| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 83641 | 2007-10-08 04:50:00 | virus | nerd (109) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 599231 | 2007-10-08 04:50:00 | :confused: :annoyed: i think i have a virus on my computer. when i go on the internet some pages dont load and i havew to keep clicking refresh. i tried it on firefox and on ie7 but its the same. sometimes it dosent happen a often but other times it really gets on my nerves. this has happened before but then it wouldnt go on the internet at all it would just say "page not found" :annoyed: but i got it fixed and it works fine. how do i know if i have a virus? or if it isnt one how can i stop the "page not found" thing happening?:help: |
nerd (109) | ||
| 599232 | 2007-10-08 04:59:00 | Download and run Speedy's HJT file and post the log on the forum. | winmacguy (3367) | ||
| 599233 | 2007-10-08 04:59:00 | Try cleaning your browsers cookie and cache files out... and try again.. | zcc (50) | ||
| 599234 | 2007-10-08 05:20:00 | Download and install NOD32 (http://www.eset.com/). You will get a 30 day free trial. Update the virus definitions and do a full system scan. After you have done this, download and run Hijack This (www.trendsecure.com) and post your log here. |
Bozo (8540) | ||
| 599235 | 2007-10-08 05:25:00 | when i did it it looked like this: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 6:49:11 p.m., on 8/10/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Iconize\Iconize.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\slserv.exe C:\WINDOWS\System32\svchost.exe C:\Documents and Settings\swikar rules\My Documents\Installations\ProcessExplorer\procexp.ex e C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\PROGRA~1\FREEDO~1\fdm.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\WINDOWS\system32\slrundll.exe C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE C:\Program Files\HijackThis\HijackThis.exe C:\Program Files\Symantec\LiveUpdate\AUpdate.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.nz/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = go.microsoft.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: (no name) - {0F01FF26-18F5-4613-BFD6-14DE2FBA24C3} - C:\WINDOWS\system32\ddcywtu.dll (file missing) O2 - BHO: iMeshBar BHO - {5345A7A1-805A-4923-B505-86B2FEBA3FE0} - C:\Program Files\iMeshBar\bar\1.bin\IMESHBAR.DLL (disabled by BHODemon) O2 - BHO: (no name) - {76F27232-B270-44BD-B129-F8177B046BDC} - C:\WINDOWS\system32\pmkhf.dll (file missing) O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll (disabled by BHODemon) O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\en-nz\msntb.dll O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll O3 - Toolbar: iMeshBar - {5345A7A9-805A-4923-B505-86B2FEBA3FE0} - C:\Program Files\iMeshBar\bar\1.bin\IMESHBAR.DLL (file missing) O3 - Toolbar: xtramsn - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\en-nz\msntb.dll O4 - HKLM\..\Run: [ avast! ] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files\Free Download Manager\fdm.exe" -autorun O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user') O4 - Startup: Iconize.lnk = C:\Program Files\Iconize\Iconize.exe O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm O8 - Extra context menu item: Download video with Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: Upload - {FD4E2FF8-973C-4A19-89BD-8E86B3CFCFE1} - C:\Program Files\Free Download Manager\FUM\fumiebtn.dll O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - www.crucial.com O17 - HKLM\System\CCS\Services\Tcpip\..\{B2FDEF0C-63E9-446B-8CFF-94D946FC4B04}: NameServer = 203.96.152.4 203.96.152.12 O20 - Winlogon Notify: ddcywtu - ddcywtu.dll (file missing) O20 - Winlogon Notify: pmkhf - C:\WINDOWS\system32\pmkhf.dll (file missing) O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe O24 - Desktop Component 0: (no name) - content.cometsystems.com O24 - Desktop Component 1: (no name) - www.adhb.govt.nz O24 - Desktop Component 2: (no name) - content.cometsystems.com O24 - Desktop Component 3: (no name) - content.cometsystems.com O24 - Desktop Component 4: (no name) - content.cometsystems.com -- End of file - 6795 bytes |
nerd (109) | ||
| 599236 | 2007-10-08 05:28:00 | that was before downloading nod 32 because i dont see the point of it i already have avast and thats alright isnt it? | nerd (109) | ||
| 599237 | 2007-10-08 05:56:00 | Run HJT again, tick these entries then tick fix checked Close browser/s. O2 - BHO: (no name) - {0F01FF26-18F5-4613-BFD6-14DE2FBA24C3} - C:\WINDOWS\system32\ddcywtu.dll (file missing) O2 - BHO: iMeshBar BHO - {5345A7A1-805A-4923-B505-86B2FEBA3FE0} - C:\Program Files\iMeshBar\bar\1.bin\IMESHBAR.DLL (disabled by BHODemon) O2 - BHO: (no name) - {76F27232-B270-44BD-B129-F8177B046BDC} - C:\WINDOWS\system32\pmkhf.dll (file missing) O3 - Toolbar: iMeshBar - {5345A7A9-805A-4923-B505-86B2FEBA3FE0} - C:\Program Files\iMeshBar\bar\1.bin\IMESHBAR.DLL (file missing) O20 - Winlogon Notify: ddcywtu - ddcywtu.dll (file missing) O20 - Winlogon Notify: pmkhf - C:\WINDOWS\system32\pmkhf.dll (file missing) O24 - Desktop Component 0: (no name) - content.cometsystems.com O24 - Desktop Component 1: (no name) - www.adhb.govt.nz O24 - Desktop Component 2: (no name) - content.cometsystems.com O24 - Desktop Component 3: (no name) - content.cometsystems.com O24 - Desktop Component 4: (no name) - content.cometsystems.com Uninstall ZA or whatever Symantec firewall if this is installed. They'll conflict Is Symantec Internet Security installed as well? I would also get Rogueremover and trojan remover in my sig. Update them then scan. |
Speedy Gonzales (78) | ||
| 599238 | 2007-10-08 06:01:00 | that was before downloading nod 32 because i dont see the point of it i already have avast and thats alright isnt it? :D That question could start a fight :lol: Bit like saying whats better Intel or AMD;) |
wainuitech (129) | ||
| 599239 | 2007-10-08 07:28:00 | :D That question could start a fight :lol: Bit like saying whats better Intel or AMD;) Now wait... NOD32 has been proven to..... oh what the hell.:p I can't be stuffed. NOD32 pwns. It will remove a whole lot more than Avast ever will. If your still having problems, I'd recommend you try it. |
wratterus (105) | ||
| 599240 | 2007-10-08 09:18:00 | that was before downloading nod 32 because i dont see the point of it i already have avast and thats alright isnt it? Avast ****** NOD32 will does a lot better job then Avast. |
Bozo (8540) | ||
| 1 2 | |||||