General discussion

Locked

sneak attack

By affidavit ·
Have win xp machine in break room on DSL separate from the rest of office network. When windows loads windows explorer tries to contact webpdp.gator.com and is stopped by webroot & zonealarm pro.It will try 4 times using different port each time before it stops. This happens at each boot. Have looked for Gator, Gain,etc. in all the normal "run"registry locales and start folders and find no references any where. Any suggestions ???????

This conversation is currently closed to new comments.

5 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

Registry

by Old Guy In reply to sneak attack

I've used RegCleaner to find a lot of things I don't want on the PC. There may be better ones but this one is free and seems to work ok.
I also presume you have anti-spyware installed, Ad-aware, MS Anti-Spam, and Spybot.

http://www.worldstart.com/weekly-download/archives/reg-cleaner4.3.htm

Collapse -

protection

by affidavit In reply to Registry

machine has pestpatrol, ad-aware , webroot ver-4, ms-spy app, norton sys-works 2006, zonelabs pro-6.1 and none of them detect gator adware. need help finding where it's hidding.

Collapse -

no one can help ???????????

by affidavit In reply to sneak attack

no one out there have any thing to check-remember it is windows explorer which is trying to go to gator.

Collapse -

Flush the cache

by beads In reply to no one can help ????????? ...

Get rid of the history file and cache. Remove any remaining cookies which is probably the fault your looking for.

Other than that. It sounds like you might be a bit overly protected and all those AV/AS programs may be stepping on one another.

You might want to try blacklight from F-Secure to see if there is a rootkit. Its free and still in beta for now but always worth a look. The other one that comes to mind is TrendMicro's free Anti-Spyware scanner. Though if your Web root is up to date it should catch it with no problems. Spyware Doctor will certainly catch it but the free trial will not remove anything but SpyDoctor will atleast show you manually where any infection is coming from and where. Easy enough to follow the pathname to the offender and remove it manually.

If none of that works simply rebuild the machine, start from stratch and watch to see if it happens again. No, I don't mean using Ghost and putting an infected image back on the machine but level the drive and rebuild from scratch.

- beads

Collapse -

Simple solution

by dbucyk In reply to sneak attack

If you are using your computer for a business, then you'll have to use either Spybot Search and Destroy or Lavasoft SE for business.

But you can use the freeware version of their software and go through the options of each program and follow their guidelines.

Gator, Gain, and the like to embed themself into the OS pretty deep so these program should easily remove them.

Back to Malware Forum
5 total posts (Page 1 of 1)  

Related Discussions

Related Forums