[AT] Off topic, computer related.

Mike Meulenberg msm10301 at juno.com
Tue Mar 16 14:18:07 PDT 2010 

Hi Charlie,
I been following this thread off and on, I don't recall this being mentioned, but have you tried to turn off your system restore (you will lose all your restore points), and them do a boot time scan. It seems to me that you're using all the heavy hitters in terms of removal programs. If that doesn't work I'm afraid its time to DBAN your system and re-install windows. Hind sight being was it is you could have done that by now. As far as favorites, you can export your bookmarks to a .htm file, I wouldn't think the nasty would be hiding there, too obvious, but you can always scan that file. I know it sucks to think of the prospect of starting over, it takes a long time to get your system just right so it works for you.  Best of luck. Mike M


---------- Original Message ----------
From: "charliehill" <charliehill at embarqmail.com>
To: "Antique tractor email discussion group" <at at lists.antique-tractor.com>
Subject: Re: [AT] Off topic, computer related.
Date: Tue, 16 Mar 2010 08:11:09 -0400

Guys at this point I don't know what to do.  I've apparently defeated the 
initial problem with "security essentials 2010" but still have a severe 
problem.  I first beat it back with Malware Bytes which I had from a similar 
problem last year.  Then the problem came back.  I downloaded the latest 
edition of Trend Micro House Call and beat it back again.  I thought it was 
gone.   Then it started immediately showing up again by redirecting any 
attempt I made to go to any website I found on a search engine.  To beat 
that I downloaded Firefox browser directly from a link supplied to me by 
e-mail by Mike Sloane.  At some point early in this whole process I 
dowloaded PCTools Spyware doctor.  It found a bunch of stuff but wouldn't 
remove it without my paying them $40.00.   I started doing searches with 
Firefox to find solutions and almost immediately Firefox began being 
redirected to bad sites.

I went back and ran Malware Bytes again and it didn't find a thing but the 
problem was still there.  I could type in a search for a site, say 
microsoft, click on the link that I knew was a legit microsoft link and I 
would be redirected to a spam site that looked like a search engine.  It 
would immediately start to cascade to other sites.  I'm sure trying to take 
me back to the bug.  I went back and ran House Call again.  It didn't find 
anything but the problem was still there.  I would try to run an internet 
search for a solution and regardless of running the search on Firefox or IE 
I'd get re-directed.   I thought about Spyware Dr. which I had already 
downloaded but not paid for, so I put my credit card acct # at risk to pay 
them $40.  I ran the program and even though the other programs said I was 
clean it found 170 problems.  Most of them just tracking cookies and the 
like but 10 of them moderate to high risk trojans, bots and root kits.  I 
removed all of them.  Went back to try a web search again and immediately 
got a re-direct.  I managed to get into the Microsoft site and downloaded 
their newest Browser edition.  During that download Microsoft searched for 
threats and found none. As soon as I ran a search on that browser I got 
re-directed.  I went back to PC tools and instead of runing it's 
Intelliguard (recommended) search.  I ran the full search.  It took most of 
the night last night.  This morning I fixed the problems it found (by the 
way while Spyware Dr was running I unplugged the modem).  Then I plugged the 
modem back in and did a search on the brand new IE 8 browser and immediately 
got re-directed.

That brings us up to now and represents probably 20 hours of working time 
over a 48 or so hour period.  I also ran Trend Micro's  RU boted and Root 
Kit dectection searches.  RU boted will tell me I've got a bot and tell me 
to search with Housecall but housecall doesn't find it.
All of this time and for a long time in the past I've been running Zone 
Alarm full configured Pro version which is a firewall with virus and spyware 
protection.

The only thing I can figure is this thing has wormed it's way into a 
legitimate program that Zone Alarm is allowing to access the internet but 
which one?

I just ran Spyware Dr again while I was typing this.  This time it only 
found 5 tracking cookies.  Apparently all of them got on in the 2 or 3 
seconds it took me to shut down the most recent web search re-direct.

My computer appears to be running fine right now as long as I don't try to 
do any sort of internet search.  I'm also wary of my favorites file. 
Something along the way ( I don't remember the specifics right now) led me 
to believe my favorites files were corrupted.  I've got litterally hundreds 
of favorites, probably thousands carefully sorted in files by subject.  It's 
my own personal information library for both work and personal stuff.  The 
thought of having to delete all of them is not pleasant and the task of 
manually copying each of them to paper so that they can be reloaded is 
daunting.

I can't even do online searches to find a solution because when I do I get 
re-infected or at the least re-directed.

If anyone has a clue about a problem with web search re-direction problems 
please let me know.  If you know of a site that deals with it please send me 
the link via e-mail in clickable form because I can't run a search for it.

Thanks and beware.  There is one bad bug out there.  Either that or I'm 
being deliberately targeted which I'm now starting to consider as a real 
possibility.

Charlie


----- Original Message ----- 
From: "Dan Folske" <dfolske at nccray.net>
To: "Antique tractor email discussion group" <at at lists.antique-tractor.com>
Sent: Monday, March 15, 2010 7:34 PM
Subject: Re: [AT] Off topic, computer related.


> My secretaries computer got hit with XP Internet Security a week ago.
>
> Windows XP Pro, MacAfee Antivirus, and IE 8
>
> A combination of Malwarebytes Anti-malware and ComboFix seemed to get it 
> off
> but it was still locking up and running slow.
> I was hoping to get by without wiping the hard drive so I sent it to our
> tech department and guess what? They wiped it!
>
> They reloaded the University IT supported software but I spent all day 
> today
> reinstalling purchased software and reloading backed up data.  Gave it 
> back
> to the secretary this afternoon and MacAfee Scan on Demand picked up 
> another
> virus within half an hour.
>
> It is still locking up once in a while so I may have a hardware issue as
> well.
>
> I use IE 8, Chrome and Firefox on my machines because each one has some
> sites or apps that they don't seem to work on while one of the others do.
>
>
> _______________________________________________
> AT mailing list
> http://www.antique-tractor.com/mailman/listinfo/at
>
>
>
>
> =======
> Email scanned by PC Tools - No viruses or spyware found.
> (Email Guard: 7.0.0.18, Virus/Spyware Database: 6.14560)
> http://www.pctools.com/
> ======= 





=======
Email scanned by PC Tools - No viruses or spyware found.
(Email Guard: 7.0.0.18, Virus/Spyware Database: 6.14560)
http://www.pctools.com/
=======
_______________________________________________
AT mailing list
http://www.antique-tractor.com/mailman/listinfo/at


____________________________________________________________
Hotel
Don't stay in a roach motel.  Click here to find great deals on hotels.
http://thirdpartyoffers.juno.com/TGL2131/c?cp=1I0Xez6Cj37nDUeVOl03RQAAJz1gK6mhzd3tI7OLY0oIAkZ3AAYAAAAAAAAAAAAAAAAAAADNAAAAAAAAAAAAAAAAAAATRAAAAAA=

More information about the AT mailing list