Hi!I came home one day and I found a new account on the login screen {I use XP and Internet Explorer, btw}:(My Name)(My Roommate's Name)AdminestratorSomehow, someone hacked into my computer with a new admin account {I do have the default Admin account in Safe Mode, though.} So I assumed my settings MUST have been messed with. Sure enough!These are my computer's current problems:~ (Almost) NO Internet Access. Right now I'm on FastFreeProxy, desperately trying to fix my computer. For some reason I can access obscure sites that I never go to. However, the sites that I go on a daily basis load to a blank page with "Invalid syntax error" as a header.~ I can't downloading ANYTHING. I tried to download FireFox but instead I received this message-:"Your current security settings do not allow this file to be downloaded."Not only that but when I tried downloading FireFox off of LimeWire and opened .exe, I was blocked from even opening it! So I can use AIM/Limewire (which saved my life, btw.)Anyway, my HiJackThis:Logfile of HijackThis v1.99.1Scan saved at 00:47, on 07-04-19Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\Explorer.EXEC:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exeC:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exeC:\WINDOWS\csrss.exeC:\Program Files\AIM\aim.exeC:\Program Files\Internet Explorer\IEXPLORE.EXEC:\Program Files\HJT\HijackThis.exeR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://cyborgsmoke.angelfire.com/O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odlO9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exeO23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exeO23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exeO23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exeO23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exeO23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\Sptisrv.exe
Recommended Answers
Jump to Post...for unravelling that log format you owe me a beer. Go into safe mode cos I would like you to check if you still have this file:
C:\Windows\system32\csrss.exe
[Either go Control panel > folder options OR in an explorer window > tools>folder options; then view tab, and
-press Show hidden …
Jump to Postwell, the HT log comes up in notepad. Just click format tab and uncheck wordwrap. CtrlA, CtrlC, into the postbox and CtrlV. Ought to work.
Jump to PostCheck your hosts file for a start; it should look something like this unless you have added sites..... this is mine, an it's the default:-
# Copyright (c) 1993-1999 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains …
Jump to Postthat etc after drivers\ above is real, not me being lazy... :)
Check this too:
Next check some settings....In control panel select the Network and Internet Connections , rclick on your default connection, usually local area connection for cable and dsl, and lclick on properties. Click the Networking tab. Dclick …
Jump to PostThere is a special file, hosts [no extension] that provides a shortcut or redirection service for your browser when you enter a URL , you know, the http://daniwe.... Your browser checks the hosts file for entries before it goes on the web [to a DNS server], to …
All 17 Replies
We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.