What the f*ck?

[Barbaneez]

...

Edited December 15, 2008 by Barbaneez

[anus]

If I were you, I'd just remove all of those updates and disable Norton and do a fresh update again. It'll be just better then imo.

[segosa]

If SP2 was installed an entry would appear. Removing those updates that were already installed would be a waste of time...

[Knightmare]

MICROSOFT ANTISPYWARE

 

http://www.microsoft.com/athome/security/s...re/default.mspx

[Wolf68k]

HJT isn't made to find running processes, it only list what is there

Those bad programs are going to get called on to run some how. Now that's either a registry entry or a shortcut in the StartUp folder. Both of those HJT can detect.

So by running HJT in Safe Mode you get 2 things done, you're able to find out who they are and where they live so that you can delete them. Also because you're in Safe Mode you can there for delete them completely without having to "kill" them in like you would have to in Normal mode.

 

Also think about this; many bad guys, and I wouldn't surprised if that "ScreenshotUtility.exe" was/is one of them, the reason it runs at start up isn't to start up some other bad guy but rather to see if it's bad guy(s) are still installed and if not to reinstall them, which I did tell you about before hand (I think, I've had to tell this stuff to so many people this week).

Basicly if you removed them with Ad-Aware and Spybot in Safe Mode and then restart leaving that SSU thing still in place it may have put some things back. But now that it's gone you should be able to go back into Safe Mode again and do the scans again to make sure you're still clean....pain in the butt I know, but that's mostly what ad/spyware is.

[Barbaneez]

...

Edited December 15, 2008 by Barbaneez

[reticulatingsplines]

I'm still in safe mode (of course) and I'm re-scanning everything now with HJT, Ad-aware, and all of the other tools I've used recently.

 

Now my big question is: what should I do about that Windows Update thing I explained earlier which made my computer go completely slow? Segosa said not to remove the updates found in this screenshot I took while Warload said I should remove them.

 

After all this scanning I think there's a really slim chance that I've even got a virus/malware/adware related program even left on here. It's just the 'Windows Update' thing I talked about which really did the most damage on here as of lately. I mean, it whores the CPU out and the thing is slower than molasses just because I did a 'Windows Update'.

 

Okay, so I'm rescanning everything just to double-check there's no adware/malware/trojans/spyware/etc.

But how do I undo this 'Windows Update' effect (I described more about it in this post I made a while ago.)?

I had exactly the same problem. On a fresh install of Windows, no less.

 

Uninstall Service Pack 2, and then install again. If you don't get the Windows Installer screen (sort of blue and user-friendly looking, but doesn't actually let you do much) before logon, the Service Pack is borked.

 

My problem was RAM running too fast (right clock speed, latency too low), but the end result is pretty much the same as if a virus scanner or some nasty bit of RAM-hogging malware corrupts the Service Pack files.

 

If that doesn't work, I'd suggest getting all your valuable bits and pieces off the system and do a complete format and reinstall. If you have more than one physical drive, copy all the stuff you want to keep off your boot drive (don't bother with applications because they'll probably just f*ck up when you try to run them on a fresh install, games are usually ok though) and then make a partition only for Windows during reinstall. 5Gb is usually enough.

 

Fresh installs are always nice. I do one once every 6 months or so.

[Barbaneez]

...

Edited December 15, 2008 by Barbaneez

[Barbaneez]

...

Edited December 15, 2008 by Barbaneez

[PresidentKiller]

I really think you should just backup your files and re-format the damn thing. If you mess up while uninstalling the updates, trying to recover your files won't be pretty.

 

If you do re-format, you must install the Service Pack 2 after installing Windows. The chances of screwing up your system this way are almost non-existent.

[Kumagoro]

Try using boot-level Avast! (free) scanning, it might help

[Barbaneez]

...

Edited December 15, 2008 by Barbaneez

[anus]

Wait, do you only have one partition and have all your software and stuff installed there, or do you have separate partitions for programmes, games, Windows, etc? If you have separate partitions, you can just format the drive with Windows. Most viruses, adware, malware, etc is installed in the drive with Windows in it.

 

For your last post, just remove them. Imo programmes do not work properly very rarely for things like this. So, just remove it, and even if the programmes do not work properly, you still have a better system without having to re-format. You can always re-install the programmes later. So, go on.

[Barbaneez]

...

Edited December 15, 2008 by Barbaneez

[anus]

No problem, mate. It's good to hear that your PC is back to normal . Have fun! And uninstall IE.

 

Also, remember to do Windows Update almost every week and update all your programmes once a week (not a problem if you've got cable).

 

 

[segosa]

 

np

[Wolf68k]

....and if you're not completely satisfied keep the Ginsu knives as your free gift

 

 

I forget if this was covered before but the Kerio firewall will be discontinued at the end of the year. That doesn't mean you can't keep using it only that Kerio won't be making any updates...which sucks. Say so long to good free firewalls.

Get yourself a router

Edited September 10, 2005 by wolf68k

[razor23]

I left my house today with IE open to Yahoo.com.

I come back 12 hours later to find it has 32 IE windows open and a sh*tLOAD of spyware-namish processes running. My desktop background was also changed to blue.

 

NO ONE WAS IN MY HOUSE THE WHOLE f*ckING TIME.

Seriously? How the f*ck is this possible?!

It also appears the computer was rebooted.

 

Now I'm going to have to spend HOURS using spyware cleaning programs because it appears my computer has basically got spyware/adware raped up the ass.

 

No. One. Was. Home. The. Whole. God. Damned. Day.

How the hell did this happen? I leave my computer on 24/7 and it was last left on Yahoo like I said, and I come back to find 32 IE windows open and a ton of sh*t installed and like 15 random processes running, some I can't even close!

 

I have no idea what the hell happened.

This is f*cking psycho...

 

The infection you have changes your desktop to display an alert in an attempt to persuade you to purchase spyware removal software. It also edits your registry to prevent you from changing your desktop.

 

Follow these steps in to remove Smitfraud and restore your desktop.

 

Print out these instructions and then close all windows including Internet Explorer.

 

 

Step 1

 

Go to Start > Control Panel > Add or Remove Programs and remove the following programs, if they are found:

 

Security IGuard

Virtual Maid

Search Maid

 

Exit Add/Remove Programs.

 

 

Step 2

 

Make sure that you can VIEW ALL HIDDEN FILES. For this, follow the next steps:

- open Windows Explorer, go to Tools->Folder Options->View and within hidden files and folders please:

- check 'Show hidden files and folders',

- uncheck: 'Hide protected operating system files'

 

 

Step 3

 

Run again HijackThis and place a checkmark in front of the following entries:

 

O2 - BHO: (no name) - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - (no file)

O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)

O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe

O4 - HKLM\..\Run: [oxpFt] C:\WINDOWS\VAUVPMOV.EXE

O4 - HKLM\..\Run: [Yqjya] C:\PROGRAM FILES\TMXD\TFUFB.EXE

O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZBzeb032YYGB

O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwe...up1.0.0.8-2.cab

O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab

 

 

Step 4

 

Reboot your computer into SAFE MODE. You can find a guide on how to do that here:

 

http://www.computerhope.com/issues/chsafe.htm

 

 

Step 5

 

Then delete these files or directories (Do not be concerned if they do not exist):

 

C:\wp.exe

C:\wp.bmp

c:\bsw.exe

c:\bsw.bmp

C:\Windows\sites.ini

C:\Windows\popuper.exe

C:\WINDOWS\System32\wldr.dll

C:\Windows\System32\helper.exe

C:\Windows\System32\intmonp.exe

C:\Windows\System32\msmsgs.exe

C:\Windows\System32\ole32vbs.exe

C:\Windows\system32\msole32.exe

C:\Windows\System32\Log Files

C:\Program Files\Search Maid

C:\Program Files\Virtual Maid

C:\Program Files\Security IGuard

C:\WINDOWS\TEMP\ICSUPP95.EXE

C:\WINDOWS\TASKMON.EXE

 

 

Step 6

 

Reboot your computer to go back to normal mode. Your desktop may be restored or it may be black at this time.

 

Step 7

 

In order to restore your desktop settings download the following reg file to your desktop by right clicking on the link, and selecting “save as”.

 

http://www.bleepingcomputer.com/files/reg/smitfraud.reg

 

Once it has downloaded, double-click on the smitfraud.reg file on your desktop and when it asks if you would like to merge the data, click on the Yes button.

 

Reboot your computer and you should now be able to change your desktop settings back to how you would like it. If your desktop still looks strange, go into your display properties and click on the Themes tab. Change the theme to Windows XP and you will now be using the default Windows XP settings. Then change them as you see fit.

 

 

[Nipa]

Hello? did you look? the problem is solved...

 

Nipa

[Wolf68k]

not only is it over, but NONE of those things were in his HJT log.

That looks stuff you copy&pasted from some other web forum

[Gela]

 

I left my house today with IE open to Yahoo.com.

I come back 12 hours later to find it has 32 IE windows open and a sh*tLOAD of spyware-namish processes running. My desktop background was also changed to blue.

 

NO ONE WAS IN MY HOUSE THE WHOLE f*ckING TIME.

Seriously? How the f*ck is this possible?!

It also appears the computer was rebooted.

 

Now I'm going to have to spend HOURS using spyware cleaning programs because it appears my computer has basically got spyware/adware raped up the ass.

 

No. One. Was. Home. The. Whole. God. Damned. Day.

How the hell did this happen? I leave my computer on 24/7 and it was last left on Yahoo like I said, and I come back to find 32 IE windows open and a ton of sh*t installed and like 15 random processes running, some I can't even close!

 

I have no idea what the hell happened.

This is f*cking psycho... 

 

there, i pin pointed your problem

 

get firefox

[segosa]

 

I left my house today with IE open to Yahoo.com.

I come back 12 hours later to find it has 32 IE windows open and a sh*tLOAD of spyware-namish processes running. My desktop background was also changed to blue.

 

NO ONE WAS IN MY HOUSE THE WHOLE f*ckING TIME.

Seriously? How the f*ck is this possible?!

It also appears the computer was rebooted.

 

Now I'm going to have to spend HOURS using spyware cleaning programs because it appears my computer has basically got spyware/adware raped up the ass.

 

No. One. Was. Home. The. Whole. God. Damned. Day.

How the hell did this happen? I leave my computer on 24/7 and it was last left on Yahoo like I said, and I come back to find 32 IE windows open and a ton of sh*t installed and like 15 random processes running, some I can't even close!

 

I have no idea what the hell happened.

This is f*cking psycho... 

 

there, i pin pointed your problem

 

get firefox

Oh shut up.

 

1. The problem is solved

2. Learn to read threads in their entirety

3. Internet Explorer wasn't the cause

4. Firefox sucks

5. Go away.

Edited September 14, 2005 by segosa

[Bond996]

I left my house today with IE open to Yahoo.com.

I come back 12 hours later to find it has 32 IE windows open and a sh*tLOAD of spyware-namish processes running. My desktop background was also changed to blue.

 

NO ONE WAS IN MY HOUSE THE WHOLE f*ckING TIME.

Seriously? How the f*ck is this possible?!

It also appears the computer was rebooted.

 

Now I'm going to have to spend HOURS using spyware cleaning programs because it appears my computer has basically got spyware/adware raped up the ass.

 

No. One. Was. Home. The. Whole. God. Damned. Day.

How the hell did this happen? I leave my computer on 24/7 and it was last left on Yahoo like I said, and I come back to find 32 IE windows open and a ton of sh*t installed and like 15 random processes running, some I can't even close!

 

I have no idea what the hell happened.

This is f*cking psycho... 

 

there, i pin pointed your problem

 

get firefox

No one needed that, and you know it.

[Wolf68k]

Will someone please lock this thing before it gets any worse?!!!