Im pretty sure I have a virus not sure what it is thou, It prevents me from using programs like MSN, Yahoo, and upgrading (connecting to servers) spyware/virus programs. Does anyone know what this virus is..? Or maybe some type of solution. Oh yeah I've tried about every spyware, virus program there is so.. yea. Any other advice besides that.
I know you said don't but.. If you download a virus scanner trial etc, i think they update the one you download with new updates. If you have a decent virus scanner it should find it.. Check start up processes (type msconfig in run, then go to startup) Also using ctrl-shift-esc check what processes are running and see if theres anything out of place. Be careful what you end though because windows needs some of them to run. dja
if u havent tried Avast then try it and do an atboot scan. If that doesnt work, get Hijack This and go tom coyote.org or one of those types of sites (sry cant think of any off the top of my head, try google). That will check your start up registries and they will tell you what it is.
Yes.. all of those virus programs but none seems to get rid of it.. Even my Internet Explorer is VERY SCREWED UP. Good thing I like Mozilla alot better ... it aint a real big deal to me.. but I would love to use MSN instead of that stupid express crap one day. And also the virus does not let me use active x or whatever.. which you need to have to use online virus scanners.
Damn this isnt a very good virus.. lets see..can you at lewst open task manager and shut down any bad processes? but before you do send me the name of the process plz..
Damn this isnt a very good virus.. lets see..can you at lewst open task manager and shut down any bad processes? but before you do send me the name of the process plz..
I did a log on HIJACKTHIS.. can any of yall tell me which one could be bad? Logfile of HijackThis v1.99.1 Scan saved at 9:06:13 PM, on 10/4/2005 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe c:\jetsuite\jsdaemon.exe C:\Program Files\Eset\nod32krn.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbload.exe C:\WINDOWS\Explorer.EXE C:\Program Files\2Wire HomePortal Monitor\2portalmon.exe C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE C:\Program Files\AIM95\aim.exe C:\Program Files\Microsoft AntiSpyware\gcasServ.exe C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Adobe\Photoshop 7.0\Photoshop.exe C:\unzipped\hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neopets.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 66.119.34.38:80 R3 - URLSearchHook: Cram Toolbar - {20929603-21DB-477C-BA6F-0B8E70B3C8A0} - C:\Program Files\Cram Toolbar\untitled.dll F2 - REG:system.ini: UserInit=C:\WINDOWS\System32\Userinit.exe O1 - Hosts: 127.0.0.0 localhost O1 - Hosts: 127.0.0.2 auditmypc.com O1 - Hosts: 127.0.0.4 bulletproofsoft.net O1 - Hosts: 127.0.0.5 camtech2000.net O1 - Hosts: 127.0.0.6 cexx.org O1 - Hosts: 127.0.0.7 computercops.us O1 - Hosts: 127.0.0.8 ct7support.com O1 - Hosts: 127.0.0.9 doxdesk.com O1 - Hosts: 127.0.0.20 kellys-korner-xp.com O1 - Hosts: 127.0.0.21 kephyr.com O1 - Hosts: 127.0.0.24 lurkhere.com O1 - Hosts: 127.0.0.25 majorgeeks.com O1 - Hosts: 127.0.0.26 merijn.org O1 - Hosts: 127.0.0.27 mjc1.com O1 - Hosts: 127.0.0.28 moosoft.com O1 - Hosts: 127.0.0.29 mvps.org O1 - Hosts: 127.0.0.30 net-integration.net O1 - Hosts: 127.0.0.31 noadware.net O1 - Hosts: 127.0.0.32 no-spybot.com O1 - Hosts: 127.0.0.33 onlinepcfix.com O1 - Hosts: 127.0.0.34 pchell.com O1 - Hosts: 127.0.0.35 pestpatrol.com O1 - Hosts: 127.0.0.36 safer-networking.org O1 - Hosts: 127.0.0.37 secure.spykiller.com O1 - Hosts: 127.0.0.38 secureie.com O1 - Hosts: 127.0.0.39 security.kolla.de O1 - Hosts: 127.0.0.40 spybot.info O1 - Hosts: 127.0.0.41 spychecker.com O1 - Hosts: 127.0.0.42 spychecker.com O1 - Hosts: 127.0.0.43 spycop.com O1 - Hosts: 127.0.0.44 spyguard.com O1 - Hosts: 127.0.0.45 spykiller.com O1 - Hosts: 127.0.0.46 spyware.co.uk O1 - Hosts: 127.0.0.47 spyware-cop.com O1 - Hosts: 127.0.0.48 spywareinfo.com O1 - Hosts: 127.0.0.49 spywarenuker.com O1 - Hosts: 127.0.0.52 stopzillapro.com O1 - Hosts: 127.0.0.53 sunbelt-software.com O1 - Hosts: 127.0.0.54 thiefware.com O1 - Hosts: 127.0.0.55 tomcoyote.org O1 - Hosts: 127.0.0.56 unwantedlinks.com O1 - Hosts: 127.0.0.57 webattack.com O1 - Hosts: 127.0.0.58 wilders.org O1 - Hosts: 127.0.0.59 www.auditmypc.com O1 - Hosts: 127.0.0.60 www.bulletproofsoft.net O1 - Hosts: 127.0.0.61 www.cexx.org O1 - Hosts: 127.0.0.62 www.computercops.us O1 - Hosts: 127.0.0.63 www.ct7support.com O1 - Hosts: 127.0.0.65 www.eblocs.com O1 - Hosts: 127.0.0.67 www.free-spyware-scan.com O1 - Hosts: 127.0.0.68 www.free-web-browsers.com O1 - Hosts: 127.0.0.69 www.grc.com O1 - Hosts: 127.0.0.70 www.grisoft.com O1 - Hosts: 127.0.0.71 www.hackfaq.org O1 - Hosts: 127.0.0.72 www.hazeleger.net O1 - Hosts: 127.0.0.73 www.javacoolsoftware.com O1 - Hosts: 127.0.0.74 www.kellys-korner-xp.com O1 - Hosts: 127.0.0.75 www.kephyr.com O1 - Hosts: 127.0.0.78 www.lurkhere.com O1 - Hosts: 127.0.0.79 www.majorgeeks.com O1 - Hosts: 127.0.0.80 www.merijn.org O1 - Hosts: 127.0.0.81 www.mjc1.com O1 - Hosts: 127.0.0.82 www.moosoft.com O1 - Hosts: 127.0.0.83 www.mvps.org O1 - Hosts: 127.0.0.84 www.net-integration.net O1 - Hosts: 127.0.0.85 www.noadware.net O1 - Hosts: 127.0.0.86 www.no-spybot.com O1 - Hosts: 127.0.0.87 www.onlinepcfix.com O1 - Hosts: 127.0.0.88 www.pchell.com O1 - Hosts: 127.0.0.89 www.pestpatrol.com O1 - Hosts: 127.0.0.94 www.spychecker.com O1 - Hosts: 127.0.0.95 www.spychecker.com O1 - Hosts: 127.0.0.96 www.spycop.com O1 - Hosts: 127.0.0.97 www.spyguard.com O1 - Hosts: 127.0.0.98 www.spykiller.com O1 - Hosts: 127.0.0.99 www.spyware.co.uk O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: Cram Toolbar - {20929603-21DB-477C-BA6F-0B8E70B3C8A0} - C:\Program Files\Cram Toolbar\untitled.dll O4 - HKLM\..\Run: [DeadAIM] rundll32.exe "C:\PROGRA~1\AIM95\\DeadAIM.ocm",ExportedCheckODLs O4 - HKLM\..\Run: [2wSysTray] C:\Program Files\2Wire HomePortal Monitor\2portalmon.exe O4 - HKLM\..\Run: [USBToolTip] "C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe" O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe" O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE" O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe (file missing) O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe (file missing) O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) O9 - Extra button: Ebates - {6685509E-B47B-4f47-8E16-9A5F3A62F683} - file://C:\Program Files\Ebates_MoeMoneyMaker\Sy350\Tp350\scri350a.htm (file missing) (HKCU) O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O18 - Protocol: vskype - (no CLSID) - (no file) O19 - User stylesheet: C:\Program Files\Mozilla Firefox\chrome\userContent.css O20 - AppInit_DLLs: 4APPINITSOFTWARE\Microsoft\Windows NT\CurrentVersion\WindowsAppInit_DLLs,wbsys.dll O20 - Winlogon Notify: WB - C:\PROGRA~1\STARDOCK\OBJECT~1\WINDOW~1\fastload.dll O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe O23 - Service: jsdaemon - JetFax, Inc. - c:\jetsuite\jsdaemon.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Unknown owner - C:\Program Files\Eset\nod32krn.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing) O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe O23 - Service: Windows User Mode Driver Framework (UMWdf) - Unknown owner - C:\WINDOWS\System32\wdfmgr.exe (file missing)
Oh yea if you were wondering when I scanned for viruses or spyware.. using AVG, Norton or anything.. It always says it's clean..
This one is questionable, and clue what this it?: jetsuite\jsdaemon.exe (wait i think thats ur fax machine thing^ ) and Crambar cannot be good.. R3 - URLSearchHook: Cram Toolbar - {20929603-21DB-477C-BA6F-0B8E70B3C8A0} - C:\Program Files\Cram Toolbar\untitled.dll and O3 - Toolbar: Cram Toolbar - {20929603-21DB-477C-BA6F-0B8E70B3C8A0} - C:\Program Files\Cram Toolbar\untitled.dll Dont know about anything else..
Try Avast, and do an at-boot if you didnt already. that can detect viruses that cannot be shut down during Windows.
Avast doesn't work. .. I know the best suggestion will probally be reformatt but I would hate doing that :/