Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

exact problem unknown

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Unread postby random/random » August 7th, 2006, 8:48 am

Can I also check the following for HijackThis to fix :

O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"


Yes

I've asked for help with the spyware doctor log but most of the infections are relatively harmless cookies
User avatar
random/random
Developer
Developer
 
Posts: 7723
Joined: December 18th, 2005, 3:30 pm
Advertisement
Register to Remove

Unread postby random/random » August 7th, 2006, 2:25 pm

Copy the contents of the following codebox to a new notepad window

Code: Select all
REGEDIT4

[-HKEY_CLASSES_ROOT\TypeLib\{DA5E961F-F519-403C-9744-0D4376B1B0B5}]

 


Save it to the desktop as fix.reg, make sure that save as type is set to all files

Double click on fix.reg, when you are asked if you want ot merge the information in fix.reg into the registry click yes/ok

I can't recommend buying spyware doctor, I've seen too many false positives from it, and I think some of their advertising is dubious. Having said that, it's on the list of trustworthy antispyware programs here.

Post back to tell me of any remaining problems
User avatar
random/random
Developer
Developer
 
Posts: 7723
Joined: December 18th, 2005, 3:30 pm

Unread postby wordofwyrd » August 7th, 2006, 6:05 pm

Alright, I did that.

I think indeed that Spyware Doctor is exaggerating things, especially since apparently that trojan was in a saved link I hadn't visited in years, and no other programme ever said anything. I'm going to download ewido, and keep the other two, as well as the ATF cleaner to do now and then.


I think you have solved everything, for which I thank you very much. You've been absolutely great, quick to answer and using understandable language, so nothing but positives.

THANK YOU!
wordofwyrd
Regular Member
 
Posts: 24
Joined: August 5th, 2006, 12:22 pm

Unread postby random/random » August 7th, 2006, 6:09 pm

I'm gald to hear all your problems have been solved

Below are some steps to follow in order to dramatically lower the chances of reinfection
You may have already implemented some of the steps below, however you should follow any steps that you have not already implemented
  1. Turn off System Restore.
    On the Desktop, right-click My Computer.
    Click Properties.
    Click the System Restore tab.
    Check Turn off System Restore.
    Click Apply, and then click OK.

    Reboot.

    Turn ON System Restore.
    On the Desktop, right-click My Computer.
    Click Properties.
    Click the System Restore tab.
    UN-Check *Turn off System Restore*.
    Click Apply, and then click OK.
    NOTE: only do this ONCE,NOT on a regular basis
  2. Keep your antivirus up to date
  3. Keep windows up to date with the latest patches


    IMPORTANT: You Need to Update Windows and Internet Explorer to protect your computer from the malware that is around on the Internet. Please go to the windows update site to get the critical updates.

    If you are running Microsoft Office, or any portion thereof, go to the Microsoft's Office Update site and make sure you have at least all the critical updates installed (Free) Microsoft Office Update.
  4. Install spywareblaster
    Spyware blaster is a program that stops known malicious activex controls from installing on your computer. It works by changing settings in your registry. It makes
    kill bits
    in the registry, so that certain activex controls can't install.
    If you don't know what activex controls are, see here
    You can download SpywareBlaster here here
    Make sure to update it on a regular basis
  5. Install IE-SPYAD
    Dowload and instructions located here
    Make sure to update it on a regular basis
  6. Use a HOSTS file
    • Every version of windows has a hosts file as part of them.
    • In a very basic sense, they are used to locate webpages.
    • We can customize a hosts file so that it blocks certain webpages.
    • However, it can slow down certain computers.
    • This is why using a hosts file is optional!!
    Download it here. Make sure you read the instructions on how to install the hosts file. There is a good tutorial here
    If you decide to download the hosts file, the slowdown problems can usually be avoided by following these steps:
    1. Click the start button (at the lower left hand corner of your screen)
    2. Click run
    3. In the dialog box, type services.msc
    4. hit enter, then locate dns client
    5. Highlight it, then double-click it.
    6. On the dropdown box, change the setting from automatic to manual.
    7. Click ok
  7. Install and use Ad-aware & Spybot search & destroy
    Instructions are located here
    Make sure to update them on a regular basis
  8. Most exploits are aimed at internet explorer, so I recommend you switch to an altenative browser
    Two good alternative browsers are
    Firefox
    Opera
    It is essential to update to the latest version of your browser, as the updates fix known security holes
  9. Even if you do decide to switch to another browser, it is still a good idea to lock down Internet explorer
    This can be done by following these simple instructions:
    From within Internet Explorer click on the Tools menu and then click on Options.
    Click once on the Security tab
    Click once on the Internet icon so it becomes highlighted.
    Click once on the Custom Level button.
    Change the Download signed ActiveX controls to Prompt
    Change the Download unsigned ActiveX controls to Disable
    Change the Initialize and script ActiveX controls not marked as safe to Disable
    Change the Installation of desktop items to Prompt
    Change the Launching programs and files in an IFRAME to Prompt
    Change the Navigate sub-frames across different domains to Prompt
    Change the allow paste operations via script to Disable
    When all these settings have been made, click on the OK button.
    If it prompts you as to whether or not you want to save the settings, press the Yes button.
    Next press the Apply button and then the OK to exit the Internet Properties page.
  10. Clean out you temp file on a regular basis
    I use and recommend ATF Cleaner by Attribune
    To use it, follow these instructions
    • Double-click ATF-Cleaner.exe to run the program.
    • Click Main at the top and choose Select All from the list.
    • Click the Empty Selected button.
    If you use Firefox browser:
    • Click Firefox at the top and choose Select All from the list.
    • Click the Empty Selected button.
    • NOTE: If you would like to keep your saved passwords, please click No at the prompt.
    If you use Opera browser:
    • Click Opera at the top and choose Select All from the list.
    • Click the Empty Selected button.
    • NOTE: If you would like to keep your saved passwords, please click No at the prompt.
    Click Exit on the Main menu to close the program.
  11. Finally I am trying to make one point very clear. It is absolutely essential to keep all of your security programs up to date
User avatar
random/random
Developer
Developer
 
Posts: 7723
Joined: December 18th, 2005, 3:30 pm

Unread postby wordofwyrd » August 7th, 2006, 7:46 pm

thank you :) I think I'm going to print out this thread to keep in case of more problems!

What will system restore do exactly ? I won't lose any content will I ? ( I'm paranoid, I have to hand in my thesis in a week )


I have Windows LiveUpdate running, does that mean my computer is up to dat ? I never use IE, so I don't bother with it, I start it up once in a blue moon when a site won't work with firefox.

The rest I do update regularly, I think the only thing that I always forget to update is Windows Mediaplayer. Norton is on automatic update, and spybot and ad-aware are updated every time I fire them up.
wordofwyrd
Regular Member
 
Posts: 24
Joined: August 5th, 2006, 12:22 pm

Unread postby wordofwyrd » August 7th, 2006, 9:10 pm

So I did the IE thing - most options were already set on prompt but this happened :

Application Hijacking has been detected
The application: C:\Program Files\Internet Explorer\iexplore.exe try to launch another application: C:\Program Files\MSN Apps\Updater\01.05.0000.1009\en-xu\msnappau.exe to go to remote host ak.bluestreak.com


I'm sure it's nothing, but the name sounds sketchy!
wordofwyrd
Regular Member
 
Posts: 24
Joined: August 5th, 2006, 12:22 pm

Unread postby random/random » August 8th, 2006, 3:35 am

What will system restore do exactly ? I won't lose any content will I ? ( I'm paranoid, I have to hand in my thesis in a week )


System restore keeps a backup of your registry and some system files. Some of your restore points contain bavckups of some infected, but they can't do any harm unless you restore the infected restore points. if you're worried, wait until you've handed your thesis in before clearing the restore points

I have Windows LiveUpdate running, does that mean my computer is up to dat ? I never use IE, so I don't bother with it, I start it up once in a blue moon when a site won't work with firefox.


Yes, liveupdate will keep windows up to date

Application Hijacking has been detected
The application: C:\Program Files\Internet Explorer\iexplore.exe try to launch another application: C:\Program Files\MSN Apps\Updater\01.05.0000.1009\en-xu\msnappau.exe to go to remote host ak.bluestreak.com


msnappau.exe is the updater for the msn toolbar for internet explorer
User avatar
random/random
Developer
Developer
 
Posts: 7723
Joined: December 18th, 2005, 3:30 pm

Unread postby wordofwyrd » August 8th, 2006, 7:36 pm

Will do, and I'll keep up to date with the rest of your recommendations too.

Thank you again :)
wordofwyrd
Regular Member
 
Posts: 24
Joined: August 5th, 2006, 12:22 pm

Unread postby NonSuch » August 10th, 2006, 4:21 am

Glad we could be of assistance.

This topic is now closed. If you wish it reopened, please send us an email to 'admin at malwareremoval.com' with a link to your thread.

You can help support this site from this link :
Donations For Malware Removal

Please do not contact us if you are not the topic starter. A valid, working link to the closed topic is required along with the user name used. If the user name does not match the one in the thread linked, the email will be deleted.
User avatar
NonSuch
Administrator
Administrator
 
Posts: 27235
Joined: February 23rd, 2005, 7:08 am
Location: California
Advertisement
Register to Remove

Previous

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 41 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware