Pesrsistent Spy - even after reinializing HD and reinstalling W2K!

  1. 30-01-2005  #1
    gitano
    gitano is offline Newbie

    Exclamation Pesrsistent Spy - even after reinitializing HD and reinstalling W2K!

    For months my PC has been infected with some terrible spyware/hijacker (some form of coolwebsearch?), despite applying anti spyware/adware applications (like ad-aware, spybot), anti virus applications (like avast and norton) and even after reinitializing my entire hard disk many times and reinsatlling windows 2K Pro.

    If its not ABOUT:BLANK its very slow system with the sent data many times the received data ....

    In short without Norton Internet Security blocking the pest my home pc can hardly be used to access the Internet (using W2K)

    Any help or must i replace my hard disk (which is only few months old)?
    Last edited by gitano; 30-01-2005 at 04:41 PM.
  2. 31-01-2005  #2
    owen
    owen is offline D-A-L Team Member (UK)
    Of course you musn't replace your hard disk. That would be very drastic.

    Please read my signature and post a Hijack This log to the forum.
  3. 06-02-2005  #3
    gitano
    gitano is offline Newbie
    Thanks for repying to my query, which i noticed only yesterday.
    Since sending you my initial message I reinitialized the entire hard disk and reinstalled W2K at least 3 times, trying new spyware applications, as was suggested in www.d-a-l.com, namely spywarebalster and spywareguard. Also retried avast antivirus instead of Norton Internet Security
    However, i still get system hangs and strange messages, such as "network blocked DCOM"?. In particular i get this message (as often as twice in the last 1/2 hour)

    ------------------------------------------------------------------
    "Messenger Service
    Message from WARNING to INFECTED on 2/6/2005 7:15:52

    ATTENTION!

    This computer is INFECTED with Spyware!

    Your system resources are being used for illrgal activity like sending SPAM, committing FRAUD and flooding the Internet with DoS attacks!

    Learn how to remove these malicious programs for FREE!

    Visit www.nixad.com"
    ----------------------------------------------------------------------
    And other shorter variations of it (from same source - www.NIXAD.com)
    Who are they?)

    I have visited d-al.com about 3 times since i received your message, and i will download HijackThis and send you a copy of its log as soon as things are clearer after this last reinitialization (only disc c partion this time) and reinstalling W2K (using up-to-date Spywareblaster, spybot - including its teatimer for realtime instead of spywareguard, again according to a suggestion from d-a-l.com - and Avast antivirus)

    thanks again
    Gitano
  4. 06-02-2005  #4
    owen
    owen is offline D-A-L Team Member (UK)
    Save 20% on AVG Internet Security 2012 Suite!
    Thats the exploitation of the Messenger Service built into Windows. Have a read of this and download the utlity to disable Messenger Service.

    Get yourself a firewall as well, Sygate as recommended in the Hijack This Logs thread.
+ Reply to Thread
« Taskmanager/msconfig/regedit disappear | Hijack This Log »