Solve : Spyware Guard 2008 blocking anti-virus software downloads?

1.	Solve : Spyware Guard 2008 blocking anti-virus software downloads?
Answer» Scan is running and I reckon about another hour or so to completion (30% in last 25 mins). Need to go to bed now - UK time is 12.35 a.m. Will produce log in the morning and post the details. Hopefully you will be around some time tomorrow to have a look. Very many thanks for your time today and for all the GREAT guidance in getting me this far down the road to recovery. I look forward to the next steps and thanks again. I'll be around so no problem. See ya....It's a bit addictive this..... Still here and have completed all actions in your instructions. Log file attached. Gonna logout now and get some sleep but will look for next stpes tomorrow. Thanks again: Kaspersky Log: KASPERSKY ONLINE SCANNER 7 REPORT Saturday, January 3, 2009 Operating System: Microsoft Windows XP Professional Service Pack 3 (build 2600) Kaspersky Online Scanner 7 version: 7.0.25.0 Program database last update: Friday, January 02, 2009 20:54:46 Records in database: 1549910 -------------------------------------------------------------------------------- Scan settings: Scan using the following database: extended Scan archives: yes Scan mail databases: yes Scan area - My Computer: C:\ D:\ E:\ F:\ G:\ H:\ I:\ J:\ Scan statistics: Files scanned: 120299 Threat name: 2 Infected objects: 2 Suspicious objects: 0 Duration of the scan: 01:14:24 File name / Threat name / Threats count C:\dataInfected: Trojan-Downloader.Win32.IstBar.nh1 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\2XGZ01QL\SpywareGuard2008[1].exeInfected: Trojan-Dropper.Win32.Joiner.hp1 The selected area was scanned. Well that's not bad but it should have already been removed. Have to do it manually now... Go to My Computer->Tools->Folder Options->View tab: Under the Hidden files and folders heading: Select Show hidden files and folders. Uncheck Hide protected operating system files (recommended) option. Also, make sure there is no checkmark beside Hide file extensions for known file types. Click OK . Now go to the Content.IE5 folder and delete everything in it. It might not let you delete the items from today but that should be OK. Double click My Computer on your desktop and then open C:\. Keep opening the folders from the file path until you get to the Content.IE5 folder. C:>WINDOWS>system32>config>systemprofile>Local Settings>Temporary Internet Files>Content.IE5 Empty the Recycle Bin once it's deleted. Let me know when you get that done.All these steps completed and no problems. Sounds good. As long as everything is running OK now we can finish up. Use the Secunia Software INSPECTOR to check for out of date software. Click Start Now Check the box next to Enable thorough system inspection. Click Start Allow the scan to finish and scroll down to see if any updates are needed. Update anything listed. . ---------- Go to Microsoft Windows Update and get all critical updates. ---------- Here are some great FREE tools to help you keep from getting infected again. These tools use little or no resources so won't slow down your PC. Concerned about Browser Security? Consider using Mozilla Firefox 3.0 with Adblock Plus and NoScript To prevent unknown applications from being installed on your computer install WinPatrol 2008 * Using Winpatrol to protect your computer from malicious software I suggest using WOT - Web of Trust. WOT is a free Internet security addon for your browser. It will keep you safe from online scams, identity theft, spyware, spam, viruses and unreliable shopping sites. WOT warns you before you interact with a risky website. It's easy and it's free. SpywareBlaster - Secure your Internet Explorer to make it harder for ActiveX programs to run on your computer. Also stop certain cookies from being added to your computer when running Mozilla based browsers like Firefox. * Using SpywareBlaster to protect your computer from Spyware and Malware * If you don't know what ActiveX controls are, see here Check out Keeping Yourself Safe On The Web for tips and free tools to help keep you safe in the future. Also see Slow Computer? It May Not Be Malware for free cleaning/maintenance tools to help keep your computer running smooth.Hi EF. Ran another K scan with one trojan remaining. Should I still follow your last instructions or something else first? Hope you're well and ever grateful as ever.... K scan log as follows: KASPERSKY ONLINE SCANNER 7 REPORT Saturday, January 3, 2009 Operating System: Microsoft Windows XP Professional Service Pack 3 (build 2600) Kaspersky Online Scanner 7 version: 7.0.25.0 Program database last update: Saturday, January 03, 2009 16:49:04 Records in database: 1554307 -------------------------------------------------------------------------------- Scan settings: Scan using the following database: extended Scan archives: yes Scan mail databases: yes Scan area - My Computer: C:\ D:\ E:\ F:\ G:\ H:\ I:\ K:\ Scan statistics: Files scanned: 121515 Threat name: 1 Infected objects: 1 Suspicious objects: 0 Duration of the scan: 01:14:59 File name / Threat name / Threats count C:\dataInfected: Trojan-Downloader.Win32.IstBar.nh1 The selected area was scanned.Delete this folder C:\data Also look to see if any of these folders are on the computer, deleting them if found. C:\Program Files\ISTsvc C:\Program Files\SideFind C:\Program Files\YourSiteBar Then run this tool: http://majorgeeks.com/Symantec_Adware.IstbarTrojan.ISTsvc_Removal_Tool_d4784.html ---------- It's odd that that showed up like that. I think we should run another scan. This scanner requires Internet Explorer Scan with the BitDefender Online Scanner Click I Agree to the license and then install the ActiveX control. Please DO NOT change the Scanning Options. That will make your logs huge and we don't need to see clean files. Select Start Scan to begin. This scan can TAKE a while so please be patient and let it complete. Once Bitdefender completes the scan: Click-on the Detected Problems tab. Then select Click here to EXPORT the scan report This will save a file named bdscan.html I would suggest saving it to the Desktop so you can easily find it. (take notice of where you save it so you can find it later) You will have to upload the file online. The forums will not accept HTML. Upload the file to Savefile.com *There is no need to Register* Select Browse and locate the file. Fill in the Title, Description and security code then click Upload Copy the link next to Your link to the file: and post the link back here.http://www.savefile.com/files/1953087 Here ye go..... Haven't opened it but let me know what you think. Many thanksWell I'm pretty sure everything is gone, at least I hope so. How is the computer running now?Everything is running really well. Have added all the software you suggested. Do I also need to load a firewall and more general anti-virus? I keep getting a windows security box saying that I need one. Any last recommendation or do I already have all I need having loaded the "stuff" in your earlier advice? Your website is a GODSEND and I can't thank you enough for all the excellent, specific and easy to follow guidance you have given to me. It's a huge relief to have this sorted and also to have a high performing computer again. Live long and prosper!Yes you need to install a good antivirus. Choose one of these that are free. I personally prefer Avast. Remember to only install one antivirus! 1) Avast! Home Free Edition 2) AVG Free Edition 3) Avira AntiVir Personal

Answer»

Scan is running and I reckon about another hour or so to completion (30% in last 25 mins).

Need to go to bed now - UK time is 12.35 a.m.

Will produce log in the morning and post the details.

Hopefully you will be around some time tomorrow to have a look.

Very many thanks for your time today and for all the GREAT guidance in getting me this far down the road to recovery.

I look forward to the next steps and thanks again.

I'll be around so no problem.

See ya....It's a bit addictive this..... Still here and have completed all actions in your instructions. Log file attached. Gonna logout now and get some sleep but will look for next stpes tomorrow. Thanks again:

Kaspersky Log:

KASPERSKY ONLINE SCANNER 7 REPORT
Saturday, January 3, 2009
Operating System: Microsoft Windows XP Professional Service Pack 3 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Friday, January 02, 2009 20:54:46
Records in database: 1549910
--------------------------------------------------------------------------------

Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes

Scan area - My Computer:
C:\
D:\
E:\
F:\
G:\
H:\
I:\
J:\

Scan statistics:
Files scanned: 120299
Threat name: 2
Infected objects: 2
Suspicious objects: 0
Duration of the scan: 01:14:24

File name / Threat name / Threats count
C:\dataInfected: Trojan-Downloader.Win32.IstBar.nh1
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\2XGZ01QL\SpywareGuard2008[1].exeInfected: Trojan-Dropper.Win32.Joiner.hp1

The selected area was scanned.

Well that's not bad but it should have already been removed. Have to do it manually now...

Go to My Computer->Tools->Folder Options->View tab:

Under the Hidden files and folders heading:
Select Show hidden files and folders.
Uncheck Hide protected operating system files (recommended) option.
Also, make sure there is no checkmark beside Hide file extensions for known file types.
Click OK

.

Now go to the Content.IE5 folder and delete everything in it. It might not let you delete the items from today but that should be OK.

Double click My Computer on your desktop and then open C:\. Keep opening the folders from the file path until you get to the Content.IE5 folder.

C:>WINDOWS>system32>config>systemprofile>Local Settings>Temporary Internet Files>Content.IE5

Empty the Recycle Bin once it's deleted.

Let me know when you get that done.All these steps completed and no problems. Sounds good. As long as everything is running OK now we can finish up.

Use the Secunia Software INSPECTOR to check for out of date software.

Click Start Now
Check the box next to Enable thorough system inspection.
Click Start
Allow the scan to finish and scroll down to see if any updates are needed.
Update anything listed.

.
----------

Go to Microsoft Windows Update and get all critical updates.

----------

Here are some great FREE tools to help you keep from getting infected again. These tools use little or no resources so won't slow down your PC.

Concerned about Browser Security? Consider using Mozilla Firefox 3.0 with Adblock Plus and NoScript

To prevent unknown applications from being installed on your computer install WinPatrol 2008
* Using Winpatrol to protect your computer from malicious software

I suggest using WOT - Web of Trust. WOT is a free Internet security addon for your browser. It will keep you safe from online scams, identity theft, spyware, spam, viruses and unreliable shopping sites. WOT warns you before you interact with a risky website. It's easy and it's free.

SpywareBlaster - Secure your Internet Explorer to make it harder for ActiveX programs to run on your computer. Also stop certain cookies from being added to your computer when running Mozilla based browsers like Firefox.
* Using SpywareBlaster to protect your computer from Spyware and Malware
* If you don't know what ActiveX controls are, see here

Check out Keeping Yourself Safe On The Web for tips and free tools to help keep you safe in the future.

Also see Slow Computer? It May Not Be Malware for free cleaning/maintenance tools to help keep your computer running smooth.Hi EF. Ran another K scan with one trojan remaining. Should I still follow your last instructions or something else first?

Hope you're well and ever grateful as ever....

K scan log as follows:

KASPERSKY ONLINE SCANNER 7 REPORT
Saturday, January 3, 2009
Operating System: Microsoft Windows XP Professional Service Pack 3 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Saturday, January 03, 2009 16:49:04
Records in database: 1554307
--------------------------------------------------------------------------------

Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes

Scan area - My Computer:
C:\
D:\
E:\
F:\
G:\
H:\
I:\
K:\

Scan statistics:
Files scanned: 121515
Threat name: 1
Infected objects: 1
Suspicious objects: 0
Duration of the scan: 01:14:59

File name / Threat name / Threats count
C:\dataInfected: Trojan-Downloader.Win32.IstBar.nh1

The selected area was scanned.Delete this folder

C:\data

Also look to see if any of these folders are on the computer, deleting them if found.

C:\Program Files\ISTsvc
C:\Program Files\SideFind
C:\Program Files\YourSiteBar

Then run this tool: http://majorgeeks.com/Symantec_Adware.IstbarTrojan.ISTsvc_Removal_Tool_d4784.html

----------

It's odd that that showed up like that. I think we should run another scan.

This scanner requires Internet Explorer

Scan with the BitDefender Online Scanner
Click I Agree to the license and then install the ActiveX control.
Please DO NOT change the Scanning Options.
That will make your logs huge and we don't need to see clean files.
Select Start Scan to begin.
This scan can TAKE a while so please be patient and let it complete.

Once Bitdefender completes the scan:
Click-on the Detected Problems tab.
Then select Click here to EXPORT the scan report

This will save a file named bdscan.html I would suggest saving it to the Desktop so you can easily find it. (take notice of where you save it so you can find it later)

You will have to upload the file online. The forums will not accept HTML.

Upload the file to Savefile.com
There is no need to Register
Select Browse and locate the file.
Fill in the Title, Description and security code then click Upload
Copy the link next to Your link to the file: and post the link back here.http://www.savefile.com/files/1953087

Here ye go.....

Haven't opened it but let me know what you think.

Many thanksWell I'm pretty sure everything is gone, at least I hope so.

How is the computer running now?Everything is running really well. Have added all the software you suggested.

Do I also need to load a firewall and more general anti-virus? I keep getting a windows security box saying that I need one. Any last recommendation or do I already have all I need having loaded the "stuff" in your earlier advice?

Your website is a GODSEND and I can't thank you enough for all the excellent, specific and easy to follow guidance you have given to me. It's a huge relief to have this sorted and also to have a high performing computer again.

Live long and prosper!Yes you need to install a good antivirus. Choose one of these that are free. I personally prefer Avast.

Remember to only install one antivirus!

1) Avast! Home Free Edition
2) AVG Free Edition
3) Avira AntiVir Personal

Solve : Spyware Guard 2008 blocking anti-virus software downloads?

Discussion

No Comment Found

Related InterviewSolutions

Reply to Comment