|
Need help Again
|
|
|
viper64
Suspended due to non-functional email address
|
10. April 2006 @ 08:06 |
Link to this message
|
(1.)For some strange reason I can't connect to the Internet using Explorer I keep getting this error message: Explorer was not able to open this internet site. I'm using firefox right now.
(2.) My outlook express have disapreared off of my desktop I cant find it.
(3.) I cant even get into my user's account or my system restore when I click on one of these nothing happens I've tride about 100,000,000 things but nothing works someone told me I need to reformat and start all over. My OS is XP pro SP2 below is acopy of my hijackthis log.
Logfile of HijackThis v1.99.1
Scan saved at 12:01:37 PM, on 4/10/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\PROGRA~1\VCOM\Fix-It\mxtask.exe
C:\WINDOWS\SYSTEM32\GEARSEC.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\PROGRA~1\VCOM\Fix-It\mxtask.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\Restore\rstrui.exe
C:\Documents and Settings\Kyle\Desktop\hijack\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = localhost:9095
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe
O2 - BHO: (no name) - {60D3AAEB-AA39-4AE0-B2F9-E4AF0613A2A3} - C:\PROGRA~1\Cosmi\SPYWAR~1\pop\ABG_PL~1.DLL
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [Fix-It AV] C:\PROGRA~1\VCOM\Fix-It\MemCheck.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Symantec Fax Starter Edition Port.lnk = C:\Program Files\Microsoft Office\Office\1033\OLFSNT40.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: Transaction Management - https://tmm8.care.usbank.com/Tmm/Tmm.cab
O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/games/clients/y/pote_x.cab
O16 - DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} (DjVuCtl Class) - http://downloadcenter.samsung.com/content/common/cab/DjVuControlL...
O16 - DPF: {27527D31-447B-11D5-A46E-0001023B4289} (CoGSManager Class) - http://gamingzone.ubisoft.com/dev/packages/GSManager.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yinst200405...
O16 - DPF: {42D16401-BA4E-4034-BEC7-17585C756622} (SightSpeedInstallerImpl Class) - https://directory.sightspeed.com/current/files/automated_setup.exe
O16 - DPF: {66D393D5-4D80-497C-9F4F-F3839E090202} (PlayerOCX Control) - http://www.pysoft.com/Downloads/WebCamPlayerOCX.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/...
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicr...
O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) - http://ax.phobos.apple.com.edgesuite.net/detection/ITDetector.cab
O16 - DPF: {F98517F2-7B3B-11D3-91EB-00A0CC24BD40} (upgrade Class) - http://12.160.187.70/pktc/hm/down.cab
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\System32\NavLogon.dll
O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Fix-It Task Manager - Avanquest Publishing USA, Inc. - C:\PROGRA~1\VCOM\Fix-It\mxtask.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\SYSTEM32\GEARSEC.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: X10 Device Network Service (x10nets) - Unknown owner - E:\ATITVT~1\RemCtrl\x10nets.exe (file missing)
|
|
Advertisement
|
 |
|
|
|
viper64
Suspended due to non-functional email address
|
10. April 2006 @ 08:10 |
Link to this message
|
|
I'm sorry I've forgot to tell you that my norton antivirus wont even open I got big problems.
|
Senior Member
|
11. April 2006 @ 10:48 |
Link to this message
|
|
Ok, I'm sorry for the long wait :(
You should disable the antivirus function in Fix-It software because running two antiviruses isn't recommended.
Move hijackthis into its own folder C:\HJT
Run HijackThis and fix these entries (if found): (Do a system scan only, check entries, close all other windows, press Fix checked)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R3 - Default URLSearchHook is missing
O16 - DPF: {42D16401-BA4E-4034-BEC7-17585C756622} (SightSpeedInstallerImpl Class) - https://directory.sightspeed.com/current/files/automated_setup.exe
Are you logged in with and administrative account?
Problem 1 -> Check from your Norton firewalls settings that you have allowed Internet Explorer to access the internet.
Problem 2 -> You have propably deleted your shortcut. Create a new one:
->Go to My Computer
->C:\Program Files\Outlook Express
->Click msimn.exe file with your right mouse button
->Choose "Create a shortcut"
->A shortcut will appear
->Drag the shortcut with your mouse and drop it to your desktop
Problem 3 -> To where you can't get access, some folders?
I have moved from AD, I won''t be taking new HijackThis logs from here. Reason: The AD''s Unsupportive athmosphere.
This message has been edited since posting. Last time this message was edited on 11. April 2006 @ 10:51
|
|
viper64
Suspended due to non-functional email address
|
11. April 2006 @ 14:20 |
Link to this message
|
1st of all thanks for taking time out to help !!!
(1) I created a short cut for outlook express when I try to open it will open but when I click on the new New Mails so I can read I get an error message: 1.One or more parts of this message could not be displayed and then I press OK and the next error message reads 2. There was an error opening this message ther is not enough memory.
2. When I try to open explorer I just keep getting a blank page it does not matter what site I type in.
3.User accounts I can not get into any of the users accounts or administritive on my computer everytime I try nothing happens I never did set up an administrator account.(The only user account that is set up on this system is mines)But I have access to the folders
4. I did delete on of my anti virus software
5. Even when I click on my restore system nothing happens.
6. Something or someone got me GOOD!!!
Logfile of HijackThis v1.99.1
Scan saved at 6:01:01 PM, on 4/11/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\PROGRA~1\VCOM\Fix-It\mxtask.exe
C:\WINDOWS\SYSTEM32\GEARSEC.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\PROGRA~1\VCOM\Fix-It\mxtask.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Documents and Settings\Kyle\Desktop\hijack\HijackThis.exe
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = localhost:9095
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe
O2 - BHO: (no name) - {60D3AAEB-AA39-4AE0-B2F9-E4AF0613A2A3} - C:\PROGRA~1\Cosmi\SPYWAR~1\pop\ABG_PL~1.DLL
O4 - HKLM\..\Run: [Fix-It AV] C:\PROGRA~1\VCOM\Fix-It\MemCheck.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Symantec Fax Starter Edition Port.lnk = C:\Program Files\Microsoft Office\Office\1033\OLFSNT40.EXE
O4 - Global Startup: WinZIP Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: Transaction Management - https://tmm8.care.usbank.com/Tmm/Tmm.cab
O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/games/clients/y/pote_x.cab
O16 - DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} (DjVuCtl Class) - http://downloadcenter.samsung.com/content/common/cab/DjVuControlL...
O16 - DPF: {27527D31-447B-11D5-A46E-0001023B4289} (CoGSManager Class) - http://gamingzone.ubisoft.com/dev/packages/GSManager.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yinst200405...
O16 - DPF: {66D393D5-4D80-497C-9F4F-F3839E090202} (PlayerOCX Control) - http://www.pysoft.com/Downloads/WebCamPlayerOCX.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/...
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicr...
O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) - http://ax.phobos.apple.com.edgesuite.net/detection/ITDetector.cab
O16 - DPF: {F98517F2-7B3B-11D3-91EB-00A0CC24BD40} (upgrade Class) - http://12.160.187.70/pktc/hm/down.cab
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\System32\NavLogon.dll
O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: Fix-It Task Manager - Avanquest Publishing USA, Inc. - C:\PROGRA~1\VCOM\Fix-It\mxtask.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\SYSTEM32\GEARSEC.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: X10 Device Network Service (x10nets) - Unknown owner - E:\ATITVT~1\RemCtrl\x10nets.exe (file missing)
|
Senior Member
|
11. April 2006 @ 20:26 |
Link to this message
|
Now you don't have a firewall or an antivirus on your computer. Donwload and install one firewall and one antivirus.
These are good (free) firewalls:
ZoneAlarm --> http://www.zonelabs.com
Kerio--> http://www.sunbelt-software.com/Kerio.cfm
Outpost-> http://www.agnitum.com
These are good (free) antiviruses:
AVG Antivirus --> http://www.grisoft.com
Avast --> http://www.avast.com
1. Have you tried opening a new message? Do you have a massive amount of messages? Try deleting some of your old messages.
2. Have you tried changing the Internet Explorers settings to default?
3. Does your account have the rights of "user" or "administrator" ?
4. I ment that you should have disabled the antivirus properties in Fix-It software. I'm not sure that how good antivirus program it is.
5. Same thing than in the number 3, is your account "user" account or "administrator" account?
I have moved from AD, I won''t be taking new HijackThis logs from here. Reason: The AD''s Unsupportive athmosphere.
This message has been edited since posting. Last time this message was edited on 11. April 2006 @ 20:26
|
|
viper64
Suspended due to non-functional email address
|
12. April 2006 @ 14:43 |
Link to this message
|
|
1. I have tried to open a new message and I do don have a lot of messages Still I keep getting the error messages.
2. Yes I put my internet explorer setting back to default and still nothing.
3. I did disable that anti virus software still same problems.
4. My account is a user account I never set up an administrator account; let me explain when I reboot my computer it goes straight to my desk top it does not give me the chance to click on a user account and then when I click: Start-Log off- Switch User I see my user account saying logged in so when I click on my user account it takes me back to my desk top. Also when I click start-Control Panel-Users Accounts nothing happens I can't change users, add users or do anything. Also when I click-Start-All Programs-Accessories-System Tools-System Restore nothing happens.
|
Senior Member
|
13. April 2006 @ 03:09 |
Link to this message
|
Ok, I ment that running two antiviruses can cause problems, now you don't have an antivirus at all. Install an antivirus and firewall.
Try to create a new (administrator) account from the safemode. (Restart your computer into safemode by pressing F8 button when computer is restarting)
And you could also clean your registry with CCleaner and see if that helps -> http://www.filehippo.com/download_ccleaner/
I have moved from AD, I won''t be taking new HijackThis logs from here. Reason: The AD''s Unsupportive athmosphere.
|
|
viper64
Suspended due to non-functional email address
|
13. April 2006 @ 14:33 |
Link to this message
|
|
1. I only have 1 antivirus & fire wall installed.
2. Even going into safe mode I can't create an administrative account
3. I also cleaned with CCleaner and still same problems
|
Senior Member
|
14. April 2006 @ 08:49 |
Link to this message
|
I have moved from AD, I won''t be taking new HijackThis logs from here. Reason: The AD''s Unsupportive athmosphere.
This message has been edited since posting. Last time this message was edited on 14. April 2006 @ 08:49
|
|
viper64
Suspended due to non-functional email address
|
17. April 2006 @ 10:41 |
Link to this message
|
|
Thanks for your time and help !!
|
|
Advertisement
|
|
|
Senior Member
|
17. April 2006 @ 19:53 |
Link to this message
|
|
You're welcome =) Did the repair installation help?
I have moved from AD, I won''t be taking new HijackThis logs from here. Reason: The AD''s Unsupportive athmosphere.
|
