SVKP that wont go away

By bryanatonu
Oct 24, 2005
  1. Caught by Norton at every startup from Hacktool.rootkit

    Logfile of HijackThis v1.99.1
  2. RealBlackStuff

    RealBlackStuff TS Rookie Posts: 6,503

    Please follow the Read: How to... posts at the top of this forum!
  3. bryanatonu

    bryanatonu TS Rookie Topic Starter

    I went through that whole process from the thread above and still no luck. It just keeps coming back. I have also tried using adaware, spybot, ewido, ccleaner, and spyware doctor. Still everytime on startup i get a svkp that is found in my system32. I attached my most recent hijackthis results if anyone can help
  4. RealBlackStuff

    RealBlackStuff TS Rookie Posts: 6,503

    Follow these instructions EXACTLY
    Read: How to remove Begin2Search/Coolwebsearch and Other Nasties

    while doing that, fix these as well:
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =*
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =*
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =*
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =*
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
    O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) -
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
    O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) -
    O23 - Service: GMN - Unknown owner - C:\DOCUME~1\BRYANP~1\LOCALS~1\Temp\GMN.exe (file missing)
    O23 - Service: UTOBCIY - Unknown owner - C:\DOCUME~1\BRYANP~1\LOCALS~1\Temp\UTOBCIY.exe (file missing)
  5. bryanatonu

    bryanatonu TS Rookie Topic Starter

    I think it's gone

    I followed all the steps to that removal and I think I got rid of it. Well it didn't pop up in my antivirus detection on startup anyway. I posted my most recent Hijackthis just in case though. Thanks for everything, I'll make sure I have a Guiness on your behalf this weekend
  6. RealBlackStuff

    RealBlackStuff TS Rookie Posts: 6,503

    Fat lot of good that does ME!
    You're clean.
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...