Help! IE Hijacked with malware - sorted!

[Grey]

Big thanks to all who gave help to rid me of several copies of
Troj_startpag.nk trojan virus - something Norton's seemed to have totally
overlooked.

I downloaded sysclean.com and latest def's and it just picked them off,
along with several others which had been lurking in my system restore files.
I ran Spybot once more to eliminate the final registry entry and deleted the
Temp_silent32.exe which was hanging on for grim life.

I am currently downloading some Windows Updates, but I would welcome any
suggestions as to harden my system against further attacks, beyond regular
scanning for this type of scumware.

Graham

 

[Andre Da Costa]

Right click My Computer > Properties > System Restore > Uncheck it.

Download the following products >
Ad-Aware - www.lavasoftusa.com
Spybot - http://www.safer-networking.org/
CWShredder - http://forum.aumha.org/downloads/cwshredder.zip
Spy Sweeper - www.webroot.com

Restart in Safe Mode and run a scan.

Navigate to the location of the malware and delete it.

Andre

 

[Guest]

I would welcome any

suggestions as to harden my system against further attacks, beyond regular
scanning for this type of scumware.

I'm not familiar with this specific malware but after
googling it seems to be a simple trojan. The easiest way
to avoid it is to not install and run it. This is the
case with most viruses, trojans, spyware etc. Most of
them rely more on an "unhardened" user than an unhardened
OS. If it was installed by kids, consider getting them
their own computer and make them fix their own messes ;-)

 

[David H. Lipman]

1) Download the following three items...

Trend Sysclean Package
http://www.trendmicro.com/download/dcs.asp

Latest Trend signature files.
http://www.trendmicro.com/download/pattern.asp

Adaware SE (personal free version)
http://www.lavasoftusa.com/

Create a directory.
On drive "C:\"
(e.g., "c:\New Folder")
or the desktop
(e.g., "C:\Documents and Settings\lipman\Desktop\New Folder")

Download sysclean.com and place it in that directory.
Dowload the signature files (pattern files) by obtaining the ZIP file.
For example; lpt196.zip

Extract the contents of the ZIP file and place the contents in the same directory as
sysclean.com.

2) Update Adware with the latest definitions.
3) If you are using WinME or WinXP, disable System Restore
http://vil.nai.com/vil/SystemHelpDocs/DisableSysRestore.htm
4) Reboot your PC into Safe Mode
5) Using both the Trend Sysclean utility and Adaware, perform a Full Scan of your
platform and clean/delete any infectors/parasites found.
6) Restart your PC and perform a "final" Full Scan of your platform using both the
Trend Sysclean utility and Adaware
7) If you are using WinME or WinXP,Re-enable System Restore and re-apply any
System Restore preferences, (e.g. HD space to use suggested 400 ~ 600MB),
8) Reboot your PC.
9) If you are using WinME or WinXP, create a new Restore point
10) Please report back your results

Dave






| Big thanks to all who gave help to rid me of several copies of
| Troj_startpag.nk trojan virus - something Norton's seemed to have totally
| overlooked.
|
| I downloaded sysclean.com and latest def's and it just picked them off,
| along with several others which had been lurking in my system restore files.
| I ran Spybot once more to eliminate the final registry entry and deleted the
| Temp_silent32.exe which was hanging on for grim life.
|
| I am currently downloading some Windows Updates, but I would welcome any
| suggestions as to harden my system against further attacks, beyond regular
| scanning for this type of scumware.
|
| Graham
|
|

 

[Rock]

Big thanks to all who gave help to rid me of several copies of
Troj_startpag.nk trojan virus - something Norton's seemed to have totally
overlooked.

I downloaded sysclean.com and latest def's and it just picked them off,
along with several others which had been lurking in my system restore files.
I ran Spybot once more to eliminate the final registry entry and deleted the
Temp_silent32.exe which was hanging on for grim life.

I am currently downloading some Windows Updates, but I would welcome any
suggestions as to harden my system against further attacks, beyond regular
scanning for this type of scumware.

Graham

These programs should be run weekly in safe mode. Make sure you update
them in normal mode before booting into safe mode.

Cwshredder
http://aumha.org/freeware/freeware.php#cwshred

Ad-aware SE
http://www.lavasoftusa.com

Spybot Search and Destroy
http://www.safer-networking.org

Bazooka Adware and Spyware Scanner
http://download.com.com/3000-2144-10247783.html

HijackThis
http://www.majorgeeks.com/download.php?det=3155

Use these programs to help keep your system clean:

Spywareblaster
www.javacoolsoftware.com/sbdownload.html

Spywareguard
http://www.javacoolsoftware.com/sgdownload.html

IE-SPYAD
http://www.staff.uiuc.edu/~ehowes/resource.htm