PDA

View Full Version : Update For Shifty

Phuloi68
04-30-2006, 11:02 PM
Hey Shifty. A couple of weeks ago you were trying to help me with a problem of speed on my computer, and loss of signal. We tried several changes and stuff and I was still having problems. You looked over my Hijack list and said my computer was pretty clean and streamlined.
I called Comcast and they came out several times. First time they said my power to modum was a little low and they adjusted it up some. It worked for a little while and then it messed up again. Called them again and they changed modum. Next day it was worse. called them out again and they ran new cable from pole to house. Cable is about twice the size of the old one. They said carries signal for computer and tv better. Computer is working great now. Speed seems as fast as i can remember it for my computer. I do not seem to be having the connection issues I was having. Hope this makes more sense to you then it does to me. Also hope it continues to work this way.
Don't know if others may have the same situation, but you may pass this on to someone in the future.
In all my trying this and that, changing stuff to try to improve, I have kind of went back to what I had set up originally. There is one thing I seem to have screwed up and don't know how or what to do about it. And it is probably simple to fix. If I get an email where I have to go down and click on download, I can't open it.
it takes me to a box where it says open with. I have tried the different selections and I keep getting a message saying either a not supported file or because file corrupted.
Any suggestions? I am sending an update of the Hijack this of what I have to see if you spot anything.
Once again I thank you for helping me and for all the help you have givern to others.

Logfile of HijackThis v1.99.1
Scan saved at 10:05:05 PM, on 4/30/2006
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINNT\system32\LEXBCES.EXE
C:\WINNT\system32\spoolsv.exe
C:\WINNT\system32\LEXPPS.EXE
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
C:\Program Files\Lexmark X6100 Series\lxbfbmgr.exe
C:\WINNT\soundman.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Lexmark X6100 Series\lxbfbmon.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Ferlus\Desktop\HijackThis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [Lexmark X6100 Series] "C:\Program Files\Lexmark X6100 Series\lxbfbmgr.exe"
O4 - HKLM\..\Run: [SoundMan] soundman.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SSC_UserPrompt] "C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe"
O4 - HKLM\..\Run: [MsgCenterExe] "C:\Program Files\Common Files\Real\Update_OB\RealOneMessageCenter.exe" -osboot
O4 - HKLM\..\RunOnce: [WMC_RebootCheck] C:\WINNT\inf\unregmp2.exe /FixUps
O4 - HKCU\..\Run: [Registry Cleaner] "C:\Program Files\Registry Cleaner Trial\regclean.exe" -startminimize
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O16 - DPF: {01010E00-5E80-11D8-9E86-0007E96C65AE} (SupportSoft SmartIssue) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsi.cab
O16 - DPF: {01012101-5E80-11D8-9E86-0007E96C65AE} (SupportSoft Script Runner Class) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=48835
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - http://www.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab
O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn/install/hpobjinstaller_gmn.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-3-36.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/1444be6e5e29fbfc7805/netzip/RdxIE601.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1138027665375
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1137993086156
O16 - DPF: {B020B534-4AA2-4B99-BD6D-5F6EE286DF5C} (Symantec Download Bridge) - http://a248.e.akamai.net/f/248/5462/2h/www.symantecstore.com/v2.0-img/operations/symbizpr/xcontrol/SymDlBrg.cab
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Norton Internet Security\comHost.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINNT\system32\LEXBCES.EXE
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

.
shifty
05-01-2006, 02:18 PM
you look fine, there's nothing in the hijackthis log that would help me find it. i would need to better understand what you're saying about the mail not working. can you give a description, including what program youre using to get mail, how to replicate the problem, step by step (including getting the new mail, highlighting the message, what you click on, etc.)? this would be helpful for me to get a better idea.
Phuloi68
05-02-2006, 01:23 AM
See if I can do better at describing this.
I get my emails thru mail.google.com
Sometimes I just click on message and I can read it. Sometimes there is something (attachment?) at bottom that says name of attachment
example: Gage1.wmv
3096K Download

and I have to click on download and it takes me to a box.
this box is titled File downloaded and gives a little info, like some files may contain harmful info,etc...
at the bottom you then click on either open, save, cancel, or more info.
I would then click on open and it would start opening attachment, picture, video, or whatever it was and I could see and hear it..
Now I click on open and it takes me to a box called: open with.
says choose the program you want to use to open, and lists the different things I have.
ex. Adobe reader, Internet explorer (which I use) windows media player,.. and other things I have. I then click on which one and hit ok.
Then I get a message saying cannot play, the file is either corrupt, or the player does not support the format you are trying to play.

Since cleaning out everything in messing with my system, I am wondering if I shut off something that allowed me to see these attachments and other saved messages that I cannot see now.
Another thing, as well as I am thinking of things, prior to messing around and changing stuff, I was not getting spam. Now, I am getting several spams a day. I think, by playing around with my security and other things, I let something in that is allowing the spams. .
Hope I have explained it clearer. I tried to copy and past the different boxes but don't seem to be able to do that.
shifty
05-02-2006, 03:16 PM
ok, so curious - i see you reloaded Norton. does this still occur if Norton Internet Security is disabled? i am curious if Norton is somehow blocking attachments or something?

was this occuring:
After installing AVG?
After installing Kerio?

If you try to "Save" the file to a place on your drive, THEN open it, are you still asked which program to open the file with?

Just some tests that can be run in the meantime.
Phuloi68
05-02-2006, 08:50 PM
ok, so curious - i see you reloaded Norton. does this still occur if Norton Internet Security is disabled? i am curious if Norton is somehow blocking attachments or something?

was this occuring:
After installing AVG?
After installing Kerio?

If you try to "Save" the file to a place on your drive, THEN open it, are you still asked which program to open the file with?

Just some tests that can be run in the meantime.
.
Disabled Norton, no difference.
I was able to get the downloads after installing AVG and Kerio.
I tried to Save file in my Documents. There is an icon in there now, but I click on it and nothing happens. I tried on a couple of save emails that I know were able to be opened. Can't open them either.
After all the changes I have done recently and not really knowing what I have been doing, kinda of trial and error, I feel it is something simple but cannot figure what it is.
I probably deleted a checkmark, a driver, or something that won't let me see stuff.
Also, with enabling, and disabling, I think I opened a back door cause every day now, I am getting more and more spam after not having any for a long time with the firewalls. All this is becoming frustrating cause I feel so ignorant on how this computer works and I can't solve the issues.
I have been trying to remember at what stage this stuff started.
Seems like I installed CCleaner to clean up my system and the problems may have started after that.
thanks again.
shifty
05-03-2006, 09:27 AM
okay - when you used CCleaner, did you pay close attention to the "application" tab and make sure you unchecked EVERYTHING in the application tab?
Phuloi68
05-03-2006, 09:42 AM
I don't remember. But I probably did not. I just looked at the CCleaner and the stuff under applications is all checked so I assume that was the way they were when I ran it.
shifty
05-03-2006, 09:59 AM
ok. this might be helpful info. let me look at CCleaner and see what in the applications it would wipe out. Likewise, let me see if it has a restore function of some sort.