Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

antispyspider infection [RESOLVED]


  • This topic is locked This topic is locked

#46
Robin Miller

Robin Miller

    Member

  • Topic Starter
  • Member
  • PipPip
  • 32 posts
The Kaspersky said:

Number of viruses - 5
Number of infected objects - 17
Number os suspicious objects - 10

Also, 2 files popped up on AVG that I had to move to the vault while the Kaspersky was running:

C:\Documents and Settings\Robin Miller\Doctor Web\Quarantine\A0092524.dll
C:\System Volume Information\_restore {129201FA-BQAC-49B3-96B2-DEB8B91E727B} \RP806\A0100830.dll

The threat name for both was Adware Generic 3.FKK.

I wasn't sure what these were, but thought maybe you did. It's all Greek to me!
  • 0

Advertisements


#47
Mike

Mike

    Malware Monger

  • Retired Staff
  • 2,745 posts
Hi there Robin Miller,

I just wanted to stop bye and say I haven't forgotten about you! I will not have the time to look over your logs today, but will get to it within the next day or two.
We have finals in school and I am very busy with all that studying stuff :)

Thanks for understanding,

Mike
  • 0

#48
Mike

Mike

    Malware Monger

  • Retired Staff
  • 2,745 posts
Hi there robin miller,

Your logs definitely look better. The two files you listed for me are fine, they are located in either a quarantine or system restore, both of which we will get rid off now.

Please delete these folders:

C:\Documents and Settings\Robin Miller\Doctor Web\Quarantine
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery
C:\Program Files\filesubmit

And delete this file:

C:\Program Files\Morpheus\morpheustoolbar.exe

Which was infected with AdTool.Win32.MyWebSearch.bm.


Optionally, I would also recommend uninstalling Morpheus through add or remove programs and deleting the folder itself (C:\program files\Morpheus) if you wish. Morpheus is a P2P program and while there are alot of good things surronding P2Ps' concept, alot of files that you can download through them are illegal and some possibly infected. It is absolutely up to you though ( you still need to delete morpheustoolbar.exe) .

And your logs are clean!

Now please download OTCleanIt.
  • Save it to your desktop.
  • Double Click on OTCleanIt.exe, a window will appear.
  • Please press the CleanUp! Button.
This will remove the tools we used during the process of cleaning your computer.
The below steps have some important tips on how to stay safe and keep up-to-date, so be sure to read it!

Step 1. Flushing old Restore Points and creating a new one

Right-click on "My Computer." The "System Properties" dialogue box will appear, showing a number of tabs. From here you can reset System Restore and configure Automatic Updates.

First, click the System Restore tab.

* Check the box beside "Turn off System Restore"
* Click "Apply"
* At the prompt, click "Yes"

Wait while your system deletes existing Restore Points, this may take a few moments.

* Uncheck the box beside "Turn off System Restore"
* Click "Apply"
* At the prompt, click "Yes"

Your system will now create a new Restore Point.

Step 2. Configuring Automatic Updates

Click the Automatic Updates tab. Choose the update option that best suits your needs, but be sure that Automatic Updates is not turned off. Windows XP will now notify you and download important updates and security patches as they become available.
Click "OK" to save your new settings and close the System Properties dialogue.

Step 3. Preventing future infection

Below I have included a number of recommendations for how to protect your computer in order to prevent future malware infections. Please take these recommendations seriously; these few simple steps can stave off the vast majority of spyware problems.

In order to protect yourself against spyware, you should consider installing and running the following free programs:

Spybot-Search & Destroy
A tutorial on using Spybot to remove spyware from your computer may be found here. Please also remember to enable Spybot's "Immunize" and "TeaTimer" features.

SpywareBlaster
A tutorial on using SpywareBlaster to prevent spyware from ever installing on your computer may be found here.

SpywareGuard
A tutorial on using SpywareGuard for realtime protection against spyware and hijackers may be found here.

IE-SPYAD puts over 5000 sites in your restricted zone so you'll be protected when you visit innocent-looking sites that aren't actually innocent at all.
http://www.spywarewa...uc/resource.htm

Make sure to keep these programs up-to-date and to run them regularly, as this can prevent a great deal of spyware hassle.

Please consider using an alternate browser. Mozilla's Firefox browser is fantastic; it is much more secure than Internet Explorer, immune to almost all known browser hijackers, and also has the best built-in popup blocker (as an added benefit!) that I have ever seen. If you are interested, Firefox may be downloaded from here:
http://www.mozilla.o...oducts/firefox/

Also make sure to run your antivirus software regularly, and to keep it up-to-date.

There are many programs that can be used for your protection, most falling within the three main categories of anti-virus, anti-spyware and firewall. Please be careful to never run more than one program of the same category in resident mode, as conflicts between the different programs can actually decrease your protection.

Please also read Tony Klein's excellent article: How I got Infected in the First Place

Hopefully this should take care of your problems! Good luck. :)

Please post back and tell me if everything is OK, so that I may mark this thread as Resolved.

Edited by Mike, 30 May 2008 - 11:00 AM.

  • 0

#49
Robin Miller

Robin Miller

    Member

  • Topic Starter
  • Member
  • PipPip
  • 32 posts
Wow, I didn't even know you had replied. I thought you were still studying for your finals!

I had a very busy weekend and did not get on my computer at all, but I'll get on it tonight. That Morpheus - I didn't know it was still hanging around. I installed it but never even used it. I'll get rid of that. I thought I had uninstalled it.

On your advice to prevent future infections, you said to use 3 different programs:
Spybot S&D, which I already have;
SpywareBlaster;
and SpywareGuard.

Do I use all 3 together, or is just one sufficient?

I have Spybot S&D, AVG Anti-Virus, and Ad-Aware 2008 free edition. Is that enough?

I've never even thought about a different browser, but I'll look into it. After this mess, I'm all for doing everything I can to keep my computer safe!

I'll post again after making these changes and deleting those files tonight!
  • 0

#50
Mike

Mike

    Malware Monger

  • Retired Staff
  • 2,745 posts
Hehe I'm sneaky like that :)

I have Spybot S&D, AVG Anti-Virus, and Ad-Aware 2008 free edition. Is that enough?


Perfect. You could also opt for installing a third party firewall and disable windows firewall (only one firewall can be running at a time). I believe they offer some benefits over the windows internal firewall.

If you choose to install one, I would recommend using Comodo Firewall

I look forward to your reply :)

Mike
  • 0

#51
Robin Miller

Robin Miller

    Member

  • Topic Starter
  • Member
  • PipPip
  • 32 posts
I don't know how to thank you enough for all the help you've given me! My computer is so much better now. I really do appreciate all your help. Everything seems to be working fine now.

Thanks again, and good luck with your studies!!! :)
  • 0

#52
Mike

Mike

    Malware Monger

  • Retired Staff
  • 2,745 posts
You are very welcome :)

I'm glad I could help.

Enjoy your day still and take care!

Mike
  • 0

#53
Mike

Mike

    Malware Monger

  • Retired Staff
  • 2,745 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP