Is this Spyware, a virus or something else?
Ok now i'm confused :confused:
I set my homepage for when I open internet explorer as my e-mail account, but recently it has changed to this: http://quickmetasearch.com/?said=acc0001_ho No matter how many times I go into the internet options page and change it back, it keeps re-appearing after opening a second page. I scanned my system with ad-aware, deleted a few items and re-booted, then with spybot search and destroy, again a few items and a re-boot. Finally I ran a virus scan that came up empty :uhoh: This thing is really stating to p!$$ me off :mad: If anyone knows how to get rid of this, could they post a reply. I can post a Hi-jack this report if it helps? Many Thanks S.C. :ok: |
If you're using WinXP, try system restore to a few days ago.
Some intrusive program treid to hi-jack my system yesterday and that was the only way I could $hitcan it. |
From your post I would suggest you have probably been hijacked. As a result It would be a good idea to run the HijackThis program and post the log for the experts to comment on.
|
Have a look at this and run cwshredder then if still a problem post a hijack this log for the experts to look at
|
thanks for all the quick replies, here's the hi-jack this report I just ran:
Logfile of HijackThis v1.99.0 Scan saved at 18:57:32, on 18/01/2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\WINDOWS\System32\gearsec.exe C:\Program Files\Norton AntiVirus\navapsvc.exe C:\WINDOWS\System32\nvsvc32.exe C:\Program Files\Norton AntiVirus\SAVScan.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\MsPMSPSv.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe C:\Program Files\HP\HP Share-to-Web\hpgs2wnd.exe C:\WINDOWS\System32\hphmon05.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\Real\RealPlayer\RealPlay.exe C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe C:\Program Files\Common Files\AOL\ACS\AOLDial.exe C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Spyware Doctor\swdoctor.exe C:\Program Files\HP\HP Share-to-Web\hpgs2wnf.exe C:\Program Files\AOL 9.0\aoltray.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\Playlist.exe C:\Program Files\AOL 9.0\waol.exe C:\Program Files\AOL 9.0\shellmon.exe C:\Program Files\Common Files\AOL\aoltpspd.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://quickmetasearch.com/?said=acc0001_ho R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://quickmetasearch.com/?said=acc0001_ho R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.hp.com/go/notebookaccessories O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: HomePageCtrl Class - {1B9CB0F8-118B-49C1-956D-B703E976F8E3} - C:\Program Files\STHomePage\STHomePage.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: STLinksCtrl Class - {B54BFA47-D897-49CA-9657-05EC9F80A32B} - C:\Program Files\STLinks\STLinks.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [CamMonitor] C:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\HP\HP Share-to-Web\hpgs2wnd.exe O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe" O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe" O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe" O4 - HKLM\..\Run: [RoxioAudioCentral] "C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe" O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q O4 - Startup: PowerReg Scheduler V3.exe O4 - Global Startup: AOL 9.0 Tray Icon.lnk = C:\Program Files\AOL 9.0\aoltray.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2...ll/xscan53.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{B8D2A228-1B39-4447-9830-93F424F55D81}: NameServer = 205.188.146.145 O23 - Service: AOL Connectivity Service - America Online, Inc. - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe O23 - Service: AOL Spyware Protection Service - Unknown - C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\\aolserv.exe O23 - Service: AVG7 Alert Manager Server - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe O23 - Service: AVG7 Update Service - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe O23 - Service: Symantec Event Manager - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: Gear Security Service - GEAR Software - C:\WINDOWS\System32\gearsec.exe O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Norton AntiVirus Auto Protect Service - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: NVIDIA Display Driver Service - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe Hope the experts can help on this. S.C. |
It's there right after your program files. Where it starts the hotkey commands, RO-HKCU/Software, etc. http:quickmetasearch, delete and remove both of these. Also, take a close look at the 02's the BHO's. These are Browser Helper Objects. I'm sure the Adobe and the Spybot ones are fine, but I'm not sure what the other two are. Usually a hijack is associated with these. Good Luck
|
I would have a close look a the following entry:
O2 - BHO: HomePageCtrl Class - {1B9CB0F8-118B-49C1-956D-B703E976F8E3} - C:\Program Files\STHomePage\STHomePage.dll Try removing the folder in the Program Files folder and see if that helps. goates |
nwaflygirl & goates, thank you for your replies. I was initially unable to remove the programme files of ST Home page, as my laptop refused, but after deleting them from hi jack this, they easily deleted. So too did my http:quickmetasearch after having to twice delete that from the HJT report.
BEagle, I'm glad I didn't have to restore my system, but to be honest, I wouldn't know how :O HelenD, I agree it looks like I was hijacked, so how do I squawk 7600 and ask for help? Maxell, I don't know what else to download, so far I have 2 anti-virus guards, 2 firewalls, ad-aware, spy doctor, spybot search and destroy, and zone alarm pro yet still they get through :oh: Is there any light at the end of the tunnel? is there a wonderful way of stopping the madness :} Or are we doomed to keep having to deal with this? If anybody knows any programmes that would be advisable for as close as one can get to total protection, could they tell me what it is? Is norton internet security an answer? Hope somebody can help me :eek: Many Thanks, S.C. :ok: |
Is there any light at the end of the tunnel? is there a wonderful way of stopping the madness Or are we doomed to keep having to deal with this? One more program you could try out is Spyware Blaster. I doesn't scan your computer for spyware, but prevents them from installing themselves. Ewido Security Suite is yet one more program to deal with this problem. Is one of your firewalls hardware, or do you have two software firewalls? goates |
I'd second the Mac suggestion, but in the meantime, download and use Firefox and Thunderbird as browsers and email client, respectively. Should stop 99% of hijack problems. They're free at www.mozilla.org
|
Honestly Goates, I will be taking your advice and investing in a MAC for my home PC, my current one running on XP Pro is in terrible troube. I downloaded SP2, and both the D and E drives failed to load properly, and even after trying to un-install and re-install through the device manager aswell as trying other methods they have failed to load, and i'm told I need to re-install SP2 to fix the problem, but how can I do that without the CD-ROM?
There are some days I feel like throwing it out the window, but for now I invested in a new laptop and want to stick with it. I will indeed look into your suggestions of the other programmes, as for the firewalls, well I'm a little unsure about programme types, all I know is that zone alarm pro contains a firewall, aswell as the firewall that came with SP2. Ps. If you have any suggestions on any paritcular MAC systems that would be suitable for mostly home use, I'd love to hear them as i've never looked into buying one before :confused: Thanks for the reply, Land After, thanks for the link, but to ask the silly question, Thunderbird, is it the same as outlook express or is it a stand alone e-mail system that will give me a new address. I just signed on to gmail because of the inbox capacity and don't want to give it up, but unfortunatly it won't work with outlook express because it doesn't have whatever the POP3 (or something like that) linking capability? S.C. :ok: |
Sky-Captain,
Have a look at the Mac Mini. Not overly powerful, and they need the RAM bumped to at least 512MB, but they can do pretty much everything people use their computers for. Email, surf the net, MS Office, organize photos, play MP3s and burn CDs/DVDs. Those Macs are only 5cm high and 16.5 cm wide! Thunderbird is just a plain email program. It can't connect to Hotmail, at least not easily, but can connect to any POP3 or IMAP account. Both it and Outlook Express should be able to connect to Gmail as long as POP3 access has been enabled for your Gmail account. Thunderbird is far more secure than Outlook Express though. I also forgot to mention Firefox as LandAfter suggested. I use it myself and only go back to IE to for the Windows Update site. It's not completely invulnerable, but at least the developers think about security. I was just asking about your firewalls as you should only have two running on your computer at once. Two running at the same time can step on each other's toes. Keep the ZoneAlarm firewall running and make sure the Windows XP one is disabled. XP's firewall isn't really all that great anyways. goates |
The best program I have ever purchased for this issue, bar none, is Webroot's Spy Sweeper. Visit www.webroot.com This program protects your homepage from hijacks, prevents inadvertent additions to your favorites menu, (this drove me nuts!), prevents installation of Browser Helper Objects, and has many other shields for stellar PC protection. This company is also the industry leader in spyware/adware/hijack research. It is very user friendly and has a free trial. There is also a free spy audit at the site. It takes only a minute or two, and it will tell you exactly what's hiding in your computer. If you do decide to purchase, the customer support is outstanding, and the price is quite reasonable for all it does.
As for SP2, :yuk: I uninstalled it about 5 minutes after I downloaded it. Microsoft seems to put out these patches/updates way too soon. It's still full of bugs. It does absolutely nothing. I tried to find one redeeming quality in it to no avail. Dump it! |
Thank you BEagle, that MAC MINI has exactly what I need and is the right size in more ways than one. Its moved itself to the top of my list. I downloaded Firefox and am finding it quite nice to use, think i'll stick with it from now on. And thanks for the advice on the firewalls, I'm a little unsure how, but i'lm going to do what I can to disable the SP2 firewall:p
nwaflygirl, webroot looks very impressive, think I might part with a small bit of money there, but as for uninstalling SP2, will it make no difference to a system, and (if you know) do you think if I un-instaled it, I would get my D and E drives reloaded :confused: Thanks For The Replies, S.C. :ok: |
SC - it wasn't me who suggested a Mac. Nor would I recommend Betamax VCRs....
System restore is an utterly simple process. Just go to 'Start', then 'All Programs', then 'Accessories', then ' System Tools', then 'System Restore' and follow the easy guide. It'll basically reset your computer to the way it was on any date it knows about! I don't know why people whinge about SP2; sure there've been a few isolated interactions with other programs, but it works 100% fine for me! But if you want to uninstall it, it's easy enough under 'Control Panel', then 'Add or Remove Programs', then scroll down to Windows XP Service Pack 2 and remove it. If you must! |
SC - it wasn't me who suggested a Mac. Nor would I recommend Betamax VCRs.... There are, of course, perfectly valid reasons why a Mac isn't for you. They're useless for games. Some people also enjoy putting together a computer themselves, to their own specification, and you can't really do that with a Mac. Also, while the cheaper Macs are good value, the more expensive models compare poorly (IMHO) with the PC in any 'bang for buck' measure. Any technically-competent user can cope with Windows, and the improved price/performance of the PC platform helps offset the negatives that come with Windows. However, as a general-purpose computer for someone who isn't a computer expert - and doesn't want to have to become one - a Mac is ideal. If you step back and compare XP/Home SP2 with Outlook Express and Internet Explorer with OSX with Mail and Safari from the point of view of a novice it's laughable how poor Windows is. Ooops. I bit. :rolleyes: |
Thunderbird (and Gmail POP)
Thunderbird is an email client and a replacement for Outlook Express.
The good news is that gmail now supports POP access, so you can use Thunderbird to access you email and keep local copies. Your can continue using gmail via the web, if it's easier for you. Evo - good points about the Mac. I (a long time ago) managed to get a Computer Science degree, so I guess I am technically minded. I have two Macs in my house and use them daily. Bottom line is less bang-per-buck, but they work, don't need rebooting every 5 minutes and (so far) have little problem with viruses. So on price vs actual usable performance, they're way ahead! |
Evo, you missed my point. Even though Betamax might actually have been better in many respects than VHS, the 'standard' became VHS. Similarly, although Macs have their devoted afficionados, whether they like it or not, the 'standard' is invariably MicroSoft. Linux, Godzilla, Bollux or whatever, most people are entirely happy with MicroSoft and leave the esoterica to the wireheads.
|
most people are entirely happy with MicroSoft I heartily wish the Mac had become the standard, though I cynically wonder whether Apple would have gone down the same path as M$. After all, if you've got a system that works beautifully, what excuse do you have to justify an expensive upgrade every two years? I speak as an owner of two desktops and two laptops all of which are Windows based. :{ But one of these days! |
Evo, you missed my point. A comparison between VHS and betamax isn't remotely similar to a comparison between Windows/Intel and Mac (or between Wintel and Linux, Solaris, AIX, BSD and any of the dozen other major platforms that coexist on the Internet). The internet was running on a wide variety of different platforms before Microsoft ever realized it existed. All the protocols that make the internet work have nothing to do with the hardware platform you're using. And as much as Microsoft might like to lock us into it's own one-flavour Windows-centric world, it has tried and it can't do it. So what does a Mac stop you from doing? Most games. DIY hardware updates, at least with a few exceptions. And, um, that's it. Microsoft support the Mac, so you can run Word, Excel etc. if you need to, and Virtual PC (written by Microsoft, by the way) will run most software written for PC. Iit's too slow for games - there's that word again - but fine for almost everything else. It's a long time since much non-game software was processor limited. The fact remains that a Mac is, quite simply, a better solution for the inexperienced computer user than the piece of junk they'll probably buy from Dell. As for the experienced few, they can make up their own minds :) |
BEagle, my appologies, I was meant to say goates, although thank you for the step through guides you posted, do you mind if I ask you for one other guide, how do you disable the SP2 firewall?
I'm not going to pretend I know about the differences in operating systems; But like Binoculars said, I am one of those people who didn't know there was an alternative to MS. Right now i'm in the market for something new for the home PC and need some options. Most people advise the standard from Dell, but some like Evo know it's not the best :yuk: Should I stick with MS compatible systems, or build to my own specs with an Athalon 64 processor and Linux to operate,or just change completly for the MAC. Everybodys opinion on this would be greatly appreciated. :ok: Land After, could I ask the silly question, to set up the connection between Thunderbird and Gmail, what do I need to do after I download the programme :confused: S.C. |
S-C - go to 'Start', then 'Control Panel', then double click the 'Windows Firewall' icon. When the program opens, tick the option against the red shield symbol and then 'OK'.
Regarding the best option for your new computing needs, I wouldn't wish to comment as the real answer is "It depends upon what you want....." Bill Gates brought computing to millions of people and for that he deserves thanks. The continual bitching and moaning and references to Micro$oft from the IT-knowledgeable are regrettable. Sure there are probably better systems and software for the real experts, but for everyday use I'm entirely happy with Microsoft! |
S.C - I've been using Linux since '95, love it, and use it on my main 'Work' machine. However, I think that it's still not really a suitable general-purpose O/S, so if you have to ask "is it for me?" it probably isn't. There's just too much hands-on needed. Now if that sounds fun to you then give it a go (it's not hard, per se, just different).
As for Dell, you can usually do better - either from another more specialist maker, or by building yourself. The Dell outlet can be very cheap though, but you need to be quick, lucky and understand exactly what you're buying. BEagle, it's a bit rich to complain that "The continual bitching and moaning and references to Micro$oft from the IT-knowledgeable are regrettable" when you referred earlier to "Linux, Godzilla, Bollux or whatever". :rolleyes: |
Sky_Captain,
Evo is right about most people using Linux. Unless you want to get your hands dirty with computers and operating systems, it's best to avoid it for now. I built my own Windows machine, and occasionally play around with Linux. Every time I end up dropping Linux as it takes too much time to just set up and keep running. When it comes to getting work done, I would much rather use a Mac. It shouldn't just be the IT folks complaining about Windows. Everybody should be. Apple has developed a system that can do virtually everything Windows can, but better and more securely. Yes Microsoft can't control the hardware as well as Apple can, but they can control the quality and security of the operating system. And so far they have chosen not to. The settings to use for Gmail POP access should be under the settings or preferences in your Gmail account. I can't check from work though to see if they give special instructions for Thunderbird though. goates PS - Here is a link looking at the cost of the Mac Minis compared to PCs. Basically there isn't much of a difference. http://www.macworld.com/weblogs/edit...nges/index.php |
Goates is right - download Thunderbird, then follow the instructions online in Gmail to configure it.
In Gmail choose Settings->Forwarding & POP. I'd recommend choosing the option to Enable POP for all mail and to keep a copy of the mail in Gmail (You've got a Gig of store, may as well use it for backups!). Then click on the link for the cient confiiguration instructions and choose the one for Thunderbird 0.x (You'll have 1.0, but I can't see there being a bg problem) |
Hi SC,
I don't know how far you've got with the clean up yet, but could you post up a new HJT log, and I'll give it the once over for you. Oh, and the STHomePage BHO is almost certainly the cause of the hijack, keeping the home page as quickmetasearch, so well done Goates for spotting that. :ok: Cheers Liam |
Liam, good to know your back on again, you were a great help before. Here's the current Report:
Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\WINDOWS\System32\gearsec.exe C:\Program Files\Norton AntiVirus\navapsvc.exe C:\WINDOWS\System32\nvsvc32.exe C:\Program Files\Norton AntiVirus\SAVScan.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\MsPMSPSv.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe C:\Program Files\HP\HP Share-to-Web\hpgs2wnd.exe C:\WINDOWS\System32\hphmon05.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\Real\RealPlayer\RealPlay.exe C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe C:\Program Files\Common Files\AOL\ACS\AOLDial.exe C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Spyware Doctor\swdoctor.exe C:\Program Files\HP\HP Share-to-Web\hpgs2wnf.exe C:\Program Files\AOL 9.0\aoltray.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\Playlist.exe C:\Program Files\AOL 9.0\waol.exe C:\Program Files\AOL 9.0\shellmon.exe C:\Program Files\Common Files\AOL\aoltpspd.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.hp.com/go/notebookaccessories O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [CamMonitor] C:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\HP\HP Share-to-Web\hpgs2wnd.exe O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe" O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe" O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe" O4 - HKLM\..\Run: [RoxioAudioCentral] "C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe" O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q O4 - Startup: PowerReg Scheduler V3.exe O4 - Global Startup: AOL 9.0 Tray Icon.lnk = C:\Program Files\AOL 9.0\aoltray.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2...ll/xscan53.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{B8D2A228-1B39-4447-9830-93F424F55D81}: NameServer = 205.188.146.145 O23 - Service: AOL Connectivity Service - America Online, Inc. - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe O23 - Service: AOL Spyware Protection Service - Unknown - C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\\aolserv.exe O23 - Service: AVG7 Alert Manager Server - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe O23 - Service: AVG7 Update Service - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe O23 - Service: Symantec Event Manager - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: Gear Security Service - GEAR Software - C:\WINDOWS\System32\gearsec.exe O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Norton AntiVirus Auto Protect Service - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: NVIDIA Display Driver Service - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe BEagle, thank you again for your step through help. As for what I want, well an all inclusive machine for personal and family use, aswell as use for gaming which rules out the MAC. I am the hands on sort of person, but I think I will go with the build your own approach as Evo mentioned. I hear wonderful things about the 64 processor, and am looking for some sort of system that is less likely to have problems with hacking, viruses or just poor performance. Goates & Land After, thanks for the help with POP3 for Gmail, I'm about to download the programme now. To hose in the know, for this laptop i'm on now, which is a HP, I have near everything i need to protect it from, virus, worm, trojan, spyware and adware, is there anything to block out specific hackers or is zone alarm pro enough? S.C. |
ZoneAlarm Pro should be sufficient so long as it is configured and working correctly.
To test it go to www.grc.com and find the "Shields UP!!" page. When you get there run the "All Service Ports" service. If ZoneAlarm is working, everything should come up green (ie "Stealth"). RC |
S.C.
System for games -> Windows or cheap PC/Mac and XBox/PS2 or Gamecube System resistant to viruses, spyware and hacking -> Just about anything but Windows or Windows loaded up with anti-virus, firewall and anti-spyware programs (which will hurt performance too) Not really the best choices to have to make, but that's what we have. There are 64 bit versions of Linux available that can fully utilise the Athlon 64 processors, and there will be a version of WindowsXP out soon too. Otherwise you can just run the current 32 bit versions of XP. goates |
I use
pestpatrol You can download the scanner for free and it will tell you what's on your machine, it finds much more than adware etc and any others I have used. I think for each one found it also has manual removal instruction (though you dont need them if you pay for the full version) which no doubt someone has on Kazaa. FS:ok: |
This one is pretty easy to fix. Just go to the website, find the help/faq button and select it. there is a link to a removal tool.
When the toolis run it will ask if you want to force delete the prog, select yes and it goes away. The hijack probably came from an update to the msn mesenger program. Its very trickily worded so that you install my searchnow. A search on google will show that its a common problem. |
Hi SC,
Clean log. This one can go though, just as a bit of housekeeping.. O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k Cheers Liam |
Thanks Liam for the Help, greatly appreciated as always. And a Big Thank You to everyone who responded to my initial and subsequent queries :ok:
If it wasn't for the help of the many great people on pprune i'd be lost :ugh: My sincerest Thanks to you all. S.C. :D |
All times are GMT. The time now is 09:04. |
Copyright © 2024 MH Sub I, LLC dba Internet Brands. All rights reserved. Use of this site indicates your consent to the Terms of Use.