[bill]

What were you "Blasted" with

virus or spyware? I think you had been infected with spyware and just did not know it. Now that you have it all removed your computer should run better and faster on-line. Just a note: Anti-virus programs will not detect and remove spyware and the same for Spyware will not detect and remove a virus. They are two seperate animals..LOL

You might also want to download Ad-aware and give it a run also as it will help detect and remove spyware from your computer. Ad-aware and Spybot S&D work very well together. These are very good FREE programs so use them. If you want to stepup, Pest Patrol and Spy Sweeper are even better programs.

If you had any virus problem, go back to the top thread and run one or more of the on-line virus scanners. Take a look at the thread on threats for Texas.

BTW, MajorGeeks is a clean site and you will not get a virus from them. I would also think about a different anti-virus program. I have seen that program fail time and time again. Shadman had a thread about Trend Micro having a sale the other day for their software and it was a very good price.

If you had a trojan, which one was it and what did you do to remove it?

 

[bill]

I need more information and we can clean this out

I belive you are probaly still infected. noclose.gen is a script virus you get in an email. Simply looking at the message gets you infected, you do not need to open any attachments. Go to the thread and do the on-line scan, then copy the results and past back here so we can get you free. The on-line scans may remove them but be sure to copy the exact message of everything not cleaned.

 

[bill]

When you post the copied information

please include what operating system you are using. This will help us resolve the problem much easier and quicker.

 

[bill]

Ok

Do you have a firewall? If not download Zone Alarm (in the top thread) and lets get some of the programs to stop getting access. What Operating system are you using? If ME/XP you need to disable the auto restore function before you clean and reboot or the problems may be reinstalled. Try the Trend Micro (Housecall) scanner and let it detect and remove the problems. When you get to the scanner site, disable your anti-virus, that way McAffee's will not try and fight the scan. You can also download one of the free anti-virus programs listed in the main thread, you should get better results and be more protected.
Also, the on-line scans should not take that long, I can scan my home systems in about 25 mins and I have a dial-up connection and two HDs, 1 40gig and 1 60gig.

 

[bill]

This one is not destructive..thats good

TROJ STARTPAG.KF you need to stop autostart entries from the registry prevents the malware from executing at startup.

1. Open Registry Editor. Click Start>Run, type REGEDIT, then press Enter.
2. In the left panel, double-click the following:
   HKEY_CURRENT_USER>Software>Microsoft>
   Windows>CurrentVersion>Run
3. In the right panel, locate and delete the entry:
   IEService.exe = "%AllUsers%\Application Data\IEService\IEService.exe"

NOTE: If you were not able to terminate the malware process as described in the previous procedure, restart your system.

Removing Malware Entries from the Registry

1. Still in the Registry Editor, in the left panel, double-click the following:
   HKEY_CLASSES_ROOT>E.HH
2. Still in the left panel, right-click the following registry key and choose DELETE:
   E.HH
3. Do the same procedure for the following registry keys:
   • HKEY_CLASSES_ROOT\E.ZZA
   • HKEY_CLASSES_ROOT\CLSID\{9E992732-295F-4987-8BE3-16FAC1639198}
   • HKEY_CLASSES_ROOT\CLSID\{D72A7651-8A16-476E-953C-347F0241FD32}
   • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\E.HH
   • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\E.ZZA
   • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\
     {9E992732-295F-4987-8BE3-16FAC1639198}
   • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\
     {D72A7651-8A16-476E-953C-347F0241FD32}
   • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\
     CurrentVersion\Explorer\Browser Helper Objects\
     {9E992732-295F-4987-8BE3-16FAC1639198}
4. Close Registry Editor.

The following procedure disables the System Restore feature:

For Windows ME

1. Right-click the My Computer icon on the Desktop and click Properties.
2. Click the Performance tab.
3. Click the File System button.
4. Click the Troubleshooting tab.
5. Select Disable System Restore.
6. Click Apply > Close > Close.
7. When prompted to restart, click Yes.
8. Press F8 while the system restarts.
9. Choose Safe Mode then hit the Enter key.
10. After your system has restarted, continue with the scan/clean process. Files under the _Restore folder can now be deleted.
11. Re-enable System Restore by clearing Disable System Restore and restarting your system normally.

This should get you ride of this problem, after you finish, run the on-line scan again, (I know this is a pain, sorry) and see if anything else shows up in the final scan.

 

[bill]

Man that bites big time

I just returned from my brother-in-laws, all the out of town family is leaving in the AM so they wanted to see them one more time. I hope you have some backup copies of any files you had, this is the time they come in handy.