Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Trojan-Spy.HTML.Smitfraud [RESOLVED]


  • This topic is locked This topic is locked

#136
Michelle

Michelle

    Malware Removal Goddess

  • Retired Staff
  • 8,928 posts
That good huh? LOL

How is it running? Anymore problems?
  • 0

Advertisements


#137
joshuageeks6999

joshuageeks6999

    Member

  • Topic Starter
  • Member
  • PipPip
  • 91 posts
Okay...whew...it does feel good!!!! Hope it was good for you, too!!!!!!

So, i am printing this entire thread!!...79 pages...some good stuff here...i promise not to try to help others here (yet), although it is tempting....

I've learned a lot! And you are truly amazing! I mean patient, kind, and certainly generous with your time!!!!!!! I've enjoyed it....do rather hope that this is not the end.... :) ...but would hopefully have fewer problems saved up if i'm out here again...

...should I ask for you when i'm on again!!! would that be okay???

...you know my emails, etc....

...and i'm certainly hoping you'll tell me how to lock down IE and what AntiEverything software you'd suggest....

Right now, i'll wait for one more response here, then I must run off for a few hours....back on late tonight!!...

PS I did click on PayPal or whatever that was and it said Could not find server...did you do that???

:) :) :) :tazz: ;) ;) :)
  • 0

#138
Michelle

Michelle

    Malware Removal Goddess

  • Retired Staff
  • 8,928 posts
;)

Must be your ISP because my PayPal link works fine!...I can send you my e-mail address if you really want to send a donation (do not have to!):

When you come back online, I recommend installing Service Pack 2:

http://v5.windowsupd...t.aspx?ln=en-us

Click on "Express Install".

I will post another post with information as to what you should keep and delete as far as programs I've had you download ;)

Congratulations your log is clean! Great job on the clean up :tazz:

Here are some tips, to reduce the potential for spyware infection in the future, I strongly recommend installing the following applications:

Ewido Security Suite <= Protection against Trojans, Worms, Dialers, Hijackers, Spyware, and Keyloggers.

Detect and Remove Programs:
  • How to use Ad-Aware to remove Spyware <= If you suspect that you have spyware installed on your computer, here are instructions on how to download, install and then use Ad-Aware.
  • How to use Spybot to remove Spyware <= If you suspect that you have spyware installed on your computer, here are instructions on how to download, install and then use Spybot. Similar to Ad-Aware, I strongly recommend both to catch most spyware.
Prevention Programs:
  • Spywareblaster <= SpywareBlaster will prevent spyware from being installed.
  • Spywareguard <= SpywareGuard offers realtime protection from spyware installation attempts.
  • MVPS Hosts file <= The MVPS Hosts file replaces your current HOSTS file with one containing well known ad sites etc. Basically, this prevents your computer from connecting to those sites by redirecting them to 127.0.0.1 which is your local computer
  • Google Toolbar <= Get the free google toolbar to help stop pop up windows.
Other necessary Programs:
  • AntiVirus Program<= An AntiVirus program is a must! Whether it is a free version like AVG or Anti-Vir, or a shareware version like Norton or Kapersky, this is a must have.
  • Firewall<= A firewall is definitely a must have. Two good free versions are Sygate and ZoneLabs.

  • 0

#139
joshuageeks6999

joshuageeks6999

    Member

  • Topic Starter
  • Member
  • PipPip
  • 91 posts
Okay, my sweet banana, I'll be back...must run...have the above list and will work on all of the above...and have two email addresses for you...i'll use the hotmail one if that's preferable...

...i'm pulling my router, ethernet box etc out for a bit...hopefully back up late tonight with a new system installed upstairs...but it is really nice out and i'm about a half-mile from the beach...when its 71 degrees here, that's pretty special...

...that comment above, about pulling my router, that wasn't meant as another compliment :tazz: , but i am pretty happy!!!

joshua
  • 0

#140
Michelle

Michelle

    Malware Removal Goddess

  • Retired Staff
  • 8,928 posts
:tazz: ;) ;)

Edited by bananafanafo, 26 April 2005 - 01:49 PM.

  • 0

#141
Michelle

Michelle

    Malware Removal Goddess

  • Retired Staff
  • 8,928 posts
Ok, I went back through the whole topic and here is a list of things I recommend:

1.)Turn System Restore back on:
*On the Desktop, right-click My Computer.
*Click Properties.
*Click the System Restore tab.
*UN-Check Turn off System Restore.
*Click Apply, and then click OK.
This will give your computer a fresh start on System Restore ;)

2.) Download XP Service Pack 2.

3.) Re-install Microsoft Anti-Spyware

4.) If Norton isn't working properly, then it doesn't do any good to have it on your computer (although, it did manage to quarantine 1400 viruses before dying!) So go to Start > Control Panel > Add/Remove Programs and remove "Norton Antivirus" and either re-install Norton, or get a new Anti-Virus. A really good, free one is AVG.

5.)Try to see if you can get Ewido to work - it's a really awesome program! I LOVE it!

6.) You can remove HiJackThis, Registrar Lite, and Killbox unless you plan on getting your system infected in the near future!!! lol

7.) You can keep MWav if you want. If doesn't remove the infected items unless purchased...but if you ever need it again you already have it!

8.)Re-hide previously hidden files:
Click Start.
Open My Computer.
Select the Tools menu and click Folder Options.
Select the View Tab.
Under the Hidden files and folders heading select Do not show hidden files and folders.
Check the Hide protected operating system files (recommended) option.
Click Yes to confirm.
Click OK.

10.) I also saw earlier that you said you had SpyDoctor? This program is a Rogue/Suspect anti-spyware program. You can read about it here:
http://www.spywarewa...nti-spyware.htm
So, I recommend going into Start > Control Panel > Add/Remove programs and removing SpyDoctor - there are much more reputable anti-spyware programs like the ones I have listed for you. Note: SpyWARE Doctor is fine, but if it's SpyDoctor remove it.

I think that's it! :tazz:

Edited by bananafanafo, 26 April 2005 - 02:45 PM.

  • 0

#142
Michelle

Michelle

    Malware Removal Goddess

  • Retired Staff
  • 8,928 posts
I guess I didn't have a #9 LOL :tazz:
  • 0

#143
joshuageeks6999

joshuageeks6999

    Member

  • Topic Starter
  • Member
  • PipPip
  • 91 posts
hi banana!...just got everything back online last night and proceeding to follow your final instructions re keeping my system clean.

While smitfraud still seems quite active elsewhere, my system looks good...definitely need the safegaurds as many viruses, etc attempting to find a home...i'll be more careful and run appropriate protection!!

AND, SPYDOCTOR -- THE BAD ONE -- DOES LOAD EACH TIME I STARTUP...that's what i was mentioning, all my troubles with smitfraud began right after i installed spydoctor...btw, got that from Spywarrior.com/forum site that i was searching for help prior to finding you!

A quick question...in your final list of things to do, i don't believe you mentioned Adaware, Spybot, etc....not necessary given the others including Ewido?

And and and...what's the best way to keep in touch with you? i do have your email addresses (2)...i trust this thread will become less visible quite soon...!!

And thank you again, and i will be in touch $$ when i'm secure on this end, or i'll connect from my system at work. :tazz: joshua
  • 0

#144
Michelle

Michelle

    Malware Removal Goddess

  • Retired Staff
  • 8,928 posts
Your log is showing SpyWARE Doctor which is fine to have! I don't think you have SpyDoctor - it's not loading on Startup anyway.

As far as Spybot and Ad-Aware - everything is in post #138. Yes, I still recommend those even though you have Ewido.

You can just e-mail me at either address to get in touch with me :tazz:

You're very welcome, Joshua!! ;)
  • 0

#145
joshuageeks6999

joshuageeks6999

    Member

  • Topic Starter
  • Member
  • PipPip
  • 91 posts
Hi banana, Hope you're doing well...things are working quite nicely here!! :tazz:

but havn't had the time to focus on your final recommendations, just starting and have a few questions...will be off and on today, a bit unpredictable...

1. Unable to download a new copy of Microsoft Antispy...says my copy of XP is not verifiable...i assure u its paid for..about 2 yrs ago!! but perhaps i've somehow wiped out that insignia?! Could you provide a safe hyper to AntiSpy?


2. Unable to remove Norton; doesn't recognize me as Administrator no matter where i go; would like to uninstall; of course, doesn't respond to Add/Remove from control panel. Suggestions?

3. An opinion on AntiVir versus AVG from grisoft? Have been running AntiVir, seems to be blocking a few things!! Have AVG ready to install if preferred.??

4. Which things need to be executed from EACH of the user accounts? Sorry, you probably already told me this....AdAware, Spybot, CWShredder? AntiSpy?

5. And finally, could you tell me how to login to geeks and get to this point quickly; i usually dance around a bit before i get to this now-older thread?

joshua ;)
  • 0

Advertisements


#146
Michelle

Michelle

    Malware Removal Goddess

  • Retired Staff
  • 8,928 posts
1. Unable to download a new copy of Microsoft Antispy...says my copy of XP is not verifiable...i assure u its paid for..about 2 yrs ago!! but perhaps i've somehow wiped out that insignia?! Could you provide a safe hyper to AntiSpy?

I know that last night they were having problems with their validation server, so that may be why!

http://www.download....tml?tag=lst-0-2

2. Unable to remove Norton; doesn't recognize me as Administrator no matter where i go; would like to uninstall; of course, doesn't respond to Add/Remove from control panel. Suggestions?

Have you tried to remove it in Safe Mode, logged-in as Admin?

3. An opinion on AntiVir versus AVG from grisoft? Have been running AntiVir, seems to be blocking a few things!! Have AVG ready to install if preferred.??

I'm a dork - I didn't read this right lol If AntiVir is working no need to change it! :tazz: Either way, they both work well.

4. Which things need to be executed from EACH of the user accounts? Sorry, you probably already told me this....AdAware, Spybot, CWShredder? AntiSpy?

Everything in post #138 on your admin accounts, if you want to ensure they are protected.

5. And finally, could you tell me how to login to geeks and get to this point quickly; i usually dance around a bit before i get to this now-older thread?

At the top click on "My Controls". Once you get in there, under "Subscriptions" click on "View Topics" and there ya go!

Edited by bananafanafo, 02 May 2005 - 04:57 PM.

  • 0

#147
Michelle

Michelle

    Malware Removal Goddess

  • Retired Staff
  • 8,928 posts
Also, do this for me:

Boot into Safe Mode and log-in Under Admininstrator (not owner)

Go to Start > Control Panel

Click on "User Accounts", click on each account, then click on "Change The Account Type" and make sure they're set for "Computer Administrator".

Edited by bananafanafo, 02 May 2005 - 02:14 PM.

  • 0

#148
joshuageeks6999

joshuageeks6999

    Member

  • Topic Starter
  • Member
  • PipPip
  • 91 posts
click click click... ;) verified! and new MS AntiSpy working. Thx!

Safe mode, can't login Administrator acct, states there is a password; assume it was from purchase time 2 yrs ago and unused...don't know the password. Can't get into Administrator acct from the other two admin accts (they are id' as admin but when i enter them, there's no Administrator account visible)...soooo still unable to remove Norton.

Also, got message in Safe mode...Windows Installer Service not available in Safe Mode, so it wouldn't let me enter the Acct change routine from control panel.....

btw...sure is nice having these problems...!! was watching another smitfraud issue on another thread...was tempting to respond, but they got it...she was getting some interesting advice, but another expert took over the thread and stated that the prior Geek U expert was now expelled!! ...hot times at geekdom University!! joshua :tazz:
  • 0

#149
Michelle

Michelle

    Malware Removal Goddess

  • Retired Staff
  • 8,928 posts
Did you try leaving the password blank when logging on as Admin?

Do this in normal mode just to make sure your accounts are set as Admin accounts (and not changed for some reason):

Go to Start > Control Panel

Click on "User Accounts", click on each account, then click on "Change The Account Type" and make sure they're set for "Computer Administrator".

Weird, I didn't have any problems go into "Change The Account Type" from Safe Mode, but I was logged-on as Administrator instead of Owner.

Edited by bananafanafo, 02 May 2005 - 05:09 PM.

  • 0

#150
Michelle

Michelle

    Malware Removal Goddess

  • Retired Staff
  • 8,928 posts
Do you have Norton 2003?

Try this:

Go to Start > All Program > Norton Anti-Virus - then click on "Uninstall Norton AntiVirus"

Click Remove, and then follow the on-screen prompts. Click Yes or "Yes to all" as needed. Restart the computer when prompted.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP