Solved Malware Problem, Google Toolbar Redirect, Etc.

broni · 2010/06/08

When I'm done with reviewing HJT log, you can uninstall it.

broni · 2010/06/08

Re-run HJT and checkmark:

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)

Click "Fix checked" button.

When done...

Your computer is clean

1. We need to reset system restore to prevent your computer from being accidentally reinfected by using some old restore point(s). We'll create fresh, clean restore point.

Turn off System Restore:

- Windows XP:
1. Click Start.
2. Right-click the My Computer icon, and then click Properties.
3. Click the System Restore tab.
4. Check "Turn off System Restore ".
5. Click Apply.
6. When turning off System Restore, the existing restore points will be deleted. Click Yes to do this.
7. Click OK.
- Windows Vista and 7:
1. Click Start.
2. Right-click the Computer icon, and then click Properties.
3. Click on System Protection under the Tasks column on the left side
4. Click on Continue on the "User Account Control" window that pops up
5. Under the System Protection tab, find Available Disks
6. Uncheck the box for any drive you wish to disable system restore on (in most cases, drive "C: ")
7. When turning off System Restore, the existing restore points will be deleted. Click "Turn System Restore Off" on the popup window to do this.
8. Click OK

2. Restart computer.

3. Turn System Restore on.

4. Make sure, Windows Updates are current.

[SIZE= "4"]5. If any Trojan was listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately![/SIZE]

6. Download, and install WOT (Web OF Trust): http://www.mywot.com/. It'll warn you (in most cases) about dangerous web sites.

7. Run defrag at your convenience.

8. Read How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html

9. Please, let me know, how is your computer doing.

sheltone · 2010/06/08

You got it! Do I do it from Add / Remove Items or do you have some other easy magic way for me to do it?

broni · 2010/06/08

Do I do it from Add / Remove Items
Click to expand...

Do what?

sheltone · 2010/06/08

Remove HijackThis

broni · 2010/06/08

Oh....yes...LOL

sheltone · 2010/06/08

Okay, mission completed. Re-ran HJT and deleted file as instructed. Turned off System Restore, rebooted and turned it back on.

Question, based on what was wrong, do I need to change all my passwords? I probably can't get to it until tomorrow, is that okay?

Computer seems fine so far, but its only been clean for what, 30 minutes?

We'll see how it is tomorrow and thanks!

Larry

"broni said: ↑

Re-run HJT and checkmark:

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)

Click "Fix checked" button.

When done...

Your computer is clean

1. We need to reset system restore to prevent your computer from being accidentally reinfected by using some old restore point(s). We'll create fresh, clean restore point.

Turn off System Restore:

- Windows XP:
1. Click Start.
2. Right-click the My Computer icon, and then click Properties.
3. Click the System Restore tab.
4. Check "Turn off System Restore ".
5. Click Apply.
6. When turning off System Restore, the existing restore points will be deleted. Click Yes to do this.
7. Click OK.
- Windows Vista and 7:
1. Click Start.
2. Right-click the Computer icon, and then click Properties.
3. Click on System Protection under the Tasks column on the left side
4. Click on Continue on the "User Account Control" window that pops up
5. Under the System Protection tab, find Available Disks
6. Uncheck the box for any drive you wish to disable system restore on (in most cases, drive "C: ")
7. When turning off System Restore, the existing restore points will be deleted. Click "Turn System Restore Off" on the popup window to do this.
8. Click OK

2. Restart computer.

3. Turn System Restore on.

4. Make sure, Windows Updates are current.

[SIZE= "4"]5. If any Trojan was listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately![/SIZE]

6. Download, and install WOT (Web OF Trust): http://www.mywot.com/. It'll warn you (in most cases) about dangerous web sites.

7. Run defrag at your convenience.

8. Read How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html

9. Please, let me know, how is your computer doing.
Click to expand...

broni · 2010/06/08

I'm glad to hear good news
You had a rootkit, so sensitive passwords change is certainly due.

Good luck and stay safe

sheltone · 2010/06/08

Thank you again. I had another issue that I thought could be malware related BUT it hasn't happened for the past few days and I suspect cleaning out the computer system has fixed it. If not, I'll bother you again.

This is an invaluable service you're offering here. I appreciate all your efforts!

Larry

broni · 2010/06/08

You're very welcome

Log in or Sign up

Solved Malware Problem, Google Toolbar Redirect, Etc.

broni Moderator Malware Analyst

broni Moderator Malware Analyst

sheltone Inactive Thread Starter

broni Moderator Malware Analyst

sheltone Inactive Thread Starter

broni Moderator Malware Analyst

sheltone Inactive Thread Starter

broni Moderator Malware Analyst

sheltone Inactive Thread Starter

broni Moderator Malware Analyst

Share This Page

Log in or Sign up

Solved Malware Problem, Google Toolbar Redirect, Etc.

broni Moderator Malware Analyst

broni Moderator Malware Analyst

sheltone Inactive Thread Starter

broni Moderator Malware Analyst

sheltone Inactive Thread Starter

broni Moderator Malware Analyst

sheltone Inactive Thread Starter

broni Moderator Malware Analyst

sheltone Inactive Thread Starter

broni Moderator Malware Analyst

Share This Page

Useful Searches