Jump to content

Your help is much appreciated!


Recommended Posts

Yes I am. Sorry been very busy. I'm going to update Java now, and I will let you know.

Things seem to be running well!

Okay, I'm on step #3 CCleaner, and I'm unsure of what to do here. When I go to 'REGISTRY' I cannot 'uncheck' registry integrity. It looks like this: (> = checked)

REGISTRY INTEGRITY

>missing shared DLLs

>unused file extensions

>activeX and class issues

>type libraries

>applications

>fonts

>application paths

>help files

>installer

>obsolete software

>run at startup

>start menu ordering

>MUI cache

Link to post
Share on other sites

Thank you :huh: I just wanted to be sure. Here's my JavaRa log.

JavaRa 1.14 Removal Log.

Report follows after line.

------------------------------------

The JavaRa removal process was started on Thu Jun 04 09:41:03 2009

Found and removed: Software\JavaSoft\Java2D\1.5.0_06

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\JavaPlugin.150_06

------------------------------------

Finished reporting.

Link to post
Share on other sites

  • Root Admin

Okay, please run a final scan to confirm nothing is left over.

PANDA ONLINE SCAN

Please go >here< to run Panda's ActiveScan

  • Once you are on the Panda site, click the Scan your PC now button
  • A new window will open...click the Scan Now button
  • Allow the ActiveX control to be installed. It will start downloading the files it requires for the scan. Note: This may take a couple of minutes
  • Run the ActiveX control, if requested. The screen will then show the scanning progress - the scan will take a while to finish. Please be patient.
  • When the scan has finished, click on Export To
  • Save the file as Activescan.txt to your Desktop
  • Close the Activescan window then go to your Desktop
  • Double-click on Activescan.txt and it will open in Notepad
  • In Notepad, click Edit > Select all, then Edit > Copy
  • Reply to this thread and click Ctrl+V to paste the log in your reply

PANDA ONLINE SCAN

Link to post
Share on other sites

Okay, please run a final scan to confirm nothing is left over.

PANDA ONLINE SCAN

Please go >here< to run Panda's ActiveScan

  • Once you are on the Panda site, click the Scan your PC now button

  • A new window will open...click the Scan Now button

  • Allow the ActiveX control to be installed. It will start downloading the files it requires for the scan. Note: This may take a couple of minutes

  • Run the ActiveX control, if requested. The screen will then show the scanning progress - the scan will take a while to finish. Please be patient.

  • When the scan has finished, click on Export To

  • Save the file as Activescan.txt to your Desktop

  • Close the Activescan window then go to your Desktop

  • Double-click on Activescan.txt and it will open in Notepad

  • In Notepad, click Edit > Select all, then Edit > Copy

  • Reply to this thread and click Ctrl+V to paste the log in your reply

PANDA ONLINE SCAN

;*******************************************************************************

********************************************************************************

*

*******************

ANALYSIS: 2009-06-06 23:53:57

PROTECTIONS: 1

MALWARE: 8

SUSPECTS: 0

;*******************************************************************************

********************************************************************************

*

*******************

PROTECTIONS

Description Version Active Updated

;===============================================================================

================================================================================

=

===================

AVG Anti-Virus Free 8.5 Yes Yes

;===============================================================================

================================================================================

=

===================

MALWARE

Id Description Type Active Severity Disinfectable Disinfected Location

;===============================================================================

================================================================================

=

===================

00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\Documents and Settings\Litter\Cookies\litter@com[1].txt

00167747 Cookie/Azjmp TrackingCookie No 0 Yes No C:\Documents and Settings\Litter\Cookies\litter@azjmp[2].txt

00167749 Cookie/Toplist TrackingCookie No 0 Yes No C:\Documents and Settings\Litter\Cookies\litter@toplist[1].txt

00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Angela\Cookies\angela@serving-sys[1].txt

00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Angela\Cookies\angela@bs.serving-sys[1].txt

00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Litter\Cookies\litter@ads.pointroll[1].txt

00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Documents and Settings\Litter\Cookies\litter@go[2].txt

00590315 Rootkit/Agent.LNB HackTools No 0 Yes No C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP203\A0029025.sys

00590315 Rootkit/Agent.LNB HackTools No 0 Yes No C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP203\A0029024.sys

;===============================================================================

================================================================================

=

===================

SUSPECTS

Sent Location '

;===============================================================================

================================================================================

=

===================

;===============================================================================

================================================================================

=

===================

VULNERABILITIES

Id Severity Description '

;===============================================================================

================================================================================

=

===================

;===============================================================================

================================================================================

=

===================

Link to post
Share on other sites

  • Root Admin

Great, all looks good now.

I'll close your post soon so that other don't post into it and leave you with this information and suggestions.

So how did I get infected in the first place?

At this time your system appears to be clean. Nothing else in the logs indicates that you are still infected.

Now that you appear to be clean, please follow these simple steps in order to keep your computer clean and secure:

Remove all but the most recent Restore Point on Windows XP

You should
Create a New Restore Point
to prevent possible reinfection from an old one.

Some of the malware you picked up could have been saved in System Restore.

Since this is a protected directory your tools cannot access to delete these files, they sometimes can reinfect your system if you accidentally use an old restore point.

Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to
"roll-back"
to a clean working state.

The easiest and safest way to do this is

:
  • Go to
    Start
    >
    Programs
    >
    Accessories
    >
    System Tools
    and click "
    System Restore
    ".
  • If the shortcut is missing you can also click on
    START
    >
    RUN
    > and type in
    %SystemRoot%\system32\restore\rstrui.exe
    and click OK

  • Choose the radio button marked "
    Create a Restore Point
    " on the first screen then click "
    Next
    ".

  • Give the new Restore Point a name, then click "
    Create
    ".

  • The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.

  • Then use the
    Disk Cleanup
    to remove all but the most recently created Restore Point.
  • Go to
    Start
    >
    Run
    and type:
    Cleanmgr.exe

  • Select the drive where Windows is installed and click "
    Ok
    ". Disk Cleanup will scan your files for several minutes, then open.

  • Click the "
    More Options
    " tab, then click the "
    Clean up
    " button under System Restore.

  • Click Ok. You will be prompted with "
    Are you sure you want to delete all but the most recent restore point?
    "

  • Click
    Yes
    , then click Ok.

  • Click
    Yes
    again when prompted with "
    Are you sure you want to perform these actions?
    "

  • Disk Cleanup will remove the files and close automatically.

  • On the
    Disk Cleanup
    tab, if the
    System Restore: Obsolete Data Stores
    entry is available remove them also.

  • These are files that were created before Windows was reformatted or reinstalled. They are obsolete and you can delete them.

selectdrivecleanup.pngselectdrivecleanup1.png

Additional information

Microsoft KB article: How to turn off and turn on System Restore in Windows XP

Bert Kinney's site: All about Windows System Restore

Here are some free programs I recommend that could help you improve your computer's security.

Install SpyWare Blaster

Download it from here

Find here the tutorial on how to use Spyware Blaster here

Install WinPatrol

Download it from here

Here you can find information about how WinPatrol works here

Install FireTrust SiteHound

You can find information and download it from here

Install hpHosts

Download it from here

hpHosts is a community managed and maintained hosts file that allows an additional layer of protection against access to ad,

tracking and malicious websites. This prevents your computer from connecting to these untrusted sites

by redirecting them to 127.0.0.1 which is your own local computer.

hpHosts Support Forum

Update your Antivirus programs and other security products regularly to avoid new threats that could infect your system.

You can use one of these sites to check if any updates are needed for your pc.

Secunia Software Inspector

F-secure Health Check

Visit Microsoft often to get the latest updates for your computer.

http://www.update.microsoft.com

Note 1: If you are running Windows XP SP2, you should upgrade to SP3.

Note 2: Users of Norton Internet Security 2008 should uninstall the software before they install Service Pack 3.

The security suite can then be reinstalled afterwards.

The windows firewall is not sufficient to protect your system. It doesn't monitor outgoing traffic and this is a must.

I recommend Online Armor Free

A little outdated but good reading on how to prevent Malware

Keep safe online and happy surfing.

Since this issue is resolved I will close the thread to prevent others from posting into it. If you need assistance please start your own topic and someone will be happy to assist you.

The fixes and advice in this thread are for this machine only. Do not apply to your machine unless you Fully Understand how these programs work and what you're doing. Please start a thread of your own and someone will be happy to help you, just follow the Pre-Hijackthis instructions found here before posting Pre- HJT Post Instructions

Also don't forget that we offer FREE assistance with General PC questions and repair here PC Help

If you're pleased with the product Malwarebytes and the service provided you, please let your friends, family, and co-workers know. http://www.malwarebytes.org

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.