Tech Support Guy banner
  • Please post in our Community Feedback thread for help with the new forum software! If you are having trouble logging in, please Contact Us for assistance.
Status
Not open for further replies.
1 - 5 of 5 Posts

·
Registered
Joined
·
232 Posts
Discussion Starter · #1 ·
Here's a challenge. My neighbour asked me to "fix" his pc. After cleaning out the obvious spyware and viruses, trojans, droppers and worms, we found certain ones would not leave: analiz.exe, explore.exe, istsvc.exe, to name a few. Even after using "Hijack This", de-selecting them in msconfig, removing any trace of them in regedit, and using an anti-virus program,... they would regenerate and even duplicate themselves. Access the the internet is still a "No Go" as it hijacks us to a non-existant website. Punching in any other browser does not work nor does "Hijack This" remove it. Killed every program that we discovered was "hiding"the remaining spywares and viruses, but this did not work either. Used Spybot S&D, AVG anti-virus, Avast Anti Virus: which I even prefer over Norton, and wanted to use Ad-Aware, but the pc wouldn't allow it. TALK ABOUT COOKED!!!! [Mind you, the user had no idea that surfing free reign w/o firewall or protection and d/l'ing anything that seemed "cool" could do this over a period of a few months.] Any suggestions/ideas/conclusions/etc.??? [This could be fun!....yeah, right!] Thanx, people!
 

·
Registered
Joined
·
519 Posts
Are you using the lastest version of AdAware...it's called SE.
If not upgrade to that...
Have you tried AdAware in Safe Mode ?
If not try it...it works in safe mode.
Since you cannot get the newest definition update (for adaware) on the bad pc because you can't get online with it. Go to a good pc that has adaware installed on it
update it...then copy this file < defs.ref > from program files\lavasoft\adaware folder to that same folder on the bad pc.
You can try posting the hijackthis log here or have the Mod's move your post
to the Security forum where most of the people who handle this kind of stuff hang out.
Without a hijackthis log there's no telling what infections are on the pc.
 

·
Registered
Joined
·
2,735 Posts
If you are using XP or Me Turn off system restore reboot then carry out the Ad-Aware SE scan as mentioned in safe mode. When you have things cleaned up dont forget to set a new restore point .
 

·
Registered
Joined
·
232 Posts
Discussion Starter · #4 ·
Got Ad-Aware to work w/new def'ns. Found almost 700 critical objects. [~a "few"]. Went into msconfig and regedit, but certain ones were still showing up and would not be deleted. Still can't get onto the net and "Hijack This" won't get rid of certain items. Mind you, the pc is faster. Plan: reinstall IE6 and possibly XP. QUESTION: His XP came w/the pc, but he doesn't have the disc. Could I reinstall/recover his XP using my disc and use his serial #? Also, any other info could help. Thanx again, people! :eek:)
 

·
Registered
Joined
·
519 Posts
Do not reinstall IE or XP.
Post a hijackthis log before you take drastic measures like reinstalling which
may not solve your problems.
So did you copy the def's file like I instructed or was adaware able to hit the net.
When you say you can't get on the net...does that mean just IE or other programs
as well. How does the computer access the net , dialup or cable or dsl ?
 
1 - 5 of 5 Posts
Status
Not open for further replies.
Top