Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Frustrated And Out Of Ideas


  • Please log in to reply
5 replies to this topic

#1 crayondawg

crayondawg

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:03:49 PM

Posted 29 January 2008 - 11:01 PM

After spending the last 48+ hours working on trying to clean my PC, I seem to have narrowed my problems down to a reoccuring W32.Trats!inf and virtumonde/vundo issue. I had been doing a good job of keeping my computer safe and clean (as well as any PC CAN at least) or that's what I thought, anyway.

I had some friends using my computer more and more recently (I purchased a macbook pro so i've been on that mostly) and now things are all messed up.

I've been researching what I could, but I can't seem to kill the problems off

Please help in anyway possible. I have no idea where to start

Thanks

-Jeff

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,912 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:49 PM

Posted 30 January 2008 - 12:05 AM

Hi Jeff and welcome. If this infection is in the windows machine please do this.
NOTE: all blue wording are links to instructions/tools.

First you will need to follow the instructions in our Tutorial
How To Remove Vundo/Winfixer Infection

Now Download Attribune's ATF Cleaner and then SUPERAntiSpyware , Free Home Version. Save both to desktop ..
DO NOT run yet.
Open SUPER from icon and install and Update it
Under Scanner Options make sure the following are checked (leave all others unchecked):
Close browsers before scanning.
Scan for tracking cookies.
Terminate memory threats before quarantining
.
Click the "Close" button to leave the control center screen and exit the program.
DO NOT run yet.

Now reboot into Safe Mode: How to start Windows in Safe Mode
Double-click ATF-Cleaner.exe to run the program.
Under Main "Select Files to Delete" choose: Select All.
Click the Empty Selected button.
If you use Firefox or the Opera browser click that browser at the top and choose: Select All
Click the Empty Selected button.
If you would like to keep your saved passwords, please click No at the prompt.

Click Exit on the Main menu to close the program.

NOW Scan with SUPER
Open from the desktop icon or the program Files list
On the left, make sure you check C:\Fixed Drive.
Perform a Complete scan. After scan,Verify they are all checked.
Click OK on the summary screen to quarantine all found items.
If asked if you want to reboot, click "Yes" and reboot normally.

To retrieve the removal information after reboot, launch SUPERAntispyware again.
Click Preferences, then click the Statistics/Logs tab.
Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
If there are several logs, click the current dated log and press View log.
A text file will open in your default text editor.
Please copy and paste the Scan Log results in your next reply.
Click Close to exit the program.

Please ask any needed questions,post back the log and Let us know how the PC is working now.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 crayondawg

crayondawg
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:03:49 PM

Posted 30 January 2008 - 09:39 AM

Okay here is the log. The computer seems to be running MUCH better though slower at start-up (which i think is because of the now 90000000000 anti-spyware programs i've downloaded trying to kill this thing :thumbsup: ))

Anyway, not sure what else I should do to make sure this thing stays away, so let me know

Thank you sooooo much



SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 01/30/2008 at 08:26 AM

Application Version : 3.9.1008

Core Rules Database Version : 3391
Trace Rules Database Version: 1383

Scan type : Complete Scan
Total Scan Time : 06:02:29

Memory items scanned : 178
Memory threats detected : 0
Registry items scanned : 5937
Registry threats detected : 6
File items scanned : 215132
File threats detected : 270

Trojan.WinFixer
HKLM\Software\Classes\CLSID\{9EA185E7-2474-406B-A9C4-1C87BCED25F4}
HKCR\CLSID\{9EA185E7-2474-406B-A9C4-1C87BCED25F4}
HKCR\CLSID\{9EA185E7-2474-406B-A9C4-1C87BCED25F4}\InprocServer32
HKCR\CLSID\{9EA185E7-2474-406B-A9C4-1C87BCED25F4}\InprocServer32#ThreadingModel
C:\WINDOWS\SYSTEM32\JKKLL.DLL
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9EA185E7-2474-406B-A9C4-1C87BCED25F4}

Unclassified.Unknown Origin
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks#{6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C}

Adware.MyWay
C:\Program Files\MyWay

Adware.Vundo Variant/Rel
C:\WINDOWS\SYSTEM32\LLKKJ.INI
C:\WINDOWS\SYSTEM32\LLKKJ.INI2

Adware.Vundo-Variant/Small-A
C:\WINDOWS\SYSTEM32\EKJVJVLT.DLL
C:\WINDOWS\SYSTEM32\SBXYWWXS.DLL

Adware.AdSponsor/ISM
C:\PROGRAM FILES\QDRDRIVE\QDRDRIVE10.DLL
C:\DOCUMENTS AND SETTINGS\BOB HANSEN\LOCAL SETTINGS\TEMP\TMP6F.TMP
C:\DOCUMENTS AND SETTINGS\BOB HANSEN\LOCAL SETTINGS\TEMP\TMP71.TMP

Adware.Tracking Cookie
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@edge.ru4[2].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@mediamgr.ugo[2].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@z1.adserver[2].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@fortunecity[2].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@www.clickedyclick[2].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@www.riverbelle[2].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@ads.specificclick[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@focalex[2].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@qksrv[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@gostats[2].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@servedby.advertising[2].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@trafficmp[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@www.entrepreneur[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@adserv.internetfuel[2].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@realmedia[2].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@atwola[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@advertising[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@atdmt[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@fastclick[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@targetnet[2].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@ads.specificpop[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@zedo[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@adserv[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@valueclick[2].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@hitbox[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@focalex[3].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@nextag[4].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@www10.paypopup[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@www4.paypopup[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@www5.paypopup[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@adv.virgilio[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@qksrv[3].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@valueclick[3].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@mediamgr.ugo[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@mediaplex[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@edge.ru4[3].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@ads.x10[2].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@edge.ru4[5].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@1.primaryads[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@z1.adserver[3].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@www.tpnadvertise[2].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@rightmedia[4].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@overture[2].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@teentvmovies.about[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@commission-junction[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@linksynergy[2].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@a.as-us.falkag[2].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@windowsmedia[3].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@specificpop[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@hitbox[2].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@trafficmp[2].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@fastclick[3].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@hitbox[5].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@www.realcastmedia[2].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@clicks.emarketmakers[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@metareward[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@www1.paypopup[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@bannerspace[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@maxserving[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@rightmedia[2].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@www2.paypopup[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@ehg-foxsports.hitbox[2].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@okcounter[2].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@a.websponsors[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@ads.track[2].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@realmedia[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@bs.serving-sys[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@www6.paypopup[2].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@targetnet[3].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@windowsmedia[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@ads.monster[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@2o7[2].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@www.clickhype[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@http201.edge.ru4[2].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@atwola[2].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@hg1.hitbox[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@hc2.humanclick[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@web4.realtracker[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@ads.specificpop[2].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@ehg-aol.hitbox[2].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@dst.trafficsyndicate[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@ads.flooble[2].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@ehg-dig.hitbox[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@serving-sys[2].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@zedo[3].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@c5.zedo[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@nextag[2].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@mediamgr.ugo[3].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@perf.overture[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@banner[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@www.entrepreneur[2].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@valueclick[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@stat.onestat[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@as-us.falkag[2].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@burstnet[2].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@www.burstbeacon[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@apmebf[2].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@ehg-foxsports.hitbox[3].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@versiontracker[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@servedby.advertising[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@c.enhance[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@qksrv[5].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@www.ppctracking[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@2o7[4].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@mediaplayer[2].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@ehg-mtv.hitbox[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@stats[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@ads.as4x.tmcs[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@adknowledge[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@ads.x10[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@creativeby.viewpoint[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@citi.bridgetrack[2].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@windowsmedia[2].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@zedo[2].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@rightmedia[3].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@edge.ru4[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@www.upstandingbleepingcitizens[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@partner2profit[2].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@ehg-tickleinc.hitbox[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@hitbox[4].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@ehg-newegg.hitbox[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@z1.adserver[4].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@ads.jackpot[2].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@casalemedia[2].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@ads.pointroll[2].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@fortunecity[3].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@2o7[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@advertising[3].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@questionmarket[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@bluestreak[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@ww3.shoshkeles[2].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@burstnet[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@adserver.mmoguru[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@ehg-foxsports.hitbox[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@mediaplex[3].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@questionmarket[2].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@linksynergy[3].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@commission-junction[3].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@trafficmp[4].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@edge.ru4[4].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@media.perfettomedia[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@casalemedia[3].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@realmedia[4].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@valueclick[6].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@valueclick[4].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@2o7[3].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@qksrv[4].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@atwola[4].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@fastclick[2].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@z1.adserver[5].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@z1.adserver[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@servedby.advertising[3].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@ad.yieldmanager[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@advertising[4].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@nextag[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@tribalfusion[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@ehg-shoes.hitbox[2].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@edge.ru4[7].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@msnportal.112.2o7[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@advertising[5].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@ad.yieldmanager[3].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@trafficmp[3].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@realmedia[3].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@casalemedia[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@2o7[6].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@tribalfusion[2].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@atwola[5].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@zedo[5].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@www.burstbeacon[2].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@icc.intellisrv[2].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@tradedoubler[2].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@ads.bridgetrack[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@ads.pno[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@planetout.122.2o7[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@revenue[2].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@media.adrevolver[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@ehg-publiciswest.hitbox[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@hitbox[3].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@adrevolver[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@z1.adserver[6].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@chicagosuntimes.122.2o7[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@dist.belnk[3].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@edge.ru4[6].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@nextag[3].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@ads.addynamix[2].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@adopt.euroclick[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@ads.incgamers[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@a.websponsors[3].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@counter4.sextracker[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@anat.tacoda[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@adknowledge[3].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@partner2profit[3].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@clickability[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@revsci[2].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@adecn[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@tracker.myspacemaps[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@data1.perf.overture[2].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@adrevolver[4].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@sextracker[2].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@anad.tacoda[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@tacoda[2].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@admarketplace[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@e-2dj6whkiegdpcaq.stats.esomniture[2].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@stats[2].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@atdmt[2].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@e-2dj6wjmiwpazkgo.stats.esomniture[2].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@ad.specificmedia[2].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@ad2.adecn[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@sportsad.adbureau[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@atwola[6].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@hisfirstgaysex[2].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@bluestreak[2].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@BeloteEnterprises[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@ehg-airtran.hitbox[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@servedby.advertising[4].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@realmedia[6].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@doubleclick[2].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@statse.webtrendslive[2].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@c5.zedo[2].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@adopt.specificclick[2].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@ad.yieldmanager[2].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@ads.adcorps[2].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@questionmarket[4].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@ehg-hollywoodmedia.hitbox[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@dist.belnk[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@belnk[2].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@ath.belnk[2].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@adinterax[2].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@zedo[4].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@fortunecity[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@as-us.falkag[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@maxserving[2].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@statcounter[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@fastclick[5].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@2o7[5].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@powellsbooks.122.2o7[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@casalemedia[4].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@interclick[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@ads.addynamix[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@cbs.112.2o7[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@reduxads.valuead[2].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@bs.serving-sys[3].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@questionmarket[3].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@z1.adserver[7].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@overture[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@adbrite[2].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@serving-sys[3].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@ehg-dig.hitbox[2].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@ads.pointroll[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@youtube.112.2o7[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@advertising[2].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@ehg-globalgamingleague.hitbox[2].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@apmebf[3].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@qksrv[6].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@fastclick[4].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@www.burstnet[2].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@try.starware[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@h.starware[1].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@adrevolver[2].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@trafficmp[6].txt
C:\Documents and Settings\Bob Hansen\Local Settings\Temp\Cookies\bob hansen@adopt.specificclick[3].txt

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,912 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:49 PM

Posted 30 January 2008 - 10:26 AM

Nice work !! Well if the popups and troubles are gone,then just a couple things left to do.
Keep one anti virus program and 2-3 anyispywares,one firewall. You can ask me which from your list.
Have you defragmented your Hard drive recently?
To prevent reinfection by accidentally restoring to a previuos infected state,Make all new restore points.

The easiest and safest way to do this is:
Go to Start > Programs > Accessories > System Tools and click "System Restore".
Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name, then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
Then use Disk Cleanup to remove all but the most recently created Restore Point.
Go to Start > Run and type: Cleanmgr
Click "OK".
Click the "More Options" Tab.
Click "Clean Up" in the System Restore section to remove all previous restore points except the newly created one.

Next Please read the following:
How Did I Get Infected?

Suggested Safe Practices

Best Practices - Internet Safety For 2008

Slow Computer?,
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 crayondawg

crayondawg
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:03:49 PM

Posted 30 January 2008 - 03:49 PM

Right now I have the following:

Anti Virus: Norton and AVG

Anti-Spyware: SpyBot: Search & Destroy, Ad-Aware 2007, SpyHunter 3, SuperAntiSpyware

I think I'm just gonna do Norton, and then S&D, SAS for sure. I know a lot of people are high on Ad-Aware, but it didn't seem to pick as many things up/eliminate as many problems. And so I don't know if I should keep it or not. Spy Hunter holds a special place in my heart if only because it caught the VUNDO.Trojan before any of my programs had at the time. (This was before S&D or SAS, though)

Maybe just the two?

Let me know because I'm pretty dumb with this stuff

-jeff

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,912 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:49 PM

Posted 30 January 2008 - 04:37 PM

Anti Virus: Norton and AVG

Running 2 Av will slow things down and they will conflict with each other. They will forever keep reading each others virus lists as new malware and get stuck.

Anti-Spyware: SpyBot: Search & Destroy, Ad-Aware 2007, SpyHunter 3, SuperAntiSpyware


I think I'm just gonna do Norton, and then S&D, SAS for sure. I know a lot of people are high on Ad-Aware, but it didn't seem to pick as many things up/eliminate as many problems. And so I don't know if I should keep it or not. Spy Hunter holds a special place in my heart if only because it caught the VUNDO.Trojan before any of my programs had at the time. (This was before S&D or SAS, though)


AVG is free and an excellent toll,also uses less system resources. SAS is probably the bst thing out there. It will catch All the Vunndo 's and the like.
I guess the hitch is the free programs Must be Manually updated at least weekly. I personlly purchased the SAS and it has realtime (active protection).
One other good tool to install is Spyware blaster,keeps the spyware from ever installing. Look the this listFreeware Replacements

Ask if you need more help.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users