Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Computer Security > HELP. Got Trojans,what to do ??

Reply
Thread Tools

HELP. Got Trojans,what to do ??

 
 
Earl
Guest
Posts: n/a
 
      01-03-2005
Like i put in post below am new using a pc but trying to learn. Have
windows98SE, Zone Alarn, Avast and Spy Sweeper. Run scan with sweeper
and all clear. Then added Spybot S&D and found what is listed below. Yes
i see the button that says "fix problem" that gets rid of them i guess
but say something to do registry and told befor not to mess with that.
Do not know anything about what S&D found and want to make sure thay are
Bad befor deleting so i do not screw up my pc. Thanks for any help at
all.-------
Comet Cursors: Interface (IFileInfo) (Registry key, nothing done)
*
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{74F 7D6F8-A844-4F29-B9C7-294721D91C10}
*
Alexa Related:* What's related link (Replace file, nothing done)
* C:\WINDOWS\Web\RELATED.HTM
*
C2.lop.AproposMedia:* Data (File, nothing done)
* C:\WINDOWS\MSIMGSIZ.DAT
*
DSO Exploit: Data source object exploit (Registry change, nothing done)
*
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Internet
Settings\Zones\0\1004!=W=3
*
--- Spybot - Search && Destroy version: 1.3* ---
2004-05-12 Includes\Cookies.sbi
2004-05-12 Includes\Dialer.sbi
2004-05-12 Includes\Hijackers.sbi
2004-05-12 Includes\Keyloggers.sbi
2004-05-12 Includes\LSP.sbi
2004-05-12 Includes\Malware.sbi
2004-05-12 Includes\Revision.sbi
2004-05-12 Includes\Security.sbi
2004-05-12 Includes\Spybots.sbi
2004-05-12 Includes\Tracks.uti
2004-05-12 Includes\Trojans.sbi


 
Reply With Quote
 
 
 
 
Robsten
Guest
Posts: n/a
 
      01-03-2005
Earl skrev:
> Like i put in post below am new using a pc but trying to learn. Have
> windows98SE, Zone Alarn, Avast and Spy Sweeper. Run scan with sweeper
> and all clear. Then added Spybot S&D and found what is listed below. Yes
> i see the button that says "fix problem" that gets rid of them i guess
> but say something to do registry and told befor not to mess with that.
> Do not know anything about what S&D found and want to make sure thay are
> Bad befor deleting so i do not screw up my pc. Thanks for any help at
> all.-------
> Comet Cursors: Interface (IFileInfo) (Registry key, nothing done)
>
> HKEY_LOCAL_MACHINE\Software\Classes\Interface\{74F 7D6F8-A844-4F29-B9C7-294721D91C10}
>
> Alexa Related: What's related link (Replace file, nothing done)
> C:\WINDOWS\Web\RELATED.HTM
>
> C2.lop.AproposMedia: Data (File, nothing done)
> C:\WINDOWS\MSIMGSIZ.DAT
>
> DSO Exploit: Data source object exploit (Registry change, nothing done)
>
> HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Internet
> Settings\Zones\0\1004!=W=3
>
> --- Spybot - Search && Destroy version: 1.3 ---
> 2004-05-12 Includes\Cookies.sbi
> 2004-05-12 Includes\Dialer.sbi
> 2004-05-12 Includes\Hijackers.sbi
> 2004-05-12 Includes\Keyloggers.sbi
> 2004-05-12 Includes\LSP.sbi
> 2004-05-12 Includes\Malware.sbi
> 2004-05-12 Includes\Revision.sbi
> 2004-05-12 Includes\Security.sbi
> 2004-05-12 Includes\Spybots.sbi
> 2004-05-12 Includes\Tracks.uti
> 2004-05-12 Includes\Trojans.sbi
>
>

Nothing serius there? Why all fuzz? Do a online scanning with F-secure
or McAffe.

http://support.f-secure.com/enu/home/ols.shtml

--
Robban Stenkvist
http://w1.853.comhem.se/~u85329080/
http://robsten.blogspot.com/
 
Reply With Quote
 
 
 
 
Jim Watt
Guest
Posts: n/a
 
      01-03-2005
On Sun, 2 Jan 2005 21:02:28 -0800, http://www.velocityreviews.com/forums/(E-Mail Removed) (Earl) wrote:

>Like i put in post below am new using a pc but trying to learn. Have
>windows98SE, Zone Alarn, Avast and Spy Sweeper. Run scan with sweeper
>and all clear. Then added Spybot S&D and found what is listed below. Yes
>i see the button that says "fix problem" that gets rid of them i guess
>but say something to do registry and told befor not to mess with that.
>Do not know anything about what S&D found and want to make sure thay are
>Bad befor deleting so i do not screw up my pc. Thanks for any help at
>all.-------
>Comet Cursors: Interface (IFileInfo) (Registry key, nothing done)
>*
>HKEY_LOCAL_MACHINE\Software\Classes\Interface\{74 F7D6F8-A844-4F29-B9C7-294721D91C10}
>*
>Alexa Related:* What's related link (Replace file, nothing done)
>* C:\WINDOWS\Web\RELATED.HTM
>*
>C2.lop.AproposMedia:* Data (File, nothing done)
>* C:\WINDOWS\MSIMGSIZ.DAT
>*
>DSO Exploit: Data source object exploit (Registry change, nothing done)
>*
>HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cu rrentVersion\Internet
>Settings\Zones\0\1004!=W=3
>*
>--- Spybot - Search && Destroy version: 1.3* ---
>2004-05-12 Includes\Cookies.sbi
>2004-05-12 Includes\Dialer.sbi
>2004-05-12 Includes\Hijackers.sbi
>2004-05-12 Includes\Keyloggers.sbi
>2004-05-12 Includes\LSP.sbi
>2004-05-12 Includes\Malware.sbi
>2004-05-12 Includes\Revision.sbi
>2004-05-12 Includes\Security.sbi
>2004-05-12 Includes\Spybots.sbi
>2004-05-12 Includes\Tracks.uti
>2004-05-12 Includes\Trojans.sbi
>


You should be able to uninstall comet cursors from the contol
panel.

If you have been 'told' not to do things discuss the problem
with the person who told you.
--
Jim Watt
http://www.gibnet.com
 
Reply With Quote
 
Earl
Guest
Posts: n/a
 
      01-03-2005
Whats the fuss ??. I guess to experts it looks like the things s&d found
are nothing but being new at spyware did not know. Main thing like to
know is do i use the S&D "fix problem" button to delete them ?. Is
spybot s&d anygood if its comeing up with minor stuff ?.

 
Reply With Quote
 
Jon Cosby
Guest
Posts: n/a
 
      01-03-2005
"Earl" <(E-Mail Removed)> wrote:
> Whats the fuss ??. I guess to experts it looks like the things s&d found
> are nothing but being new at spyware did not know. Main thing like to
> know is do i use the S&D "fix problem" button to delete them ?. Is
> spybot s&d anygood if its comeing up with minor stuff ?.
>


Spybot creates backups for the quarantined files. You should be fine
letting it delete them.


Jon Cosby


 
Reply With Quote
 
David H. Lipman
Guest
Posts: n/a
 
      01-03-2005
1) Download the following three items...

Trend Sysclean Package
http://www.trendmicro.com/download/dcs.asp

Latest Trend signature files.
http://www.trendmicro.com/download/pattern.asp

Adaware SE (free personal version v1.05)
http://www.lavasoftusa.com/

Create a directory.
On drive "C:\"
(e.g., "c:\New Folder")
or the desktop
(e.g., "C:\Documents and Settings\lipman\Desktop\New Folder")

Download SYSCLEAN.COM and place it in that directory.
Download the Trend Pattern File by obtaining the ZIP file.
For example; lpt327.zip

Extract the contents of the ZIP file and place the contents in the same directory as
SYSCLEAN.COM.

2) Update Adaware with the latest definitions.
3) If you are using WinME or WinXP, disable System Restore
http://vil.nai.com/vil/SystemHelpDoc...SysRestore.htm
4) Reboot your PC into Safe Mode and shutdown as many applications as possible.
5) Using both the Trend Sysclean utility and Adaware, perform a Full Scan of your
platform and clean/delete any infectors/parasites found.
(a few cycles may be needed)
6) Restart your PC and perform a "final" Full Scan of your platform using both the
Trend Sysclean utility and Adaware
7) If you are using WinME or WinXP,Re-enable System Restore and re-apply any
System Restore preferences, (e.g. HD space to use suggested 400 ~ 600MB),
Reboot your PC.
9) If you are using WinME or WinXP, create a new Restore point

* * * Please report back your results * * *

Dave




--
Dave
http://www.claymania.com/removal-trojan-adware.html




"Earl" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
Like i put in post below am new using a pc but trying to learn. Have
windows98SE, Zone Alarn, Avast and Spy Sweeper. Run scan with sweeper
and all clear. Then added Spybot S&D and found what is listed below. Yes
i see the button that says "fix problem" that gets rid of them i guess
but say something to do registry and told befor not to mess with that.
Do not know anything about what S&D found and want to make sure thay are
Bad befor deleting so i do not screw up my pc. Thanks for any help at
all.-------
Comet Cursors: Interface (IFileInfo) (Registry key, nothing done)

HKEY_LOCAL_MACHINE\Software\Classes\Interface\{74F 7D6F8-A844-4F29-B9C7-294721D91C10}

Alexa Related: What's related link (Replace file, nothing done)
C:\WINDOWS\Web\RELATED.HTM

C2.lop.AproposMedia: Data (File, nothing done)
C:\WINDOWS\MSIMGSIZ.DAT

DSO Exploit: Data source object exploit (Registry change, nothing done)

HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Internet
Settings\Zones\0\1004!=W=3

--- Spybot - Search && Destroy version: 1.3 ---
2004-05-12 Includes\Cookies.sbi
2004-05-12 Includes\Dialer.sbi
2004-05-12 Includes\Hijackers.sbi
2004-05-12 Includes\Keyloggers.sbi
2004-05-12 Includes\LSP.sbi
2004-05-12 Includes\Malware.sbi
2004-05-12 Includes\Revision.sbi
2004-05-12 Includes\Security.sbi
2004-05-12 Includes\Spybots.sbi
2004-05-12 Includes\Tracks.uti
2004-05-12 Includes\Trojans.sbi



 
Reply With Quote
 
Robsten
Guest
Posts: n/a
 
      01-03-2005
Earl skrev:
> Whats the fuss ??. I guess to experts it looks like the things s&d found
> are nothing but being new at spyware did not know. Main thing like to
> know is do i use the S&D "fix problem" button to delete them ?. Is
> spybot s&d anygood if its comeing up with minor stuff ?.
>

Yoy can delete, and should do so, Alexa, C2.loop and DSO exploit. Aren,t
there a backupfunction in Spyboot? I have uninstalled Spyboot long time
ago and use Pestpatrol and BPS spywaresweeper, I test A2 at the moment.
You can ask for a secund opinion with a online scanner at pestpatrol
http://store.ca.com/dr/v2/ec_main.en...ates&sid=35715
A timelimetid version of Webroots spysweeper Will do it too.
http://www.spychecker.com/program/spysweeper.html
Here you can searth for specific pests:
http://www3.ca.com/securityadvisor/pest/
here at last you have a free spysweeper, A2, I don,t know how good it is
yet, I do know you don,t get any false positivs:
http://www.emsisoft.com/en/software/free/
Don,t ever panic, take it cool and do silly thinks without thinking.
Don,t use a lot of spysweepers out there, you get a lot of false
positivs only, stick to the above. And delete Alexa, C2.loop and DSO
exploit, hope thats will do it for the time, take it cool!!!!!!!

--
Robban Stenkvist
http://w1.853.comhem.se/~u85329080/
http://robsten.blogspot.com/
 
Reply With Quote
 
Earl
Guest
Posts: n/a
 
      01-04-2005
Want to thank all of you for help and links. Still learning and will be
helpfull for what to look for.

 
Reply With Quote
 
Earl
Guest
Posts: n/a
 
      01-04-2005
Thanks for the advise. Befor seeing your post i had allready used S&D to
send the items to quarantined files.Have made a copy of your info steps
and will try after i study a bit. Thanks

 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
If you Got Questions? I bet We got Answers Leisure.201@gmail.com Javascript 1 04-28-2007 11:04 PM
have you got any of these i can have spike240 Case Modding 4 09-14-2005 03:48 AM
got an idea stlava Case Modding 8 07-14-2005 08:39 AM
Just got a new laptop =?Utf-8?B?QWRhbQ==?= Wireless Networking 4 03-26-2005 09:14 AM
I got trouble for Wireless LAN + Windows Me OS Kevin Daddy Wireless Networking 2 09-01-2004 09:48 AM



Advertisments