posted
A week ago, my computer was absolutely flooded with spyware. I started looking up everything on this kind of stuff, and I fixed basically everything I could with normal deleting, ad-aware, msconfig, etc. However, there's some file, registry value, something that makes Internet Explorer randomely connect to some poker/"anti-adware"/advertisement page even when my browser is closed. And it keeps going, so if I leave my computer for like 5 minutes, I come back to find that 10 IE windows are open.
So obviously, the last thing I need to do is fix it with hijackthis. I ran a scan, analyzed what it gave me, then deleted some stuff. I thought I'd won. I didn't. The ads keep popping up, and what's even more annoying is that one of the files that comes up on the report is called "Extra button: Your computer is infected with spyware." Every time I try to have hijackthis fix this, it reappears next time. There's something I'm not doing. I think it has to do with either the registry edit or another file I'm not deleting in the report. So if someone could either tell me what to delete, I'd appreciate it. Here's my report:
Logfile of HijackThis v1.98.2 Scan saved at 5:57:55 PM, on 11/6/04 Platform: Windows 98 SE (Win9x 4.10.2222A) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
posted
Hey, my boy Joe helps moderate WindowsXPCentral.com and there are several XP gurus there. I have forwarded on this page to have them find a solution, hopefully.
Posts: 1870 | Registered: Mar 2003
| IP: Logged |
posted
When you run Ad-Aware and Spybot S&D, do it from a "safe mode" boot.
Also, try and close "WINVVX32.EXE" - I have a sneaking suspicion this is the sneaky bastard responsible.
Although, to be fair, I'm not sure what "MSGLOOP" is, either.
I see you're running a "hijack this" program - does your machine have a firewall running? That can be useful for tagging specific program files trying to access the 'net.
Also, just purge your Temporary Internet Files - when I had to trouble-shoot my aunt and uncle's machine, there were 8 trojans lurking.
posted
I would use ad-aware, its possible the anti-adware you're currently using is part of the problem. I would also recommend against Spybot because I've heard bad things about that.
Posts: 3446 | Registered: Jul 2002
| IP: Logged |
You also have a Virus on your system. Norton won't catch it, but AVG probably will. I've used it to get rid of similar problems on over 100 computers. There is a free version (You may have to dig through the site a little to find it, though), it works better than Norton IMO. It is slightly crippled (Won't run in safe mode(, but that shouldn't affect you too much. With Win98 it has a boot scanner that is kind of annoying, so you can keep that on or turn it off. Anyway, good luck.
Posts: 3003 | Registered: Oct 2004
| IP: Logged |
posted
The best way to use HijackThis is to run it, and open a browser window. Look for any program or file name you don't recognize and type it into Google. Odds are that some of them will bring up links to anti-virus or anti-spyware sites talking about them.
posted
See? You ask a little question, and all of a sudden, all the geeks come out. Don't put the light on, though, or they'll all scatter. Shh!
Posts: 8355 | Registered: Apr 2003
| IP: Logged |
It isn't "technically" a virus, which is why Norton won't grab it. I've seen programs that are downloaded automatically from certain websites which will change the way your web browser works. One required a scan with Ad-Aware, a virus-scan, and a change in home-page for IE. It was a pain to get rid of because it pointed IE's homepage to a page that downloaded the program if it wasn't detected.
Posts: 3003 | Registered: Oct 2004
| IP: Logged |
posted
It looks like a Microsoft Money executable.
Whenever I find programs on my taskmanager that I don't know what they are and need to know, I google them. The results tell me whether it's friendly or malicious.
Posts: 8355 | Registered: Apr 2003
| IP: Logged |
Also, be careful disabling a lot of tasks as Boris woudl have you do. I imagine you want your system tray to run when your computer starts up, and don't kill taskmon, that's just the task monitor.
[ November 07, 2004, 08:45 PM: Message edited by: Nato ]
Posts: 1592 | Registered: Jan 2001
| IP: Logged |
Printer-friendly view of this topic
![[Smile]](smile.gif)
