security toolbar 7.1 (trojan zlob)

[joe]

so i think i have gotten rid of this trojan but i just wanted to be sure. i
was told by a friend that in order to make sure it was completly and totally
removed from my computer i would need to wipe my hard drive clean. i have
used windows defender to remove the trojans and my McAfee removed some
infected files now when i scan everything seems to be ok. how can i be sure
that i am not still at risk for infomation to be stolen from this infection?
also if i do need to completly reinstall my OS how do i do that

 

[Malke]

so i think i have gotten rid of this trojan but i just wanted to be sure. i
was told by a friend that in order to make sure it was completly and totally
removed from my computer i would need to wipe my hard drive clean. i have
used windows defender to remove the trojans and my McAfee removed some
infected files now when i scan everything seems to be ok. how can i be sure
that i am not still at risk for infomation to be stolen from this infection?
also if i do need to completly reinstall my OS how do i do that

You usually do not need to wipe the drive and start over to remove the
Security Toolbar. That said, I'm not sitting in front of your computer
working on it. I would be a bit more thorough than just using McAfee and
Windows Defender, though. Try going through these steps to be sure the
machine is really clean:

Do the preparatory steps here:
http://www.elephantboycomputers.com/page2.html#Removing_Malware

Then do the specific removal steps here:
http://www.elephantboycomputers.com/page2.html#Smitfraud_Trojan

You can also check to see if there are targeted removal steps for your
malware here:
Bleeping Computer removal how-to's -
http://www.bleepingcomputer.com/forums/forum55.html

When all else fails, run HijackThis and post your log in one of the
specialty forums listed at the first link above (not here, please).

Not all tools used will work in Vista and you will need to run them
elevated. If you are unable to remove the infection by following the
general steps, register at one of the HijackThis forums as suggested.

Standard caveat: If the procedures look too complex - and there is no
shame in admitting this isn't your cup of tea - take the machine to a
professional computer repair shop (not your local version of
BigComputerStore/GeekSquad). Please be aware that not all local shops
are skilled at removing malware and even if they are, your computer may
be so infested that Windows will need to be clean-installed. Have all
your data backed up before you take the machine into a shop.


Malke

 

[joe]

so this is what you would do?? then post the log in the first web site? just
dont wanna end up with identity theft had a credit card number stolen once
online suxd

 

[Synapse Syndrome]

so i think i have gotten rid of this trojan but i just wanted to be sure.
i
was told by a friend that in order to make sure it was completly and
totally
removed from my computer i would need to wipe my hard drive clean. i have
used windows defender to remove the trojans and my McAfee removed some
infected files now when i scan everything seems to be ok. how can i be
sure
that i am not still at risk for infomation to be stolen from this
infection?
also if i do need to completly reinstall my OS how do i do that

Try this online scan as well. It's good.

http://www.ewido.net/en/onlinescan/

You have to run IE as administrator (right click the icon) to let it work.

ss.

 

[Malke]

so this is what you would do?? then post the log in the first web site? just
dont wanna end up with identity theft had a credit card number stolen once
online suxd

I really don't see how you get there from what I wrote you. I would go
through the removal techniques I already gave you and then, if you still
are infected or need more help, post a HijackThis log at one of the many
HijackThis specialty forums. There will be nothing in a HijackThis log
that could enable anyone to steal your identity and all of the specialty
forums I recommend are legitimate. Here they are for your convenience,
listed in no particular order:

http://aumha.org/downloads/hijackthis.zip
http://www.aumha.org/a/hjttutor.htm - HijackThis tutorial by Merijn
http://www.bleepingcomputer.com/forums/index.php?showtutorial=42 -
another tutorial
http://aumha.net/ - Click on the HijackThis forum. Read the announcement
and the stickies *first*.
http://www.atribune.org/forums/index.php?showforum=9
http://aumha.net/viewforum.php?f=30
http://www.bleepingcomputer.com/forums/forum22.html
http://castlecops.com/forum67.html
http://www.dslreports.com/forum/cleanup
http://www.cybertechhelp.com/forums/forumdisplay.php?f=25
http://www.geekstogo.com/forum/Malware_Removal_HiJackThis_Logs_Go_Here-f37.html
http://gladiator-antivirus.com/forum/index.php?showforum=170
http://spywarewarrior.com/viewforum.php?f=5
http://forums.techguy.org/54-security/
http://forums.tomcoyote.org/

If you don't want to go through the work, then either 1) hope you got
the infection cleaned out using tools that are generally inadequate for
the job; 2) get local computer professional help (not free, naturally);
3) wipe your computer and start over. In any case, following the "Safe
Hex" recommendations listed at any of the following sites is a necessity
for staying clean in the future:

http://www.wilderssecurity.com/showthread.php?t=27971 - So How Did I Get
Infected Anyway?
http://www.getsafeonline.org/
https://www.mysecurecyberspace.com/
http://www.getnetwise.org/
http://wiki.castlecops.com/Malware_Removal_and_Prevention:_Introduction
http://www.claymania.com/safe-hex.html
http://www.aumha.org/a/parasite.htm - The Parasite Fight
http://msmvps.com/blogs/harrywaldron/archive/2006/02/05/82584.aspx - MVP
Harry Waldron - The Family PC - How to stay safe on the Internet
http://www.spywarewarrior.com/rogue_anti-spyware.htm - Eric Howes on
Rogue Antispyware Programs


Malke