We’d like to remind Forumites to please avoid political debate on the Forum.
This is to keep it a safe and useful space for MoneySaving discussions. Threads that are – or become – political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
Help!! Got a trojan detected what do I do???
Comments
-
part 3
Supplementary Scan
.
uStart Page = hxxp://www.bbc.co.uk/weather/5day.shtml?id=2897
uInternet Connection Wizard,ShellNext = iexplore
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office10\EXCEL.EXE/3000
DPF: {38AB0814-B09B-4378-9940-14A19638C3C2} - hxxp://www.auctiva.com/Aurigma/ImageUploader5.cab
.
- - - - ORPHANS REMOVED - - - -
HKLM-Run-ALDI Photo Service - c:\program files\ALDI Photo Service\ALDI_Photo_Service\FotoSuite.exe
HKLM-Run-PCDrProfiler - (no file)
SafeBoot-AVG Anti-Spyware Driver
SafeBoot-AVG Anti-Spyware Guard
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-16 16:25
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
DLLs Loaded Under Running Processes
- - - - - - - > 'winlogon.exe'(712)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
c:\windows\system32\WININET.dll
c:\windows\system32\Ati2evxx.dll
- - - - - - - > 'explorer.exe'(1024)
c:\windows\system32\WININET.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\IEFRAME.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Other Running Processes
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Common Files\EPSON\EBAPI\SAgent2.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\progra~1\AVG\AVG8\avgrsx.exe
c:\progra~1\AVG\AVG8\avgnsx.exe
c:\windows\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE
c:\program files\AVG\AVG8\avgcsrvx.exe
c:\windows\system32\wscntfy.exe
c:\program files\Java\jre6\bin\jucheck.exe
.
**************************************************************************
.
Completion time: 2009-11-16 16:39 - machine was rebooted
ComboFix-quarantined-files.txt 2009-11-16 16:39
Pre-Run: 53,142,589,440 bytes free
Post-Run: 53,718,519,808 bytes free
- - End Of File - - EC5192193D7D6A0BB4C6CAF09961E341Thanks to MSE savings we got to go to Disneyworld Florida.
0 -
Log looks ok at 1st glance
Download and run the FREE version of DR WEB
http://www.freedrweb.com/download+cureit/gr/
It will auto QUICK scan
After that set to scan the WHOLE computer and press the 'play' icon
***DO NOT UPGRADE TO FULL VERSION***:idea:0 -
Thanks,overnight will run sas scan and delete/remove anything it says and will then do drweb!!
How many scan thingys are there!!!!
Just a thought If I delete all the tracking cookies won't that make it difficult for websites like topcashback to track my cashback?? and do I lose all login info as well on other sites ?
What do I do after drweb scan run do I follow what it says needs removing ?? or post log or ....... (can't you tell I'm totally not up on how computers work)Thanks to MSE savings we got to go to Disneyworld Florida.
0 -
Thats a fair comment ~ I dont think spybot will prevent cashback from working. Saying that im not entirely sure
Your call ~ spybot blocks a lot of nasties which makes it safer
Dr web ~ remove the lot:idea:0 -
right all done spybot removed some bits and Dr web found nothing. So am I in the clear?
My computer is still running a bit slow but can put up with it as long as there are no nastys about!!
So am I right in thinking I should clean disk up and scan with malwarebytes regularly?
which others should I do regularly? and does spybot keeping looking for things in the background or do I need to run it regularly
Downloaded and scanned so much these last few days unsure of what is what!!!
Would it be a good idea to delete any of the things I've downloaded or do I need to keep them.
All those who've helped I thank from the bottom of my heart I could not have done it without your knowledge ThanksThanks to MSE savings we got to go to Disneyworld Florida.
0 -
Download CCLEANER
http://www.ccleaner.com/download/builds/downloading-slim
Run the CLEANER scan (UNTICK 'cookies')
Then run the REGISTRY scan (Backup the registry when it asks)
reboot
Download GLARY UTILITIES
http://www.glaryutilities.com/download/gusetup_slim.exe
Run the ONE CLICK scan
Goto MODULES / SYSTEM TOOLS / WINDOWS STNDARD TOOLS / then run SYSTEM FILE CHECKER
If its still slow after that then you need to look at whats running and what RAM and cpu you have:idea:0 -
Thanks ran both of them and it cleaned some more stuff out amazing Looks like it is back firing on all cylinders. So will go with it for a few days and see how we go.
whilst I am cleaning it up would it be worth doing a disk re/fragmentation or whatever they call it ? Never done one on computer before not sure what it does and was wary of doing things I wasn't sure of!!
Many thanksThanks to MSE savings we got to go to Disneyworld Florida.
0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 352.2K Banking & Borrowing
- 253.6K Reduce Debt & Boost Income
- 454.3K Spending & Discounts
- 245.2K Work, Benefits & Business
- 600.9K Mortgages, Homes & Bills
- 177.5K Life & Family
- 259.1K Travel & Transport
- 1.5M Hobbies & Leisure
- 16K Discuss & Feedback
- 37.7K Read-Only Boards