| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 55184 | 2005-03-05 00:19:00 | Wierd Popup during startup | LilAznHobo (7513) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 330728 | 2005-03-05 20:52:00 | ok i removed windows messanger...i didnt want it in the first place..ok how do i remove cisvc.exe. and i dont have norton internet security or firewall...i have norton antivirus. and yes i have the latest version of zone alarm... Do you know why my icon keeps changing and doesnt open? error = (filename).lnk is missing and couldnot open, all .exe, .bat, .dat, .dll couldnt open either... Logfile of HijackThis v1.99.1 Scan saved at 2:45:49 PM, on 3/5/2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\WINDOWS\system32\CTsvcCDA.EXE C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe C:\Program Files\Norton AntiVirus\navapsvc.exe C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe C:\WINDOWS\system32\MsPMSPSv.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\Program Files\Norton AntiVirus\SAVScan.exe C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Aware.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Documents and Settings\Tai Nguyen\Local Settings\Temp\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.dell4me.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file) O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKCU\..\Run: [AIM] C:\PROGRA~1\AIM\aim.exe -cnetwait.odl O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Digital Line Detect.lnk = ? O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRA~1\AIM\aim.exe O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - download.mcafee.com O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - by102fd.bay102.hotmail.msn.com O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - download.mcafee.com O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - download.macromedia.com O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE O23 - Service: dlbu_device - Dell - C:\WINDOWS\system32\dlbucoms.exe O23 - Service: IAA Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs LLC - C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe |
LilAznHobo (7513) | ||
| 330729 | 2005-03-05 21:21:00 | Umm this C:\WINDOWS\system32\CTsvcCDA.EXE Have u got a creative cd?? Or something?? This file has something to do with a creative cd, BUT according to Google, it is also spyware. Have u got a Creative Soundblaster Audigy soundcard?? |
Speedy Gonzales (78) | ||
| 330730 | 2005-03-05 21:22:00 | O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll suspicious also it looks like ZA mailsafe is turned on. turn it off as it will conflict with nortons antvirus. 16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - download.mcafee.com possibly unneeded O4 - Global Startup: Digital Line Detect.lnk = ? proberly the thing at startup. your dsl modem software seems to have a bit removed. |
tweak'e (69) | ||
| 330731 | 2005-03-05 21:36:00 | ok i have turned off zone alarm mail safe...and yes i do have creative soundblaster 24bit...now does anyone know how to get rid of tat pop up with the chinese lettering?( i posted some pictures a few post ago.) did i change something in the registry ? possible the .ink files or .exe becuase those r the only two registry i touched.. ok i will remove the mcafee thing because it was a trial and what do u mean by this "your dsl modem software seems to have a bit removed." -thnxs | LilAznHobo (7513) | ||
| 330732 | 2005-03-05 21:53:00 | O4 - Global Startup: Digital Line Detect.lnk = ? if i remeber correctly digital line detect is part of the software for pci/usb modems. in your case the link dosn't seem to go to a file at all, hence something is possibly broken or uninstalled. btw do you have hide file settings turned off? |
tweak'e (69) | ||
| 330733 | 2005-03-06 00:50:00 | o00o0o so how would i reinstall this digital line detect? and i have hiddne file turn on so i can c them....what should i do now smart one..? | LilAznHobo (7513) | ||
| 330734 | 2005-03-06 02:21:00 | This O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe I have a feeling has something to do with it. This is part of Adobe Photoshop CS, (to do with its activation). And I think it runs in the background, examines your hardware for any changes (like XP), and will ask you to re-activate it if it notices any changes. This file is also used to MAKE SURE you're not using a pirated version of Photoshop CS. And I think it also "phones home" if u give it access to the net. Have u got Photoshop CS installed, and is it a "legal version"? |
Speedy Gonzales (78) | ||
| 330735 | 2005-03-06 04:13:00 | it might be adobe, but i dont think it is because i downloaded adobe when i just receive my comp, and this message happen 6 months after. and it might be legal, just wondering what happen if it is a il "legal version." | LilAznHobo (7513) | ||
| 330736 | 2005-03-06 05:02:00 | . . . . well i got that fix by replacing some registry and using a program to fix the . exe files . . . did i change something in the registry ? possible the . ink files or . exe becuase those r the only two registry i touched . . Might pay to let us know exactly what you "replaced" or fiddled with in the registry and what program you used to "fix the . exe files" . o00o0o so how would i reinstall this digital line detect? Do you have an installation disc from your internet provider? |
FoxyMX (5) | ||
| 1 2 | |||||