 |  |  |  |  |  |  |  |
Help Me Please
 |
This is my first post and I am in need of major help. I got on my computer opened up thunderbird (to check my email, I use it aswell as Firefox for the internet) and it opens up firefox and pops up a box like the ones when you download something and where the file name is it says thunderbird and it says save to. When I click cancel it goes to firefox but if i click ok it just adds another shortcut. Same thing happens in all my programs.
HELP!!!!
HELP!!!!
The symptom you describe is not one that I know to be related to a particular infection, but to see if that's a possiblity, here are some general (and free) detection and removal procedures you can perform:
1. Run at least two or three of the following online anti-virus/anti-spyware scans and let them fix what they can:
http://www.kaspersky.com/scanforvirus.html
http://housecall.trendmicro.com/
http://us.mcafee.com/root/mfs/default.asp?cid=9914
http://www.pandasoftware.com/active...n_principal.htm
http://www.ravantivirus.com/scan/
http://www.bitdefender.com/scan/licence.php
2. Download, install, and run the following (free) detection and removal tools (use each program's online update function before running them to make sure you have the most current updates installed).
After each utility completes its fixes, reboot before continuing on to the next utility; have the utilities fix all of the problematic/malicious items they find:
ewido Security Suite - http://www.ewido.net/en/download/
Microsoft Anti-Spyware beta - http://www.microsoft.com/downloads/...&displaylang=en
Ad Aware SE Personal - http://www.lavasoftusa.com/
SpyBot Search & Destroy - http://www.safer-networking.org/
3. Reboot into safe mode (you get to the safe mode boot option by hitting the F8 key as your computer is starting up)
- Open Windows Explorer, and in the Folder Options->View settings under the Tools menu, select "show hidden files and folders", and uncheck "Hide protected operating system files" and "Hide extentions for known file types".
- For every user account listed under C:\Documents and Settings, delete the entire contents of these folders (but not the folders themselves):
Important: One of the normal steps in eliminating malicious programs is to entirely delete the contents of all Temp folders. Given that, if any data that you care about is living in those Temp folders, you need to move it to a safe location now, or it will be erased along with everything else!
1. Cookies
2. Local Settings\Temp
3. Local Settings\History
4. Local Settings\Temporary Internet Files
- Delete the entire content of your C:\Windows\Temp folder.
- Delete the entire content of your C:\Windows\Prefetch folder.
Note- If you get any messages concerning the deletion of system files such as desktop.ini or index.dat, just choose to delete those files; they'll be automatically regenerated by Windows if needed. Windows will allow you to delete the versions of those files which exist in sub-folders within the main Temp/Temorary folders, but might not let you delete the versions of those files that exist in the main Temp folders themselves; this is normal and OK.
- Empty your Recycle Bin.
- Reboot normally.
Do as much of the above as possible and let us know if any of the proceedures found/fixed malicious items.
1. Run at least two or three of the following online anti-virus/anti-spyware scans and let them fix what they can:
http://www.kaspersky.com/scanforvirus.html
http://housecall.trendmicro.com/
http://us.mcafee.com/root/mfs/default.asp?cid=9914
http://www.pandasoftware.com/active...n_principal.htm
http://www.ravantivirus.com/scan/
http://www.bitdefender.com/scan/licence.php
2. Download, install, and run the following (free) detection and removal tools (use each program's online update function before running them to make sure you have the most current updates installed).
After each utility completes its fixes, reboot before continuing on to the next utility; have the utilities fix all of the problematic/malicious items they find:
ewido Security Suite - http://www.ewido.net/en/download/
Microsoft Anti-Spyware beta - http://www.microsoft.com/downloads/...&displaylang=en
Ad Aware SE Personal - http://www.lavasoftusa.com/
SpyBot Search & Destroy - http://www.safer-networking.org/
3. Reboot into safe mode (you get to the safe mode boot option by hitting the F8 key as your computer is starting up)
- Open Windows Explorer, and in the Folder Options->View settings under the Tools menu, select "show hidden files and folders", and uncheck "Hide protected operating system files" and "Hide extentions for known file types".
- For every user account listed under C:\Documents and Settings, delete the entire contents of these folders (but not the folders themselves):
Important: One of the normal steps in eliminating malicious programs is to entirely delete the contents of all Temp folders. Given that, if any data that you care about is living in those Temp folders, you need to move it to a safe location now, or it will be erased along with everything else!
1. Cookies
2. Local Settings\Temp
3. Local Settings\History
4. Local Settings\Temporary Internet Files
- Delete the entire content of your C:\Windows\Temp folder.
- Delete the entire content of your C:\Windows\Prefetch folder.
Note- If you get any messages concerning the deletion of system files such as desktop.ini or index.dat, just choose to delete those files; they'll be automatically regenerated by Windows if needed. Windows will allow you to delete the versions of those files which exist in sub-folders within the main Temp/Temorary folders, but might not let you delete the versions of those files that exist in the main Temp folders themselves; this is normal and OK.
- Empty your Recycle Bin.
- Reboot normally.
Do as much of the above as possible and let us know if any of the proceedures found/fixed malicious items.
"May the Wombat of Happiness snuffle through your underbrush."
- Ancient Aborigine blessing
Please do not contact me by email or PM for help. We're all volunteers here, and only have so much free time to dedicate to our efforts.
However, if I've been working on a thread with you already, and seem to have "forgotten" your thread, please do send me a message. I try not to let things slip through the cracks, but it does happen sometimes.
- Ancient Aborigine blessing
Please do not contact me by email or PM for help. We're all volunteers here, and only have so much free time to dedicate to our efforts.
However, if I've been working on a thread with you already, and seem to have "forgotten" your thread, please do send me a message. I try not to let things slip through the cracks, but it does happen sometimes.
|
Other Threads in the Viruses, Spyware and other Nasties Forum
- Previous Thread: Pc web browser hijacker
- Next Thread: hackthis log
Views: 972 | Replies: 1
| Thread Tools | Search this Thread |
Latest Viruses, Spyware and other Nasties Posts
Related Forum Features
Tag cloud for Viruses, Spyware and other Nasties
acrobat adobe adware anti-malware anti-virussitesaccessissue antivirus attack avg backtoschoolspeech bar blackhat botnet botnets censorship china commercial commercials conficker connect control crosssitescripting cyber cybercrime ddos domains e-mafia education email europe exam exploit fake fancheckvirus firefox gaming gumblar halloween herss.exe hijack hosting internet kaspersky legal mail malware mcafee messagelabs microsoft mobile nazi news obama onlinethreats paedophile parents patch pc phishing police policeprovirusmba-mblockedinternetaccess president pro problem redirect reliability report research risk rogueantivirus rootkit samhain sans school search security seopoisoning software spam spyware spywareexternalwindows7adminstratortrojans sqlinjection symantec system threat trojan unwanted update usa virus viruses vista volume war warning web windows worm yahoo zero-day zeroday
