ctfmon.exe / win32/Hide.Drv.gen!sys HELP!

Discussion in 'Spyware' started by pxyfox2000, Feb 12, 2007.

  1. pxyfox2000

    pxyfox2000 Guest

    First of all please excuse my lack of computer terminology, I am ver
    inexperienced with all of this and this is my first experience with
    virus or anything of this kind, and apparently it one is a doozy...
    First what happens is in my toolbar in the bottom right hand corne
    there is a fake windows red shield with a white cross in it and a bo
    pops up that says: Windows has detected spyware infection whic
    corrpted the registry. It is recommended to load update to preven dat
    loss. Windows will now download and install the most up to dat
    software for you click here to protect your computer.
    And naturally when I click on it, it tries to scan my computer with
    Registry Cleaner 3.2 which then tells me I have to install an upgrad
    which costs me about $40.
    I have run Ad-aware, AVG, Windows Defender and Spybot. Window
    defender came the closest to identifying it as a Win32/Hide.Drv.gen!sy
    but it says that it does not have enough information to completely ge
    rid of it and to send a report to windows, which has yielded no result
    thus far.
    A friend of mine found the file ctfmon.exe and he went in and delete
    it from the registy but it keeps duplicating itself somehow makes i
    impossible to get rid of comepletely since it just restarts itself a
    startup. I have also noticed that after I try to delete it it usin
    the programs or deleting it manually from the registry, I then restar
    the computer and right before it shuts down there is a pop up erro
    message saying that an application failed or something.
    If you need any additional information let me know but I have tried t
    include everything here.
    PLEASE HELP!!
     
    pxyfox2000, Feb 12, 2007
    #1
    1. Advertisements

  2. pxyfox2000

    Leythos Guest

    Then, after you read the page, just take a look at his other links shown
    below - you won't want to use anything he claims to have created after
    this.


    --
    Want to know what PCBUTTS1 is really about?
    *** WARNING - these links contain foul/pornographic content of an
    abusive nature created by PCBUTTS1 and still hosted on his public
    website ***
    http://www.pcbutts1.com/rlk/rlk.htm ,
    http://www.pcbutts1.com/license.htm ,
    http://www.pcbutts1.com/downloads/max.htm ,
    http://www.pcbutts1.com/downloads/mpv.htm ,
    http://www.pcbutts1.com/downloads/wtcpcb.htm ,
    http://www.pcbutts1.com/cracks.htm ,
    http://www.pcbutts1.com/Loutheasshole.htm
    All while spamming his company website at: http://www.seedsv.com
     
    Leythos, Feb 13, 2007
    #2
    1. Advertisements

  3. pxyfox2000

    pxyfox2000 Guest

    I am not really concerned with getting involved in whatever it is tha
    you guys have going on, I really just need to find some HELP o
    information on my problem, I am not interested in playing childis
    games...sorry.
     
    pxyfox2000, Feb 13, 2007
    #3
  4. pxyfox2000

    Adam Piggott Guest

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1
    I'm fairly sure that Eset's NOD32 can get rid of these types of infections.
    I've tested similar malware which tries to goad you into paying for stuff
    and it can prevent and remove them.

    Uninstall AVG, reboot and install the free 30-day trial for NOD32[1] and
    after updating it, see if a Local scan cleans you up. SUPERAntiSpyware[2]
    should also have the grunt to take care of it.


    [1] http://www.eset.com/download/index.php#home
    [2] http://www.superantispyware.com/superantispywarefreevspro.html

    If either/both do end up saving your bacon do return the favour by shelling
    out a few bucks and purchase a license!

    Do you have any idea where the infection came from?

    Adam Piggott, Proprietor, Proactive Services (Computing).
    http://www.proactiveservices.co.uk/

    Please replace dot invalid with dot uk to email me.
    Apply personally for PGP public key.
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.4.6 (MingW32)

    iD8DBQFF0eCq7uRVdtPsXDkRAhn5AJ9gI9BtevuEoUFS8s2HOQeVC33/gACeNyOI
    Ve1BfczjUdverm6PbV6igIM=
    =2Bbi
    -----END PGP SIGNATURE-----
     
    Adam Piggott, Feb 13, 2007
    #4
  5. From: "pxyfox2000" <>

    | I am not really concerned with getting involved in whatever it is that
    | you guys have going on, I really just need to find some HELP or
    | information on my problem, I am not interested in playing childish
    | games...sorry.
    |


    Download and execute HiJack This! (HJT)
    http://www.spywareinfo.com/~merijn/files/HijackThis.exe

    Create a HJT log file and post it in one of the below locations...

    { Please - Do NOT post the HJT Log here ! }

    Forums where you can get expert advice for HiJack This! (HJT) logs.

    NOTE: Registration is not required in the below before posting a log
    http://www.thespykiller.co.uk/forum/?action=forum


    NOTE: Registration is REQUIRED in any of the below before posting a log
    http://www.bleepingcomputer.com/forums/forum22.html
    http://castlecops.com/forum67.html
    http://www.dslreports.com/forum/cleanup
    http://www.cybertechhelp.com/forums/forumdisplay.php?f=25
    http://www.atribune.org/forums/index.php?showforum=9
    http://www.geekstogo.com/forum/Malware_Removal_HiJackThis_Logs_Go_Here-f37.html
    http://gladiator-antivirus.com/forum/index.php?showforum=170
    http://forum.networktechs.com/forumdisplay.php?f=130
    http://forums.maddoktor2.com/index.php?showforum=17
    http://www.spywarewarrior.com/viewforum.php?f=5
    http://forums.spywareinfo.com/index.php?showforum=18
    http://forums.techguy.org/f54-s.html
    http://forums.tomcoyote.org/index.php?showforum=27
    http://forums.subratam.org/index.php?showforum=7
    http://www.5starsupport.com/ipboard/index.php?showforum=18
    http://www.malwarebytes.org/forums/index.php?showforum=7
    http://makephpbb.com/phpbb/viewforum.php?f=2
    http://forums.techguy.org/54-security/
    http://forums.security-central.us/forumdisplay.php?f=13
     
    David H. Lipman, Feb 13, 2007
    #5
  6. pxyfox2000

    pcbutts1 Guest

    Did you get my email?

    --

    Newsgroup Trolls. Read about mine here http://www.pcbutts1.com/downloads
    The list grows. Leythos the stalker http://www.leythosthestalker.com, David
    H. Lipman, Max M Wachtell III aka What's in a Name?, Fitz,
    Rhonda Lea Kirk, Meat Plow, F Kwatu F, George Orwell
     
    pcbutts1, Feb 13, 2007
    #6
  7. pxyfox2000

    Leythos Guest

    Why would anyone trust someone like you with the crap you created below?

    --
    Want to know what PCBUTTS1 is really about?
    *** WARNING - these links contain foul/pornographic content of an
    abusive nature created by PCBUTTS1 and still hosted on his public
    website ***
    http://www.pcbutts1.com/rlk/rlk.htm ,
    http://www.pcbutts1.com/license.htm ,
    http://www.pcbutts1.com/downloads/max.htm ,
    http://www.pcbutts1.com/downloads/mpv.htm ,
    http://www.pcbutts1.com/downloads/wtcpcb.htm ,
    http://www.pcbutts1.com/cracks.htm ,
    http://www.pcbutts1.com/Loutheasshole.htm
    All while spamming his company website at: http://www.seedsv.com
     
    Leythos, Feb 13, 2007
    #7
  8. pxyfox2000

    Drumstick Guest

    You don't have to "get involved" to listen to what is said about
    PCBUTTS. I'm generally a lurker here but, in my opinion, avoiding BUTTS
    is a good idea. Take the other options and move on; they're doing you a
    favor.

    Drum--
     
    Drumstick, Feb 14, 2007
    #8
  9. pxyfox2000

    pxyfox2000 Guest

    Well I know what I was doing when I got the virus but I forgot where i
    was since I panicked and deleted the website from my fav list once
    saw what it did. It was a total amature move I was trying to get a
    code for nero from some website called crack something (lesson 1. sta
    away from sites with the word crack in the title) and was too stupid t
    scan the file first....I totally deserve it, I shouldn't be so trustin
    of people. Its just I don't understand what people gain by infectin
    total strangers with a virus that just annoys people...they are lik
    date rapists that give you an STD, no better. Seriously... but I wa
    hanging out in places I shouldn't have and doing things I should no
    have been doing so I have no one to blame but myself. The best thing
    can say is I learned a valuable lesson.

    Thanks for your advice !!




     
    pxyfox2000, Feb 14, 2007
    #9
  10. From: "pxyfox2000" <>

    | Well I know what I was doing when I got the virus but I forgot where it
    | was since I panicked and deleted the website from my fav list once I
    | saw what it did. It was a total amature move I was trying to get an
    | code for nero from some website called crack something (lesson 1. stay
    | away from sites with the word crack in the title) and was too stupid to
    | scan the file first....I totally deserve it, I shouldn't be so trusting
    | of people. Its just I don't understand what people gain by infecting
    | total strangers with a virus that just annoys people...they are like
    | date rapists that give you an STD, no better. Seriously... but I was
    | hanging out in places I shouldn't have and doing things I should not
    | have been doing so I have no one to blame but myself. The best thing I
    | can say is I learned a valuable lesson.
    |
    | Thanks for your advice !!
    |

    Right now the major motivation is money. Organized crime such as the Russian Mob is
    actively using malware as a new way to bring in revenue.
     
    David H. Lipman, Feb 14, 2007
    #10
  11. pxyfox2000

    pcbutts1 Guest

    Thanks for the feedback.

    --

    Newsgroup Trolls. Read about mine here http://www.pcbutts1.com/downloads
    The list grows. Leythos the stalker http://www.leythosthestalker.com, David
    H. Lipman, Max M Wachtell III aka What's in a Name?, Fitz,
    Rhonda Lea Kirk, Meat Plow, F Kwatu F, George Orwell



     
    pcbutts1, Feb 15, 2007
    #11
  12. pxyfox2000

    Erik Guest

    And what to think of the American Mob?

    Isn't the USA the biggest spammer in the world?

    Erik.
     
    Erik, Feb 15, 2007
    #12
  13. From: "Erik" <>


    | And what to think of the American Mob?
    |
    | Isn't the USA the biggest spammer in the world?
    |
    | Erik.

    Actually, no.

    Brazil may be the largest source.
     
    David H. Lipman, Feb 15, 2007
    #13
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.