Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Spyware


  • Please log in to reply
9 replies to this topic

#1 skeney

skeney

  • Members
  • 98 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Long Island, New York
  • Local time:11:57 PM

Posted 02 June 2008 - 11:19 PM

I have run Ad-aware and Spybot S&D and I still cannot get rid of a pop-up that appears on the bottom right hand corner of the screen that says :

Spyware found and then lists things such as :

istbar.slotch
zangosearchassistant
iMesh.v7

The pop-up does not say what it is called or have a name anywhere. It just randomly pops up and lists different spyware.

Please help me get rid of this. I am not sure what other information to give you.

BC AdBot (Login to Remove)

 


m

#2 DaChew

DaChew

    Visiting Alien


  • BC Advisor
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:07:57 AM

Posted 03 June 2008 - 12:08 PM

assuming you are still running xp would you do a scan and fix with MBAM and post a log

http://www.bleepingcomputer.com/forums/ind...mp;#entry811062
Chewy

No. Try not. Do... or do not. There is no try.

#3 skeney

skeney
  • Topic Starter

  • Members
  • 98 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Long Island, New York
  • Local time:11:57 PM

Posted 03 June 2008 - 07:23 PM

Malwarebytes' Anti-Malware 1.14
Database version: 818

12:21:32 p.m. 4/06/2008
mbam-log-6-4-2008 (12-21-32).txt

Scan type: Quick Scan
Objects scanned: 122794
Time elapsed: 54 minute(s), 51 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 16
Registry Values Infected: 4
Registry Data Items Infected: 0
Folders Infected: 22
Files Infected: 34

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{2eff3cf7-99c1-4c29-bc2b-68e057e22340} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98d9753d-d73b-42d5-8c85-4469cda897ab} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9afb8248-617f-460d-9366-d71cdeda3179} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{a6573479-9075-4a65-98a6-19fd29cf7374} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\DriveCleaner Freeware (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Starware (Adware.Starware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Starware347 (Adware.Starware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Starware349 (Adware.Starware) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Screensavers.com (Adware.Comet) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks\{00a6faf6-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{d49e9d35-254c-4c6a-9d17-95018d228ff5} (Adware.Starware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\&Search\ (Adware.Hotbar) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
C:\Documents and Settings\All Users\Application Data\SalesMonitor (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SalesMonitor\Data (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Maurice Wotton\Application Data\DriveCleaner Freeware (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Documents and Settings\Maurice Wotton\Application Data\DriveCleaner Freeware\Logs (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ann Wotton\Application Data\DriveCleaner Freeware (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ann Wotton\Application Data\DriveCleaner Freeware\Logs (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ann Wotton\Application Data\Starware (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ann Wotton\Application Data\Starware\BrowserSearch (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ann Wotton\Application Data\Starware\ErrorSearch (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ann Wotton\Application Data\Starware\Layouts (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ann Wotton\Application Data\Starware\Manager (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ann Wotton\Application Data\Starware\PopupBlocker (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ann Wotton\Application Data\Starware\Reference (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ann Wotton\Application Data\Starware\RelatedSearch (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ann Wotton\Application Data\Starware\SearchMatch (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ann Wotton\Application Data\Starware\SitePager (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ann Wotton\Application Data\Starware\SmileyTown (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ann Wotton\Application Data\Starware\Toolbar (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ann Wotton\Application Data\Starware\ToolbarLogo (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ann Wotton\Application Data\Starware\ToolbarSearch (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ann Wotton\Application Data\Starware\TravelSearch (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ann Wotton\Application Data\Starware\Weather (Adware.Starware) -> Quarantined and deleted successfully.

Files Infected:
C:\Documents and Settings\Maurice Wotton\Application Data\DriveCleaner Freeware\Logs\update.log (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ann Wotton\Application Data\DriveCleaner Freeware\Logs\update.log (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ann Wotton\Application Data\Starware\BrowserSearch\BrowserSearch.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ann Wotton\Application Data\Starware\BrowserSearch\BrowserSearch.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ann Wotton\Application Data\Starware\ErrorSearch\ErrorSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ann Wotton\Application Data\Starware\ErrorSearch\ErrorSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ann Wotton\Application Data\Starware\Layouts\PreferencesLayout.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ann Wotton\Application Data\Starware\Layouts\PreferencesLayout.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ann Wotton\Application Data\Starware\Layouts\ToolbarLayout.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ann Wotton\Application Data\Starware\Layouts\ToolbarLayout.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ann Wotton\Application Data\Starware\Manager\ManagerOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ann Wotton\Application Data\Starware\Manager\ManagerOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ann Wotton\Application Data\Starware\PopupBlocker\PopupBlockerOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ann Wotton\Application Data\Starware\PopupBlocker\PopupBlockerOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ann Wotton\Application Data\Starware\Reference\ReferenceOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ann Wotton\Application Data\Starware\Reference\ReferenceOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ann Wotton\Application Data\Starware\RelatedSearch\RelatedSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ann Wotton\Application Data\Starware\RelatedSearch\RelatedSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ann Wotton\Application Data\Starware\SearchMatch\SearchMatchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ann Wotton\Application Data\Starware\SearchMatch\SearchMatchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ann Wotton\Application Data\Starware\SitePager\SitePagerOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ann Wotton\Application Data\Starware\SitePager\SitePagerOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ann Wotton\Application Data\Starware\SmileyTown\SmileyTownOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ann Wotton\Application Data\Starware\SmileyTown\SmileyTownOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ann Wotton\Application Data\Starware\Toolbar\TBProductsOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ann Wotton\Application Data\Starware\Toolbar\TBProductsOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ann Wotton\Application Data\Starware\ToolbarLogo\ToolbarLogoOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ann Wotton\Application Data\Starware\ToolbarLogo\ToolbarLogoOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ann Wotton\Application Data\Starware\ToolbarSearch\ToolbarSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ann Wotton\Application Data\Starware\ToolbarSearch\ToolbarSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ann Wotton\Application Data\Starware\TravelSearch\TravelSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ann Wotton\Application Data\Starware\TravelSearch\TravelSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ann Wotton\Application Data\Starware\Weather\WeatherOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ann Wotton\Application Data\Starware\Weather\WeatherOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

#4 DaChew

DaChew

    Visiting Alien


  • BC Advisor
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:07:57 AM

Posted 03 June 2008 - 07:40 PM

http://www.bleepingcomputer.com/forums/ind...st&p=840752

those didn't look too bad

would you run the ATF cleanup and then SAS quick scan

Run both from normal mode

be sure and configure SAS to not start up with windows

Edited by DaChew, 03 June 2008 - 07:41 PM.

Chewy

No. Try not. Do... or do not. There is no try.

#5 skeney

skeney
  • Topic Starter

  • Members
  • 98 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Long Island, New York
  • Local time:11:57 PM

Posted 03 June 2008 - 11:34 PM

SAS Log. Thanks for your help.

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 06/04/2008 at 04:10 PM

Application Version : 4.15.1000

Core Rules Database Version : 3473
Trace Rules Database Version: 1464

Scan type : Complete Scan
Total Scan Time : 02:09:36

Memory items scanned : 314
Memory threats detected : 1
Registry items scanned : 4748
Registry threats detected : 1
File items scanned : 149991
File threats detected : 196

Adware.Avenue Media
C:\PROGRAM FILES\WFSNM\OXZIPHT.EXE
C:\PROGRAM FILES\WFSNM\OXZIPHT.EXE
[Xvpsolm] C:\PROGRAM FILES\WFSNM\OXZIPHT.EXE
C:\WINDOWS\Prefetch\OXZIPHT.EXE-115480E6.pf

Adware.Tracking Cookie
C:\Documents and Settings\Maurice Wotton\Cookies\maurice_wotton@tacoda[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse customer@ad.sensismediasmart.com[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse customer@ads.habbogroup[2].txt
C:\Documents and Settings\DSE Customer\Cookies\dse customer@ads.stardoll[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse customer@ads.xtra.co[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse customer@ads.xtramsn.co[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse customer@adtech[2].txt
C:\Documents and Settings\DSE Customer\Cookies\dse customer@anad.tacoda[2].txt
C:\Documents and Settings\DSE Customer\Cookies\dse customer@apmebf[2].txt
C:\Documents and Settings\DSE Customer\Cookies\dse customer@as-us.falkag[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse customer@atdmt[2].txt
C:\Documents and Settings\DSE Customer\Cookies\dse customer@belnk[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse customer@bfast[2].txt
C:\Documents and Settings\DSE Customer\Cookies\dse customer@bilbo.counted[2].txt
C:\Documents and Settings\DSE Customer\Cookies\dse customer@c.enhance[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse customer@counter.surfcounters[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse customer@cpvfeed[2].txt
C:\Documents and Settings\DSE Customer\Cookies\dse customer@cts.metricsdirect[2].txt
C:\Documents and Settings\DSE Customer\Cookies\dse customer@data2.perf.overture[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse customer@dist.belnk[2].txt
C:\Documents and Settings\DSE Customer\Cookies\dse customer@doubleclick[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse customer@ehg-hitent.hitbox[2].txt
C:\Documents and Settings\DSE Customer\Cookies\dse customer@ehg-nokiafin.hitbox[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse customer@emimusic.122.2o7[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse customer@ez-tracks[2].txt
C:\Documents and Settings\DSE Customer\Cookies\dse customer@eztracks.aavalue[2].txt
C:\Documents and Settings\DSE Customer\Cookies\dse customer@highbeam.122.2o7[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse customer@image.checkmystats.com[2].txt
C:\Documents and Settings\DSE Customer\Cookies\dse customer@kmpads[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse customer@maxis.112.2o7[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse customer@media.forwardnetwork[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse customer@mediaplex[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse customer@perf.overture[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse customer@publishers.clickbooth[2].txt
C:\Documents and Settings\DSE Customer\Cookies\dse customer@revenue[2].txt
C:\Documents and Settings\DSE Customer\Cookies\dse customer@sitestats.tiscali.co[2].txt
C:\Documents and Settings\DSE Customer\Cookies\dse customer@stat.onestat[2].txt
C:\Documents and Settings\DSE Customer\Cookies\dse customer@surfaccuracy[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse customer@winfixer[2].txt
C:\Documents and Settings\DSE Customer\Cookies\dse customer@www.burstbeacon[2].txt
C:\Documents and Settings\DSE Customer\Cookies\dse customer@www.ez-tracks[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse customer@www.findarticles[2].txt
C:\Documents and Settings\DSE Customer\Cookies\dse customer@www.keepmedia[2].txt
C:\Documents and Settings\DSE Customer\Cookies\dse customer@www.screensavers[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse customer@www.starware[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse customer@www.winantiviruspro[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse customer@www.winfixer[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse customer@xiti[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse customer@z1.adserver[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@247realmedia[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@2o7[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@3.adbrite[2].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@4.adbrite[2].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@a.websponsors[2].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@ad.yieldmanager[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@ad.yieldmanager[2].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@ad.zanox[2].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@adbrite[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@adinterax[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@adopt.euroclick[2].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@adopt.hbmediapro[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@adopt.specificclick[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@adrevolver[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@ads.adbrite[2].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@ads.addesktop[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@ads.addynamix[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@ads.apn.co[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@ads.cartoondollemporium[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@ads.gamesbannernet[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@ads.mediamayhemcorp[2].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@ads.pointroll[2].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@ads.revsci[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@ads3.blastro[2].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@adserver.adreactor[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@adserver.matchcraft[2].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@advertising[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@affiliate.budsinc[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@apnonline.112.2o7[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@atwola[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@azjmp[2].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@bluestreak[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@bravenet[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@bs.serving-sys[2].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@burstnet[2].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@care2.112.2o7[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@casalemedia[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@click.cashengines[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@clickbank[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@counter.hitslink[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@cyworld.112.2o7[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@drivecleaner[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@eb.adbureau[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@edge.ru4[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@edufind[2].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@ehg-cheaptickets.hitbox[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@ehg-dig.hitbox[2].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@ehg-gamespot.hitbox[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@ehg-quiksilver.hitbox[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@eyewonder[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@fastclick[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@find-me-a-gift.co[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@gettyimages.122.2o7[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@h.starware[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@haynet.adbureau[2].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@hc2.humanclick[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@hc2.humanclick[3].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@hitbox[2].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@i.screensavers[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@imrworldwide[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@inet-traffic[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@inl.adbureau[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@insightexpressai[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@kanoodle[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@keywordmax[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@kontera[2].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@maxserving[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@media.adrevolver[2].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@mediaonenetwork[2].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@mercury.bravenet[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@metacafe.122.2o7[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@msnaccountservices.112.2o7[2].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@my.starware[2].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@mywebsearch[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@nextag[2].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@overture[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@oz.celebs.tripod[2].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@popularscreensavers[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@precisionclick[2].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@prospect.adbureau[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@questionmarket[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@realmedia[2].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@revsci[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@rocku.adbureau[2].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@screensavers[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@server.iad.liveperson[2].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@server.iad.liveperson[3].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@server.iad.liveperson[4].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@server.koadserver[2].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@serving-sys[2].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@smileycentral[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@specificclick[2].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@starware[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@stat.dealtime[2].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@statcounter[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@stats.crayola[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@stats.drivecleaner[2].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@stats.sellmosoft[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@stats1.reliablestats[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@statse.webtrendslive[2].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@tacoda[2].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@targetnet[2].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@te300.kontera[2].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@teenidols4you[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@tracker.mediatracker.co[2].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@tradedoubler[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@trafficmp[2].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@tribalfusion[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@tripod[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@try.screensavers[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@try.starware[4].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@valueclick[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@viator.122.2o7[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@videoegg.adbureau[2].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@vip2.clickzs[2].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@web4.realtracker[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@weborama[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@winantivirus[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@www.3dstats[2].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@www.anyquestions.co[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@www.burstnet[2].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@www.cibleclick[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@www.drivecleaner[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@www.edufind[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@www.find-me-a-gift.co[2].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@www.googleadservices[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@www.googleadservices[3].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@www.hellasmultimedia[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@www.teenidols4you[2].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@www3.addfreestats[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@www7.addfreestats[1].txt
C:\Documents and Settings\DSE Customer\Cookies\dse_customer@zedo[2].txt
C:\Documents and Settings\Joshua Wotton\Cookies\joshua_wotton@drivecleaner[1].txt
C:\Documents and Settings\Joshua Wotton\Cookies\joshua_wotton@ehg-dig.hitbox[1].txt
C:\Documents and Settings\Joshua Wotton\Cookies\joshua_wotton@mywebsearch[2].txt
C:\Documents and Settings\Joshua Wotton\Cookies\joshua_wotton@starware[1].txt
C:\Documents and Settings\Joshua Wotton\Cookies\joshua_wotton@stats1.reliablestats[1].txt
C:\Documents and Settings\Joshua Wotton\Cookies\joshua_wotton@winantivirus[1].txt

Adware.IST/ISTBar (Slotch Bar)
C:\DOCUMENTS AND SETTINGS\DSE CUSTOMER\LOCAL SETTINGS\TEMP\IINSTALL.EXE

Adware.Starware
C:\DOCUMENTS AND SETTINGS\DSE CUSTOMER\LOCAL SETTINGS\TEMP\TEMP.FR12A2\BIN\STARWARE.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{8AC1587C-A6EF-4158-B643-5130A4392569}\RP782\A0469578.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{8AC1587C-A6EF-4158-B643-5130A4392569}\RP782\A0469581.DLL

Trojan.Smitfraud Variant
C:\DOCUMENTS AND SETTINGS\JOSHUA WOTTON\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\YM1SR57Q\SYSTEMDOCTOR2006FREEINSTALL[1].EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{8AC1587C-A6EF-4158-B643-5130A4392569}\RP785\A0470277.EXE

Trojan.WinAntiSpyware/WinAntiVirus 2006
C:\SYSTEM VOLUME INFORMATION\_RESTORE{8AC1587C-A6EF-4158-B643-5130A4392569}\RP782\A0469848.EXE

#6 DaChew

DaChew

    Visiting Alien


  • BC Advisor
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:07:57 AM

Posted 03 June 2008 - 11:47 PM

looking even better

be sure and reboot

do another quick scan with MBAM please
Chewy

No. Try not. Do... or do not. There is no try.

#7 skeney

skeney
  • Topic Starter

  • Members
  • 98 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Long Island, New York
  • Local time:11:57 PM

Posted 11 June 2008 - 05:20 PM

Before I got a chance, somebody installed Nortons, finally ... which fixed the problem. Thanks !

#8 skeney

skeney
  • Topic Starter

  • Members
  • 98 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Long Island, New York
  • Local time:11:57 PM

Posted 21 June 2008 - 01:33 AM

... apart from now the comp. is sooo slow. (different computer at a different house from my new post about slow computers).

#9 DaChew

DaChew

    Visiting Alien


  • BC Advisor
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:07:57 AM

Posted 21 June 2008 - 04:57 AM

somebody installed Nortons


apart from now the comp. is sooo slow


yes, norton's will slow down a computer considerably

as do a lot of programs that people let load into memory at bootup
Chewy

No. Try not. Do... or do not. There is no try.

#10 skeney

skeney
  • Topic Starter

  • Members
  • 98 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Long Island, New York
  • Local time:11:57 PM

Posted 21 June 2008 - 05:39 PM

Bugger. :thumbsup: Thanks for your help.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users