Re: Security Toolbar 7.1
- From: barrowhill <barrowhill@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Wed, 14 Nov 2007 11:57:13 -0800
Malke,
I spoke to soon.........
Neighbours daughter having finished with MSN Messenger ran Ad-Aware. During
pprocess "scumware" messages began appearing again. Security Toolbar 7.1
back! - I've disabled in IE7 via tools\manage add-ons. Be nice to remove it
Messages that appear regularly and cyclicly are:
System Alert: Malware Threats
Security Alert: Networm-iVirus@fp
System Performance Monitoring: Warning
Security Alert: Spyware found - PSW.x-Vir
SystemAlert: Trojan-Spy.W32@mx
Security Warning: New Variant of SpyBot@mxt
I also get 2 desktop icon appearing (delete them but keep coming back)
Live Safety Centre
On-Line Security Guide
Running SpyBot (regularly) brings up....
Win32.BHO.df
Virtumonde
Virtumonde.generic
Tried removing both in safe mode (OK) and nomal mode (OK) but these reappear.
Interesting to note, I see a number of blank "cmd" windows opening and
closing on desktop before it settles down.
Things appeared OK until whatever is deep rooted is triggered.
I've run Vundofix.exe which picked up 4 questionable .dll's. Yet to run
virtumondebegone.exe. Neighbour will bring round PC for me to work on.
If you have any further advice I'll be grateful to receive it
**************
"Malke" wrote:
barrowhill wrote:.
Neighbour can't remove this toolbar. Is their any freeware utuilties he can
use to get rid of it. ???
Go through these general malware removal steps systematically -
http://www.elephantboycomputers.com/page2.html#Removing_Malware
All tools suggested are free.
Include scanning with David Lipman's Multi_AV and follow instructions to
do all scans in Safe Mode. Please see the special Notes regarding using
Multi_AV in Vista.
http://www.elephantboycomputers.com/page2.html#Multi-AV - instructions
http://www.pctipp.ch/downloads/sicherheit/35905/multi_av_scanning_tool.html
- download site
The site is in German but David's tool is in English so don't let that
worry you. Scroll all the way down to almost the bottom of the page and
you'll see a box titled "Infos Zum Download - Multi-AV Scanning Tool".
You'll see "Download von www pctipp.ch" and the live link to download
Multi_AV.
You can also check to see if there are targeted removal steps for your
malware here:
Bleeping Computer removal how-to's -
http://www.bleepingcomputer.com/forums/forum55.html
When all else fails, run HijackThis and post your log in one of the
specialty forums listed at the first link above (not here, please).
Not all tools used will work in Vista and you will need to run them
elevated. Since Vista is so new, it will be a while before removal
techniques and tools are developed. If you are unable to remove the
infection by following the general steps, register at one of the
HijackThis forums as suggested.
Standard caveat: If the procedures look too complex - and there is no
shame in admitting this isn't your cup of tea - take the machine to a
professional computer repair shop (not your local version of
BigComputerStore/GeekSquad). Please be aware that not all local shops
are skilled at removing malware and even if they are, your computer may
be so infested that Windows will need to be clean-installed. Have all
your data backed up before you take the machine into a shop.
Malke
--
Elephant Boy Computers
www.elephantboycomputers.com
"Don't Panic!"
MS-MVP Windows - Shell/User
- Follow-Ups:
- Re: Security Toolbar 7.1
- From: Malke
- Re: Security Toolbar 7.1
- References:
- Re: Security Toolbar 7.1
- From: Malke
- Re: Security Toolbar 7.1
- Prev by Date: Re: Security Toolbar 7.1
- Next by Date: Re: Security Toolbar 7.1
- Previous by thread: Re: Security Toolbar 7.1
- Next by thread: Re: Security Toolbar 7.1
- Index(es):
Relevant Pages
|
|
