Virus (Internet Virus)

cohen

cohen

New Member
Computern00b said:
almost every other site works (ESPN, YouTube, another forum I'm on, my e-mail). I don't know why but dictionary.com doesn't work either...I've tried to log on multiple times, but it hasn't worked...I would like to get this solved by 12:00 EST, otherwise I'm going to have my school's "tech lady" re-boot XP onto my laptop.
Click to expand...

OK - do a system restore till 2 weeks ago...

Do you know how to do a system restore???
 
cohen

cohen

New Member
Computern00b said:
How do I do that???

If I can't do it in 30 min, then I'm just gonna have my school's "computer person" re-install Windows XP SP2....
Click to expand...

Well if i can't fix i reinstalled XP on my old comp... but a system repair is when you repair windows - put the XP disc in and then boot off the disc and hit repair windows...
 
G25r8cer

G25r8cer

Active Member
This should give you an idea of what a proper hijackthis log should look like. Thats how bad your pc is junked up. You should take care of your pc man. Here's my clean log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:25:37 AM, on 5/19/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Logitech\Gaming Software\LWEMon.exe
C:\hp\kbd\kbd.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\PROGRA~2\Stardock\XGF\XGFRuntimeServer.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Users\Spicka\AppData\Local\Temp\{CD9481C6-C039-407F-9A0F-A0F455C5AADA}\Sirus Clock.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Windows\system32\jusched.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\DllHost.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Logitech Gaming Software.lnk = ?
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: mental ray 3.5 Satellite (32-bit) (mi-raysat_3dsmax9_32) - Unknown owner - C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software GmbH - C:\Windows\System32\TuneUpDefragService.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 3286 bytes
 
C

Computern00b

New Member
Here's what's happening now...

The Internet problem (mostly): fixed
I can use the sites I couldn't on FF and IE7, and although I'm still having pop-up problems (which I still need help getting rid of), it's working alright...

Clock issue (military time): Fixed
 
G25r8cer

G25r8cer

Active Member
Combofix changes the time to military time on purpose and is supposed to do that. Did you change it back while combofix was running?
 
C

Computern00b

New Member
g25racer said:
Combofix changes the time to military time on purpose and is supposed to do that. Did you change it back while combofix was running?
Click to expand...
No, I left it it military time until this morning, and I had my school's tech lady change it.
HOW DO I GET RID OF THE POP-UPS???
 
G25r8cer

G25r8cer

Active Member
In IE? I would recommend until a pro gets on here again that you should download and install firefox. Then turn pop-up blocking and security all the way up! That should keep alot out.
 
C

Computern00b

New Member
g25racer said:
In IE? I would recommend until a pro gets on here again that you should download and install firefox. Then turn pop-up blocking and security all the way up! That should keep alot out.
Click to expand...

OK...
Who are the "Pros" by the way???

On another note, I think one of the reasons that my computer is so "junked up" is that I have SO MUCH on my HDD (I have 60GB total, and I have 14GB left)

...my "Downloads" (music/videos and games) is like 21GB
...I have some BIG programs on my laptop (Office 2007)(Photoshop CS3 Extended)....
and my Schoolwork folders take up a LOT of space...

ANOTHER "Question":

I have a biometric scanner (fingerprint) on my laptop, and I have a feature called "My Safe"...Until about 5 minutes ago, "My Safe" was just a locked folder in My Documents. Now it's telling me that it's a device with removable storage....any ideas on how to fix this???

*EDIT*
I figured out that if you "unlock" it, it shows it as a device with removable storage...LOL
 
cohen

cohen

New Member
Computern00b said:
OK...

On another note, I think one of the reasons that my computer is so "junked up" is that I have SO MUCH on my HDD (I have 60GB total, and I have 14GB left)

...my "Downloads" (music/videos and games) is like 21GB
...I have some BIG programs on my laptop (Office 2007)(Photoshop CS3 Extended)....
and my Schoolwork folders take up a LOT of space...
Click to expand...

Why not start fresh reinstall windows? :eek::eek::eek::eek:
 
GameMaster

GameMaster

New Member
ceewi1 said:
It appears you have a Vundo infection. If you still require assistance, please do the following:

Please visit this webpage for instructions for downloading and running ComboFix:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Post the log from ComboFix when you've accomplished that, along with a new HijackThis log.
Click to expand...

Now, ceewi1's the pro, for example, and if you need help I assure you that it' s safe to listen to what he says.
I didn't see a combo fix report, maybe you have some alternative problems?
 
G25r8cer

G25r8cer

Active Member
Your hdd could be full and that means nothing! I have a 750gb thats half full and a 320gb thats half full of all apps and my pc is clean!! Your startup and running processes is just what makes your pc JUNKED up.
 
C

Computern00b

New Member
Alright, so I thought my problem was gone...: WRONG.

The internetz works fine at my school, where there is a proxy to connect to the internet. However, when I get home (no proxy), all the standard problems begin AGAIN. Please, I'm desperate for a solution.
 
ceewi1

ceewi1

VIP Member
Post the log that ComboFix produced, it should be located at C:\ComboFix.txt. If it's not there, try running ComboFix again. Also post a new HijackThis log.
 
You must log in or register to reply here.
Top