Little problem but dont know how to solve it

S

shell1

Solid State Member
Messages
9
While on the internet two things happen:
1) Some words are hyperlinked to ntsearch and somethimes taking away a hyperlink and replacing it with one going to ntsearch and i dont know how to get rid of it if any knows could you please help thanks

2)When i try to go onto the internet at different times and different websites a message box comes up with a loud noise and says cannot open site operation oborted and then sends me to a cannot display site and then to another site i dont quite know what it is. Any suggestions into how to get rid of this eith please thanks

Thanks for trying to help if you offer your advice because i really cannot reformat the computer beause all my coursework pictures etc take up to many disk and i simply have not enough time.

Shell
 
Sounds like you got some spy/adware..

Download these tools.
AVG-antivirus
AdAware
Highjackthis.

install and update all these tools and run the scans..
 
thnx ive downloaded them and they are scanning looks like it might take some time but one have come up with a few virus all begining with trojan how lethal is this cause theres a few and any idea what
GMT - GatorStubSetup is? it seems this might be infected but i dont even know what it is or how it got there!!
lol getting a bit stressed and tired thanx for the help and i am open if any one has any suggestions thanks
 
Well run each scan..

The ntsearch sounds like a browser highjack..
1st do the virus scan.
2nd do the spyware scan
3rd do the highjackthis scan and remoce any highjacks.

You should be fine then
 
well done these scan late last night and tried again now but the problem is still happening what could i try next?
 
Did you run highjackthis and remove any browser highjacks? If you dont know what to remove Email me the log and I send back what to remove..

I did a further search and yes it is a browser highjack.
 
ok so remove all browser logs?
erm how do i tell what are browser logs?
sorry im not so good at technical terms and i dnt reccon i could emnail it the stupid thing is affecting my email :(
thanks once again
 
as i cant email the damn thing just tried i cant thin k of any other way but than to copy n paste it(I know) erm thanks lots and lots again
 
Run Highjackthis.. clcik the scan and save log..

Copy the whole log. and paste it here.

I'll look for it here.
 
Logfile of HijackThis v1.99.1
Scan saved at 17:01:10, on 09/08/2005
Platform: <a href="http://www.ntsearch.com/search.php?q=Windows&v=55">Windows</a> XP (WinNT 5.01.2600)
MSIE: <a href="http://www.ntsearch.com/search.php?q=Internet&v=55">Internet</a> Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\TOSHIBA\Power Management\CeEPwrSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TOSHIBA\Power Management\CePMTray.exe
C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
C:\WINDOWS\System32\P2P Networking\P2P Networking.exe
C:\program files\altnet\points manager\points manager.exe
C:\Program Files\Common Files\CMEII\CMESys.exe
C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe
C:\Program Files\Messenger Plus! 3\MsgPlus.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\Program Files\Lexmark X74-X75\lxbbbmon.exe
C:\PROGRA~1\Altnet\DOWNLO~1\asm.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\ctfmon.exe
C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe
C:\WINDOWS\sp.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
c:\progra~1\intern~1\iexplore.exe
C:\Corel\Graphics8\Programs\MFIndexer.exe
C:\Program Files\Common Files\GMT\GMT.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\shell\Local Settings\Temporary <a href="http://www.ntsearch.com/search.php?q=Internet&v=55">Internet</a> Files\Content.IE5\1X6CRK14\HijackThis[1].exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,<a href="http://www.ntsearch.com/search.php?q=Search&v=55">Search</a> Bar = http://www.cfhedjzzyauya.com/zx_6UfErDRHfUppj/66azEEbXOCZKnNohHU_wQ414Oyqo5nlCsEvJuj10sjbSERc.html
O4 - HKLM\..\Run: [CeEPOWER] C:\Program Files\TOSHIBA\Power Management\CePMTray.exe
O4 - HKLM\..\Run: [CeEKEY] C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
O4 - HKLM\..\Run: [CPLDBL10] C:\Program Files\EzButton\CPLDBL10.EXE
O4 - HKLM\..\Run: [TPNF] C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
O4 - HKLM\..\Run: [websx] C:\Program Files\websx\int113777.exe -auto
O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\System32\P2P Networking\P2P Networking.exe /AUTOSTART
O4 - HKLM\..\Run: [KAZAA] C:\Program Files\Kazaa\Kazaa.exe /SYSTRAY
O4 - HKLM\..\Run: [AltnetPointsManager] c:\program files\altnet\points manager\points manager.exe -s
O4 - HKLM\..\Run: [CMESys] "C:\Program Files\Common Files\CMEII\CMESys.exe"
O4 - HKLM\..\Run: [Lexmark X74-X75] "C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe"
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [anti more chic wave] C:\Documents and Settings\All Users\Application Data\proxy help anti more\aimbody.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe"
O4 - HKCU\..\Run: [sp] C:\WINDOWS\sp.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [Winsixth] C:\DOCUME~1\shell\APPLIC~1\KNOBHE~1\cash <a href="http://www.ntsearch.com/search.php?q=time&v=55">time</a>.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: Corel MEDIA FOLDERS INDEXER 8.LNK = C:\Corel\Graphics8\Programs\MFIndexer.exe
O4 - Global Startup: GStartup.lnk = C:\Program Files\Common Files\GMT\GMT.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: <a href="http://www.ntsearch.com/search.php?q=Windows&v=55">Windows</a> Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab30149.cab
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab30149.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: AVG7 Alert Manager <a href="http://www.ntsearch.com/search.php?q=Server&v=55">Server</a> (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: CeEPwrSvc - COMPAL ELECTRONIC INC. - C:\Program Files\TOSHIBA\Power Management\CeEPwrSvc.exe
O23 - Service: iPod Service (iPodService) - <a href="http://www.ntsearch.com/search.php?q=Apple&v=55">Apple</a> <a href="http://www.ntsearch.com/search.php?q=Computer&v=55">Computer</a>, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce <a href="http://www.ntsearch.com/search.php?q=Server&v=55">Server</a> (LexBceS) - <a href="http://www.ntsearch.com/search.php?q=Lexmark&v=55">Lexmark</a> International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
 
You must log in or register to reply here.

Similar threads

M
How to couple Desktop Gaming PC to Laptop for Streaming?
Replies
0
Views
530
motaro38
M
S
Would it benefit me joining Discord chat groups?
Replies
0
Views
865
Scissorman
S
S
How can I get faster Internet?
2
Replies
16
Views
2K
Harays04
H
S
How to check offline PC history in win7
Replies
3
Views
601
Joe C
Joe C
P
IDE drive - how to pull files off of
2
Replies
11
Views
2K
pnolans
P
Back
Top Bottom