also @ TechSpot: Yahoo redesigns Flickr, adds 1 terabyte of free storage and more

Spyware...help please.

Discussion in 'Virus and Malware Removal' started by gwhinck, Feb 7, 2005.

  1. gwhinck Newcomer, in training

    I finally got spywared to the point I can't get out on my own. A little help would be appreciated.

    HJT log attached:

    Attached Files:

    gwhinck, Feb 7, 2005
    #1

  2. andygibbs Newcomer, in training Posts: 76

    Microsoft Anti-spyware

    Have u tried microsoft anti-spyware?, its a free BETA download from the microsoft site and works quite well.
    andygibbs, Feb 7, 2005
    #2

  3. Lunatic Newcomer, in training Posts: 66

    Lunatic, Feb 7, 2005
    #3

  4. gwhinck Newcomer, in training

    Thanks for the replys;

    Lunatic - Ad-Aware SE finds and deletes it but it returns the next time I logon. I will try Spybot.

    andygibbs - Didn't know MS had gotten into the anti-spyware game, another one to try.

    Will try the two programs and post the results.
    gwhinck, Feb 7, 2005
    #4

  5. howard_hopkinso Newcomer, in training Posts: 25,949   +16

    Hello and welcome to Techspot.

    Go HERE and follow the instructions very carefully, they will help you.

    Probably a good idea to print them out.

    Regards Howard :wave: :wave:
    howard_hopkinso, Feb 7, 2005
    #5

  6. RealBlackStuff Newcomer, in training Posts: 8,165

    You don't have any (visible) spyware AFAIK.
    But to be sure, do as Howard said and go to my post here first, and follow the instructions EXACTLY.
    How to remove Begin2Search/Coolwebsearch and Other Nasties

    When done, reboot in Safe Mode.
    Run Hijackthis ON ITS OWN and let it 'fix':
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://us9.hpwis.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-us9.hpwis.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-us9.hpwis.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://srch-us9.hpwis.com/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://us9.hpwis.com/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R3 - Default URLSearchHook is missing
    O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll (file missing)
    O9 - Extra button: eBay - Homepage - {EF79EAC5-3452-4E02-B8BD-BA4C89F1AC7A} - C:\Program Files\IrfanView\Ebay\Ebay.htm (file missing)
    O23 - Service: ZESOFT - Unknown - C:\WINDOWS\zeta.exe (file missing)
    RealBlackStuff, Feb 8, 2005
    #6
     

  7. gwhinck Newcomer, in training

    Update

    First off let me thank everyone for the help. I think it's finally resolved.

    I don't think any one of the solutions resolved the problem singularly, but the combination suggested seems to have done the trick.

    Again, I thank everyone for their help.
    gwhinck, Feb 8, 2005
    #7
Topic Status:
Not open for further replies.

Add New Comment

Social Login & Guest Posting

TechSpot Members
Login here or sign up for free,
it takes about a minute.
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.