Re: Need Help with virus/spyware

Discussion in 'Computer Support' started by pcbutts1, Jul 22, 2005.

  1. pcbutts1

    pcbutts1 Guest

    Barry, <>, whose name means "thinks there's nothing
    obsessional about driving past an ex's house to see what they were up to;
    has really weird erotic fantasies involving vegetables and orifices; likes
    to call his penis his 'rod of love'", purred:

    > I'm trying to get a friends pc back to normal.


    Sorry I can't help you with that but I can remind you to not start a new
    thread about the same problem.

    > The pc has xp sp2.


    Sorry, I can't help with any computer problems.

    > Did all the cleanup withs adaware.


    You have spyware.

    > ccshreder and sybot.


    And I hope you fail.

    > Ran Noroton and Stinger.


    And you don't need it.

    > Ths system was full of sypare and trojans but got them all out (I think)


    All that stuff.

    > I ran HijackThis and below is the log.


    You have a mind like a fortress. Hundreds of rooms, all shut up and
    barricaded.

    > I can't get rid of
    > C:\WINDOWS\assembly\GAC\SYSTEM~2.DES\antikb.dll I booted into dos
    > and found the file but can't rename or delted it as it is in use.


    I think you are just scared to try.

    > HijackThis can't delete it either.


    Can't resist.

    > Any Ideas.


    Watch out.

    > My girlfriend really enjoys oral... so long as I'm doing it to her..
    > but she WON'T do it to me...! How can I get her to give me a BJ ?? It's
    > doing my head in..??


    Is that your last Will and Testament, Barry?

    > The pc is really running slow so suspect that this file is trying to do
    > something TIA Barry Logfile of HijackThis v1.99.1 Platform:
    > Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00
    > SP2 (6.00.2900.2180) C:\WINDOWS\System32\smss.exe
    > C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe
    > C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe
    > C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE
    > C:\WINDOWS\system32\spoolsv.exe c:\Program Files\Common Files\Symantec
    > Shared\ccSetMgr.exe c:\Program Files\Norton AntiVirus\navapsvc.exe
    > c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    > C:\windows\system\hpsysdrv.exe C:\WINDOWS\System32\hkcmd.exe
    > C:\WINDOWS\System32\hphmon05.exe C:\Program Files\Common
    > Files\Symantec Shared\ccApp.exe
    > C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
    > C:\WINDOWS\System32\igfxtray.exe C:\Program
    > Files\iTunes\iTunesHelper.exe C:\Program


    Get rid of SP2.

    > Files\AIM\aim.exe C:\Program Files\Common Files\Symantec
    > Shared\Security Center\SymWSC.exe C:\Program Files\MA311 PCI Adapter
    > Configuration Utility\wlanutil.exe C:\Program
    > Files\iPod\bin\iPodService.exe C:\temp\HijackThis.exe O2 - BHO:
    > MSEvents Object - {EB1CE8AA-7F27-45D3-BA59-37AFBFB4437F} -
    > C:\WINDOWS\assembly\GAC\SYSTEM~2.DES\antikb.dll O4 -
    > HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe O4 -
    > HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe O4 -
    > HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe O4 -
    > HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 -
    > HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec
    > Shared\ccApp.exe" O4 - HKLM\..\Run: [HPDJ Taskbar Utility]
    > C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe O4 -
    > HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe O4 -
    > HKLM\..\Run: [iTunesHelper] "C:\Program


    Work slow and do things for yourself.

    > Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Symantec
    > NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 -
    > HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe
    > -cnetwait.odl O4 - Global Startup: Configuration Utility.lnk =
    > C:\Program Files\MA311 PCI Adapter Configuration Utility\wlanutil.exe
    > O4 - Global Startup: Quicken Scheduled Updates.lnk = C:\Program
    > Files\Quicken\bagent.exe O8 - Extra context menu item: E&xport to
    > Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
    > O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -
    > C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL O9 - Extra button: AIM -
    > {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
    > O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
    > C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem:
    > Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program
    > Files\Messenger\msmsgs.exe

    O16

    I use Mozilla so I can't help you out but I will tell you don't post in all
    caps.

    > - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) -
    > http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB O16 - DPF:
    > {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage
    > Validation Tool) - {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl
    > http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/c
    > lient/muweb_site.cab?


    Twilight. that blessed moment when body and soul are one.

    > 1121913507437 O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6}
    > http://download.mcafee.com/molbin/iss-loc/vso/en-us/tools/mcfscan/
    > 2,0,0,4419/mcfscan.cab O16 - DPF:
    > {EFAEF0E4-F044-4D57-9900-1C3FF18524C9} (AV Class) -
    > http://www.pcpitstop.com/antivirus/PitPav.cab O20 - Winlogon
    > Notify: antikb - C:\WINDOWS\assembly\GAC\SYSTEM~2.DES\antikb.dll
    > O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation -
    > c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 -
    > Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation -
    > c:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 -
    > Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation -
    > c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 -
    > Service: iPod Service (iPodService) - Apple Computer, Inc.


    Format and reinstall.

    > - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Norton
    > AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation -
    > c:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: Pml
    > Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe O23 - Service:
    > SAVScan - Symantec Corporation - c:\Program Files\Norton
    > AntiVirus\SAVScan.exe O23 - Service: Symantec Network Drivers Service
    > (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec
    > Shared\SNDSrvc.exe O23 - Service: SymWMI Service (SymWSC) - Symantec
    > Corporation - C:\Program Files\Common Files\Symantec Shared\Security
    > Center\SymWSC.exe.


    Don't *feed* the troll.
     
    pcbutts1, Jul 22, 2005
    #1
    1. Advertising

  2. On that special day, pcbutts1, () said...

    > Get rid of SP2.


    That one shows how good you are in understanding security issues.


    Gabriele Neukam




    --
    Ah, Information. A property, too valuable these days, to give it away,
    just so, at no cost.
     
    Gabriele Neukam, Jul 22, 2005
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Phil B

    Virus, Virus, Virus.....

    Phil B, Sep 22, 2003, in forum: Computer Support
    Replies:
    2
    Views:
    591
    DaveW
    Sep 22, 2003
  2. cm punk

    Am new here and need help with virus/spyware

    cm punk, Nov 8, 2006, in forum: General Computer Support
    Replies:
    1
    Views:
    1,830
    bigal
    Nov 13, 2006
  3. EW105
    Replies:
    5
    Views:
    359
    Mitch
    Nov 19, 2005
  4. Muse Gruppes

    Need help regarding anti-spyware/virus products...

    Muse Gruppes, Jul 23, 2006, in forum: Computer Support
    Replies:
    3
    Views:
    393
    Ponder
    Jul 24, 2006
  5. PeterOut

    spyware.bearshare found by "Spyware Detector"

    PeterOut, Oct 27, 2007, in forum: Computer Support
    Replies:
    21
    Views:
    983
    Dustin Cook
    Nov 13, 2007
Loading...

Share This Page