• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

spyware trashed my computer....HELP!!!!

dirtyinternet

OSNN Junior Addict
#1
a few months ago my computer got its browser hijacked and i didnt know what to do so i just got rid of IE and got netscape. that worked fine for a while but then last night everything went to hell. i started getting this pop-ups. and norton kept telling me that it found a trojan startpage virus and deleted it. then when i tried to run a system scan in norton it said that it had an internal error. i also started getting these error messages about something run.dll or something like that. but heres the biggest problem everytime i attemped to open any of my folders or any zip files i get one of the norton trojan.startpage deleted messages and one of the run.dll erreor messages. ive run ad aware and cw shredder. neither did much although cw shredder gave me my desktop back. what can i do???? this really sucks. if anyone has advice id love to hear it.
 

Admiral Michael

Michaelsoft Systems CEO
#2
If you want to run a antivirus scan, try Norton's online. It wont remove any but will tell you if there are any and where. It requires ActiveX so Im not sure if Netscape has that.

For spyware, theres also Spybot Search and Destroy. I use that and adaware.
 

Kush

High On Life!
#3
if u cant visit any antivirus sites check ur hosts file viruses usually add them to the hosts file so u cant do an online check
 

muzikool

Act your wage.
Political User
#4
In order for you to clean your system effectively it might be necessary for you to boot Windows in to Safe Mode. If you don't know how to do that, then it's usually done by holding down F8 as your computer boots up. You will be presented with the option of Safe Mode with Networking, which is what I'd choose.

Once you're in Safe Mode, run Ad-Aware again as well as Norton. If nothing is found, download Spybot Search & Destroy and run it as well. Additionally, you should check to see what is running at startup. Usually I would advise doing so through the registry, but without knowing your experience with that, I'd say go ahead and do so with msconfig. Simply go to Start --> Run, and type 'msconfig' (no quotes) and hit Enter. There is a Startup tab that displays a list of everything that starts up with Windows. If there is something you don't recognize or want, then either uncheck the box or ask us what it is. This might help in keeping spyware from running on your system.

This is enough to get you started. Keep posting back with questions or whatever and we'll continue to help you get this figured out. :)
 

egghead

Double O Egghead
#5
hi dirtyinternet,

I have created a spyware removal guide that should help you secure your pc.

follow the step in order and re-download and install all the programs from the links provided in the guide (this ensures you have the latest possible programs)

you can view my spyware removal guide here.

Good luck
 

dirtyinternet

OSNN Junior Addict
#6
wow you guys have all been super helpfull with this fiasco i appreciatre the quick response. i havent tried everything you suggested yet but i did do something that sorta helped. i ran CWshredder (short for cool web shredder i believe) this helped alot. alfter i run this everything goes back to normal. but it isnt as good as it sounds. its not permenant. after i reboot it goes back to a huge kettle of fiesces. but luckily i got acces to norton and ran a scan. it found something called hmm what was it i think download.trojan but get this it couldnt quarrintine or delete it!!!. also i looked at my start up and didnt recognize anything except a couple programs in a list of about 60. is theyre anything in thier neccassary for my system to run or can i shut it all down if i dont recognize it? i appreciate your help. lord im being careful with my computer hence forth!
 

muzikool

Act your wage.
Political User
#7
If you haven't booted into Safe Mode then I suggest it again as it might be helpful in allowing you to delete the trojan.

As for the startup list, if you could take a screenshot and post it here then we can suggest what you remove from the list. Also, you could view your running processes through the Task Manager (CTRL+ALT+DELETE) and post a screenshot of that.
 

muzikool

Act your wage.
Political User
#9
With Task Manager (or whatever) open, hit your Print Screen button. Then open up a graphics app such as Paint or Photoshop and paste (CTRL+V) it there. Then save the screenshot as a jpg and upload it here. :)
 

dirtyinternet

OSNN Junior Addict
#10
well icant find the print screeen buton so ill do this my self whew here we go

hpsysdrv
hkcmd
hpqcmon
hpgs2wnd
KBD
RECGUARD
NvCpl
nwiz
ccApp
ccRegVfy
ALCXMNTR
ps2
cdaEngine0400
realsched
UsrPrmpt
LVCOMSX
ISStart
LogiTray
mimboot
NvMctray
svhost32
version
secure
AdmilliServ
VVSN
sgtray
ieloader
kernels32
Q92194
SNDMon
msmsgs
PSFree
ypager
ManifestEngine
system
Logitech Desktop M...



this is all that i didnt recognize just let me know what ill need
 

zeke_mo

(value not set)
Staff member
Political User
#11
Backup and format.....but if you dont want to do that, i would shut all startup items off for now, and run the virus scan that came with your norton cd(assuming it has one) it will scan from the cd so that nothing will interfer with it. I would also continue to try cleaning from safe mode. It sucks when this happens, I havent had to do it for awhile now. This sure bring back nightmares :(
 

muzikool

Act your wage.
Political User
#12
At first glance, you've got quite a few Logitech and HP processes running, which is not a problem. I'll check on some of those that I don't recognize and post back about any that might be trouble.
 

muzikool

Act your wage.
Political User
#13
I would stop the "secure" process and find that actual file on your hard drive and delete it. The file will be secure.exe. First, check your Add/Remove Programs in the Control Panel and see if there is a program there called DealHelper. If so, remove it. More info on DealHelper here.

Also, stop the "AdmilliServ" process and search for that file (.exe) and delete it.

Same for VVSN.

ieloader.exe is a trojan, and you need to stop it and remove it. If you haven't donloaded and run Spybot yet, you need to do that.

kernels32.exe is also a trojan. stop the process and remove it.

Q92194 - I can't figure out what this is. Go ahead and stop the process, do a search for it on your hard drive and let me know where you found it.

system.exe is a trojan. Find out more about this trojan here.
 
#16
For reference print screen is to the right of F12.

One other step.

You need to turn off your system restore before cleaning out the spyware again. Then reboot and if all is well turn system restore back on. Many virii and spyware hide in the system restore backups and then windows puts them back on your system at reboot just like it was restoring part of windows that had been damaged.
 

muzikool

Act your wage.
Political User
#17
Good point LeeJend.

dirtyinternet, I've posted everything I think you need to look at. You've got at least several trojans, and if Ad-Aware isn't catching them then you need to run Spybot to see if it will. Otherwise, you'll have to manually remove it all yourself, which you can do but it's a lot of work.

Safe Mode is your friend. It will keep a bunch of that crap from loading up so that you're able to remove it easier.

It sucks that you're having to deal with this, but have patience and we'll get you through it.
 

muzikool

Act your wage.
Political User
#20
Turn off System Restore
To turn off System Restore, follow these steps:
1. Click Start, right-click My Computer, and then click Properties.
2. Click the System Restore tab.
3. Select the Turn off System Restore check box (or the Turn off System Restore on all drives check box), and then click OK.
4. Click Yes when you receive the prompt to the turn off System Restore.

Turn on System Restore
To turn on System Restore, follow these steps:
1. Click Start, right-click My Computer, and then click Properties.
2. Click the System Restore tab.
3. Clear the Turn off System Restore check box (or the Turn off System Restore on all drives check box), and then click OK.
 

Members online

No members online now.

Latest posts

Latest profile posts

Hello, is there anybody in there? Just nod if you can hear me ...
Xie
What a long strange trip it's been. =)

Forum statistics

Threads
61,961
Messages
673,239
Members
89,014
Latest member
sanoravies