Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Spyware problem


  • Please log in to reply

#1
joo9323

joo9323

    New Member

  • Member
  • Pip
  • 2 posts
Hi
ever since i downloaded this stupid warcraft cd-key changer thingy
i got a blue screen saying
Warning! Spyware detected on your computer!
i tried going on the safety mode and deleting stuff through my anti-virus software but
nothing was done

heres what i got from Hijackthis

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\CheckPoint\SecuRemote\bin\SR_WatchDog.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\HAURI\Common\Base\Vrmonnt.exe
C:\WINDOWS\system32\sistray.exe
C:\Program Files\HAURI\ViRobot Desktop 5.5\AccessControl\HFACSvc.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\HAURI\Common\hsvcmod.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\SPACE INTERNATIONAL\CDSpace 6\Cdsrcm.exe
C:\Program Files\HAURI\Common\Base\vrmonsvc.exe
C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WLService.exe
C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WUSB54GC.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\CheckPoint\SecuRemote\bin\SR_Service.exe
C:\Program Files\CheckPoint\SecuRemote\bin\SR_GUI.Exe
C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WUSB54GC.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Pando Networks\Pando\pando.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [Vrmon] C:\Program Files\HAURI\Common\Base\Vrmonnt.exe
O4 - HKLM\..\Run: [HEProtect] C:\Program Files\HAURI\ViRobot Desktop 5.5\AntiSpam\HSockPE.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [ctfmon.exe] ctfmon.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [ctfmon.exe] ctfmon.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] ctfmon.exe (User 'Default user')
O8 - Extra context menu item: Microsoft Excel로 내보내기(&X) - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: 리서치 - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zon...er.cab56986.cab
O21 - SSODL: axrfgvek - {FA2D52DE-E054-460B-94F3-1D67281018B2} - C:\WINDOWS\axrfgvek.dll
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ViRobot for WinNT™ Folder Protect (HFACSVC) - hauri - C:\Program Files\HAURI\ViRobot Desktop 5.5\AccessControl\HFACSvc.exe
O23 - Service: Hauri Common Service (hsvcmod) - Unknown owner - C:\Program Files\HAURI\Common\hsvcmod.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Check Point SecuRemote Service (SR_Service) - Check Point Software Technologies - C:\Program Files\CheckPoint\SecuRemote\bin\SR_Service.exe
O23 - Service: Check Point SecuRemote WatchDog (SR_WatchDog) - Check Point Software Technologies - C:\Program Files\CheckPoint\SecuRemote\bin\SR_WatchDog.exe
O23 - Service: Hauri Firewall (vrfwsvc) - Hauri inc. - C:\Program Files\HAURI\ViRobot Desktop 5.5\PCFirewall\vrfwsvc.exe
O23 - Service: ViRobot Desktop Monitoring (vrmonsvc) - HAURI - C:\Program Files\HAURI\Common\Base\vrmonsvc.exe
O23 - Service: WUSB54GCSVC - GEMTEKS - C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WLService.exe

Please help i am very frustrated T.T
  • 0

Advertisements


#2
Rorschach112

Rorschach112

    Ralphie

  • Retired Staff
  • 47,710 posts
Please go to the malware forum and follow the instructions at the top....Especially the CLICK HERE.

That will give you several steps that will help you clean up 70 percent of all problems by yourself. If at the end of the process you are still having difficulty--and you may not be-- then post a hijackthis log in THAT forum.

If you are still having problems after getting a clean bill of health from the malware expert, please return to this thread.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP