i have installed spywarestormer just to see how it manifests at deinstallation. It did not create any problems, it uninstalled itself successfully. What trouble do you have with the uninstallation process? Does it give any error message?"the doer alone learneth" /friedrich nietzsche.
Thankyou, Here is the log.Logfile of HijackThis v1.99.0 Scan saved at 4:00:11 PM, on 1/30/2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
I checked the Hijack report you have posted. Please close all your running applications, run HijackThis again and check the boxes for the following entries:
O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll O2 - BHO: (no name) - {607C88F9-0276-B0C7-D5C9-40ACB189C367} - C:\DOCUME~1\Owner\APPLIC~1\NEWWMA~1\OnceFace.exe O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file) O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
After this please check 'Fix checked'.
You can post a new log to see if there is anything else wrong. Also, do you get any error messages when trying to uninstall SpywareStormer?
Bianc@, i would not recommend dickster to fix the first and the last 02 BHO that you recommended, they are related to Microsoft Money, and his system might need them.
also, the 09 you recommended might be useful for dickster, as it is related to the Microsoft java virtual machine.
dickster, i will get back with recommendations for fixing in your hijackthis log."the doer alone learneth" /friedrich nietzsche.
please run HIJACKTHIS again, scan and place a checkmark next to the following items: 1. all of the R1 items. 2. the R3 item. 3. O2 - BHO: (no name) - {607C88F9-0276-B0C7-D5C9-40ACB189C367} - C:\DOCUME~1\Owner\APPLIC~1\NEWWMA~1\OnceFace.exe check this one too 4. the O1 - Hosts: 64.91.255.87 www.dcsresearch.com must also be checked for fixing. 5. O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file) check this one too. 6. O4 - HKLM\..\Run: [TkBellExe] = this could be the LOVGATE worm, so you should check it for fixing. 7. O4 - HKLM\..\Run: [New.net Startup] rundll32 this is a MUST fix. 8. O4 - HKLM\..\Run: [AdStatus Service] check this one too, this is adware 9. O4 - Startup: HP Organize.lnk = ? check for fixing 10. O10 - Hijacked Internet access by New.Net for this one, please download and run >SpyBot< also. 11. O23 - Service: Cryptainer service - Unknown - ssoftsrv.exe (file missing) check this too.
now fix everything by pressing the Fix checked button.
please download >ad-aware<, check for updates, and perform a full scan with it, fix everything it finds suspicious. Then restart your computer, run HIJACKTHIS again and post a new log here.
Regards, cristofMariussuspect any spyware/adware? download >hijackthis< and post the log file it creates. also don't forget to test >the free Bullguard trial< -------- Cristof Marius Andrei | Bullguard Support Team
Post Edited (cristofMarius) : 2/1/2005 6:03:29 PM GMT
Currently it is Thursday, November 20, 2008 12:18 PM (GMT +1) There are a total of 63.926 posts in 15.821 threads. In the last 3 days there were 34 new threads and 153 reply posts. View Active Threads
Who's Online
This forum has 27174 registered members. Please welcome our newest member, anthonymcg. 42 Guest(s), 1 Registered Member(s) are currently online. Details black.avanza
|