Spyware removal on a different partition

[psychson]

Hi.
My computer got spywares and while trying to get rid of them on SAFE MODE, my computer went nuts. I did not let me get into safemode. So, after asking around I tried a REPAIR, which also put me in the same place, stuck on boot. Then my only option was a parallel XP installation. I did and it worked fine, but now I cannot get into the internet as before and I suspect that whichever spyware was giving me trouble before it still blocking my internet access. I did install XP on a new folder, different partition but same drive letter C:
My question is: If I use a spyware removal, will it remove from the partition the older installation as well or only in the new one ? As I said, everything is in the C:
Thanks.

 

[pechenegs]

Download hijack this from the link below.Please do this. Click here:

http://www.thespykiller.co.uk/files/hijackthis_sfx.exe

to download HijackThis. Click scan and save a logfile, then post it here so
we can take a look at it for you. Don't click fix on anything in hijack this
as most of the files are legitimate.


Member of ASAP Alliance of Security Analysis Professionals

under the name khazars

 

[psychson]

Hi.
Here's my HIJACK LOG

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 23:46:21, on 11/6/2007
Platform: Windows XP (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINXP\System32\smss.exe
C:\WINXP\system32\winlogon.exe
C:\WINXP\system32\services.exe
C:\WINXP\system32\lsass.exe
C:\WINXP\system32\svchost.exe
C:\WINXP\System32\svchost.exe
C:\WINXP\Explorer.EXE
C:\WINXP\system32\spoolsv.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINXP\System32\svchost.exe
E:\HiJackThis_v2.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

http://www.uol.com.br/

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
C:\WINXP\System32\msdxm.ocx
O4 - HKLM\..\Run: [TCASUTIEXE] TCAUDIAG -off
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe"
/background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINXP\System32\CTFMON.EXE
(User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINXP\System32\CTFMON.EXE
(User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINXP\System32\CTFMON.EXE
(User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINXP\System32\CTFMON.EXE
(User 'Default user')
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} -
C:\WINXP\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links -
{c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINXP\web\related.htm
O22 - SharedTaskScheduler: Browseui preloader -
{438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINXP\System32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon -
{8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINXP\System32\browseui.dll

--
End of file - 1676 bytes

 

[TweakMYbox]

Are you able to ping any addresses on the internet? Looks like you might just have a browser hi-jack. After installing XP, were you ever able to get on the internet?

Mike Fegan, MCSE

Read about the best FREE IT tools available, and check out the 'Babe of the Week' at

http://tweakmybox.com

 

[pechenegs]

can you get into the other partition? Can you back up your data?

you would be beset to wipe the C:\ drive and do a clena install and that will give you a clean installation!

There is nothing in your log apart from these two entries, you will also need XpSp2 to stop infections once you connect to the internet or you'll get slammed!


you can fix these!

O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} -
C:\WINXP\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links -
{c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINXP\web\related.htm

Member of ASAP Alliance of Security Analysis Professionals

under the name khazars