Have Yazzle Sudoku and SurfSideKick and cannot remove

For future reference, I found the "Only delete files older than 48 hrs" option under the Advanced tab, not Settings.

 

OK, that log file is clean, are you experiencing any more unwanted symptoms at this point? How is the machine running?

Let me know please.

That's what I get for using a canned from someone else and not my own......thanks, will tailor my own to reflect proper instructions.

Also, lets run Ewido again, I want to be sure that we got that nasty Q infection.

Just being thorough.

 

Here is the scan:

---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 11:29:34 PM, 6/11/2006
+ Report-Checksum: CEC316A2

+ Scan result:

HKU\S-1-5-21-2681377278-742929182-1243267824-1006\Software\DNS -> Adware.Shorty : Cleaned with backup
[2036] C:\Program Files\NetMeeting\NMCOM.exe -> Adware.Agent : Cleaned with backup
C:\Documents and Settings\Mommy Vogel\Cookies\mommy vogel@2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Mommy Vogel\Cookies\mommy vogel@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\Mommy Vogel\Cookies\mommy vogel@advertising[1].txt -> TrackingCookie.Advertising : Cleaned with backup
C:\Documents and Settings\Mommy Vogel\Cookies\mommy vogel@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned with backup
C:\Documents and Settings\Mommy Vogel\Cookies\mommy vogel@casalemedia[1].txt -> TrackingCookie.Casalemedia : Cleaned with backup
C:\Documents and Settings\Mommy Vogel\Cookies\mommy vogel@doubleclick[2].txt -> TrackingCookie.Doubleclick : Cleaned with backup
C:\Program Files\Common Files\services.exe -> Adware.Maxifiles : Cleaned with backup
C:\Program Files\DNS\Catcher.dll -> Adware.Maxifiles : Cleaned with backup
C:\Program Files\DNS\cwebpage.dll -> Adware.Maxifiles : Cleaned with backup
C:\Program Files\NetMeeting\NMCOM.exe -> Adware.Agent : Cleaned with backup


::Report End


It was running slow pre-scan. I'll play with it tonight and tomorrow and see what happens. Still have that TClock.

I have ZoneAlarm and AVG now, and made sure windows was updated. No pop-ups since last night. I think we're just about in the clear!

 

OK, everything there looks fine.

You can remove that T-Clock if you didn't install it, not much on it either way if its malware or not, so it should go easily.

Lets see how the machine is for the next 24-48 hours before we declare this a victory, but I think you will be ok.

Don't forget, Tuesday is super patch day, 12-13 patches for windows.

 

There is no option to uninstall it on Add/Remove programs, that is why I am so concerned with it. I actually double-clicked it earlier and it brought up the normal Windows data & time properties, so it seems to be just crouching on the taskbar for annoyance purposes only.

 

You may very well find a dedicated folder for TClock, not necessarily in Ad\Remove. I have seen it in other logs, tho it is still not identified as malicious. It's a synchronizing app for your PC, relying on an Internet server.

T-Clock Info

 

So far so good. It's running back up to speed and I got rid of TClock. No pop-ups since Saturday, so all is looking pretty good. Thanks so much for your help!!!

 

OK, lets hope things stay as they are, let us know of any odd behavior.

Now that you have regained control of your machine, lets keep it clean. Please follow the links below to ensure the highest possible level of protection against any further invasions. The links and the apps are some of the most highly regarded apps in the field of security/protection & detection. Run AdAware & Spybot at least once a week, depending on your surfing habits.

SpywareBlaster will prevent known ActiveX installs, by setting killbits into the registry.
With Spyware Blaster, just DL, check for updates, enable Internet Explorer protection, and your done! I don't recommend using 'Restricted Sites' protection, you can get far greater coverage with IE-SPYADs, listed below.

To avoid known malware infested sites from loading in IE install IESPY ADS.
And MVPS Hosts File will provide another layer of protection.

And to prevent unknown applications from being installed on your machine inistall WinPatrolv9.8.1.0.

Tutorials for all can be found on my site as well.

Confused about which apps are good or not? Read about Rogue/Approved Anti Security apps

And just because you have security apps installed, they are useless unless updated regularly. Keep track of updates for ALL your security needs here:
Calendar of Updates

Subscribe to update alerts for all the above security apps here.

You can also see my own ongoing security testing with all the above apps proving how securely you can safe with them installed.
TeMerc Test Box Forum

Happy surfing!
Tom

 

Everything mentioned in your previous post has been installed and I will personally run them every week for her (so that I don't have to go through all this again ). Quick question - I installed ZoneAlarm firewall earlier and it's actually running too well - it blocks some of her games from Pogo.com. Alerts also pop-up at the most inconvenient times and it slows down and sometimes freezes the computer. Any other free firewalls out there that I can use?

 

Ah, yes, I'm afraid ZA has gotten a tick buggy as of late.

Does she have the trial ZA Pro? If so, there are some privacy tabs she can use to change how ZA blocks things, have her check to see if the settings can be minimized in privacy, firewall or program control tabs.

Alerts will come fewer as she begins to understand what each one is, just tell her she needs to read each one, if she's not sure, first have her Google the app that is listed, usually, nine times out of ten, it's in the first couple of hits. It will give her good practice with these types of things. Once ZA has been configured, the alerts will subside, there is just a slight, altho annoying learning curve.

Hope that's been helpful.