coocy

I have 2.0 beta because I still have the beta versions of vb.net and sql server 2005 installed on my computer. I guess I'll have to use the final version. Anyway, thanks for all the advice Coocy

Do you mean that I should install Microsoft NET Framework 1.1 over Microsoft NET Framework 2.0 beta ?

What will happen to Visual Studio and sql server 2005 ?

Well its me again I need an answer to this: On my Xp sp 2 i installed Microsoft NET Framework 2.0 beta required for Visual studio and sql server 2005. Yesterday i tried installing the videoediting program Vegas 6 D .... BUT it asked for Microsoft NET Framework 1.1 service pack 1. How can I solve this problem? Coocy :

HI everybody, I have a Question: I just installed yahoo messenger and it automatically installed the Yahoo toolbar in FireFox. So : I uninstalled the yahoo toolbar from the control panel and even uninstalled FireFox and re-installed it again BUT the Yahoo toolbar still appears in FireFox. Does anyone have a solution for me? Thanks, Coocy

I just want to have a second disk installed besides the one i already have with XP. On the second disk i want windows 2000.

Hello y'all, My pc has 1 hard drive with xp and i want to install a second disk drive with another os: windows 2000. I keep reading that I must make a menu in BIOS so that I can manually specify which of the hard drives I want to start. Does anyone know this? Thanks

My native tongue is Dutch and the local dialect. As you see I can speak, read and write English fluently. Understand a little bit of hindi ( Bollywood films )

39 or is it 93 ? I forget

I had the feeling it would come out the reason I say this is because I downloaded SP1 And Sp2 and hotfixes. And when I ran Belarc it listed: SP3 passed verification KB885626 on 1/2/2005 (details...) So I knew SP3 was coming up soon. Coocy

No I don't have the virus more. At this moment I have no problem . I just downloaded cwshreddwer again and ill use it later. Now I am looking at switching from Internet Explorer to either Firefox, Netscape or Opera. Any sugesstions? Coocy

Thanks for all the suggestions and help Everybody:).

Hi Guys , I did the following: I downloaded GiPo@FileUtilities and used MoveOnBoot to move the file: C:\Windows\System32\svchosts.dll to another location Then I rebooted and changed the Desktop wallpaper and deleted the file c:\Windows\Web\desktop.html. Then ran MS AntiSpyware and the Virus was not detected anymore !!!!!!!! After that I used your Cleaning Suggestions: 1. booted pc in safe mode 2. Used Ad-Aware SE professional 1.03 Updated. (Not SE Personal 1.05). Ad_watch is now enabled. Hope that will be enough protection along with Spyware Blaster and MS Antispyware. 3. I couldnt get CWshredder to work as it is a .14 file !!?? Don't know how to use it. 4. Installed and ran Spyware Blaster 3.3. Updated. 5. Ran Spybot S&D 1.4 rc2b. Updated. Then re-booted and repeated 2,4 and 5. 6. Ran CCleaner v1.18.101. Updated. But I didnt clean any registry or issue. Was afraid to. Only Log or txt files. 7. Ran HijackThis 1.99.1 and deleted all the files as you indicated. 8. Ran HijackThis once again and posted the log here: Logfile of HijackThis v1.99.1 Scan saved at 5:21:22 AM, on 4/29/2005 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Ahead\InCD\InCDsrv.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\Alias\Maya 6.0 Personal Learning Edition\docs\wrapper.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alias\Maya 6.0 Personal Learning Edition\docs\jre\bin\java.exe C:\WINDOWS\Explorer.EXE C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\Ahead\InCD\InCD.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Microsoft AntiSpyware\gcasServ.exe C:\Program Files\MSN Apps\Updater\01.02.3000.1001\en-us\msnappau.exe C:\WINDOWS\System32\ctfmon.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe C:\WINDOWS\System32\wuauclt.exe C:\Documents and Settings\USER\My Documents\Antivirus\HijackThis\HijackThis.exe O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~2\SDHelper.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [inCD] C:\Program Files\Ahead\InCD\InCD.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [scanRegistry] C:\W O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe" O4 - HKLM\..\Run: [msnappau] "C:\Program Files\MSN Apps\Updater\01.02.3000.1001\en-us\msnappau.exe" O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [mount.exe] C:\Program Files\GiPo@Utilities\GiPo@FileUtilities\mount.exe /z O4 - Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Autodesk Licensing Service - Unknown owner - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Maya 6 PLE Documentation Server (mple6docserver) - Unknown owner - C:\Program Files\Alias\Maya 6.0 Personal Learning Edition\docs\wrapper.exe" -s "C:\Program Files\Alias\Maya 6.0 Personal Learning Edition\docs\Wrapper.conf (file missing) O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe Maybe you can advice on this log too . I also downloaded Firefox. I'll check that out. Coocy

I mean the wallpaper comes back on the desktop and the c:\windows\web\desktop.html returns. Sort of recreates itself.

I tried MS AntiSpyware in Safe mode which detected and removed the virus/Trojan, but after a few seconds it came back. This is the Hijackthis log: (Safe Mode): Logfile of HijackThis v1.99.1 Scan saved at 5:11:14 PM, on 4/28/2005 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Microsoft AntiSpyware\GIANTAntiSpywareMain.exe C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe C:\Program Files\Microsoft AntiSpyware\gcasServ.exe C:\WINDOWS\System32\ctfmon.exe C:\Documents and Settings\USER\Desktop\HijackThis.exe O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_5_7_0.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll O3 - Toolbar: (no name) - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - (no file) O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_5_7_0.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [inCD] C:\Program Files\Ahead\InCD\InCD.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [scanRegistry] C:\W O4 - HKLM\..\Run: [upConfgVer] "C:\Program Files\Panda Software\Panda Antivirus Platinum\UpgConf.exe" /v:7.05.07 O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe" O4 - HKLM\..\Run: [msnappau] "C:\Program Files\MSN Apps\Updater\01.02.3000.1001\en-us\msnappau.exe" O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q O4 - Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\DAP\dapextie2.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycdict.htm O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe O16 - DPF: {2ED9BC2B-4DF1-472E-9B5E-55477D2C97F5} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/odc.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5co...b?1104455146043 O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmesse...pdownloader.cab O21 - SSODL: SysTray.Ev - {F5B1D0BE-5f02-4255-96DB-388DFA244900} - C:\WINDOWS\System32\mkgicjke.dll (file missing) O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Autodesk Licensing Service - Unknown owner - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Maya 6 PLE Documentation Server (mple6docserver) - Unknown owner - C:\Program Files\Alias\Maya 6.0 Personal Learning Edition\docs\wrapper.exe" -s "C:\Program Files\Alias\Maya 6.0 Personal Learning Edition\docs\Wrapper.conf (file missing) O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe Coocy

Well I am still trying to find out whats wrong. I found out that all the anti-virus programs will remove it , but it comes back. Even NOD32 didnt even detect it !!!!!??? I think the Dialervirus starts up with the pc. I found this out: - in C\Windows\System32\lknfmkcp.exe and a svchosts.dll. Both with the same exact date and time: 25 april 2005 12:45 am. - in C\Windows\Prefetch\RUNDLL.32.exe-[some numbers and letters] This one ran several dates and times up till now. each time it has different letters and numbers and is bigger in size. All 3 unknown applications. But I still Don't know if I should just delete them. I know svchosts.dll is NOT the same as svchost.dll I do try all of your suggestions by the way. Thanks. I am now looking at this website http://www.f-secure.com/v-descs/googkle.shtml BUT they dont say HOW to remove it. Permanently I mean. Coocy

I also Posted Hijack this log. And I tried what Tarun said. But Avast didnt clean the dialer! Hope someone will help with the right solution. Because I tried alot of Anti virus programs. I think this a New sort of virus.

Thanx for your quick reply. Seems to me I have a big problem, because just a few minutes agoI tried : McAfee Stinger and Avast. Neither detected the LookingFor Dialer/virus. What to do ?

I have Panda Antivirus 2005, Spyware Doctor , Ad-Aware and Spybot Search & Destroy. All of them are updated BUT they didnt see the virus. Only Microsoft Anti Spyware and Ad-protect see it and called it: LookingFor. Which is a Dialer which dials premium numbers and puts a wallpaper on the desktop with links to http://topantivirus.biz/. When I remove the virus or dialer with either Microsoft Anti Spyware or Ad-protect ...it returns after a few seconds. Somehow by re-creating the deleted html file in: C:\WINDOWS\Web\desktop.html. Ill try Stinger

Hi Guys it's me again , How you've been? I hope you can help me. I have a virus on my pc. When I run MS Antispyware it finds a virus called: LookingFor Dial. But when I remove it, it comes back after a few seconds. I also found out that it creates an html file in: C:\WINDOWS\Web\desktop.html One way or another it removes my own wallpaper and puts its own wallpaper which says that I have virus on my pc. It has a link to http://topantivirus.biz/ . This has links to anti-virus programs. Don't know how to remove..so please help... Coocy

Just wanna know which anti-spyware is the ultimate best at this moment for Windows Xp Professional. Thanks Coocy

Hi does anybody know what the maximum temperature is for: Intel Pentium Northwood 4 2.8 Ghz. (478 pin) I have fuzzy logic 4 on my pc and yesterday the temp. went up to 48 C and I was only websurfing. ! At which temp. should I install another or bigger fan ??? Coocy

I have a question: I have Windows Xp Professional 2002 on my pc. Can i install Service Pack 2. Or do i have to install Service pack 1 first and then Service pack 2 ?? Coocy

hi I am Coocy. I just found this site and immediately registered, since there 's so much information on it. Coocy