Mallicious Little Gnome
Not to fond of the former application but definitely can reccomend the later. Not for the faint hearted so take Sanx's advice and post the log to him.Originally Posted by Sanx
Also a little dos file called kill.exe is bloody good at stopping those system processes that will not shut dow.
Get a copy of adaware or any other prog that does the same thing. gets rid of spyware and such.
Mr
"When you think of it,
Lifes a bowl of ....MERDE"
Iiimbecile-baiting since 2007
Hi Mom,
OK. Run HijackThis again, and tell it to do a scan only. When the results list comes up, check the items I've highlighted in bold by clicking on the menu item. Then click "Fix Checked".
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: My &Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O4 - HKLM\..\Run: [SurfAccuracy] C:\Program Files\SurfAccuracy\SAcc.exe
O4 - HKLM\..\Run: [Yilorxd] C:\Program Files\Tirupx\Qhbrrks.exe
O4 - HKLM\..\Run: [IST Service] C:\Program Files\ISTsvc\istsvc.exe
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbar...p=ZNxdm824YYNZ
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
There was more than one problem shown up by that log. The MyWebSearch plug-ins are adware / spyware, as is SurfAccuracy. The entry marked "Yilorxd" I must admit I don't recognise. However, the fact that googling comes up with nothing (not nothing useful, nothing) would tend to indicate that whatever it is, it's probably dodgy.
Let me know what results you have, and remember to reboot after you've clicked the Fix Checked button.
Mallicious Little Gnome
Just had a thought.
If you were getting rid of limewire at the time them obviously the kids were into peer P2P sharing.
There is/was a prog out there called eDonkey that was a P2P application. It may still be the remains of that showing up.
Mr
"When you think of it,
Lifes a bowl of ....MERDE"
Whip it, whip it good!
Thanks mate, I dont actually have time now to do this, but will when I get home from work, hope the ferkin donkey has fun while I am away!
I'ma get medieval on your ass!
Yeah thats what I thought too which is why I asked about Kazza. There is a donkey trojan associated with Kazza.Just had a thought.
If you were getting rid of limewire at the time them obviously the kids were into peer P2P sharing.
There is/was a prog out there called eDonkey that was a P2P application. It may still be the remains of that showing up.
Mr
Come warm yourself by the fire
Its sounds like a donkey version of that horrible purple monkey.
If someone is in the area is sounds like that PC needs a good format and some decent spyware scanners.
Reactor Online. Sensors Online. Weapons Online. All Systems Nominal.
Hardcore Biker
As far as I know the Edonkey client doesnt have a donkey popping up in it, but then again I havnt used it for years.. Pretty much everyone uses Emule to access that network now.Just had a thought.
If you were getting rid of limewire at the time them obviously the kids were into peer P2P sharing.
There is/was a prog out there called eDonkey that was a P2P application. It may still be the remains of that showing up.
Mr
.
Hardcore Biker
iam sure i had a keyloger in my pc a few months ago...think it came from thailand....iam no expert ..but i did get a lot help from members,,ended up diching the the lot..reload windows xp.also put a good antivirus program called nod32,,,seems to work....no more trouble.....just my 2c....
Whip it, whip it good!
Hi Sanx
Have just run the scan and deleted all the entries you marked apart from this one
O4 - HKLM\..\Run: [SurfAccuracy] C:\Program Files\SurfAccuracy\SAcc.exe
as it did not appear on my scan results this time. Is this a problem? I have rebooted the PC and here I am.
I have a question though, I have spy bot and ad-aware already loaded on here and use them often to keep my system as clean as I can, how come they have not picked up these other bugs that Hijack did?
The other thing I notice is that Donkey is still very much in evidence here, we have closed it so it does not run all the time, but it sits waiting till next time. I am wondering now if it is simply a little program that one of my lovelies (read brats!) has downloaded for a bit of fun and that it is infact harmless???
The reason I ask this is years ago I was once sent an email that I opened, it created a bird that used to sit on desktop icons and if you tried to click on it, it would take fright and fly off accross the monitor shitting as it went!!! After a few attempts to capture said bird my screen was covered in bird shit! I rang the bloke that sent it to me and he gave me instructions to close it down, never caused any damage, just was annoying as all get out.
Thanks for your help too, I really appreciate it!
Iiimbecile-baiting since 2007
It's hard to say why some spyware apps do not get detected by the very programs we trust to pick 'em up. However, it sometimes has to do with the spyware company suing because Ad-Aware or whoever claims its programs are evil. Certainly been instances of this before. HijackThis doesn't actually detect spyware - it lists things that potentially could be spyware. The items highlighted for you to fix were highlighted by me manually, not the program.
So, as for your machine. don't worry about SurfAccuracy. If it's already gone, that's good. As for the donkey program - it could be that it's completely harmless, it's just a pain in the rear. I take it it doesn't start automaitcally; you have to click it each time? Obviously, you can can simply delete it and it'll go away then.
on the up
If it does start automatically at startup, you can remove it thusly:
Start Menu>Run
type msconfig.exe
Hit [RETURN]
The far right tab is called "STARTUP" Click this.
See if you can find anything with donkey on the list. Uncheck the tick.
You will have to restart the system and it will come up with a dialog box at startup which you can okay.
Hope it helps.
And I to my motorcycle parked like the soul of the junkyard. Restored, a bicycle fleshed with power, and tore off. Up Highway 106 continually drunk on the wind in my mouth. Wringing the handlebar for speed, wild to be wreckage forever.
- James Dickey, Cherrylog Road.
Whip it, whip it good!
All advice helps.........thanks!
I'ma get medieval on your ass!
I used to have a small cat, cute as all get up, it would appear through a catdoor on the screen, walk around, and was generally a mild diversion.
And it was spyware. No big deal, probably didn't do any harm - but I'll never know.
Can you delete it through Control Panel - Add/Delete Programs?
Your pc should be secure with what you have. I'd suggest that the children are innocently clicking on things and installing stuff. The Tea Timer in Spybot should stop this - is it active?
Hardcore Biker
Configure your kids accounts on the PC to not be admins, that way they cant install shit :-P
Or go overboard like me, install a 2003 server at home, join all the pc's to the domain and use group policy to control your childrens lives.. muhahahaha.
.
Comfortably numb
... And once you have this problem sorted go find CyberNanny or a similar service to restrict his future access to porn, music sharing, gambling, chatrooms, or whatever suits; and monitor where your little darling is websurfing to while you're not looking over his shoulder.
CyberNanny isn't foolproof but it seems to be as good as any according to the web search I did when attempting to solve a similar problem. My biggest concern wasn't bandwidth usage, it was virus risk of some of the dodgy sites that teenagers tend to frequent. CyberNanny also gives warnings on the worst risk sites, which definitely includes "Morpheus" if you're interested.
Best of luck,
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
Reply With Quote
Bookmarks