Hi All of a sudden I get a small alert window pop into the middle of the screen called "ENTER NETWORK PASSWORD"
then text saying "type your username and password"
Then there is three boxes with the details of my username etc and my password ****'d out. I can click "OK" or "CANCEL" or "CLOSE" but the box comes back. I am running Symantec virus protector and it finds nothing and Spybot and it shows there is a couple of items it can't correct unless I have admin profile.
Heres the log from Hijackthis:
Logfile of HijackThis v1.99.1
Any ideas? Thanks in advanceCode:Scan saved at 17:17:35, on 09/06/2008 Platform: Unknown Windows (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16643) Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\windows\SMINST\scheduler.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\PDF Complete\pdfsty.exe C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe C:\Program Files\WinZip E-Mail Companion\loadwzco.exe C:\windows\System32\igfxtray.exe C:\windows\System32\hkcmd.exe C:\windows\System32\igfxpers.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\Symantec AntiVirus\VPTray.exe C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Users\admin\Program Files\DNA\btdna.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Brother\ControlCenter3\brccMCtl.exe C:\Windows\system32\taskeng.exe C:\Program Files\eMule\emule.exe C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE C:\Program Files\Microsoft Office\Office12\EXCEL.EXE C:\Program Files\Internet Explorer\ieuser.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\Macromed\Flash\FlashUtil9e.exe C:\Windows\explorer.exe C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe C:\Program Files\Hijackthis\HijackThis.exe C:\Windows\system32\SearchFilterHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = BT broadband office R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [PDF Complete] "C:\Program Files\PDF Complete\pdfsty.exe" O4 - HKLM\..\Run: [SetRefresh] C:\Program Files\HP\SetRefresh\SetRefresh.exe O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN O4 - HKLM\..\Run: [WinZip E-Mail Companion OEAPI] "C:\Program Files\WinZip E-Mail Companion\loadwzco.exe" O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Windows\system32\NeroCheck.exe O4 - HKLM\..\RunOnce: [ST Recovery Launcher] %WINDIR%\SMINST\launcher.exe O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Users\admin\Program Files\DNA\btdna.exe" O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll O11 - Options group: [INTERNATIONAL] International* O13 - Gopher Prefix: O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL O20 - Winlogon Notify: igfxcui - C:\Windows\SYSTEM32\igfxdev.dll O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing) O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing) O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: SQL Server (MSSMLBIZ) (MSSQL$MSSMLBIZ) - Unknown owner - c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sMSSMLBIZ (file missing) O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing) O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing) O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing)
Wil
Help is it a virus
- 11 Jun 2008 #1My System Specs
Help is it a virus
- 11 Jun 2008 #2My System Specs
Re: Help is it a virus
in the advanced options/settings of spybot there is a check box that you can tick so you can run a scan at next boot... this should set a scan to run b4 windows boots and requires you to have admin rights.... dont forget to change to advanced mode first
- 11 Jun 2008 #3My System Specs
Re: Help is it a virus
Thanks, just ran a-squared which picked up 120 bits spybot missed.
- 11 Jun 2008 #4My System Specs
Re: Help is it a virus
btdna.exe-------> CastleCops® BitTorrent DNA btdna.exe Startup and file information
- 12 Jun 2008 #5My System Specs
Re: Help is it a virus
sid you are a star
- 13 Jun 2008 #6My System Specs
Re: Help is it a virus
ok now I have removed the offending BTDNA.exe it hasn't made any difference. I get the stupid box popping up every 10 mins even if I have selected to remember the password. It is prompted by Outlook Explorer. Any ideas please?
- 13 Jun 2008 #7My System Specs
Re: Help is it a virus
Argh!! I did not think of Outlook. Which version do you use?
May be caused by AV?
Can you try Outllook in safe mode: Start, type: outlook.exe /safe in the Start Search box, and press ENTER.
- 13 Jun 2008 #8My System Specs
Re: Help is it a virus
yes sorry I only just noticed it. its the 2007 release, can't for the life of me find what version number it is though. i am a little enexperienced but will try to articulate what you wish me to do. to start in safe mode (as a mac user i used to hold down shift, but i think-) i can just select it from the boot up sequence, correct? from there i can type in the executeable file ie "outlook.exe" sorry if I am not on the right track here as i say I am a little unexperienced at this kind of stuff, please confirm or correct. Thanks in advance
- 13 Jun 2008 #9My System Specs
Re: Help is it a virus
Click on the start button, then in the search bar type in: outlook.exe /safe
Press Enter, outlook should start in safe mode (do not confuse with vista safe mode)
If it works without the popup, the problem should come from another software like your antivirus for example.
- 16 Jun 2008 #10My System Specs
Re: Help is it a virus
sorry i need further explaination as i don't quite follow. i click on the bottom left start button from my desktop, i select search and then click "for files or folders"? type outlook.exe /safe unfortunately I must be doing something wrong as it doesn't find anything.....shall i take this to pm? assuming I am able to do this, will it mean i have to start outlook like this each time to avoid the annoying popup. I am on a network and it is doing to the other pc as well.
Reply With Quote
Help is it a virus problems?
| Similar Threads | ||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| Anti Virus Suite virus???? | hihijenjenxp | System Security | 34 | 10 Apr 2010 |
| Virus | Hipupchuck | Vista General | 2 | 20 May 2009 |
| HELP! I have a virus... | bennys | System Security | 6 | 20 Sep 2008 |
| Got a virus alert on a virus that is over a year old | WildEagle | System Security | 8 | 13 Aug 2008 |
| virus help | Brad | Vista General | 4 | 31 Jul 2008 |
