lop.com & other problems

Computing.Net > Forums > Security and Virus > lop.com & other problems

Computer Problems? Computing.Net has over 1,000,000 posts about all things technology related! Over 90% answered within 24 hours! Click here to start participating now! Also, be sure to check out the New User Guide.

lop.com & other problems

Name: Juggalo1702
Date: February 11, 2004 at 22:54:44 Pacific
OS: Windows 98 SE
CPU/Ram: pentium 2 192 mb ram

Comment:

Somehow lop had gotten into my computer but I ran adaware and spybot s & d and it seems to be gone . However, everytime I start my computer there are a bunch of weird programs running. When I press alt ctrl delete some times there are random letters and numbers and cometimes things like mmod....the very weird part is it doesn't show explorer.exe running.I also can't open msn instant messenger for some reason.
so plz help me out

Sponsored Link

Ads by Google

Response Number 1

Name: iceblue
Date: February 13, 2004 at 03:23:26 Pacific

Reply:

http://www.wilderssecurity.com/index.php?board=21;action=display;threadid=7487
lop makes numerous changes throughout the system; update the AA6 & SSD;
and run a HijackThis scan,
download from http://www.lurkhere.com/~nicefiles
and post the log.

Response Number 2

Name: Juggalo1702
Date: February 13, 2004 at 12:13:51 Pacific

Reply:

Logfile of HijackThis v1.97.3
Scan saved at 1:04:17 PM, on 2/13/04
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v5.00 (5.00.2614.3500)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.exe
C:\WINDOWS\SYSTEM\MPREXE.exe
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MSTASK.exe
C:\WINDOWS\SYSTEM\SYSCONF.exe
C:\WINDOWS\EXPLORER.exe
C:\WINDOWS\SYSTEM\SYSTRAY.exe
C:\PROGRAM FILES\NORTON ANTIVIRUS\NAVAPW32.exe
C:\WINDOWS\RUNDLL32.exe
C:\PROGRAM FILES\EZULA\MMOD.exe
C:\WINDOWS\SYSTEM\WMIEXE.exe
C:\WINDOWS\NIF8V486.exe
C:\WINDOWS\SYSTEM\DDHELP.exe
C:\WINDOWS\DESKTOP\PICTURES\HIJACKTHIS.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = C:\WINDOWS\system32\search.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = C:\WINDOWS\system32\search.html
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = 192.168.1.101
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = c:\windows\system32\blank.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://search.xrenoder.com
R3 - URLSearchHook: PerfectNavBHO Class - {A045DC85-FC44-45be-8A50-E4F9C62C9A84} - C:\PROGRA~1\PERFEC~1\BHO\PERFEC~1.DLL
O2 - BHO: (no name) - {B7C982E0-5E24-11D8-8DDC-0050BACCA46D} - C:\WINDOWS\SYSTEM\PSTOREBC.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: brddaglgchg - {41c71901-5cb6-11d8-8ddc-0050bacca46d} - C:\WINDOWS\APPLICATION DATA\SHCRHWQUCHY.DLL (file missing)
O3 - Toolbar: ez Search Bar - {CCE83E45-30B2-4BAE-B1F5-25D128D27A43} - C:\WINDOWS\SYSTEM\EZSEARCH.DLL
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [SystemTray] SysTray.exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [Norton Auto-Protect] C:\PROGRA~1\NORTON~1\NAVAPW32.exe /LOADQUIET
O4 - HKLM\..\Run: [Microsoft Conf Ldr] sysconf.exe
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL,NewDotNetStartup
O4 - HKLM\..\Run: [version] C:\WINDOWS\SYSTEM\VERSION.exe
O4 - HKLM\..\Run: [WinEssential] C:\WINDOWS\SYSTEM\KEYHOST.exe
O4 - HKLM\..\Run: [YahooStock] C:\WINDOWS\NIF8V486.exe
O4 - HKLM\..\Run: [PGStub.exe] C:\DP-B23011805.exe
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [Microsoft Conf Ldr] sysconf.exe
O4 - HKCU\..\Run: [MsnMsgr] "c:\Program Files\MSN Messenger\MsnMsgr.exe" /background
O4 - HKCU\..\Run: [Tracks Eraser Pro] C:\Program Files\Acesoft\Tracks Eraser Pro\te.exe min
O4 - HKCU\..\Run: [eZmmod] C:\PROGRA~1\ezula\mmod.exe
O9 - Extra button: Real.com (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Yahoo! Messenger (HKLM)
O9 - Extra button: Trace (HKLM)
O9 - Extra 'Tools' menuitem: VisualRoute Trace (HKLM)
O10 - Unknown file in Winsock LSP: c:\windows\system\inetadpt.dll
O10 - Unknown file in Winsock LSP: c:\windows\system\inetadpt.dll
O10 - Unknown file in Winsock LSP: c:\windows\system\inetadpt.dll
O10 - Unknown file in Winsock LSP: c:\windows\system\inetadpt.dll
O10 - Unknown file in Winsock LSP: c:\windows\system\inetadpt.dll
O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://fdl.msn.com/public/chat/msnchat45.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/ansi/iuctl.CAB?37909.7414583333
O16 - DPF: {1CC506A7-1B8D-11D4-BDD5-0060977007E0} (CrazyTalk Player) - http://www.reallusion.com/Stuff/CrazyTalk.cab
O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/games/clients/y/potc_x.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://download.yahoo.com/dl/installs/yinst.cab
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) - http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/v45/yacscom.cab
O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} (Yahoo! Audio UI1) - http://chat.yahoo.com/cab/yacsui.cab
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -
O19 - User stylesheet: c:\windows\java\my.css

Response Number 3

Name: Juggalo1702
Date: February 14, 2004 at 19:53:50 Pacific

Reply:

thanks for the help but I fixed it myself. Turns out It was a nasty variation for look2me that hides your explorer

Sponsored Link

Ads by Google

popodino.com netsurfnetwork.com MITA DP-560	tenzy.com c:\\pyagcore\\pyagcore/search nexxx 98.com
See More

Spyware help please

Lycos Search Hijacking

Post Locked

This post is quite old and has been locked from receiving new replies. Please create a new posting instead.

Go to Security and Virus Forum Home

Sponsored links

Ads by Google

Results for: lop.com & other problems

Google.com and other search engine

Summary

www.computing.net/answers/security/googlecom-and-other-search-engine/6477.html

Concerning LOP.com

Summary

www.computing.net/answers/security/concerning-lopcom/8048.html

lop.com and Alcatel touch modem/rou

Summary

www.computing.net/answers/security/lopcom-and-alcatel-touch-modemrou/3470.html

From the Geek Dictionary
5200 RPM - Hard drives don't spin at 5200 RPMs, they spin at 5400 RPMs

Ask a Question!

Weekly Poll
Did you go shopping on Black Friday?

Poll Finishes In 3 Days.
Discuss in The Lounge
Poll History

Recent Posts
Will /Fixmbr delete any files on my computer

wont connect to live

HTML Email Marketing

New custom-built PC

VBscript browse help

All Awaiting Reply

Tom's News
Using Google-Wave to Track A Man-Hunt

Next Generation iPhone Spotted by Developers

Black Friday Brawls: Plenty Fought, No One Died

Couple Gets Married at Best Buy on Black Friday

Office 2010 Ships in 2010, Beta Now

More Tom's Guide News

Data Recovery

Manufacturer List | About Us | Advertising Info | Contact Us
The information on Computing.Net is the opinions of its users. Such opinions may not be accurate and they are to be used at your own risk. Computing.Net cannot verify the validity of the statements made on this site. Computing.Net and Computing.Net LLC hereby disclaim all responsibility and liability for the content of Computing.Net and its accuracy.
PLEASE READ THE FULL DISCLAIMER AND LEGAL TERMS BY CLICKING HERE