• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

Virus, i think, but nothing finds it

C

Caligo

Guest
#1
Ok, here are the things that have happened so far:
1. ZoneAlarm and Norton 2002 open with the interfaces missing most of their buttons and all information(can't close zlclient process, says I don't have permission and access denied)
2. Logon password character changed from dot to pipe "|"
3. www.sarc.com won't open, nor will several other antivirus sites, like mcaffee(Only in IE are they blocked) By blocked, I mean they don't load all the way. Only the top banner and a few links.
4. downloaded avg and another virus checker from panda software but they found nothing.
5. Changes fonts on most sites in Mozilla 1.5

Does anyone recognize this as something?? I can't format and start over until the end of next week. Any suggestions will be greatly appreciated. Thanks.
 

ming

OSNN Advanced
#2
Haven't heard that one before. Think you'll just have to take precautions, while seeing it through til the end of next week mate.

On the other hand, have you done any system maintenance recently? Like use Norton Utilies to find errors and stuff? Maybe that'll fix some of the problems you have.
 
C

Caligo

Guest
#3
I don't have norton utilities, just the antivirus. Should I run some of the maintenance tools in windows and see if it finds anything? Does this sound like a virus or did windows just screw up again? Happened a few months ago, windows just decided it would no longer boot(couldn't find some files and it wouldn't let me write to the drive when I booted into the repair console) and I had to redo it. Possibly related?? Thanks.
 
C

Caligo

Guest
#6
Thanks, I will try that site as soon as I get back to the computer and then post an update on anything it finds.
 
C

Caligo

Guest
#7
It didn't find anything. I think my computer is sending email too. Every time I do a send and receive in Outlook 2003 the thing says it's receiving on both accounts but also that it's sending on both of my accounts. Also, I've gotten a few blank emails. No sender, or recipient, size is 0, just the time it was received.
 

j79zlr

Glaanies script monkey
Political User
#8
wierd, have you checked msconfig for strange startup items? what about this registry value, has anything tacked itself on with explorer.exe

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon

check the value of "Shell"
 

Perris Calderon

Moderator
Staff member
Political User
#9
put one of your other addresses in your email library, and don't send yourself anythinhg

see if you get anything from this account.
 
C

Caligo

Guest
#10
Ok, the value for shell is Explorer.exe. I looked through all of the latest threats on sarc.com and none of them fit the problems I am getting.
 
C

Caligo

Guest
#11
Just restarted my computer and it said at post, Back up all data SMART has detected an imminent failure may occur, or something like that. Not sure what to think of that, but I won't be restarting it again.
 

leedogg

Gojyone kawaiiiiiiii!
#12
Sounds like a windows repair is in order. Plus try reinstalling chipset drivers. My system kept falling apart when I didnt have any chipset drivers installed. Might be a trojan, these arent as easy to detect, see what is loading during startup - get asviewer or startup control panel.
 
C

Caligo

Guest
#13
Would that cause the SMART error at the beginning or is it likely that there is something genuinely wrong with the drive?
 
#15
SMART is the hard drive internal diagnostics. Built into the drive to detect something going bad. It has detected the HD is about to die.

Back up your data.
Run the manufacturers diagnostics
Send in diagnostic report and get RMA.
Get a new drive free. :)

The SMARTs message may / or may not be related to the original problem but you should not ignore it.
 
C

Caligo

Guest
#17
Here is the output from open ports. Startuplist output is attached.

______________________________________________________________________________

SYSTEM [0]
TCP 192.168.1.101:1644 207.44.192.61:80 TIME_WAIT
TCP 192.168.1.101:1636 207.44.192.61:80 TIME_WAIT
TCP 192.168.1.101:1601 207.44.192.61:80 TIME_WAIT
TCP 192.168.1.101:1613 207.44.192.61:80 TIME_WAIT
TCP 192.168.1.101:1649 207.44.192.61:80 TIME_WAIT
TCP 192.168.1.101:1645 207.44.192.61:80 TIME_WAIT
TCP 127.0.0.1:1582 127.0.0.1:31595 TIME_WAIT
TCP 192.168.1.101:1626 207.44.192.61:80 TIME_WAIT
TCP 192.168.1.101:1594 207.44.192.61:80 TIME_WAIT
TCP 192.168.1.101:1650 207.44.192.61:80 TIME_WAIT
TCP 192.168.1.101:1647 207.44.192.61:80 TIME_WAIT
TCP 192.168.1.101:1611 207.44.192.61:80 TIME_WAIT
SYSTEM [4]
TCP 192.168.1.101:139 0.0.0.0:0 LISTENING
TCP 0.0.0.0:1026 0.0.0.0:0 LISTENING
TCP 0.0.0.0:445 0.0.0.0:0 LISTENING
UDP 192.168.1.101:137 0.0.0.0:0 LISTENING
UDP 192.168.1.101:138 0.0.0.0:0 LISTENING
UDP 0.0.0.0:445 0.0.0.0:0 LISTENING
svchost.exe [636]
TCP 0.0.0.0:135 0.0.0.0:0 LISTENING
svchost.exe [668]
TCP 0.0.0.0:1201 0.0.0.0:0 LISTENING
TCP 0.0.0.0:1198 0.0.0.0:0 LISTENING
TCP 0.0.0.0:1025 0.0.0.0:0 LISTENING
UDP 127.0.0.1:123 0.0.0.0:0 LISTENING
UDP 192.168.1.101:123 0.0.0.0:0 LISTENING
svchost.exe [752]
UDP 0.0.0.0:1074 0.0.0.0:0 LISTENING
UDP 0.0.0.0:1040 0.0.0.0:0 LISTENING
svchost.exe [768]
TCP 0.0.0.0:5000 0.0.0.0:0 LISTENING
UDP 127.0.0.1:1900 0.0.0.0:0 LISTENING
UDP 192.168.1.101:1900 0.0.0.0:0 LISTENING
iexplore.exe [952]
TCP 192.168.1.101:1640 217.79.127.10:80 ESTABLISHED
TCP 192.168.1.101:1641 213.130.34.120:80 ESTABLISHED
TCP 0.0.0.0:1640 0.0.0.0:0 LISTENING
TCP 0.0.0.0:1641 0.0.0.0:0 LISTENING
UDP 127.0.0.1:1244 0.0.0.0:0 LISTENING
spmd.exe [1100]
TCP 0.0.0.0:7050 0.0.0.0:0 LISTENING
ray3xsi3_0server.exe [1304]
TCP 0.0.0.0:7003 0.0.0.0:0 LISTENING
WebProxy.exe [1716]
TCP 127.0.0.1:31595 0.0.0.0:0 LISTENING
UDP 127.0.0.1:18001 0.0.0.0:0 LISTENING
Mozilla.exe [1828]
TCP 127.0.0.1:1508 127.0.0.1:1509 ESTABLISHED
TCP 127.0.0.1:1509 127.0.0.1:1508 ESTABLISHED
TCP 127.0.0.1:1508 0.0.0.0:0 LISTENING
TCP 0.0.0.0:1509 0.0.0.0:0 LISTENING
 
C

Caligo

Guest
#19
That's good. So does this mean that my hard drive is going bad or did XP dropkick itself? I'll run the diagnostic tools from Western Digital later today and see what comes up.

Leedog, you mentioned installing chipset drivers. Did you mean for the motherboard chipset? I installed those when I formatted and reinstalled back in October.

Thanks for the help.
 
C

Caligo

Guest
#20
IT'S FIXED!!! I downloaded the diagnostic tool from western digital and it did a complete scan of the drive. It said that it found several lbad sectors but it could fix them. I backed up my data and let it try. I restarted and everything is back to normal. How could something like that cause the problems that I was having? Thanks for all the help everyone.
 

Members online

Latest posts

Latest profile posts

Electronic Punk wrote on Perris Calderon's profile.
All good still mate?
Hello, is there anybody in there? Just nod if you can hear me ...
Xie
What a long strange trip it's been. =)

Forum statistics

Threads
61,961
Messages
673,239
Members
89,017
Latest member
loxioalix