• Announcements

    • Budfred

      IE 11 copy/paste problem

      It has come to our attention that people using Internet Explorer 11 (IE 11) are having trouble with copy/paste to the forum. If you encounter this problem, using a different browser like Firefox or Chrome seems to get around the problem. We do not know what the problem is, but it seems to be specific to IE 11 and we are hopeful that Microsoft will eventually fix it.
Sign in to follow this  
Followers 0
zjclimber

about blank 2

5 posts in this topic

hello I get blue screen when I try to lanch the avg 6.0 program . I have laptop xp os. Avg said I have back door trojan before I went blue screen

but my more urgent problem is my laptop keeps dropping my internet connection after 120 seconds.

Now I can't even open a web page to get on line. My desktop has no problem getting on line , same internet con.

I have the cws shredder, norton, hijack this, avg, ad-aware 6.0, spy sweeper.

There some other recommended ones but I can't get on line to down load

 

I have added two posts but can't see them in the forum?

Edited by zjclimber

Share this post


Link to post
Share on other sites

Please see attached log from HijackThis. If you could help me out on this I would appreciate it.

 

Logfile of HijackThis v1.98.0

Scan saved at 12:31:03 PM, on 7/5/2004

Platform: Windows XP SP1 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe

C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

C:\WINDOWS\system32\LEXBCES.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\LEXPPS.EXE

C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe

C:\PROGRA~1\Grisoft\AVG6\avgserv.exe

C:\Program Files\Canon\BJCard\Bjmcmng.exe

C:\WINDOWS\System32\nvsvc32.exe

C:\WINDOWS\System32\tcpsvcs.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

C:\WINDOWS\wanmpsvc.exe

C:\WINDOWS\System32\WLTRYSVC.EXE

C:\WINDOWS\System32\bcmwltry.exe

C:\Program Files\Apoint\Apoint.exe

C:\WINDOWS\BCMSMMSG.exe

C:\WINDOWS\System32\DSentry.exe

C:\WINDOWS\system32\dla\tfswctrl.exe

C:\Program Files\Common Files\Dell\EUSW\Support.exe

C:\WINDOWS\System32\BacsTray.exe

C:\Program Files\Canon\BJPV\TVMon.exe

C:\Program Files\Canon\BJCard\BJLaunch.exe

C:\Program Files\ScanSoft\OmniPageSE\opware32.exe

C:\Program Files\Common Files\Symantec Shared\ccApp.exe

C:\Program Files\Messenger\MSMSGS.EXE

C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe

C:\Program Files\Apoint\Apntex.exe

C:\WINDOWS\System32\rundll32.exe

C:\FDIW\UpdtChk.exe

C:\Program Files\Dell\Support\Alert\bin\NotifyAlert.exe

C:\WINDOWS\System32\wbem\wmiapsrv.exe

C:\WINDOWS\explorer.exe

C:\Documents and Settings\dennis.D218HS31\Desktop\junk\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = file://C:\DOCUME~1\DENNIS~1.D21\LOCALS~1\Temp\sp.html

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = file://C:\DOCUME~1\DENNIS~1.D21\LOCALS~1\Temp\sp.html

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = file://C:\DOCUME~1\DENNIS~1.D21\LOCALS~1\Temp\sp.html

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = file://C:\DOCUME~1\DENNIS~1.D21\LOCALS~1\Temp\sp.html

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = file://C:\DOCUME~1\DENNIS~1.D21\LOCALS~1\Temp\sp.html

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = file://C:\DOCUME~1\DENNIS~1.D21\LOCALS~1\Temp\sp.html

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank

O2 - BHO: (no name) - {B27CE444-E30A-4907-83C9-B86857CEEBDD} - c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp329\a0028309.dll (file missing)

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx

O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)

O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll

O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll

O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [bCMSMMSG] BCMSMMSG.exe

O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe

O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe

O4 - HKLM\..\Run: [buildBU] c:\dell\bldbubg.exe

O4 - HKLM\..\Run: [DwlClient] C:\Program Files\Common Files\Dell\EUSW\Support.exe

O4 - HKLM\..\Run: [bacstray] BacsTray.exe

O4 - HKLM\..\Run: [updateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r

O4 - HKLM\..\Run: [bJPD HID Control] C:\Program Files\Canon\BJPV\TVMon.exe

O4 - HKLM\..\Run: [bJLaunchEXE] C:\Program Files\Canon\BJCard\BJLaunch.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [Zone Labs Client] C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe

O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background

O4 - HKCU\..\Run: [spySweeper] C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe /0

O4 - Startup: Field Data Internet Update Check.lnk = C:\FDIW\UpdtChk.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)

O9 - Extra button: TREND MICRO HouseCall - {2B5EA4F8-620A-4A8B-B003-4C8C5EBEA826} - http://uk.trendmicro-europe.com/enterprise...usecall_pre.php (file missing)

O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE

O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll

O16 - DPF: {1663ed61-23eb-11d2-b92f-008048fdd814} (MeadCo ScriptX Advanced) - https://eagent.farmersinsurance.com/PLA/eAg...ctiveX/smsx.cab

O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://bin.mcafee.com/molbin/shared/mcinsc...76/mcinsctl.cab

O16 - DPF: {7ED7005B-4AF6-4CFF-9AE0-F243C4B8260F} (HouseCallButton.setup) - http://de.trendmicro-europe.com/file_downl...eCallButton.CAB

O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://bin.mcafee.com/molbin/shared/mcgdmg...,16/mcgdmgr.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{3FA76530-0D15-4308-A686-BCE1AC903AEC}: NameServer = 12.152.176.3,12.32.70.67

O17 - HKLM\System\CCS\Services\Tcpip\..\{E7AA335F-0880-46A9-8BBA-5060A960267D}: NameServer = 12.152.176.3,12.32.70.67

O18 - Filter: text/html - {13D86E39-BCA9-4A2F-B479-35E950F01C40} - c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp329\a0028309.dll

O18 - Filter: text/plain - {13D86E39-BCA9-4A2F-B479-35E950F01C40} - c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp329\a0028309.dll

Share this post


Link to post
Share on other sites

haha I got mylaptop up and runing again. About 7 Hours before I got it work-

ing I Had disabled Norton and I was able to get on the internet but after five

minutes I lost my internet connection. I thought it was about-blank or some

other trojan highjacker.

 

So for the next 7 hours I tried everything I could find about internet connectivity. Nothing worked I keeped thinking adout the five minutes I was on. I decided to uninstall norton I figured it didn'nt protect me from being hijacked anyway and now my laptop is working just fine.

 

so now its back to getting rid of the highjackers.

Share this post


Link to post
Share on other sites

haha my laptop can get back on line again I uninstalled norton Anti virus and have not had anymore problems so far. Maybe one of the 'spyware/highjackes' corrupted it.

 

I may have also rid my laptop of the highjackes I'll reboot a dozen more times

before I start to feel confident they are gone.

Share this post


Link to post
Share on other sites

I was able to fix my dropping internet connection by unistalling Norton

maybe it got corrupted. I am still infected with about blank. I found the

exact file location of the virus but ad-aware can't delet it.

 

the infected file is under documents settings. file name is 'dennis.D218HS31'

size is 449,088/213 bytes. Created 11/18/2003. Modified 07/01/04 !

 

So maybe something can be done from this location. I don't want to touch it

for fear of making my problem worse.

 

can any one help thanks.

Share this post


Link to post
Share on other sites
Sign in to follow this  
Followers 0