I Need Help Updating Spyware/virus Programs.

Im pretty sure I have a virus not sure what it is thou, It prevents me from using programs like MSN, Yahoo, and upgrading (connecting to servers) spyware/virus programs. Does anyone know what this virus is..? Or maybe some type of solution.

Oh yeah I've tried about every spyware, virus program there is so.. yea. Any other advice besides that.

 

I know you said don't but..

If you download a virus scanner trial etc, i think they update the one you download with new updates. If you have a decent virus scanner it should find it.. Check start up processes (type msconfig in run, then go to startup) Also using ctrl-shift-esc check what processes are running and see if theres anything out of place. Be careful what you end though because windows needs some of them to run.

dja

 

what kind of antivirus?
have you tried norton?

 

if u havent tried Avast then try it and do an atboot scan.

If that doesnt work, get Hijack This and go tom coyote.org or one of those types of sites (sry cant think of any off the top of my head, try google). That will check your start up registries and they will tell you what it is.

 

download.com for some products?

 

Yes.. all of those virus programs but none seems to get rid of it..

Even my Internet Explorer is VERY SCREWED UP.

Good thing I like Mozilla alot better ... it aint a real big deal to me.. but I would love to use MSN instead of that stupid express crap one day.

And also the virus does not let me use active x or whatever.. which you need to have to use online virus scanners.

 

Oh gee if I could only type in msconfig lmao..

 

Damn this isnt a very good virus..

lets see..can you at lewst open task manager and shut down any bad processes?

but before you do send me the name of the process plz..

 

Damn this isnt a very good virus..

lets see..can you at lewst open task manager and shut down any bad processes?

but before you do send me the name of the process plz..

 

I did a log on HIJACKTHIS..

can any of yall tell me which one could be bad?

Logfile of HijackThis v1.99.1
Scan saved at 9:06:13 PM, on 10/4/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
c:\jetsuite\jsdaemon.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbload.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\2Wire HomePortal Monitor\2portalmon.exe
C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\AIM95\aim.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Adobe\Photoshop 7.0\Photoshop.exe
C:\unzipped\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neopets.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 66.119.34.38:80
R3 - URLSearchHook: Cram Toolbar - {20929603-21DB-477C-BA6F-0B8E70B3C8A0} - C:\Program Files\Cram Toolbar\untitled.dll
F2 - REG:system.ini: UserInit=C:\WINDOWS\System32\Userinit.exe
O1 - Hosts: 127.0.0.0 localhost
O1 - Hosts: 127.0.0.2 auditmypc.com
O1 - Hosts: 127.0.0.4 bulletproofsoft.net
O1 - Hosts: 127.0.0.5 camtech2000.net
O1 - Hosts: 127.0.0.6 cexx.org
O1 - Hosts: 127.0.0.7 computercops.us
O1 - Hosts: 127.0.0.8 ct7support.com
O1 - Hosts: 127.0.0.9 doxdesk.com
O1 - Hosts: 127.0.0.20 kellys-korner-xp.com
O1 - Hosts: 127.0.0.21 kephyr.com
O1 - Hosts: 127.0.0.24 lurkhere.com
O1 - Hosts: 127.0.0.25 majorgeeks.com
O1 - Hosts: 127.0.0.26 merijn.org
O1 - Hosts: 127.0.0.27 mjc1.com
O1 - Hosts: 127.0.0.28 moosoft.com
O1 - Hosts: 127.0.0.29 mvps.org
O1 - Hosts: 127.0.0.30 net-integration.net
O1 - Hosts: 127.0.0.31 noadware.net
O1 - Hosts: 127.0.0.32 no-spybot.com
O1 - Hosts: 127.0.0.33 onlinepcfix.com
O1 - Hosts: 127.0.0.34 pchell.com
O1 - Hosts: 127.0.0.35 pestpatrol.com
O1 - Hosts: 127.0.0.36 safer-networking.org
O1 - Hosts: 127.0.0.37 secure.spykiller.com
O1 - Hosts: 127.0.0.38 secureie.com
O1 - Hosts: 127.0.0.39 security.kolla.de
O1 - Hosts: 127.0.0.40 spybot.info
O1 - Hosts: 127.0.0.41 spychecker.com
O1 - Hosts: 127.0.0.42 spychecker.com
O1 - Hosts: 127.0.0.43 spycop.com
O1 - Hosts: 127.0.0.44 spyguard.com
O1 - Hosts: 127.0.0.45 spykiller.com
O1 - Hosts: 127.0.0.46 spyware.co.uk
O1 - Hosts: 127.0.0.47 spyware-cop.com
O1 - Hosts: 127.0.0.48 spywareinfo.com
O1 - Hosts: 127.0.0.49 spywarenuker.com
O1 - Hosts: 127.0.0.52 stopzillapro.com
O1 - Hosts: 127.0.0.53 sunbelt-software.com
O1 - Hosts: 127.0.0.54 thiefware.com
O1 - Hosts: 127.0.0.55 tomcoyote.org
O1 - Hosts: 127.0.0.56 unwantedlinks.com
O1 - Hosts: 127.0.0.57 webattack.com
O1 - Hosts: 127.0.0.58 wilders.org
O1 - Hosts: 127.0.0.59 www.auditmypc.com
O1 - Hosts: 127.0.0.60 www.bulletproofsoft.net
O1 - Hosts: 127.0.0.61 www.cexx.org
O1 - Hosts: 127.0.0.62 www.computercops.us
O1 - Hosts: 127.0.0.63 www.ct7support.com
O1 - Hosts: 127.0.0.65 www.eblocs.com
O1 - Hosts: 127.0.0.67 www.free-spyware-scan.com
O1 - Hosts: 127.0.0.68 www.free-web-browsers.com
O1 - Hosts: 127.0.0.69 www.grc.com
O1 - Hosts: 127.0.0.70 www.grisoft.com
O1 - Hosts: 127.0.0.71 www.hackfaq.org
O1 - Hosts: 127.0.0.72 www.hazeleger.net
O1 - Hosts: 127.0.0.73 www.javacoolsoftware.com
O1 - Hosts: 127.0.0.74 www.kellys-korner-xp.com
O1 - Hosts: 127.0.0.75 www.kephyr.com
O1 - Hosts: 127.0.0.78 www.lurkhere.com
O1 - Hosts: 127.0.0.79 www.majorgeeks.com
O1 - Hosts: 127.0.0.80 www.merijn.org
O1 - Hosts: 127.0.0.81 www.mjc1.com
O1 - Hosts: 127.0.0.82 www.moosoft.com
O1 - Hosts: 127.0.0.83 www.mvps.org
O1 - Hosts: 127.0.0.84 www.net-integration.net
O1 - Hosts: 127.0.0.85 www.noadware.net
O1 - Hosts: 127.0.0.86 www.no-spybot.com
O1 - Hosts: 127.0.0.87 www.onlinepcfix.com
O1 - Hosts: 127.0.0.88 www.pchell.com
O1 - Hosts: 127.0.0.89 www.pestpatrol.com
O1 - Hosts: 127.0.0.94 www.spychecker.com
O1 - Hosts: 127.0.0.95 www.spychecker.com
O1 - Hosts: 127.0.0.96 www.spycop.com
O1 - Hosts: 127.0.0.97 www.spyguard.com
O1 - Hosts: 127.0.0.98 www.spykiller.com
O1 - Hosts: 127.0.0.99 www.spyware.co.uk
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Cram Toolbar - {20929603-21DB-477C-BA6F-0B8E70B3C8A0} - C:\Program Files\Cram Toolbar\untitled.dll
O4 - HKLM\..\Run: [DeadAIM] rundll32.exe "C:\PROGRA~1\AIM95\\DeadAIM.ocm",ExportedCheckODLs
O4 - HKLM\..\Run: [2wSysTray] C:\Program Files\2Wire HomePortal Monitor\2portalmon.exe
O4 - HKLM\..\Run: [USBToolTip] "C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe"
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe (file missing)
O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra button: Ebates - {6685509E-B47B-4f47-8E16-9A5F3A62F683} - file://C:\Program Files\Ebates_MoeMoneyMaker\Sy350\Tp350\scri350a.htm (file missing) (HKCU)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O18 - Protocol: vskype - (no CLSID) - (no file)
O19 - User stylesheet: C:\Program Files\Mozilla Firefox\chrome\userContent.css
O20 - AppInit_DLLs: 4APPINITSOFTWARE\Microsoft\Windows NT\CurrentVersion\WindowsAppInit_DLLs,wbsys.dll
O20 - Winlogon Notify: WB - C:\PROGRA~1\STARDOCK\OBJECT~1\WINDOW~1\fastload.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: jsdaemon - JetFax, Inc. - c:\jetsuite\jsdaemon.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Unknown owner - C:\Program Files\Eset\nod32krn.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: Windows User Mode Driver Framework (UMWdf) - Unknown owner - C:\WINDOWS\System32\wdfmgr.exe (file missing)

 

Here is a process SS

 

Oh yea if you were wondering when I scanned for viruses or spyware.. using AVG, Norton or anything.. It always says it's clean..

 

This one is questionable, and clue what this it?:
jetsuite\jsdaemon.exe
(wait i think thats ur fax machine thing^ )
and Crambar cannot be good..
R3 - URLSearchHook: Cram Toolbar - {20929603-21DB-477C-BA6F-0B8E70B3C8A0} - C:\Program Files\Cram Toolbar\untitled.dll

and

O3 - Toolbar: Cram Toolbar - {20929603-21DB-477C-BA6F-0B8E70B3C8A0} - C:\Program Files\Cram Toolbar\untitled.dll

Dont know about anything else..

 

Try Avast, and do an at-boot if you didnt already. that can detect viruses that cannot be shut down during Windows.

 

Avast doesn't work. .. I know the best suggestion will probally be reformatt but I would hate doing that :/