"Your computer is infected" but a little different

Status
Not open for further replies.
wdawg, I'll let momok handle the logs but wanted to make one comment: be careful of the sites you download from. When possible, use the site of the company that writes the program or a mirror site that is trusted. There are some site that tack on extras when you download from them.

I see downloads offered on the torrent sites. There are file sharing and are not safe or reliable with respect to only getting the download you want without 'extras'..
 
Hi,

I didn't mean Norton was freeware lol. I meant it didn't do even as good a job as freeware like Avira and Avast for example. Avira and Avast are very good alternatives.

These can be fixed:
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [YMailAdvisor] "C:\Program Files\Yahoo!\Common\YMailAdvisor.exe"
O4 - HKLM\..\Run: [YSearchProtection] "C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe"
O4 - HKCU\..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'Default user')
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O23 - Service: Content Monitoring Tool (msCMTSrvc) - Unknown owner - C:\WINDOWS\system32\msCMTSrvc.exe (file missing)
If you choose to uninstall norton and use one of the alternatives, you can fix these:
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
Be sure to do a proper uninstallation too though.
 
Quick question for anyone. I always tend to have two of these files in my processes under Task Manager:

CCSVCHST.exe

One has a username of my current active login and one has a username of SYSTEM. I only mention this because it seems that 95% of the time when I go to reboot or shutdown, I get a popup saying that that filename is unresponsive. Instead of letting it close itself, I always click End Now to get it to close faster and therefore reboot or shut down my computer faster.

I just wonder why this file always has a problem when I'm shutting down. I have no idea what it is or what it's for, either.

Update: Looking above at Momok's last reply, it appears that the file is attached to Norton's Live Update function. Still wonder why it has 2 of them - perhaps that's why it's unresponsive all the time?
 
I have no idea why there are two of that in your task manager. If you uninstall it and fixed those in HJT they should not be running anymore. If there are problems fixing them, you can post a fresh HJT log to check just in case.
 
Sounds like there may be an entry left on Startup, since it's hanging. Using msconfig, navigate to the Startup menu and remove any remaining Norton/Symantec entries.

Click on Apply> OK> Reboot> Close nag message after checking 'don't show message again.'

Since there is no new log since the Norton removal, we have nothing to go by.
 
An easy solution

Hello wdawg

I had the exact same problem like you but only worse , my background became a permanent depressing blue. Like a guy who said before remove anything fishy from the startup , you should also run this scan from Microsoft.

google "Windows Live OneCare safety scanner" and click on the first link and start the full service scan

You do not need to install anything it will just scan and remove all the malicious stuff. You have Norton which I do not recommend. After the web scan you might consider buying Bitdefender which has solid performance and low system impact. If you want something free than get Avast which is also very good. Dont get the Professional version , the Home version has everything that a normal user requires.

To make removing Norton easy, use the Norton removal tool which does everything for. google "norton removal tool" and click on the first link and select Norton 360 and download it, then double click and run. It remove everything form folders to registry entries associated with 360.

Hope this helps.
 
Windows Live OneCare is not enough to deal with the malware. In fact, there is no single program that effectively removes all types of malware. That said, wdawg is now clean of malware as we have just finished the cleaning earlier.

The norton removal tool is a good idea though. We have it on our forums, just got to search it.
 
Bobbye - I didn't remove Norton in this whole process. I think you're thinking that I did already. Norton is my anti-virus, although, I have thought about switching to another one because as Momok says: It's "bloatware" and makes my computer pretty sluggish. My concern is that the file I mentioned above is duplicated in my processes while it's running. One under my username and one under "system". Whenever I shut down or reboot, that file comes up as unresponsive like 95% of the time. Not sure why.

Any suggestions for free anit-virus/firewall protection? I still have the Avira application downloaded but not installed. Any suggestions?
 
Anti Virus + Firewall

Some of us already mentioned Avast ! which is a fully functional anti-virus and for firewall I recommend getting Comodo Firewall Pro which is one best to date.
 
Thanks for the suggestion, Vezineth. I'm kind of leery about anything outside of Norton. Ever since I've owned a computer, I've only ever used Norton. It would feel quite odd to step out of that "realm" of security without knowing a lot about the success of some of these other programs.
 
It was the exact same case here , I grew up with Norton on my PC ( I am 18 ). I used to love the simplicity and security Norton offered. After 2000 they started to lose their grip and began to be bloated and ineffective. Since then I have used and experimented with every major antivirus and internet security suites : Mcafee , Trend , Norton , Avast , Asampoo, Comodo, AVG, Kaspersky and so on. The best to my knowledge is Bitdefender which has incredible detection rate ( second to Kaspersky) and such low system impact that I have sicked to it for over a year although I try out the newer ones for the sake of trying. I advise you to get it from Mininova ( see the one labeled Heartbug) if you wish to avoid any further infections.
 
When swapping anti-virus, and to stay protected even during the switch, how should I go about with installing a new anti-virus/firewall? I don't know if I can leave Norton operational and then install new ones over top of it or if I have to uninstall Norton and then install the newer one.
 
First download your preferred antivirus and firewall and also download the norton removal tool (see my first post) disconnect and run the removal tool. You will have to restart and when you log in again stay disconnected and install the AV+FW and update. the run a deep scan ( depending on your AV choice it may come as "including archive") and voila you a running computer. You might also want to check out this utility

www(dot)iobit(dot)com/beta(dot)html

Your computer will be much faster trust me. And by the way which OS do you have ?
 
Didn't quite do it in the order or the way you mentioned, but I think I'm there now. I ended up with Avira for Anti-Virus and Comodo for firewall. Removed Norton and then used the NRT to knock out the rest of it.

We'll see how it works out from here. Seems okay so far. Not noticing the huge difference in speed, but somewhat. I think the slowest thing, now, is FireFox. I switched from IE to FireFox and it seems like it takes longer to load than IE did.

My OS is Home XP.
 
Firefox tends to be slow especially if you use several add-ons. Are you using firefox 3?
 
I don't think I have any add ons. I completely got rid of all my toolbars (I think) which was a majority of the Yahoo stuff. It seems to be better now than it was when I first downloaded it. Once it opens, it works relatively fast. It will take some getting used to it, I believe.

Yes, I got the latest FF3 from their main page.
 
Hmm well fast is good =)
Let us know if you have anymore problems then. Enjoy your new system ;)
 
Momok

Will do. Once again, thanks for the consistent help to get my computer up and going again and all the helpful hints. You were great!

=)
 
Firefox if naked ( no extensions ) is faster than IE. The fastest browser is Google Chorme. If you are looking for speed and simplicity you should get it. And did you try the iobit software ?
 
Vezineth: it would be more useful to provide some form of evidence to support your claims on the browser. Perhaps you should also give some insights into its security as compared to the other browsers.
 
I think it was just an initial test period with Firefox and running slow. I've had no problems with it since. It actually hauls tail pretty quickly. Opening tabs, shutting down the main window - everything is much faster than IE was. Now, this could be the result of getting my system clean (courtesy of Momok - and everyone else), and so I probably don't have all that malware slowing down my system, but it's a nice change. I saw a bunch of ads while surfing yesterday for the Chrome and while it looks neat, I'm sticking to Firefox for the indefinite future. It's a little goofy with its' setup and looks (comparitive to IE), but it just will take getting used to.

Have no idea about iobit software that you mentioned, though.
 
I've used Firefox since the first final version came out- almost 4 years ago- now have v3.0.3. I have some extensions. I wouldn't even consider going back to IE!. My homepage in Firefox opens with 7 tabs and loads in what I consider a very reasonable time.

As for the Iobit program mentioned, it is a beta version- beta means bugs and unless you're a tester, best stay away.

Must say, I got chuckle out of this comment:
I grew up with Norton on my PC ( I am 18 ).

Ah the wisdom of youth!
 
The Iobit is in the RC 2 stage which is Release Candidate as you know will be almost identical to the final version. I have went through ever beta version and believe me it is very stable.

I have also used FF since Version one and amassed a mass of extension. Until I found FEBE to back those extension I went through some extension bankruptcy and heartbreak , i.e. I lost them.

I was in a good mood when I wrote that. Glad you found it humorous.
 
Status
Not open for further replies.
Back