Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Src Malware (hkus)


  • Please log in to reply
3 replies to this topic

#1 ringbinder

ringbinder

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:08:31 AM

Posted 15 November 2007 - 10:50 AM

Every time I have run StopZilla over the past five or six days, it has found two instances of malware called:

SRC [Rogue Registry Key] Location: hkus\s-1-5-21-2972975340-822100949-1435999781-1005\software\microsoft\internetexplorer\searchscopes value="defaultscope"

I remove the malware, using StopZilla, then run another scan immediately, and the same two instances of SRC are there again. My OS is Windows XP Professional.

I have Windows Live OneCare protection, AdAware (including Adwatch) and also SystemSuite8 Professional, and I update and run all of them every day. (OneCare, Adwatch and SystemSuite include "live" protection.) In fact I seem to spend a good deal of my time trying to avoid viruses, spyware and other malware. (I'm seriously thinking of switching to Mac.)

I have even tried running antivirus scans in Safe Mode - I can do this with SystemSuite, but not with StopZilla.

Can you suggest a way of permanently removing the SRC infection from my computer? Also how damaging is it - I use Windows Firewall on our wireless network, but I'm concerned that SRC might enable someone to record my keystrokes and thus gain access to passwords and other information. Is that possible?

Thanks, Alexander

BC AdBot (Login to Remove)

 


#2 buddy215

buddy215

  • BC Advisor
  • 5,878 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:11:31 AM

Posted 15 November 2007 - 04:00 PM

Try these two programs and see what they find and remove.

Install Super Antispyware free. Run it in safe mode. Allow it to quarantine whatever it finds.
http://www.superantispyware.com/

Run the online scan for Bit Defender in normal mode. Allow it to quarantine whatever it finds.
http://www.bitdefender.com/scan8/ie.html

Let us know what they find.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”
Lawrence M. Krauss


#3 ringbinder

ringbinder
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:08:31 AM

Posted 19 November 2007 - 08:40 PM

Thanks a bunch, Buddy215. I only just read your reply, but the SRC virus/malware is still there and I'll try both your suggestions and report back.

Thanks again, Ringbinder

#4 buddy215

buddy215

  • BC Advisor
  • 5,878 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:11:31 AM

Posted 20 November 2007 - 08:13 AM

There are much better security programs than Stopzilla or SystemSuite8 Professional that are FREE for the home user.

I want be surprised if the two programs I suggested do not confirm Stopzilla's report.

Edited by buddy215, 20 November 2007 - 08:14 AM.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”
Lawrence M. Krauss





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users