Kazaa-b-gone problem

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Lambdaphi874

Thread Starter
Joined
Jul 22, 2003
Messages
73
Hey, i was trying to take Kazaa off of my friends computer and the internet stopped working after that. When i used the program it said that it couldn't delete C:\program files\newdotnet and C:\program files\downloader couldn't be deleted because they were in use. This is the site where I got the file from, i used what i thought was the same program on my computer and it worked but this one apparently messed it up. I've heard that kazaa has dll's associated with the internet and i figure something along those lines happened with this. How am I supposed to fix it without access to the net on that computer?? Thanks for the help, and here's the site that i got the kazaa-b-gone from...

http://www.hot-cab.com/security.htm

Thanks for the help....
 
Joined
Aug 10, 2003
Messages
401
Maybe you could try uninstalling and deleting thos efiles in safe mode.
How to start in Safe Mode

If your friend doesn't have the latest HijackThis d/l'ed can you maybe save a copy of HT zip and try get a log from their machine that you can save and post here from your pc?
 
Joined
Jul 24, 2003
Messages
420
Download both LSPFix www.cexx.org/lspfix.zip and Hijack This www.tomcoyote.org/hjt/ to a floppy disk , copy both to your friend's computer. Run LSPFix to resore internet-connectivity. Unzip Hijack This to the Desktop , Scan Hijack This for a log only , ( Don't fix or uninstall anything yet ) Press scan , Scan button becomes Save Log button , Save the log ( NotePad ) to the Desktop . Have your friend return here to the Security Forum and Post a new thread with the Hijack This Scanlog , Someone will gladly offer assistance with the correct removal of Kazaa and it's associated garbage.

Good luck
 

Lambdaphi874

Thread Starter
Joined
Jul 22, 2003
Messages
73
I'll try that LSP fix thing..here's the log...

Logfile of HijackThis v1.97.2
Scan saved at 3:51:40 PM, on 10/1/2003
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\WINDOWS\DELLMMKB.EXE
C:\PROGRA~1\COMMON~1\ADAPTE~1\CreateCD\CREATE~1.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\AIM95\aim.exe
C:\WINDOWS\Nhksrv.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Netropa\OSD.exe
C:\Documents and Settings\Prince\Desktop\HijackThis.exe
C:\WINDOWS\System32\svchost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: (no name) - {4401FDC3-7996-4774-8D2B-C1AE9CD6CC25} - C:\PROGRA~1\E-BOOK~1\FLIPAL~1.0EV\FpLaunch.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [DellTouch] C:\WINDOWS\DELLMMKB.EXE
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [CreateCD50] C:\PROGRA~1\COMMON~1\ADAPTE~1\CreateCD\CREATE~1.EXE -r
O4 - HKLM\..\RunServices: [MOSearch] C:\PROGRA~1\COMMON~1\System\MOSearch\Bin\mosearch.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM95\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [Microsoft Works Update Detection] \WkDetect.exe
O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Define - C:\Program Files\Common Files\Microsoft Shared\Reference 2001\A\ERS_DEF.HTM
O8 - Extra context menu item: Look Up in &Encyclopedia - C:\Program Files\Common Files\Microsoft Shared\Reference 2001\A\ERS_ENC.HTM
O8 - Extra context menu item: Open Picture in &Microsoft PhotoDraw - res://C:\PROGRA~1\MICROS~1\OFFICE\1033\PHDINTL.DLL/phdContext.htm
O9 - Extra button: AIM (HKLM)
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O9 - Extra button: Real.com (HKLM)
O9 - Extra button: Dell Home (HKCU)
O12 - Plugin for .mts: C:\Program Files\MetaCreations\MetaStream\npmetastream.dll
O16 - DPF: Win32 Classes -
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a224.g.akamai.net/7/224/52/2...apple.com/qt503/us/win/QuickTimeInstaller.exe
O16 - DPF: {597C45C2-2D39-11D5-8D53-0050048383FE} (OPUCatalog Class) - http://office.microsoft.com/productupdates/content/opuc.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
 
Joined
Aug 10, 2003
Messages
401
The LSPfix is needed to get connecton back. Make sure to include all references to new.net in the fix. To be sure, reboot and goto add/remove programs and uninstall new.net.

That should be connectivity sorted then.

I'm not sure about this entry, and according to the info in the link I've provided microsoft haven't fully tested this yet. Probably best to ignore unless you're specifically suffering from the problem that is described in the link.
O4 - HKLM\..\RunServices: [MOSearch] C:\PROGRA~1\COMMON~1\System\MOSearch\Bin\mosearch.exe
mosearch mosearch.exe Fast Search in Office XP - similar to the new revision of the Find Fast feature in Office 2000. Fast Search uses the Indexing Services in Office XP to create a catalog of Office files on your computer's hard disk. As with Find Fast - a waste of resources. If it can't be disabled via MSCONFIG try here


These 2 can be fixed in HijackThis:
Run Hijack This again and put a check by these. Close all browser windows and "Fix checked"
O16 - DPF: Win32 Classes -
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a224.g.akamai.net/7/224/52/2...meInstaller.exe
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Members online

Top