i got rid of the kazaa files and ran the kazaa be gone program to ensure it
now...when you say not to use sp2 until i've ridded the system of all malware what does malware mean? is it the kazaa files i got rid of? am i good to go as far as using sp2? or is there something else i need to do
and also when you say reboot, is that the synonamous with restart? forgive me if i'm really ignorant on all this
i just started using this other computer of ours and it had some old viruses from back in the day i'm assuming preventing it from working propperly...i cannot use aim or other messanger programs (they dont sign on as tho i'm not connected to the internet), i also cannot use kazaa or any other file sharing programs (same thing as aim) and also there are millions of pop up ads with any internet explorer window you open and it proceeds to continue with pop ups until it finally gives up and shuts down ie and you have to start over (i'm assuming that's some sort of spyware), the computer also runs a lot slower than it should with the speed of the computer and how well it's kept...can you help me?
hijack log is as follows:
Logfile of HijackThis v1.98.2
Scan saved at 3:16:40 AM, on 10/30/2004
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\WinTools\WToolsS.exe
C:\Program Files\ISTsvc\istsvc.exe
C:\Program Files\Internet Optimizer\optimize.exe
C:\WINDOWS\System32\ghucodyc.exe
C:\documents and settings\eimo\local settings\temp\cawc.exe
C:\documents and settings\eimo\local settings\temp\xIgwU4D.exe
C:\documents and settings\eimo\local settings\temp\nJ.exe
C:\WINDOWS\System32\IEHost.exe
C:\WINDOWS\System32\dp-him.exe
C:\Program Files\Common Files\WinTools\WToolsA.exe
C:\WINDOWS\System32\dpmfo.exe
C:\Program Files\Common Files\CMEII\CMESys.exe
C:\Program Files\Altnet\Points Manager\Points Manager.exe
C:\Program Files\Common files\updmgr\updmgr.exe
C:\WINDOWS\System32\P2P Networking\P2P Networking.exe
C:\Program Files\AutoUpdate\AutoUpdate.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Common Files\GMT\GMT.exe
C:\Program Files\PrecisionTime\PrecisionTime.exe
…
i've got the trusted start page problem...can anyone help me?
Logfile of HijackThis v1.98.2
Scan saved at 4:44:50 PM, on 10/25/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Softex\OmniPass\Omniserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Softex\OmniPass\OPXPApp.exe
C:\WINDOWS\System32\_huytam_.exe
C:\WINDOWS\Explorer.EXE
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\System32\P2P Networking\P2P Networking4.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\AIM\aim.exe
c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\interMute\SpamSubtract\SpamSubtract.exe
C:\WINDOWS\system32\winmine.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\inetm\winlogon.exe
C:\Documents and Settings\Roman.FAMILYCOMPUTER\Local Settings\Temp\Temporary Directory 1 for hijackthis[1].zip\HijackThis.exe
C:\Program Files\Common Files\Real\Update_OB\rnathchk.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:NavigationFailure
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:NavigationFailure
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = about:NavigationFailure
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:NavigationFailure
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:NavigationFailure
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:NavigationFailure
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R3 - URLSearchHook: (no name) - _{20EC3D2D-33C1-4C9D-BC37-C2D500688DA2} - (no file)
F3 - REG:win.ini: run=C:\WINDOWS\inetm\winlogon.exe
F2 - REG:system.ini: UserInit=Userinit.exe,_huytam_
O2 - BHO: (no name) - {5321E378-FFAD-4999-8C62-03CA8155F0B3} - (no file)
O2 - BHO: (no name) - {5E83226F-81B8-4079-A4A0-29359581B073} - C:\WINDOWS\System32\fkfjmc.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} …
hey guys...my name is rafael and i have the same problem this guy had...
i dont know exactly where to start, i tried what this guy did, but as i looked for the processes that are supposed to be "stopped" i couldnt find them and i also wouldnt know what it would mean to "stop" them...
i'm sorry if i seem clueless, but uhm, i kinda just found this page by searchin for information on the "trusted start page", i figured if you guys helped this guy out, maybe you could help me out?
do you mind? where should i start?