Advertisement

There's no such thing as a stupid question, but they're the easiest to answer.
Login
Search

Advertisement

Virus & Other Malware Removal Virus & Other Malware Removal
Search Search
Search for:
Tech Support Guy > > >

tcpsvcs.exe

(New)
(!)

witchblade's Avatar
witchblade witchblade is offline
Junior Member with 3 posts.
THREAD STARTER
 
Join Date: Sep 2003
10-Sep-2003, 06:18 AM #1
Unhappy tcpsvcs.exe
Pls help me solve this... when i got connected to the internet there's always a pop-up message saying that a certain application is cannot be read (that is the tcpsvcs.exe) what seems to be the problem? and also, when i first open the ie,browse or click on a link it always says that "the page cannot be display" but sometimes it is working,is there any connection with that tcpsvcs.exe?
witchblade's Avatar
witchblade witchblade is offline
Junior Member with 3 posts.
THREAD STARTER
 
Join Date: Sep 2003
10-Sep-2003, 06:27 AM #2
i've already downloaded the hijackthis & follow the instuctions & these are the scanned programs...
Logfile of HijackThis v1.96.4
Scan saved at 5:50:40 PM, on 9/10/2003
Platform: Windows 2000 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\System32\msdtc.exe
C:\Program Files\NavNT\defwatch.exe
C:\WINNT\system32\Dfssvc.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\System32\ismserv.exe
C:\WINNT\System32\llssrv.exe
C:\Program Files\NavNT\rtvscan.exe
C:\WINNT\system32\ntfrs.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\System32\locator.exe
C:\WINNT\system32\MSTask.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\System32\dns.exe
C:\WINNT\System32\inetsrv\inetinfo.exe
C:\WINNT\System32\MsgSys.EXE
C:\WINNT\System32\svchost.exe
C:\WINNT\Explorer.exe
C:\WINNT\htpatch.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\NavNT\vptray.exe
C:\DOCUME~1\ADMINI~1\APPLIC~1\ieuooshs.exe
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Qot1.exe
C:\WINNT\System32\P2P Networking\P2P Networking.exe
C:\WINNT\System32\rundll32.exe
C:\winnt\system32\fsg_4104.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX05.343\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://sbvr.com/searchbar.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://sbvr.com/searchbar.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://sbvr.com/passthrough/index.ht...www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://sbvr.com/searchbar.html
O1 - Hosts: 216.177.73.139 auto.search.msn.com
O1 - Hosts: 216.177.73.139 search.netscape.com
O1 - Hosts: 216.177.73.139 ieautosearch
O2 - BHO: myBar BHO - {0494D0D1-F8E0-41ad-92A3-14154ECE70AC} - C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL
O2 - BHO: (no name) - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} - C:\Program Files\NewDotNet\newdotnet4_85.dll
O2 - BHO: Natural Language Navigation - {60E78CAC-E9A7-4302-B9EE-8582EDE22FBF} - C:\WINNT\System\BHO001.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O3 - Toolbar: &SearchBar - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL
O4 - HKLM\..\Run: [HTpatch] C:\WINNT\htpatch.exe
O4 - HKLM\..\Run: [SiS KHooker] C:\WINNT\System32\khooker.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINNT\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINNT\System32\spool\drivers\w32x86\3\hpztsb07.exe
O4 - HKLM\..\Run: [vptray] C:\Program Files\NavNT\vptray.exe
O4 - HKLM\..\Run: [explorer] C:\WINNT\System32\explorer.exe
O4 - HKLM\..\Run: [gflumln] "C:\WINNT\System32\gflumln.exe"
O4 - HKLM\..\Run: [brcheec] C:\DOCUME~1\ADMINI~1\APPLIC~1\ieuooshs.exe -QuieT
O4 - HKLM\..\Run: [WinStart001.EXE] C:\WINNT\System\WinStart001.EXE -b
O4 - HKLM\..\Run: [P2P Networking] C:\WINNT\System32\P2P Networking\P2P Networking.exe /AUTOSTART
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL,NewDotNetStartup
O4 - HKLM\..\Run: [Trickler] "c:\winnt\system32\fsg_4104.exe"
O4 - HKLM\..\Run: [SAHAgent] C:\WINNT\System32\SahAgent.exe
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - Startup: PowerReg Scheduler V3.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O10 - Hijacked Internet access by New.Net
O10 - Broken Internet access because of LSP provider 'lsp.dll' missing
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://download.yahoo.com/dl/installs/yinst.cab
O16 - DPF: {8522F9B3-38C5-4AA4-AE40-7401F1BBC851} - http://www.mp3s4free.net/Searchmp3s.exe
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.co...865.3712152778
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/s...sh/swflash.cab
O16 - DPF: {E6A3C1E2-F792-483E-9133-596215172BE9} (AcceptLang Class) - http://runonce.msn.com/setacceptlang.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = MAMONTESSORI.local
O17 - HKLM\System\CCS\Services\Tcpip\..\{015E3EE8-84DA-479E-A1D8-B76EC31203C7}: NameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{FC4CBF7C-308E-411D-9682-56BEFFC59AD9}: NameServer = 203.172.11.21 203.172.11.25
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = MAMONTESSORI.local
O17 - HKLM\System\CS1\Services\Tcpip\..\{015E3EE8-84DA-479E-A1D8-B76EC31203C7}: NameServer = 127.0.0.1
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = MAMONTESSORI.local
O17 - HKLM\System\CS2\Services\Tcpip\..\{015E3EE8-84DA-479E-A1D8-B76EC31203C7}: NameServer = 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: Domain = MAMONTESSORI.local
O17 - HKLM\System\CS3\Services\Tcpip\..\{015E3EE8-84DA-479E-A1D8-B76EC31203C7}: NameServer = 192.168.1.1
eddie5659's Avatar
Computer Specs
Moderator & Malware Removal Specialist with 28,323 posts.
 
Join Date: Mar 2001
Location: Bradford, England
14-Sep-2003, 02:40 PM #3
Moved you to Security, where you may get more responses

eddie
Die Hard's Avatar
Die Hard Die Hard is offline
Member with 267 posts.
 
Join Date: Apr 2003
Location: Sweden
14-Sep-2003, 05:12 PM #4
witchblade Hi

You have a couple of virus there.

Do this first:

Go to "Start>Control Panel>Add/Remove programs " and uninstall "NewDotNet" .
When that is done, do this.....

visit any of these sites for an online virus scan:

Symantec/Norton
http://security.symantec.com/defaul...FCSGFZVDTPSOERZ

Panda ActiveScan http://www.pandasoftware.com/activescan/

Trend Micro HouseCall http://housecall.trendmicro.com

then.......

Download AdAware6 181 and see THIS page for instructions on how to configure the program.
Remember to use the webupdate before your first scan.



When you have done this, make another scan with HiJack This and letīs have a look again.

Also go HERE and download AVG free antivirus program.

Die Hard
As Seen On

BBC, Reader's Digest, PC Magazine, Today Show, Money Magazine
WELCOME TO TECH SUPPORT GUY!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.


(clock)
THIS THREAD HAS EXPIRED.
Are you having the same problem? We have volunteers ready to answer your question, but first you'll have to join for free. Need help getting started? Check out our Welcome Guide.

Search Tech Support Guy

Find the solution to your
computer problem!




Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools


WELCOME
You Are Using: Server ID
Trusted Website Back to the Top ↑