www.free-virusscan.com

D

Donbabalu

I believe I got infected with a trojan virus that is re-directing my Internet
Explorer browser to www.free-virusscan.com.
(www.free-virusscan.com/id/492933/4/1/). I also get a message indicating
that my Microsoft programs may have been corrupted and wont let me access any
program folders. I am, however, allowed to access my Microsoft Word files.
I have conducted the Live One Care scans twice. However, I receive a message
indicating that there are no viruses or spyware on my computer.

Any help?
 
D

David H. Lipman

From: "Donbabalu" <Donbabalu@discussions.microsoft.com>

| I believe I got infected with a trojan virus that is re-directing my Internet
| Explorer browser to www.free-virusscan.com.
| (www.free-virusscan.com/id/492933/4/1/). I also get a message indicating
| that my Microsoft programs may have been corrupted and wont let me access any
| program folders. I am, however, allowed to access my Microsoft Word files.
| I have conducted the Live One Care scans twice. However, I receive a message
| indicating that there are no viruses or spyware on my computer.

| Any help?



1. Download and execute HiJack This! (HJT)
http://www.trendsecure.com/portal/en-US/threat_analytics/HJTInstall.exe

2. Disable Notepad's word wrap:
In Notepad.exe Format --> uncheck "Word wrap"

3. Download/run Deckard's System Scanner:
http://www.techsupportforum.com/sectools/Deckard/dss.exe

4. Save the scan results (Main.txt and Extra.txt)

5. And then post the contents of Main.txt and Extra.txt in your post in one of the below
expert forums...


{ Please - Do NOT post the HJT and Deckard's System Scanner Logs here ! }

Forums where you can get expert advice for HiJack This! (HJT) and Deckard's System Scanner
Logs.

NOTE: Registration is REQUIRED in any of the below before posting a log

Suggested primary:
http://www.thespykiller.co.uk/index.php?board=3.0

Suggested secondary:
http://www.bleepingcomputer.com/forums/forum22.html
http://castlecops.com/forum67.html
http://www.malwarebytes.org/forums/index.php?showforum=7

Suggested tertiary:
http://www.dslreports.com/forum/cleanup
http://www.cybertechhelp.com/forums/forumdisplay.php?f=25
http://www.atribune.org/forums/index.php?showforum=9
http://www.geekstogo.com/forum/Malware_Removal_HiJackThis_Logs_Go_Here-f37.html
http://gladiator-antivirus.com/forum/index.php?showforum=170
http://forum.networktechs.com/forumdisplay.php?f=130
http://forums.maddoktor2.com/index.php?showforum=17
http://www.spywarewarrior.com/viewforum.php?f=5
http://forums.spywareinfo.com/index.php?showforum=18
http://forums.techguy.org/f54-s.html
http://forums.tomcoyote.org/index.php?showforum=27
http://forums.subratam.org/index.php?showforum=7
http://www.5starsupport.com/ipboard/index.php?showforum=18
http://aumha.net/viewforum.php?f=30
http://makephpbb.com/phpbb/viewforum.php?f=2
http://forums.techguy.org/54-security/
http://forums.security-central.us/forumdisplay.php?f=13

--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
 
M

Majestick

On Jun 27, 7:08 pm, "David H. Lipman" <DLipman~nosp...@Verizon.Net>
wrote:
> From: "Donbabalu" <Donbab...@discussions.microsoft.com>
>
> | I believe I got infected with a trojan virus that is re-directing my Internet
> | Explorer browser towww.free-virusscan.com.
> | (www.free-virusscan.com/id/492933/4/1/).  I also get a message indicating
> | that my Microsoft programs may have been corrupted and wont let me access any
> | program folders.  I am, however, allowed to access my Microsoft Word files.
> | I have conducted the Live One Care scans twice.  However, I receive a message
> | indicating that there are no viruses or spyware on my computer.
>
> | Any help?
>
> 1. Download and execute HiJack This! (HJT)http://www.trendsecure.com/portal/en-US/threat_analytics/HJTInstall.exe
>
> 2. Disable Notepad's word wrap:
> In Notepad.exe  Format --> uncheck "Word wrap"
>
> 3. Download/run Deckard's System Scanner:http://www.techsupportforum.com/sectools/Deckard/dss.exe
>
> 4. Save the scan results (Main.txt and Extra.txt)
>
> 5. And then post the contents of Main.txt and Extra.txt in your post in one of the below
> expert forums...
>
> { Please - Do NOT post the HJT and Deckard's System Scanner Logs here ! }
>
> Forums where you can get expert advice for HiJack This! (HJT) and Deckard's System Scanner
> Logs.
>
> NOTE: Registration is REQUIRED in any of the below before posting a log
>
> Suggested primary:http://www.thespykiller.co.uk/index.php?board=3.0
>
> Suggested secondary:http://www.bleepingcomputer.com/for...malwarebytes.org/forums/index.php?showforum=7
>
> Suggested tertiary:http://www.dslreports.com/forum/cle...ums.security-central.us/forumdisplay.php?f=13
>
> --
> Davehttp://www.claymania.com/removal-trojan-adware.html
> Multi-AV -http://www.pctipp.ch/downloads/dl/35905.asp

this makes no sense. why would posting a scan results on a forum
remove malware from my systems HD and registry? It seems kinda bogus
to me.
 
K

Kayman

On Mon, 30 Jun 2008 06:58:58 -0700 (PDT), Majestick wrote:

> On Jun 27, 7:08 pm, "David H. Lipman" <DLipman~nosp...@Verizon.Net>
> wrote:
>> From: "Donbabalu" <Donbab...@discussions.microsoft.com>
>>
>>| I believe I got infected with a trojan virus that is re-directing my Internet
>>| Explorer browser towww.free-virusscan.com.
>>| (www.free-virusscan.com/id/492933/4/1/).  I also get a message indicating
>>| that my Microsoft programs may have been corrupted and wont let me access any
>>| program folders.  I am, however, allowed to access my Microsoft Word files.
>>| I have conducted the Live One Care scans twice.  However, I receive a message
>>| indicating that there are no viruses or spyware on my computer.
>>
>>| Any help?
>>
>> 1. Download and execute HiJack This! (HJT)http://www.trendsecure.com/portal/en-US/threat_analytics/HJTInstall.exe
>>
>> 2. Disable Notepad's word wrap:
>> In Notepad.exe  Format --> uncheck "Word wrap"
>>
>> 3. Download/run Deckard's System Scanner:http://www.techsupportforum.com/sectools/Deckard/dss.exe
>>
>> 4. Save the scan results (Main.txt and Extra.txt)
>>
>> 5. And then post the contents of Main.txt and Extra.txt in your post in one of the below
>> expert forums...
>>
>> { Please - Do NOT post the HJT and Deckard's System Scanner Logs here ! }
>>
>> Forums where you can get expert advice for HiJack This! (HJT) and Deckard's System Scanner
>> Logs.
>>
>> NOTE: Registration is REQUIRED in any of the below before posting a log
>>
>> Suggested primary:http://www.thespykiller.co.uk/index.php?board=3.0
>>
>> Suggested secondary:http://www.bleepingcomputer.com/for...malwarebytes.org/forums/index.php?showforum=7
>>
>> Suggested tertiary:http://www.dslreports.com/forum/cle...ums.security-central.us/forumdisplay.php?f=13
>>
>> --
>> Davehttp://www.claymania.com/removal-trojan-adware.html
>> Multi-AV -http://www.pctipp.ch/downloads/dl/35905.asp
>
> this makes no sense.

Than Google and educate yourself.

> why would posting a scan results on a forum remove malware
> from my systems HD and registry?

The friendly and knowledgable person(s) of the fora will after, careful
examination of the scan result, advice an appropriate course of action.

> It seems kinda bogus to me.

Google is your friend.
 
D

David H. Lipman

From: "Majestick" <xuldinga@gmail.com>

< snip >

| this makes no sense. why would posting a scan results on a forum
| remove malware from my systems HD and registry? It seems kinda bogus
| to me.

HJT and Deckard's utility create log files of startup loactions where malware use to load
themselves.

The forums I posted have personnel who are trained at a malware university of sorts. They
are trained on how to interpret the logs and how suggest a set of tools that can be used
by the infected poster where the tools can remove the malware.

Additionally, they may have the infected user post the malware files to the forums where
the forum administrator(s) can then provide the malware files to the various anti malware
companies such that they can be identified and the files can then be used to generate anti
amlware signatures.

This system is far from bogus and all the expert forums I suggested are trusted and
vetted.


--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
 
H

Helping Hand

Do the following steps, will help u.

delete these files
C:\Documents and Settings\Pune.Admin\Application
Data\Sun\Java\Deployment\cache\javapi\*.*
C:\WINDOWS\system32\intefltr.dll
C:\WINDOWS\system32\systems.txt

& remove these entries
HKEY_CURRENT_USER\SOFTWARE\Microsoft\bind "comment"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BhoNew.Bho
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BhoNew.Bho.1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4AD3A71E-8ED4-40F5-9A81-69245BDCBB75}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{4937D5D1-2039-409A-BD83-FEC9B39B2356}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{CAF9D798-C659-4B9B-8E19-EE27C3D04EE7}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{15C7D7AD-A87A-4C0D-9D8B-637FCD3488EF}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4AD3A71E-8ED4-40F5-9A81-69245BDCBB75}


"Donbabalu" wrote:

> I believe I got infected with a trojan virus that is re-directing my Internet
> Explorer browser to www.free-virusscan.com.
> (www.free-virusscan.com/id/492933/4/1/). I also get a message indicating
> that my Microsoft programs may have been corrupted and wont let me access any
> program folders. I am, however, allowed to access my Microsoft Word files.
> I have conducted the Live One Care scans twice. However, I receive a message
> indicating that there are no viruses or spyware on my computer.
>
> Any help?
 
M

Martín Schonaker

On 5 jul, 04:59, Wooter <Woo...@discussions.microsoft.com> wrote:
> I had this problem merely but minutes ago, but it was fixed really easiely.
> All you have to do is run a file called "FixIEDef".
> you can find more info herehttp://blog.codesignstudios.com/how-to-fix-the-attention-some-dangero...

This worked for me after trying almost every free antispyware tool.
Thanks, Wooter!

Martin.
 
You must log in or register to reply here.

Similar threads

A
what she robbed from my document and what can do with my information. I had a lot of passwords in my laptop that was save. I cleared my cache but i do
Replies
0
Views
21
Aza Ahangarian
A
A
"Your Organization requires you to change your pin" with no organization account on my pc
Replies
0
Views
25
Anorj Bala
A
J
connexion iimpossible
Replies
0
Views
23
jason muller2
J
J
connexion iimpossible
Replies
0
Views
28
jason muller2
J
D
Windows PC Locked behind Email address that no longer avalible.
Replies
0
Views
43
Dustin Bates
D
Back
Top Bottom