chrisg
|
| posted on 5/8/07 at 07:10 PM |
|
|
Damn ads!
I've got something on my computer that seems to open random websites all the time.
any ideas how o get rid?
Cheers
Chris
Note to all: I really don't know when to leave well alone. I tried to get clever with the mods, then when they gave me a lifeline to see the
error of my ways, I tried to incite more trouble via u2u. So now I'm banned, never to return again. They should have done it years ago!
|
|
|
|
|
BenB
|
| posted on 5/8/07 at 07:16 PM |
|
|
Try running Adaware and Search + Destroy
|
|
|
Hellfire
|
| posted on 5/8/07 at 07:16 PM |
|
|
Seems like you been on some dodgy websites Chris... YES? 
You have a virus/spyware m8!
Run your Antivirus Software/Adware/SpyBot etc etc...
Steve
[Edited on 5-8-07 by Hellfire]
|
|
|
BenB
|
| posted on 5/8/07 at 07:22 PM |
|
|
Better blame the monkey 
|
|
|
Confused but excited.
|
| posted on 5/8/07 at 07:34 PM |
|
|
^^^ ^^^
Tell them about the bent treacle edges!
|
|
|
chrisg
|
| posted on 5/8/07 at 07:36 PM |
|
|
This is the dodgiest site I use!
Thing is I've tried AVG and Adaware, it's still there.
I'll try search and destroy
Cheers
Chris
Note to all: I really don't know when to leave well alone. I tried to get clever with the mods, then when they gave me a lifeline to see the
error of my ways, I tried to incite more trouble via u2u. So now I'm banned, never to return again. They should have done it years ago!
|
|
|
Hellfire
|
| posted on 5/8/07 at 07:44 PM |
|
|
quote:
Originally posted by chrisg
This is the dodgiest site I use! YEAH RIGHT!
Thing is I've tried AVG and Adaware, it's still there. Ooh, it's a proper one then
I'll try search and destroy
Cheers
Chris
Highjackthis may be your answer... run it and post log. Chances are it's infected your boot sequence and needs to be stopped to eliminate. I may
be around your neck of the woods tomorrow... let me know. U2U sent!
Steve
[Edited on 5-8-07 by Hellfire]
|
|
|
thunderace
|
| posted on 5/8/07 at 07:48 PM |
|
|
do you think the monkey spanking site done it???????????
|
|
|
chrisg
|
| posted on 5/8/07 at 08:28 PM |
|
|
Highackthis log
"Logfile of HijackThis v1.99.1
Scan saved at 21:26:30, on 05/08/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe
C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe"
Cheers
Chris
Note to all: I really don't know when to leave well alone. I tried to get clever with the mods, then when they gave me a lifeline to see the
error of my ways, I tried to incite more trouble via u2u. So now I'm banned, never to return again. They should have done it years ago!
|
|
|
Dangle_kt
|
| posted on 5/8/07 at 09:19 PM |
|
|
install firefox - it's miles better than IE and its free - plus you can download add ons like gestures etc.
Fantastic bit of kit - i use it on all my PC's - and I'm a geek.
|
|
|
PhilCross66
|
| posted on 5/8/07 at 10:24 PM |
|
|
Try running F-Secures blacklight , it finds hidden root kits, think there's a free demo of it.
These things are often part of free software and even if you delete them with blacklight they may just return until you un-install the proggy they
came with.
I dont think Firefox will fix it cos its software running in the background. Last time I tried to run Firefox I kept finding sites it wont open, oh
how usefull.
|
|
|
Dangle_kt
|
| posted on 6/8/07 at 12:15 AM |
|
|
quote:
Originally posted by PhilCross66
I dont think Firefox will fix it cos its software running in the background. Last time I tried to run Firefox I kept finding sites it wont open, oh
how usefull.
I have never found a website that won't except it - bar one, the egg website that utilises the "password safe" - which has to use IE
- poor design by egg if you ask me.
Firefox is superior to IE in every way, it is only due to the fact IE comes pre intalled that the masses don't realise how poor it is in
comparison to the compition.
anyway -
If you have a personal firewall that you can grant internet access a program at a time, look at the current settings and look for programs that you
don't recognise, knock em off one at a time, but keep a record of the original settings so you can return them to stock
If it was me I would start with svchost.exe you have running - it is a well know virus that uses the same name as a ligit program which windows
requires.
|
|
|
JamJah
|
| posted on 6/8/07 at 08:21 AM |
|
|
Ermm. I wouldnt touch svchost! Do you know what it does?? Obviously not otherwise you wouldnt recommend interferring with it...
Basically it initiates part of the registry. The Services part of it at that! Touch it with high risk...! You may not get rebooted.
This is personal advise or personal opinion.
Constructive comments gratefully recieved, picking is left for noses.
|
|
|
Hellfire
|
| posted on 6/8/07 at 08:32 AM |
|
|
Don't stop SVC host it's an intigral part of Windows!!! Especially in system32 directory
If it's elsewhere it may be a corrupt file but otherwise, leave it alone!
INFORMATION HERE
Steve
|
|
|
Dangle_kt
|
| posted on 6/8/07 at 09:18 AM |
|
|
quote:
Originally posted by JamJah
Ermm. I wouldnt touch svchost! Do you know what it does?? Obviously not otherwise you wouldnt recommend interferring with it...
Basically it initiates part of the registry. The Services part of it at that! Touch it with high risk...! You may not get rebooted.
I mentioned earlier checking the access granted to *.exe via the firewall - I didn't say delete it or anything did i?
checking if it has access via your firewall will not stop windows booting...
|
|
|
.JPG)
