+ Post New Thread
Page 2 of 3 FirstFirst 123 LastLast
Results 16 to 30 of 31
Windows Thread, Help me get rid of some spyware please!! in Technical; Yep thats what I have at home. I use Linux on a vintage '97 machine to do my day to ...
  1. #16

    Geoff's Avatar
    Join Date
    Jun 2005
    Location
    Fylde, Lancs, UK.
    Posts
    11,803
    Thank Post
    110
    Thanked 583 Times in 504 Posts
    Blog Entries
    1
    Rep Power
    224

    Re: Help me get rid of some spyware please!!

    Yep thats what I have at home. I use Linux on a vintage '97 machine to do my day to day web browsing/email/etc. I also have a WinXP PC for gaming. If that screws up or catches anything nasty I just reimage it because there's no important data on it.

  2. #17
    StewartKnight's Avatar
    Join Date
    Jun 2005
    Posts
    1,587
    Thank Post
    2
    Thanked 27 Times in 21 Posts
    Rep Power
    30

    Re: Help me get rid of some spyware please!!

    Don't get me wrong Geoff, if I could use a linux box for the "day to day" I would. I have more than enough computers, but not enough room!

    So I'm stuck with an XP machine that does "everthing" and a couple of laptops (Thank you "teachers for laptops" for 1 of them)

    But I do a lot of other stuff too (video editing, music editing.. and stuff), but I wouldn't know where to start with linux (I'll have to cancel giving the conference lecture on Linux for this year)

    That leaves me with a XP pc. At least I know what I'm doing on that!
    So spyware is sooo anoying!

  3. #18

    Geoff's Avatar
    Join Date
    Jun 2005
    Location
    Fylde, Lancs, UK.
    Posts
    11,803
    Thank Post
    110
    Thanked 583 Times in 504 Posts
    Blog Entries
    1
    Rep Power
    224

    Re: Help me get rid of some spyware please!!

    Back to the spyware thing. Keep an eye out for Microsofts Client Protection. Beta version should be floating about soon.

    http://www.microsoft.com/athome/secu...e/default.mspx

  4. #19
    tarquel's Avatar
    Join Date
    Jun 2005
    Location
    Powys, Mid-Wales, UK
    Posts
    1,740
    Thank Post
    13
    Thanked 44 Times in 34 Posts
    Rep Power
    29

    Re: Help me get rid of some spyware please!!

    @gecko:

    Yes Yes YES lol :P

    Does that automated thing know about additional stuff that may be there due to tools you might not have normally on "home" computers?

    I'd be doubtful - so its why I suggested he attaches the log. It doesnt do us any harm now does it? lol

    The latest ver of hijackthis is 1.99.1

    Cheers
    Nath

  5. #20

    mac_shinobi's Avatar
    Join Date
    Aug 2005
    Posts
    9,725
    Thank Post
    3,248
    Thanked 1,049 Times in 971 Posts
    Rep Power
    364

    Re: Help me get rid of some spyware please!!

    If you do the analysis online it creates a url which shows you everything in the log, with nasty things, you save the analysis and you copy and paste the url into the forum, which saves space and is a lot neater. That way you can do it manually and automatic.

    Give it a go and you will see what I mean

  6. #21

    Join Date
    Jul 2005
    Location
    Corby
    Posts
    1,056
    Thank Post
    12
    Thanked 20 Times in 18 Posts
    Rep Power
    24

    Re: Help me get rid of some spyware please!!

    Wouldn't the generated log file be quite small anyway?

    Paul

  7. #22

    Join Date
    Jul 2005
    Location
    Corby
    Posts
    1,056
    Thank Post
    12
    Thanked 20 Times in 18 Posts
    Rep Power
    24

    Re: Help me get rid of some spyware please!!

    Further to my post above, this is what the makers say:

    "[below are the results of the scan]. Be careful what you delete, Hijackthis cannot determine what is bad and what is merely customised by you. The best thing to do is to save a log file and show it to knowledgable folks."

    Kind of what Tarquel said. I quote:

    "Does that automated thing know about additional stuff that may be there due to tools you might not have normally on "home" computers?

    I'd be doubtful - so its why I suggested he attaches the log. It doesnt do us any harm now does it? lol"

    I agree. And that's what the Hijack software team say- post the log so that people can help you. I hazard a guess there are quite a few people on here who could help.

    Paul :-)

  8. #23

    mac_shinobi's Avatar
    Join Date
    Aug 2005
    Posts
    9,725
    Thank Post
    3,248
    Thanked 1,049 Times in 971 Posts
    Rep Power
    364

    Re: Help me get rid of some spyware please!!

    Just as an example, I ran hijack and just to show everyone the difference between what I said and what you are saying here it is :

    The URL ( I was talking about doing , which not only shows you the log in the first place it also gives you a decent idea of what to delete and what not to delete and shows you unsure next to things it isnt sure about and that way you can still do the manual analysis of it !! ) :

    http://hijackthis.de/logfiles/911778...f211d68e9.html

    Now If I was to post the analysis you would get the following :

    Code:
    Logfile of HijackThis v1.99.1
    Scan saved at 17:59:12, on 10/10/2005
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    
    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Creative\SBAudigy4\DVDAudio\CTDVDDET.EXE
    C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
    C:\Program Files\Creative\SBAudigy4\Surround Mixer\CTSysVol.exe
    C:\WINDOWS\system32\CTHELPER.EXE
    C:\Program Files\ASUS\Probe\AsusProb.exe
    C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\WINDOWS\system32\taskswitch.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Creative\SBAudigy4\Entertainment Center\RcMan.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\Yahoo!\Messenger\ypager.exe
    C:\Program Files\Skype\Phone\Skype.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    C:\Program Files\Executive Software\Diskeeper\DkService.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\System32\nvsvc32.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Opera\Opera.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\WinRAR\WinRAR.exe
    C:\DOCUME~1\SOMEUS~1\LOCALS~1\Temp\Rar$EX00.562\HijackThis.exe
    
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.embc.org.uk:80
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: UberButton Class - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
    O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\Program Files\Yahoo!\Common\YIeTagBm.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: MSN Search Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1082\en-us\msntb.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: MSN Search Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1082\en-us\msntb.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O4 - HKLM\..\Run: [CTDVDDET] "C:\Program Files\Creative\SBAudigy4\DVDAudio\CTDVDDET.EXE"
    O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"
    O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy4\Surround Mixer\CTSysVol.exe /r
    O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
    O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
    O4 - HKLM\..\Run: [ASUS Probe] C:\Program Files\ASUS\Probe\AsusProb.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
    O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Executive Software\Diskeeper\DkIcon.exe"
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe
    O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
    O4 - HKLM\..\Run: [CoolInfoXPMon] C:\PROGRA~1\COOLIN~1\cicmon.exe
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [RemoteCenter] "C:\Program Files\Creative\SBAudigy4\Entertainment Center\RcMan.exe"
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\ypager.exe" -quiet
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
    O4 - Startup: Diskeeper 9 Professional Edition Registration.lnk = C:\Program Files\Executive Software\Diskeeper\ESIRegister.exe
    O4 - Global Startup: BTTray.lnk = ?
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
    O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/Ms...Downloader.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{DDE0A09A-ABD8-4E0D-A082-F58AA30012B5}: NameServer = 194.168.8.100,194.168.4.100
    O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\Diskeeper\DkService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: SQL Server (SQLEXPRESS) (MSSQL$SQLEXPRESS) - Unknown owner - C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS (file missing)
    O23 - Service: NVIDIA Display Driver Service (Omega 1.6693) (Q) (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
    I figured if you made the analysis and saved it all you would have to post is the url.

    I was just trying to help out a little bit.

  9. #24

    Join Date
    Jul 2005
    Location
    Corby
    Posts
    1,056
    Thank Post
    12
    Thanked 20 Times in 18 Posts
    Rep Power
    24

    Re: Help me get rid of some spyware please!!

    You could go here and find out:

    http://www.tomcoyote.org/hjt/

    You're moaning about nothing- it makes sense to me! You can see running processes (and therefore by implication processes that you perhaps think shouldn't be there) and you also have registry entries in the second section (which by further implication shows the registry entries for applications on your system). Don't think one should be there? Disable it.

    I'm still finding it hard to understand why you wouldn't think posting the log file on here is that good an idea. In the time it took to discuss it and for you to try and prove your point, the log file could have been posted and discussed.

    *sigh*

    Paul

  10. #25

    mac_shinobi's Avatar
    Join Date
    Aug 2005
    Posts
    9,725
    Thank Post
    3,248
    Thanked 1,049 Times in 971 Posts
    Rep Power
    364

    Re: Help me get rid of some spyware please!!

    @ stewartknight - Did you use hijackthis.de to analyse your log or will you be posting your log here to get analysed ?

    Was just trying to save on space basically

  11. #26

    Join Date
    Jul 2005
    Location
    Corby
    Posts
    1,056
    Thank Post
    12
    Thanked 20 Times in 18 Posts
    Rep Power
    24

    Re: Help me get rid of some spyware please!!

    ...take yours off and he'll have space to post his!!

    :-)

    Paul

  12. #27

    mac_shinobi's Avatar
    Join Date
    Aug 2005
    Posts
    9,725
    Thank Post
    3,248
    Thanked 1,049 Times in 971 Posts
    Rep Power
    364

    Re: Help me get rid of some spyware please!!

    Remind me, how do I delete it lol

  13. #28
    StewartKnight's Avatar
    Join Date
    Jun 2005
    Posts
    1,587
    Thank Post
    2
    Thanked 27 Times in 21 Posts
    Rep Power
    30

    Re: Help me get rid of some spyware please!!

    Gecko,


    I did hijackthis, but I didn't need anyone to explain it to me. It didn't solve my problem, but ewido did, and there was no need for me to analyse anything!

  14. #29
    tarquel's Avatar
    Join Date
    Jun 2005
    Location
    Powys, Mid-Wales, UK
    Posts
    1,740
    Thank Post
    13
    Thanked 44 Times in 34 Posts
    Rep Power
    29

    Re: Help me get rid of some spyware please!!

    lol

  15. #30

    mac_shinobi's Avatar
    Join Date
    Aug 2005
    Posts
    9,725
    Thank Post
    3,248
    Thanked 1,049 Times in 971 Posts
    Rep Power
    364

    Re: Help me get rid of some spyware please!!

    Did I mention, Microsofts anti spyware is great lol :P

SHARE:
+ Post New Thread
Page 2 of 3 FirstFirst 123 LastLast

Similar Threads

  1. Anti-Spyware
    By wesleyw in forum How do you do....it?
    Replies: 3
    Last Post: 20th March 2007, 01:39 PM
  2. Spyware
    By speckytecky in forum General Chat
    Replies: 5
    Last Post: 6th December 2006, 08:15 PM
  3. Google Spyware error
    By ChrisH in forum Windows
    Replies: 10
    Last Post: 14th December 2005, 08:35 PM
  4. Spyware/Adware in Schools
    By mrtechsystems in forum Windows
    Replies: 22
    Last Post: 29th July 2005, 01:02 PM
  5. It's not spyware....
    By Geoff in forum Windows
    Replies: 10
    Last Post: 14th July 2005, 10:09 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •