Hey guys, wow this is a long thread wink1.gif
It's all good

Anyway, when I got all this CRAP on here, it WAS a fresh install.
Didn't go to any porn sites or freeware or whatever. Just installed XP, plugged her in to go online and update, and WHAM!!! All this crap just kept popping up. Went into the taskman, and realized I was being invaded. And I was just gonna re-install AGAIN eyeroll.gif But I figure'd like Casper said, there might be an easy way. Got rid of everything except for some little traces (ones you saw in the HijackThis report) and that DAMN Wstcl.exe Malware. WHICH IS A PITA. As random stated from the report / info on that malware



Anyway, that's where I was. I was like WTF, new install (yes formatted from the get go) and I get this JUST as SOON AS I GO TO GET SP1.
SO, F it! I reformated AGAIN after all that crap I tried yesterday. And now it's not hooked up to the net just yet. I grabbed SP1 from my cpu (I'm on it now) burnt it and installed that plus some spy sweeper and adaware onto the laptop.
Currently Dnloading SP2 right now and then will burn and install that, and then finally gonna plug her in and see what happens.

Thanks for all your guys' help on this.
I'm not a NEWB to this stuff, just was flabergasted (I can't spell either) at all the crap I got from a fresh install, by just going to MS and getting SP1. First time this happened to me. I thought that this was just gonna take me a few hours to get this damn laptop back to OEM Spec with some protection but NOOOOOOOOO. F'n hell! smile.gif
Anyway,... will keep you posted
laugh.gif:


EDIT: Didn't feel like a double post
So, anyway, as I was dnloading SP2, figure I run a hijackThis scan, just to see if anything was fishy,... well, well, well,... what do I find. IT's F'N BACK! :firedevil
WTF, it was running a little slow, so I was kinda suspicious. But instead of "wstcl.exe" this time it named itself "wcslt.exe" Cot damn! Anyway, it's still attached to the service "*Microsoft Update"

Anyway, off to regedit I go,... ahhh good old Regedit. Got rid of it.
Rebooted ran hiJackThis again, no instances. So I'm installing SP2 now.

Update in a bit

 

not if you have the xp /w sp2 cd!!! laugh.gif: anyways I only suggested it if it was really bad. most people let there pc's become inoperable with virus's/spyware before they bring em into the shop.


anyways kayjai, are you not behind a firewall??? dang man, if you can start up xp without getting infected thats pretty bad, what isp are you on? I've got an old netgear here I'll sell yah for like 20 bucks. that should help out in that regard.

 

Was the copy in Run Once? Thats usually where it replicates from.

 

You also have another option. Submit that file to Symantec/Norton and Network Associates/McAffee.

They will then play with the virus and add defs for it, and hopefully a removal tool

 

Ok, update for everyone

Thanks for everyone's help!!! God I love this forum!
Anyway,... it had nothing to do with the laptop or the win xp install. The restore cds were clean. I even manually formatted and it came back,....
Nothing seemed to stop it from coming onto the computer once I plugged it into the net,....
UNTIL,... a buddy of mine suggest I turn off "file and print sharing" in the Network settings. Anyway, on a fresh XP install (No SP1, SP2 with the Windows firewall, or any firewall for that matter) turn file and print sharing off, before connecting to the net.
I also installed Zone Alarm firewall just to see if it would go off and pick up anything. But NOTHING! It was quiet and only normal traffic.
Zone Alarm was quiet, as well as my spy sweeper.
I plugged her in to the net, while I installed the software I needed to install. As well as SP1 and SP2 updates. Once SP2 was installed, I nuked Zone Alarm because the SP2 firewall is good enough for now.
So I left file and print sharing off for now. She doesn't really need it anyway.

Anyway, after all was said and done, with the updates and all the software I needed back on the Cpu. I surfed for a bit, tried to come here but RD was down! 02.gif
But yeah, plugged the laptop into the net for a few hours and no pop ups, spy ware, etc came in.

Unlike before when just as soon as I plugged it into the net, BAM! My traffic lights would go mad! And my Spy Sweeper would come up with so many alerts. And it got rid of everything except for that one cot damn malware.
And I thought I got rid of it by going into good ol regedit, but it just kept replicating itself. I could be in Regedit till the cows come home trying to nuke it and it'd still be there.

Anyway, it's gone now, and she's protected from most of what's on the net.
smile.gif
Ran a HiJackThis report afterwards, an adaware report and swept it with spy software and everything looked tickety boo! smile.gif

 

You canadians talk funny.

Glad U got it working finally. File/print sharing shouldn't have caused that much network traffic though, unless one of the other machines on the same network segment is infected, and listening/transmitting on those ports.

 

Wouldve been nice to tell us she was on a network ;/

 

I wasn't / Am not on a network
It was just a Cable modem I plugged it directly into.

And yeah, Random, who would of guess. That would of been the LAST place I look to trouble shoot. But yeah your should of seen it. It was mental, so much traffic once I plugged it in.
Maybe my IP was being targetted,.. I dunno. I have a firewall on my W2K machine at home, so I dunno,...