Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

plz read my spyware log


  • Please log in to reply
10 replies to this topic

#1 im_no_good_with_computers

im_no_good_with_computers

  • Members
  • 213 posts
  • OFFLINE
  •  
  • Local time:02:17 PM

Posted 02 October 2005 - 06:51 PM

i just recently turned in my hjt log and had bad stuff removed and my comp was said to be safe
although there are still some things that show up on my spyware doctor scanner
i cant romve them b/c i have the free version

Scans (basic information only):

Scan Results:
scan start: 10/2/2005 7:00:11 PM
scan stop: 10/2/2005 7:00:16 PM
scanned items: 471
found items: 0
found and ignored: 0
tools used: General Scanner, Process Scanner, Hosts scanner, LSP Scanner, Registry Scanner, Browser Defaults, Favorites and ZoneMap Scanner, ActiveX Scanner, Browser Activity Scanner, Disk Scanner



Infection Name Location Risk

Scan Results:
scan start: 10/2/2005 7:33:00 PM
scan stop: 10/2/2005 7:43:29 PM
scanned items: 99192
found items: 13
found and ignored: 0
tools used: General Scanner, Process Scanner, Hosts scanner, LSP Scanner, Registry Scanner, Browser Defaults, Favorites and ZoneMap Scanner, ActiveX Scanner, Browser Activity Scanner, Disk Scanner



Infection Name Location Risk
AdDestroyer HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\AdDestroyer Medium
AdDestroyer HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\AdDestroyer## Medium
IBIS Toolbar HKLM\software\microsoft\windows\currentversion\run##viewmgr Medium
Advertising C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\0RYL07GJ\ctrt=4[1] Low
Advertising C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\UTFMT75C\bins=1[1].gif Low
Advertising C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\G567K9YZ\ctrt=4[1] Low
Advertising C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\UTFMT75C\optn=1[1].gif Low
Tracking Cookie(s) C:\Documents and Settings\Owner\Cookies\owner@atwola[1].txt Medium
BookedSpace C:\WINDOWS\cfgmgr52.ini Elevated
Pops Stop C:\Documents and Settings\Default User\Local Settings\Temp\ExtractDLL.dll High
BigTrafficNetwork C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\dkt52.tmp High
BigTrafficNetwork C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\dkt8F.tmp High
Pops Stop C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\ExtractDLL.dll High


Other Sections:

BC AdBot (Login to Remove)

 


#2 pacman123

pacman123

  • Members
  • 63 posts
  • OFFLINE
  •  
  • Local time:01:17 PM

Posted 03 October 2005 - 09:21 AM

Hi you could try Ad-aware and spybot s&d if you don't have them you can down load from here............

Ad-aware..

http://www.lavasoftusa.com/software/adaware/

Spybot...

http://www.safer-networking.org/en/download/

Don't forget to update before scanning........Hope this helps..

#3 im_no_good_with_computers

im_no_good_with_computers
  • Topic Starter

  • Members
  • 213 posts
  • OFFLINE
  •  
  • Local time:02:17 PM

Posted 03 October 2005 - 01:58 PM

thanks i do already have them lol but none of these things ever show up on any scan except for spy doctor
but i know its nothing serious its just remnants of the real stuf that i got rid of

#4 ddeerrff

ddeerrff

    Retired


  • Malware Response Team
  • 2,741 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Upper Midwest, US
  • Local time:12:17 PM

Posted 03 October 2005 - 02:41 PM

Best would be to have Bugbatter reopen that thread and take care of those items for you. Shouldn't be much of a problem.

You can PM Bugbatter and ask to have the thread reopened or if you would prefer I could do it for you.
Derfram
~~~~~~

#5 im_no_good_with_computers

im_no_good_with_computers
  • Topic Starter

  • Members
  • 213 posts
  • OFFLINE
  •  
  • Local time:02:17 PM

Posted 03 October 2005 - 03:26 PM

sure i would love for you to do it for me
wut do you need me to do?

#6 ddeerrff

ddeerrff

    Retired


  • Malware Response Team
  • 2,741 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Upper Midwest, US
  • Local time:12:17 PM

Posted 03 October 2005 - 04:05 PM

First, be assured that none of the items you listed are in any position to cause system problems - they are strictly leftovers from what you had. But we should be able to remove them.


Open Control Panel, then open Internet Options (or from the IE 'tools' menu, select 'Internet Options').

On the General tab, click on "Delete Cookies", then OK. Then click on "Delete Files" and OK.


Configure Windows to enable viewing of Hidden and System files.


Open 'My Computer', then the C: drive:
Navigate to the "C:\WINDOWS\" folder. Find and delete cfgmgr52.ini.

Navigate to "C:\Documents and Settings\Default User\Local Settings\Temp\". Find and delete ExtractDLL.dll.
Navigate to "C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\". Find and delete ExtractDLL.dll, dkt52.tmp, and dkt8F.tmp.


If you still have EWIDO installed, run a full scan with that again, being sure you have it updated first. Then let me know if you had any problems with the above and what if anything Spyware Doctor is still finding.
Derfram
~~~~~~

#7 im_no_good_with_computers

im_no_good_with_computers
  • Topic Starter

  • Members
  • 213 posts
  • OFFLINE
  •  
  • Local time:02:17 PM

Posted 03 October 2005 - 06:16 PM

i went to those folder location and didnt finds the extract all files
but ill run another scan on ewido and sees if it picks it up

#8 ddeerrff

ddeerrff

    Retired


  • Malware Response Team
  • 2,741 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Upper Midwest, US
  • Local time:12:17 PM

Posted 03 October 2005 - 06:24 PM

You shouldn't need to 'extract' any files. Can you get to the specified folders, and when you open them can you find the listed files?
Derfram
~~~~~~

#9 im_no_good_with_computers

im_no_good_with_computers
  • Topic Starter

  • Members
  • 213 posts
  • OFFLINE
  •  
  • Local time:02:17 PM

Posted 03 October 2005 - 07:49 PM

no wut i meant was that i couldnt get the to extractdll.dll lol sorry
i couldnt find them
but i did a scan with ewido it found 81 files so i tracked their location in the log
it took me to the .jpi_cache folders
there i found a crap load of files and compressed zipped folders with the name adcontroller and a whole bunch of other weird names
i deleted al of those and they didnt show up on my next ewido scan
so i guess i did something right idk

#10 ddeerrff

ddeerrff

    Retired


  • Malware Response Team
  • 2,741 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Upper Midwest, US
  • Local time:12:17 PM

Posted 03 October 2005 - 09:59 PM

Is Spyware Doctor still finding anything that you want help getting rid of?
Derfram
~~~~~~

#11 im_no_good_with_computers

im_no_good_with_computers
  • Topic Starter

  • Members
  • 213 posts
  • OFFLINE
  •  
  • Local time:02:17 PM

Posted 04 October 2005 - 01:54 PM

umm no i think im good id dont think that those files should be any trouble
i just wanted to make sure my comp was bak to normal b/c im installing new ram today




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users