MalWare Removal Forum

I suggest you do this:

Run hijackthis. Hit None of the above, Click Do a System Scan Only. Put a Check in the box on the left side on these:

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dl ... r=iesearch

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch

O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - (no file)

Close ALL windows and browsers except HijackThis and click "Fix checked"


1. Open My Computer
2. Right click on your hard drive that you wish to clean (C drive, for example)
3. In the context menu that opens, select properties
4. Under the general tab you should select Disk Cleanup
5. Windows will scan your drive which will take a few seconds/minutes
6. A box will display the various files you can remove.
Check all boxes except compress old files (If listed)
7. Click OK and windows will comply.

Restart your computer.

Reboot and "copy/paste" a new log file into this thread.
Also please describe how your computer behaves at the moment.

Hello saviour!

done everything you said. But again can't copy/paste the HJT log. But I checked the suspects are gone (R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dl ... r=iesearch

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch

O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - (no file)

Close ALL windows and browsers except HijackThis and click "Fix checked" . Done

Disk Cleanup & rebooting completed. Can see the last action done, the HJT log created after all this cleaning up, only can't show to you.
PC now without the phone connection bugs, acting normally, thanks to YOU! I am grateful.
However, a little bit of unease: in the phone connections area code, there is another area code (206, I am told it's Washington state! and I am halfway across the globe!) sitting tight, besides my local area code. It seems harmless but is there a way to delete 206????

Shall be doubly grateful to you if I could get rid of it!
Thank you very much.
_________________

My guess is you can Right Click on it and select Delete.


This is my normal post for when you are clear - which you now are - or seem to be. Please advise of any problems you still have :-

Now that you are clean, please follow these simple steps in order to keep your computer clean and secure:

1. Disable and Enable System Restore. - If you are using Windows ME or XP then you should disable and re-enable system restore to make sure there are no infected files found in a restore point.
   You can find instructions on how to enable and re enable system restore here:
   Managing Windows Millennium System Restore
   or
   Windows XP System Restore Guide
   re-enable system restore with instructions from tutorial above
   
2. We need to Restore the Defaults for System Folders and Files.
   Click Start> My Computer> select the Tools Menu and then Folder Options, after the new window appears select the View tab…
   Slect the: Restore Defaults
   Select: Apply, and click OK
   
3. Make your Internet Explorer more secure - This can be done by following these simple instructions:
   
   
   1. From within Internet Explorer click on the Tools menu and then click on Options.
   2. Click once on the Security tab
   3. Click once on the Internet icon so it becomes highlighted.
   4. Click once on the Custom Level button.
      
      
      
      1. Change the Download signed ActiveX controls to Prompt
      2. Change the Download unsigned ActiveX controls to Disable
      3. Change the Initialise and script ActiveX controls not marked as safe to Disable
      4. Change the Installation of desktop items to Prompt
      5. Change the Launching programs and files in an IFRAME to Prompt
      6. Change the Navigate sub-frames across different domains to Prompt
      7. When all these settings have been made, click on the OK button.
      8. If it prompts you as to whether or not you want to save the settings, press the Yes button.
   5. Next press the Apply button and then the OK to exit the Internet Properties page.
4. Use an Anti Virus Software - It is very important that your computer has an anti-virus software running on your machine. This alone can save you a lot of trouble with malware in the future. See this link for a listing of some on line & their stand-alone anti virus programs:
   Computer Safety On line - Anti-Virus
   
5. Update your Anti Virus Software - It is imperitive that you update your Anti virus software at least once a week (Even more if you wish). If you do not update your anti virus software then it will not be able to catch any of the new variants that may come out.
   
6. Use a Firewall - I can not stress how important it is that you use a Firewall on your computer. Without a firewall your computer is susceptible to being hacked and taken over. Simply using a Firewall in its default configuration can lower your risk greatly. For an article on Firewalls and a listing of some available ones see the link below:
   Computer Safety On line - Software Firewalls
   
7. Visit Microsoft's Windows Update Site Frequently - It is important that you visit http://www.windowsupdate.com regularly. This will ensure your computer has always the latest security updates available installed on your computer. If there are new updates to install, install them immediately, reboot your computer, and revisit the site until there are no more critical updates.
   
8. Install Spybot - Search and Destroy - Install and download Spybot - Search and Destroy with its TeaTimer option.
   This will provide real-time spyware & hijacker protection on your computer alongside your virus protection. You should also scan your computer with program on a regular basis just as you would an anti virus software. A tutorial on installing & using this product can be found here:
   Instructions for - Spybot S & D and Ad-aware
   
9. Install Ad-Aware - Install and download Ad-Aware. You should also scan your computer with the program on a regular basis just as you would an anti virus software in conjunction with Spybot. A tutorial on installing & using this product can be found here:
   Instructions for - Spybot S & D and Ad-aware
   
10. Install SpywareBlaster - SpywareBlaster will added a large list of programs and sites into your Internet Explorer settings that will protect you from running and downloading known malicious programs. A article on anti-malware products with links for this program and others can be found here:
    Computer Safety on line - Anti-Malware
    
11. Update all these programs regularly - Make sure you update all the programs I have listed regularly. Without regular updates you WILL NOT be protected when new malicious programs are released.

Follow this list and your potential for being infected again will reduce dramatically.

Great job

You're more then welcome.
Glad we were able to help

Peace be with you

Hello LDTate!

rt.-click to delete the 206 area code doesn't work, nor does the delete btn.

Anyway, thank you sooo much for your thorough advice and post-'operative' 'medicare'! An eye-opener, the entire experience.

God bless you!
_________________

Great job

You're more then welcome.
Glad we were able to help

Peace be with you