Bastage Spyware..
Results 1 to 3 of 3

Thread: Bastage Spyware..

  1. #1
    Junior Member
    Join Date
    Aug 2005
    Posts
    2

    Bastage Spyware..

    hey,i recently caught some new spyware on my comp and this ones pesky.Ive used :
    -Spybot 1.3
    -Adaware 1.06 se
    -Coolwwwsearch remover
    -Hijack This 1.99.1
    -looked under msconfig
    -didnt find any suspicious registries in regedit cmd

    It pops up on my comp two ways.

    A dialog box with a red x in that makes a annyoing noise that scares the hell out of me when i listen to music which usually do at a high volume.It said Warning: Firewall has detected surspicious activity.and says do you want to learn how to protect your comp? with yes or no buttons which lead to some spyware bloker site.It has to be spyware because it had like links to car rentals and viagra and stuff.

    The other is a popup box in the system tray that says:

    Your comp may be at risk ur virus protection is bad spyware activity detected Click balloon to fix this problem.


    Any suggestions,advice or links would be greatly appreciated.
    Reply Quote Top Bottom

  2. #2
    AO übergeek phishphreek's Avatar
    Join Date
    Jan 2002
    Posts
    4,324
    I'd be helpful if you could post your hjack this log.

    Just attach it as a .txt file. No need to copy and paste.
    Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.

  3. #3
    Junior Member
    Join Date
    Aug 2005
    Posts
    2
    StartupList report, 8/6/2005, 1:58:20 AM
    StartupList version: 1.52.2
    Started from : C:\Documents and Settings\Brent\My Documents\HijackThis.EXE
    Detected: Windows XP (WinNT 5.01.2600)
    Detected: Internet Explorer v6.00 (6.00.2600.0000)
    * Using default options
    ==================================================

    Running processes:

    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\System32\alg.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    C:\WINDOWS\System32\nvsvc32.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\wdfmgr.exe
    C:\WINDOWS\System32\CTHELPER.EXE
    C:\Program Files\Microsoft IntelliPoint\point32.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\ewido\security suite\ewidoctrl.exe
    C:\Program Files\MSN\MSNCoreFiles\msn6.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\Brent\My Documents\HijackThis.exe

    --------------------------------------------------

    Listing of startup folders:

    Shell folders Common Startup:
    [C:\Documents and Settings\All Users\Start Menu\Programs\Startup]
    Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

    --------------------------------------------------

    Checking Windows NT UserInit:

    [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    UserInit = C:\WINDOWS\system32\userinit.exe,

    --------------------------------------------------

    Autorun entries from Registry:
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run

    CTHelper = CTHELPER.EXE
    NvCplDaemon = RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
    nwiz = nwiz.exe /install
    NvMediaCenter = RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
    IntelliPoint = "C:\Program Files\Microsoft IntelliPoint\point32.exe"
    AVG7_CC = C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
    AVG7_EMC = C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe

    --------------------------------------------------

    Shell & screensaver key from C:\WINDOWS\SYSTEM.INI:

    Shell=*INI section not found*
    SCRNSAVE.EXE=*INI section not found*
    drivers=*INI section not found*

    Shell & screensaver key from Registry:

    Shell=Explorer.exe
    SCRNSAVE.EXE=*Registry value not found*
    drivers=*Registry value not found*

    Policies Shell key:

    HKCU\..\Policies: Shell=*Registry key not found*
    HKLM\..\Policies: Shell=*Registry value not found*

    --------------------------------------------------


    Enumerating Windows NT logon/logoff scripts:
    *No scripts set to run*

    Windows NT checkdisk command:
    BootExecute = autocheck autochk *

    Windows NT 'Wininit.ini':
    PendingFileRenameOperations: C:\DOCUME~1\Brent\LOCALS~1\Temp\~f1d055.tmp|||A

    --------------------------------------------------

    Enumerating ShellServiceObjectDelayLoad items:

    PostBootReminder: C:\WINDOWS\system32\SHELL32.dll
    CDBurn: C:\WINDOWS\system32\SHELL32.dll
    WebCheck: C:\WINDOWS\System32\webcheck.dll
    SysTray: C:\WINDOWS\System32\stobject.dll

    --------------------------------------------------
    End of report, 4,013 bytes
    Report generated in 0.188 seconds

    Command line options:
    /verbose - to add additional info on each section
    /complete - to include empty sections and unsuspicious data
    /full - to include several rarely-important sections
    /force9x - to include Win9x-only startups even if running on WinNT
    /forcent - to include WinNT-only startups even if running on Win9x
    /forceall - to include all Win9x and WinNT startups, regardless of platform
    /history - to list version history only

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides