FarmIsland
Thread Starter
- Joined
- Jul 3, 2005
- Messages
- 7
I have been battling with Viruses/Spyware/Adware for a few days (and nights) on this system (friends computer). Dell Dimension 4300S running Windows XP Home Version 2002 with SP1. Original symtoms: sytem running extremely slow with a lot of popup ads to the point of the system being inoperable. I plan to install SP2 as soon as I get the system cleaned up.
I have remove a large amount of malware (viruses, spyware & adware).
Anti-Virus program is Norton AV 2003 licensed until Nov. 2005 that is up to date in both program and definitions. Besides NAV I have used
Ad-Aware 1.06,
Spybot 1.4,
Microsoft Anti-Spyware (Beta1),
Spy Sweeper 3.2.06 Trial Version),
Pop-Up Stopper Free Edition 3.1.101,
Trend Micro's Housecall on-line virus/spyware scan/removal,
Panda's on-line virus/spyware scan/removal,
CWShreadder 2.15
Zone Alarm Free Edition 5.5.094.000,
SpywareBlaster 3.4, and
SpywareGuard 2.2 are all running.
All the above were updated to the latest status available just before running each one.
I thought I had the final answer when I mechanically removed "Adware.CasinoClient" from the Registry and system, but I was wrong. Still getting some pop-up ads (while not on-line) and the system is still running much, much too slow. There seems to still be some Trojans on the system. While typing this, MS-Anti-Spyware ran on its automatic schedule and indicated another Trojan has been found [Trojan.Startup.NameShifter.Zwq (6 signatures)]. and if I am reading the progress screen correctly, a couple of more trojans and a dozen or so more things including WeirdOnTheWeb, etc. MS-Anti-Spyware was run 24 hours ago and "cleaned" the system at that time. The program did aquire a lengthy update a couple of hours ago, but???
Operation has improved greatly, but the system is still running much too slow and I am still getting pop-up ads occasionally. I suspect trojans and ???
The system is connected to the Internet with Quest DSL (Tucson, AZ) and the owner uses AOL 9.
Another little quirk. When I run Internet Explorer and click on a link (such as when I attempted to go to this site's registration page, I get the IE Window, but the Web page never gets written to the screen (see hourglass no matter how long I wait), but if I sign into AOL and use AOL's browser, I do not have that problem. The same thing occurred when I tried to start TrendMicro's Housecall on-line scan - had to do it signed into AOL and use AOL's browser. This problem existed when I started working on the system, and it is still here now.
I need help interpreting the HijackThis Log (next entry - see below).
PLEASE help before I loose it completely (at this point it won't take much to push me over the edge - figuretively speaking).
I am comfortable working in the Registry (up to a point, of course).
MS-AntiSpyware scan just completed and insisting on an immediate shutdown. While gone, I will check the condition of the system now and get a new HijackThis Log which I will post in my next entry in a hour or so.
Back soon.
I have remove a large amount of malware (viruses, spyware & adware).
Anti-Virus program is Norton AV 2003 licensed until Nov. 2005 that is up to date in both program and definitions. Besides NAV I have used
Ad-Aware 1.06,
Spybot 1.4,
Microsoft Anti-Spyware (Beta1),
Spy Sweeper 3.2.06 Trial Version),
Pop-Up Stopper Free Edition 3.1.101,
Trend Micro's Housecall on-line virus/spyware scan/removal,
Panda's on-line virus/spyware scan/removal,
CWShreadder 2.15
Zone Alarm Free Edition 5.5.094.000,
SpywareBlaster 3.4, and
SpywareGuard 2.2 are all running.
All the above were updated to the latest status available just before running each one.
I thought I had the final answer when I mechanically removed "Adware.CasinoClient" from the Registry and system, but I was wrong. Still getting some pop-up ads (while not on-line) and the system is still running much, much too slow. There seems to still be some Trojans on the system. While typing this, MS-Anti-Spyware ran on its automatic schedule and indicated another Trojan has been found [Trojan.Startup.NameShifter.Zwq (6 signatures)]. and if I am reading the progress screen correctly, a couple of more trojans and a dozen or so more things including WeirdOnTheWeb, etc. MS-Anti-Spyware was run 24 hours ago and "cleaned" the system at that time. The program did aquire a lengthy update a couple of hours ago, but???
Operation has improved greatly, but the system is still running much too slow and I am still getting pop-up ads occasionally. I suspect trojans and ???
The system is connected to the Internet with Quest DSL (Tucson, AZ) and the owner uses AOL 9.
Another little quirk. When I run Internet Explorer and click on a link (such as when I attempted to go to this site's registration page, I get the IE Window, but the Web page never gets written to the screen (see hourglass no matter how long I wait), but if I sign into AOL and use AOL's browser, I do not have that problem. The same thing occurred when I tried to start TrendMicro's Housecall on-line scan - had to do it signed into AOL and use AOL's browser. This problem existed when I started working on the system, and it is still here now.
I need help interpreting the HijackThis Log (next entry - see below).
PLEASE help before I loose it completely (at this point it won't take much to push me over the edge - figuretively speaking).
I am comfortable working in the Registry (up to a point, of course).
MS-AntiSpyware scan just completed and insisting on an immediate shutdown. While gone, I will check the condition of the system now and get a new HijackThis Log which I will post in my next entry in a hour or so.
Back soon.