Try running AdAware in the safe mode. when you boot up your computer, hit the F8 key until you get a black page with options, pick the safe mode or safe mode with networking.
Many items that can't be removed in regular mode can be in safe mode.
Maybe you do not have Administrative rights. I suspect you are using XP home. Try going into Control Panel under Users and make sure you are computer Administrator. If yo are a Limited User you may not have success in removing stuff. (And there is a way to log in as Administrator under XP Home.)
I like Pawtuckets idea of removing while in Safe Mode too. (Hi Pawtucket, how are you?)
When I battle Spyware I first unplug myself from the Internet until I am done. Otherwise the spyware may try to go out for reinforcements. :D-->
If Norton or Spybot does not remove those, try to remove them manually. Both programs should give you and indication of where they are. Couldn't hurt to just go to that place and try DELETE.
Now concerning your graphics, I am skeptical that Spyware would interfere with graphics. That is usually hardware related but I do not claim to be an expert.
Again without more info it is difficult to diagnose. What is it doing? What kind of graphics card do you have if any? Make sure your refresh rate is set to 75 unless it is a flat monitor. Make sure your Screen Resolution and Color Quality settings are adjusted correctly.
yougotout, I think she's talking about her work computer, so she probably can't log in as administrator.
cw, start your computer in safe mode and just delete the EXE files and the DLL files (if any) associated with the spyware. The fix for some types of spyware is to change the registry settings for some keys while in safe mode.
Your best bet is to do an internet search for the particular spywares that are plaguing you.
Thanks y'all! I am talking about my work computer.
I'm not sure how to reimage the computer, Steve!, but I do know I have ghost copies and they have set my computer back before.... I just don't know if I have to have administrator rights to do that as well.
I will try the safe mode thingy when I leave tonight and see if that helps. I hope it does!
Thanks so much!
Here's part of the log from my AdAware scan:
Lavasoft Ad-Aware Personal Build 1.01
Logfile created on:Wednesday, October 20, 2004 9:36:47 AM
Created with Ad-Aware SE Personal, free for private use.
Recommended Posts
Steve!
Well, you could try doing a restore to a previous image. That is, resetting your computer to the way it was several days ago.
This might not do it, but it's worth a try.
Link to comment
Share on other sites
igotout
Are you using XP Home or XP Professional? Sounds like you got infested with a good case of Spyware.
Do you have virus protection and is it updated with all the latest downloads from the manufacturer?
Do you have SP 2 installed and all other Windows Updates?
Need more info.
Link to comment
Share on other sites
pawtucket
Try running AdAware in the safe mode. when you boot up your computer, hit the F8 key until you get a black page with options, pick the safe mode or safe mode with networking.
Many items that can't be removed in regular mode can be in safe mode.
Link to comment
Share on other sites
CoolWaters
Hmmmmm....
Very interesting...
Because my virus protection, my firewall and my SpyBot all show 4 files of spyware...but none of them can or will do anything about these ....ers.
And they're messing with my graphics programs big time.
So how do I remove them in safe mode? Just go there and then what?
Link to comment
Share on other sites
igotout
Maybe you do not have Administrative rights. I suspect you are using XP home. Try going into Control Panel under Users and make sure you are computer Administrator. If yo are a Limited User you may not have success in removing stuff. (And there is a way to log in as Administrator under XP Home.)
I like Pawtuckets idea of removing while in Safe Mode too. (Hi Pawtucket, how are you?)
When I battle Spyware I first unplug myself from the Internet until I am done. Otherwise the spyware may try to go out for reinforcements.
:D-->
If Norton or Spybot does not remove those, try to remove them manually. Both programs should give you and indication of where they are. Couldn't hurt to just go to that place and try DELETE.
Now concerning your graphics, I am skeptical that Spyware would interfere with graphics. That is usually hardware related but I do not claim to be an expert.
Again without more info it is difficult to diagnose. What is it doing? What kind of graphics card do you have if any? Make sure your refresh rate is set to 75 unless it is a flat monitor. Make sure your Screen Resolution and Color Quality settings are adjusted correctly.
Link to comment
Share on other sites
Steve!
yougotout, I think she's talking about her work computer, so she probably can't log in as administrator.
cw, start your computer in safe mode and just delete the EXE files and the DLL files (if any) associated with the spyware. The fix for some types of spyware is to change the registry settings for some keys while in safe mode.
Your best bet is to do an internet search for the particular spywares that are plaguing you.
Link to comment
Share on other sites
pawtucket
CW,
Run the programs the same way you did in regular mode and delete them. They should be deleteable in safe mode when they weren't in regular mode
Link to comment
Share on other sites
Belle
Thanks y'all! I am talking about my work computer.
I'm not sure how to reimage the computer, Steve!, but I do know I have ghost copies and they have set my computer back before.... I just don't know if I have to have administrator rights to do that as well.
I will try the safe mode thingy when I leave tonight and see if that helps. I hope it does!
Thanks so much!
Here's part of the log from my AdAware scan:
Lavasoft Ad-Aware Personal Build 1.01
Logfile created on:Wednesday, October 20, 2004 9:36:47 AM
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R11 07.10.2004
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
BargainBuddy(TAC index:8):1 total references
DyFuCA(TAC index:3):1 total references
istbar(TAC index:6):2 total references
MRU List(TAC index:0):17 total references
SecondThought(TAC index:4):1 total references
TopMoxie(TAC index:3):1 total references
TVMedia(TAC index:5):1 total references
VirtualBouncer(TAC index:5):1 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Reffile status:
=========================
Definitions File Loaded:
Reference Number : SE1R11 07.10.2004
Internal build : 16
File location : C:Program FilesLavasoftAd-Aware SE Personaldefs.ref
File size : 353470 Bytes
Total size : 1162664 Bytes
Signature data size : 1138651 Bytes
Reference data size : 23501 Bytes
Signatures total : 31468
Fingerprints total : 206
Fingerprints size : 9362 Bytes
Target categories : 15
Target families : 579
(Requires Ad-Aware SE or higher)
Memory + processor status:
==========================
Number of processors : 1
Processor architecture : Intel Pentium IV
Memory available:41 %
Total physical memory:522224 kb
Available physical memory:213324 kb
Total page file size:1276052 kb
Available on page file:1063852 kb
Total virtual memory:2097024 kb
Available virtual memory:2033248 kb
OS:Microsoft Windows XP Professional Service Pack 1 (Build 2600)
Ad-Aware Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan within archives
Set : Scan my Hosts file
Extended Ad-Aware Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Obtain command line of scanned processes
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Backup current definitions file before updating
Set : Play sound at scan completion if scan locates critical objects
10-20-2004 9:36:47 AM - Scan started. (Custom mode)
Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
#:1 [explorer.exe]
FilePath : C:WINDOWS
Command Line : C:WINDOWSExplorer.EXE
ProcessID : 1520
ThreadCreationTime : 10-20-2004 1:09:09 PM
BasePriority : Normal
FileVersion : 6.00.2800.1106 (xpsp1.020828-1920)
ProductVersion : 6.00.2800.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : EXPLORER.EXE
#:2 [hkcmd.exe]
FilePath : C:WINDOWSSystem32
Command Line : "C:WINDOWSSystem32hkcmd.exe"
ProcessID : 456
ThreadCreationTime : 10-20-2004 1:09:11 PM
BasePriority : Normal
FileVersion : 3,0,0,2104
ProductVersion : 7,0,0,2104
ProductName : Intel® Common User Interface
CompanyName : Intel Corporation
FileDescription : hkcmd Module
InternalName : HKCMD
LegalCopyright : Copyright 1999-2003, Intel Corporation
OriginalFilename : HKCMD.EXE
#:3 [directcd.exe]
FilePath : C:Program FilesRoxioEasy CD Creator 5DirectCD
Command Line : "C:Program FilesRoxioEasy CD Creator 5DirectCDDirectCD.exe"
ProcessID : 176
ThreadCreationTime : 10-20-2004 1:09:11 PM
BasePriority : Normal
FileVersion : 5.3.4.21
ProductVersion : 5.3.4.21
ProductName : DirectCD
CompanyName : Roxio
FileDescription : DirectCD Application
InternalName : DirectCD
LegalCopyright : Copyright © 2001,2002, Roxio, Inc.
OriginalFilename : Directcd.exe
#:4 [ccapp.exe]
FilePath : C:Program FilesCommon FilesSymantec Shared
Command Line : "C:Program FilesCommon FilesSymantec SharedccApp.exe"
ProcessID : 440
ThreadCreationTime : 10-20-2004 1:09:11 PM
BasePriority : Normal
FileVersion : 2.2.0.577
ProductVersion : 2.2.0.577
ProductName : Common Client
CompanyName : Symantec Corporation
FileDescription : Common Client User Session
InternalName : ccApp
LegalCopyright : Copyright © 2000-2003 Symantec Corporation. All rights reserved.
OriginalFilename : ccApp.exe
#:5 [vptray.exe]
FilePath : C:PROGRA~1SYMANT~2
Command Line : "C:PROGRA~1SYMANT~2VPTray.exe"
ProcessID : 1200
ThreadCreationTime : 10-20-2004 1:09:11 PM
BasePriority : Normal
FileVersion : 9.0.0.338
ProductVersion : 9.0.0.338
ProductName : Symantec AntiVirus
CompanyName : Symantec Corporation
FileDescription : Symantec AntiVirus
LegalCopyright : Copyright 1991 - 2004 Symantec Corporation. All rights reserved.
#:6 [osa.exe]
FilePath : C:Program FilesMicrosoft OfficeOffice
Command Line : "C:Program FilesMicrosoft OfficeOfficeOSA.EXE" -b
ProcessID : 656
ThreadCreationTime : 10-20-2004 1:09:12 PM
BasePriority : Normal
#:7 [wzqkpick.exe]
FilePath : C:Program FilesWinZip
Command Line : "C:Program FilesWinZipWZQKPICK.EXE"
ProcessID : 1900
ThreadCreationTime : 10-20-2004 1:09:12 PM
BasePriority : Normal
FileVersion : 1.0 (32-bit)
ProductVersion : 8.1 (4319)
ProductName : WinZip
CompanyName : WinZip Computing, Inc.
FileDescription : WinZip Executable
InternalName : WZQKPICK.EXE
LegalCopyright : Copyright © WinZip Computing, Inc. 1991-2001 - All Rights Reserved
LegalTrademarks : WinZip is a registered trademark of WinZip Computing, Inc
OriginalFilename : WZQKPICK.EXE
Comments : StringFileInfo: U.S. English
#:8 [outlook.exe]
FilePath : C:Program FilesMicrosoft OfficeOffice
Command Line : "C:Program FilesMicrosoft OfficeOfficeOUTLOOK.EXE"
ProcessID : 2328
ThreadCreationTime : 10-20-2004 1:09:20 PM
BasePriority : Normal
#:9 [mapisp32.exe]
FilePath : C:WINDOWSSystem32
Command Line : MAPISP32.EXE -000091803799A76
ProcessID : 2352
ThreadCreationTime : 10-20-2004 1:09:20 PM
BasePriority : Normal
FileVersion : 5.5.1960.0
ProductVersion : 5.5
ProductName : Microsoft Exchange
CompanyName : Microsoft Corporation
FileDescription : Microsoft Windows Messaging Subsystem Spooler
InternalName : MAPISP32
LegalCopyright : Copyright © 1986-1997 Microsoft Corp. All rights reserved.
LegalTrademarks : Microsoft® and Windows® are registered trademarks of Microsoft Corporation.
OriginalFilename : MAPISP32.EXE
#:10 [iexplore.exe]
FilePath : C:Program FilesInternet Explorer
Command Line : "C:Program FilesInternet ExplorerIEXPLORE.EXE"
ProcessID : 3100
ThreadCreationTime : 10-20-2004 1:23:58 PM
BasePriority : Normal
FileVersion : 6.00.2800.1106 (xpsp1.020828-1920)
ProductVersion : 6.00.2800.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Internet Explorer
InternalName : iexplore
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : IEXPLORE.EXE
Link to comment
Share on other sites
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.