Jump to content

smiling111

Members
  • Content Count

    14
  • Joined

  • Last visited

About smiling111

  • Rank
    Member
  • Birthday 01/01/1970

Profile Information

  • Interests
    superantispyware
  1. I just rebooted again and all seems fine for now. That is a great program just had my mom do the same thing. When the little bug is next to my time does that mean it is protecting? Thanks againl.
  2. I rebooted from safe mode and it seems pertty cool now except! When I rebooted the first time my desktop woudl not load. It was just the wallpaper and nothing else....not even a tab on the bottom. I Ctrl/alt/ del and restarted that way. That was very odd....should I be concerned? Popups seem to be ok now knock on wood. To answer sunniebear. I don't have anything real time. What do you recomend. Superantispyware seemed to do a great job cleaning the computer does it also protect while it runs?
  3. I will run it in safe mode before bed and reboot then get back to you tomorrow thanks for the help.
  4. Still getting MANY web pages opening with advertisements. Usually about three pages in one window ie. if you click the back button there are three pages there. Woke up this morning and there were 40 microsoft explorer windows open. Grrr I hate my computer.
  5. Well still getting web pages opening up by themselves. Think it is a little better. I will try running it again and rebooting right after I run it......or even run it in safe mode. I should have rebooted right after but got sidetracked. The problem usually gets worse the longer the computer is on. I will let you know.
  6. Think this is it. Generated 05/01/2007 at 03:02 AM Application Version : 3.7.1018 Core Rules Database Version : 3227 Trace Rules Database Version: 1238 Scan type : Quick Scan Total Scan Time : 00:47:21 Memory items scanned : 383 Memory threats detected : 4 Registry items scanned : 730 Registry threats detected : 111 File items scanned : 14876 File threats detected : 114 Trojan.WinFixer C:\WINDOWS\SYSTEM32\FCCYA.DLL C:\WINDOWS\SYSTEM32\FCCYA.DLL HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DCE30ADF-5F83-4EDA-8F06-35BC49D248F2} HKCR\CLSID\{DCE30ADF-5F83-4EDA-8F06-35BC49D248F2} HKCR\CLSID\{DCE30ADF-5F83-4EDA-8F06-35BC49D248F2}\InprocServer32 HKCR\CLSID\{DCE30ADF-5F83-4EDA-8F06-35BC49D248F2}\InprocServer32#ThreadingModel Software\Microsoft\Windows NT\CurrentVersion\WinLogon\Notify\fccya Trojan.Downloader-Gen/HardFall C:\WINDOWS\SYSTEM32\HGGHIGG.DLL C:\WINDOWS\SYSTEM32\HGGHIGG.DLL Trojan.NewDotNet-Installer C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL Trojan.Update-Mcboo/Resident C:\WINDOWS\RETADPU2000219.EXE C:\WINDOWS\RETADPU2000219.EXE C:\WINDOWS\Prefetch\RETADPU2000219.EXE-1FEB3BAA.pf Adware.Vundo Variant HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FFCE6B5-809F-4E00-93D7-4E9B7C26CC4A} HKCR\CLSID\{0FFCE6B5-809F-4E00-93D7-4E9B7C26CC4A} HKCR\CLSID\{0FFCE6B5-809F-4E00-93D7-4E9B7C26CC4A}\InprocServer32 HKCR\CLSID\{0FFCE6B5-809F-4E00-93D7-4E9B7C26CC4A}\InprocServer32#ThreadingModel C:\WINDOWS\SYSTEM32\DDCYW.DLL HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3F9D0C61-737D-44D1-BD80-91AF857061CC} HKCR\CLSID\{3F9D0C61-737D-44D1-BD80-91AF857061CC} HKCR\CLSID\{3F9D0C61-737D-44D1-BD80-91AF857061CC}\InprocServer32 HKCR\CLSID\{3F9D0C61-737D-44D1-BD80-91AF857061CC}\InprocServer32#ThreadingModel HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D651AFF4-9590-424d-BD1E-8E33E090DFB3} HKCR\CLSID\{D651AFF4-9590-424D-BD1E-8E33E090DFB3} HKCR\CLSID\{D651AFF4-9590-424D-BD1E-8E33E090DFB3}\InprocServer32 HKCR\CLSID\{D651AFF4-9590-424D-BD1E-8E33E090DFB3}\InprocServer32#ThreadingModel C:\WINDOWS\SYSTEM32\RAEKBENT.DLL HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks#{3F9D0C61-737D-44D1-BD80-91AF857061CC} Software\Microsoft\Windows NT\CurrentVersion\WinLogon\Notify\hgghigg HKCR\CLSID\{1557B435-8242-4686-9AA3-9265BF7525A4} HKCR\CLSID\{1557B435-8242-4686-9AA3-9265BF7525A4}\InprocServer32 HKCR\CLSID\{1557B435-8242-4686-9AA3-9265BF7525A4}\InprocServer32#ThreadingModel HKCR\CLSID\{3F9D0C61-737D-44D1-BD80-91AF857061CC} HKCR\CLSID\{D651AFF4-9590-424D-BD1E-8E33E090DFB3} C:\WINDOWS\SYSTEM32\PMNKIJI.DLL C:\WINDOWS\SYSTEM32\PMNKLMM.DLL C:\WINDOWS\SYSTEM32\VTUUVWW.DLL C:\WINDOWS\SYSTEM32\TUVSTQO.DLL Trojan.NewDotNet HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E} HKCR\CLSID\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E} HKCR\CLSID\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E} HKCR\CLSID\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E}\InprocServer32 HKCR\CLSID\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E}\InprocServer32#ThreadingModel HKCR\CLSID\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E}\ProgID HKCR\CLSID\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E}\Programmable HKCR\CLSID\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E}\TypeLib HKCR\CLSID\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E}\VersionIndependentProgID C:\PROGRAM FILES\NEWDOTNET\NEWDOTNET7_48.DLL HKCR\Tldctl2.URLLink HKCR\Tldctl2.URLLink\CLSID HKCR\Tldctl2.URLLink\CurVer HKCR\Tldctl2.URLLink.1 HKCR\Tldctl2.URLLink.1\CLSID HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\New.net HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\New.net#DisplayName HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\New.net#UninstallString HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\New.net#DisplayIcon HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\New.net#DisplayVersion HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\New.net#Publisher HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\New.net#URLInfoAbout HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\New.net#HelpLink HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\New.net#URLUpdateInfo HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\New.net#VersionMajor HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\New.net#VersionMinor HKU\.DEFAULT\Software\New.net HKU\S-1-5-21-861567501-789336058-1708537768-1003\Software\New.net HKU\S-1-5-18\Software\New.net HKLM\Software\New.net HKLM\Software\New.net#InstalledVersion HKLM\Software\New.net#InstalledPath HKLM\Software\New.net#Tag HKLM\Software\New.net#DiscardTag HKLM\Software\New.net#FirstTime HKLM\Software\New.net#Source HKLM\Software\New.net#Prt HKLM\Software\New.net#LSPStatus HKLM\Software\New.net#NextUpgradeHi HKLM\Software\New.net#NextUpgradeLo HKLM\Software\New.net#UpgradeCounter HKLM\Software\New.net#Search HKLM\Software\New.net#Activity HKLM\Software\New.net#Complete HKLM\Software\New.net#XpiDone C:\Program Files\NewDotNet\uninstall6_38.exe C:\Program Files\NewDotNet\readme.html C:\Program Files\NewDotNet\uninstall7_48.exe C:\Program Files\NewDotNet C:\WINDOWS\NDNUNINSTALL6_38.EXE C:\WINDOWS\NDNUNINSTALL6_98.EXE C:\WINDOWS\NDNUNINSTALL7_48.EXE Adware.Tracking Cookie C:\Documents and Settings\paulriccio\Cookies\paulriccio@adopt.specificclick[2].txt C:\Documents and Settings\paulriccio\Cookies\paulriccio@interclick[5].txt C:\Documents and Settings\paulriccio\Cookies\paulriccio@specificclick[1].txt C:\Documents and Settings\paulriccio\Cookies\paulriccio@indiads[1].txt C:\Documents and Settings\paulriccio\Cookies\paulriccio@anad.tacoda[3].txt C:\Documents and Settings\paulriccio\Cookies\paulriccio@server.iad.liveperson[2].txt C:\Documents and Settings\paulriccio\Cookies\paulriccio@ctxtad[1].txt C:\Documents and Settings\paulriccio\Cookies\paulriccio@entrepreneur.122.2o7[1].txt C:\Documents and Settings\paulriccio\Cookies\paulriccio@tacoda[1].txt C:\Documents and Settings\paulriccio\Cookies\paulriccio@atdmt[2].txt C:\Documents and Settings\paulriccio\Cookies\paulriccio@adlegend[1].txt C:\Documents and Settings\paulriccio\Cookies\paulriccio@zedo[2].txt C:\Documents and Settings\paulriccio\Cookies\paulriccio@ad.firstadsolution[2].txt C:\Documents and Settings\paulriccio\Cookies\paulriccio@ads.addynamix[1].txt C:\Documents and Settings\paulriccio\Cookies\paulriccio@pro-market[2].txt C:\Documents and Settings\paulriccio\Cookies\paulriccio@sxload[2].txt C:\Documents and Settings\paulriccio\Cookies\paulriccio@winantispyware[2].txt C:\Documents and Settings\paulriccio\Cookies\paulriccio@questionmarket[2].txt C:\Documents and Settings\paulriccio\Cookies\paulriccio@metist[1].txt C:\Documents and Settings\paulriccio\Cookies\paulriccio@mediaplex[2].txt C:\Documents and Settings\paulriccio\Cookies\paulriccio@overture[1].txt C:\Documents and Settings\paulriccio\Cookies\paulriccio@winantivirus[2].txt C:\Documents and Settings\paulriccio\Cookies\paulriccio@count4.exitexchange[2].txt C:\Documents and Settings\paulriccio\Cookies\paulriccio@www.winantispyware[1].txt C:\Documents and Settings\paulriccio\Cookies\paulriccio@count1.exitexchange[2].txt C:\Documents and Settings\paulriccio\Cookies\paulriccio@findwhat[1].txt C:\Documents and Settings\paulriccio\Cookies\paulriccio@angleinteractive.directtrack[2].txt C:\Documents and Settings\paulriccio\Cookies\paulriccio@hitbox[2].txt C:\Documents and Settings\paulriccio\Cookies\paulriccio@tremor.adbureau[2].txt C:\Documents and Settings\paulriccio\Cookies\paulriccio@88270523[1].txt C:\Documents and Settings\paulriccio\Cookies\paulriccio@www.amaena[2].txt C:\Documents and Settings\paulriccio\Cookies\paulriccio@ad.yieldmanager[2].txt C:\Documents and Settings\paulriccio\Cookies\paulriccio@doubleclick[2].txt C:\Documents and Settings\paulriccio\Cookies\paulriccio@exitexchange[1].txt C:\Documents and Settings\paulriccio\Cookies\paulriccio@trafficmp[2].txt C:\Documents and Settings\paulriccio\Cookies\paulriccio@divx.adbureau[2].txt C:\Documents and Settings\paulriccio\Cookies\paulriccio@cpvfeed[3].txt C:\Documents and Settings\paulriccio\Cookies\paulriccio@tribalfusion[1].txt C:\Documents and Settings\paulriccio\Cookies\paulriccio@fastclick[2].txt C:\Documents and Settings\paulriccio\Cookies\paulriccio@sec1.liveperson[1].txt C:\Documents and Settings\paulriccio\Cookies\paulriccio@directtrack[1].txt C:\Documents and Settings\paulriccio\Cookies\paulriccio@ehg-pcsecurityshield.hitbox[2].txt C:\Documents and Settings\paulriccio\Cookies\paulriccio@www.onlineemedia[1].txt C:\Documents and Settings\paulriccio\Cookies\paulriccio@count3.exitexchange[2].txt C:\Documents and Settings\paulriccio\Cookies\paulriccio@entrepreneur[1].txt C:\Documents and Settings\paulriccio\Cookies\paulriccio@redorbit[2].txt C:\Documents and Settings\paulriccio\Local Settings\Temp\Cookies\paulriccio@www.burstbeacon[2].txt C:\Documents and Settings\paulriccio\Local Settings\Temp\Cookies\paulriccio@offeroptimizer[1].txt C:\Documents and Settings\paulriccio\Local Settings\Temp\Cookies\paulriccio@ads.ah-ha[1].txt C:\Documents and Settings\paulriccio\Local Settings\Temp\Cookies\paulriccio@www.alltracksgone[1].txt C:\Documents and Settings\paulriccio\Local Settings\Temp\Cookies\paulriccio@atwola[2].txt C:\Documents and Settings\paulriccio\Local Settings\Temp\Cookies\paulriccio@ar.atwola[1].txt C:\Documents and Settings\paulriccio\Local Settings\Temp\Cookies\paulriccio@m1.webstats4u[1].txt C:\Documents and Settings\paulriccio\Local Settings\Temp\Cookies\paulriccio@www.xctrk[2].txt Registry Cleaner Trial C:\Program Files\Registry Cleaner Trial\unins000.dat C:\Program Files\Registry Cleaner Trial\unins000.exe C:\Program Files\Registry Cleaner Trial\Regclean.exe C:\Program Files\Registry Cleaner Trial\EULA_REGCLEAN.rtf C:\Program Files\Registry Cleaner Trial\regclean.dll C:\Program Files\Registry Cleaner Trial\Registry Cleaner.chm C:\Program Files\Registry Cleaner Trial\soref.dll C:\Program Files\Registry Cleaner Trial\RCUninstall.exe C:\Program Files\Registry Cleaner Trial\uninstall.hta C:\Program Files\Registry Cleaner Trial\EmailAddressCapture.hta C:\Program Files\Registry Cleaner Trial\RCBanner.jpg C:\Program Files\Registry Cleaner Trial\NoSpam.jpg C:\Program Files\Registry Cleaner Trial C:\Documents and Settings\paulriccio\Application Data\Registry Cleaner\Regclean.ini C:\Documents and Settings\paulriccio\Application Data\Registry Cleaner\Backups C:\Documents and Settings\paulriccio\Application Data\Registry Cleaner C:\WINDOWS\Prefetch\REGCLEAN.EXE-0ACF4C57.pf Trojan.NetMon/DNSChange HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETWORK_MONITOR HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETWORK_MONITOR#NextInstance HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETWORK_MONITOR\0000 HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETWORK_MONITOR\0000#Service HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETWORK_MONITOR\0000#Legacy HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETWORK_MONITOR\0000#ConfigFlags HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETWORK_MONITOR\0000#Class HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETWORK_MONITOR\0000#ClassGUID HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETWORK_MONITOR\0000#DeviceDesc Trojan.cmdService HKLM\SYSTEM\CurrentControlSet\Services\cmdService HKLM\SYSTEM\CurrentControlSet\Services\cmdService\Enum HKLM\SYSTEM\CurrentControlSet\Services\cmdService\Enum#0 HKLM\SYSTEM\CurrentControlSet\Services\cmdService\Enum#Count HKLM\SYSTEM\CurrentControlSet\Services\cmdService\Enum#NextInstance HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CMDSERVICE HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CMDSERVICE#NextInstance HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CMDSERVICE\0000 HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CMDSERVICE\0000#Service HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CMDSERVICE\0000#Legacy HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CMDSERVICE\0000#ConfigFlags HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CMDSERVICE\0000#Class HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CMDSERVICE\0000#ClassGUID HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CMDSERVICE\0000#DeviceDesc Adware.Toolbar888 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\888Bar HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\888Bar#DisplayName HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\888Bar#UninstallString Adware.ClickSpring/Yazzle HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yazzle1122Oin HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yazzle1122Oin#DisplayName HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yazzle1122Oin#UninstallString C:\DOCUMENTS AND SETTINGS\PAULRICCIO\LOCAL SETTINGS\TEMP\YAZZLEBUNDLE-1281.EXE Adware.ClickSpring/Outer Info Network HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Outerinfo HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Outerinfo#Publisher HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Outerinfo#DisplayName HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Outerinfo#UninstallString HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Outerinfo#HelpLink HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Outerinfo#InstallLocation HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Outerinfo#NoModify HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Outerinfo#NoRepair HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Outerinfo#DisplayVersion Adware.Web Buying HKU\.DEFAULT\Software\WebBuying HKU\S-1-5-18\Software\WebBuying HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WebBuying HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WebBuying#DisplayName HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WebBuying#UninstallString Trojan.Downloader-Gen/Win C:\WINDOWS\SYSTEM32\SVCP.CSV C:\WINDOWS\SYSTEM32\UNSVCHOSTS.LZMA Trojan.Downloader-Gen C:\WINDOWS\SYSTEM32\WINSUB.XML Worm.Sdbot Variant C:\WINDOWS\SYSTEM32\SMPI1\WIN.EXE Adware.UCMore/The Search Accelerator C:\WINDOWS\SYSTEM32\SMPI1\WIN66.EXE Trojan.,Downloader-UpdateMC C:\WINDOWS\UPDATER.EXE Trojan.Downloader-Gen/Installer C:\WINDOWS\B104.EXE C:\WINDOWS\B103.EXE C:\WINDOWS\B136.EXE C:\DOCUMENTS AND SETTINGS\PAULRICCIO\LOCAL SETTINGS\TEMP\B103.EXE Trojan.Unknown Origin C:\WINDOWS\AM9OBIBZBWL0AA\UA6CV21WVQ5XUE.VBS C:\WINDOWS\UNINSTALL_NMON.VBS C:\WINDOWS\B129.EXE BearShare File Sharing Client C:\PROGRAM FILES\BEARSHARE\BEARSHARE.EXE C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\BEARSHARE.LNK C:\DOCUMENTS AND SETTINGS\PAULRICCIO\DESKTOP\SHORTCUTS\BEARSHARE.LNK Trojan.Freeprod C:\DOCUMENTS AND SETTINGS\PAULRICCIO\LOCAL SETTINGS\TEMP\ZE.EXE Adware.BetterInternet C:\DOCUMENTS AND SETTINGS\PAULRICCIO\LOCAL SETTINGS\TEMP\DRTEMP\THIN-139-1-X-X.EXE Unclassified.Unknown Origin/System C:\DOCUMENTS AND SETTINGS\PAULRICCIO\LOCAL SETTINGS\TEMP\B116.EXE C:\DOCUMENTS AND SETTINGS\PAULRICCIO\LOCAL SETTINGS\TEMP\B122.EXE Trojan.Spam-RUCrzy C:\DOCUMENTS AND SETTINGS\PAULRICCIO\LOCAL SETTINGS\TEMP\39E.TMP Adware.webHancer C:\DOCUMENTS AND SETTINGS\PAULRICCIO\LOCAL SETTINGS\TEMP\TEMP.FR593D\PROGRAMS\WEBHDLL.DLL Trojan.Downloader-UDL2 C:\28379252.EXE Hope someone can help
  7. I just recently solved a problem with cp1041.nls (thank you fatduck) now I am getting viruses popping up like "New Malware.j" and "Vundo" amoung others. Web pages are popping up at random and everything on my computer is very slow. Takes forever to get to an address and most the time it forwards me three web pages ahead of what I typed in to advertizements. I am not sure if this is related but all the sudden in my startup box these items were magically checked. NEWDOT~2 _A00F1D28E9.exe _A00F1D28E9.exe And others that start with _A00F. Could be unrelated. I can barly stay on a page long enough to write this thread. I have run Adaware Professional in safe mode and dont' know what to do. I am actully freezing up as I type this. Hope someone can help. I will try to check the thread from a different computer thanks. P.
×
×
  • Create New...