Sitcoms Online - Main Page / Message Boards - Main Page / News Blog / Photo Galleries / DVD Reviews / Buy TV Shows on DVD and Blu-ray

View Today's Active Threads / View New Posts / Mark All Boards Read / Chit Chat Board

Games / Movies / Music / Sports / Random Posts / Politics


Sitcoms Online Message Boards - Forums  

Go Back   Sitcoms Online Message Boards - Forums > Chit Chat

Notices

SitcomsOnline.com News Blog Headlines Twitter Facebook Instagram RSS

Fri-Yay: New Sitcoms - What's Working and What's Not?; Brockmire Season 3 Brings Out the Stars
ABC Picks Up Single Parents for Full Year; Netflix Gets Tia Mowry and Loretta Devine Sitcom
Showtime Comedy Gets More Stars; Netflix Orders New Comedy from Novel Writer
NBC Sets January 2019 Lineup; Team Coco Heads to New York Comedy Festival
ABC Fall Pilot Review: The Kids Are Alright - Premieres Tuesday (Oct. 16); FX Gets New Comedy for 2020
Sitcom Stars on Talk Shows; This Week in Sitcoms (Week of October 15, 2018)
SitcomsOnline Digest: Patricia Heaton Eyes a Return to TV With CBS Sitcom; VEI Announced Bad News Bears TV Series DVD Release


New on DVD/Blu-ray (September/October)

The Big Bang Theory - The Complete Eleventh Season The Middle - The Complete Ninth Season Modern Family - The Complete Ninth Season Step by Step - The Complete Second Season Perfect Strangers - The Complete Fifth Season

09/04 - It's Always Sunny in Philadelphia - The Complete Season 12
09/04 - Mom - The Complete Fifth Season
09/04 - Silicon Valley - The Complete Fifth Season
09/04 - Superstore - Season Three
09/04 - Young Sheldon - The Complete First Season
09/11 - The Big Bang Theory - The Complete Eleventh Season (Blu-ray)
09/11 - The Middle - The Complete Ninth Season
09/11 - Modern Family - The Complete Ninth Season
09/11 - People of Earth - The Complete Second Season
09/18 - Community - The Complete Series (Blu-ray)
09/18 - Step by Step - The Complete Second Season
09/18 - You're the Worst - The Complete Fourth Season
09/25 - Blondie - The Complete 1957 Television Series
09/25 - Perfect Strangers - The Complete Fifth Season
10/02 - The Beverly Hillbillies - The Official Fifth Season
10/02 - The Love Boat - Season Four - Volume One / Volume Two
10/02 - Saved by the Bell - The Complete Collection
10/16 - Police Squad! - TV and Movie Collection
More TV DVD Releases / DVD Reviews Archive / SitcomsOnline Digest


Reply
 
Thread Tools Search this Thread
Old 06-25-2008, 08:50 PM   #1
dawsongirl
Member
Forum Legend
 
Join Date: Jan 04, 2001
Posts: 52,774
Exclamation Help Me...PLEASE! I can't get rid of this trojan horse!

I'm at my wits' end. I got this trojan horse Generic 10.ABTV from my employer's website of all places, and I can't get rid of it. AVG has supposedly healed it about 100 times but it never goes away...this damn icon in my system tray keeps telling me Windows detected a spyware infection and click here! but that does nothing but make me angry. Spybot has stopped it from changing my homepage repeatedly. I've looked around the net for info on how to get rid of it, but all I found was someone saying they deleted practically everything they own. How do I get rid of this???? I really don't want to take it somewhere because they'll just scold me for having AVG FREE and then charge me $200 to clean the computer.

Please help if you can.
dawsongirl is offline   Reply With Quote
Old 06-26-2008, 12:30 AM   #2
Fleet
Mansions, limousines & H-ween
Forum Veteran
 
Fleet's Avatar
 
Join Date: Jan 06, 2002
Location: Northridge/Porter Ranch, California
Posts: 15,232
Send a message via AIM to Fleet
Default

I had a pesky "spy shredder" infection on my computer about a month ago. It kept popping up, too, saying "click here" to remove infections.

I downloaded "Ad Aware" and it got rid of it. It even uninstalled it on my computer.
__________________
1976 Cadillac Fleetwood Seventy-Five Limousine.
Fleet is offline   Reply With Quote
Old 06-26-2008, 12:36 AM   #3
Fleet
Mansions, limousines & H-ween
Forum Veteran
 
Fleet's Avatar
 
Join Date: Jan 06, 2002
Location: Northridge/Porter Ranch, California
Posts: 15,232
Send a message via AIM to Fleet
Default

This is the website I used:
http://www.lavasoft.com/
Fleet is offline   Reply With Quote
Old 06-26-2008, 01:17 AM   #4
robyrob
certified wackball#3
Moderator
Forum Legend
 
robyrob's Avatar
 
Join Date: Aug 03, 2003
Location: hiding under the third booth at Arnold's
Posts: 55,019
Default

try running the AVG antispyware/antivirus programs again but make sure you run the removal programs in SAFEMODE, and delete all your tempfiles with a program like CCLEANER

also try Stinger and the other Trojan removal tools on that page
robyrob is offline   Reply With Quote
Old 06-26-2008, 05:19 PM   #5
The Great One
Member
Senior Member
 
Join Date: Aug 29, 2006
Posts: 6,373
Default

I had that problem before and ended up having to pay $150.00 to get my computer fixed. Then I decided to use the Firefox browser with AdBlock and I haven't had any problems since then.
__________________
.
The Great One is offline   Reply With Quote
Old 06-26-2008, 05:47 PM   #6
TJL
Suburbanite Extrordinaire
Forum Veteran
 
TJL's Avatar
 
Join Date: Dec 29, 2001
Location: New Jersey - the cradle of civilization
Posts: 16,440
Default

My parents had the same problem recently, a nasty virus had shut down their computer, promising to get rid of all the nasty spyware, blah blah blah.

I believe they cured the problem with Norton Anti virus.
__________________
"I think I'll stroll up to the front to see how the shooting's going..."
- Capt. Benjamin Franklin "Hawkeye" Pierce

Read my blogs!
http://centralparkamisguide.com/
http://dvdcriticscorner.com
Visit me on Facebook!http://www.facebook.com/profile.php?id=641138880
Hey, I do the tweet thing too!
http://twitter.com/TomLevier
My shop of handmade items!
http://www.etsy.com/shop/ColdGarageCreations
TJL is offline   Reply With Quote
Old 06-27-2008, 11:36 AM   #7
Penny Lane
Aidan Turner-ON
Forum Celebrity
 
Penny Lane's Avatar
 
Join Date: Jul 03, 2001
Location: In Cornwall with Ross Poldark
Posts: 28,019
Default

Whoever starts these viruses out to be strung up! The death penalty is too good for 'em!
__________________
The Beatles saved the world from boredom- George Harrison
Penny Lane is offline   Reply With Quote
Old 06-27-2008, 05:42 PM   #8
Stormtracker TF
🤔
Moderator
Forum Idol
 
Stormtracker TF's Avatar
 
Join Date: Jul 19, 2002
Location: Michigan
Posts: 101,940
Default

Quote:
Originally Posted by dawsongirl
I'm at my wits' end. I got this trojan horse Generic 10.ABTV from my employer's website of all places, and I can't get rid of it. AVG has supposedly healed it about 100 times but it never goes away...this damn icon in my system tray keeps telling me Windows detected a spyware infection and click here! but that does nothing but make me angry. Spybot has stopped it from changing my homepage repeatedly. I've looked around the net for info on how to get rid of it, but all I found was someone saying they deleted practically everything they own. How do I get rid of this???? I really don't want to take it somewhere because they'll just scold me for having AVG FREE and then charge me $200 to clean the computer.

Please help if you can.
I'd just like to reply here and say that I keep having the exact same problem and I can't figure it out for the life of me.
__________________
did things work out for you? are you still not sure what that means?
Stormtracker TF is offline   Reply With Quote
Old 06-27-2008, 06:38 PM   #9
robyrob
certified wackball#3
Moderator
Forum Legend
 
robyrob's Avatar
 
Join Date: Aug 03, 2003
Location: hiding under the third booth at Arnold's
Posts: 55,019
Default

Quote:
Originally Posted by Stormtracker TF
I'd just like to reply here and say that I keep having the exact same problem and I can't figure it out for the life of me.
well, you could post a HijackThis log, but the steps in the Stinger link I posted would probably get rid of it quicker than I could manually - you have to do it in Safemode and delete all the temp files though, otherwise it will just keep recreating itself.
robyrob is offline   Reply With Quote
Old 06-27-2008, 09:35 PM   #10
dawsongirl
Member
Forum Legend
 
Join Date: Jan 04, 2001
Posts: 52,774
Default

Quote:
Originally Posted by Penny Lane
Whoever starts these viruses out to be strung up! The death penalty is too good for 'em!
I agree! This is beyond frustrating. And all I was looking for was where someone worked.

Off to try the Stinger links.
dawsongirl is offline   Reply With Quote
Old 06-28-2008, 10:14 PM   #11
dawsongirl
Member
Forum Legend
 
Join Date: Jan 04, 2001
Posts: 52,774
Default

Ok, tried the stinger links, and I am still getting this message: Windows has detected spyware infection! It is recommended to use special antispyware tools to prevent data loss. Windows will now download and install the most up to date antispyware for you. Click here to protect your computer from spyware!

So here's my Hijack This logfile:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:19:56 PM, on 6/28/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\a-squared Free\a2service.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\WINDOWS\system32\VTTimer.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\SM1BG.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Qwest\QuickCare\bin\sprtcmd.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\braviax.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3** - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0** - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Popup-Blocker Class - {52706EF7-D7A2-49AD-A615-E903858CF284** - C:\Program Files\NetZero\qsacc\X1IEBHO.dll (file missing)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F** - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43** - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: PPCScamBHO Class - {7E3659A6-4BC5-4d93-B3FD-8B5ACC2FEDED** - C:\Program Files\PeoplePC\Toolbar\ScamGrd.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045** - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6** - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: PeoplePal Toolbar - {A8FB8EB3-183B-4598-924D-86F0E5E37085** - C:\Program Files\PeoplePC\Toolbar\PPCToolbar.dll
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SM1BG] C:\WINDOWS\SM1BG.EXE
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [Recguard] %WINDIR%\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [LXSUPMON] C:\WINDOWS\system32\LXSUPMON.EXE RUN
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [QUICKCARE] C:\Program Files\Qwest\QuickCare\bin\sprtcmd.exe /P QUICKCARE
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [braviax] C:\WINDOWS\system32\braviax.exe
O4 - Global Startup: Amazon Unbox.lnk = ?
O8 - Extra context menu item: Display All Images with Full Quality - res://C:\Program Files\NetZero\qsacc\appres.dll/228
O8 - Extra context menu item: Display Image with Full Quality - res://C:\Program Files\NetZero\qsacc\appres.dll/227
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501** - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501** - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263** - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1** - (no file)
O9 - Extra button: PartyBingo.com - {B987E7E7-5997-4330-A5F9-9FFEFC1CCFD0** - C:\Program Files\PartyGaming\PartyBingo\RunBingo.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyBingo.com - {B987E7E7-5997-4330-A5F9-9FFEFC1CCFD0** - C:\Program Files\PartyGaming\PartyBingo\RunBingo.exe (file missing)
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE** - (no file)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2** - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2** - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583** - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583** - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683** - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683** - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://hoylegames.sierra.com
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C** (Checkers Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3** (StagingUI Object) - http://zone.msn.com/binFrameWork/v10...I.cab55579.cab
O16 - DPF: {09C6CAC0-936E-40A0-BC26-707480103DC3** - http://www.uproar.com/applets/active...side_web18.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC** (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1** (ewidoOnlineScan Control) - http://download.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B** (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab
O16 - DPF: {3107C2A8-9F0B-4404-A58B-21BD85268FBC** (PogoWebLauncher Control) - http://www.pogo.com/cdl/launcher/Pog...rInstaller.CAB
O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8** (MSN Games – Buddy Invite) - http://zone.msn.com/BinFrameWork/v10...y.cab55579.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134** (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21** - http://download.mcafee.com/molbin/sh...1/mcinsctl.cab
O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3** (ZonePAChat Object) - http://zone.msn.com/binframework/v10...t.cab55579.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565** (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary...n.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24** (UnoCtrl Class) - http://messenger.zone.msn.com/EN-US/.../GAME_UNO1.cab
O16 - DPF: {74C861A1-D548-4916-BC8A-FDE92EDFF62C** - http://mediaplayer.walmart.com/installer/install.cab
O16 - DPF: {7CCAD6DD-DD0B-440B-91FF-7670F5AADC21** (SpinTop Games Launcher) - http://download-games.pogo.com/onlin...esLauncher.cab
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A** (MJLauncherCtrl Class) - http://messenger.zone.msn.com/EN-US/...jolauncher.cab
O16 - DPF: {80B626D6-BC34-4BCF-B5A1-7149E4FD9CFA** (UnoCtrl Class) - http://zone.msn.com/bingame/zpagames...1.cab60096.cab
O16 - DPF: {8C63DABA-CBA8-4B5D-A0F7-AE00F2920929** (Bridge Installer) - http://cdn2.zone.msn.com/Bingame/BRD.../heartbeat.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D** (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
O16 - DPF: {A031D222-B496-11D2-9CC8-00105A10AAF6** - http://hoylegames.sierra.com/cab/WON...herControl.cab
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539** (Crucial cpcScan) - http://www.crucial.com/controls/cpcScanner.cab
O16 - DPF: {ABB660B6-6694-407B-950A-EDBA5A159722** (DVCDownloadControl) - http://download.games.yahoo.com/game...oadControl.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592** (MSN Games - Installer) - http://messenger.zone.msn.com/binary...o.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072** (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab56907.cab
O16 - DPF: {C7E002D6-324B-4500-883D-84B620FD8640** (Bridge Installer) - http://cdn2.zone.msn.com/Bingame/BRD.../heartbeat.cab
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937** (MSN Games – Game Communicator) - http://zone.msn.com/binframework/v10...y.cab55579.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A** (PopCapLoader Object) - http://zone.msn.com/bingame/popcaploader_v10.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822** (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48** (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary...r.cab56986.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF** (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary...n.cab31267.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1** - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Amazon Unbox Video Service (ADVService) - Unknown owner - C:\Program Files\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe (file missing)
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS

--
End of file - 11505 bytes


If anyone can read that, I'd be so grateful. Thank you thank you
dawsongirl is offline   Reply With Quote
Old 06-28-2008, 11:35 PM   #12
robyrob
certified wackball#3
Moderator
Forum Legend
 
robyrob's Avatar
 
Join Date: Aug 03, 2003
Location: hiding under the third booth at Arnold's
Posts: 55,019
Default

print out these instructions or copy them to a NotePad file so they will be accessible. Some steps will require you to disconnect from the Internet or use Safe Mode and you will not have access to these instructions here.

Download SDFix and save it to your desktop.
Double click SDFix.exe and it will extract the files to %systemdrive%
(this is the drive that contains the Windows Directory, typically C:\SDFix). DO NOT use it just yet.
Download combofix.

Reboot your computer in SAFE MODE", restart your computer and after hearing your computer beep once during startup [but before the Windows icon appears] press the F8 key repeatedly. A menu will appear with several options. Use the arrow keys to navigate and select the option to run Windows in "Safe Mode".

Open the SDFix folder and double click RunThis.cmd to start the script.

* Type Y to begin the cleanup process.
* It will remove any Trojan Services or Registry Entries found then prompt you to press any key to Reboot.
* Press any Key and it will restart the PC.
* When the PC restarts, the Fixtool will run again and complete the removal process then display Finished, press any key to end the script and load your desktop icons.
* Once the desktop icons load the SDFix report will open on screen and also save into the SDFix folder as Report.txt.

Close any open browsers.
Double click on combofix.exe and follow the prompts.

Note 1: Can`t run anti spyware programs ? rename them and try again.

Note 2: Some variants of braviax very difficult for removing from PC.
If in a combofix log you have found Win32.Agent.zb header with list of infected files, then you should remove and install these apps again.

* Finally copy and paste the contents of the results file Report.txt in your next reply along with a new HijackThis log.

more resources here, here, and here.
robyrob is offline   Reply With Quote
Old 06-29-2008, 03:30 PM   #13
dawsongirl
Member
Forum Legend
 
Join Date: Jan 04, 2001
Posts: 52,774
Default

Quote:
Originally Posted by dawsongirl
Ok, tried the stinger links, and I am still getting this message: Windows has detected spyware infection! It is recommended to use special antispyware tools to prevent data loss. Windows will now download and install the most up to date antispyware for you. Click here to protect your computer from spyware!
I just realized that it says PERVENT, not prevent. How pathetic is that?
dawsongirl is offline   Reply With Quote
Old 06-29-2008, 03:33 PM   #14
robyrob
certified wackball#3
Moderator
Forum Legend
 
robyrob's Avatar
 
Join Date: Aug 03, 2003
Location: hiding under the third booth at Arnold's
Posts: 55,019
Default

Quote:
Originally Posted by dawsongirl
I just realized that it says PERVENT, not prevent. How pathetic is that?
yeah, apparently spelling doesnt count in kiddie hacker schools....


have you tried the sdfix/combofix tools yet?
robyrob is offline   Reply With Quote
Old 06-29-2008, 03:37 PM   #15
dawsongirl
Member
Forum Legend
 
Join Date: Jan 04, 2001
Posts: 52,774
Default

Quote:
Originally Posted by robyrob
yeah, apparently spelling doesnt count in kiddie hacker schools....


have you tried the sdfix/combofix tools yet?
Nope, but I'm about to. I need to print the instructions off first.
dawsongirl is offline   Reply With Quote
Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -4. The time now is 04:16 PM.


Although the administrators and moderators of the Sitcoms Online Message Boards will attempt to keep all objectionable messages off this forum, it is impossible for us to review all messages. All messages express the views of the author, and neither the owners of the Sitcoms Online Message Boards, nor vBulletin Solutions Inc. (developers of vBulletin) will be held responsible for the content of any message. The owners of the Sitcoms Online Message Boards reserve the right to remove, edit, move or close any thread for any reason.

VigLink badge

Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2018, vBulletin Solutions Inc.