Infected....hellllpppp

running windows xp......everything slowing down...internet connection(cable) keeps hanging up, loading slow, or hits the "page not found" screen. seems to go in cycles. ISP totally useless for tech support.
ran bitdefender or finder what ever it was, came up with "WIN32.SOBER.AD@mm and also TROJAN.GLEIDER.I1 , how do i get this out. i did the first 4 steps of the ccleaner,adaware,spybot, and microsoft antispyware. i ran avast virus remover i got from MG it found nothing eventhough the bitfinder (or whatever) said the sober virus was there. helllppp.

 

yes i did all the steps, and i already have hijck this on my c drive in its own folder.

 

oh yeah, i also installed and ran "webroot spysweeper" i'm off to turkey dinner with the folks, will be back later. I can't thank you enough for responding in the first place. any help will be appreciated. when i get back i will post the events up to what has brought me to this point as accurately as i can. thanks again, be back in a few hours.

 

ok, let me give you a little history.
About 2 weeks ago my pc started acting up. my internet connection (cable) was interupted. called ISP and it seemed my router malfunctioned. OK fine, disconnected it. problem seemed resolved. the next few days, web pages started loading slower or not at all (page could not be found) and outlook express started timing out. Back to the ISP...they said they saw nothing wrong on their end. some days would be ok , some days real slow or dead, started affecting non internet programs. Back to ISP, still insisting its on my end, that i had software corruption. The only thing i could remember doing to change software was to update KODAK for my digital camera.
Since they said software corruption, i started uninstalling many programs, including spyware finders and adaware and stuff. things have not improved.
i have cleaned out many programs and have not reinstalled them, ran disc cleanup and defragged. still no luck.
i have dont the (read this first) part of the tutorial for removing spyware and crap, and have run some of the online scanners. came up with different results from different scanners , have them all saved in txt files. let me know what you would like for me to do next.

 

i have hjt downloaded already, the only exception is that i don't have it under my program files directory, it is directly in a folder under the C drive. is this acceptable?

 

well i moved it anyway. and i ran it and have a log file saved in a folder.

 

i'm having a problem uploading the attachment

 

hope this worked

 

i have logs from many tests. i will attach, also with the most recent HJT. will now do ewido, (did this before, was told by ISP to remove it, cannot remember the results.) will do it now, be back in a little, if i remember correctly took a decent amount of time to run.

 

acouple more

 

ok heres the log from ewido, going to try and locate the files in outlook , it says its in the deleted files, but i set my outlook to dump those whenever i close outlook. the 023 thing is gone.

 

i cannot seem to locate the files in outlook., if i go through explorer, i can get through the path to the folders that have the long series of numbers , but the folders themselves are empty. is this info already gone, or am i looking in the wrong place?

 

ok, i found the .dbx files you mentioned to get rid of, i hope i did it right. i had to do it through explorer, it was the only way i could find them, it appeared i was actually deleting .dbx folders which i hope contained the files you meant. i deleted them , then emptied the recycle bin.

 

ok, webex is gone to, ran ccleaner just to clear out all the crap. hope that was ok

 

seems to have picked up somewhat...i would like to reboot. do you think i can unoad the spysweeper and ewidos? the spysweeper sure makes booting up hang for a while. i'm trying to run a couple browsers at ethe same time to see if i can get it to stall. but at least for the last few minutes its seems ok

 

running a lot better...still stalling off and on, but i haven't gotten outlook to hangup yet , just IE

 

i guess i was wrong, still hanging up , and outlook timing out. not happening everytime, but still getting the :"page not found" and the big yellow! with outlook. seems to run in cycles. i looked through symantec to see about getting the win32.sober.y tool, but that one didn't exist. was going to use it just to be sure since that is what that kapersky results found. still a little lost. but i do really appreciate all you have done, pc is running better, just seems to have internet issues right now.

 

ok , ewido is uninstalled, here is the latest hjt log. going to run panda scan now will post results when finished.

 

results from panda active scan

 

ok. followed your last set of directions, here is the latest hjt log. i just got back online, am going to surf around see if it starts stalling again.

 

well Chas, you did me severe justice...seems to be working great...not hanging up, email not stalling anymore. any advice for me to keep this thing clean. i have ccleaner, ad-aware, spybot s&d. My antivirus is what the isp supplies...i'm not too sure about keeping it, because in order for it to function, i had to turn off the email scanning for virus option (this i was told to do by the tech from my ISP) which i believe is how this whole mess started in the first place. Cant thank you enough for all you have done.

 

well 2 days and all seems fine. i have the zero knowledge ( i guess you already know that.) what do you think of AVG free? read on pcworld that it is pretty reputable. or would you reccommend that i go with a paid subscription like norton or mcafee? i have not unistalled the freedom yet, but i would like to , i dont feel safe without having some kind of protection for email scanning.

 

disregard that last post, i just started reading the link you sent me to.

 

Hey Chas, things still running good. What i meant was, I DO NOT like the freedom zero kknowledge and would like to change it, i have downloaded AVG and Zonealarm and am preparing to shut down windows firewall and uninstall freedom. i save them to a folder and will disconnect from the internet before uninstalling and reinstalling the new software. Just one more question, should i run any kind of registry cleaner?

 

okee dokee....i'll stay away from that then. just wanted to get rid of any dead paths or whatever is not needed, but if that stuff doesn't affect anything, i'll leave it go. Again, can't thank you enough for all your help!!!! Have a great holiday!!!

 

Hey chas, things still good on this end. i have uninstalled the freedom zero knowledge (well most of it, some of it wont come out even with the cleaner supplied by the ISP...it still shows up in my add/remove program menu) but anyway, i loaded norton antivirus and ran all the updates, it ran a full system scan and came up with a detected spyware...it was named "osrouter.dll" located in my c:\windows\system32. it would not let me delete it, when norton tried it said "delete failed" and skipped to the next window to exclude the file from deletion...at least that is the meaning i'm getting from it. do you know of this file, if it is dangerous or something i don't have to worry about?