Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Spy-trooper [CLOSED]

Started by mglavich , Oct 01 2005 09:35 AM

  • This topic is locked This topic is locked

#1
mglavich
Posted 01 October 2005 - 09:35 AM

mglavich

    New Member

  • Member
  • Pip
  • 1 posts
Hello Geek Squad,

Would very much appreciate your help here.

I have the same problem as HeedLee (see below) and kitepirot (http://www.geekstogo...showtopic=63472)

Some kind of spyware has taken control of my PC and wherever I try to go on the internet, I am forwarded back to a site saying "You have spyware download PS Guard or Spy Trooper". There is also constant pop ups that come as windows (generally from Search2K.net), or a little text box that comes from my quick launch toolbar saying "you have spyware click here to remove it" which brings me back to spy trooper.

I own and ran updated scans of both SpyWare XTerminator and Ad-Ware SE Plus. They run, but can't find anything, all the while the little System Alert Textbox is blinking at me.

This is theft of property and extorsion on an incredibly arrogant and aggressive scale and I am at a loss as to what to do :tazz:

Would very much appreciate any help and thank-you for doing the kind of work u do.

BTW, when I run Hijack This, I get a BHO that can't be deleted and here is the "HiJack this" Log:

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINNT\system32\regsvc.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\WINNT\system32\MSTask.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\mspmspsv.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
C:\WINNT\system32\mssearchnet.exe
C:\WINNT\system32\nvctrl.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\STOMPS~1\SPYWAR~1\PPMemCheck.exe
C:\PROGRA~1\STOMPS~1\SPYWAR~1\PPControl.exe
C:\PROGRA~1\STOMPS~1\SPYWAR~1\CookiePatrol.exe
C:\WINNT\system32\mobsync.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Linksys\Wireless-G Notebook Adapter\OdHost.exe
C:\Program Files\Linksys\Wireless-G Notebook Adapter\WPC54Cfg.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\unzipped\hijackthis\HijackThis.exe

O2 - BHO: (no name) - {893fad3a-931e-4e53-b515-b1426d63799b} - C:\WINNT\system32\hp7A07.tmp (file missing)

mglavich
  • 0

Advertisements

#2
greyknight17
Posted 01 October 2005 - 04:17 PM

greyknight17

    Malware Expert

  • Visiting Consultant
  • 16,560 posts
Welcome to GTG.

This is not the whole log file. Please repost the whole log now.
  • 0

#3
greyknight17
Posted 15 October 2005 - 04:03 PM

greyknight17

    Malware Expert

  • Visiting Consultant
  • 16,560 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP