Acmlm's Board - I2 Archive - Hardware/Software - Browser hijack?
User | Post |
kitty
Posts: 695/2449 |
It's for nvidia drivers. I know it's an odd name and flag, but that's what it is. |
drjayphd
Posts: 186/1477 |
Hrm... there was one I didn't recognize (nwiz.exe /install) and I whacked it, but that's it. When I saw it, I also searched on Google for info on it, if it was something like CoolWebSearch, but nothing turned up. |
kitty
Posts: 674/2449 |
Sounds like it...
What I always do - In safe mode, check the registry under:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Any DLL set to run with rundll32 is either a driver, which you would recognize the name of (like NvCpl.dll, nv = nvidia), a program's dll you put in there (like DeadAIM), or SPYWARE.
Remove EVERYTHING you don't recognize. Neither SpyBot nor Ad-Aware deleted one on Christi's machine, so I installed it on my machine myself and then told her how to get rid of it. Oh, the sacrafices I make! |
drjayphd
Posts: 180/1477 |
So I've been on a bit of a spyware-whacking spree, what with Deanna's comp possibly getting nailed. Go to look for another subbing job (hey, I'm gullible, broke, and desperate) when I get the site's name wrong... and THIS comes up. Is this a hijack? I ran a whois looking for some info, and this is what I got. Running Spybot now, and I think it either got by Ad-aware or happened since I last ran it (a day or two ago). I think I also put up SpywareBlaster as well.
Oh, the browser is Mozilla 1.5. |
|