Re: A little help please...
- From: Malke <notreally@xxxxxxxxxxxxxxx>
- Date: Sat, 11 Feb 2006 10:43:46 -0800
Tom B. wrote:
I was seriously hijacked and thoroughly infected with countless
viruses, spyware, malware, adware etc... It was a mess, but it was my
own fault. I clicked on something I shouldn't have. Fortunately I have
a large arsenal of anti-spyware and virus scans at my disposal. It
took the better part of an evening to run all these processes (which I
will describe in detail) and really got things under control. I'm
probably back up to 90% now, but still have a nagging popup problem,
which I normally NEVER, EVER have due to good maintenance and two good
popup blockers. I'm running Windows XP Home, 384 RAM, SP1, Pentium 4.
I updated the following software updates online first, then proceeded
to run them in Safe Mode because the takeover wouldn't allow me to run
them online. First, I ran Ad-Aware SE. Found total (spyware, cookies,
etc..) 128 entries deleted.
Second, I ran my service provider's SBC Yahoo Online Protection (a
very decent scan) which found maybe 20 entries and deleted.
Then ran Spybot. Approx 16 entries and removed.
Next I ran what is probably the greatest scan I've ever encontered:
David Lipman's SmitFraud.exe. This thing is POWERFUL. It found about
30 viruses and over 50 possible spyware, all removed. (Lots of
surfside spyware.) Turned off System Restore temporarily and rebooted
to permanently remove everything from Backup Files. Turned Restore
back on. Ran Ad-Aware SE again (14 entries), SBC Yahoo scan (about 15
entries) again, and SmitFraud.exe again (one more spyware entry). All
found more nagging spyware.
Also ran Trend Micro scan (approx 15-20 entries), and the new great
scan I have on Trial called ewido. Excellent. (Another 20 or so
entries.)
Also, during the takeover, various evil software was downloaded to my
system. There are two icons on my desktop yet, but they are not
located in Add or Remove Programs. They are:
A colorful interlocking logo icon named MS DOS and the software is
named freeprodtb.
The second is called TagASaurus.exe with red logo that says TAG.
There is a third program located in Add or Remove Programs called
Uninstall Aze Bar. When I click on Remove, nothing happens.
How do I get rid of this software? regedit perhaps?
I still have some relentless popups that are plaguing me. The title
bar usually has ad.firstadsolutions or something along those lines and
ad.admarketplace if that's helpful. What do you suggest I use to
ultimately get rid of the last of this spyware?
I tried to be as thorough as possible. Any help would be greatly
appreciated. Thanks.
Tom
Run HijackThis and post your log to one of the following forums (not
here, please):
http://www.aumha.org/a/hjttutor.htm - HijackThis tutorial by Merijn
http://www.bleepingcomputer.com/forums/index.php?showtutorial=42 -
another tutorial
http://aumha.net/viewforum.php?f=30
http://castlecops.com/forum67.html
http://spywarewarrior.com/viewforum.php?f=5 - Spyware Warrior HijackThis
forum
http://www.wilderssecurity.com/
http://forums.tomcoyote.org/
Malke
--
Elephant Boy Computers
www.elephantboycomputers.com
"Don't Panic!"
MS-MVP Windows - Shell/User
.
- Follow-Ups:
- Re: A little help please...
- From: Tom B.
- Re: A little help please...
- Prev by Date: How to reset a Domain Account password ?
- Next by Date: Re: Allow "Users" group to create or disconnect a Local Area Conne
- Previous by thread: How to reset a Domain Account password ?
- Next by thread: Re: A little help please...
- Index(es):
Relevant Pages
|
