LFF Posted April 10, 2009 Report Share Posted April 10, 2009 Well, I got this wonderful virus that offers me free shit! The PITA, is that it launches iexplorer and when it does, my computer just freezes because it takes too long to process the request from the adware virus. If I am listening to music, the music stops and resumes 7 - 15 minutes later. Bringing up task manager to shut the damn thing down takes 5 minutes by itself. Any suggestions on how to get rid of this annoying adware? Quote Link to comment Share on other sites More sharing options...
tkam Posted April 10, 2009 Report Share Posted April 10, 2009 Get spybot search & destroy here: The home of Spybot-S&D! and for free anti-virus software: Free antivirus - Avira AntiVir Quote Link to comment Share on other sites More sharing options...
LFF Posted April 10, 2009 Author Report Share Posted April 10, 2009 Thanks! I'll give it a shot. Quote Link to comment Share on other sites More sharing options...
Asr Posted April 10, 2009 Report Share Posted April 10, 2009 Install HijackThis and post your log, I might be able to tell you what you have, and to what extent you're infected, and possibly how to remove it - but I won't guarantee that it can be removed easily. Quote Link to comment Share on other sites More sharing options...
Duggeh Posted April 10, 2009 Report Share Posted April 10, 2009 Spybot for spyware and AVG Free for antivirus are my apps of choice. Quote Link to comment Share on other sites More sharing options...
strid3r Posted April 10, 2009 Report Share Posted April 10, 2009 Although Spybot used to be a great program, I think it has been going downhill for the past couple years. Although it has a corny name, I've had a really good experience using SuperAntiSpyware: SUPERAntiSpyware.com - AntiAdware, AntiSpyware, AntiMalware! For antivirus, I would recommend Avast or Avira AntiVir. Quote Link to comment Share on other sites More sharing options...
LFF Posted April 10, 2009 Author Report Share Posted April 10, 2009 Install HijackThis and post your log, I might be able to tell you what you have, and to what extent you're infected, and possibly how to remove it - but I won't guarantee that it can be removed easily. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 10:54:12 AM, on 4/10/2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\emaudsv.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\CyberLink\Shared files\RichVideo.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\MsPMSPSv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\WgaTray.exe C:\Program Files\PowerISO\PWRISOVM.EXE C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe C:\Program Files\Microsoft IntelliType Pro\itype.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\QuickTime\QTTask.exe C:\Program Files\iTunes\iTunesHelper.exe H:\Downloads\DSS\DSS4DRU.exe C:\Program Files\Chameleon Clock\ChamClock.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Documents and Settings\Luis\Application Data\nidle\nidle.exe C:\Documents and Settings\Luis\Application Data\Twain\Twain.exe C:\Documents and Settings\Luis\Application Data\digifast\digifast.exe C:\Documents and Settings\Luis\Application Data\Microsoft\Windows\sxxxxr.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Microtek\ScanWizard 5\ScannerFinder.exe C:\Program Files\MagicDisc\MagicDisc.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\foobar2000\foobar2000.exe C:\Program Files\Adobe\Adobe Audition 3.0\Audition.exe C:\WINDOWS\system32\calc.exe C:\WINDOWS\system32\taskmgr.exe C:\Program Files\iTunes\iTunes.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceHelper.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\distnoted.exe C:\Program Files\MP3 Compressor\MP3Comp.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Head-Case.org R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O1 - Hosts: 72.51.46.19 albert.apple.com O1 - Hosts: 72.51.46.19 albert.apple.com O1 - Hosts: 72.51.46.19 albert.apple.com O1 - Hosts: 72.51.46.19 albert.apple.com O1 - Hosts: 72.51.46.19 albert.apple.com O1 - Hosts: 72.51.46.19 albert.apple.com O1 - Hosts: 72.51.46.19 albert.apple.com O1 - Hosts: 72.51.46.19 albert.apple.com O1 - Hosts: 72.51.46.19 albert.apple.com O1 - Hosts: 72.51.46.19 albert.apple.com O1 - Hosts: 72.51.46.19 albert.apple.com O1 - Hosts: 72.51.46.19 albert.apple.com O1 - Hosts: 72.51.46.19 albert.apple.com O1 - Hosts: 72.51.46.19 albert.apple.com O1 - Hosts: 72.51.46.19 albert.apple.com O1 - Hosts: 72.51.46.19 albert.apple.com O1 - Hosts: 72.51.46.19 albert.apple.com O1 - Hosts: 72.51.46.19 albert.apple.com O1 - Hosts: 72.51.46.19 albert.apple.com O1 - Hosts: 72.51.46.19 albert.apple.com O1 - Hosts: 72.51.46.19 albert.apple.com O1 - Hosts: 72.51.46.19 albert.apple.com O1 - Hosts: 72.51.46.19 albert.apple.com O1 - Hosts: 72.51.46.19 albert.apple.com O1 - Hosts: 72.51.46.19 albert.apple.com O1 - Hosts: 72.51.46.19 albert.apple.com O1 - Hosts: 72.51.46.19 albert.apple.com O1 - Hosts: 72.51.46.19 albert.apple.com O1 - Hosts: 72.51.46.19 albert.apple.com O1 - Hosts: 72.51.46.19 albert.apple.com O1 - Hosts: 72.51.46.19 albert.apple.com O1 - Hosts: 72.51.46.19 albert.apple.com O1 - Hosts: 72.51.46.19 albert.apple.com O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: CPV - {15421B84-3488-49A7-AD18-CBF84A3EFAF6} - C:\Program Files\WWShow\WWShow.dll O2 - BHO: (no name) - {37CBB1E4-6571-4BF5-A7C3-555C7AA4F152} - (no file) O2 - BHO: (no name) - {405F5CC5-2D0E-4C6E-891D-5D7654265E62} - (no file) O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: MessengerUpdate - {5948A52A-BA3A-49A8-BCAF-D578502BDA9D} - C:\Documents and Settings\Luis\Application Data\Messenger\Drivers\MsgUpdate.dll O2 - BHO: (no name) - {71FC65A5-6A5A-4180-9CF9-2514C1513DA3} - (no file) O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O2 - BHO: HelloWorldBHO - {D88E1558-7C2D-407A-953A-C044F5607CEA} - C:\Program Files\Jcore\Jcore2.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: 0 - {ECB8289F-A0EA-4E58-D387-25CC99BE8413} - (no file) O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [steam] "c:\program files\valve\steam\steam.exe" -silent O4 - HKCU\..\Run: [DSS4DRU] H:\Downloads\DSS\DSS4DRU.exe O4 - HKCU\..\Run: [HomeAlarm] C:\Program Files\Chameleon Clock\ChamClock.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [nidle] "C:\Documents and Settings\Luis\Application Data\nidle\nidle.exe" 61A847B5BBF72813359231466188719AB689201522886B092CBD44BD8689220221DD3257 O4 - HKCU\..\Run: [Twain] C:\Documents and Settings\Luis\Application Data\Twain\Twain.exe O4 - HKCU\..\Run: [rkwu] C:\PROGRA~1\COMMON~1\rkwu\rkwum.exe O4 - HKCU\..\Run: [DigiFast] C:\Documents and Settings\Luis\Application Data\digifast\digifast.exe O4 - HKCU\..\Run: [sfKg6wIPuSpdc] C:\Documents and Settings\Luis\Application Data\Microsoft\Windows\sxxxxr.exe O4 - HKCU\..\Run: [igfxSys] rundll32.exe "C:\Documents and Settings\Luis\Application Data\Messenger\Drivers\IgfxSys.dll",StartProtector O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart O4 - Startup: MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe O4 - Global Startup: Microtek Scanner Finder.lnk = C:\Program Files\Microtek\ScanWizard 5\ScannerFinder.exe O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/FacebookPhotoUploader.cab O20 - Winlogon Notify: ssqrq - C:\WINDOWS\system32\ssqrq.dll (file missing) O20 - Winlogon Notify: wingdm32 - wingdm32.dll (file missing) O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Auto HotKey Poller - Unknown owner - C:\WINDOWS\system32\winpol.exe (file missing) O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Creative Service for CDROM Access - Unknown owner - C:\WINDOWS\system32\CTsvcCDA.exe (file missing) O23 - Service: E-MU Audio Service (emaudsv) - E-MU Systems - C:\WINDOWS\system32\emaudsv.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe -- End of file - 12902 bytes Quote Link to comment Share on other sites More sharing options...
aardvark baguette Posted April 10, 2009 Report Share Posted April 10, 2009 sounds like I need to get to the post office Quote Link to comment Share on other sites More sharing options...
LFF Posted April 10, 2009 Author Report Share Posted April 10, 2009 sounds like I need to get to the post office SERIOUSLY!? Quote Link to comment Share on other sites More sharing options...
cclragnarok Posted April 10, 2009 Report Share Posted April 10, 2009 When some of our computers got infected by Vundo a few months ago, this is what eventually removed it for us: Malwarebytes.org Quote Link to comment Share on other sites More sharing options...
Asr Posted April 10, 2009 Report Share Posted April 10, 2009 Check the boxes for these entries and do a "Fix Checked" on these: O2 - BHO: CPV - {15421B84-3488-49A7-AD18-CBF84A3EFAF6} - C:\Program Files\WWShow\WWShow.dll O2 - BHO: (no name) - {37CBB1E4-6571-4BF5-A7C3-555C7AA4F152} - (no file) O2 - BHO: (no name) - {405F5CC5-2D0E-4C6E-891D-5D7654265E62} - (no file) O2 - BHO: (no name) - {71FC65A5-6A5A-4180-9CF9-2514C1513DA3} - (no file) O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: 0 - {ECB8289F-A0EA-4E58-D387-25CC99BE8413} - (no file) O4 - HKCU\..\Run: [nidle] "C:\Documents and Settings\Luis\Application Data\nidle\nidle.exe" 61A847B5BBF72813359231466188719AB689201522886B092C BD44BD8689220221DD3257 O4 - HKCU\..\Run: [Twain] C:\Documents and Settings\Luis\Application Data\Twain\Twain.exe O4 - HKCU\..\Run: [rkwu] C:\PROGRA~1\COMMON~1\rkwu\rkwum.exe O4 - HKCU\..\Run: [DigiFast] C:\Documents and Settings\Luis\Application Data\digifast\digifast.exe O4 - HKCU\..\Run: [SfKg6wIPuSpdc] C:\Documents and Settings\Luis\Application Data\Microsoft\Windows\sxxxxr.exe O20 - Winlogon Notify: ssqrq - C:\WINDOWS\system32\ssqrq.dll (file missing) O20 - Winlogon Notify: wingdm32 - wingdm32.dll (file missing) After you do a "Fix Checked", try to locate all the referenced files to see if they're actually deleted, and if they're still there, manually delete them. Then restart the PC and do another scan, and post another log here. It's possible your PC will still be infected afterwards, though this should definitely help with some of the problem you're experiencing. Also, some ways to avoid getting infected by spyware in the first place: - Use the "Immunize" feature in Spybot Search & Destroy. This feature blocks known attack vectors (primarily from Web sites) and is actually extremely useful. - Upgrade to IE7 (or IE8 ) if you're using an earlier version. - Stop using IE and use Firefox instead. - Don't visit pr0n sites - or warez, torrent, or file-sharing sites for that matter either. As for what you're infected with, I can see that there's adware and multiple Trojans on your PC, some of which is probably hiding itself. If it were my PC I wouldn't personally rest unless I reformatted from a known clean image, but reformatting isn't an option for everyone. Quote Link to comment Share on other sites More sharing options...
ultros Posted April 10, 2009 Report Share Posted April 10, 2009 What Asr said..reformat if possible Quote Link to comment Share on other sites More sharing options...
909 Posted April 10, 2009 Report Share Posted April 10, 2009 buy an apple Quote Link to comment Share on other sites More sharing options...
Augsburger Posted April 10, 2009 Report Share Posted April 10, 2009 Is AntiCyber Crime any good at this point? I have a copy I can ship you on Monday if Asr's fixes don't do it. Quote Link to comment Share on other sites More sharing options...
LFF Posted April 10, 2009 Author Report Share Posted April 10, 2009 Also, some ways to avoid getting infected by spyware in the first place: - Use the "Immunize" feature in Spybot Search & Destroy. This feature blocks known attack vectors (primarily from Web sites) and is actually extremely useful. - Upgrade to IE7 (or IE8 ) if you're using an earlier version. - Stop using IE and use Firefox instead. - Don't visit pr0n sites - or warez, torrent, or file-sharing sites for that matter either. DONE! - Use the "Immunize" feature in Spybot Search & Destroy. This feature blocks known attack vectors (primarily from Web sites) and is actually extremely useful. Don't use it!!!- Upgrade to IE7 (or IE8 ) if you're using an earlier version. DONE! - Stop using IE and use Firefox instead. WHAT!!!! That's what I do the most!!!! - Don't visit pr0n sites - or warez, torrent, or file-sharing sites for that matter either. Well - I hope that will take care of it. Thanks for the help fellas! I'll report back in a few hours. I think I'll reformat the entire HD once my pal, Mr. Baguette goes to the Post Office. Quote Link to comment Share on other sites More sharing options...
LFF Posted April 10, 2009 Author Report Share Posted April 10, 2009 nuke it from orbit, only way to be sure. I wish I could, but this hunk of junk is the only computer I have. Quote Link to comment Share on other sites More sharing options...
Dusty Chalk Posted April 11, 2009 Report Share Posted April 11, 2009 nuke it from orbit, only way to be sure.I swear by the First Church of Defenestration. Quote Link to comment Share on other sites More sharing options...
Tachikoma Posted April 11, 2009 Report Share Posted April 11, 2009 DONE! - Use the "Immunize" feature in Spybot Search & Destroy. This feature blocks known attack vectors (primarily from Web sites) and is actually extremely useful. Don't use it!!!- Upgrade to IE7 (or IE8 ) if you're using an earlier version. DONE! - Stop using IE and use Firefox instead. WHAT!!!! That's what I do the most!!!! - Don't visit pr0n sites - or warez, torrent, or file-sharing sites for that matter either. Well - I hope that will take care of it. Thanks for the help fellas! I'll report back in a few hours. I think I'll reformat the entire HD once my pal, Mr. Baguette goes to the Post Office. And remember to install the NoScript plugin in Firefox. Quote Link to comment Share on other sites More sharing options...
LFF Posted April 11, 2009 Author Report Share Posted April 11, 2009 It's still running and so far I have about 7 bad entities including SmitFraud-C and Targetsaver. Quote Link to comment Share on other sites More sharing options...
Dusty Chalk Posted April 11, 2009 Report Share Posted April 11, 2009 Hurray! Quote Link to comment Share on other sites More sharing options...
LFF Posted April 11, 2009 Author Report Share Posted April 11, 2009 Just an update: The spyware is gone!!!! The only bad news is that my computer is sloooowwwwww. Regardless, I'm just happy the annoying pop-ups selling me ipods are gone. Quote Link to comment Share on other sites More sharing options...
manaox2 Posted April 11, 2009 Report Share Posted April 11, 2009 Just an update: The spyware is gone!!!! The only bad news is that my computer is sloooowwwwww. Regardless, I'm just happy the annoying pop-ups selling me ipods are gone. Optimize XP Follow these tips, you'll be close to golden. Quote Link to comment Share on other sites More sharing options...
GPH Posted April 11, 2009 Report Share Posted April 11, 2009 Firefox + NoScript + AdBlock, AdAware, AVG, Spybot Search and Destroy, etc. OR Mac Quote Link to comment Share on other sites More sharing options...
Dusty Chalk Posted April 11, 2009 Report Share Posted April 11, 2009 Linux! Quote Link to comment Share on other sites More sharing options...
Grahame Posted April 12, 2009 Report Share Posted April 12, 2009 Solaris X86, On a VM! (FTW ) Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.