The Giant anti-spyware/anti-virus thread. - Page 2

Enki

United States2548 Posts

February 27 2008 00:45 GMT

#21

Meh, maybe I just had a bad experience with Kasperky. Its full scan took like 7 hours or something ridiculous like that rofl....

I have just been using Ad-Aware, which acrually caught a bad trojan that I had on my comp that AVG missed....

Pressure

7326 Posts

February 27 2008 00:50 GMT

#22

this is an important thread. Thanks to 1a2a9a and jimminy for this
1a2a9a is AMAZING guys dont doubt

jimminy_kriket

Canada5520 Posts

March 04 2008 01:00 GMT

#23

Does anyone have any recommendation on which anti-spyware product to use for the average user? I added a "recommended" section for each product to make it easier but I dont know what anti-spyware to recommend as I've only tried AVG in the past (i use a paid product).

People with experience gimme your input!

Meh

Sweden458 Posts

March 04 2008 01:09 GMT

#24

I always wary of taking advice about antivirus and spyware from people I don't know, as most of the time they are just trying to get you to download their own brand of spyware, so that they can screw you themselves.

jimminy_kriket

Canada5520 Posts

March 04 2008 01:13 GMT

#25

I will obviously look into any programs people recommend. And if you're implying I am doing that, then die.

useLess

United States4781 Posts

March 04 2008 01:58 GMT

#26

ctrl-F: adblock
not found

While adblock is not a standalone program, this firefox extensions/add-on will help block a lot of ads and potentially dangerous sites from loading. Very handy.

Equinox_kr

United States7395 Posts

March 04 2008 03:48 GMT

#27

Just saw this thread from Pony Express ... you should add NOD32 because it's been saving my ass for quite a while now

It's not free, though.

ChkChk.Boom

United States140 Posts

March 05 2008 00:56 GMT

#28

I am soo screwed. I got a spyware which changed my desktop wallpaper with this huge warning thing. the color is blue, and in the letters it says YOUR COMPUTER IS IN DANGER! IT IS AFFECTED WITH SPYWARE!. or something like that and it's hard to change it. plus im starting to get all these random popups, and in my toolbar thing, there is this icon that, when i highlight it, it says, "Warning: Your computer is infected" Windows detected spyware infection! click this message to install the last update of Windows Security Software. and yeah i clicked it and thats how i got the desktop background thing. sunuvabiatch. -_-;; Any idea of how to take it out? i tried to install the mal-ware thing in the OP's post, but when i did, during installation it said there was some errors or something like that. But i'm scanning with Avira AntiVirus rite now.

Dark.Carnival

United States5095 Posts

March 05 2008 02:32 GMT

#29

has anyone had trouble finding a suitable working anti-spyware program for vista? there's windows defender but i don't think it's very good, seeing as it hasn't found anything lol. i know for me quite a few programs don't work with vista, or well the version i have, which is vista ultimate 64bit etcetc, basically the highest version of vista. currently im using avg anti-spyware and it seems to be working ok, just wondering if anyone else has problems with vista? :|

Krohm

Canada1857 Posts

March 05 2008 04:59 GMT

#30

Alright, well after not being home for 3 days. I decide to go onto my PC and for some reason it's hibernating... Which means some one was on my PC and doesn't realize that when you turn it off it just got into hibernation, unless you actually select to turn it off.

Well anyways, I turn it on. Only to find my computer with spyware. Now I'm unsure as to what the damage is. I found one called "Seekmo" but I'll be needing help to see if there is any more damage.

God people who have no idea how to use PC's shouldn't even touch them.

My highjackthis log is located in the spoiler.

+ Show Spoiler +

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:57:47 PM, on 3/4/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16609)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\D-Link\D-Link RangeBooster N DWA-542\wirelesscm.exe
C:\Windows\System32\rundll32.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.daemon-search.com/startpage
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://en.us.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://en.us.acer.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: ShoppingReport - {100EB1FD-D03E-47FD-81F3-EE91287F9465} - C:\Program Files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [CCUTRAYICON] FactoryMode
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'NETWORK SERVICE')
O4 - Global Startup: Wireless Connection Manager.lnk = C:\Program Files\D-Link\D-Link RangeBooster N DWA-542\wirelesscm.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - C:\Program Files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll
O9 - Extra button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - C:\Program Files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll
O13 - Gopher Prefix:
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Atheros Configuration Service (ACS) - Atheros - C:\Program Files\D-Link\D-Link RangeBooster N DWA-542\acs.exe
O23 - Service: Intel(R) Alert Service (AlertService) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Intel(R) DHTrace Controller (DHTRACE) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\IntelDH\bin\DHTraceController.exe
O23 - Service: DQLWinService - Unknown owner - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
O23 - Service: eDataSecurity Service - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: IntelDHSvcConf - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe
O23 - Service: Intel(R) Software Services Manager (ISSM) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Intel(R) Viiv(TM) Media Server (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
O23 - Service: Intel(R) Application Tracker (MCLServiceATL) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
O23 - Service: Intel(R) NMSCore (NMSCore) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Intel(R) Quality Manager (QualityManager) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\qualitymanager.exe
O23 - Service: Intel(R) Remoting Service (Remote UI Service) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

--
End of file - 7803 bytes

Schnake

Germany2819 Posts

March 16 2008 13:42 GMT

#31

On March 05 2008 13:59 Krohm wrote:
Alright, well after not being home for 3 days. I decide to go onto my PC and for some reason it's hibernating... Which means some one was on my PC and doesn't realize that when you turn it off it just got into hibernation, unless you actually select to turn it off.

Well anyways, I turn it on. Only to find my computer with spyware. Now I'm unsure as to what the damage is. I found one called "Seekmo" but I'll be needing help to see if there is any more damage.

God people who have no idea how to use PC's shouldn't even touch them.

My highjackthis log is located in the spoiler.

+ Show Spoiler +

I presume you already have fixed your PC but if not you can check your log here: http://www.hijackthis.de/en.

1a2a9a

Finland206 Posts

March 16 2008 14:04 GMT

#32

Don't use http://www.hijackthis.de/en. anybody, those automated scanners are terrible

ChkChk.Boom you should post on that site Jiminy_Kriket listed in his original post

Same for you Krohm

Fix these entries in HJT

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: ShoppingReport - {100EB1FD-D03E-47FD-81F3-EE91287F9465} - C:\Program Files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O9 - Extra button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - C:\Program Files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll
O9 - Extra button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - C:\Program Files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll

Then delete this folder

C:\Program Files\ShoppingReport

CapO

United States1615 Posts

June 04 2008 22:39 GMT

#33

alright, i need help asap. my computer is slow as fuck now, and i get a lot of popups..

in OP, there is a link to AVG Anti-Spyware Free Edition, but when i click the link, i only see AVG Anti-Virus Free Edition 8.0 and some other virus removals.

i need to get rid of spywares.. i get rundll error when i first start up my computer.

search & destroy suck, because they find the spywares, but do not get rid of it. even if they do, they still come back.

i need some powerful spayware removal that will even get rid of the ones already "running".

please help!

here are some screenshots of what is happening on my comp

btw, it's not just access.exe, sometimes i see different files as well. samething with the last pic, i see more than one infected file names, whenever they re-popup.

CapO

United States1615 Posts

June 04 2008 23:14 GMT

#34

right now, im downloading a bunch of spyware removals and etc. by using flashget. under each one of these comments, i see ADW_PURITY.AA, which is apparently the name of the spyware.

anyone has knowledge of this particular one?

CharlieMurphy

United States22895 Posts

June 05 2008 00:01 GMT

#35

I can help you out, you got AIM? First of all stop using Internet explorer, switch to firefox.

Download AVG free, AS and AV. Also download Hijackthis from majorgeeks.com

mahnini

United States6862 Posts

June 05 2008 11:47 GMT

#36

Did they seriously change your wallpaper? Goddamn son, lay off the porn.

Archaic

United States4024 Posts

June 05 2008 12:27 GMT

#37

On June 05 2008 09:01 CharlieMurphy wrote:
I can help you out, you got AIM? First of all stop using Internet explorer, switch to firefox.

Download AVG free, AS and AV. Also download Hijackthis from majorgeeks.com

Don't listen to him. Search for anything relating to IE, secure delete from your hard drive, but back it up on a flash drive. Burn the flash drive and mix it with peanuts to feed it to an elephant.

The best way to stop any type of viruses or popups, is to buy a mac. /advertisement.

Go on http://www.filehippo.com

They have a large selection of a bunch of anti virus, spyware, etc. Helped my PC with viruses a lot. Some of them lie to you though, and say you have 100100302034023402034 viruses.

Jibba

United States22883 Posts

June 05 2008 12:57 GMT

#38

Safari is actually far less secure than IE. Within the next year there will probably be a flood of Mac virii, now that so many universities are going towards them.

CapO

United States1615 Posts

June 05 2008 13:50 GMT

#39

On June 05 2008 20:47 mahnini wrote:
Did they seriously change your wallpaper? Goddamn son, lay off the porn.

i never download porns.. i only watch streams on youporn

anyway, AVG's awesome. it got rid of the spywares and everything that is running in my memory as well!

now, i can't access my task manager though.. i posted my hijackthis log in techsupportforum, so i'll wait.. /tear

CharlieMurphy

United States22895 Posts

June 05 2008 18:44 GMT

#40

Mac sucks period. It is inferior in about every way (including price).

Capo, feel free to aim or pm me if you need any more help

Prev 1 2 3 4 5 7 8 9 Next All

Please or register to reply.

The Giant anti-spyware/anti-virus thread. - Page 2

Completed

Ongoing

Upcoming