Skip to main content
Start a Conversation

Unsolved

This post is more than 5 years old

MACrews

9 Posts

3375

June 28th, 2004 15:00

Can a Virus or Malware attack a modem?

I have a WebPC with the 3Com Mini-PCI 56k-10/100LAN. I just got DSL Friday (25th of June). Sunday afternoon, suddenly the modem and LAN quit working. Everything is plugged into the surge protector, including the phone line. I do know think there was a lightening storm that night or the previous night. Right now I'm using the USB capability of the modem, and I've tried various virus removal tools, and updated my antivirus and Ad-Aware.

Everything was working fine before this happened. I shut the computer down when I went to bed (before or during the storm) and wasn't able to do anything later that day when I shut it down or the next day. I'm unsure of the time frame. I had left the house with a download running before things went kablookey. I have ZoneAlarm free edition and AVG 6 Free edition. I don't know what could have gone wrong.

I've tried uninstalling and reinstalling the modem and the network adapter and getting a #2 and a ! on the device manager, so I uninstalled whatever was there and decided to seek help.  I've tried opening the case and unplugging and re-plugging everything.  Also, for the past few weeks, my computer has been "finding new devices" that aren't there.

Needless to say, I'm getting frustrated. I'm about at wit's end.

Has the computer been attacked by a virus or hijacked or something?

Thanks for taking the time to read this!

Marla

MACrews

9 Posts

June 28th, 2004 16:00

A friend of mine said the Trojan that keep getting warnings about by AVG but AVG doesn't find or some other program may have messed with my registry settings on my modem and that may be why it's not working.

Does anyone know about this?

Marla

MACrews

9 Posts

June 28th, 2004 19:00

I read other topics, and noticed they posted "Hijack This" logs, so here's mine, if it helps at all.

 

 

Logfile of HijackThis v1.97.7
Scan saved at 3:56:03 PM, on 6/28/2004
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG6\avgserv.exe
C:\Program Files\Executive Software\Diskeeper\DkService.exe
C:\WINNT\SYSTEM32\DNTUS26.EXE
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\hidserv.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\system32\ZoneLabs\vsmon.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\mspmspsv.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\ZipToA.exe
C:\WINNT\Explorer.EXE
C:\WINNT\system32\hkcmd.exe
C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
C:\Program Files\BellSouth\Application Center\BsnAppCenter.exe
C:\PROGRA~1\Grisoft\AVG6\avgcc32.exe
C:\Program Files\Iomega\DriveIcons\ImgIcon.exe
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\WINNT\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINNT\system32\ezSP_Px.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Registry Clean Expert\RCScheduler.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\HJT\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ie/defaults/sb/ymsgr6/*http://www.yahoo.com/ext/search/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/ie/defaults/sp/ymsgr6/*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.bellsouth.net/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://red.clientapps.yahoo.com/customize/ie/defaults/stp/ymsgr*http://my.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ie/defaults/sb/ymsgr6/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/ie/defaults/sp/ymsgr6/*http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://red.clientapps.yahoo.com/customize/ie/defaults/stp/ymsgr*http://my.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://red.clientapps.yahoo.com/customize/ie/defaults/su/ymsgr6/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ie/defaults/su/ymsgr6/*http://www.yahoo.com
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_12_0.dll
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_12_0.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [IgfxTray] C:\WINNT\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINNT\system32\hkcmd.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
O4 - HKLM\..\Run: [BellSouthSyn] C:\Program Files\BellSouth\Application Center\BsnAppCenter.exe /Synchronize
O4 - HKLM\..\Run: [BellSouthScheduler] C:\Program Files\BellSouth\Application Center\BsnAppCenter.exe /Scheduler
O4 - HKLM\..\Run: [AVG_CC] C:\PROGRA~1\Grisoft\AVG6\avgcc32.exe /STARTUP
O4 - HKLM\..\Run: [Iomega Startup Options] C:\Program Files\Iomega\Common\ImgStart.exe
O4 - HKLM\..\Run: [Iomega Drive Icons] C:\Program Files\Iomega\DriveIcons\ImgIcon.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINNT\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINNT\system32\ezSP_Px.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKCU\..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe 1
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [RegClean Expert Scheduler] "C:\Program Files\Registry Clean Expert\RCScheduler.exe" /startup
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Backward &Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Refresh Pa&ge with Full Quality - C:\Program Files\BellSouth Accelerator Technology\pac-page.html
O8 - Extra context menu item: Refresh Pi&cture with Full Quality - C:\Program Files\BellSouth Accelerator Technology\pac-image.html
O8 - Extra context menu item: Si&milar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Yahoo! Messenger (HKLM)
O9 - Extra button: AIM (HKLM)
O9 - Extra button: Real.com (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra button: WeatherBug (HKCU)
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://download.yahoo.com/dl/installs/yinst0401.cab
O16 - DPF: {94B82441-A413-4E43-8422-D49930E69764} (TLIEFlashObj Class) - https://webchat.dell.com/Media/VisitorChat/TLIEFlash.CAB
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38092.5966319444
O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yse/ymmapi_416.dll
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/suite/autocomplete.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

 

Thanks!

 

wingzero2309

31 Posts

June 29th, 2004 03:00

O9 - Extra button: WeatherBug (HKCU)


im 99% sure that WeatherBug is Spyware; u might want to run Adaware and Spybot

MACrews

9 Posts

June 29th, 2004 12:00

I've not had trouble like that before ... Ad-Aware hasn't ever screeched about it, but it has about WMP's little registry key. That's the only thing on my Ad-Aware "ignore list."

Will get and try SpyBot.

Marla

MACrews

9 Posts

July 1st, 2004 16:00

I got Spy Bot and removed the WeatherBug, but I still can't use my modem, defrag, or run chdsk. The error message says that chkdsk cannot open the volume for direct access, even in safe mode or before the system starts up.

HELP!

Marla

wingzero2309

31 Posts

July 1st, 2004 23:00

for chkdisk, i found out that theres no patch to fix that problem, according to microsoft:

http://support.microsoft.com/default.aspx?scid=kb;en-us;823439

apparently they're still working on solving the problem

 

As for the modem, have you tried to reinstall the drivers? that might fix it.

And defrag, i have no clue.

I remember having some problem with windows and i called a support guy(not sure if it was a dell person or not); he told me to do sfc /scannow.  This site tells you how to use the sfc scannow utility.  Not sure if it will fix the problem, but u can try it if u want.  Basically, you just go to Start>Run and type in sfc /scannow and then it may ask u for ur windows cd while its checking

Message Edited by wingzero2309 on 07-01-2004 07:04 PM

MACrews

9 Posts

July 3rd, 2004 01:00

I triid all of that, to no avail. I ended up reinstalling Windows 2000 Professional, but I still cannot install the modem. It got to the point where I couldn't even boot up at all. Just blue screen and bye-bye. When I try to update the drivers for the modem, it blue screens and restarts.

Does anyone know where I can get a BIOS flash? Right now it's on A00, and before it was A03. I need to get it back, but I don't know where to look.

I'm still in the process of combing my hard drive for information, but I know the BIOS stuff isn't there. I'm going to re-download the modem drivers and see if I can get everything to work. I'm even going to go to the extreme point of removing the darned thing for a day or so to see if I can remove all references to it before I try re-installing it.

Some guidance, please!

Marla

wingzero2309

31 Posts

July 3rd, 2004 04:00

towards the top of this page, theres a tab called 'Downloads'

if you click it and then enter your service tag, it takes u to all the downloads for ur comp.  from the dropdown thing, click FlashBIOS and it will list any bios updates if there were any

the one i have rite now is A09, on a dimension 8200

MACrews

9 Posts

July 3rd, 2004 16:00

Unfortunately, there is no BIOS download available for WebPC. Do you know if I can use a compatible system's BIOS? The one from Intel for my motherboard was for a Latitude, so It wouldn't do anything. Or is there a way I can alter the program to make it for my computer?

Marla

Was this post helpful?

View All

0 events found

No Events found!

Top