Author Topic: win 32 p2p worm alcan a (Read 1375 times)

guestolo · « **Reply #20 on:** March 08, 2006, 01:21:01 AM »

Can you open Hijackthis>>Open Misc tools section>>Open Uninstall manager
Click the SAVE LIST button
Save the list to desktop then copy and paste back here the whole contents please

Do you know what version of Norton's Internet Security you have installed and are you willing to try and uninstall it?

wormit · « **Reply #21 on:** March 08, 2006, 02:20:12 AM »

ACDSee
Ad-Aware SE Personal
Adobe Acrobat 5.0
Adobe Photoshop 7.0
AV301P Camera
Avance AC'97 Audio
AVG Free Edition
Britney Spears
Canon CAPT printers
CleanUp!
Cricket '97 Ashes Tour Edition
Download Accelerator Plus Beta
DVDSound
ewido anti-malware
FlashToolset
FTP Commander
Full Tilt Poker
HijackThis 1.99.1
iPIX ActiveX Viewer
Java 2 Runtime Environment Standard Edition v1.4
Java 2 SDK Standard Edition v1.4.0
Java Web Start
Lets Play active
LiveReg (Symantec Corporation)
LiveUpdate 1.6 (Symantec Corporation)
Macromedia Flash 5
Macromedia Flash Player 8
MailWasher
Microsoft Driver Compatibility Database
Microsoft Encarta 96 Encyclopedia
Microsoft Encarta World Atlas 1998 Edition
Microsoft Office 2000 Premium
Microsoft Visual Basic 6.0 Enterprise Edition
Microsoft Web Publishing Wizard 1.53
Microsoft Windows Application Compatibility Message Database
MP3 Dancer
MSN Messenger 7.5
Need For Speed II SE
Nero - Burning Rom (Web installer)
Norton Internet Security
Norton WMI Update
Poker Superstars
PokerChamps
PowerDVD
Prolink H8600 ADSL Modem
Quake III Arena
Shockwave
Sinhala Word 2000
Spec Ops Ranger Team Bravo (RAZOR 1911)
SpeedOptimizer
Spybot - Search & Destroy 1.4
Webshots!
WildTangent GameChannel (remove only)
Windows XP Application Compatibility Update[Q319580]
Windows XP Hotfix - KB821557
Windows XP Hotfix - KB823559
Windows XP Hotfix - KB824105
Windows XP Hotfix - KB825119
Windows XP Hotfix - KB828741
Windows XP Hotfix - KB833987
Windows XP Hotfix - KB834707
Windows XP Hotfix - KB835732
Windows XP Hotfix - KB840987
Windows XP Hotfix - KB841356
Windows XP Hotfix - KB841533
Windows XP Hotfix - KB841873
Windows XP Hotfix - KB842773
Windows XP Hotfix - KB873376
Windows XP Hotfix - KB887822
Windows XP Hotfix (SP1) [See Q311889 for more information]
Windows XP Hotfix (SP1) [See Q323172 for more information]
Windows XP Hotfix (SP1) [See Q326830 for more information]
Windows XP Hotfix (SP1) [See Q329048 for more information]
Windows XP Hotfix (SP1) [See Q329390 for more information]
Windows XP Hotfix (SP1) [See Q329441 for more information]
Windows XP Hotfix (SP1) [See Q329834 for more information]
Windows XP Hotfix (SP1) Q329170
Windows XP Hotfix (SP1) Q810577
Windows XP Hotfix (SP1) Q810833
Windows XP Hotfix (SP1) Q815021
Windows XP Hotfix (SP1) Q817606
Windows XP Hotfix (SP2) [See Q329115 for more information]
WinRAR archiver
WinZip
WinZip Self-Extractor
XingMPEG Player
Yahoo! Install Manager
Yahoo! Messenger

The version is 2002.... the functions seem to be disabled though... Will i have to get a new firewall if i uninstall this?

Im willing to uninstall it if it will solve this problem... still can't seem to login to any of my email accounts

wormit · « **Reply #22 on:** March 08, 2006, 11:15:22 PM »

So shall i uninstall the norton internet security???

Can some1 help?

guestolo · « **Reply #23 on:** March 09, 2006, 12:50:14 AM »

I would hate to leave you without a firewall
Go to THIS LINK
Look under Software firewalls
All have a free version
ONLY download one please, more than one software firewall can cause conflicts
I have not used all the firewalls, but all have been recommended
Check the program help files if you need setup information

Save the installer to your desktop
Don't install it yet
Remove Norton internet security 2002 thru your add/remove programs, you can remove Liveupdate as well if it's not needed
Reboot the computer

Then install your new Firewall
I personally still have Sygates' on this comp.
But it no longer has support which was ended a couple months ago
It will still work however

come back here and post a fresh hijackthis log

wormit · « **Reply #24 on:** March 09, 2006, 01:59:07 AM »

Ok so i uninstalled norton internet security and the live update; and installed the Agnitum firewall.
Heres the HJTlogfile

Logfile of HijackThis v1.99.1
Scan saved at 12:54:29 PM, on 3/9/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\System32\CAPRPCSK.EXE
D:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
D:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
D:\Program Files\ewido anti-malware\ewidoctrl.exe
D:\PROGRA~1\Agnitum\OUTPOS~1.0\outpost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\SOUNDMAN.EXE
D:\PROGRA~1\DAP\DAP.EXE
D:\WINDOWS\System32\rundll32.exe
D:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
D:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
D:\Program Files\Yahoo!\Messenger\ypager.exe
D:\WINDOWS\system32\spool\drivers\w32x86\3\CAPPSWK.EXE
D:\WINDOWS\System32\spool\drivers\w32x86\3\CAPPSWK.EXE
D:\Program Files\MP3Dancer\MP3Dancer.exe
D:\Program Files\Webshots\WebshotsTray.exe
D:\WINDOWS\System32\wuauclt.exe
D:\WINDOWS\System32\wuauclt.exe
C:\HJT\HijackThis.exe

O2 - BHO: DAPHelper Class - {0000CC75-ACF3-4cac-A0A9-DD3868E06852} - D:\Program Files\DAP\DAPBHO.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O3 - Toolbar: DAP Bar - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - D:\Program Files\DAP\DAPIEBar.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - D:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [CAPON] D:\WINDOWS\System32\Spool\Drivers\w32x86\3\CAPONN.EXE
O4 - HKLM\..\Run: [DownloadAccelerator] D:\PROGRA~1\DAP\DAP.EXE /STARTUP
O4 - HKLM\..\Run: [NeroCheck] D:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar
O4 - HKLM\..\Run: [SunJavaUpdateSched] D:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
O4 - HKLM\..\Run: [SSC_UserPrompt] D:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [AVG7_CC] D:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [Outpost Firewall] "D:\Program Files\Agnitum\Outpost Firewall 1.0\outpost.exe" /waitservice
O4 - HKCU\..\Run: [Yahoo! Pager] D:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - Startup: MP3 Dancer.lnk = D:\Program Files\MP3Dancer\MP3Dancer.exe
O4 - Startup: Webshots.lnk = D:\Program Files\Webshots\WebshotsTray.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = D:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Canon LBP-810 Status Window.LNK = D:\WINDOWS\system32\spool\drivers\w32x86\3\CAPPSWK.EXE
O4 - Global Startup: Microsoft Office.lnk = D:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Download with &DAP - D:\PROGRA~1\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - D:\PROGRA~1\DAP\dapextie2.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\JavaSoft\JRE\1.4\bin\npjpi140.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\JavaSoft\JRE\1.4\bin\npjpi140.dll
O9 - Extra button: Run DAP - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - D:\PROGRA~1\DAP\DAP.EXE
O9 - Extra button: Poker.com - {6FDD5236-C9F0-49ef-935D-385F5E21991A} - D:\Program Files\Poker.com\poker.exe (file missing)
O12 - Plugin for .spop: D:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {0F42F280-2D6E-4B19-95A9-18D8DADB9309} (BFLauncher Class) - http://www.betfred.com/company/gamessectio...redlauncher.cab
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab
O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F99} (CR64Loader Object) - http://www.miniclip.com/zenpuzzlegarden/mi...pGameLoader.dll
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - D:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {41ACD49D-1974-791A-0981-AA9872721044} (Ganymede Board Games) - http://67.15.101.3/g_bin/eng/boards_2_0_0_22.cab
O16 - DPF: {83AFB5CA-ED35-11D4-A452-0080C8D85045} (GameDesire Poker Games) - http://67.15.101.3/g_bin/eng/poker_2_0_0_38.cab
O16 - DPF: {AED98630-0251-4E83-917D-43A23D66D507} (Download Helper Class) - http://activex.microgaming.com/DLHelper/ve...n7/DLHelper.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab
O16 - DPF: {BFA1F11D-3121-AFE1-4112-894323212DAC} (GameDesire Word Games) - http://67.15.101.3/g_bin/eng/words_2_0_0_38.cab
O16 - DPF: {BFA1F11D-3121-AFE1-4112-983219421AEF} (GameDesire 1Player Word Games) - http://67.15.101.3/g_bin/eng/wordssingle_2_0_0_34.cab
O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} (Yahoo! Toolbar) - http://us.dl1.yimg.com/download.yahoo.com/...ebio5_1_1_0.cab
O16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C1} (GameDesire Pool

- http://67.15.101.3/g_bin/eng/billard8_2_0_0_23.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "D:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - D:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - D:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - D:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: ewido security suite control - ewido networks - D:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: JavaWebServer - Unknown owner - D:\JavaWebServer2.0\bin\jservsvc.exe (file missing)
O23 - Service: Outpost Firewall Service (OutpostFirewall) - Agnitum - D:\PROGRA~1\Agnitum\OUTPOS~1.0\outpost.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

wormit · « **Reply #25 on:** March 09, 2006, 02:12:08 AM »

OMG OMG its working!!!!!

Can access my email now Can't believe it

http://images.thetechguide.com/forum/public/style_emoticons/<#EMO_DIR#>/laugh.gif\' class=\'bbc_emoticon\' alt=\':lol:\' />

http://images.thetechguide.com/forum/public/style_emoticons/<#EMO_DIR#>/biggrin.gif\' class=\'bbc_emoticon\' alt=\'

\' />
Thanks a billion

http://images.thetechguide.com/forum/public/style_emoticons/<#EMO_DIR#>/smile.gif\' class=\'bbc_emoticon\' alt=\'

\' />

One more thing the agnitum firewall said its outdated and had to update it with a 30 day trial or something so can i use it still? (I updated it)

wormit · « **Reply #26 on:** March 09, 2006, 04:26:14 PM »

In the agnitum auto post fire wall,an application asking for internet access saying "generic host process for win32 services requesting an incoming connection" appears. Is it safe to let it access the internet?
The given option is "stop all activities for this application"
but after i click ok i cant go to any sites.
The other two options are
1) allow all activites for this application
2) create rules using preset

What should i do?
Should it always be the given option by the agnitum auto post fire wall that i should choose?

http://images.thetechguide.com/forum/public/style_emoticons/<#EMO_DIR#>/huh.gif\' class=\'bbc_emoticon\' alt=\':huh:\' />

TheTechGuide Forum

News:

Author Topic: win 32 p2p worm alcan a (Read 1375 times)

guestolo

win 32 p2p worm alcan a

wormit

win 32 p2p worm alcan a

wormit

win 32 p2p worm alcan a

guestolo

win 32 p2p worm alcan a

wormit

win 32 p2p worm alcan a

wormit

win 32 p2p worm alcan a

wormit

win 32 p2p worm alcan a