i need help with my computer

Users who are viewing this thread

Total: 2 (members: 0, guests: 2)
Freebird135

Freebird135

Member
Messages
300
Reaction score
1
Tokenz
0.00z
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: HP Smart Select - {58ECB495-38F0-49cb-A538-10282ABF65E7} - c:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb126\Dealio.dll
O9 - Extra 'Tools' menuitem: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb126\Dealio.dll
O13 - Gopher Prefix:
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Trend Micro Central Control Component (SfCtlCom) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
O23 - Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) - Trend Micro Inc. - C:\Program Files\Trend Micro\BM\TMBMSRV.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\TmProxy.exe
O23 - Service: Vongo Service - Starz Entertainment Group LLC - C:\Program Files\Vongo\VongoService.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 11155 bytes




theres the hijack this info

it was to big to paste in one post

im running vista by the way
 
  • 27
    Replies
  • 770
    Views
  • 0
    Participant count
    Participants list
Alien Allen

Alien Allen

Froggy the Prick
Messages
16,633
Reaction score
22
Tokenz
1,206.36z
R3 - URLSearchHook: (no name) - {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
Click to expand...

I am no expert but I think this is Virtumunde so it seems you are infected.

Do not get help from anybody unless you can trust them. When you get an infection it can take several steps sometimes to get cleaned up.

Techguy.org is a decent site for help like this if you go to their site

HelpOnThe.Net: Tech Support Guy - Free help for Windows XP, Vista, 98, and more!

after you create an account you would then go to the Security and HJT forum which is on the left
 
sofia76

sofia76

Member
Messages
224
Reaction score
0
Tokenz
0.00z
Yes, you have a lot of bad stuff in there, not necessarily vundo, but enough other junk to warrant cleansing. I have done work on this in the past, used to work on a different site for malware, and can definitely help you, but as Allen said, other sites are far more reputable in the area of malware removal than this site is. The fact that I work in IT means that I run across this stuff daily, and have to at least somewhat cognizant of what is out there, and I feel that I could assiist you and get you system clean on this site, if that is the way you want to go.

If not, I would follow Allen's instructions, as while I do not know him, I have actually heard of the website he speaks of, and while I am not a member there (I do tech work during the day, I would rather relax with some wine and have someone rub my feet in the evening than continue to tech work) I also vouch for their expertise, as I had my machine cleaned up back when I was still married.

Matter of fact, it was one of the reasons we got divorced, how that machine got infected. :eek
 
sofia76

sofia76

Member
Messages
224
Reaction score
0
Tokenz
0.00z
Alien Allen said:
I am no expert but I think this is Virtumunde so it seems you are infected.
Click to expand...

That's actually for the Askbar search assistant. Not malignant, but annoying with a lot of popups. ;)

With vundo you will usually see the infection mirrored in the O20 section, so you would see the below:

Code: 
O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DL+L

and then an entry in the O20 section that ended in RABSKA.DLL. At least that's the way it used to be. I never got certified anywhere, but I did do a lot of cleaning via HJT in the past, just haven't done so in a few years.

As I said, as I've matured, I find that when I'm at home, I like to spend my time as far away from what I do during the day as possible. :)
 
Rusteh

Rusteh

Active Member
Messages
2,741
Reaction score
0
Tokenz
0.01z
I know that you have a basic infection, but frankly that shouldn't cause your connection problems, just general slowness, pop-ups and other annoyances...

bass_man1989 said:
Usually as soon as a scanner finds something it drops it in the vault. You might wanna try just plugging your computer into the router if you're close to it. It might be a problem with the wireless card.
Click to expand...


that would be my first suggestion, and when you do I'd upgrade the wireless NIC regardless anyways. If after plugging it in you find that you have a stable connection, then it's one if not two problems;

1) your NIC
2) your Router

First I'd update the NIC drivers, then I'd first just try updating the routers firmware. if after the updating both of those and you still find yourself having problems, it may actually be corrupt software in the router. What you would do there is start from scratch, blow it out completly and then install the latest drivers and reset up your router.

Since I don't know what model of the equipment you have those are just my general suggestions. If you know the specific models, usually the manufactures websites have detailed "how-to" manuals on how to preform the fixes that I suggested.

I know that you have a basic infection, but frankly that shouldn't cause your connection problems, just general slowness, pop-ups and other annoyances...
 
Alien Allen

Alien Allen

Froggy the Prick
Messages
16,633
Reaction score
22
Tokenz
1,206.36z
sofia76 said:
That's actually for the Askbar search assistant. Not malignant, but annoying with a lot of popups. ;)

With vundo you will usually see the infection mirrored in the O20 section, so you would see the below:

Code: 
O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DL+L
and then an entry in the O20 section that ended in RABSKA.DLL. At least that's the way it used to be. I never got certified anywhere, but I did do a lot of cleaning via HJT in the past, just haven't done so in a few years.

As I said, as I've matured, I find that when I'm at home, I like to spend my time as far away from what I do during the day as possible. :)
Click to expand...

It just caught my eye so I did a google and it sent me to a tech site post where a guy said that was what it was. I make NO claims to have any expertise. I used to just follow allow out of boredom a few years ago and saw some of the more obvious stuff that sticks out. OR so I thought:D
 
sofia76

sofia76

Member
Messages
224
Reaction score
0
Tokenz
0.00z
Alien Allen said:
It just caught my eye so I did a google and it sent me to a tech site post where a guy said that was what it was. I make NO claims to have any expertise. I used to just follow allow out of boredom a few years ago and saw some of the more obvious stuff that sticks out. OR so I thought:D
Click to expand...

:)

Malware is very annoying and very tricky. I used to be very good at it, but it just took up too much of my time.

I went to the site that you suggested and they seem to have a complete area roped off for it, but the same problem that all sites have today with malware, which is that there is vastly more writers of bad malware than there are trained removers of it. I think that ratio will always stay the same, though. Something about the criminal element in us. :)

I can help here, if they want me too, but I will be honest and say that the people that you recommended have a lot more expertise, and a lot more _recent_ expertise, than I do.

But I will do what is asked of me.



Within reason, of course. ;)
 
Alien Allen

Alien Allen

Froggy the Prick
Messages
16,633
Reaction score
22
Tokenz
1,206.36z
Some malware is so stinking imbedded it takes a lot of steps to get it clean. If that happens to me I would just reinstall as I have a drive image program and saved everything on an external drive. 15 minutes and I am all back together and nothing else to reinstall.
 
78,874Threads
2,185,387Messages
4,959Members
Back
Top