hear4search, super-spider.com - Page 2 - Techist - Tech Forum

Go Back   Techist - Tech Forum > Computer Software > Microsoft Windows and Software
Click Here to Login
Closed Thread
 
Thread Tools Display Modes
 
Old 05-30-2004, 09:04 AM   #11 (permalink)
Ultra Techie
 
Join Date: Apr 2004
Posts: 617
Default

can you delete

winlogin.exe

out from this path
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\

try it in safe mode too

if not i will have you download something else that will
__________________

__________________
AdAware | Spybot S&D 1.4 | spyware guard & spyware blaster |

How did I get infected in the first place By Tony Klein

If you use IE I suggest using thes two programs IE Hosts & IE-SPYAD


Lobos is offline  
Old 05-30-2004, 10:01 AM   #12 (permalink)
Newb Techie
 
Join Date: May 2004
Posts: 9
Default

Yes, I deleted it from that path; is that all? Thanks for all the help
__________________

TrevCOol14 is offline  
Old 05-30-2004, 10:04 AM   #13 (permalink)
Ultra Techie
 
Join Date: Apr 2004
Posts: 617
Default

post another log
Lobos is offline  
Old 05-30-2004, 10:16 AM   #14 (permalink)
Newb Techie
 
Join Date: May 2004
Posts: 9
Default

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\gearsec.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\PROGRA~1\PESTPA~1\PPControl.exe
C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
C:\Program Files\D-Link AirPlus\AirPlus.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\hijack this\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://cougarfan.com/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,Shellnext = http://www.sony.com/vaiopeople
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [PestPatrol Control Center] C:\PROGRA~1\PESTPA~1\PPControl.exe
O4 - HKLM\..\Run: [PPMemCheck] C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
O4 - HKLM\..\Run: [CookiePatrol] C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - Global Startup: D-Link AirPlus.lnk = ?
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Si&milar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: AIM (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Windows Messenger (HKLM)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O15 - Trusted Zone: *.greg-search.com
O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} (PPSDKActiveXScanner.MainScreen) - http://www.pestscan.com/scanner/axscanner.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2...ll/xscan53.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.co...135.9369212963
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/s...sh/swflash.cab
TrevCOol14 is offline  
Old 05-30-2004, 10:20 AM   #15 (permalink)
Ultra Techie
 
Join Date: Apr 2004
Posts: 617
Default

good your clean just wanted to make sure it didn't turn into something else


your clean


good job
Lobos is offline  
Old 05-30-2004, 10:22 AM   #16 (permalink)
Newb Techie
 
Join Date: May 2004
Posts: 9
Default

Thanks again, for your help, I dont know what I would have done without you!
TrevCOol14 is offline  
Old 05-30-2004, 10:27 AM   #17 (permalink)
Ultra Techie
 
Join Date: Apr 2004
Posts: 617
Default

no problem


Also try spyware guard and spyware blaster
spyware blaster will block spyware from comming in when you surf the net(compatible with IE, mozilla and firefox) and spyware guard is a resident scanner.

and

Read here How did I get infected in the first place
__________________

__________________
AdAware | Spybot S&D 1.4 | spyware guard & spyware blaster |

How did I get infected in the first place By Tony Klein

If you use IE I suggest using thes two programs IE Hosts & IE-SPYAD


Lobos is offline  
Closed Thread

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off




Copyright 2002- Social Knowledge, LLC All Rights Reserved.

All times are GMT -5. The time now is 09:08 AM.


Powered by vBulletin® Version 3.8.8 Beta 1
Copyright ©2000 - 2017, vBulletin Solutions, Inc.