From: "Mel" <mgsg@bigpond.net.au>
| Hello,
| I googled for information on something and one of the sites I went to made
| my computer suddenly come up with a warning that my privacy had been
| violated, possibly had a virus etc.
| I have since learned that this is itself a virus. I did not d/l it but just
| clicked the X, it however started to try to d/l. I think it was caught in
| the Zone Alarm I run but I want to be sure.
| I searched how to find if I had a problem but cannot find any of the exe
| files and any HKEY that have "XP Cleaner" in them.
| Someone told me to restore to an earlier date which I did.
| When the restore was going through it asked me something like.." allow
| system restore every time computer starts" or something like that, and would
| not allow me to continue the restore unless I agreed.
| So firstly "can someone please tell me if I did the correct thing?"
| However on searching later on how to make sure I did not have this virus on
| one site the instruction started with 1. Temporarily disable System Restore
| (windows Me/XP)
| so secondly "Why would this be the advice?"
| I have done a full virus scan but it came up as "no virus."
| Thank you for any help.
Actually if you Googled this you would have found it to be non-viral malware in that it is
malware but not a "virus".
1. Download and execute HiJack This! (HJT)
http://www.trendsecure.com/portal/en...HJTInstall.exe
2. Disable Notepad's word wrap:
In Notepad.exe; Format --> uncheck; "Word wrap"
3. Download/run Deckard's System Scanner:
http://www.techsupportforum.com/sect...eckard/dss.exe
4. Save the scan results (Main.txt and Extra.txt)
5. And then post the contents of Main.txt and Extra.txt in your post in one of the below
expert forums...
{ Please - Do NOT post the HJT and Deckard's System Scanner Logs here ! }
Forums where you can get expert advice for HiJack This! (HJT) and Deckard's System Scanner
Logs.
NOTE: Registration is REQUIRED in any of the below before posting a log
Suggested primary:
http://www.thespykiller.co.uk/index.php?board=3.0
Suggested secondary:
http://www.bleepingcomputer.com/forums/forum22.html
http://castlecops.com/forum67.html
http://www.malwarebytes.org/forums/i...hp?showforum=7
Suggested tertiary:
http://www.dslreports.com/forum/cleanup
http://www.cybertechhelp.com/forums/...splay.php?f=25
http://www.atribune.org/forums/index.php?showforum=9
http://www.geekstogo.com/forum/Malwa..._Here-f37.html
http://gladiator-antivirus.com/forum...?showforum=170
http://forum.networktechs.com/forumdisplay.php?f=130
http://forums.maddoktor2.com/index.php?showforum=17
http://www.spywarewarrior.com/viewforum.php?f=5
http://forums.spywareinfo.com/index.php?showforum=18
http://forums.techguy.org/f54-s.html
http://forums.tomcoyote.org/index.php?showforum=27
http://forums.subratam.org/index.php?showforum=7
http://www.5starsupport.com/ipboard/...p?showforum=18
http://aumha.net/viewforum.php?f=30
http://makephpbb.com/phpbb/viewforum.php?f=2
http://forums.techguy.org/54-security/
http://forums.security-central.us/forumdisplay.php?f=13
--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV -
http://www.pctipp.ch/downloads/dl/35905.asp
Linear Mode
