General problems with virus's (i think)

Posted 4/12/2003 8:52 PM
#12800
User avatar

matt2 Member

Date Joined Nov 2016
Total Posts: 3
Hi im matt <br/> <br/> <br/>Basically ive had this comp for a year, nortons installed ... anyway one day went onto a site recommended by a friend and i suddenly get bombarded by norton telling me a ton of stuff and that 'sorry we can't fix it'. My current situation is that i can't use search engines because every link goes to the same adult site and it has slowed down my computer as well as my internet. MY fat arsed log file: <br/> <br/> <br/> <br/>Logfile of HijackThis v1.99.1 <br/>Scan saved at 20:27:59, on 12/04/2005 <br/>Platform: Windows XP SP2 (WinNT 5.01.2600) <br/>MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) <br/> <br/>Running processes: <br/>C:\WINDOWS\System32\smss.exe <br/>C:\WINDOWS\system32\winlogon.exe <br/>C:\WINDOWS\system32\services.exe <br/>C:\WINDOWS\system32\lsass.exe <br/>C:\WINDOWS\system32\Ati2evxx.exe <br/>C:\WINDOWS\system32\svchost.exe <br/>C:\WINDOWS\System32\svchost.exe <br/>C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe <br/>C:\WINDOWS\system32\Ati2evxx.exe <br/>C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe <br/>C:\WINDOWS\Explorer.EXE <br/>C:\WINDOWS\system32\spoolsv.exe <br/>C:\WINDOWS\system32\sstray.exe <br/>C:\WINDOWS\system32\TCAUDIAG.exe <br/>C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe <br/>C:\PROGRA~1\MI948F~1\GAMECO~1\STRATE~1\daemon14.exe <br/>C:\PROGRA~1\IMMERS~1\TOUCHS~1\Clients\Desktop\IDesktop.exe <br/>C:\Program Files\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe <br/>C:\Program Files\iTunes\iTunesHelper.exe <br/>C:\Program Files\QuickTime\qttask.exe <br/>C:\WINDOWS\kdx\KHost.exe <br/>C:\WINDOWS\System32\rmctrl.exe <br/>C:\Program Files\Common Files\Symantec Shared\ccApp.exe <br/>C:\Program Files\Logitech\MouseWare\system\em_exec.exe <br/>C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe <br/>C:\WINDOWS\system32\ctfmon.exe <br/>C:\program files\steam\steam.exe <br/>C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe <br/>C:\Program Files\Wacom\TabUserW.exe <br/>C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe <br/>C:\Program Files\WinZip\WZQKPICK.EXE <br/>C:\WINDOWS\system32\CTsvcCDA.EXE <br/>C:\WINDOWS\System32\GEARSEC.EXE <br/>C:\PROGRA~1\Symantec\NORTON~1\GHOSTS~2.EXE <br/>C:\Program Files\Norton AntiVirus\navapsvc.exe <br/>C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE <br/>C:\Program Files\Norton AntiVirus\SAVScan.exe <br/>C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe <br/>C:\WINDOWS\System32\Tablet.exe <br/>C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe <br/>C:\Program Files\iPod\bin\iPodService.exe <br/>C:\Program Files\Immersion Corporation\TouchSense\Server\TouchSense.exe <br/>C:\Program Files\MSN Messenger\msnmsgr.exe <br/>C:\Program Files\Internet Explorer\iexplore.exe <br/>C:\Program Files\Internet Explorer\iexplore.exe <br/>C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe <br/>C:\Downloads\hijackthis\hijackthis.exe <br/> <br/>R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [color=#800080>http://www.msn.co.uk/</FONT>[/url] <br/>R0]www.msn.com[/color]</A> <br/>R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = [color=#800080>http://www.altavista.com/[/url] <br/>R1]http://localhost[/color]</A>; <br/>O1 - Hosts: 127.0.0.0 localhost <br/>O1 - Hosts: 127.0.0.2 auditmypc.com <br/>O1 - Hosts: 127.0.0.3 boards.cexx.org <br/>O1 - Hosts: 127.0.0.4 bulletproofsoft.net <br/>O1 - Hosts: 127.0.0.5 camtech2000.net <br/>O1 - Hosts: 127.0.0.6 cexx.org <br/>O1 - Hosts: 127.0.0.7 computercops.us <br/>O1 - Hosts: 127.0.0.8 ct7support.com <br/>O1 - Hosts: 127.0.0.9 doxdesk.com <br/>O1 - Hosts: 127.0.0.20 kellys-korner-xp.com <br/>O1 - Hosts: 127.0.0.21 kephyr.com <br/>O1 - Hosts: 127.0.0.22 lavasoft.de <br/>O1 - Hosts: 127.0.0.23 lavasoftusa.com <br/>O1 - Hosts: 127.0.0.24 lurkhere.com <br/>O1 - Hosts: 127.0.0.25 majorgeeks.com <br/>O1 - Hosts: 127.0.0.26 merijn.org <br/>O1 - Hosts: 127.0.0.27 mjc1.com <br/>O1 - Hosts: 127.0.0.28 moosoft.com <br/>O1 - Hosts: 127.0.0.29 mvps.org <br/>O1 - Hosts: 127.0.0.30 net-integration.net <br/>O1 - Hosts: 127.0.0.31 noadware.net <br/>O1 - Hosts: 127.0.0.32 no-spybot.com <br/>O1 - Hosts: 127.0.0.33 onlinepcfix.com <br/>O1 - Hosts: 127.0.0.34 pchell.com <br/>O1 - Hosts: 127.0.0.35 pestpatrol.com <br/>O1 - Hosts: 127.0.0.36 safer-networking.org <br/>O1 - Hosts: 127.0.0.37 secure.spykiller.com <br/>O1 - Hosts: 127.0.0.38 secureie.com <br/>O1 - Hosts: 127.0.0.39 security.kolla.de <br/>O1 - Hosts: 127.0.0.40 spybot.info <br/>O1 - Hosts: 127.0.0.41 spychecker.com <br/>O1 - Hosts: 127.0.0.42 spychecker.com <br/>O1 - Hosts: 127.0.0.43 spycop.com <br/>O1 - Hosts: 127.0.0.44 spyguard.com <br/>O1 - Hosts: 127.0.0.45 spykiller.com <br/>O1 - Hosts: 127.0.0.46 spyware.co.uk <br/>O1 - Hosts: 127.0.0.47 spyware-cop.com <br/>O1 - Hosts: 127.0.0.48 spywareinfo.com <br/>O1 - Hosts: 127.0.0.49 spywarenuker.com <br/>O1 - Hosts: 127.0.0.50 spywareremove.com <br/>O1 - Hosts: 127.0.0.51 spywareremove.com <br/>O1 - Hosts: 127.0.0.52 stopzillapro.com <br/>O1 - Hosts: 127.0.0.53 sunbelt-software.com <br/>O1 - Hosts: 127.0.0.54 thiefware.com <br/>O1 - Hosts: 127.0.0.55 tomcoyote.org <br/>O1 - Hosts: 127.0.0.56 unwantedlinks.com <br/>O1 - Hosts: 127.0.0.57 webattack.com <br/>O1 - Hosts: 127.0.0.58 wilders.org <br/>O1 - Hosts: 127.0.0.59 [color=#0000ff>www.auditmypc.com[/url] <br/>O1]www.bulletproofsoft.net[/color]</A> <br/>O1 - Hosts: 127.0.0.61 [color=#0000ff>www.cexx.org[/url] <br/>O1]www.computercops.us[/color]</A> <br/>O1 - Hosts: 127.0.0.63 [color=#0000ff>www.ct7support.com[/url] <br/>O1]www.doxdesk.com[/color]</A> <br/>O1 - Hosts: 127.0.0.65 [color=#0000ff>www.eblocs.com[/url] <br/>O1]www.enigmasoftwaregroup.com[/color]</A> <br/>O1 - Hosts: 127.0.0.67 [color=#0000ff>www.free-spyware-scan.com[/url] <br/>O1]www.free-web-browsers.com[/color]</A> <br/>O1 - Hosts: 127.0.0.69 [color=#0000ff>www.grc.com[/url] <br/>O1]www.grisoft.com[/color]</A> <br/>O1 - Hosts: 127.0.0.71 [color=#0000ff>www.hackfaq.org[/url] <br/>O1]www.hazeleger.net[/color]</A> <br/>O1 - Hosts: 127.0.0.73 [color=#0000ff>www.javacoolsoftware.com[/url] <br/>O1]www.kellys-korner-xp.com[/color]</A> <br/>O1 - Hosts: 127.0.0.75 [color=#0000ff>www.kephyr.com[/url] <br/>O1]www.lavasoft.de[/color]</A> <br/>O1 - Hosts: 127.0.0.77 [color=#0000ff>www.lavasoftusa.com[/url] <br/>O1]www.lurkhere.com[/color]</A> <br/>O1 - Hosts: 127.0.0.79 [color=#0000ff>www.majorgeeks.com[/url] <br/>O1]www.merijn.org[/color]</A> <br/>O1 - Hosts: 127.0.0.81 [color=#0000ff>www.mjc1.com[/url] <br/>O1]www.moosoft.com[/color]</A> <br/>O1 - Hosts: 127.0.0.83 [color=#0000ff>www.mvps.org[/url] <br/>O1]www.net-integration.net[/color]</A> <br/>O1 - Hosts: 127.0.0.85 [color=#0000ff>www.noadware.net[/url] <br/>O1]www.no-spybot.com[/color]</A> <br/>O1 - Hosts: 127.0.0.87 [color=#0000ff>www.onlinepcfix.com[/url] <br/>O1]www.pchell.com[/color]</A> <br/>O1 - Hosts: 127.0.0.89 [color=#0000ff>www.pestpatrol.com[/url] <br/>O1]www.safer-networking.org[/color]</A> <br/>O1 - Hosts: 127.0.0.91 [color=#0000ff>www.secureie.com[/url] <br/>O1]www.security.kolla.de[/color]</A> <br/>O1 - Hosts: 127.0.0.93 [color=#0000ff>www.spybot.info[/url] <br/>O1]www.spychecker.com[/color]</A> <br/>O1 - Hosts: 127.0.0.95 [color=#0000ff>www.spychecker.com[/url] <br/>O1]www.spycop.com[/color]</A> <br/>O1 - Hosts: 127.0.0.97 [color=#0000ff>www.spyguard.com[/url] <br/>O1]www.spykiller.com[/color]</A> <br/>O1 - Hosts: 127.0.0.99 [color=#0000ff>www.spyware.co.uk[/url] <br/>O2]O2 - BHO: C:\WINDOWS\system32\miamore32.dll - {1559C6FD-8BDE-476E-98C7-871E59193FCE} - C:\WINDOWS\system32\miamore32.dll <br/>O2 - BHO: C:\WINDOWS\system32\atmpvc.dll - {7DBA5E61-9C51-4365-ACD2-DE684E133F8C} - C:\WINDOWS\system32\atmpvc.dll <br/>O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll <br/>O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll <br/>O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r <br/>O4 - HKLM\..\Run: [TCASUTIEXE] TCAUDIAG.exe -on <br/>O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe <br/>O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe <br/>O4 - HKLM\..\Run: [Daemon14] C:\PROGRA~1\MI948F~1\GAMECO~1\STRATE~1\daemon14.exe <br/>O4 - HKLM\..\Run: [IDesktop.2.5] C:\PROGRA~1\IMMERS~1\TOUCHS~1\Clients\Desktop\IDesktop.exe 1 <br/>O4 - HKLM\..\Run: [GhostStartTrayApp] C:\Program Files\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe <br/>O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe <br/>O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime <br/>O4 - HKLM\..\Run: [kdx] C:\WINDOWS\kdx\KHost.exe <br/>O4 - HKLM\..\Run: [RemoteControl] C:\WINDOWS\System32\rmctrl.exe <br/>O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" <br/>O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE <br/>O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe <br/>O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe <br/>O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe <br/>O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent <br/>O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized <br/>O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet <br/>O4 - Startup: Registration .LNK = C:\Program Files\Ubisoft\Myst IV - Revelation\support\register\na\RegistrationReminder.exe <br/>O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe <br/>O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe <br/>O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe <br/>O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE <br/>O4 - Global Startup: TabUserW.lnk = C:\Program Files\Wacom\TabUserW.exe <br/>O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE <br/>O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\miamore32.dll <br/>O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\miamore32.dll <br/>O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\ypager.exe <br/>O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\ypager.exe <br/>O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe <br/>O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe <br/>O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab[/color] <br/>O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - [color=#0000ff>http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab30149.cab[/url] <br/>O16]file://C:\install.cab[/color]</A> <br/>O16 - DPF: {26111423-D30F-11D3-8A34-00A0CC3BAA9C} (Mission Connector 4.1) - [color=#0000ff>http://www.mightygames.com/ActiveX/MC4110/MC.cab[/url] <br/>O16]http://messenger.zone.msn.com/binary/MessengerStatsClient.cab[/color]</A> <br/>O16 - DPF: {963BE66B-121D-4E6C-BF9F-1A774D9A2E41} (MSN Money Charting) - [color=#0000ff>http://moneycentral.msn.com/cabs/pmupdate2.exe[/url] <br/>O16]http://217.73.66.1/minidialler/mddl/UK/910025__.exe[/color]</A> <br/>O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - [color=#0000ff>http://messenger.msn.com/download/msnmessengersetupdownloader.cab[/url] <br/>O16]http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab[/color]</A> <br/>O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - [color=#0000ff>http://www.popcap.com/games/popcaploader_v6.cab[/url] <br/>O16]http://fdl.msn.com/zone/datafiles/heartbeat.cab[/color]</A> <br/>O16 - DPF: {F54C1137-5E34-4B95-95A5-BA56D4D8D743} (Secure Delivery) - <FONT color=#0000ff>http://www.gamespot.com/KDX/kdx.cab <br/>O20 - Winlogon Notify: eventss - C:\WINDOWS\system32\atmpvc.dll <br/>O20 - Winlogon Notify: lindow - C:\WINDOWS\system32\miamore32.dll <br/>O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe <br/>O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe <br/>O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe <br/>O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe <br/>O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe <br/>O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE <br/>O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSEC.EXE <br/>O23 - Service: GhostStartService - Symantec Corporation - C:\PROGRA~1\Symantec\NORTON~1\GHOSTS~2.EXE <br/>O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe <br/>O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe <br/>O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE <br/>O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe <br/>O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe <br/>O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe <br/>O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe <br/>O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe <br/>O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\System32\Tablet.exe <br/> <br/> <br/> <br/> <br/> <br/> <br/> <br/>Please help i have no idea what to do :( <br/> <br/> <br/> <br/> <br/> <br/>PS. i posted this is one of the other forums but i think it would be better placed here... <br/><!-- Edit -->
  • Unread posts or replies
  • No unread posts or replies
  • Unread Posts (Read Only Forum)
  • No Unread Posts (Read Only Forum)

Forum Information

Currently it is Saturday, December 10, 2016, 1:41 PM (GMT +1)
There are a total of 61,164 posts in 13,450 threads.
In the last 3 days there were 1 new threads and 4 reply posts.

Who's online

This forum has 37,970 registered members. Please welcome our newest member, MJD.
There are currently no users on-line.