also @ TechSpot: Google, Samsung unveil Chromebook, Chromebox with Chrome OS 19

TechSpot

Spyware backround? and pop up on toolbar.

Discussion in 'Virus and Malware Removal' started by Beserker, Jan 31, 2006.

Thread Status:
Not open for further replies.

  1. Beserker Newcomer, in training

    hello everyone.
    i recently aquired sum spyware on my cumputer and its really bothering me and slowing down my pc. i have no idea where or how it got onto my computer but its there. anyway the sneaky little bugger has changed my back round. it now says

    black backround
    " warning spyware detected on your computer."
    Install an antivirus or spyware remover to clean your computer
    click to view the top list of spyware removers. " (this is a link)

    anyway here is a log file im not sure what anything in there means so any help would be appreciated. btw im new to the whole hjt scene and all my brother used to do this kinda stuff but i cant rely on him forever so i gotta learn sumtime right?

    anyhelp would be appreciated.
    also my msn is greens4jay@hotmail.com if anyone would like to add me to there msn to help me .

    thanks to everyone in advance.

    actually thanks to noone lol i fixed it myself or at least i think i did. hurray for me!

    Attached Files:

    Beserker, Jan 31, 2006
    #1

  2. JMMD TechSpot Chancellor

    JMMD, Jan 31, 2006
    #2

  3. howard_hopkinso Newcomer, in training

    Hello and welcome to Techspot.

    Boot into safe mode. See how HERE.

    Turn off system restore.(XP/ME only) See how HERE.

    In Windows Explorer, turn on "Show all files and folders, including hidden and system". See how HERE.

    Go to add remove programmes in your control panel, and uninstall anything to do with(if there)

    C:\Program Files\Visual Networks\Visual IP InSight\Sympatico Consumer

    Close control panel.

    Open your task manager by pressing the ctrl/alt/delete keys together, and click on the processes tab. End process for(if there)

    IPClient.exe
    IPMon32.exe
    intell321.exe
    lib.exe

    Close task manager.

    Run HJT with no other programmes open, and let HJT fix the following by placing a tick in the little box next to(if there)


    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.l2extreme.com/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1

    O4 - HKLM\..\Run: [IPInSightLAN 01] "C:\Program Files\Visual Networks\Visual IP InSight\Sympatico Consumer\IPClient.exe" -l
    O4 - HKLM\..\Run: [IPInSightMonitor 01] "C:\Program Files\Visual Networks\Visual IP InSight\Sympatico Consumer\IPMon32.exe"
    O4 - HKLM\..\Run: [cleaner] lib.exe
    O4 - HKLM\..\Run: [intell321.exe] C:\windows\system32\intell321.exe

    O23 - Service: Windows Logon Process Service (MSWinLogonProcService) - Unknown owner - C:\WINDOWS\winlogon.exe" -service (file missing)

    Now click on the fix checked button.

    Close HJT.

    Delete the following bold files(if there).

    C:\Program Files\Visual Networks\Visual IP InSight\Sympatico Consumer\IPClient.exe" -l
    C:\Program Files\Visual Networks\Visual IP InSight\Sympatico Consumer\IPMon32.exe"
    C:\windows\system32\intell321.exe

    Boot into normal mode, and turn system restore back on.

    Regards Howard :wave: :wave:
    howard_hopkinso, Jan 31, 2006
    #3

  4. Beserker Newcomer, in training

    ok i will give that a try but before i do i wanna tell you guys i did a system restore to like two days ago and everything seems to be fine should i post another log?
    Beserker, Jan 31, 2006
    #4

  5. howard_hopkinso Newcomer, in training

    Just follow the above instructions. If you`re still having problems after that, then by all means post a fresh HJT log.

    Regards Howard :)
    howard_hopkinso, Jan 31, 2006
    #5

  6. Beserker Newcomer, in training

    ok ill do that and get back to you thanks howard
    Beserker, Jan 31, 2006
    #6
Thread Status:
Not open for further replies.