Webmaster Forum

Go Back   Webmaster Forum > The Webmaster Forums > Tech Support Forum

Tech Support Forum Discuss computer issues, tech gadgets and hardware, operating systems, browsers, broadband and wireless, virus, trojan, and spyware help.


Reply
 
LinkBack Thread Tools Display Modes
Old 09-16-2006, 01:56 PM   #121 (permalink)
Zap
Super Moderator
 
Zap's Avatar
 
Join Date: 01-15-06
Location: BTWIMHO.COM
Posts: 10,622
iTrader: 4 / 100%
Latest Blog:
Wookie Letch...

Zap is supreme webmaster materialZap is supreme webmaster materialZap is supreme webmaster materialZap is supreme webmaster materialZap is supreme webmaster materialZap is supreme webmaster materialZap is supreme webmaster materialZap is supreme webmaster materialZap is supreme webmaster materialZap is supreme webmaster materialZap is supreme webmaster material
Thumbs up

@Trap: Windows 98!!!

Unless you want it, uninstall the Alexa toolbar (considered spyware because of tracking websites).

These entries are part of the Alexa toolbar and should disappear with the uninstall. If not, delete them...
O2 - BHO: AlxTB BHO - {F1FABE79-25FC-46de-8C5A-2C6DB9D64333} - C:\WINDOWS\SYSTEM\ALXTB2.DLL
O3 - Toolbar: Alexa - {3CEFF6CD-6F08-4e4d-BCCD-FF7415288C3B} - C:\WINDOWS\SYSTEM\SHDOCVW.DLL
O8 - Extra context menu item: Get Alexa Data - http://client.alexa.com/holiday/scri...s/sitedata.htm
O8 - Extra context menu item: See Related Links - http://client.alexa.com/holiday/scri...ns/related.htm
O8 - Extra context menu item: Write a Review... - http://client.alexa.com/holiday/scri...ons/review.htm
O8 - Extra context menu item: Mail to a Friend... - http://client.alexa.com/holiday/scri...ons/mailto.htm
O8 - Extra context menu item: Alexa Web Search - http://client.alexa.com/holiday/scri...ons/search.htm


This one is for an HP printer. HP typically install extra software and force it to start up, even though it isn't necessary for proper operation of the printer. Remove if you wish, or don't. It's your call. Personally, I would remove it.
O4 - Startup: HP OfficeJet Series 700 StartUp.lnk = C:\Program Files\HP OfficeJet Series 700\bin\HPOstr03.exe


No actual spyware that looks harmful, but startup might go faster if the above is taken care of.
__________________
Toronto Forum ♫ ♫ ♫ ♫ ♫ ♫ ♫ ♫ ♫ ♫ ♫ FREE Norton 360 Up For Grabs!
Zap is offline  
Add Post to del.icio.us
Reply With Quote
Old 09-16-2006, 01:58 PM   #122 (permalink)
v7n Mentor
 
Trapper's Avatar
 
Join Date: 06-03-05
Location: New Brunswick, Canada
Posts: 835
iTrader: 0 / 0%
Latest Blog:
None

Trapper is a splendid one to beholdTrapper is a splendid one to beholdTrapper is a splendid one to beholdTrapper is a splendid one to beholdTrapper is a splendid one to beholdTrapper is a splendid one to beholdTrapper is a splendid one to beholdTrapper is a splendid one to beholdTrapper is a splendid one to beholdTrapper is a splendid one to beholdTrapper is a splendid one to behold
You da man

Yep. Win 98 and dial up, and I'm looking for work.

Computer is intended for spreadsheets and e-mail. I don't even have a freakin sound card.
Trapper is offline  
Add Post to del.icio.us
Reply With Quote
Old 09-16-2006, 02:19 PM   #123 (permalink)
Senior Member
 
WhatcomsFinest's Avatar
 
Join Date: 08-04-06
Location: Ferndale, Washington
Posts: 428
iTrader: 0 / 0%
Latest Blog:
None

WhatcomsFinest is just really niceWhatcomsFinest is just really niceWhatcomsFinest is just really niceWhatcomsFinest is just really niceWhatcomsFinest is just really niceWhatcomsFinest is just really niceWhatcomsFinest is just really niceWhatcomsFinest is just really niceWhatcomsFinest is just really niceWhatcomsFinest is just really niceWhatcomsFinest is just really nice
My HJT log :)

Well since this came up again I figured what the heck

I don't think I have ever run HJT on this laptop and I got it used like a year ago

Thanks in advance,
Jeremy
Attached Files
File Type: txt LaptopHJT.txt (6.2 KB, 160 views)
WhatcomsFinest is offline  
Add Post to del.icio.us
Reply With Quote
Old 09-16-2006, 02:25 PM   #124 (permalink)
Senior Member
 
WhatcomsFinest's Avatar
 
Join Date: 08-04-06
Location: Ferndale, Washington
Posts: 428
iTrader: 0 / 0%
Latest Blog:
None

WhatcomsFinest is just really niceWhatcomsFinest is just really niceWhatcomsFinest is just really niceWhatcomsFinest is just really niceWhatcomsFinest is just really niceWhatcomsFinest is just really niceWhatcomsFinest is just really niceWhatcomsFinest is just really niceWhatcomsFinest is just really niceWhatcomsFinest is just really niceWhatcomsFinest is just really nice
*EDIT*

Here's my updated log, I removed some of the obvious ones

**edit** I just downloaded and am running Adaware SE for the first time on this comp since I got it like a year ago Anyone have any better computer cleanup programs?
Attached Files
File Type: txt LaptopHJT2.txt (5.6 KB, 136 views)

Last edited by WhatcomsFinest; 09-16-2006 at 02:30 PM..
WhatcomsFinest is offline  
Add Post to del.icio.us
Reply With Quote
Old 09-16-2006, 05:43 PM   #125 (permalink)
Zap
Super Moderator
 
Zap's Avatar
 
Join Date: 01-15-06
Location: BTWIMHO.COM
Posts: 10,622
iTrader: 4 / 100%
Latest Blog:
Wookie Letch...

Zap is supreme webmaster materialZap is supreme webmaster materialZap is supreme webmaster materialZap is supreme webmaster materialZap is supreme webmaster materialZap is supreme webmaster materialZap is supreme webmaster materialZap is supreme webmaster materialZap is supreme webmaster materialZap is supreme webmaster materialZap is supreme webmaster material
@WCF: You can remove...

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

See the note in my message to Trapper above regarding this entry...
O4 - HKLM\..\Run: [EPSON Stylus Photo R200 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2H 1.EXE /P30 "EPSON Stylus Photo R200 Series" /O6 "USB001" /M "Stylus Photo R200"
(It's Epson, but same thing as the HP printers)

That's about it. Nothing major in yours, either.
__________________
Toronto Forum ♫ ♫ ♫ ♫ ♫ ♫ ♫ ♫ ♫ ♫ ♫ FREE Norton 360 Up For Grabs!
Zap is offline  
Add Post to del.icio.us
Reply With Quote
Old 09-23-2006, 03:13 AM   #126 (permalink)
G10
Super Moderator
 
G10's Avatar
 
Join Date: 05-10-04
Location: UK - Cheshire
Posts: 10,020
iTrader: 0 / 0%
Latest Blog:
None

G10 is supreme webmaster materialG10 is supreme webmaster materialG10 is supreme webmaster materialG10 is supreme webmaster materialG10 is supreme webmaster materialG10 is supreme webmaster materialG10 is supreme webmaster materialG10 is supreme webmaster materialG10 is supreme webmaster materialG10 is supreme webmaster materialG10 is supreme webmaster material
Quote:
Originally Posted by Trapper
Computer is intended for spreadsheets and e-mail. I don't even have a freakin sound card.
Sound cards are overated anyway.

Just do whatever you're doing and imagine what you think the sounds should be, that way, you'll always know the tune
__________________

.: I WAS BORN WITH NOTHING...AND I STILL HAVE MOST OF IT LEFT!! :.
G10 is offline  
Add Post to del.icio.us
Reply With Quote
Old 10-05-2006, 07:40 PM   #127 (permalink)
Super Moderator
 
South's Avatar
 
Join Date: 10-13-03
Location: Georgia
Posts: 2,308
iTrader: 1 / 100%
Latest Blog:
None

South is a web professional of the highest orderSouth is a web professional of the highest orderSouth is a web professional of the highest orderSouth is a web professional of the highest orderSouth is a web professional of the highest orderSouth is a web professional of the highest orderSouth is a web professional of the highest orderSouth is a web professional of the highest orderSouth is a web professional of the highest orderSouth is a web professional of the highest orderSouth is a web professional of the highest order
Somethings got me and no program can find it. It effects IE and not FF, but the overall performance is down, plus I'm getting alot of 100%CPU Anyone who knows how to read this thing and can find a problem will be appreciated.

Thanks.
Attached Files
File Type: txt hijackthisd.txt (8.8 KB, 195 views)
__________________
Angry Mob Member
South is offline  
Add Post to del.icio.us
Reply With Quote
Old 10-05-2006, 08:07 PM   #128 (permalink)
Senior Member
 
jg_v7n's Avatar
 
Join Date: 08-26-04
Location: Rio de Janeiro
Posts: 894
iTrader: 0 / 0%
Latest Blog:
None

jg_v7n is a highly respected web projg_v7n is a highly respected web projg_v7n is a highly respected web projg_v7n is a highly respected web projg_v7n is a highly respected web projg_v7n is a highly respected web projg_v7n is a highly respected web projg_v7n is a highly respected web projg_v7n is a highly respected web projg_v7n is a highly respected web projg_v7n is a highly respected web pro
My HJT Log

Thanks for the help guys
Attached Files
File Type: txt hijackthis.txt (7.9 KB, 160 views)
jg_v7n is offline  
Add Post to del.icio.us
Reply With Quote
Old 10-10-2006, 02:12 PM   #129 (permalink)
v7n Mentor
 
JamieJelly's Avatar
 
Join Date: 03-09-06
Posts: 1,250
iTrader: 0 / 0%
Latest Blog:
None

JamieJelly is a web professional of the highest orderJamieJelly is a web professional of the highest orderJamieJelly is a web professional of the highest orderJamieJelly is a web professional of the highest orderJamieJelly is a web professional of the highest orderJamieJelly is a web professional of the highest orderJamieJelly is a web professional of the highest orderJamieJelly is a web professional of the highest orderJamieJelly is a web professional of the highest orderJamieJelly is a web professional of the highest orderJamieJelly is a web professional of the highest order
would be grateful if someone could look at my bro'sHJT log

Code:
Logfile of HijackThis v1.99.1 Scan saved at 21:06:02, on 10/10/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Acer\eManager\anbmServ.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Launch Manager\LaunchAp.exe C:\Program Files\Launch Manager\PowerKey.exe C:\Program Files\Launch Manager\HotkeyApp.exe C:\Program Files\Launch Manager\CtrlVol.exe C:\Program Files\Launch Manager\OSDCtrl.exe C:\Program Files\Launch Manager\Wbutton.exe C:\WINDOWS\system32\VTTimer.exe C:\WINDOWS\AGRSMMSG.exe C:\Program Files\ltmoh\Ltmoh.exe C:\Program Files\Arcade\PCMService.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe C:\Program Files\Java\jre1.5.0_01\bin\jucheck.exe C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\QuickTime\qttask.exe C:\program files\seekmo\seekmo.exe C:\Program Files\VIAudioi\SBADeck\ADeck.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\DOCUME~1\user\APPLIC~1\CURITY~1\rundll32.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\??crosoft\w?auboot.exe C:\WINDOWS\system32\rundll32.exe C:\Documents and Settings\user\Desktop\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://global.acer.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://global.acer.com/ R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://global.acer.com/ R3 - URLSearchHook: (no name) - {954EE2D5-281E-74CE-1DF7-01E2E97323B3} - C:\WINDOWS\system32\mtunrhm.dll R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: Seekmo Search Assistant Helper /fleok=1D8A83A5C1E1187D91AF75760EA83FA5EF80752B94E2DF7D5A7C422E38C1 - {5929CD6E-2062-44a4-B2C5-2C7E78FBAB38} - c:\program files\seekmo\seekmohook.dll O2 - BHO: (no name) - {954EE2D5-281E-74CE-1DF7-01E2E97323B3} - C:\WINDOWS\system32\mtunrhm.dll O3 - Toolbar: Zend Studio - {95188727-288F-4581-A48D-EAB3BD027314} - C:\Program Files\Zend\ZendStudioClient-4.0.2\bin\ZendIEToolbar.dll O3 - Toolbar: Seekmo Toolbar - {53E0B6E8-A51D-448B-B692-40B67B285543} - C:\Program Files\Seekmo Programs\Seekmo Toolbar\SeekmoTB.dll O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [LaunchAp] C:\Program Files\Launch Manager\LaunchAp.exe O4 - HKLM\..\Run: [PowerKey] "C:\Program Files\Launch Manager\PowerKey.exe" O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\HotkeyApp.exe O4 - HKLM\..\Run: [CtrlVol] C:\Program Files\Launch Manager\CtrlVol.exe O4 - HKLM\..\Run: [LMgrOSD] C:\Program Files\Launch Manager\OSDCtrl.exe O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe" O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe O4 - HKLM\..\Run: [VTTimer] VTTimer.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Arcade\PCMService.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [seekmo] "c:\program files\seekmo\seekmo.exe" O4 - HKLM\..\Run: [AudioDeck] C:\Program Files\VIAudioi\SBADeck\ADeck.exe 1 O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [Steam] C:\Program Files\Valve\Steam\\Steam.exe -silent O4 - HKCU\..\Run: [Bwer] "C:\DOCUME~1\user\APPLIC~1\CURITY~1\rundll32.exe" -vt yazb O4 - HKCU\..\Run: [Sxdquh] C:\WINDOWS\system32\??crosoft\w?auboot.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O8 - Extra context menu item: Zend Studio - Debug current page - res://C:\Program Files\Zend\ZendStudioClient-4.0.2\bin\ZendIEToolbar.dll/DebugCurrent.html O8 - Extra context menu item: Zend Studio - Debug next page - res://C:\Program Files\Zend\ZendStudioClient-4.0.2\bin\ZendIEToolbar.dll/DebugNext.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0527.dll O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0527.dll O9 - Extra button: Zend Studio Toolbar - {A26ABCF0-1C8F-46e7-A67C-0489DC21B9CC} - C:\Program Files\Zend\ZendStudioClient-4.0.2\bin\ZendIEToolbar.dll O9 - Extra 'Tools' menuitem: Zend Studio - {A26ABCF0-1C8F-46e7-A67C-0489DC21B9CC} - C:\Program Files\Zend\ZendStudioClient-4.0.2\bin\ZendIEToolbar.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Imapi Helper - Alex Feinman - C:\Program Files\Alex Feinman\ISO Recorder\ImapiHelper.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
JamieJelly is offline  
Add Post to del.icio.us
Reply With Quote
Old 10-10-2006, 08:00 PM   #130 (permalink)
Individualist
 
John Scott's Avatar
 
Join Date: 09-27-03
Location: Japan, mostly
Posts: 26,971
iTrader: 3 / 100%
John Scott is supreme webmaster materialJohn Scott is supreme webmaster materialJohn Scott is supreme webmaster materialJohn Scott is supreme webmaster materialJohn Scott is supreme webmaster materialJohn Scott is supreme webmaster materialJohn Scott is supreme webmaster materialJohn Scott is supreme webmaster materialJohn Scott is supreme webmaster materialJohn Scott is supreme webmaster materialJohn Scott is supreme webmaster material
Send a message via AIM to John Scott Send a message via Yahoo to John Scott
G10 used to look at these, no?
__________________
Individualism
The ideal form of government is democracy tempered with assassination. - Voltaire
John Scott is offline  
Add Post to del.icio.us
Reply With Quote
Old 10-25-2006, 12:28 PM   #131 (permalink)
Contributing Member
 
oddjob's Avatar
 
Join Date: 10-25-06
Location: London, U.K.
Posts: 127
iTrader: 0 / 0%
Latest Blog:
None

oddjob is a jewel in the roughoddjob is a jewel in the roughoddjob is a jewel in the roughoddjob is a jewel in the roughoddjob is a jewel in the roughoddjob is a jewel in the rough
Hello JamieJelly

The log you posted has the following ...

Adware from 180Solutions, Purityscan/Clickspring and Adlogix. It also has spyware from Shopnav.

Furthermore the java is long out of date.

What firewall is operating on this computer?

Suggest your brother goes here .....

http://www.help2go.com/Tutorials/Pro...Hijackers.html

....and runs through all the steps carefully. Post a fresh HJT log after that WITH an update on how the computer is operating now. There may be more to do.


OJ
__________________
“A computer lets you make more mistakes faster than any other invention with the possible exceptions of handguns and Tequilla” Mitch Ratcliffe
oddjob is offline  
Add Post to del.icio.us
Reply With Quote
Old 10-25-2006, 12:39 PM   #132 (permalink)
Lebanese Princess
 
joecacia's Avatar
 
Join Date: 05-09-06
Location: USA, CT
Posts: 2,076
iTrader: 0 / 0%
Latest Blog:
None

joecacia is a web professional of the highest orderjoecacia is a web professional of the highest orderjoecacia is a web professional of the highest orderjoecacia is a web professional of the highest orderjoecacia is a web professional of the highest orderjoecacia is a web professional of the highest orderjoecacia is a web professional of the highest orderjoecacia is a web professional of the highest orderjoecacia is a web professional of the highest orderjoecacia is a web professional of the highest orderjoecacia is a web professional of the highest order
Well, this is mine, any ideas?
Attached Files
File Type: txt hijackthis-joecacia.txt (16.1 KB, 129 views)
__________________
Chris Charbel is here, born on October 08, 2008!

http://joecaciaartwork.blogspot.com/
http://www.shoetreemarketplace.com
joecacia is offline  
Add Post to del.icio.us
Reply With Quote
Old 10-25-2006, 01:20 PM   #133 (permalink)
Contributing Member
 
oddjob's Avatar
 
Join Date: 10-25-06
Location: London, U.K.
Posts: 127
iTrader: 0 / 0%
Latest Blog:
None

oddjob is a jewel in the roughoddjob is a jewel in the roughoddjob is a jewel in the roughoddjob is a jewel in the roughoddjob is a jewel in the roughoddjob is a jewel in the rough
jocacia ...

Firsd you have a varient of the smitfraud infection. Go here ....

http://www.help2go.com/Tutorials/Spy...n_3_steps.html

Work through the processes there.

Next, open HJT again ... click on "scan" ... put tick/check marks next to the following entries IF they are still present ...

O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/noc...up1.0.0.15.cab

O16 - DPF: {70522FA2-4656-11D5-B0E9-0050DAC24E8F} - http://cc.iwon.com/ct/pm3/iWonPMSetup_12_1,0,2,5.exe

O23 - Service: Windows Overlay Components - Unknown owner - C:\WINDOWS\lkofmnh.exe (file missing)


Note >> you have an entry in your Trusted Zone. This is your choice but I wouldn't do that no matter who they are. It's like giving someone "open door" to come into your computer and do what they like.

If you want to remove it then add it to the above list of the entries to be fixed.

Don't forget to close all browser windows (including this one) before clicking on "Fix Checked" at the foot of the HJT window.

Reboot to normal mode and post a fresh log with an update on how the computer is operating now.


OJ
__________________
“A computer lets you make more mistakes faster than any other invention with the possible exceptions of handguns and Tequilla” Mitch Ratcliffe
oddjob is offline  
Add Post to del.icio.us
Reply With Quote
Old 10-25-2006, 02:47 PM   #134 (permalink)
Junior Member
 
Join Date: 10-25-06
Posts: 18
iTrader: 0 / 0%
Latest Blog:
None

easydesi is liked by many
What is apoint in this log....?

Although I am actively protecting my pc...this is my log. some advices?
Attached Files
File Type: txt hj.txt (6.4 KB, 245 views)
easydesi is offline  
Add Post to del.icio.us
Reply With Quote
Old 10-25-2006, 04:37 PM   #135 (permalink)
Lebanese Princess
 
joecacia's Avatar
 
Join Date: 05-09-06
Location: USA, CT
Posts: 2,076
iTrader: 0 / 0%
Latest Blog:
None

joecacia is a web professional of the highest orderjoecacia is a web professional of the highest orderjoecacia is a web professional of the highest orderjoecacia is a web professional of the highest orderjoecacia is a web professional of the highest orderjoecacia is a web professional of the highest orderjoecacia is a web professional of the highest orderjoecacia is a web professional of the highest orderjoecacia is a web professional of the highest orderjoecacia is a web professional of the highest orderjoecacia is a web professional of the highest order
Quote:
SmitFraudFix v2.113

Fichier Process.exe absent !
Dezippez la totalité de l'archive dans un dossier.

Process.exe file missing !
Unzip all the archive in a folder.

Press any key to continue . . .
I always have this message, I can't do nothing
__________________
Chris Charbel is here, born on October 08, 2008!

http://joecaciaartwork.blogspot.com/
http://www.shoetreemarketplace.com
joecacia is offline  
Add Post to del.icio.us
Reply With Quote
Old 10-25-2006, 05:52 PM   #136 (permalink)
Junior Member
 
Join Date: 10-25-06
Location: North
Posts: 3
iTrader: 0 / 0%
Latest Blog:
None

fatt_joe77 is liked by many
sort of like easydesi, protecting my computer, but, it's been running a lot slower for the past month or so. Anything wrong with my log? BTW nice site here.
Attached Files
File Type: txt hijackthis2.txt (5.8 KB, 161 views)
fatt_joe77 is offline  
Add Post to del.icio.us
Reply With Quote
Old 10-25-2006, 07:26 PM   #137 (permalink)
Contributing Member
 
oddjob's Avatar
 
Join Date: 10-25-06
Location: London, U.K.
Posts: 127
iTrader: 0 / 0%
Latest Blog:
None

oddjob is a jewel in the roughoddjob is a jewel in the roughoddjob is a jewel in the roughoddjob is a jewel in the roughoddjob is a jewel in the roughoddjob is a jewel in the rough
Hi again joecacia

First, In Windows Explorer, turn on "Show all files and folders, including hidden and system". See how ......

http://www.bleepingcomputer.com/forums/tutorial62.html


Quote:
Originally Posted by joecacia View Post
I always have this message, I can't do nothing
process.exe is sometimes detected as a virus, but in fact it isn't one. It's what's known as a "false positive".

What you need to do is to reboot to safe mode, disable any antivirus/antispyware software on your computer while running the fix (including MS Anti-spyware or Window Defender, or anything else) and then turn it back on afterwards.

To ensure the fix is still intact download a fresh copy and run it rather than the copy you've already used.

NOTE > Smitfraudfix isn't supposed to work from winzip. Do this ....

save the zip file to your computer,
extract it to a folder,
boot into safe mode,
turn off your antivirus and antispyware software, and
run the smitfraudfix cmd file.

We will give you advise on speeding up your system once it's been cleaned (no point in doing it while it's still infected).

Once you've done that (in safe mode - it's important to be in safe mode for it) post a new HJT PLUS the smitfraudfix logfile AND the update on how your computer is working now.


OJ
__________________
“A computer lets you make more mistakes faster than any other invention with the possible exceptions of handguns and Tequilla” Mitch Ratcliffe
oddjob is offline  
Add Post to del.icio.us
Reply With Quote
Old 10-25-2006, 07:27 PM   #138 (permalink)
Lebanese Princess
 
joecacia's Avatar
 
Join Date: 05-09-06
Location: USA, CT
Posts: 2,076
iTrader: 0 / 0%
Latest Blog:
None

joecacia is a web professional of the highest orderjoecacia is a web professional of the highest orderjoecacia is a web professional of the highest orderjoecacia is a web professional of the highest orderjoecacia is a web professional of the highest orderjoecacia is a web professional of the highest orderjoecacia is a web professional of the highest orderjoecacia is a web professional of the highest orderjoecacia is a web professional of the highest orderjoecacia is a web professional of the highest orderjoecacia is a web professional of the highest order
OK, so I will do all this stuff at safe mode?
__________________
Chris Charbel is here, born on October 08, 2008!

http://joecaciaartwork.blogspot.com/
http://www.shoetreemarketplace.com
joecacia is offline  
Add Post to del.icio.us
Reply With Quote
Old 10-25-2006, 07:31 PM   #139 (permalink)
Contributing Member
 
oddjob's Avatar
 
Join Date: 10-25-06
Location: London, U.K.
Posts: 127
iTrader: 0 / 0%
Latest Blog:
None

oddjob is a jewel in the roughoddjob is a jewel in the roughoddjob is a jewel in the roughoddjob is a jewel in the roughoddjob is a jewel in the roughoddjob is a jewel in the rough
Quote:
Originally Posted by easydesi View Post
Although I am actively protecting my pc...this is my log. some advices?
The log is clean. Are you having any trouble? If so ... what is it? Please advise.


OJ
__________________
“A computer lets you make more mistakes faster than any other invention with the possible exceptions of handguns and Tequilla” Mitch Ratcliffe
oddjob is offline  
Add Post to del.icio.us
Reply With Quote
Old 10-25-2006, 07:33 PM   #140 (permalink)
Contributing Member
 
oddjob's Avatar
 
Join Date: 10-25-06
Location: London, U.K.
Posts: 127
iTrader: 0 / 0%
Latest Blog:
None

oddjob is a jewel in the roughoddjob is a jewel in the roughoddjob is a jewel in the roughoddjob is a jewel in the roughoddjob is a jewel in the roughoddjob is a jewel in the rough
Quote:
Originally Posted by joecacia View Post
OK, so I will do all this stuff at safe mode?
All in sare mode except the final HJT scan after the fixing work. That must be done in normal mode.

OJ
__________________
“A computer lets you make more mistakes faster than any other invention with the possible exceptions of handguns and Tequilla” Mitch Ratcliffe
oddjob is offline  
Add Post to del.icio.us
Reply With Quote
Go Back   Webmaster Forum > The Webmaster Forums > Tech Support Forum

Reply


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On


Similar Threads
Thread Thread Starter Forum Replies Last Post
hide identity/ip from logs? River Internet Legal Issues 1 07-14-2007 12:53 AM
All right kids, time to look at your logs Henny Forum Lobby 21 04-28-2006 03:31 PM
Logs PaulHarris Marketing Forum 2 06-06-2004 01:09 PM


Sponsor Links
Get exposure! Contextual Links V7N SEO Blog V7N Directory


All times are GMT -7. The time now is 05:06 PM.
© Copyright 2008 V7 Inc
Powered by vBulletin
Copyright © 2000-2009 Jelsoft Enterprises Limited.


Search Engine Optimization by vBSEO 3.3.0 ©2009, Crawlability, Inc.