Windows Legacy OS forum

General discussion

SPYSUBTRACT URL VISITED

by xcks / September 26, 2004 7:25 AM PDT

HOW DO I GET RID OF THESE?

1. Surrogate, dllhost.exe is a known malicious program, also known as "Nachi" or "Welchia"

2. MS DTC console program

3. WORDPAD MFC APPLICATION

Discussion is locked
You are posting a reply to: SPYSUBTRACT URL VISITED
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: SPYSUBTRACT URL VISITED
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Re: Ty the solutions here:
by xcks / September 26, 2004 10:40 AM PDT
In reply to: Ty the solutions here:

Ok, I hope that works. My last 2 posts I have been on a hunt for a nasty bug in my system and no tools have been able to notice what the problem was nor been able to repair the nickle and dime things found.
Really burned my ___ spending hours on end trying to figure out what happened.
Ive been Manually UNCHECKING the READ ONLY files & deleteing away all sorts of stuff. In frustration I UNINSTALLED & DELETED all my commonly used tools even though they were ALL in a UP TO DATE as could be condition.
Which is how I finally figured out WHERE I got this bug at. I simply VIEWED/VISITED microsoft windows update and was getting familure with all the crap about SP2 (even though I havent accepted SP2 yet) and when a person clicks on

ANY HIGHLIGHTED URL PATH TO SPYSUBTRACT

you can kiss yer ... goodbye. Ive tested it 3 times now. ZA Free Version is useless to stop it once the Use Default Allowed IE Access and Generic Host Win32 and Spooler has been activated on an ALWAYS allow basis. Enough said. I just hope this reverse last restore point and the downloading of your suggestion will fix my pc.

Glad you didnt suggest hijack this, thats what started this mess, and Im not to happy about it. I visited Spysubtract and Hijack This over a month ago and didnt even download or use products yet had several of the effects as if I had. Even had a comment stateing I didnt read and follow the instruction's before useing it. I havent done well in replying too my last 2 posts as part of the worm's favorite feature is to follow MY RECENT DOCUMENTS and doing its damage at will to whatever is there. What a nightmare!

Thanks to Everyone in replying! This post and prior ones.

Collapse -
Re: Report said...
by xcks / September 26, 2004 2:39 PM PDT

W32.Welchia.Worm has not been found on your computer.

I did an UNDO of my last restore point then ran tool... I cant believe I am somehow clean once again.

Baffleing.

Popular Forums
icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

The Samsung RF23M8090SG

One of the best French door fridges we've tested

A good-looking fridge with useful features like an auto-filling water pitcher and a temperature-adjustable "FlexZone" drawer. It was a near-flawless performer in our cooling tests.