| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 62511 | 2005-10-10 05:17:00 | help outlook express wont download emails!!! | lisamarie01 (6731) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 394926 | 2005-10-12 04:43:00 | Did you resolve this (forums.pcworld.co.nz) now it has stopped working again. It would be easy to say ditch all your Norton products, spend $70 for NOD32, it will fix your spy/virus problems and stop you getting any more. |
Rob99 (151) | ||
| 394927 | 2005-10-12 04:50:00 | Well no . Even if someone has an AV program, just because its installed, doesnt mean it doesnt / wont work . Some people dont even scan with AV programs even if they're installed . After they've downloaded something . So, whats the point of installing an AV program, in the first place? Its ok updating them, but people have to remember to scan files etc as well . And wonder why they get things like adware/spyware/viruses etc . Or they dont / cant be bothered updating XP (if they use it) . They've only got themselves to blame . |
Speedy Gonzales (78) | ||
| 394928 | 2005-10-12 04:53:00 | Did you resolve this (forums.pcworld.co.nz) now it has stopped working again. It would be easy to say ditch all your Norton products, spend $70 for NOD32, it will fix your spy/virus problems and stop you getting any more. I get the impression that he likes Norton,what can you say? |
Cicero (40) | ||
| 394929 | 2005-10-12 05:03:00 | With a good AV program you hardly ever need to do a scan, maybe when you first install it, then maybe monthly or when you suspect something a-miss. A good AV program will be light on system resorces and stop spy/mailware/virus/trogens/you name it, even ones that dont have a name yet known as "In the wild" virus. This person has been using the best Norton has to offer, look were they are now , a computer filled with trogens/virus/spyware again. I feel sorry for the person envolved, but hopefully every one can learn just how BAD norton is. |
Rob99 (151) | ||
| 394930 | 2005-10-12 09:17:00 | thanks everyone for all your help, i have looked over the hijackthis scan that it brought up like 10 times and cannot find the first one you wanted me to check "C:\WINDOWS\system32\sysxp.exe" but it comes up in the log where do i delete it from if i cant get it from the scan where i can tick it and click on the fix checked part? | lisamarie01 (6731) | ||
| 394931 | 2005-10-12 09:29:00 | I would also get ccleaner . http://www . ccleaner . com This is free, and clean the temp files etc off your system . And download this . symantec . com/avcenter/venc/data/w32 . beagle@mm . removal . tool . html" target="_blank">securityresponse . symantec . com . symantec . com/avcenter/FxBeagle . exe" target="_blank">securityresponse . symantec . com Run the removal tool . It'll fix it for you . |
Speedy Gonzales (78) | ||
| 394932 | 2005-10-12 12:21:00 | heya speedy gonzalas dont supposed you live in hamilton do you? lol this computer is driving me nuts, well ive done all sugested above, deleted all the files, ran ccleaner and gone thru all that you mentioned also gotten rid of the file by going in in safe mode and deleting it rebooted , just came back online and same problem still exists, nortons premier and internet security starts up when i start my computer, i connect to internet , open outlook express it downloads my email, then after about 5-10 mins systemworks and internet security closes by themselves and i click on send/recieve on outlook and it says the same error it had before, if i leave it a bit longer outlook express then closes aswell. any more sugestions? , thanks again | lisamarie01 (6731) | ||
| 394933 | 2005-10-12 13:20:00 | As Speedy mentioned before C:\WINDOWS\system32\lrdsvr.exe C:\WINDOWS\system32\intdrv.exe Are a bit suss. Tick the above ones, and reboot.Are they still in your log. If so see if you can boot into Safe mode to remove them. Having them on your computer will mess with your Anti-virus program and internet connection. |
Rob99 (151) | ||
| 394934 | 2005-10-13 01:53:00 | ok have deleted them off the system, the sysxp one keeps comming back tho, i think its gone now cant see it in the log, still having the same problem tho hasnt helped still closes down and wont download emails. here is the log after i have deleted files mentioned above, is there more i should delete? thanks Logfile of HijackThis v1.99.1 Scan saved at 2:47:24 PM, on 13/10/2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\drivers\CDAC11BA.EXE C:\Program Files\Common Files\Symantec Shared\ccProxy.exe C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe C:\WINDOWS\System32\GEARSec.exe C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe C:\Program Files\Norton SystemWorks\Norton Ghost\Agent\PQV2iSvc.exe C:\PROGRA~1\NORTON~1\NORTON~3\NPROTECT.EXE C:\PROGRA~1\NORTON~1\NORTON~3\SPEEDD~1\NOPDB.EXE C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe C:\WINDOWS\Explorer.EXE C:\hp\drivers\keyboard\PS2.EXE C:\WINDOWS\System32\taskswitch.exe C:\PROGRA~1\ACDSYS~1\DEVDET~1\DEVDET~1.EXE C:\PROGRA~1\rqrppxux\bcgFCcBN.exe C:\WINDOWS\system32\wuauclt.exe C:\PROGRA~1\rqrppxux\NBcCFgcb.exe C:\Program Files\Common Files\Totem Shared\Uninstall0001\upd.exe C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe C:\Program Files\Media Access\MediaAccK.exe C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe C:\Program Files\Media Access\MediaAccess.exe C:\Program Files\Outlook Express\msimn.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Netscape\Netscape Browser\netscape.exe C:\PROGRA~1\WINZIP\winzip32.exe C:\Documents and Settings\Owner\Local Settings\Temp\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = web.dqvisdknkjngwbusmlu.com duupxQ6EifYm0i.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.trademe.co.nz R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,(Default) = about:blank R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyServer = http=localhost:4098 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = localhost R3 - URLSearchHook: (no name) - {0199DF25-9820-4bd5-9FEE-5A765AB4371E} - (no file) N3 - Netscape 7: user_pref("browser.startup.homepage", "www.trademe.co.nz"); (C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\iict9w0q.slt\prefs.j s) N3 - Netscape 7: user_pref("browser.search.defaultengine", ""); (C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\iict9w0q.slt\prefs.j s) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: (no name) - {2804285D-3F45-5390-9BFD-525402CC2176} - (no file) O2 - BHO: (no name) - {8AAC67CA-1232-BEBA-B639-0BDD546C5B33} - (no file) O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll O2 - BHO: (no name) - {CDEEC43D-3572-4E95-A2A5-F519D29F00C0} - (no file) O2 - BHO: (no name) - {D80C4E21-C346-4E21-8E64-20746AA20AEB} - (no file) O2 - BHO: (no name) - {E14DCE67-8FB7-4721-8149-179BAA4D792C} - (no file) O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe O4 - HKLM\..\Run: [PS2] C:\hp\drivers\keyboard\PS2.EXE O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\System32\taskswitch.exe O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program Files\Norton Internet Security Professional\UrlLstCk.exe O4 - HKLM\..\Run: [Camera Detector] C:\PROGRA~1\ACDSYS~1\DEVDET~1\DEVDET~1.EXE -autorun O4 - HKLM\..\Run: [LogonStudio] "C:\Program Files\WinCustomize\LogonStudio\logonstudio.exe" /RANDOM O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm O8 - Extra context menu item: &Search - bar.mywebsearch.com O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL O12 - Plugin for .exe: C:\Program Files\Netscape\Netscape Browser\PLUGINS\npfd.dll O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O12 - Plugin for .xml: C:\Program Files\Netscape\Netscape Browser\PLUGINS\npTrident.dll O12 - Plugin for .z01: C:\Program Files\Netscape\Netscape Browser\PLUGINS\npfd.dll O12 - Plugin for .z02: C:\Program Files\Netscape\Netscape Browser\PLUGINS\npfd.dll O14 - IERESET.INF: START_PAGE_URL=http://www.xtra.co.nz O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - messenger.zone.msn.com O16 - DPF: {01010E00-5E80-11D8-9E86-0007E96C65AE} (SupportSoft SmartIssue) - www.symantec.com O16 - DPF: {01012101-5E80-11D8-9E86-0007E96C65AE} (SupportSoft Script Runner Class) - www.symantec.com O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - go.microsoft.com O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - www.symantec.com O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - messenger.zone.msn.com O16 - DPF: {42F2C9BA-614F-47C0-B3E3-ECFD34EED658} - www.ysbweb.com O16 - DPF: {50F65670-1729-11D2-A51F-0020AFE5D502} (ForumChat) - forumchat.compuserve.com O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - software-dl.real.com O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - messenger.zone.msn.com O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} - www.napster.com O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - messenger.msn.com O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - zone.msn.com O16 - DPF: {C6E43B37-19DF-4F36-AA7F-55B46032588C} (FotopostWeb.CustomerUploader) - fotopost.co.nz O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - www.symantec.com O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - anu.popcap.com O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - chat.msn.com O16 - DPF: {F5C90925-ABBF-4475-88F5-8622B452BA9E} (Compaq System Data Class) - h20179.www2.hp.com O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - messenger.zone.msn.com O16 - DPF: {F9043C85-F6F2-101A-A3C9-08002B2F49FB} (Microsoft Common Dialog Control, version 6.0) - activex.microsoft.com O16 - DPF: {FFFF0003-0001-101A-A3C9-08002B23E0CC} - direct.data-line.us O17 - HKLM\System\CCS\Services\Tcpip\..\{8CE0ACB4-98DC-490C-87A9-D78F60E15DD3}: NameServer = 202.27.158.40 202.27.156.72 O17 - HKLM\System\CCS\Services\Tcpip\..\{ED8F58E6-E875-49D4-AF88-CAE9DF886C1D}: NameServer = 192.168.1.200 O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O20 - Winlogon Notify: WB - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\fastload.dl l O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - C:\WINDOWS\system32\drivers\CDAC11BA.EXE O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: FGKEY - Unknown owner - C:\MYSHAR~1\FOLDER~1.3_S\FGKEY.EXE (file missing) O23 - Service: GBPoll - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Ghost\Agent\PQV2iSvc.exe O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\IWP\NPFMntor.exe O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~3\NPROTECT.EXE O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~3\SPEEDD~1\NOPDB.EXE O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe |
lisamarie01 (6731) | ||
| 394935 | 2005-10-13 02:09:00 | These need ticking C:\Program Files\Common Files\Totem Shared\Uninstall0001\upd.exe C:\Program Files\Media Access\MediaAccK.exe C:\Program Files\Media Access\MediaAccess.exe R3 - URLSearchHook: (no name) - {0199DF25-9820-4bd5-9FEE-5A765AB4371E} - (no file) O2 - BHO: (no name) - {2804285D-3F45-5390-9BFD-525402CC2176} - (no file) O2 - BHO: (no name) - {8AAC67CA-1232-BEBA-B639-0BDD546C5B33} - (no file) O2 - BHO: (no name) - {CDEEC43D-3572-4E95-A2A5-F519D29F00C0} - (no file) O2 - BHO: (no name) - {D80C4E21-C346-4E21-8E64-20746AA20AEB} - (no file) O2 - BHO: (no name) - {E14DCE67-8FB7-4721-8149-179BAA4D792C} - (no file) O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm O8 - Extra context menu item: &Search - bar.mywebsearch.com See if Mywebsearch, or similar, is in add/remove programs. If its there uninstall it. O16 - DPF: {42F2C9BA-614F-47C0-B3E3-ECFD34EED658} - www.ysbweb.com O16 - DPF: {FFFF0003-0001-101A-A3C9-08002B23E0CC} - direct.data-line.us O23 - Service: FGKEY - Unknown owner - C:\MYSHAR~1\FOLDER~1.3_S\FGKEY.EXE (file missing) C:\PROGRA~1\rqrppxux\bcgFCcBN.exe C:\PROGRA~1\rqrppxux\NBcCFgcb.exe Did u run that removal tool? See if Media Access is in Add/remove programs, or something similar. If its here uninstall it. |
Speedy Gonzales (78) | ||
| 1 2 3 4 5 6 | |||||