Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

PCSpywarescan


  • Please log in to reply

#1
Dougm1966

Dougm1966

    New Member

  • Member
  • Pip
  • 7 posts
The darn thing is still there.

I've got an old 466mhz and it's been doing great under the command of 98se. Until...I got that @#$% PCSpywarescan junk. I'm a promoter of GMAIL and FireFox (although I'm a FF junkie, I don't know anything about writing extensions) and I haven't had but maybe 3 spam and maybe 4 spyware infections in almost a year so I have no idea how this thing got on my computer. I used Ad-Aware...... and Spybot...... and Avast...... and Keipersky( I think I spelled that right...)...... Now, I knew I was going to dump my disk drive to cd and install the winXP Prof, so when I got this "Hemorroid" it just pushed me to do it sooner...I figured what the heck, just reformat and install you new OS and things'll be fine....

Wrong Answer...I still have the [bleep] thing....

I have a TOTALLY FRESH OS>>>>

Fist thing I did was install 10/100 card and log on to windows update to get the SP's and before the page could finish loading I got one of those pop-ups....

I ran a regcleaner 4.3 by Jouni Vuorio..it came up with Geminus and a netscape thing and one other I don't rememer...at the moment the only thing it comes up with is
"Author:C07ft5Y Software:WinXP"
"Author:Intel Software:Indeo"

Thinking I got rid of it...by deleting the other unknowns..."probably due to IE6's backdoor to @#$%", when I logged on the first time I got nailed with cookies...heck, I don't know...

Then I went to MicroHell and did the "critical updates"..thinking that it was gone....I read the other day not to do the updates if it is on your computer...I thought it was gone...I got through the updates of the "update actualization software bla bla bla...not the actual updates...then I got the pop-up again.

If a REFORMATTED drive still has it...now what?





Here's a Bonus...Immediately after posting this I clicked a link up above to "hi-jack this" and was taken here....

http://hijack-this.net/

It looks exactly the same site that the pcspywaresan site..... in fact..it is....

What now?

Edited by Dougm1966, 04 December 2005 - 01:59 PM.

  • 0

Advertisements


#2
Dougm1966

Dougm1966

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
Ok...did the Hijack this thing...here's the log....I hope I'm doing this right....

Logfile of HijackThis v1.99.1
Scan saved at 21:17:18, on 2005-12-04
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Doug.S-H8RS39PX402IL\Local Settings\Temp\Temporary Directory 1 for hijackthis[1].zip\HijackThis.exe

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1133722376885
  • 0

#3
Retired Tech

Retired Tech

    Retired Staff

  • Retired Staff
  • 20,563 posts
As you have only just formatted, you could consider using the hard drive manufacturer's set up utility to write zeros to the drive, use the full, not quick option, then when you install XP it will still want to format, let it do this as NTFS long, not quick

That will possibly add 10 hours to the install but the bad bits are unlikely to survive it
  • 0

#4
Dougm1966

Dougm1966

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
Please tell me your kidding....It sounds like it'd be easier to buy a new drive....it's not worth the trouble to save such a small drive...I would assume...
  • 0

#5
Dougm1966

Dougm1966

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
HJL only went to 016...did it 3 times
  • 0

#6
Retired Tech

Retired Tech

    Retired Staff

  • Retired Staff
  • 20,563 posts
As the size of drive wasn't, still hasn't been mentioned, I'm for real, though you could always buy a new drive, along with a faster processor, although 466Mhz will run XP
  • 0

#7
Dougm1966

Dougm1966

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
I'm sure... A drive is not a problem...the processor is all I need for what I'm doing... Tell me...is there ANYthing out there that can get rid of this thing? I've read some horror stories if you go to the site.....it's actually just really annoying...is it harmful or just a pain?
  • 0

#8
Dougm1966

Dougm1966

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
something else real quick...i didn't mention that I'm in Poland and from Seattle. I don't speak Polish so....My OS is in English, but the bios and everything else is in polish.
  • 0

#9
Retired Tech

Retired Tech

    Retired Staff

  • Retired Staff
  • 20,563 posts
If you install a new drive it cannot be on there, only if you install then go wandering on www without a firewall and AV are you likely to get this

As the set up utilities are free downloads it has to be worth doing that, even if you only install the drive as a slave to use as a place for back ups
  • 0

#10
Dougm1966

Dougm1966

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
Thanks for the info.... Any information on setup utilities you can give me... when you get the time of course, I know your answering other posts... it would be greatly appreciated
  • 0

#11
Retired Tech

Retired Tech

    Retired Staff

  • Retired Staff
  • 20,563 posts
Download and install Everest Home Edition

Run the programme, click + next to computer then summary

Scroll through list on right for storage to get the make of hard drive, visit the manufacturer's site for their set up utility, check it has a write zeros to drive option

If it does not then you can use UBCD, which has a number of dripe erasers, though use the highest numbered format for the best result, most will run overnight


http://ubcd.sourcefo...t/download.html

There are two versions, basic (121mb) and full (186mb) Full can do more
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP