|
|
#1
November 10th, 2003, 09:01 AM
|
||||
|
||||
asviewer
 Hello to all that read this post. I am wondering if anybody out there can look over a "asviewer" report for e to see if I have anything wrong?? If so please reply to this post or email me. While trying to learn all about computer security, I seem to have way to much stuff running or installed and now I have been unistalling and only reinstalling the ones I understand and use. But could still use some guidance. Thanks to all that read and to any reply's Have a great Day!! 
__________________
Foosball is a SPORT, when we play its a game, Tuition is two quarters around here. 
|
|
#2
November 10th, 2003, 08:38 PM
|
||||
|
||||
|
Re:asviewer
Hi again FF,
By all means, post an asviewer log here. And while you are at it post a HijackThis log. (Both tools have their uses and for various reasons, different people often review different logs.) Post a reply here for each log type. If you have any questions regarding HijackThis, see this post: http://www.wilderssecurity.com/showthread.php?t=15913 Also, since this is a log review I'm going to move it to our new forum that is meant for this type of review.
__________________
Can't a puppy get some sleep around here? Ouch! Now I have a headache. |
|
#3
November 10th, 2003, 10:55 PM
|
||||
|
||||
|
Re:asviewer
:-[
Darn it, this is harder than I thought it would be, I can't figure out how to save a "asviewer" report and forgot to change the hijack to a txt and am now typing this all over again, (last time I hope), but it usualy takes me a couple of tries when I attach anything here. I did a "ad-aware" clean-up and would like to do a spybot also but that program and I are having a difference of opions at this time,(for about a month at least now). I played with the buttons,(can't help myself), and set it to start in 5 min. And it never starts? I have unistalled and reinstalled it dozens of times and it always remembers that setting? Anyway this is about a post of my system and thats what I'm trying to do. This is the "hijack" post. And yes I do belive that something or body is inside. "Evil inside" is no joke. But I am famous for being wrong. ;)
__________________
Foosball is a SPORT, when we play its a game, Tuition is two quarters around here.
|
|
#4
November 10th, 2003, 11:12 PM
|
||||
|
||||
|
Re:asviewer
It's me again and I'm pretty sure I got the asviewer report to post here now.
__________________
Foosball is a SPORT, when we play its a game, Tuition is two quarters around here.
|
|
#5
November 11th, 2003, 02:51 AM
|
||||
|
||||
|
Re:asviewer
Hi FukenFooser 007.5,
HijackThis: Check the items listed below in HijackThis, close all windows except HijackThis and click Fix checked: R3 - Default URLSearchHook is missing O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\Updreg.exe Optional: O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe O4 - HKLM\..\Run: [Jet Detection] C:\Program Files\Creative\SBAudigy\PROGRAM\ADGJDet.exe O4 - HKLM\..\Run: [CloneCDElbyCDFL] "F:\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL + under O16 the online scans you don't use regularly. It looks to me like you have two AV's running resident. Not sure about that, but if so, this could cause problems. Regards, Pieter
__________________
Regards, Pieter Itīs nice to be important, but itīs more important to be nice. Remove & Prevent spyware It's human to make mistakes. It's even more so to blame the computer for it. |
|
#6
November 11th, 2003, 03:24 AM
|
||||
|
||||
|
Re:asviewer
Hi, P.A., Thanks for looking it over! I will be doing the item's listed in a moment. And yes there is now two AV's running but one I just fired-up tonight, it's NOD32. I have had for a while but never got around to trying it out.Yep it's still scanning the SLOW way it looks like to me.? I always wonder. Anyway THANKS again and I will be back when I get this list worked over.
__________________
Foosball is a SPORT, when we play its a game, Tuition is two quarters around here.
|
|
#7
November 11th, 2003, 03:56 AM
|
||||
|
||||
Re:asviewer
 Done with that and now have a much better understanding of how this works, thanks so much to the "WILDERS TEAM" But I am wondering about the other stuff it listed like tds3,spyhunter,avg and so forth that I know I unistalled a couple days ago? Should I let hijack fix them also? I know where to find again if I want to reinstall them. And can I totaly remove spybot with hijack? Everything I know, (thats not very much), has gotten me nowhere in my struggle to get it back up and working again. Here is latest hijack scan. HijackThis v1.97.5 Scan saved at 1:36:37 AM, on 11/11/2003 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\computer tools\Sygate\SPF\smc.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AVPersonal\AVGUARD.EXE C:\Program Files\AVPersonal\AVWUPSRV.EXE C:\Program Files\Eset\nod32krn.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\AVPersonal\AVGNT.EXE C:\Program Files\Eset\nod32kui.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Webshots\WebshotsTray.exe C:\Program Files\Messenger\msmsgs.exe C:\Utilities\HijackThis.exe R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = gopher=localhost:1 O1 - Hosts: 203.161.127.141 www.dcsresearch.com O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run O4 - HKLM\..\Run: [TDS3] C:\Program Files\TDS3\TDS-3.exe O4 - HKLM\..\Run: [SpyHunter] C:\Program Files\SpyHunter\SpyHunter.exe O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [SmcService] C:\COMPUT~1\Sygate\SPF\smc.exe -startgui O4 - HKLM\..\Run: [AVGCtrl] C:\Program Files\AVPersonal\AVGNT.EXE /min O4 - HKLM\..\Run: [nod32kui] C:\Program Files\Eset\nod32kui.exe /WAITSERVICE O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\WebshotsTray.exe O9 - Extra button: Messenger (HKLM) O9 - Extra 'Tools' menuitem: Messenger (HKLM) O10 - Broken Internet access because of LSP provider 'imon.dll' missing O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/bcd48c18cb7498/housecall.antivirus.com/housecall/xscan53.cab
__________________
Foosball is a SPORT, when we play its a game, Tuition is two quarters around here.
|
|
#8
November 11th, 2003, 04:05 AM
|
||||
|
||||
|
Re:asviewer
Hi FukenFooser 007.5,
Yes, everything you recognize as belonging to something that is no longer installed, can be Fixed. But HijackThis does not uninstall anything, just disable. So it is not an advised tool to use as an uninstaller, because a lot of files and registry entries will be left behind. For legitimate programs it is always advised to use the official uininstaller or uninstall through Add/Remove programs. Regards, Pieter
__________________
Regards, Pieter Itīs nice to be important, but itīs more important to be nice. Remove & Prevent spyware It's human to make mistakes. It's even more so to blame the computer for it. |
|
#9
November 11th, 2003, 08:40 AM
|
||||
|
||||
Re:asviewer
 Ok thanks again for the help and Have A Great Day!!
__________________
Foosball is a SPORT, when we play its a game, Tuition is two quarters around here.
|
| « Previous Thread | Next Thread » |
| Thread Tools | Search this Thread |
|
|
