Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - LuckyTom

Pages: [1]
1
Tech Clinic / I Need Help Desperatly! Please Help!
« on: December 21, 2004, 02:44:28 PM »
Thank you very much for your help, however I am currently waiting for my sister to get home so that i can make sure that it's ok that i deleate these programs  http://images.thetechguide.com/forum/public/style_emoticons/<#EMO_DIR#>/dry.gif\' class=\'bbc_emoticon\' alt=\'<_<\' /> However I have decided to deleate the programs that i know she wont need, for example 'SpyKiller'

Quote
I see that you have SpyKiller installed, if you haven't paid for it I would recommend that you uninstall it

You have said that I should uninstall it, however I am not sure how. I have checked 'Add/Remove Program', but i can't find it in there. Did you mean for me to deleate it in a different way?

2
Tech Clinic / I Need Help Desperatly! Please Help!
« on: December 20, 2004, 06:42:56 PM »
My computer is currently broken (over-heating problems) so i have been using my sisters computer, however its filled with rubish. Toolbars, pop-ups, strange cursers, etc.

Iv deleated as much as i can (that i know won't break anything) but most of it seems to just come back once rebooted.

However i do not think these things are safe and when running virus scanners over 200 problems were  found. I have deleated all of these.

I have used have some problems with  my computer and i remember hi-jack this helped to get rid of these problems so i have used it and this is what it has come up with:





Logfile of HijackThis v1.99.0
Scan saved at 22:00:48, on 20/12/2004
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\LEXBCES.EXE
C:\WINNT\system32\spoolsv.exe
C:\WINNT\system32\LEXPPS.EXE
C:\WINNT\System32\Ati2evxx.exe
C:\PROGRA~1\Grisoft\AVG6\avgserv.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\drivers\KodakCCS.exe
C:\PROGRA~1\Navnt\navapsvc.exe
C:\PROGRA~1\Navnt\npssvc.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\ptssvc.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
C:\PROGRA~1\Navnt\alertsvc.exe
C:\WINNT\system32\Atiptaxx.exe
C:\Program Files\DELL\AccessDirect\dadapp.exe
C:\PROGRA~1\Adaptec\DirectCD\directcd.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\Grisoft\AVG6\avgcc32.exe
C:\Program Files\Messenger Plus! 3\MsgPlus.exe
C:\PROGRA~1\Adaptec\EASYCD~1\CreateCD\CreateCD.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Navnt\navapw32.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINNT\system32\wuauclt.exe
C:\unzipped\hijackthis[1]\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.qnebhtvzqm.com/Jk3QWFSIuq_U2/PG...HBsT92ILiMK.php
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://community.globaleaccess.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: 1097087511 - {262277EC-5BB5-4849-8BF2-1824330C9CAC} - (no file)
O2 - BHO: (no name) - {35316FCB-61F6-C922-C81A-219CA2DC1AA2} - C:\DOCUME~1\EWENBA~1\APPLIC~1\AMOKTI~1\BARB REMOTE.exe
O2 - BHO: No description - {60261C06-81B0-4DE0-9313-E5BA203A64E9} - C:\WINNT\DOWNLO~1\pdfmgr.dll
O2 - BHO: No description - {88CC91DE-5930-45AD-9E04-6B1233609FEA} - C:\WINNT\system32\tkp785A.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [AtiPTA] Atiptaxx.exe
O4 - HKLM\..\Run: [DadApp] C:\Program Files\DELL\AccessDirect\dadapp.exe
O4 - HKLM\..\Run: [Adaptec DirectCD] C:\PROGRA~1\Adaptec\DirectCD\directcd.exe
O4 - HKLM\..\Run: [TCASUTIEXE] TCAUDIAG -on
O4 - HKLM\..\Run: [NPS Event Checker] C:\PROGRA~1\Navnt\npscheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MemoryCardManager] C:\Program Files\Lexmark\Lexmark Photo Center\MemoryCardManager.exe -startup
O4 - HKLM\..\Run: [AVG_CC] C:\PROGRA~1\Grisoft\AVG6\avgcc32.exe /STARTUP
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [ASDPLUGIN] C:\WINNT\system32\geaccess.exe -N
O4 - HKLM\..\Run: [dart locks load idol] C:\Documents and Settings\All Users\Application Data\4 bold dart locks\ItchBeep.exe
O4 - HKLM\..\Run: [CreateCD] C:\PROGRA~1\Adaptec\EASYCD~1\CreateCD\CreateCD.exe -r
O4 - HKCU\..\Run: [SpyKiller] C:\Program Files\SpyKiller\spykiller.exe /startup
O4 - HKCU\..\Run: [eggsbone] C:\DOCUME~1\EWENBA~1\APPLIC~1\SLOWSI~1\hidememo.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Norton AntiVirus AutoProtect.lnk = C:\Program Files\Navnt\navapw32.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {0089F6EE-ED54-11D5-B0E7-00508B014C1D} (ExWebClientUtils Class) - http://exweb.exchange.uk.com/clientbinarie...ies/texInfo.CAB
O16 - DPF: {0FA8E95B-C23A-11D5-8F5F-0008C7E9C2C6} (Pensions.desInput) - http://exweb.exchange.uk.com/clientbinarie...sionsPhase2.CAB
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwe...etup1.0.0.8.cab
O16 - DPF: {30CE93AE-4987-483C-9ABE-F2BD5301AB70} - http://64.158.165.143/100039/uk/gegames/geaccess.exe
O16 - DPF: {786F41FA-AC32-11D5-9B73-00508B6BAAB3} (exWebStopper.texexweb) - http://exweb.exchange.uk.com/download/upda...xWebStopper.CAB
O16 - DPF: {7B5A1CB7-2E01-11D7-90C1-0008C7E9C2C6} (PHI.desInput) - http://exweb.exchange.uk.com/clientbinaries/PHI.CAB
O16 - DPF: {83742947-3994-9943-2039-746302840329} (Exweb XML Files for Focus Renderer) - http://exweb.exchange.uk.com/download/upda...te/xmlfiles.cab
O16 - DPF: {87067F04-DE4C-4688-BC3C-4FCF39D609E7} - http://download.websearch.com/Dnl/T_50188/QDow_AS2.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab30149.cab
O16 - DPF: {8E95B0CA-EB6F-11D3-979B-00508B64538B} (VersionInfo.clsVersionInfo) - http://exweb.exchange.uk.com/clientbinarie...VersionInfo.CAB
O16 - DPF: {A32DBCA3-4BFD-11D3-B9E4-008048FCE443} (Complist Class) - file://E:\CAB\eXwebCListCtl.cab
O16 - DPF: {A45CF69C-19E0-4090-99DA-286A7C1C257B} (exWebUpdater.clsINIFile) - http://exweb.exchange.uk.com/download/upda...xWebUpdater.CAB
O16 - DPF: {A74D724A-AB17-11D2-A96A-006097E20477} (eXwebUtils.HTMLUtils) - http://exweb.exchange.uk.com/clientbinarie.../eXwebUtils.CAB
O16 - DPF: {A98277A1-A141-11D5-98B9-00508B64538B} (Complist2 Class) - http://exweb.exchange.uk.com/clientbinarie...ebCListCtl2.CAB
O16 - DPF: {A9F86998-BB62-11D2-A988-006097E20477} (eXwebUtils.clsVersionInfo) - file://E:\CAB\eXwebUtils.cab
O16 - DPF: {A9F869B2-BB62-11D2-A988-006097E20477} (eXwebOccList.clsVersionInfo) - file://E:\CAB\eXwebOcc.cab
O16 - DPF: {A9F869C0-BB62-11D2-A988-006097E20477} (PHIHelpText.clsVersionInfo) - file://E:\CAB\PHIHelpText.cab
O16 - DPF: {A9F869CE-BB62-11D2-A988-006097E20477} (PHIToolTips.clsVersionInfo) - file://E:\CAB\PHIToolTips.cab
O16 - DPF: {AB5ED3AE-DE26-11D3-AD7A-0050044495F0} (WholeLife.clsVersionInfo) - file://E:\CAB\wholelife.cab
O16 - DPF: {AB5ED422-DE26-11D3-AD7A-0050044495F0} (WholeLife.desWOLBlank) - http://exweb.exchange.uk.com/clientbinarie...s/WholeLife.CAB
O16 - DPF: {ABF92614-EBA5-11D3-A315-006008134E84} (Annuities.dsrMain) - http://exweb.exchange.uk.com/clientbinaries/ann_GD.CAB
O16 - DPF: {B539A417-0C5E-11D4-97CF-00508B64538B} (Bonds.GLBI030) - file://E:\CAB\Bonds.cab
O16 - DPF: {B539A425-0C5E-11D4-97CF-00508B64538B} (Bonds.clsBondBusinessLogic) - http://exweb.exchange.uk.com/clientbinaries/Bonds.CAB
O16 - DPF: {B5805B24-2D86-11D0-ADA6-00400520799C} (ProtoView Calendar Control) - file://E:\CAB\pvcalctl.cab
O16 - DPF: {C3DFA998-A486-11D4-AA25-00C04F72DAEB} (MSN Photo Upload Tool) - http://sc.groups.msn.com/controls/PhotoUC/MsnPUpld.cab
O16 - DPF: {CC696B63-4159-11D0-BDCB-0020A90B183A} (ProtoView Date Control) - file://E:\CAB\pvdate2.cab
O16 - DPF: {DB1F089D-F410-11D3-A316-006008134E84} (CombinedTerm.desInput) - http://exweb.exchange.uk.com/clientbinarie...rmAssurance.CAB
O16 - DPF: {DB1F08C5-F410-11D3-A316-006008134E84} (CombinedTerm.desUserDefaultsGrid) - file://E:\CAB\TermAssurance.cab
O16 - DPF: {DBA9E4A1-885A-11D3-8919-0050049D81F4} (TexPHIDS.dsrPHIInput) - file://E:\CAB\TexPHIDS.cab
O16 - DPF: {DDECE2F5-AF1F-44E7-B37F-96B6630F5C60} (PrintComponent.clsVersionInfo) - http://exweb.exchange.uk.com/clientbinarie...es/printdll.CAB
O16 - DPF: {E5CFA957-1CD1-11D2-85AD-006097B42E68} (TEXCList.ctlCompanyList) - file://E:\CAB\eXwebCList.cab
O16 - DPF: {E672FC91-6A8F-11D3-82DC-0008C78A797E} (CTP Printing Update) - http://exweb.exchange.uk.com/download/upda...ctpprinting.cab
O16 - DPF: {E7FF5332-854E-11D2-A952-006097E20477} (eXwebOccList.clsOccRes) - http://exweb.exchange.uk.com/clientbinarie...es/eXwebOcc.CAB
O16 - DPF: {E9C9692E-F93C-11D1-ABB0-0040054FC6FB} (ProtoView DataTable Control 7.0 (OLEDB)) - file://E:\CAB\pvdt70.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab
O16 - DPF: {F952EDBD-84EF-11D5-8F0C-0008C7E9C2C6} (exchange Scripting Update) - http://exweb.exchange.uk.com/download/upda...ting_update.CAB
O23 - Service: Ati HotKey Poller - Unknown - C:\WINNT\System32\Ati2evxx.exe
O23 - Service: AVG6 Service - GRISOFT s.r.o - C:\PROGRA~1\Grisoft\AVG6\avgserv.exe
O23 - Service: Logical Disk Manager Administrative Service - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: Kodak Camera Connection Software - Eastman Kodak Company - C:\WINNT\system32\drivers\KodakCCS.exe
O23 - Service: LexBce Server - Lexmark International, Inc. - C:\WINNT\system32\LEXBCES.EXE
O23 - Service: NAV Alert - Symantec Corporation - C:\PROGRA~1\Navnt\alertsvc.exe
O23 - Service: NAV Auto-Protect - Symantec Corporation - C:\PROGRA~1\Navnt\navapsvc.exe
O23 - Service: Norton Program Scheduler - Symantec Corporation - C:\PROGRA~1\Navnt\npssvc.exe
O23 - Service: ptssvc - KODAK - C:\Program Files\Kodak\Kodak EasyShare software\bin\ptssvc.exe




If you could please help me by telling me what i should deleate. If more information is needed i will try to answer as helpfull as possible however i do not know much about this computer as it is not mine.

Pages: [1]