Jump to content

Serious problem


ak-4seven

Recommended Posts

Look at this sh*t, it happens suddenly every 5 minutes or so...

user posted image

 

What the hell is wrong?

Link to comment
Share on other sites

Fozzy Fozborne

Uninstall all your Symantec crap and install AVG free for virus protection and Zone Alarm free for a firewall lastly install Ad-Aware free for adware/spyware protection. Believe me, it's worth the 5 minutes it takes as your computer will be much faster without Symantec programs eating up your RAM.

 

Open up the Symantec manager and disable email protection and the messages should go away.

Link to comment
Share on other sites

Why are you sending people emails about watches?

 

All I can get from this is someone got into your email account and is using it to spam their website to people and symantec is trying to block it / warn you.

 

Could be completely wrong though.

Link to comment
Share on other sites

Why are you sending people emails about watches?

 

All I can get from this is someone got into your email account and is using it to spam their website to people and symantec is trying to block it / warn you.

 

Could be completely wrong though.

I thought the same. Go change e-mails, or at least passwords, and get an anti-spyware software.

 

If you REALLY ARE sending those e-mails, disable the Symantec e-mail warning thingy =)

Link to comment
Share on other sites

Statutory Ray

To be honest, I doubt there's anything you can do short of formatting and reinstalling Windows to fix that...

 

There's obviously a virus/trojan/whatever on your computer that is sending these fake e-mails to people, when if clicked, will then infect them with the virus. Whoever it is probably already has complete control of your computer and it's contents.

Link to comment
Share on other sites

Yeah, you've became a spam robot, but your firewall/virus protection has gone nuts about this.

 

make a complete virus, trojan, spyware, adware etc. scan to ensure that your system will be clean. Try different types of anti-viruses.

Link to comment
Share on other sites

Thanks people, I uninstalled that Norton crap and put Kaspersky, much better, currently scanning, and til now there were 21 stuff detected, 2 worms and 3 trojans! mercie_blink.gif

 

Which means that Norton Anti-virus is a piece of sh*t.

Link to comment
Share on other sites

Indeed, Norton does as much damage to your computer as it prevents, and you were wise to replace it. However, you'd be wise reasearching the errors you were getting previously, and ensuring that you no longer have the trojan/spambot/whatever that you had beforehand.. Essentially the spam companies were using your computer secretly as a server to send their messages.

 

Also, lol@username. smile.gif

F4tISZ2.png

xY1j6rP.gif

Link to comment
Share on other sites

First off, You obviously have a Worm, thats what the emails are getting sent form, unless you are sending them, download HiJackThis and paste the log file it produces, We'll tell you what is the spyware, and how to remove it, then you'll need to remove Norton Antivirus, it sucks badly, so get AVG, or any other Anti Virus recommended in this thread, and after that, download Mozilla Firefox as it is more secure than Internet Explorer is, which is probably how you got the worm in the first place.

 

Edit: Ahh, disregard most of that, I didn't see your post tounge2.gif

 

But still, get Firefox and maybe run HiJackthis just to be careful.

90FHTZo.png

Link to comment
Share on other sites

 

Also, lol@username. smile.gif

lol, I just wanted to sign up in these forums so I wanted to do it quick, and I couldn't think of a name, that's the first thing that popped in my head. I'll probably send a change request later.

 

Logfile of HijackThis v1.99.1

Scan saved at 06:39, on 2008-03-25

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16608)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\acs.exe

C:\Program Files\Acer\Acer eConsole\MediaServerService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe

C:\WINDOWS\system32\tcpsvcs.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\Program Files\Windows Live\Contacts\wlcomm.exe

C:\Program Files\Windows Live\Messenger\usnsvc.exe

C:\Program Files\Ares\Ares.exe

C:\Program Files\JustVoip.com\JustVoip\JustVoip.exe

C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe

C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe

C:\Documents and Settings\Omar Albaiti\My Documents\hijackthis\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.etisalat.ae/

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = %3clocal%3e:80

O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 6\SnagItBHO.dll

O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO.dll

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll

O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll

O4 - HKLM\..\Run: [ulcaxwla] C:\WINDOWS\system32\ulcaxwla.exe

O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"

O4 - HKLM\..\Run: [GhostSurf Reminder] "C:\Program Files\GhostSurf 2006 Platinum\Privacy Control Center.exe" reminder

O4 - HKLM\..\RunServices: [ulcaxwla] C:\WINDOWS\system32\ulcaxwla.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [slowmath] C:\DOCUME~1\OMARAL~1\APPLIC~1\CLOSES~1\keep wait.exe

O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h

O4 - HKCU\..\Run: [JustVoip] "C:\Program Files\JustVoip.com\JustVoip\JustVoip.exe" -nosplash -minimized

O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet

O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm

O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm

O8 - Extra context menu item: Download all videos using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm

O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm

O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm

O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll

O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Omar Albaiti\Start Menu\Programs\IMVU\Run IMVU.lnk

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: Acer Media Server - Acer Inc. - C:\Program Files\Acer\Acer eConsole\MediaServerService.exe

O23 - Service: WLAN Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r (file missing)

O23 - Service: Bonjour Service - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Print Spooler Service (eaoevl6wy) - Unknown owner - C:\WINDOWS\system32\ulcaxwla.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)

O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: USBest Service Zero (UTSCSI) - Unknown owner - C:\WINDOWS\system32\UTSCSI.EXE

 

 

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • 1 User Currently Viewing
    0 members, 0 Anonymous, 1 Guest

×
×
  • Create New...

Important Information

By using GTAForums.com, you agree to our Terms of Use and Privacy Policy.