View previous topic :: View next topic |
Author |
Message |
mbvetnet
Cadet
Joined: Apr 02, 2004
Posts: 6
Location: USA
|
Posted: Sat Apr 03, 2004 3:31 pm Post subject: HELP!!Getting worms/Trojans/viruses, etc. DESPITE McAfee!!!! |
|
|
I have McAfee virus scan (although, apparently I was only given it for a trial period) and it only runs when I tell it to or at scheduled times. I have been getting worms and Trojans after visiting random websites WITHOUT downloading anything from them. I downloaded “HijackThis” as a tool to help get rid of these programs and I’ve deleted everything I know to be a Trojan, worm, or virus. It gives me a log file and there may be more I can delete, but since I’m not sure what is bad and what is not… I have left them alone. I also do my best to never open unknown emails. But… I keep getting junk! Recommendations? I’ve now got a problem where when I open Internet Explorer, I get porn sites!!!! When I close the site it opens others! I tried to change the IE properties to change the Home Page to www.yahoo.com, but it won’t allow me to change it. (It’s in gray.) I went into HijackThis and deleted what I thought was the setting to start my IE with the porn page. I opened IE and it opened to “about:blank,” but when I went to set my homepage it still won't allow me to do it!! I used McAfee Scan and it didn’t pick up any problems (that was before I did the HijackThis). I can hardly ever use the internet without getting junk dropped onto my computer!!!!! I’m going crazy!!!!! Can you help me or direct me to someone who can? |
|
Back to top |
|
|
illukka
1st Responder
Joined: Feb 27, 2004
Posts: 275
Location: Finland
|
Posted: Sun Apr 04, 2004 8:18 am Post subject: |
|
|
post your hijackthis log here. remember that you should never attempt to fix anything with hjt unless you really know what you're doing...it's a powerful tool and misusing it can seriously mess up your system.. |
|
Back to top |
|
|
mbvetnet
Cadet
Joined: Apr 02, 2004
Posts: 6
Location: USA
|
Posted: Sun Apr 04, 2004 10:15 pm Post subject: |
|
|
I only attempted to clean up house myself becuase I needed to access the internet and there was no one around to help me. I only erased what I knew was not part of a real program, etc. As for posting my HijackThis log... is it safe to do in a public forum? Will it identify anything about me, etc? |
|
Back to top |
|
|
mbvetnet
Cadet
Joined: Apr 02, 2004
Posts: 6
Location: USA
|
Posted: Sun Apr 04, 2004 11:02 pm Post subject: |
|
|
Ok... I was finally able to find a system restore point that would actually work!!!!! I've got my Internet Explorer working correctly again, but I would love to go over my HijackThis file (if it is safe to post) and see what else could be purged. Also, why is it that McAfee Virus Scan is not picking up these worms/Trojans/viruses? |
|
Back to top |
|
|
illukka
1st Responder
Joined: Feb 27, 2004
Posts: 275
Location: Finland
|
Posted: Mon Apr 05, 2004 12:49 am Post subject: |
|
|
you can edit your hjt log to not show any idenfiable information( your name ip addy etc), it's just a txt file
i can't really say anythign about mcafee not being able to identify, as long as i don't see a log.
one reason is that those could have been more like spyware items than actual viruses.
about system restore: clear all restore points except the one that is good, malware often hides in system restore--it is restored along with anything else. |
|
Back to top |
|
|
mbvetnet
Cadet
Joined: Apr 02, 2004
Posts: 6
Location: USA
|
Posted: Mon Apr 05, 2004 1:54 am Post subject: |
|
|
I don't know how to delete restore points. Unfortunately, when I wanted to restore to a point BEFORE any malware infiltrated my computer, it wouldn't let me. I restored it to a point between infections. I don't know why it wouldn't restore to where I wanted it to. Many restore points I tried didn't work. I will actually create a new restore point again soon... anew "healthy" point. Anyway, I'm not sure what kind of data may be personal in my log file. Would any of the numeric values I see be addresses to anything personal? ...Note I'm asking a complete stranger... for all I know I could be getting hacked again for using this site! (I'm hoping it's regulated or something.) |
|
Back to top |
|
|
illukka
1st Responder
Joined: Feb 27, 2004
Posts: 275
Location: Finland
|
Posted: Mon Apr 05, 2004 4:40 am Post subject: |
|
|
the only things identifiable in a hjt log would be you documents and settings\xxxx file name, and possibly some name server ip address, or your pc's name
edit your hjt log and remove your name, put xxx in it,
you can edit your name server info if you're absolutely sure it is legitimate, if you're in doubt, let it stay..
we'll clear the restore points after we've finished with your log. a restore points functionality is limited, so if you really have important data on your hd i suggest regular backups, for exmple norton ghost or similar backup utility
note that some malwares are able to disable system restore and clear restore points.
ok edit your log( mask personal data with xxx) and post it here |
|
Back to top |
|
|
mbvetnet
Cadet
Joined: Apr 02, 2004
Posts: 6
Location: USA
|
Posted: Mon Apr 05, 2004 6:57 pm Post subject: |
|
|
Let me know what I should delete. I think most, if not all, of the bad stuff is gone.
Last edited by mbvetnet on Tue Apr 06, 2004 2:56 pm, edited 1 time in total |
|
Back to top |
|
|
illukka
1st Responder
Joined: Feb 27, 2004
Posts: 275
Location: Finland
|
Posted: Tue Apr 06, 2004 7:59 am Post subject: |
|
|
there's some fixable entries:
O2 - BHO: (no name) - {00000EF1-0786-4633-87C6-1AA7A44296DA} - C:\WINDOWS\System32\calsdr.dll (file missing)
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
you have been able to do a full system scan with updated mcaffee av? no infected files found? i have found mcafee to be a very reliable av.. |
|
Back to top |
|
|
mbvetnet
Cadet
Joined: Apr 02, 2004
Posts: 6
Location: USA
|
Posted: Tue Apr 06, 2004 3:05 pm Post subject: |
|
|
Done. I hope this works. Unfortunately, with McAfee, it is only scanning files when I tell it to scan. It is supposed to scan as things try to come into my computer, but it is not. It is updated and everything. It's just not doing its job. |
|
Back to top |
|
|
illukka
1st Responder
Joined: Feb 27, 2004
Posts: 275
Location: Finland
|
Posted: Tue Apr 06, 2004 5:02 pm Post subject: |
|
|
you could try reinstalling it, as some viruses are able to screw up the install of av's, looks like it has disabled your real time component of it(or your trial has ended, in which case reinstall won't work)
there are some free av choices available:
http://wwww.grisoft.com/us/us_index.php
www.free-av.de just to name a few
then i suggest getting spywareblaster and spywareguard from www.javacoolsoftware.com
both free |
|
Back to top |
|
|
|