HELP pls.. hopefully right place

Discussion in 'ewido anti-spyware forum' started by statang, Jul 27, 2006.

Thread Status:
Not open for further replies.
  1. statang

    statang Registered Member

    Joined:
    Jul 27, 2006
    Posts:
    4
    Using WinXP SP2, Symantec AV
    currently trying ewido trial.

    chronological personal disaster:
    1. some program had vicious trojan/malware or something called ..er spyquake2 giving false alarms and popups (SAV detects something else too such as bgates.exe, srvo_O.exe wino_O.tmp.exe, Trojan dialers? and could not clean it.. some quarantined, some failed.
    2. Used rougescanfix and shtmem to remove the spyquake2.
    3. spyquake2 trays seem to be removed, however every now and then Symantec antivirus catches bgates.exe, tmp.exe etc
    4. installed ewido trial, found tons of spywares, malwares, all sorts of shocking news.. including the ones caught by SAV. Removed it from system (or so I thought)
    5. At times still ewido/SAV pops up with warning on Trojan dialers or etc. Hence whilst it is removed from system, it regenerates itself.. (note that I am only opening yahoo.com at this point)
    6. installed hijackthis…opened task manager and delete the suspected malware.
    7. delete winlogon (suspected malware) from registry as well (before this renamed the dll file to something else, otherwise everytime it restarts, this thing remains)
    8. bootup windows under safe mode… DELETE all cookies, all temp internet files, all temp folders and files..
    9. Went to work… Hoping everything works well.. left it on with internet on.

    Question:
    A. is my system / pc/ harddrive now cleano_O Is what I hv done finally correct?
    B. Can’t ewido remove it instead of me using hijackthis manually etco_O because I am seriously thinking of buying ewido if it can do so…
    C. do I need another antivirus prog? Other than SAV? Sigh.. do I hv to buy PANDA or NOD32? Which is better :p
    D. Can I purchase ewido online using ccard if I’m abroad? Any restrictions?

    Help appreciated plsss
    Thanks
    Mark
     
  2. stapp

    stapp Global Moderator

    Joined:
    Jan 12, 2006
    Posts:
    7,267
    Location:
    England
    Have you run ewido in safe mode?
     
  3. sosaiso

    sosaiso Registered Member

    Joined:
    Nov 12, 2005
    Posts:
    601
    Whoa whoa whoa.

    HijackThis and taskmanager? Hopefully that was only to stop the processes. Normally we would advise people not to touch anything in HijackThis before consulting with someone more experienced first.

    Second, try scanning in Ewido in safe mode as stapp recommended, and doing that at least 2-3 times. Quite a hassle, but sometimes things stay around after the first reboot or so.
     
  4. robinb

    robinb Registered Member

    Joined:
    Jun 22, 2006
    Posts:
    456
    Location:
    NJ
    you should ditch Norton AV and download the free version of AVG- it works great. I have it on all my clients computers including my own and i also have the pro version which is more for the business user or if you want a firewall with it and I have the one with the firewall and have been using it for 3 yrs with no problems.

    Having 2 antivirus programs is not good for your computer. they will fight each other and you will have more problems than you have now. You can have more than one anti spyware program- those tend not to fight each other

    robin
     
  5. statang

    statang Registered Member

    Joined:
    Jul 27, 2006
    Posts:
    4
    Well.. will do so in safe mode then..

    whilst now nothing pops up anymore.... by SAV or Ewido but i still feel that my internet is leaking somewhere ;(

    is there a way to find where it's leaking too_O
    i saw a lot of tcp active closed finished.. in the connections screen of ewido then it disappears.

    also i found some svchost.exe , but only 2 is listening mode..
    is that wrong too?
     
  6. statang

    statang Registered Member

    Joined:
    Jul 27, 2006
    Posts:
    4
    tried under safe mode.

    no probllems found..
    but still have internet lag spike.. :(

    hm...
     
  7. sosaiso

    sosaiso Registered Member

    Joined:
    Nov 12, 2005
    Posts:
    601
    Anything dialing out?

    And Norton is a perfectly fine AV to have. AVG, infact, has worse detection rates. :O
     
  8. siliconman01

    siliconman01 Registered Member

    Joined:
    Mar 6, 2003
    Posts:
    780
    Location:
    West Virginia (USA)
    Yes, I agree...100+%, nothing wrong with NAV. What version do you have- 2004, 2005, 2006?

    If ewido is not finding anything, I suggest that you need to get on a forum where they will examine your HiJackThis scan log and provide direction from what it is showing....such as the forum at:

    http://forum.hijackthis.de/index.php?langid=4

    JMO.
     
  9. TopperID

    TopperID Registered Member

    Joined:
    Oct 1, 2004
    Posts:
    1,527
    Location:
    London
  10. statang

    statang Registered Member

    Joined:
    Jul 27, 2006
    Posts:
    4
    thanks... will try hijack this forum first.

    :(
    i believe i hv removed spyquake2 but maybe the remnants.. :(
     
Thread Status:
Not open for further replies.