Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

IE Redirect / Trojan? [RESOLVED]


  • This topic is locked This topic is locked

#31
Mike

Mike

    Malware Monger

  • Retired Staff
  • 2,745 posts
Your logs look good to me :)

How is your PC running, if it's good I'll have one last set of instructions to clean up the mess we made and some advice on how to stay safe on the web.
  • 0

Advertisements


#32
pewee

pewee

    Member

  • Topic Starter
  • Member
  • PipPip
  • 49 posts
Thanks Mike,

I'm not sure if the clock is still in military or not.

Should I run Malwarebytes again. It seems that it keeps finding something each time I run it or do you think this last scan took care of that?

Also I was going to have the lady who owns the computer get Trend virus scan to install on the computer.

Sound works now. I don't seem to be having any other issues.

Edited by pewee, 19 August 2008 - 10:16 AM.

  • 0

#33
Mike

Mike

    Malware Monger

  • Retired Staff
  • 2,745 posts
Run MBAM and post the log, are you getting paid for helping this lady?
  • 0

#34
pewee

pewee

    Member

  • Topic Starter
  • Member
  • PipPip
  • 49 posts
Will do and no :) Co-workers wife. :)
  • 0

#35
pewee

pewee

    Member

  • Topic Starter
  • Member
  • PipPip
  • 49 posts
Malwarebytes' Anti-Malware 1.25
Database version: 1071
Windows 5.1.2600 Service Pack 2

12:43:19 PM 8/19/2008
mbam-log-08-19-2008 (12-43-19).txt

Scan type: Quick Scan
Objects scanned: 48306
Time elapsed: 6 minute(s), 42 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


OK all clean. Thank you so very much.


What's next?
  • 0

#36
Mike

Mike

    Malware Monger

  • Retired Staff
  • 2,745 posts
Nice to see :)

Click START then RUN
Now type Combofix /u in the runbox and click OK
Posted Image
Notice the space between the x and / -- That needs to be there.

&

Now please download OTCleanIt.
  • Save it to your desktop.
  • Double Click on OTCleanIt.exe, a window will appear.
  • Please press the CleanUp! Button.
This will remove the tools we used during the process of cleaning your computer.

NetSvcs_xp3.reg needs to be deleted manually, MBAM needs to be uninstalled.


Now that your are clean, you'll want to stay that way.

Some important things that you should keep in mind in order to protect yourself:
  • Use common sense. This is the big one! Don't download programs from suspicious sites and be careful where you browse.
    Things you can do to avoid downloading bad programs:
    • Google the program. Read reviews and opinions from other people on the internet, if you dont see any reports of foul play - then there more than likely is none.
    • Stay away from Cracks! However luring the thought of free software can be it's not worth the hassle and potential danger of getting infected.
    • Download the program directly from the website of the developer - then you can be certain you haven't downloaded a bogus copy.
    • Read the EULA (End User License Agreement) - Find out exactly what you are downloading. A good tool to aid you in this would be EULAyzer.
  • Keep your programs updated! Software developers update their programs to patch possible security risks. Do a scan once in a while for outdated programs using Secunia's Software Inspector
  • Keep your protection programs up to date! No matter how good your Antivirus or Antispyware program is, without an updated set of definitions it will do you no good against the new infections. If you run a free program make sure to update them at least once a week.
  • Make sure that windows updates is enabled. Keeping your system up to date is a must - to turn on automatic updates take a look at this article by Microsoft.
I have listed two programs to boost your security while using no resources.
  • SpywareBlaster Take a look at the tutorial here.
  • ZonedOut Adds thousands of websites to your restricted zone so you'll be protected when you visit innocent-looking sites that aren't actually innocent at all.
Also consider using an alternative web browser. Two big named ones, both far superior to Internet Explorer in terms of security and performance, would be Firefox and Opera.

Make a habit of scanning your computer for viruses every week or so and backing up important files regularly.

Please also read Expert Tony Klein's excellent article: How I got Infected in the First Place

Please post back and tell me if everything is OK, so that I may mark this thread as Resolved.
  • 0

#37
pewee

pewee

    Member

  • Topic Starter
  • Member
  • PipPip
  • 49 posts
Thanks Mike,

The only issue I have is the time is set to military time. Other than that everything is great.

I will print out the info you gave me on keeping the computer clean and give it to the lady. What do you think about the Trend virus program?
  • 0

#38
Mike

Mike

    Malware Monger

  • Retired Staff
  • 2,745 posts
To change the way your computer displays the time:

Open Regional and Language Options in Control Panel. On the Regional Options tab, under Standards and formats, click Customize. On the Time tab, specify any changes you want to make. If you do not see the format you want in Time format, follow these guidelines:

To Do this:

Display time in a 24-hour format Type uppercase H or HH for the hour
Display time in a 12-hour format Type lowercase h or hh for the hour
Display leading zeros in single-digit hours Type two characters, HH or hh
Suppress the display of leading zeros in single-digit hours, minutes, or seconds Type a single uppercase H, or lowercase letter, such as h, m, or s
Display a single letter to indicate AM or PM Type lowercase t
Display two letters to indicate AM or PM Type lowercase tt
Display text Type single quotation marks (') around text

Note:

To open Regional and Language Options, click Start, click Control Panel, click Date, Time, Language, and Regional Options, and then click Regional and Language Options.

As for Antivirus, it's fine - common sense is the biggest thing to keep you safe :)

Edited by Mike, 19 August 2008 - 11:18 AM.

  • 0

#39
pewee

pewee

    Member

  • Topic Starter
  • Member
  • PipPip
  • 49 posts
All set

Your my hero.

Thank you very much and have a wonderful day. :)
  • 0

#40
Mike

Mike

    Malware Monger

  • Retired Staff
  • 2,745 posts
Thanks for the kind words :)

take care and have a great day still!

Mike
  • 0

Advertisements


#41
Mike

Mike

    Malware Monger

  • Retired Staff
  • 2,745 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP