been edited since posting. Last time this message was edited on 23. March 2005 @ 12:19
|
|
gamefrik1
Newbie
|
28. March 2005 @ 23:09 |
Link to this message
|
|
Hey everyone,
I got these 5 programs and my computer is amazing!
1.Avast! Antivirus, it detects virusses other A\Vs dont.
2.Spyware doctor-the best
3.Ad-aware(remember to update regularly)
4.Spybot S&D
5.CCleaner (deletes all history and stuff)
|
|
piscis319
Suspended due to non-functional email address
|
31. March 2005 @ 18:59 |
Link to this message
|
|
I have been experiencing problems with the Trojan.Adwaheck virus infecting the counter.exe file within C:\counter.cab. Norton was unable to get rid of it, so I sent this file to my recycle bin. Is it safe to delete it? Do I need this counter.exe file?
|
|
ddp
Moderator
|
31. March 2005 @ 19:13 |
Link to this message
|
|
|
|
izzysmom
Suspended due to non-functional email address
|
1. April 2005 @ 09:59 |
Link to this message
|
|
Thank you so much CJC for your posting about the anti adware programs. I followed your advice and my computer finally scanned clean (it had alot of that crap)and was running like lightning again - as if I reformatted. Adware away seemed the best and I think using only that might work. My Norton AV 2005 is brand new and constantly updated, and I run scans all the time, but I can't believe how much it missed. I just found this site and am learning so much - thanks!
|
|
izzysmom
Suspended due to non-functional email address
|
1. April 2005 @ 10:17 |
Link to this message
|
|
I have a question. Has anyone had trouble with adware called GAIN or gator something? I ran all these scans last night and got everything cleaned out and this stuff is back again - I just cleaned it out again. I have a cable modem and generally leave my computer on but close my browser. I am also participating in the "shareware" programs Shareaza and Kazaa. I suspect that Kazaa is letting it in and I am ready to disconnect and erase the program(s), but anyone can tell I am fairly new at all this and could really use some feedback.
|
|
ddp
Moderator
|
1. April 2005 @ 10:26 |
Link to this message
|
|
gain/gator is in kazaa. download & run ccleaner from www.ccleaner.com to clean the crap out of windows. run adaware & your other programs in safe mode to see if find more crap. do an online virus/spyware scan with www.antivirus.com free housecall
|
Senior Member
|
1. April 2005 @ 13:27 |
Link to this message
|
|
@izzysmom
No problems, glad it can help people out. Working at an ISP, i get all cases of customers computers come in....
Lets put it this way, i had one that found 900 Critical objects in Adaware and 100 in Spybot.
Plus i had to manually delete ALOT of files and crap...
I have 1 word for Kazaa.. NOOOOOOOOOOOOOOOOOOO!!!!
Get rid of Kazaa FULL STOP. It will just keep re-infecting you over, and over, and over.
Your best to use something like Ares (remember, to uncheck the adware when installed)
Runs nice.
CJC
|
|
ddp
Moderator
|
1. April 2005 @ 14:16 |
Link to this message
|
|
CJC, i had a customer with about 1740 spywares on her computer. has my record for most spywares on a computer
|
|
Advertisement
|
|
|
Senior Member
|
2. April 2005 @ 01:04 |
Link to this message
|
|
Shit...
Most people dont do anything about their computer, just keep using it and bitch when it doesnt work.
I compare the computer to your house.
Would you go out and leave all your windows and doors open?
Do you leave crap lying around everywhere?
Do you clean your house?
Well, a computer is basically the same.
You need to 'lock the windows and doors' and keep the 'house clean'
But still, some people just dont give a shit at all.
CJC
|
