Spyware PLEASE HELP! - Page 2 - Techist - Tech Forum

Go Back   Techist - Tech Forum > Computer Software > Microsoft Windows and Software
Click Here to Login
Closed Thread
 
Thread Tools Display Modes
 
Old 10-23-2005, 09:49 PM   #11 (permalink)
Grandfather of Techist

\_(ツ)_/
 
Trotter's Avatar
 
Join Date: Jan 2005
Location: The South
Posts: 31,307
Default

Download and run TweakNow once you get rid of what Ad Aware found.

Here's a link, and it's free:
http://www.majorgeeks.com/TweakNow_R...ard_d4134.html
__________________

__________________


My Rig: SABLE
Antec 300 Illusion / Antec EarthWatts EA650 650W / ASUS GeForce GTX 960 GTX960-DC2OC-2GD5
AMD FX 8320 x8 Black Edition / Gelid Tranquillo / MSI 970A-G43
Sandisk Ultra Plus 128GB / Samsung 840 120GB / WD Black 750GB / WD Green 1TB
2x4GB DDR3 1600 - 2x2GB DDR3 1600
Win10 Ent 64-bit - Mionix Naos 7000 Mouse - CM Storm QuickFire Rapid Mech Keyboard


R.I.P. Danny L. Trotter ... 14 Nov 1945 - 4 Sept 2009
Trotter is offline  
Old 10-23-2005, 09:59 PM   #12 (permalink)
Techie Beyond Description
 
Osiris's Avatar
 
Join Date: Jan 2005
Location: Kentucky
Posts: 36,817
Send a message via ICQ to Osiris Send a message via AIM to Osiris Send a message via MSN to Osiris Send a message via Yahoo to Osiris
Default

Post a hijackthis! log
__________________

__________________
Osiris is offline  
Old 10-23-2005, 11:38 PM   #13 (permalink)
Monster Techie
 
Join Date: Sep 2004
Posts: 1,446
Send a message via AIM to Alex81388
Default

This log is from after running that Reg Cleaner

Quote:
Logfile of HijackThis v1.99.1
Scan saved at 10:35:39 PM, on 10/23/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\RUNDLL32.EXE
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Documents and Settings\Alex\My Documents\Spyware Removal\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://v4.windowsupdate.microsoft.com/
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{88F8D1BE-16AC-4AED-919E-5820FDAD8209}: NameServer = 64.233.207.2,192.168.0.200
O20 - Winlogon Notify: H323TSP - C:\WINDOWS\system32\e020lafm1d2a.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
Attached Files
File Type: txt hjthis.txt (2.4 KB, 33 views)
__________________
Sig removed due to foul language. Please read the rules regarding the allowable content of sigs before reposting your COMPLIANT sig.
~Trotter
4/21/06
Alex81388 is offline  
Old 10-24-2005, 10:41 AM   #14 (permalink)
Monster Techie
 
Join Date: Sep 2004
Posts: 1,446
Send a message via AIM to Alex81388
Default

Does anyone have any ideas?
__________________
Sig removed due to foul language. Please read the rules regarding the allowable content of sigs before reposting your COMPLIANT sig.
~Trotter
4/21/06
Alex81388 is offline  
Old 10-24-2005, 11:23 AM   #15 (permalink)
Master Techie
 
RicoDirenzo's Avatar
 
Join Date: May 2005
Posts: 2,102
Default

Yikes.........at this point, software suicide seems reasonable. Save all your critical data and do a fresh install.
__________________
Noli Nothis Permittere Te Terere!!
EVGA 680i, Dual EVGA 8800GT'S (650/950), 4 gigs OCZ DDR2 1066, Intel Q9450 at 3.8 Ghz, Koolance Water Cooled, Dual Plextor16x DL DVD+/-RW. Dual WD 250gb 16mb Cache Sata 3.0. 3DMark06 score = 19,168.
RicoDirenzo is offline  
Old 10-24-2005, 11:37 AM   #16 (permalink)
Monster Techie
 
Join Date: Sep 2004
Posts: 1,446
Send a message via AIM to Alex81388
Default

This really pisses me off, because I did a fresh install a month ago and have some stuff on here that will be impossible to reconfigure.

I have a Ghost Imgae I back up without compression every two weeks but guess what....Since it overwrites each time, it backed up an infected system....
__________________
Sig removed due to foul language. Please read the rules regarding the allowable content of sigs before reposting your COMPLIANT sig.
~Trotter
4/21/06
Alex81388 is offline  
Old 10-25-2005, 11:10 PM   #17 (permalink)
Monster Techie
 
Join Date: Sep 2004
Posts: 1,446
Send a message via AIM to Alex81388
Default

PROBLEM SOLVED

Reference this thread for information if you are infected!

http://gladiator-antivirus.com/forum...howtopic=29738

Ironic that the only way to remove it was to use there own uninstaller huh?

B*tches...
__________________

__________________
Sig removed due to foul language. Please read the rules regarding the allowable content of sigs before reposting your COMPLIANT sig.
~Trotter
4/21/06
Alex81388 is offline  
Closed Thread

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off




Copyright 2002- Social Knowledge, LLC All Rights Reserved.

All times are GMT -5. The time now is 02:18 AM.


Powered by vBulletin® Version 3.8.8 Beta 1
Copyright ©2000 - 2017, vBulletin Solutions, Inc.