Backweb & WREN.F Trojan - HELP!

Hey Chas!!

Ok - - I don't use IE anymore, but I went ahead and did the things you suggested.

Also, ran another HJT and fixed the two lines you suggested.

Wanted to tell you that I ran Ad-Aware - found 1 cookie (data miner from tribal.fusion) and quarantined it. Also ran SpyBot - S&D and it found nothing. My AVG scan was clean today too.

So - - anything else I need to do??

Bless you my wonderful computer guru friend!
Shelle

 

Thank you Chas!!

Ok - I guess that means I'm clean, huh?

I just contacted my webhosting company. They're going to delete my account. I'm going to delete my HD files for my website, uninstall FP, reinstall FP and start building the site from complete scratch.

I'm NOT looking forward to this - but I don't know what else to do.

BTW - Do you know what a Thumbs.db is? It's ghosted in a few files of mine. I'm thinking I originally saw it in the Gallery PHP software I downloaded, but it seems to be popping up everywhere.

AND - AVG healed a pretty little trojan today - Trojan horse Downloader.VB.R
Interesting, eh??

Chas?! You are the greatest man!! Thank you! Thank you! Thank you!!

Shel

 

Hey Chas - -

Thanks for the tip on the thumbs.db. I followed the instructions on that website you listed to unenable the viewing of them. I tried to delete them but I couldn't. It actually deleted some and re-wrote them back into the search function. Weird, but I think it's probably because of some setting I have - trying to protect itself.

Nope - didn't get any answers at all on the software forum. But, I think I figured it out. My web hosting company completely recreated my account. I completely deleted my files and am now the proud owner of a brand-spanking new, $30, better looking, FP template.!

I went ahead and published the template (no old files) to my web server and had no problems. Thank the Lord! I'm still keeping my fingers crossed - but I have a LOT of work ahead of me.



Since I'm asking stupid questions now and I'm not freaking out - - (yet) - Are you familiar with this? - Whenever I click on a link in an e-mail - I get a weird browsing Windows popup that's headed with LOCATE LINK BROWSER. I'm using Firefox and I've looked through the settings and can't find anything that would fix it. Also checked out their website for answers. I'm probably just not looking for it in the right way. Whatever link I click on does open, but this weird window stays up too.

Oh, and just picking your brain here - - what are your thoughts on the SP2 from MS? It downloaded automatically without my knowledge a few weeks ago. I uninstalled it. I was thinking of waiting a few months before reinstalling it. I have enough headaches for now... *gee*

Listen - if you're ever in my rural neck of the woods (Mississippi) you and your family must visit so I can cook a wonderful southern meal for you guys! Cornbread, black-eye peas, stewed potatoes and your choice of chicken, steak or pork. I owe you!!!!

And - if you're ever in need of a resume fixer, writer, editor, proofreader or whatever - you get in touch. I'm actually quite good - believe it or not. Even been published a time or two -



Ok - it's late - I'm rambling. Can you tell I'm a writer by my long, boring missives? Maybe I can get some sleep soon.

Take care!!!
Shel

 

Chas -

You are a genius!!!!! Got it solved, no problemo! Glad to know that I'm not crazy or the only one with weird problems.

I think I'll stick with my original plan and stay away from SP2 for now - I trust your judgement much more than mine!

Take care of yourself!! Ok, I'll leave you alone for now. You have been great!! Tell Major or Captain or whomever is in charge that you deserve a raise! *grin*

May God bless you 1000 times more than you have blessed me.
Shel