User | Post |
HyperLamer
Posts: 4803/8210 |
Unless it's a rootkit you installed yourself or a known false positive, you probably should be worried. |
iamhiro1112
Posts: 457/487 |
I'm not sure, but it was a program that I already knew about so I'm not worried. Anyway I did fix the problem tho. I did it by opening the task manager and ending different processes until I found the one that was keeping my computer from working right. Then I turned off the net and system restore. Then I ran lots of antivirus software scans and adware and spyware. It was a bad problem but I finally nailed it. Then I had to get some AVG firewall cause I don't want this to happen again. |
FreeDOS
Posts: 1464/1657 |
Whoa whoa, which program came up as a rootkit? That's rarely a good thing. |
iamhiro1112
Posts: 454/487 |
Well, I did the rootkit revealer but the only program I showed is one that I use. I have done adware and spyware removers also. I might wind up deleting the hard drive and starting fresh. That sux cause I just did that a week ago and Now I'll lose what I had barely gotten back. |
HyperLamer
Posts: 4701/8210 |
Google doesn't seem to mention anything bad about that OmniPass program. It looks like you might have a bit of spyware though (lot of toolbars and extra options ). Tried scanning lately? (Ad-Aware and Spybot: Search And Destroy should do the job.) |
FreeDOS
Posts: 1460/1657 |
Only thing I'm suspicious of there is the OmniPass program... I've never heard of it, so look into that. Unless you know what it is and it's safe.
Edit: Just got an idea, use RootKitRevealer to see if there are any rootkits. Rootkits modify kernel code in order to hide files and things from the operating system. RKR checks for differences between the actual file, memory, and registry structures to notice this. However, it cannot be guarenteed to always detect them. Also, it'd be difficult, if not impossible, to remove a rootkit even if you find it. |
iamhiro1112
Posts: 451/487 |
I'm pretty sure I can fix this with Hijack this but I'm not sure what to delete. Earlier I could not even save pictures from the internet but Someone else showed me a few things to delete and that fixed that problem. Anyway, here is the log. I am willing to delete anything to get this fixed.
Logfile of HijackThis v1.99.1 Scan saved at 12:27:55 AM, on 5/31/2005 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Softex\OmniPass\OPXPApp.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\NOTEPAD.EXE C:\Program Files\hijackthis\HijackThis.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file) O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe O4 - HKLM\..\Run: [Compaq32 Service Drivers] msconfig32.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\RunServices: [Compaq32 Service Drivers] msconfig32.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRA~1\AIM\aim.exe O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409 O17 - HKLM\System\CCS\Services\Tcpip\..\{9C8D999E-7CDD-4DD7-ADBF-34CB3937B516}: NameServer = 66.128.169.236,64.128.186.1 O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O20 - Winlogon Notify: OPXPGina - C:\Program Files\Softex\OmniPass\opxpgina.dll O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe O23 - Service: Hardware Clock Driver (hwclock) - Unknown owner - C:\WINDOWS\System32\hwclock.exe (file missing) O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Softex OmniPass Service (omniserv) - Unknown owner - C:\Program Files\Softex\OmniPass\Omniserv.exe |