also @ TechSpot: Xbox One: Entertainment Hub First, Gaming Console Second -- But Could It Disrupt TV?

Spyware threat has been detected on your PC found, but not sure if removed

Discussion in 'Virus and Malware Removal' started by zooner43, Apr 14, 2008.

  1. zooner43 Newcomer, in training

    I had the same problem as some of the other people in this forum where my desktop background was blue with the words "Warning:Spyware threat has been detected on your PC" written.
    I looked at your Viruses/Spyware/Malware, preliminary removal instructions guide and I did everything in order (hopefully). The background spyware images are gone but I just wanted to make sure that there arent any other problems lingering so I attached my LOGS that you asked for.
    There was nothing found on the Panda Antirootkit programme.
    Thanks in advance
    zooner43, Apr 14, 2008
    #1

  2. jimjams Newcomer, in training Posts: 43

    Why was the three things in Report-Scan 'no action taken'?
    jimjams, Apr 15, 2008
    #2

  3. kritius TechSpot Guru Posts: 2,087

    Doesnt matter, theyre in system restore.
    kritius, Apr 15, 2008
    #3

  4. jimjams Newcomer, in training Posts: 43

    I think they do

    cause thats why when you are dis-infecting a system they ask you to de-activate system restore...
    jimjams, Apr 15, 2008
    #4

  5. kritius TechSpot Guru Posts: 2,087

    You shouldnt do that, at the minute those things cant hurt you until you use that restore point, the only time you disable system restore when doing a fix is when the computer is clean and you want to give it a clean restore point.

    Fix entries using HiJackThis
    • Launch HiJackThis
    • Click the Do a system scan only button
    • Put a check next to the entries listed below
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
    F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\wmsdkns.exe,
    O2 - BHO: (no name) - {15651c7c-e812-44a2-a9ac-b467a2233e7d} - (no file)
    O2 - BHO: (no name) - {206E52E0-D52E-11D4-AD54-0000E86C26F6} - C:\PROGRA~1\FRESHD~1\FRESHD~1\fdcatch.dll (file missing)
    O2 - BHO: (no name) - {ffff0001-0002-101a-a3c9-08002b2f49fb} - (no file)

    • IMPORTANT: Do NOT click fix until you exit all browser sessions including the one you are reading in right now
    • Click the Fix checked button and close HiJackThis
    • Reboot HijackThis if necessary

    Reboot into safe mode.

    Restart your computer and as soon as it starts booting up again continuously tap F8. A menu should come up where you will be given the option to enter Safe Mode.

    Using Windows Explorer (to get there right-click your Start button and go to "Explore"), please delete this file (if present):

    C:\WINDOWS\system32\wmsdkns.exe,

    After that, Reboot, and post a new HijackThis log here in a reply as well as describing how your computer is running at the minute.
    kritius, Apr 15, 2008
    #5

  6. zooner43 Newcomer, in training

    newest log

    Hey guys,
    I appreciate the replies, Here is the newest Hijackthis log. I couldnt find the C:\WINDOWS\system32\wmsdkns.exe file by the way. My computer seems to be running fine so far.
    zooner43, Apr 16, 2008
    #6
     
Topic Status:
Not open for further replies.

Add New Comment

Social Login & Guest Posting

TechSpot Members
Login here or sign up for free,
it takes about a minute.
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.