I need help with a virus/spyware issue I am having

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by RickQ, Jul 31, 2005.

  1. RickQ

    RickQ Private E-2

    Whenever I have an IE (I know, that is part of my problem) window open I get tons of popups

    I have run scans with Spybot, Ad-aware, CWShredder, Hijack This, Mwav, Ewido and Ccleaner, Trend Micro 2004 (and their online scanner) in both normal mode and safe mode but that has not helped. I cleaned off all the spyware they found and deleted lots of entries from the run lines.

    One problem I have found but cannot get rid of is a small app which is running in the background. The name is a mixture of numbers/letter, usually about 5 or 6 characters in length. Whenever I kill it, the process comes back with a different name. Memory usage is always 188k when it starts and then it changes to 196 or 202 or somewhere in the 350s. I have killed the process and searched for it and deleted the folder it appeared to be loading from, but that did not help. The process was running in the c:\Windows\system32 folder.

    If anyone has any ideas, I would be most grateful as it has been driving me nuts for several days. Each time I think I have it beaten, it comes back.

    Can anyone suggest any other steps I can take?
     
    RickQ, Jul 31, 2005
    #1
  2. bjgarrick

    bjgarrick MajorGeeks Admin - Malware Expert

    Please follow standard cleanup procedures as given below:

    - Run ALL the steps in this Sticky thread READ ME FIRST BEFORE ASKING FOR SUPPORT: Basic Spyware, Trojan And Virus Removal

    Make sure you check version numbers and get all updates.

    - Very Important: Make sure you tell us the results from running the tutorial...was anything found? Were you unable to complete any of the scans?...Were you unable to download any of the tools?...Did you do the on-line scans as suggested? etc.


    After doing ALL of the above and you still have a problem, make sure you have booted to normal mode and run the steps below:



    http://www.majorgeeks.com/images/grenade.gif Download HijackThis 1.99.1

    http://www.majorgeeks.com/images/grenade.gif Unzip the hijackthis.exe file to a folder you create named C:\Program Files\HJT

    http://www.majorgeeks.com/images/grenade.gif Do NOT run Hijack This from the Desktop, a temp folder, or a sub-folder of C:\Documents and Settings, or choose to run it directly from the ZIP file as your backups will not be safely stored.

    http://www.majorgeeks.com/images/grenade.gifBefore running HijackThis: You must close each of the following:your web browser, e-mail client, instant messenger, and programs like notepad, wordpad, MS Word etc. And any other unnecessary running programs.

    http://www.majorgeeks.com/images/grenade.gifRun HijackThis and save your log file.

    http://www.majorgeeks.com/images/grenade.gif Post your log as an ATTACHMENT to your next post. (Do NOT copy/paste the log into your post as it will be removed).

    http://www.majorgeeks.com/images/grenade.gifNeed help with HJT? See this thread: NO HIJACK THIS LOG FILES BEFORE READING THIS: HJT Tutorial & LOG File Posting
     
    bjgarrick, Aug 1, 2005
    #2

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds