Virus or Missing System Files?

  1. 22-01-2005  #11
    farodyssey
    farodyssey is offline Newbie

    Thanks for all your help guys. Luckily, my system has allowed me to keep working, but I want to fix these problems since I wouldn't want them to get out of hand. I'll keep you guys posted as I work through them.
  2. 22-01-2005  #12
    Tyler D-A-L Guest
    Thanks for the update. Good luck and hope you get rid of all the infections!
  3. 25-01-2005  #13
    farodyssey
    farodyssey is offline Newbie
    Well, i've tried all the suggestions so far but still no luck. I ran all the programs and found a lot of stuff that needed to be deleted but it didn't make a difference. I believe that all of these things have been on my PC for a while and weren't really affecting anything other than making a lot of pop-up windows.

    I've discovered a lot of other problems with my machine since my last posts. My Yahoo Messenger can't send or recieve text, there are a couple of very strange things wrong with my internet browsers. They seem to not send form data very well or at all. Drop-down menus that are used to send the user to another page no longer work. Help & Support, System Restore, File Search, & Windows Media Player still no longer exist.

    It seems that because my computer was working perfectly at one point, and then all these things occured almost over-night, there must've been something I accidently deleted or messed up, but I don't know what It could be.

    I'm thinking of doing a full formatt and reinstall, but that would be my very last option. I think that would take about two work days out of my schedule, so it's not something I'm looking forward to. Does anyone have any other suggestions before I give up?

    Below is my latest Hijack this logfile.

    Logfile of HijackThis v1.99.0
    Scan saved at 1:59:42 AM, on 1/25/2005
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\COMMON~1\AOL\ACS\AOLACSD.EXE
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\wanmpsvc.exe
    C:\WINDOWS\Explorer.EXE
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
    C:\User Files\temporary files\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.tigerdirect.com/
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll
    O2 - BHO: (no name) - {F4A27D22-E603-4B1B-B8D0-1CF7D57E56F2} - (no file)
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll
    O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
    O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
    O4 - Startup: SpySubtract.lnk = C:\User Files\temporary files\SpySub.exe
    O4 - Global Startup: SpySubtract.lnk = C:\User Files\temporary files\SpySub.exe
    O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
    O8 - Extra context menu item: Download With NetLeech - C:\Program Files\NetLeech\NLExtMenu.htm
    O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
    O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
    O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\YAHOO!\MESSEN~1\YPAGER.EXE
    O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\YAHOO!\MESSEN~1\YPAGER.EXE
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O16 - DPF: Yahoo! Chat - http://us.chat1.yimg.com/us.yimg.com.../c381/chat.cab
    O16 - DPF: {430DDE24-C051-11CF-95BE-0020AFF75E4F} (ichat xchat Control) - http://tank.wizards.com/chat/data/ht...ie/msichat.ocx
    O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/acti..._v1-0-3-12.cab
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2...ll/xscan53.cab
    O16 - DPF: {CC05BC12-2AA2-4AC7-AC81-0E40F83B1ADF} (Live365Player Class) - http://www.live365.com/players/play365.cab
    O16 - DPF: {E504EE6E-47C6-11D5-B8AB-00D0B78F3D48} (Yahoo! Webcam Viewer Wrapper) - http://chat.yahoo.com/cab/yvwrctl.cab
    O23 - Service: Adobe LM Service - Unknown - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: AOL Connectivity Service - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLACSD.EXE
    O23 - Service: AVG7 Alert Manager Server - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    O23 - Service: AVG7 Update Service - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    O23 - Service: Macromedia Licensing Service - Unknown - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
    O23 - Service: PACSPTISVR - Unknown - C:\Program Files\Common Files\Sony Shared\AVLib\Pacsptisvr.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
    O23 - Service: Sony SPTI Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\Sptisrv.exe
    O23 - Service: SymWMI Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
    O23 - Service: WAN Miniport (ATW) Service - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

    Thanks for all your help so far.
  4. 25-01-2005  #14
    Vidster D-A-L Guest
    If you have programs missing or damaged, you can always try running sfc /scannow.
    Press start and then select RUN. Type sfc /scannow (note the space after sfc). You should then be prompted to insert your XP disk.
    This will then check your system for damaged programs. I'm not sure if this will help but it can't hurt to try!.
  5. 25-01-2005  #15
    farodyssey
    farodyssey is offline Newbie
    I've already run sfc /scannow. It hasn't prompted me for a disc so I assume all my files are intact.

    I've scheduled time on thursday and friday to do a full formatt and re-install everything on my system. There's just too many small problems, and I usually like a perfectly working computer.

    Looks like it won, guys, but thanks for everything anyway.
  6. 25-01-2005  #16
    Tyler D-A-L Guest
    Its sad to see someone reformat. But keep in mind you don't have to reformat just a fresh install could also do the trick!
  7. 26-01-2005  #17
    Vidster D-A-L Guest
    A repair install [i[could[/i] be the way to go here. You wont loose any of your programs and XP's settings will be back to default.
    If you are having problems with spyware you should install Spywareguard and Spywareblaster from This post. They will actively try to stop spyware installing itself on your system. I have been using these programs for the last year and i have hardly any spyware.

    Repair Install instructions:
    http://www.michaelstevenstech.com/XPrepairinstall.htm
  8. 26-01-2005  #18
    farodyssey
    farodyssey is offline Newbie
    I've done a windows XP recovery installation, and everything seems to be working great now.

    The only thing I notice different is that my operating system looks like Windows 98 now! I kinow this has to do with themes, but I can't seem to get my usual windows XP theme going.

    Any ideas?
  9. 26-01-2005  #19
    Tyler D-A-L Guest
    Start
    Control Panel
    Display
    Apperance
    Use Windows XP Style and not classic.
+ Reply to Thread
Page 2 of 2 FirstFirst 1 2
« XP freezing up. | Xp Home display changes »