Could this be a virus?? HELP!
-
- Registered User
- Posts: 426
- Joined: 08 Feb 2004, 02:00
- Location: Heaven
- Contact:
Could this be a virus?? HELP!
On the laptop. I lost all means of connections to the internet. I can't dial up because its been greyed out in the "add a new connections" tab. Windows takes roughly 5 minutes to start (after logging in, it stays on the backfround with nothing popping up)
I used to use my home lan to access internet with the laptop, but that is out as well....can't pick anything up. My Kaspersky says some proctection service couldn't start, but its updated yesterday, so definitions should be pretty new. The only new program I downloaded and installed was a boot screen from themexp.org, which had some spyware Kaspersky warned called NewDotCom....
Please, if someone know this symtom and have a solution, please let me know.
HH
I used to use my home lan to access internet with the laptop, but that is out as well....can't pick anything up. My Kaspersky says some proctection service couldn't start, but its updated yesterday, so definitions should be pretty new. The only new program I downloaded and installed was a boot screen from themexp.org, which had some spyware Kaspersky warned called NewDotCom....
Please, if someone know this symtom and have a solution, please let me know.
HH
DotA Schedules, Replays, Guides and all round DotA fun at my site
Challenge My Brute
PC Format ZA Brute Clan - Click to Join
when joining a clan, http://YOUR NAME.mybrute.com/team/6590 is a safer proof way
Challenge My Brute
PC Format ZA Brute Clan - Click to Join
when joining a clan, http://YOUR NAME.mybrute.com/team/6590 is a safer proof way
-
- Moderator Emeritus
- Posts: 5547
- Joined: 21 Dec 2002, 02:00
- Processor: i7 3770k
- Motherboard: ASUS P8P67-Pro
- Graphics card: 2xNvidia GTX670
- Memory: 16 GB Gskill Sniper
- Location: In SQL Space inserting 'null' on purpose
- Contact:
Do me a favour, install and rund this application quickly:
Hijackthis
Then post the log here.. then we can see if we can help
*edit* also maybe change the proportions of your signature.
Hijackthis
Then post the log here.. then we can see if we can help
*edit* also maybe change the proportions of your signature.
Last edited by Anthro on 22 Feb 2007, 16:46, edited 1 time in total.
Temporary Absence
-
- Registered User
- Posts: 426
- Joined: 08 Feb 2004, 02:00
- Location: Heaven
- Contact:
Log file from HIJACKTHIS
Logfile of HijackThis v1.99.1
Scan saved at 17:15:11, on 2007-2-22
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Temp\HijackThis.exe
O2 - BHO: URLLink Class - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} - C:\Program Files\NewDotNet\newdotnet6_38.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: TGTSoft Explorer Toolbar Changer - {C333CF63-767F-4831-94AC-E683D962C63C} - C:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdmcks.dll
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O8 - Extra context menu item: ???QQ?? - C:\Program Files\Tencent\QQ\AddEmotion.htm
O8 - Extra context menu item: ???QQ???? - C:\Program Files\Tencent\QQ\AddToNetDisk.htm
O8 - Extra context menu item: ???QQ????? - C:\Program Files\Tencent\QQ\AddPanel.htm
O8 - Extra context menu item: ?QQ??????? - C:\Program Files\Tencent\QQ\SendMMS.htm
O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: 上传到QQ网络硬盘 - C:\Program Files\Tencent\QQ\AddToNetDisk.htm
O8 - Extra context menu item: 添加到QQ自定义面板 - C:\Program Files\Tencent\QQ\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - C:\Program Files\Tencent\QQ\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - C:\Program Files\Tencent\QQ\SendMMS.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\Program Files\Tencent\QQ\QQ.EXE
O9 - Extra 'Tools' menuitem: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\Program Files\Tencent\QQ\QQ.EXE
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Broken Internet access because of LSP chain gap (#4 in chain of 4 missing)
O17 - HKLM\System\CCS\Services\Tcpip\..\{EFB3CFF7-F648-44CF-8DAA-C3749E1E2473}: NameServer = 196.44.128.146,196.44.136.162
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\Shared\hpqwmi.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
Logfile of HijackThis v1.99.1
Scan saved at 17:15:11, on 2007-2-22
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Temp\HijackThis.exe
O2 - BHO: URLLink Class - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} - C:\Program Files\NewDotNet\newdotnet6_38.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: TGTSoft Explorer Toolbar Changer - {C333CF63-767F-4831-94AC-E683D962C63C} - C:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdmcks.dll
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O8 - Extra context menu item: ???QQ?? - C:\Program Files\Tencent\QQ\AddEmotion.htm
O8 - Extra context menu item: ???QQ???? - C:\Program Files\Tencent\QQ\AddToNetDisk.htm
O8 - Extra context menu item: ???QQ????? - C:\Program Files\Tencent\QQ\AddPanel.htm
O8 - Extra context menu item: ?QQ??????? - C:\Program Files\Tencent\QQ\SendMMS.htm
O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: 上传到QQ网络硬盘 - C:\Program Files\Tencent\QQ\AddToNetDisk.htm
O8 - Extra context menu item: 添加到QQ自定义面板 - C:\Program Files\Tencent\QQ\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - C:\Program Files\Tencent\QQ\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - C:\Program Files\Tencent\QQ\SendMMS.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\Program Files\Tencent\QQ\QQ.EXE
O9 - Extra 'Tools' menuitem: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\Program Files\Tencent\QQ\QQ.EXE
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Broken Internet access because of LSP chain gap (#4 in chain of 4 missing)
O17 - HKLM\System\CCS\Services\Tcpip\..\{EFB3CFF7-F648-44CF-8DAA-C3749E1E2473}: NameServer = 196.44.128.146,196.44.136.162
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\Shared\hpqwmi.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
DotA Schedules, Replays, Guides and all round DotA fun at my site
Challenge My Brute
PC Format ZA Brute Clan - Click to Join
when joining a clan, http://YOUR NAME.mybrute.com/team/6590 is a safer proof way
Challenge My Brute
PC Format ZA Brute Clan - Click to Join
when joining a clan, http://YOUR NAME.mybrute.com/team/6590 is a safer proof way
wow...all I can say is that once Windows has reached a level like that...the only thing which can save it (IMO) is a format.
So thats what I would do. Iv had that happen to me quite often when I use using dodgy things.
Also after a format, dont install Kaspersky, try Avast (PRO preferably). I installed Kaspersky last night and all and all I can say is that I dont trust it!
Also ZoneAlarm is a very good firewall..use it! (the free one or Pro) also dont get the BETA ZoneAlarms
So thats what I would do. Iv had that happen to me quite often when I use using dodgy things.
Also after a format, dont install Kaspersky, try Avast (PRO preferably). I installed Kaspersky last night and all and all I can say is that I dont trust it!
Also ZoneAlarm is a very good firewall..use it! (the free one or Pro) also dont get the BETA ZoneAlarms
“The true bare of any man is his willingness to accept the consequences of his actions.” - iser0073
- Spoiler (show)
- hamin_aus
- Forum Moderator
- Posts: 18363
- Joined: 28 Aug 2003, 02:00
- Processor: Intel i7 3770K
- Motherboard: GA-Z77X-UP4 TH
- Graphics card: Galax GTX1080
- Memory: 32GB G.Skill Ripjaws
- Location: Where beer does flow and men chunder
- Contact:
O10 - Broken Internet access because of LSP chain gap (#4 in chain of 4 missing)
Thats why you cant connect.
Download and run LSPFix and see if that doesn't help.
You might also want to download AdAware and sort this out...O2 - BHO: URLLink Class - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} - C:\Program Files\NewDotNet\newdotnet6_38.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
-
- Registered User
- Posts: 426
- Joined: 08 Feb 2004, 02:00
- Location: Heaven
- Contact:
......while waiting for the replies, I repair installed windows.....still don't work :'(
I'll try the LSPFix
I'll try the LSPFix
DotA Schedules, Replays, Guides and all round DotA fun at my site
Challenge My Brute
PC Format ZA Brute Clan - Click to Join
when joining a clan, http://YOUR NAME.mybrute.com/team/6590 is a safer proof way
Challenge My Brute
PC Format ZA Brute Clan - Click to Join
when joining a clan, http://YOUR NAME.mybrute.com/team/6590 is a safer proof way
-
- Registered User
- Posts: 426
- Joined: 08 Feb 2004, 02:00
- Location: Heaven
- Contact:
LSPFix rocks!!!! It actually did it ^_^ Just run it and restarted the PC
Btw I really like Kaspersky....so gonna reinstall that and NEVER EVER download stuff from themexp.org again!!!!!!!!!!!!!
Oh another thing, what you looking at is a very recent installation of windows + I got nothing on it that is useless.....its a laptop for work
Btw I really like Kaspersky....so gonna reinstall that and NEVER EVER download stuff from themexp.org again!!!!!!!!!!!!!
Oh another thing, what you looking at is a very recent installation of windows + I got nothing on it that is useless.....its a laptop for work
DotA Schedules, Replays, Guides and all round DotA fun at my site
Challenge My Brute
PC Format ZA Brute Clan - Click to Join
when joining a clan, http://YOUR NAME.mybrute.com/team/6590 is a safer proof way
Challenge My Brute
PC Format ZA Brute Clan - Click to Join
when joining a clan, http://YOUR NAME.mybrute.com/team/6590 is a safer proof way
-
- Registered User
- Posts: 426
- Joined: 08 Feb 2004, 02:00
- Location: Heaven
- Contact:
Hey thx buddy ^_^
Ya it was Chinese New Year last Sunday ^_^
Ya it was Chinese New Year last Sunday ^_^
DotA Schedules, Replays, Guides and all round DotA fun at my site
Challenge My Brute
PC Format ZA Brute Clan - Click to Join
when joining a clan, http://YOUR NAME.mybrute.com/team/6590 is a safer proof way
Challenge My Brute
PC Format ZA Brute Clan - Click to Join
when joining a clan, http://YOUR NAME.mybrute.com/team/6590 is a safer proof way