Jeff
Supporting Actor
- Joined
- Jun 30, 1997
- Messages
- 949
It seems like every single day I have new Spyware on my PC. I just can't keep up with it. I only go to mainstream sites and I still get it. I used to be able to deal with it with no difficulty but now it's just getting out of control. I won't even remove it from friends computers anymore since I can't deal with my own situation.
Anyway, the latest and greatest thing I have is my browser defaulting to a web page called "Find the web site you need". For the moment, it's not doing this but it will come back with a couple of reboots of my PC. I also have popup ads that come up when I go to just about any web site and I know they aren't initiated from those sites. Neither Ad-Aware, Spybot nor Hijack This will get rid of it. That's another thing too, these programs are increasingly becoming useless with some of the stuff I get. I had something called sysupd.exe that was just slowing my PC to a crawl. Nothing could get rid of it, so I ended up doing it manually which took quite awhile.
Anyway, is there anything else I can run to get rid of these popups and my default web page problem? Here is my Hijack This log. You'll notice that "Find the web site you need" entry. Usually I have more entries than that and deleting it does nothing as it's all back in the next one to two reboots.
Thanks,
Jeff
Logfile of HijackThis v1.97.3
Scan saved at 2:55:50 PM, on 5/25/2004
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C
rogram FilesCommon FilesSymantec SharedccEvtMgr.exe
C:WINDOWSExplorer.EXE
CROGRA~1LogitechMOUSEW~1SYSTEMEM_EXEC.EXE
Crogram FilesNorton AntiVirusnavapsvc.exe
Crogram FilesNorton AntiVirusAdvToolsNPROTECT.EXE
Crogram FilesCommon FilesRealUpdate_OBevntsvc.exe
Crogram FilesCommon FilesSymantec SharedccApp.exe
C:WINDOWSSystem32nvsvc32.exe
C:WINDOWSSystem32spoolDRIVERSW32X863E_S09IC 1.EXE
C:WINDOWSSystem32beptaokf.exe
Crogram FilestgtsoftStyleXPstylexp.exe
C:WINDOWSSystem32svchost.exe
Crogram FilesInternet Exploreriexplore.exe
Cocuments and SettingsMajestykDesktopHijackThis.exe
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant = http://searchbar.findthewebsiteyouneed.com
R3 - URLSearchHook: IncrediFindBHO Class - {5D60FF48-95BE-4956-B4C6-6BB168A70310} - CROGRA~1INCRED~1BHOINCFIN~1.DLL
O2 - BHO: (no name) - {000020DD-C72E-4113-AF77-DD56626C6C42} - C:WINDOWStwaintec.dll
O2 - BHO: (no name) - {01F44A8A-8C97-4325-A378-76E68DC4AB2E} - C:WINDOWSsystb.dll (file missing)
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - Crogram FilesAdobeAcrobat 5.0ReaderActiveXAcroIEHelper.ocx
O2 - BHO: NavErrRedir Class - {5D60FF48-95BE-4956-B4C6-6BB168A70310} - CROGRA~1INCRED~1BHOINCFIN~1.DLL
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - Crogram FilesNorton AntiVirusNavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:WINDOWSSystem32msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - Crogram FilesNorton AntiVirusNavShExt.dll
O3 - Toolbar: (no name) - {2CDE1A7D-A478-4291-BF31-E1B4C16F92EB} - (no file)
O4 - HKLM..Run: [EM_EXEC] CROGRA~1LogitechMOUSEW~1SYSTEMEM_EXEC.EXE
O4 - HKLM..Run: [NeroCheck] C:WINDOWSsystem32NeroCheck.exe
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM..Run: [nwiz] nwiz.exe /install
O4 - HKLM..Run: [SiSUSBRG] C:WINDOWSSiSUSBrg.exe
O4 - HKLM..Run: [NVCLOCK] rundll32 nvclock.dll,fnNvclock
O4 - HKLM..Run: [QuickTime Task] "Crogram FilesQuickTimeqttask.exe" -atboottime
O4 - HKLM..Run: [TkBellExe] Crogram FilesCommon FilesRealUpdate_OBevntsvc.exe -osboot
O4 - HKLM..Run: [ccApp] "Crogram FilesCommon FilesSymantec SharedccApp.exe"
O4 - HKLM..Run: [ccRegVfy] "Crogram FilesCommon FilesSymantec SharedccRegVfy.exe"
O4 - HKLM..Run: [Advanced Tools Check] CROGRA~1NORTON~1AdvToolsADVCHK.EXE
O4 - HKLM..Run: [EPSON Stylus C44 Series] C:WINDOWSSystem32spoolDRIVERSW32X863E_S09IC 1.EXE /P23 "EPSON Stylus C44 Series" /O6 "USB001" /M "Stylus C44"
O4 - HKLM..Run: [easywww] C:windowseasywww2.exe
O4 - HKLM..Run: [alchem] C:WINDOWSalchem.exe
O4 - HKLM..Run: [nloakeonmww] C:WINDOWSSystem32beptaokf.exe
O4 - HKCU..Run: [STYLEXP] Crogram FilestgtsoftStyleXPstylexp.exe -Hide
O4 - Global Startup: Microsoft Office.lnk = Crogram FilesMicrosoft OfficeOffice10OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://CROGRA~1MICROS~2Office10EXCEL.EXE/3000
O9 - Extra button: ICQ Lite (HKLM)
O9 - Extra 'Tools' menuitem: ICQ Lite (HKLM)
O12 - Plugin for .spop: Crogram FilesInternet ExplorerPluginsNPDocBox.dll
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/...eInstaller.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/s...sh/swflash.cab
Anyway, the latest and greatest thing I have is my browser defaulting to a web page called "Find the web site you need". For the moment, it's not doing this but it will come back with a couple of reboots of my PC. I also have popup ads that come up when I go to just about any web site and I know they aren't initiated from those sites. Neither Ad-Aware, Spybot nor Hijack This will get rid of it. That's another thing too, these programs are increasingly becoming useless with some of the stuff I get. I had something called sysupd.exe that was just slowing my PC to a crawl. Nothing could get rid of it, so I ended up doing it manually which took quite awhile.
Anyway, is there anything else I can run to get rid of these popups and my default web page problem? Here is my Hijack This log. You'll notice that "Find the web site you need" entry. Usually I have more entries than that and deleting it does nothing as it's all back in the next one to two reboots.
Thanks,
Jeff
Logfile of HijackThis v1.97.3
Scan saved at 2:55:50 PM, on 5/25/2004
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C
rogram FilesCommon FilesSymantec SharedccEvtMgr.exeC:WINDOWSExplorer.EXE
C
ROGRA~1LogitechMOUSEW~1SYSTEMEM_EXEC.EXEC
rogram FilesNorton AntiVirusnavapsvc.exeC
rogram FilesNorton AntiVirusAdvToolsNPROTECT.EXEC
rogram FilesCommon FilesRealUpdate_OBevntsvc.exeC
rogram FilesCommon FilesSymantec SharedccApp.exeC:WINDOWSSystem32nvsvc32.exe
C:WINDOWSSystem32spoolDRIVERSW32X863E_S09IC 1.EXE
C:WINDOWSSystem32beptaokf.exe
C
rogram FilestgtsoftStyleXPstylexp.exeC:WINDOWSSystem32svchost.exe
C
rogram FilesInternet Exploreriexplore.exeC
ocuments and SettingsMajestykDesktopHijackThis.exeR0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant = http://searchbar.findthewebsiteyouneed.com
R3 - URLSearchHook: IncrediFindBHO Class - {5D60FF48-95BE-4956-B4C6-6BB168A70310} - C
ROGRA~1INCRED~1BHOINCFIN~1.DLLO2 - BHO: (no name) - {000020DD-C72E-4113-AF77-DD56626C6C42} - C:WINDOWStwaintec.dll
O2 - BHO: (no name) - {01F44A8A-8C97-4325-A378-76E68DC4AB2E} - C:WINDOWSsystb.dll (file missing)
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C
rogram FilesAdobeAcrobat 5.0ReaderActiveXAcroIEHelper.ocxO2 - BHO: NavErrRedir Class - {5D60FF48-95BE-4956-B4C6-6BB168A70310} - C
ROGRA~1INCRED~1BHOINCFIN~1.DLLO2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C
rogram FilesNorton AntiVirusNavShExt.dllO3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:WINDOWSSystem32msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C
rogram FilesNorton AntiVirusNavShExt.dllO3 - Toolbar: (no name) - {2CDE1A7D-A478-4291-BF31-E1B4C16F92EB} - (no file)
O4 - HKLM..Run: [EM_EXEC] C
ROGRA~1LogitechMOUSEW~1SYSTEMEM_EXEC.EXEO4 - HKLM..Run: [NeroCheck] C:WINDOWSsystem32NeroCheck.exe
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM..Run: [nwiz] nwiz.exe /install
O4 - HKLM..Run: [SiSUSBRG] C:WINDOWSSiSUSBrg.exe
O4 - HKLM..Run: [NVCLOCK] rundll32 nvclock.dll,fnNvclock
O4 - HKLM..Run: [QuickTime Task] "C
rogram FilesQuickTimeqttask.exe" -atboottimeO4 - HKLM..Run: [TkBellExe] C
rogram FilesCommon FilesRealUpdate_OBevntsvc.exe -osbootO4 - HKLM..Run: [ccApp] "C
rogram FilesCommon FilesSymantec SharedccApp.exe"O4 - HKLM..Run: [ccRegVfy] "C
rogram FilesCommon FilesSymantec SharedccRegVfy.exe"O4 - HKLM..Run: [Advanced Tools Check] C
ROGRA~1NORTON~1AdvToolsADVCHK.EXEO4 - HKLM..Run: [EPSON Stylus C44 Series] C:WINDOWSSystem32spoolDRIVERSW32X863E_S09IC 1.EXE /P23 "EPSON Stylus C44 Series" /O6 "USB001" /M "Stylus C44"
O4 - HKLM..Run: [easywww] C:windowseasywww2.exe
O4 - HKLM..Run: [alchem] C:WINDOWSalchem.exe
O4 - HKLM..Run: [nloakeonmww] C:WINDOWSSystem32beptaokf.exe
O4 - HKCU..Run: [STYLEXP] C
rogram FilestgtsoftStyleXPstylexp.exe -HideO4 - Global Startup: Microsoft Office.lnk = C
rogram FilesMicrosoft OfficeOffice10OSA.EXEO8 - Extra context menu item: E&xport to Microsoft Excel - res://C
ROGRA~1MICROS~2Office10EXCEL.EXE/3000O9 - Extra button: ICQ Lite (HKLM)
O9 - Extra 'Tools' menuitem: ICQ Lite (HKLM)
O12 - Plugin for .spop: C
rogram FilesInternet ExplorerPluginsNPDocBox.dllO16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/...eInstaller.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/s...sh/swflash.cab
