Psst... Ready to join TalkBass and start posting, make new friends, sell your gear, and more?  Register your free account in 30 seconds.

Computer guys; Spyware/reformating etc.

Discussion in 'Off Topic [BG]' started by popinfresh, Sep 9, 2005.


  1. popinfresh

    popinfresh

    Dec 23, 2004
    Melbourne, Aus
    Hey guys, I know a few of you on here are computer techies or at least computer minded, so i'm after some advice.
    First up, my sis clicked a stupid popup to install something from one of her quiz sites (annoying) and now we've got a fair bit of spyware, whats worse is that a few of my programs arn't working, heh.
    I've used spybot and adaware to clean up some stuff, and I had a trial thing of spy sheriff which found 90(!) things spy bot didn't, but because it was a trial I can't dang remove the things.

    So anywho, are there any other good programs out there? Or can anyone direct me through the registry to delete the right stuff (I do have some computer skills)?

    If it's best to just reformat, any tips on keeping my files etc? I burnt them onto disc last time, then after I reformated I couldn't get them back on to the computer for some reason =/. It was like 15gig of mp3's, recordings, video's of gigs etc etc.
    Also, what are the basic discs etc i'm going to need to get windows running with IE?

    Cheers guys.
     
  2. Spikeh

    Spikeh Sex Strings

    A PC needs a re-format every year or so anyway - depending on what you're doing with it of course!

    I only use Adaware, and it works fine for me... updated Adaware and AVG anti-virus (and of course a hardware / software firewall) and your PC should be fine...

    I'm about to format my PC again - it just slows down so much with every reboot! :p
     
  3. Redhotbassist

    Redhotbassist

    Oct 19, 2002
    England
  4. Vorago

    Vorago (((o)))

    Jul 17, 2003
    Antwerp, Belgium
    This is what you need: http://www.hitmanpro.nl/

    It's a dutch site, the downloadlink is above on the right, you'll see it.
     
  5. Vorago

    Vorago (((o)))

    Jul 17, 2003
    Antwerp, Belgium
    another thing, try to scan on daily bases.
     
  6. Turock

    Turock Supporting Member

    Apr 30, 2000
    Melnibone
  7. popinfresh

    popinfresh

    Dec 23, 2004
    Melbourne, Aus
    Hmmm, seems a few to try.. I'll get stuck into em.

    Yeah, I think it's time to reformat.. I just really can't be bothered and don't want to lose all my stuff again, heh. I think i'll invest in an extra external hard drive, put all my stuff on there. Then just format ever so often to clean out the registry etc..
     
  8. I see no reason to reformat your hard drive every year.....keep the programs clean, practice safe hex, use some common sense, if necessary run some PC maintenance programs and all will be well....
     
  9. Juneau

    Juneau

    Jul 15, 2004
    Dallas, TX.

    Just partition your existing hard drive and store everything you might need to save on the 2ndary partition (if your reformatting anyhow). Then if you need to reformat in the future, can just reformat the main drive with the OS and programs on it, and reinstall that, and all your personal stuff will be on the 2ndary for you as soon as your back up and running.
     
  10. Tash

    Tash

    Feb 13, 2005
    Bel Air Maryland
    I actually use 3 partitions in my main PC: 1 30 gig hard disk split into 10 and 20 gig partitions and a single 40 gig disk with a single partion.

    The 10 gig partition has just windows files and small utilities. The rest of its space is devoted to swap space. The 20 gig partition is where I install all my apps to: Open Office, games, Cakewalk, Reason etc.

    The 40 gig drive is just for storage of user files, and contains a shared directory of stuff fore my network.

    I find this setup to be very, very easy to maintain and reinsatall if needed. A basic windows XP SP2 install is imaged and stored on my E: drive, along with exported registry keys for all indtalled applications. To reinstall the system I just:

    1) Wipe C:
    2) Apply the image using ghost.
    3) Merge the registry files so that the "pure" windows install now thinks its had all the apps on D installed manually when in fact I just told the registry "Here they are". The files were never touched and its much faster than installing each app.

    My user data is never touched as its on a different physical disk.
     
  11. Spikeh is NOT correct!!! You NEVER need to reformat a hard drive unless it has severe operating problems. It is the action of last resort!!!

    I have been an IT pro for 34 years. I have 18 computers, 7 printers on three networks in my house. Listen up!

    1. Norton SystemWorks contains all you need to keep your computer clean and as close to virus-free as is possible today. LiveUpdate downloads and installs all the virus protection files automatically. Clean out your cache, recycle bin and temp files using CleanSweep once a week. Defragment the hard drive with SpeedDisk once a month. Yeah, there are other such products out there and everyone has a favorite. Just buy the damn thing and keep up your virus subscription.

    2. If you run Windows, download and install EVERY patch Microsoft puts out for the operating system. All that crap out there just takes advantage of the holes Bill and The Boyz left behind. If you're too lazy, just turn on the auto-protect feature in XP.

    3. Buy SpySweeper!!! Ad-aware, Spybot and the like are free but only scan your system AFTER it's been infected with all that spyware, adware and malware. SpySweeper is a SHIELD, protecting your computer from getting that stuff on there in the first place. While nothing is perfect, it's the best thing out there right now.

    I hope this helps. Take it or leave it from a long time pro who knows this stuff cold...
     
  12. I have also found the the beta version of Microsoft AntiSpyware works very well. It runs in the background and tells you whenever something is trying to be installed or the startup settings are being messed with or somethings trying to change registry settings, pretty much anything you can think of. It lets you know then asks if you want to let it proceed.
     
  13. Dan Molina

    Dan Molina TalkBass Secular Progressive

    Jul 17, 2002
    Murr Town, California
  14. Tash

    Tash

    Feb 13, 2005
    Bel Air Maryland
    Accept for tagging Open Office and Firefox as "Spyware" :)
     
  15. HiJackThis is a freeware program, and a very good one at that! You can use spyware/adware removal programs too, but HiJackThis will run diagnostic things on your whole computer, and catches a lot of different things including Internet and Registry problems..

    I recommend doing some Google searches on it.. when you actually get your scan you probably won't understand it, but you can PM me with it, or go to some forums and send it to more knowledgable people. Tell them your problem, show them the Hijackthis report, and they'll know what to do.
     
  16. Yeah Hijack This is pretty good. Take Danny Boy's advice and post it here - it's nice to see someone help out. If you don't know what you're looking at it's a bit confusing.

    As for Ad-Aware and Spybot, run them in safe mode.\

    Set your sister, or anyone else that uses your machine as a "user", not a power user or administrator. For that matter, use the machine as a user yourself and only switch to administrator if you need to install something.

    And get Firefox!
     
  17. Here's my recommendation for dealing with these issues: http://www.ubuntu.com/download

    It worked great for my family and friends after they got frustrated. I no longer have to babysit their computers.
     
  18. Spikeh

    Spikeh Sex Strings

    I resent that sweeping accusation! :p I've not been an IT professional for as long as you, but I've still got a good 10 years or so of experience (yes, I started very young... long story ;P).

    I'm not gonna turn this into a flaming match, but I have to comment on one thing... how can you claim to be an IT professional if you recommend Norton products?! Norton is quite easily the worst suite available on the face of the planet. But of course, that's just my personal opinion! :p I wouldn't install a Norton product if I was paid to endorse them!

    I'm not saying everybody has to format, but I prefer to keep my system fresh and free of all the extra dll's, files and rogue registry keys that windows decides to keep over the years. Unless you know the registry / file system inside out (and of course have a LOT of time and patience on your hands, which I personally don't any more), you're gonna have a hard time keeping your PC as efficient as it is after a format / re-install.

    Everyone has their own individual tolerance levels with system performance - personally, I play a lot of high-end computer games and run all sorts of IDEs, servers (SQL, exchange etc) and I'm constantly upgrading hardware drivers - I notice fairly quickly when my system performance degrades. I've went from a 6 second boot up (including POST screen and initial windows network configuration) to about 25 seconds over the last year - it's just how it is...
     
  19. popinfresh

    popinfresh

    Dec 23, 2004
    Melbourne, Aus
    Cool. I'm trying that hijackthis thing now.

    How do I run adaware etc in safe mode? Well, how do I get to it.. I've only ever gone into it if the computers gotten messed up and needed to start it up in safe mode (choosing from the list on startup).

    Heres the log file:

    Logfile of HijackThis v1.99.1
    Scan saved at 8:20:34 PM, on 9/12/2005
    Platform: Windows 2000 SP4 (WinNT 5.00.2195)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\SYSTEM32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\apixt.exe
    C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
    C:\Vet\isafe.exe
    C:\WINDOWS\system32\CTSvcCDA.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\drivers\KodakCCS.exe
    C:\Program Files\Kodak\Kodak EasyShare software\bin\ptssvc.exe
    C:\WINDOWS\system32\MSTask.exe
    C:\WINDOWS\System32\WBEM\WinMgmt.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
    C:\Program Files\QuickTime\qttask.exe
    C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
    C:\program files\Telstra\Signup\tbpt.exe
    C:\Vet\VetTray.exe
    C:\WINDOWS\msho32.exe
    C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
    C:\Program Files\Winamp\winampa.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
    C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Microsoft Office\Office\WINWORD.EXE
    C:\Program Files\Adobe\Photoshop 7.0\Photoshop.exe
    C:\PROGRA~1\WINZIP\winzip32.exe
    C:\Documents and Settings\Administrator\Local Settings\Temp\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\dgxtu.dll/sp.html#87649
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\dgxtu.dll/sp.html#87649
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\dgxtu.dll/sp.html#87649
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\dgxtu.dll/sp.html#87649
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\dgxtu.dll/sp.html#87649
    R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\dgxtu.dll/sp.html#87649
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\dgxtu.dll/sp.html#87649
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ;localhost;<local>
    R3 - Default URLSearchHook is missing
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: CBundleObj Object - {447160CD-ECF5-4EA2-8A8A-1F70CA363F85} - C:\WINDOWS\system32\msibkd.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: Class - {854604F6-7639-916F-EFED-29E3BDC1A5E3} - C:\WINDOWS\addca32.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx
    O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
    O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
    O4 - HKLM\..\Run: [LoadQM] loadqm.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [KAZAA] "C:\Program Files\Kazaa Lite K++\kpp.exe" "C:\Program Files\Kazaa Lite K++\Kazaa.kpp" /SYSTRAY
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
    O4 - HKLM\..\Run: [{F7D90BD2-14A9-11d3-AD9E-00AA0064EC94}] C:\program files\Telstra\Signup\tbpt.exe
    O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
    O4 - HKLM\..\Run: [VetTray] C:\Vet\VetTray.exe
    O4 - HKLM\..\Run: [NAVNet] "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\B2.tmp" /m
    O4 - HKLM\..\Run: [msho32.exe] C:\WINDOWS\msho32.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
    O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [kerberos] C:\WINDOWS\system32\kerberos.exe
    O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
    O4 - HKCU\..\RunOnce: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
    O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
    O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\Program Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU)
    O13 - WWW. Prefix: http://
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by102fd.bay102.hotmail.msn.com/resources/MsnPUpld.cab
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = vic.bigpond.net.au
    O17 - HKLM\System\CS1\Services\VxD\MSTCP: SearchList = vic.bigpond.net.au
    O17 - HKLM\System\CS2\Services\Tcpip\Parameters: SearchList = vic.bigpond.net.au
    O17 - HKLM\System\CS2\Services\VxD\MSTCP: SearchList = vic.bigpond.net.au
    O17 - HKLM\System\CCS\Services\VxD\MSTCP: SearchList = vic.bigpond.net.au
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = vic.bigpond.net.au
    O23 - Service: Network Security Service ( 11Fßä#·ºÄÖ`I) - Unknown owner - C:\WINDOWS\apixt.exe
    O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
    O23 - Service: CA ISafe (CAISafe) - Computer Associates International, Inc. - C:\Vet\isafe.exe
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSvcCDA.exe
    O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINDOWS\System32\dmadmin.exe
    O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: ptssvc - KODAK - C:\Program Files\Kodak\Kodak EasyShare software\bin\ptssvc.exe
    O23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:\Vet\VetMsg.exe