pernicious virus attack

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
I am running windows xp pro sp2 with all the updates. I am running
antivir.com antivirus.  Every few seconds a window pops up C:\windows
\system32\hgaawv.dll is the trojan horse TR/Spy.CptHooki.2 I get no info
on this virus, any ideas on how I would clean my system?

Re: pernicious virus attack


Quoted text here. Click to load it

yes, NIS



Re: pernicious virus attack

Ted shuffled out of his cave and grunted these great (and sometimes not
so great) words of knowledge:
Quoted text here. Click to load it

Spyware Doctor.  It is slow loading, but it picks up stuff that XoftSpy,
Norton's and others miss.

Re: pernicious virus attack


Quoted text here. Click to load it

Norton misses nothing here..............10 bananas.



Re: pernicious virus attack


| I am running windows xp pro sp2 with all the updates. I am running
| antivir.com antivirus.  Every few seconds a window pops up C:\windows
| \system32\hgaawv.dll is the trojan horse TR/Spy.CptHooki.2 I get no info
| on this virus, any ideas on how I would clean my system?

First, it is NOT a virus it is a Trojan.

Chances are it is a Conhook type Trojan.
Look in the below area of the Registry...
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify

Look for a a key theat loads;  hgaawv.dll  and see if you can delete that key.

If not (it is a protected key) then boot into the Recovery Console.
Logon as administrator
Delete;  C:\windows\system32\hgaawv.dll
Reboot into Normal Mode then delete the key under the Winlogon\Notify

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm



Site Timeline