Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Internet Explorer 7 virus


  • This topic is locked This topic is locked
5 replies to this topic

#1 Mobear

Mobear

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Idaho
  • Local time:02:28 AM

Posted 04 January 2009 - 12:09 PM

A few days ago my internet explorer 7 was infected by a virus, I have read that there is a new virus / worm infecting IE7. I had almost no control over IE7 and I was getting this "Antivirus 2009" pop up telling me I was infected and needed to download thier program. I did not bite on this fake advertisement but this is where my problems started.

After reading several posts on this and other web sites I was finally able to uninstall IE7. I have some control back and my computer is not locking up almost immedaitely after I start up. I know there is still something wrong. I have been trying to install Mozilla Firefox but it is being blocked from starting up so I have uninstalled it. My screen has a momentary flash or "hicup" on occasion usually when doing someithing with any antivirus software and sometimes when using IE. I am now using IE6.

Here is what I am using: IE6
windows xp
Dell computer XPS Duel core
Pentium 2.8 ghz with 2gb ram

Whis is what I have done to get things somewhat back to normal:

Installed Hijack This (Although I have done nothing with the information and do not know how to interpert the log)
Curently running CyberDefender
Curently running Norton Antivirus
Have installed Reg Cure and have run as well
Have installed spy no more and run
Have also installed combofix from advice off one of your posts and run windows recovery console. I have saved that log and that is why I am posting here.

I would like to see if I can get my computer cleaned up and get Mozilla Firefox installed and running. It seems like that is the better web brouser to use.

Thanks

Any help will be appreciated.

BC AdBot (Login to Remove)

 


#2 usasma

usasma

    Still visually handicapped (avatar is memory developed by my Dad


  • BSOD Kernel Dump Expert
  • 25,091 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Southeastern CT, USA
  • Local time:04:28 AM

Posted 04 January 2009 - 01:38 PM

Hang on while I move this over to the Am I Infected forum.
My browser caused a flood of traffic, sio my IP address was banned. Hope to fix it soon. Will get back to posting as soon as Im able.

- John  (my website: http://www.carrona.org/ )**If you need a more detailed explanation, please ask for it. I have the Knack. **  If I haven't replied in 48 hours, please send me a message. My eye problems have recently increased and I'm having difficult reading posts. (23 Nov 2017)FYI - I am completely blind in the right eye and ~30% blind in the left eye.<p>If the eye problems get worse suddenly, I may not be able to respond.If that's the case and help is needed, please PM a staff member for assistance.

#3 ePost

ePost

  • Members
  • 119 posts
  • OFFLINE
  •  
  • Local time:03:28 AM

Posted 04 January 2009 - 01:38 PM

Well running CyberDefender won't get you very far. The program is useless. CyberDefender is frequently listed on the Rouge lists because it boarders on malware. Get rid of it.

RecCure isn't very safe eighter. As a matter of fact the world have only 2 as-good-as-safe registry cleaners:

CCleaner and the registry cleaner inside Windows Live OneCare online scanner. You can get CCleaner here: http://www.ccleaner.com/download

As for safe registry cleaners: there are none.

BleepingComputer wrote a tutorial about how to get rid of Antivirus 2009 - which is another rouge program. Or malware to be more precise. You'll find that the tutorial works really fine. Link here: http://www.bleepingcomputer.com/malware-re...-antivirus-2009

When you are done you should have your logs checked. Follow these guidelines - link: http://www.bleepingcomputer.com/forums/t/34773/preparation-guide-for-use-before-using-malware-removal-tools-and-requesting-help/

Then post a copy of your logs in a new thread in here: http://www.bleepingcomputer.com/forums/f/22/virus-trojan-spyware-and-malware-removal-logs/

I hope for the best. Good luck. :-)

Edited by ePost, 04 January 2009 - 01:41 PM.


#4 ePost

ePost

  • Members
  • 119 posts
  • OFFLINE
  •  
  • Local time:03:28 AM

Posted 04 January 2009 - 01:44 PM

Sorry. I was not fast enough! :thumbsup:

#5 Mobear

Mobear
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Idaho
  • Local time:02:28 AM

Posted 08 January 2009 - 12:28 AM

Well things are running better, I ran the Malwarebyte scan along with the windows recovery console. I have not installed IE7 again and I have tried to install Firefox a couple times with no success in getting it to run.

Also on my outlook I get a message that there is another program trying to access my email addresses. I have not done a scan and posted my logs yet. I will try to do so tomorrow.

#6 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 37,011 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:04:28 AM

Posted 11 January 2009 - 01:07 PM

Hello Mobear,

I see that you have a Combofix log posted here: http://www.bleepingcomputer.com/forums/t/194287/log-file/ ComboFix is an extremely powerful tool which should only be used when instructed to do so by someone who has been properly trained. ComboFix is intended by its creator to be "used under the guidance and supervision of an expert." It is NOT for private use. Please read Combofix's Disclaimer. Using this tool incorrectly could lead to disastrous problems with your operating system such as preventing it from ever starting again.

Given the fact, however, that you have run that program and posted the log in the HiJack This forum, you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a HJT Team member, nor should you continue to ask for help elsewhere. Doing so can result in system changes which may not show in the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.

From this point on the HJT Team should be the only members that you take advice from, until they have verified your log as clean.

Please be patient. It may take a while to get a response because the HJT Team members are EXTREMELY busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the HJT Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another HJT Team member is already assisting you and not open the thread to respond.

If after 5 days you still have received no response, then post a link to your HJT log in the thread titled "Haven't Had A Reply In Five Days?".

For future reference, I would advise reading this guide which discusses the procedures for getting and receiving assistance for suspected infections.

Also, please be aware that we have a Preparation Guide that we like folks to go through before posting in the HiJack This forum. This guide changes periodically. Again, however, since you already have posted a Combofix log, please do not do anything further until advised by a HiJack This team member.

To avoid confusion, I am closing this topic. Good luck with your log.

Orange Blossom :thumbsup:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users