Has anyone encountered Spyware.Apropos.C in Windows 2000 Professional? My Symantec program has found it in my system and says it has to be removed manually. It is an overwhelming process to try and find all the values it adds to the registry! Any suggestions on what to do?

You did not post the Ewido log


Fix these with HJT mark them, close IE, click fix checked

O4 - HKLM\..\Run: [Task service] taskmgs.exe

O4 - HKLM\..\Run: [ecsiin] c:\ecsiin.stub.exe

O4 - HKLM\..\Run: [0kg00fu4.dll] RUNDLL32.EXE 0kg00fu4.dll,b 830484

O4 - HKLM\..\RunServices: [Task service] taskmgs.exe

O4 - HKCU\..\Run: [Task service] taskmgs.exe

O20 - Winlogon Notify: ExtShellViews - C:\WINNT\system32\dhcprop2.dll (file missing)


START RUN type in %temp% OK - Edit Select all File Delete

Delete everything in the C:\Windows\Temp folder or C:\WINNT\temp

Empty the recycle bin
Boot and post a new log from normal NOT safe mode

Please give feedback on what worked/didnt work and the current status of your system

Hi..check link..
http://securityresponse.symantec.com...apropos.c.html
Run a Hijack this log..let log experts take a look..link below..
D/load..install in C:\ program file..scan and save logfile..it will open in notepad..
Click edit>select all>edit>copy>paste on your thread..

You may want to print out these instructions for reference, since you will have to restart your computer during the fix.

Please download AproposFix from here:
http://swandog46.geekstogo.com/aproposfix.exe

Save it to your desktop but do NOT run it yet.

Then please reboot your computer in Safe Mode by doing the following:
1) Restart your computer
2) After hearing your computer beep once during startup, but before the Windows icon appears, press F8.
3) Instead of Windows loading as normal, a menu should appear
4) Select the first option, to run Windows in Safe Mode.


Once in Safe Mode, please double-click aproposfix.exe and unzip it to the desktop. Open the aproposfix folder on your desktop and run RunThis.bat. Follow the prompts.

When the tool is finished, please reboot back into normal mode, and post a new HijackThis log, along with the entire contents of the log.txt file in the aproposfix folder.
==================
Download the trial version of Ewido Security Suite http://www.ewido.net/en/download/ (W2K/XP Only)
Install ewido.
During the installation, under "Additional Options" uncheck "Install background guard" and "Install scan via context menu".
Launch ewido
It will prompt you to update click the OK button and it will go to the main screen
On the left side of the main screen click update
Click on Start and let it update.
DO NOT run a scan yet. You will do that later in safe mode.

Restart your computer into safe mode now. Perform the following steps in safe mode:
(Start tapping F8 at the first black screen after power up)

Run Ewido:
Click on scanner
Click Complete System Scan and the scan will begin.
During the scan it will prompt you to clean files, click OK
When the scan is finished, look at the bottom of the screen and click the Save report button.
Save the report to your C: Drive
This will take some time to run!
Boot to normal mode
Post that log and a new HiJack log
==========
Get HiJack This V1.99.1 http://thespykiller.co.uk/files/hijackthis_sfx.exe - double click the DL file and click UNZIP letting it extract to its default folder C:\Program FIles\HiJackThis, run it from there, DO NOT fix anything, post the log here.

Here are my logfiles.

Thank you.