Spyware - Page 4 - GM Forum - Buick, Cadillac, Chev, Olds, GMC & Pontiac chat


Lounge For casual talk about things unrelated to General Motors. In other words, off-topic stuff. And anything else that does not fit Section Description.

Reply
 
 
 
Thread Tools Search this Thread
Old 03-28-2006, 02:08 PM   #31
Senior Member
Certified Car Nut
 
Join Date: Jul 2003
Location: Robbinsdale, MN
Posts: 15,408
Thanks: 0
Thanked 0 Times in 0 Posts
MOS95B is on a distinguished road
Default

Quote:
Originally Posted by LakevilleSSEi
Spybot got rid of a lot of ***^ I had, but I still have one process that'* running and I can't stop it, even when going into the startup blocker of Spybot and disabliing that registry key.
Safe Mode?
MOS95B is offline   Reply With Quote
Old 03-28-2006, 02:11 PM   #32
Senior Member
True Car Nut
Thread Starter
 
Join Date: Sep 2004
Location: Farmington, Minnesota =MWBF '05 SURVIVOR= =CEBF '06 SURVIVOR= =August '06 COTM=
Posts: 9,130
Thanks: 0
Thanked 0 Times in 0 Posts
LakevilleSSEi is on a distinguished road
Default

That'* where I did most everything at....I don't think in safe mode it even launched though, I should re boot to safe mode and check that out
LakevilleSSEi is offline   Reply With Quote
Old 03-28-2006, 04:47 PM   #33
Senior Member
True Car Nut
 
Join Date: Oct 2005
Location: Central Florida
Posts: 7,030
Thanks: 0
Thanked 0 Times in 0 Posts
lash is on a distinguished road
Default

Quote:
Originally Posted by MOS95B
Quote:
Originally Posted by lash
Quote:
Originally Posted by sonoma_zr2
Quote:
Originally Posted by lash
OK, what is "ms"?
ms spyware remover
I take it that it is also a free program???

You'll have to excuse my ignorance. I've always run antivirus software, but just recently started using adaware. Then I noticed that there was still soomething running in the backround and did the spyware check. So I also need the help.

Not trying to hijack, Lakeville...
Just remember - AntiSpyware is Not AntiVirus and vice-versa - I must get 100 e-mails a day "Your *anti-spyware program* did not remove my viruses" and (again) vice versa.

Some anti-virus programs have a little anti-spyware built into them, but they aren't intended to remove all spyware. And an Anti-Spyware program will NOT remove viruses. Use the right tool for the job, dammit!! [/rant]
LOL!!! Hey, I'm not a total dummy and know that, but thanks for grinding it in, lol.
lash is offline   Reply With Quote
Old 03-28-2006, 06:49 PM   #34
Senior Member
Certified GM nut
 
Join Date: Jul 2003
Location: Charlotte, NC ________ SEBF 07 survivor
Posts: 2,128
Thanks: 0
Thanked 0 Times in 0 Posts
aviator327 is on a distinguished road
Default

Checkout the below link. I had some spyware last year I couldn't get rid of even using Adaware, Spybot *&D. Found this site very usefull. You will have to join for someone to help you with your PC. There is a program called" HighJack This" which you can d/l from the site. Once you run the HighJack This Program, you submit it to the HighJack This forum and one of the Guru'* will look at your log and tell you exactly what to get rid of. When you go to the site, click the Discussions tab and scroll down to Security. The HighJack This fourm is there. Highly recommended.

http://www.bleepingcomputer.com
aviator327 is offline   Reply With Quote
Old 03-28-2006, 06:54 PM   #35
Junior Member
 
Join Date: Aug 2005
Posts: 0
Thanks: 0
Thanked 0 Times in 0 Posts
wjcollier07 is on a distinguished road
Default

hey try this new one, it sort of replaced MS anti-spyware, its called windows defender. I installed a bad program once and it popped up right away...anotherwords, it is not like *&D and Lavasoft Ad-Aware, and all that, it is ACTIVE not passive....

go download it iat windows marketplace....
wjcollier07 is offline   Reply With Quote
Old 03-28-2006, 06:55 PM   #36
Senior Member
Certified GM nut
 
Join Date: Jul 2003
Location: Charlotte, NC ________ SEBF 07 survivor
Posts: 2,128
Thanks: 0
Thanked 0 Times in 0 Posts
aviator327 is on a distinguished road
Default

This is what the HighJack This Log looks like. This is from my Dell Dim 8200 when i ran a scan last October. Squeeky clean, no spyware.

Logfile of HijackThis v1.99.1
Scan saved at 8:56:12, on 10/10/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton Internet Security\ISSVC.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Executive Software\Diskeeper\DkService.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\PROGRA~1\NORTON~2\NORTON~1\NPROTECT.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\PROGRA~1\NORTON~2\NORTON~1\SPEEDD~1\NOPDB.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\SurfSecret\SS2-FULL.exe
C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe
C:\Program Files\Hewlett-Packard\AiO\hp psc 700 series\Bin\hpobrt07.exe
C:\PROGRA~1\HEWLET~1\AiO\Shared\Bin\hpoevm07.exe
C:\Program Files\Hewlett-Packard\AiO\Shared\bin\hpOSTS07.exe
C:\WINDOWS\system32\hpoipm07.exe
C:\HJT\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.weather.com/weather/local...from=whatwhere
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [diagent] "C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe" startup
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe"
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Executive Software\Diskeeper\DkIcon.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Norton SystemWorks] "C:\Program Files\Norton SystemWorks\cfgwiz.exe" /GUID {05858CFD-5CC4-4ceb-AAAF-CF00BF39736A} /MODE CfgWiz
O4 - HKCU\..\Run: [SurfSecret] C:\Program Files\SurfSecret\SS2-FULL.exe /min
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HPAiODevice(hp psc 700 series) - 1.lnk = C:\Program Files\Hewlett-Packard\AiO\hp psc 700 series\Bin\hpobrt07.exe
O4 - Global Startup: PHR Reminders.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1119439400068
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\Diskeeper\DkService.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~2\NORTON~1\NPROTECT.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~2\NORTON~1\SPEEDD~1\NOPDB.EXE
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
aviator327 is offline   Reply With Quote
Old 03-28-2006, 08:34 PM   #37
Senior Member
True Car Nut
 
Join Date: Feb 2006
Location: Melrose
Posts: 4,596
Thanks: 0
Thanked 0 Times in 0 Posts
BLACK94SSEi is on a distinguished road
Default

2006-03-24 Includes\Hijackers.sbi (*)
2006-03-24 Includes\Keyloggers.sbi (*)

Thos two above I would be MOST concerned about. Usually in AdAware, it gives you the driectory in which the file or folder resides. If you have not removed it, follow the directory route and dig it out yourself.

You may have to use REGEDIT using the run command to remove the actual registry fields that are coming up a invalid.

Just be VERY carefull editing the registry as it can cause your machine to stop working.
BLACK94SSEi is offline   Reply With Quote
Old 03-28-2006, 10:31 PM   #38
Senior Member
True Car Nut
 
Join Date: Jul 2004
Location: Grand Rapids, Mi
Posts: 5,656
Thanks: 0
Thanked 0 Times in 0 Posts
Archon is on a distinguished road
Default

Do you perhaps have an earlier system restore point you can use?
Archon is offline   Reply With Quote
Old 03-28-2006, 10:35 PM   #39
Senior Member
Posts like a Camaro
 
Join Date: Nov 2002
Posts: 1,109
Thanks: 0
Thanked 0 Times in 0 Posts
1995BvSSE is on a distinguished road
Default

By the way, you don't have to have another hard drive.

You can use a relatively cheap program (BootIt NG) to resize the partition, freeing up another space to create a new partition and then install Windows there.

I actually have a partition on my computer that has a clean copy of windows. When things go south, I make a copy of it, increase its size, and I go from there.

Takes me less than 2 hours to get my machine completely reconfigured.
1995BvSSE is offline   Reply With Quote
Old 03-28-2006, 11:50 PM   #40
Senior Member
True Car Nut
Thread Starter
 
Join Date: Sep 2004
Location: Farmington, Minnesota =MWBF '05 SURVIVOR= =CEBF '06 SURVIVOR= =August '06 COTM=
Posts: 9,130
Thanks: 0
Thanked 0 Times in 0 Posts
LakevilleSSEi is on a distinguished road
Default

I hate partitions....nothing but trouble to me.
LakevilleSSEi is offline   Reply With Quote
 
 
Reply

Related Topics
Thread Thread Starter Forum Replies Last Post
Ahh weird links in internet explorer!! (spyware, adware?) DrJay Lounge 2 12-01-2004 10:14 PM
COMPUTER people...Spyware/parasites/trojan horses.....etc bonnie94ssei Lounge 22 10-03-2004 06:53 AM
Anyone having trouble with Spyware and CoolWWW Jim W Lounge 24 07-05-2004 09:27 PM
Gah! Help with Spyware Jim W Lounge 14 06-27-2004 12:39 PM
Gator not SpyWare? MOS95B Lounge 6 10-25-2003 04:07 PM


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off



All times are GMT -4. The time now is 03:24 PM.


We are a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for us to earn fees by linking to Amazon.com and affiliated sites.