[mscobra]

Bummer.....You wouldn't know of a good 3rd Party Low Level Cleaner would you? Last time I used "Seagate" Disc Wizard. My son suggested it, as it was compatable with my OS.
Please keep this post open, as I will send an attachmnet after I re-format. Or at least let you know the out come!!

Thanks again for everything..

[Advertisements]

Before you do that a new supposition has been raised. Do you use a router ? As there are now some infections that hit your router, although you did not have the signs of it

Next you must reset the router to its default configuration. This can be done by inserting something tiny like a paper clip end or pencil tip into a small hole labeled "reset" located on the back of the router. Press and hold down the small button inside until the lights on the front of the router blink off and then on again (usually about 10 seconds). If you don’t know the router's default password, you can look it up HERE

However, if there are other Zlob-infected machines using the same router, they will need to be cleared with the above steps before resetting the router. Otherwise, the malware will simply go back and change the router's DNS settings. You also need to reconfigure any security settings you had in place prior to the reset. Check out this site here for video tutorials on how to properly configure your router's encryption and security settings. You may also need to consult with your Internet service provider to find out which DNS servers your network should be using.

[Essexboy]

Before you do that a new supposition has been raised. Do you use a router ? As there are now some infections that hit your router, although you did not have the signs of it

Next you must reset the router to its default configuration. This can be done by inserting something tiny like a paper clip end or pencil tip into a small hole labeled "reset" located on the back of the router. Press and hold down the small button inside until the lights on the front of the router blink off and then on again (usually about 10 seconds). If you don’t know the router's default password, you can look it up HERE

However, if there are other Zlob-infected machines using the same router, they will need to be cleared with the above steps before resetting the router. Otherwise, the malware will simply go back and change the router's DNS settings. You also need to reconfigure any security settings you had in place prior to the reset. Check out this site here for video tutorials on how to properly configure your router's encryption and security settings. You may also need to consult with your Internet service provider to find out which DNS servers your network should be using.

[mscobra]

Ok....You are not going to believe this....I got to "windows update" page by resetting the router!!!!! 113 security updates to download...WOW !!!
Thank you, Thank you, Thank you !!!!

I think I will go ahead a do a full format anyway to get rid of all the spyware programs and logs and to see if it will fix the problem I'm still having with "The Print Shop"... Start out again with a nice clean computer..

My laptop is tuned off to the internet, because of the router problem.. Which programs should I use to make sure it is virus clear, before I let it go to the internet...??? I know that it to is infected, but I don't want to infect the router again...Any suggestions???
Again Thank you for everything and sticking with me this whole time. I can bet some people would have given up along time ago.....

Edited by mscobra, 13 November 2008 - 07:33 AM.

[Essexboy]

OK that has given me further information, all previous occurences of router infection left traces on the host system. Obviously the malware writers have twigged on to that and now use legitimate sites as redirects and remove all traces. I will now pass this on to other interested parties What I will need you to do now is the following to ensure the malware does not return.

On ALL systems that have accessed that router download and update Malwarebytes.
Disconnect ALL systems from the router, reboot the router.
Run Malwarebytes on ALL systems then reconnect to the router.
Update and run Malwarebytes again on ALL systems

To prevent the re-occurence of this there are recommendations to use OpenDNS I will be investigating this myself later

Let me know your progress

[mscobra]

Just a quick note to tell you that all things are back to normal......on BOTH machines
I'm leaving my DNS settings alone, as I don't know enough about them to change them....

Thanks again for your help

Have a great Holiday Season

Mscobra

[Essexboy]

Just a quick note to tell you that all things are back to normal......on BOTH machines

Excellent - slow but sure . Lets now clear all my rubbish from your system


Now the best part of the day ----- Your log now appears clean

A good workman always cleans up after himself so...Download and run this small programme and hit the cleanup button. It will remove all the programmes we have used plus itself. MBAM can be uninstalled via control panel add/remove along with ERUNT. But they may be useful tools to keep

We will now confirm that your hidden files are set to that, as some of the tools I use will change that

• Click Start.
• Open My Computer.
• Select the Tools menu and click Folder Options.
• Select the View Tab.
• Under the Hidden files and folders heading select Do not show hidden files and folders.
• Click Yes to confirm.
• Click OK.

Please download JavaRa to your desktop and unzip it to its own folder

• Run JavaRa.exe, pick the language of your choice and click Select. Then click Remove Older Versions.
• Accept any prompts.
• Open JavaRa.exe again and select Search For Updates.
• Select Update Using Sun Java's Website then click Search and click on the Open Webpage button. Download and install the latest Java Runtime Environment (JRE) version for your computer.

XP
Now to get you off to a good start we will clean your restore points so that all the bad stuff is gone for good. Then if you need to restore at some stage you will be clean. There are several ways to reset your restore points, but this is my method:

• Select Start > All Programs > Accessories > System tools > System Restore.
• On the dialogue box that appears select Create a Restore Point
• Click NEXT
• Enter a name e.g. Clean
• Click CREATE

You now have a clean restore point, to get rid of the bad ones:

• Select Start > All Programs > Accessories > System tools > Disk Cleanup.
• In the Drop down box that appears select your main drive e.g. C
• Click OK
• The System will do some calculation and the display a dialogue box with TABS
• Select the More Options Tab.
• At the bottom will be a system restore box with a CLEANUP button click this
• Accept the Warning and select OK again, the program will close and you are done

Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:

• SpywareBlaster to help prevent spyware from installing in the first place.
• SuperAntispyware Run weekly to keep your system clean

It is critical to have both a firewall and anti virus to protect your system and to keep them updated.

To keep your operating system up to date visit

• Secunia Software inspector To check your programme update status
• Microsoft Windows Update

To learn more about how to protect yourself while on the internet read our little guide How did I get infected in the first place ?
Keep safe

[mscobra]

I guess I should have told you ....I formatted the hard drive on my Desktop...so everything is gone...I was having problems with my "Print Shop" program, that I could not figure out, so I just erased it all....Clean Slate..
but I will keep your emails, just in case my laptop still has some issues...It's working fine now, but ya never know. and I do have the anti-virus programs running that you mentioned..

thanks again

[Essexboy]

OK then keep safe and enjoy

[Essexboy]

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.