HELP. Got Trojans,what to do ??

Like i put in post below am new using a pc but trying to learn. Have
windows98SE, Zone Alarn, Avast and Spy Sweeper. Run scan with sweeper
and all clear. Then added Spybot S&D and found what is listed below. Yes
i see the button that says "fix problem" that gets rid of them i guess
but say something to do registry and told befor not to mess with that.
Do not know anything about what S&D found and want to make sure thay are
Bad befor deleting so i do not screw up my pc. Thanks for any help at
all.-------
Comet Cursors: Interface (IFileInfo) (Registry key, nothing done)
*
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{74F 7D6F8-A844-4F29-B9C7-294721D91C10}
*
Alexa Related:* What's related link (Replace file, nothing done)
* C:\WINDOWS\Web\RELATED.HTM
*
C2.lop.AproposMedia:* Data (File, nothing done)
* C:\WINDOWS\MSIMGSIZ.DAT
*
DSO Exploit: Data source object exploit (Registry change, nothing done)
*
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Internet
Settings\Zones\0\1004!=W=3
*
--- Spybot - Search && Destroy version: 1.3* ---
2004-05-12 Includes\Cookies.sbi
2004-05-12 Includes\Dialer.sbi
2004-05-12 Includes\Hijackers.sbi
2004-05-12 Includes\Keyloggers.sbi
2004-05-12 Includes\LSP.sbi
2004-05-12 Includes\Malware.sbi
2004-05-12 Includes\Revision.sbi
2004-05-12 Includes\Security.sbi
2004-05-12 Includes\Spybots.sbi
2004-05-12 Includes\Tracks.uti
2004-05-12 Includes\Trojans.sbi

Earl

Earl skrev:
> Like i put in post below am new using a pc but trying to learn. Have
> windows98SE, Zone Alarn, Avast and Spy Sweeper. Run scan with sweeper
> and all clear. Then added Spybot S&D and found what is listed below. Yes
> i see the button that says "fix problem" that gets rid of them i guess
> but say something to do registry and told befor not to mess with that.
> Do not know anything about what S&D found and want to make sure thay are
> Bad befor deleting so i do not screw up my pc. Thanks for any help at
> all.-------
> Comet Cursors: Interface (IFileInfo) (Registry key, nothing done)
>
> HKEY_LOCAL_MACHINE\Software\Classes\Interface\{74F 7D6F8-A844-4F29-B9C7-294721D91C10}
>
> Alexa Related: What's related link (Replace file, nothing done)
> C:\WINDOWS\Web\RELATED.HTM
>
> C2.lop.AproposMedia: Data (File, nothing done)
> C:\WINDOWS\MSIMGSIZ.DAT
>
> DSO Exploit: Data source object exploit (Registry change, nothing done)
>
> HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Internet
> Settings\Zones\0\1004!=W=3
>
> --- Spybot - Search && Destroy version: 1.3 ---
> 2004-05-12 Includes\Cookies.sbi
> 2004-05-12 Includes\Dialer.sbi
> 2004-05-12 Includes\Hijackers.sbi
> 2004-05-12 Includes\Keyloggers.sbi
> 2004-05-12 Includes\LSP.sbi
> 2004-05-12 Includes\Malware.sbi
> 2004-05-12 Includes\Revision.sbi
> 2004-05-12 Includes\Security.sbi
> 2004-05-12 Includes\Spybots.sbi
> 2004-05-12 Includes\Tracks.uti
> 2004-05-12 Includes\Trojans.sbi
>
>
Nothing serius there? Why all fuzz? Do a online scanning with F-secure
or McAffe.

http://support.f-secure.com/enu/home/ols.shtml

--
Robban Stenkvist
http://w1.853.comhem.se/~u85329080/
http://robsten.blogspot.com/

Robsten

On Sun, 2 Jan 2005 21:02:28 -0800, (Earl) wrote:

>Like i put in post below am new using a pc but trying to learn. Have
>windows98SE, Zone Alarn, Avast and Spy Sweeper. Run scan with sweeper
>and all clear. Then added Spybot S&D and found what is listed below. Yes
>i see the button that says "fix problem" that gets rid of them i guess
>but say something to do registry and told befor not to mess with that.
>Do not know anything about what S&D found and want to make sure thay are
>Bad befor deleting so i do not screw up my pc. Thanks for any help at
>all.-------
>Comet Cursors: Interface (IFileInfo) (Registry key, nothing done)
>*
>HKEY_LOCAL_MACHINE\Software\Classes\Interface\{74 F7D6F8-A844-4F29-B9C7-294721D91C10}
>*
>Alexa Related:* What's related link (Replace file, nothing done)
>* C:\WINDOWS\Web\RELATED.HTM
>*
>C2.lop.AproposMedia:* Data (File, nothing done)
>* C:\WINDOWS\MSIMGSIZ.DAT
>*
>DSO Exploit: Data source object exploit (Registry change, nothing done)
>*
>HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cu rrentVersion\Internet
>Settings\Zones\0\1004!=W=3
>*
>--- Spybot - Search && Destroy version: 1.3* ---
>2004-05-12 Includes\Cookies.sbi
>2004-05-12 Includes\Dialer.sbi
>2004-05-12 Includes\Hijackers.sbi
>2004-05-12 Includes\Keyloggers.sbi
>2004-05-12 Includes\LSP.sbi
>2004-05-12 Includes\Malware.sbi
>2004-05-12 Includes\Revision.sbi
>2004-05-12 Includes\Security.sbi
>2004-05-12 Includes\Spybots.sbi
>2004-05-12 Includes\Tracks.uti
>2004-05-12 Includes\Trojans.sbi
>

You should be able to uninstall comet cursors from the contol
panel.

If you have been 'told' not to do things discuss the problem
with the person who told you.
--
Jim Watt
http://www.gibnet.com

Jim Watt

Whats the fuss ??. I guess to experts it looks like the things s&d found
are nothing but being new at spyware did not know. Main thing like to
know is do i use the S&D "fix problem" button to delete them ?. Is
spybot s&d anygood if its comeing up with minor stuff ?.

Earl

"Earl" <> wrote:
> Whats the fuss ??. I guess to experts it looks like the things s&d found
> are nothing but being new at spyware did not know. Main thing like to
> know is do i use the S&D "fix problem" button to delete them ?. Is
> spybot s&d anygood if its comeing up with minor stuff ?.
>

Spybot creates backups for the quarantined files. You should be fine
letting it delete them.


Jon Cosby

Jon Cosby

1) Download the following three items...

Trend Sysclean Package
http://www.trendmicro.com/download/dcs.asp

Latest Trend signature files.
http://www.trendmicro.com/download/pattern.asp

Adaware SE (free personal version v1.05)
http://www.lavasoftusa.com/

Create a directory.
On drive "C:\"
(e.g., "c:\New Folder")
or the desktop
(e.g., "C:\Documents and Settings\lipman\Desktop\New Folder")

Download SYSCLEAN.COM and place it in that directory.
Download the Trend Pattern File by obtaining the ZIP file.
For example; lpt327.zip

Extract the contents of the ZIP file and place the contents in the same directory as
SYSCLEAN.COM.

2) Update Adaware with the latest definitions.
3) If you are using WinME or WinXP, disable System Restore
http://vil.nai.com/vil/SystemHelpDoc...SysRestore.htm
4) Reboot your PC into Safe Mode and shutdown as many applications as possible.
5) Using both the Trend Sysclean utility and Adaware, perform a Full Scan of your
platform and clean/delete any infectors/parasites found.
(a few cycles may be needed)
6) Restart your PC and perform a "final" Full Scan of your platform using both the
Trend Sysclean utility and Adaware
7) If you are using WinME or WinXP,Re-enable System Restore and re-apply any
System Restore preferences, (e.g. HD space to use suggested 400 ~ 600MB),
Reboot your PC.
9) If you are using WinME or WinXP, create a new Restore point

* * * Please report back your results * * *

Dave




--
Dave
http://www.claymania.com/removal-trojan-adware.html




"Earl" <> wrote in message
news:20651-41D8D1E4-...
Like i put in post below am new using a pc but trying to learn. Have
windows98SE, Zone Alarn, Avast and Spy Sweeper. Run scan with sweeper
and all clear. Then added Spybot S&D and found what is listed below. Yes
i see the button that says "fix problem" that gets rid of them i guess
but say something to do registry and told befor not to mess with that.
Do not know anything about what S&D found and want to make sure thay are
Bad befor deleting so i do not screw up my pc. Thanks for any help at
all.-------
Comet Cursors: Interface (IFileInfo) (Registry key, nothing done)

HKEY_LOCAL_MACHINE\Software\Classes\Interface\{74F 7D6F8-A844-4F29-B9C7-294721D91C10}

Alexa Related: What's related link (Replace file, nothing done)
C:\WINDOWS\Web\RELATED.HTM

C2.lop.AproposMedia: Data (File, nothing done)
C:\WINDOWS\MSIMGSIZ.DAT

DSO Exploit: Data source object exploit (Registry change, nothing done)

HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Internet
Settings\Zones\0\1004!=W=3

--- Spybot - Search && Destroy version: 1.3 ---
2004-05-12 Includes\Cookies.sbi
2004-05-12 Includes\Dialer.sbi
2004-05-12 Includes\Hijackers.sbi
2004-05-12 Includes\Keyloggers.sbi
2004-05-12 Includes\LSP.sbi
2004-05-12 Includes\Malware.sbi
2004-05-12 Includes\Revision.sbi
2004-05-12 Includes\Security.sbi
2004-05-12 Includes\Spybots.sbi
2004-05-12 Includes\Tracks.uti
2004-05-12 Includes\Trojans.sbi

David H. Lipman

Earl skrev:
> Whats the fuss ??. I guess to experts it looks like the things s&d found
> are nothing but being new at spyware did not know. Main thing like to
> know is do i use the S&D "fix problem" button to delete them ?. Is
> spybot s&d anygood if its comeing up with minor stuff ?.
>
Yoy can delete, and should do so, Alexa, C2.loop and DSO exploit. Aren,t
there a backupfunction in Spyboot? I have uninstalled Spyboot long time
ago and use Pestpatrol and BPS spywaresweeper, I test A2 at the moment.
You can ask for a secund opinion with a online scanner at pestpatrol
http://store.ca.com/dr/v2/ec_main.en...ates&sid=35715
A timelimetid version of Webroots spysweeper Will do it too.
http://www.spychecker.com/program/spysweeper.html
Here you can searth for specific pests:
http://www3.ca.com/securityadvisor/pest/
here at last you have a free spysweeper, A2, I don,t know how good it is
yet, I do know you don,t get any false positivs:
http://www.emsisoft.com/en/software/free/
Don,t ever panic, take it cool and do silly thinks without thinking.
Don,t use a lot of spysweepers out there, you get a lot of false
positivs only, stick to the above. And delete Alexa, C2.loop and DSO
exploit, hope thats will do it for the time, take it cool!!!!!!!

--
Robban Stenkvist
http://w1.853.comhem.se/~u85329080/
http://robsten.blogspot.com/

Robsten

Want to thank all of you for help and links. Still learning and will be
helpfull for what to look for.

Earl

Thanks for the advise. Befor seeing your post i had allready used S&D to
send the items to quarantined files.Have made a copy of your info steps
and will try after i study a bit. Thanks

Earl