TheTechGuide Forum

General Category => Software => Topic started by: archtx on April 30, 2004, 10:57:50 AM

Title: notepad
Post by: archtx on April 30, 2004, 10:57:50 AM

Notepad is no longer in my start menu, although it shows up in the Windows folder. When I try to re-associate a file to it, it changes to Adobe Reader 5.
Here is the HijackThis log:

Logfile of HijackThis v1.96.2
Scan saved at 9:54:15 AM, on 4/30/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\System32\CTsvcCDA.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\Tablet.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\System32\CTHELPER.EXE
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Hewlett-Packard\AiO\hp officejet v series\Bin\hpoant07.exe
E:\mom's quicken\QWDLLS.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\HEWLET~1\AiO\Shared\Bin\hpoevm07.exe
C:\WINDOWS\System32\hpoipm07.exe
C:\Program Files\Hewlett-Packard\AiO\Shared\bin\hpOSTS07.exe
C:\Program Files\Hewlett-Packard\AiO\Shared\bin\hpOFXM07.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\ipxmontr.exe
C:\Documents and Settings\Owen\Local Settings\Temp\Temporary Directory 2 for hijackthis.zip\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\SPYBOT~1\SDHelper.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [AHQInit] C:\Program Files\Creative\SBLive2k\Program\AHQInit.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [POINTER] point32.exe
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [THGuard] "C:\TrojanHunter 3.8\THGuard.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [ipxmontr] C:\WINDOWS\system32\ipxmontr.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Billminder.lnk = E:\mom's quicken\BILLMIND.EXE
O4 - Global Startup: HPAiODevice(hp officejet v series) - 1.lnk = C:\Program Files\Hewlett-Packard\AiO\hp officejet v series\Bin\hpoant07.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Quicken Startup.lnk = E:\mom's quicken\QWDLLS.EXE
O4 - Global Startup: U.S. Robotics Internet Call Notification.lnk = C:\Program Files\U.S. Robotics\Internet Call Notification\CallWaiting.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Yahoo! Messenger (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Messenger (HKLM)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {01111C00-3E00-11D2-8470-0060089874ED} (Support.com ActionRunner Class) - http://help.rr.com/Foundrysdccommon/downlo...oad/tgctlar.cab (http://\"http://help.rr.com/Foundrysdccommon/download/tgctlar.cab\")
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - http://help.rr.com/sdccommon/download/grprcus.cab (http://\"http://help.rr.com/sdccommon/download/grprcus.cab\")
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/12119/CTSUEng.cab (http://\"http://www.creative.com/su/ocx/12119/CTSUEng.cab\")
O16 - DPF: {19E28AFC-EAE3-4CE5-AC83-2407B42F57C9} (MSSecurityAdvisor Class) - http://protect.microsoft.com/security/prot...b?1063326678700 (http://\"http://protect.microsoft.com/security/protect/WSA/shared/cab/x86/MSSecAdv.cab?1063326678700\")
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://download.yahoo.com/dl/installs/yinst.cab (http://\"http://download.yahoo.com/dl/installs/yinst.cab\")
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} - http://download.microsoft.com/download/F/6...922/wmv9VCM.CAB (http://\"http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB\")
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/...7980.3052314815 (http://\"http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37980.3052314815\")
O16 - DPF: {D18F962A-3722-4B59-B08D-28BB9EB2281E} (PhotosCtrl Class) - http://f1.pg.photos.yahoo.com/ocx/us/yexpl...plorer1_9us.cab (http://\"http://f1.pg.photos.yahoo.com/ocx/us/yexplorer1_9us.cab\")
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwa...ash/swflash.cab (http://\"http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab\")
O16 - DPF: {DF6A0F17-0B1E-11D4-829D-00C04F6843FE} (Microsoft Office Tools on the Web Control) - http://officeupdate.microsoft.com/Template...nloads/outc.cab (http://\"http://officeupdate.microsoft.com/TemplateGallery/downloads/outc.cab\")
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://fdl.msn.com/public/chat/msnchat45.cab (http://\"http://fdl.msn.com/public/chat/msnchat45.cab\")
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/12119/CTPID.cab (http://\"http://www.creative.com/su/ocx/12119/CTPID.cab\")

Thanks for any help you can offer.

Title: notepad
Post by: Crazy @!@-S@m-@!@ on May 01, 2004, 04:32:42 AM

/biggrin.gif\' class=\'bbc_emoticon\' alt=\':D\' />  /ohmy.gif\' class=\'bbc_emoticon\' alt=\':o\' />  /laugh.gif\' class=\'bbc_emoticon\' alt=\':lol:\' />  /cool.gif\' class=\'bbc_emoticon\' alt=\'B)\' />  /rolleyes.gif\' class=\'bbc_emoticon\' alt=\':rolleyes:\' />  /huh.gif\' class=\'bbc_emoticon\' alt=\':huh:\' />  /wink.gif\' class=\'bbc_emoticon\' alt=\';)\' />  /rolleyes.gif\' class=\'bbc_emoticon\' alt=\':rolleyes:\' />  /dry.gif\' class=\'bbc_emoticon\' alt=\'<_<\' />  /biggrin.gif\' class=\'bbc_emoticon\' alt=\':D\' />  /laugh.gif\' class=\'bbc_emoticon\' alt=\':lol:\' />  /wink.gif\' class=\'bbc_emoticon\' alt=\';)\' />  /dry.gif\' class=\'bbc_emoticon\' alt=\'<_<\' />  /sad.gif\' class=\'bbc_emoticon\' alt=\':(\' />  /mad.gif\' class=\'bbc_emoticon\' alt=\':angry:\' />

TRY OPENING UP YR COMPUTER, TAKING OUT YR COCK AND [censored]ING THE PC U [censored]NUT!!!!!!!!!!!!!!!!!!!

Title: notepad
Post by: MOTHER FUC|<ER on May 01, 2004, 04:35:06 AM

/smile.gif\' class=\'bbc_emoticon\' alt=\':)\' /> kEEP UP THE [censored]ING
MOTHER FUC|<ER :@

Title: notepad
Post by: Guest on May 12, 2004, 10:05:36 PM

Hi archtx

Try going to Spyware Info or Computer Cops, you'll get some real help and no profanity.

Title: notepad
Post by: Guest on May 27, 2004, 12:18:47 AM

TomCoyote.com is also a good place to go if you need help. I dont know about computer cops, but TomCoyote.com and spywareinfo.com both have forums where you can post your log and real time chatrooms where you can talk to experts who will actually help you, unlike a couple people that have answered your post here.

Title: notepad
Post by: just call me.. bruce on May 27, 2004, 12:29:28 AM

[quote name=\'Guest\' date=\'May 26 2004, 11:18 PM\']TomCoyote.com is also a good place to go if you need help. I dont know about computer cops, but TomCoyote.com and spywareinfo.com both have forums where you can post your log and real time chatrooms where you can talk to experts who will actually help you, unlike a couple people that have answered your post here.[/quote]
 Yes, those 2 are Excellent sources and will at least get you started in repairing that Awful mess you got into
 /biggrin.gif\' class=\'bbc_emoticon\' alt=\':D\' />

Title: notepad
Post by: Crash Core on May 31, 2004, 09:58:57 PM

I have a similar problem...  I recently decided to edit and view the code of one of my webpages, and I discovered that my notepad application is gone.  It is no longer in my windows folder anywhere.  I've searched for it.  Negative...  Any help?  Thanks in advance. /laugh.gif\' class=\'bbc_emoticon\' alt=\':lol:\' />

Title: notepad
Post by: Person on May 31, 2004, 10:01:48 PM

same thing happened to me

 /huh.gif\' class=\'bbc_emoticon\' alt=\':huh:\' />  /ohmy.gif\' class=\'bbc_emoticon\' alt=\':o\' />  /wink.gif\' class=\'bbc_emoticon\' alt=\';)\' />  /tongue.gif\' class=\'bbc_emoticon\' alt=\':P\' />  /biggrin.gif\' class=\'bbc_emoticon\' alt=\':D\' />  /laugh.gif\' class=\'bbc_emoticon\' alt=\':lol:\' />  /cool.gif\' class=\'bbc_emoticon\' alt=\'B)\' />  /rolleyes.gif\' class=\'bbc_emoticon\' alt=\':rolleyes:\' />  /dry.gif\' class=\'bbc_emoticon\' alt=\'<_<\' />  /smile.gif\' class=\'bbc_emoticon\' alt=\':)\' />  /mad.gif\' class=\'bbc_emoticon\' alt=\':angry:\' />  /sad.gif\' class=\'bbc_emoticon\' alt=\':(\' />  /unsure.gif\' class=\'bbc_emoticon\' alt=\':unsure:\' />  /blink.gif\' class=\'bbc_emoticon\' alt=\':blink:\' />  /ph34r.gif\' class=\'bbc_emoticon\' alt=\':ph34r:\' />

Title: notepad
Post by: Guest on June 16, 2004, 11:10:28 AM

Same here

Title: notepad
Post by: Guest on June 18, 2004, 04:08:59 PM

/dry.gif\' class=\'bbc_emoticon\' alt=\'<_<\' /> mee too