Got Something and Can't Get Rid of IT!

[jqwhite]

I live in a house with a couple of people who use my computer. We all know where this is going. Somebody did something and now I have been spending the last two days cleaning out the reg and run adware. Yet one thing is still left. If I run S&D I get 7 errors that come up. All of which are titled "Windows Security Center:______"
The blank is filled with firewalloveride, sp2update, firewalldisable, anti-virusoveride, anti virusdisable etc. Has anyone had these? If I try to delete them and rund S&D again they show up. Even more upsetting in the control panal under the firewall setting it is set to off, and the entire window is greyed out. I cannot turn it back on. Another thing that comes up is "Command Service" which will also refused to be deleted. Any info on these errors and away to fix??!?!?!? Anti virus is "Antivir PE" and this has been run and updated, Reg had been fixed with "Hijack this" and cleaned with "amust" and lastly Ad-SE cannot even finish when run it become Not responding about halfway through the scan.
:eek:

[SpeedDMN]

humm lord only knows. I do not use registry cleaners as I think they cause more problems then they solve. I would first try a system restore to try to go back to when it worked. Also find the exact files that are causing the errors (probably the virus itself) and manually delete them by burrowing to their exact location. If it will not delete which it probably wont try to get it in safemode. I have gotten rid of infected files by quickly deleteing before windows was all the way up. This is one of the reasons NO ONE touches my precious rig. If all else fails there is always the dreaded format. Hope it doesn't come to that for you. Good luck

[Moop]

There is a good explanation of your errors here.
:wave2:
http://forums.spybot.info/showthread.php?t=75

[Terry Reynolds]

Quote:

Originally Posted by jqwhite

I live in a house with a couple of people who use my computer. We all know where this is going. ...

What you have here is a "Shared Computer Environment". Once you get things cleaned up, take a look at:

http://www.abxzone.com/abx_reviews/t...rticle_p1.html

This is a review of one specific product, and it may seem a bit of a challenge to set up for normal use, but I tried to cover all the more common set-up instructions. Several similar products are listed (and commented on) at the end. Some of these may be a bit less secure, but more flexible and easier for you to set up. I know what my choice was. ...

I also like to keep an image of the system drive between installations of new programs.

[jqwhite]

Thanxs
Found out what it is. Seems to be an adware program called "cmdservice!" It burries itself in your reg under controlsystem001-003. It cannot be removed by manually deleting it or using SE or S&D. Must use Hijack This and a list of current process running to track it down and delete. This program also turns off your firewall setting (sp2) and will not allow you to turn it back on without editing your group policy (gpedit.msc) even with only one computer user! I just thought that I would share this info if anyone else encounters it. Still working on it!

[jqwhite]

This also supplies an idea for maybe a new forum topic, where users can post there Hijack logs and current processes allowing member who are knowing of this, help out others, by reviewing and offering corrections.