I am new here and I need help with my comp. I tried to post a new thread, but i am not allowed. My comp will not let me clear history or bookmark anything in my browser. The browser i am using is firefox (I disabled IE). I am running windows XP. Also i cannnot run task manager by pressing ctl alt del. Even if I right click on the taskbar i can click task manager, but it will never open. Also, now I am getting a bunch of pop ups that say that i have spyware on my comp. I am pretty sure there are many more things wrong with my comp, i just havent noticed them yet. Can you help me

I tried to post a new thread, but i am not allowed.

Hello, this is a new thread. ;)

Now follow the instructions here BEFORE you post and who will advise you. Preliminary Steps (http://forums.spybot.info/showthread.php?t=288) to get a HJT log.

Copy paste the HJT log here into this thread, and a helper will advise you as soon as available to do so.

Regards.

plus i been getting a whole bunch more like this

Logfile of HijackThis v1.99.1
Scan saved at 4:11:30 PM, on 8/29/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\termcaps.exe
C:\Program Files\winupdates\winupdates.exe
C:\Program Files\paytime.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\System32\hphmon05.exe
C:\windows\system32\dwdsregt.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\Program Files\Hijack This\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = c:\secure32.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = c:\secure32.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = c:\secure32.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = c:\secure32.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = c:\secure32.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = c:\secure32.html
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 0.0.0.0:80
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: Shell=Explorer.exe, C:\WINDOWS\System32\rvtyi.exe
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,dqbdsgm.exe
O1 - Hosts: 216.19.0.250 idenupdate.motorola.com
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [termcaps] C:\WINDOWS\System32\termcaps.exe
O4 - HKLM\..\Run: [winupdates] C:\Program Files\winupdates\winupdates.exe /auto
O4 - HKLM\..\Run: [w0017143.dll] RUNDLL32.EXE w0017143.dll,I2 00088f9f00017143
O4 - HKLM\..\Run: [SysTray] C:\Program Files\paytime.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [HPHUPD05] C:\Program Files\Hewlett-Packard\\{5372B9A6-6E51-4f90-9B40-E0A3B8475C4E}\hphupd05.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [{01-14-44-47-ZN}] C:\windows\system32\dwdsregt.exe GID003
O4 - HKLM\..\RunServices: [termcaps] C:\WINDOWS\System32\termcaps.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [shell] "C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00001.exe"
O4 - HKCU\..\Run: [termcaps] C:\WINDOWS\System32\termcaps.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - Startup: Z_Start.lnk = C:\WINDOWS\pf78bb.exe
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

I left my comp on last night accidentally, and when I woke up this morning I had to X off those same popups for about 30 minutes (literally)

Hi there.

Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Is there a reason you have not updated, the information is useful for our helpers assisting you. :)

Please see: You and Windows, a joint effort (http://forums.spybot.info/showpost.php?p=25290&postcount=4)

Hi there.


Is there a reason you have not updated, the information is useful for our helpers assisting you. :)

Please see: You and Windows, a joint effort (http://forums.spybot.info/showpost.php?p=25290&postcount=4)

I haven't updated IE because I use Firefox as my primary browser. I haven't updated to SP@ because I have an illegal version of XP

*edit* SP2

A friend of mine Built my PC and installed XP on it for free, that's why I believe it isn't a genuine copy of XP. I tried to update to XP and it wont let me.

sorry i mean I tried to update to service pack 2

Hi hpnotiq151
I am not (most helpers aren't) comfortable helping clean a PC that is not legit or cannot update for whatever reason, besides it would be a waste of our time to do so, since it cannot be updated even if cleaned it would just get reinfected,, probably within days.

Either get a legit windows or get used to repeatedly cleaning the PC on your own.

Good luck

get used to repeatedly cleaning the PC on your own.

Good luck

i would if i knew how

i would if i knew how

ok i formatted my hard drive and went out and purchased a genuine copy of XP and now i have SP1 AND SP2. Being that i just did a fresh install what is the best anti-virus program i can use?

Hi

For paid for I recommend Nod32 by eset or Kaspersky
If you need free antivirus there are several to choose from mentioned here
firewall programs also. http://forums.spybot.info/showthread.php?t=279
Dont make the mistake of installing more than one firewall or antivirus programs

Think Prevention: Put in place a good hosts file
http://www.mvps.org/winhelp2002/hosts.htm
You will need to replace it about once or twice a month

This topic has been archived. :)