| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 69889 | 2006-06-15 12:25:00 | Doh! Spyware quake again ..... Help Please | mi2dear (10556) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 463388 | 2006-06-23 10:17:00 | Again? Never learn a lesson huh?:eek: I can't stop laughing at this. Where do you get it again? | MTLance (6768) | ||
| 463389 | 2006-06-23 10:18:00 | Are able to uninstall the folder C:\Program Files\SpywareQuake.com ? | Pancake (6359) | ||
| 463390 | 2006-06-23 10:34:00 | No, there is no problem of spywarequake. But during start up the PC keeps on loading so many programs. That is why I asked. MT Lance... Mind ur own damn business :xmouth: |
mi2dear (10556) | ||
| 463391 | 2006-06-23 10:43:00 | The computer can start heaps of program . It depend on what you have installed . If you wish to play around and stop some from loading try this Codestuff Starter program . . . . google . com . au/url?sa=U&start=2&q=http://members . lycos . co . uk/codestuff/&e=9797" target="_blank">www . google . com . au |
Pancake (6359) | ||
| 463392 | 2006-06-23 10:44:00 | Sorry. Just feeling naughty that's all.:dogeye: Forgive me. Use Norton GoBack and standby the system if anything happens. Using a better firewall not Zone Alarm Pro, lol. I wanted to use a better firewall but the internet will lagged like hell. Which is Norton Internet Security. It affects the internet speed a lot. I must warn you that System Restore does not work like Norton GoBack. I am not promoting the product but the best System Restore which saves and backup system every interval, so don't need to use backup software. If your AntiVirus is too weak, change it. Like I've changed mine to McAfee.;) Spyware Quake is in no trace in my computer now. Keep your eyes open if you meet Spware Quake again. It's a damn virus/adware. The internet explorer might not be opened anymore. So careful careful careful.:horrified Don't repeat the same mistakes again this can affect your other files in the PC. |
MTLance (6768) | ||
| 463393 | 2006-06-23 10:55:00 | Well......Number one on the hit list is this: :mad: You don't use an anti-virus scanner or your scanner is not active. Only an anti-virus scanner can protect you against new viruses. Reasons why an anti-virus scanner MAY NOT BE DETECTED.... (1.) You are using the windows firewall or a hardware firewall. (2.) You are using a firewall of an unknown vendor. (3.) You are using a firewall, but for unknown reasons it is disabled OR..... (4.) You don't use any firewall at all. :mad: Download and install one or activate windows xp´s own firewall. Now on to the scan: C:\windows\system32\sncntr.exe running process. (sncntr.exe) Added as result of a Troj/Dluca-I trojan infection. This is a nasty process! You should fix it and try to delete it manually! Manually is the keyword here! MOST TROJAN HUNTERS CANNOT CURE THIS BY THEMSELVES AND YOU WILL NEED SERIOUS TROJAN-REMOVER HELP ON THIS ONE. C:\WINDOWS\system32\atmclk.exe Check with an antivirus scanner ATMCLK.EXE is a process belonging to an advertising program. This process monitors your browsing habits and distributes the data back to the author's servers for analysis. This also prompts advertising popups. This program is a registered security risk and should be removed immediately. C:\WINDOWS\system32\dcomcfg.exe Check with an antivirus scanner Process File: dcomcfg.exe Process Name: unknown trojan Description: dcomcfg.exe is a process which is registered as a trojan. This Trojan allows attackers to access your computer from remote locations, stealing passwords, Internet banking and personal data. It is a registered security risk and should be removed immediately. O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL Must be fixed! O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - c:\Program Files\Microsoft Money\System\mnyviewer.dll related to this: HP Imaging Tookit Toolbar Company : Hewlett-Packard Company Description : HP Imaging Tookit Toolbar Threat Level (1-10) : 0 Processes : HPTOOLKT.DLL CLSID List : {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5}, but has been spoofed in your case with a piggy-back trojan. O3 - Toolbar: My &Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL Must be fixed!...see above reason ^ O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe "My Web Search" malware usually from porno sites and adult-oriented media O4 - HKLM\..\Run: [sncntr] c:\windows\system32\sncntr.exe /nocomm Added as result of a Troj/Dluca-I trojan infection O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE Realtek AC97 Audio - Event Monitor. "Sypware" file used surreptitiously monitor one's actions. It is not a sinister one, like remote control programs, but it is being used by Realtek to gather data about customers O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - imgfarm.com Questionable if dangerous or not...the jury's out on this one yet. O18 - Protocol: bwc0 - {498B875F-FC08-4E39-B5E0-B5EAE6986E24} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll NOTE: you have multiple listings of this same spyware. They are part of a hijacker list. They are from: 'cn' (CommonName) , 'ayb' (Lop.com) and 'relatedlinks' (Huntbar) O23 - Service: Attack Shield WS (AttackShield) - Unknown owner - C:\Program Files\Sana Security\Attack Shield\AttackShieldAgent.exe This is a pretty useless anti-spyware program that actually IS it's own spyware which is not from Microsoft. Often malware is starting as a systemservice and it's not easy to detect it. Very very true. Excellent. This people never learn their lesson yet. I've use Norton from the past and since that program attacked me and I've change to much more powerful Anti-Virus which is McAfee and now I hardly seen Spyware Quake taking control of my computer anymore. |
MTLance (6768) | ||
| 463394 | 2006-06-23 10:59:00 | Can't help with your hijack log, but can tell you to use the Netguide or PC World mag, and at least install AVG anti virus, and Zone Alarm. The will be better than nothing, until you decide what is the better anti virus and firewalls to use. I tell you to use those, as they are free, both of them, and are usually found in either publication, and you don't have to come back on line unprotected to download them. Good luck but get at least those programs up and running quick. Wrong. AVG and Zone Alarm are weak defenders use a much more powerful programme not ZA and AVG.;) I hope I'm not wrong here. But ZA is weak and AVG rating is worst than Norton. |
MTLance (6768) | ||
| 463395 | 2006-06-23 11:18:00 | how is ZA weak?? the weak part is generally the user ! no firewall can stop someone from being infected from malware. end of story. mi2dear... run you anti spyware and AV in safe mode and clean out ALL temps files. dont forget you need to do it in EVERY user account including cleaning ever user account. malware often have a file hidden on the pc from which it can reinstall itself later on, its often in a temp folder tho not always. if you keep getting reinfected then look at why. your favorite app you install may infact have the nasties hidden in it. |
tweak'e (69) | ||
| 463396 | 2006-06-23 11:42:00 | ZA? ZA is no use when Spyware Quake being attacked. I wanted to use Norton Internet Security. But Conflict with McAfee Securrty Centre so use ZA but I've been very careful going into websites and now with extra defence I'm not worried into any web page. McAfee AV and AS has improved a lot and lots of daily updates and never missed any update yet. Many Anti Spyware companies are just sucks except SpySweeper. Spyware Doctor is not good enough. | MTLance (6768) | ||
| 463397 | 2006-06-23 11:47:00 | By the way does anyone seen me using HijackThis program to fix PC problems??? Uh huh? Yes? No? Huh, yes one time when HDD turn down on me but using Windows tools fixed the problem not HijackThis program fix it. So want a healthy computer? Here's some details: McAfee Security Center, System Mechanic, CCleaner, Registry Mechanic and etc. |
MTLance (6768) | ||
| 1 2 3 4 | |||||