Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Need Some Help Here..


  • Please log in to reply
9 replies to this topic

#1 Uraiser

Uraiser

  • Members
  • 254 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:San Antonio, TX
  • Local time:05:33 AM

Posted 27 May 2006 - 11:22 AM

Im a bit stumped on how to fix this one..


I had the spyquake 2.0 variation of the trojan itself, that problem is gone. I remove dthe trojan by scanning with AVG and handpicking a few files out.
So, no more infection..



Whats bothering me is the after effect, the registry of my computer seems to have become corrupt.. It cant load "SVCHOST" at start up and this causes many things to not be able to load. Now, to fix this reg problem, I've tried exporting all of the registry from my last known good configuration, because this setting works, and importing it into the faulty start up. But some entries could not be copied, therefore nothing was replaced. What should I do?

BC AdBot (Login to Remove)

 


#2 Elendil

Elendil

  • Members
  • 660 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The US
  • Local time:06:33 AM

Posted 27 May 2006 - 11:34 AM

Have you tried BC's SpyQuaker removal method to ensure that ALL of the SpyQuake infection is gone?

http://www.bleepingcomputer.com/forums/t/47826/how-to-remove-spywarequaked-and-spywarequake-removal-instructions/

Also, have you scanned for rootkits that might be concealing infections? If not try F-Secure's BlackLight Rootkit Detector:

http://www.bleepingcomputer.com/tutorials/use-blacklight-to-remove-rootkits/
Stanford '14
B.S. Candidate | Computer Science

#3 Uraiser

Uraiser
  • Topic Starter

  • Members
  • 254 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:San Antonio, TX
  • Local time:05:33 AM

Posted 27 May 2006 - 11:54 AM

Yes, The infection is completely gone, I made sure of that.

#4 pascor22234

pascor22234

  • Members
  • 403 posts
  • OFFLINE
  •  
  • Local time:06:33 AM

Posted 27 May 2006 - 02:13 PM

I seriously doubt that there are any "SpyQuakers" out there that need to be removed... :thumbsup:

#5 Enthusiast

Enthusiast

  • Members
  • 5,898 posts
  • OFFLINE
  •  
  • Location:Florida, USA
  • Local time:05:33 AM

Posted 27 May 2006 - 04:44 PM

By just deleting files and registry entries you may have removed or still have corrupted necessary system files.

Do you have a Windows CD?

Edited by Enthusiast, 27 May 2006 - 04:45 PM.


#6 Uraiser

Uraiser
  • Topic Starter

  • Members
  • 254 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:San Antonio, TX
  • Local time:05:33 AM

Posted 03 June 2006 - 12:10 PM

By just deleting files and registry entries you may have removed or still have corrupted necessary system files.

Do you have a Windows CD?



I fixed the problem. It took a long time but everything back and functioning correctly..


I dont mean to come off sounding like a smart-alec here, but where did you get the idea that I was just deleting registry entries at random? I know better than that, I know computers pretty well and it annoys me when someone comes off talking to me like I dont know what im doing. I understand that most of you guys are professionals and talk to people like that by habit. But to me, I have more than a slight hint at what I'm doing. Im going to school to major in PC and Network creation/repair.I dont know everything about every problem I have, Which is why I came here with the spyquake problem. I know there is no true way to tell someones knowledge of computers until they express what they have through helping others, but please, read posts before posting your own in someones topic.

Edited by Uraiser, 03 June 2006 - 12:25 PM.


#7 Uraiser

Uraiser
  • Topic Starter

  • Members
  • 254 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:San Antonio, TX
  • Local time:05:33 AM

Posted 05 June 2006 - 12:07 PM

My apologies, Enthusiast, and to anyone else this concerns. It was a rough day, but I know thats no excuse for my actions and my outbreak. I apologize, and hope we can continue to work together past this rut.

#8 Enthusiast

Enthusiast

  • Members
  • 5,898 posts
  • OFFLINE
  •  
  • Location:Florida, USA
  • Local time:05:33 AM

Posted 05 June 2006 - 12:19 PM

I'm sorry if I offended you but that wasn't my intent.

I was just trying to determine why you are experiencing the problem.

#9 Uraiser

Uraiser
  • Topic Starter

  • Members
  • 254 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:San Antonio, TX
  • Local time:05:33 AM

Posted 05 June 2006 - 01:18 PM

No need for you to apologize, and I understand your intent. I apologize for the whole situation, I fixed the problem. Some hard work and quiet time did the job.

#10 tg1911

tg1911

    Lord Spam Magnet


  • Members
  • 19,274 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:SW Louisiana
  • Local time:04:33 AM

Posted 05 June 2006 - 11:53 PM

Could you post the fix, Uraiser?
It could prove to be helpful to others experiencing the same problem.
MOBO: GIGABYTE GA-MA790X-UD4P, CPU: Phenom II X4 955 Deneb BE, HS/F: CoolerMaster V8, RAM: 2 x 1G Kingston HyperX DDR2 800, VGA: ECS GeForce Black GTX 560, PSU: Antec TruePower Modular 750W, Soundcard: Asus Xonar D1, Case: CoolerMaster COSMOS 1000, Storage: Internal - 2 x Seagate 250GB SATA, 2 x WD 1TB SATA; External - Seagate 500GB USB, WD 640GB eSATA, 3 x WD 1TB eSATA

Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users