Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Internet security 2010, plus an older Trojan Downloader


  • Please log in to reply
1 reply to this topic

#1 ham61

ham61

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:02:29 PM

Posted 08 February 2010 - 09:32 AM

Hi I'm Ham, new to this forum but fairly well experienced with PC's and their software and hardware repairs.I like to help people with their PC's and enjoy the challenge of fixing their problems. Lately I'm really stumped though. A friend has given me the task of cleaning up the software on his PC.
First I saw it was infected with "Internet Security 2010". My longtime faithful friend Malwarebytes was able to be updated so I did a full scan and was able to remove this insidious malware. But still I found the browser settings had been hijacked as I was being redirected as showing in the address bar to anywhere but my target.
I then ran Malwarebytes in Safe Mode but found no more. I ran A Squared free(Emisoft) in Deep scan mode over the entire HD and it found 2 Trojan downloaders(which I removed) in Limewire downloads which the owner said had been downloaded last October!!
I've also used Advanced Spyware Scanner from Iobit and it detected and removed cookies I could see had been associated with malicious internet browser redirections. I performed a lot of scans with free trusted software I use from Major geeks website and removed a lot of crap but still the browser malicious redirections occur. I even downloaded I.E. from Major geeks. Removed completely the internet explorer we had been using - saving no settings and then installed the fresh I.E. I had downloaded but still the false internet redirections occurred! I am thinking a setting within the XP registry has been hijacked, so that instead of my friend being able to go to his proper server they have overwritten that setting to redirect his internet through a proxy server which then can steer him in any direction he doesn't want. I am no expert in playing with the registry and prefer programmes that can detect for me if something is not normal within the registry. I have also tried fresh downloads of Firefox and Google Chrome from Major Geeks (which was bookmarked & never hijacked). I never imported any settings to make sure the new browser was clean but still they were hijacked as I was misdirected when browsing. :flowers:
I would be interested to know if their is a fix to this problem that is not horribly complicated, or maybe it will be easier just to reformat his hard drive and start completely afresh - a clean slate with nothing hiding in the registry. I would appreciate a fix if their is one, but I know I may have to reformat unless an expert comes up with one in time. Thank you for any help anyone can offer :thumbsup:

BC AdBot (Login to Remove)

 


#2 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 60,823 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:07:29 AM

Posted 08 February 2010 - 03:49 PM

As no logs have been posted, I am shifting this topic from the specialized HiJack This forum to the Am I Infected forum.

==>PLEASE DO NOT NOW POST LOGS<== unless a log is specifically requested.

Please describe the issues you are experiencing with your computer.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users