Jump to content

Computer still messed up after encounter with rogue as


Recommended Posts

Folder isn't a biggie. You can delete it.

Let's make sure there arent any leftovers by performing an online scan:

ESET Online Scanner

  • Please go to the following link ESET Online Scanner Link
  • Tick the box YES, I accept the Terms Of Use
  • Click the Start button
  • Now click the Install button
  • Click Start
    The scanner engine will initialise and update
  • Do Not tick the box Remove found threats
  • Click the Scan button
    The scan will now run, please be patient
  • When the scan finishes click the Details tab
  • Copy and paste the contents of the C:\Program Files\EsetOnlineScanner\log.txt back here.

Link to post
Share on other sites

ESETSmartInstaller@High as CAB hook log:

OnlineScanner.ocx - registred OK

# version=7

# iexplore.exe=7.00.6000.16386 (vista_rtm.061101-2205)

# OnlineScanner.ocx=1.0.0.6210

# api_version=3.0.2

# EOSSerial=f81fe44add63e7419a3fe3ad1ede2b18

# end=finished

# remove_checked=false

# archives_checked=false

# unwanted_checked=true

# unsafe_checked=false

# antistealth_checked=true

# utc_time=2009-10-20 05:32:20

# local_time=2009-10-20 01:32:20 (-0500, Eastern Daylight Time)

# country="United States"

# lang=1033

# osver=6.0.6000 NT

# compatibility_mode=512 16777215 100 0 154630 154630 0 0

# compatibility_mode=1024 16777215 100 0 0 0 0 0

# compatibility_mode=5892 16776573 100 100 0 92658895 0 0

# compatibility_mode=8192 67108863 100 0 0 0 0 0

# scanned=415973

# found=1

# cleaned=0

# scan_time=8572

C:\Users\Isaac\Documents\DVD Rip 0.2.exe probably a variant of Win32/Agent trojan 00000000000000000000000000000000 I

Link to post
Share on other sites

Now that your system is clean, kindly follow these simple steps in order to keep your computer clean and secure:

  1. Uninstall ComboFix ... do not skip this step
    This process will perform some post cleanup measures.
    Do this by going to to Start > Run & typing in ComboFix /U
  2. ANTIVIRUS SOFTWARE
    It is imperative that you update your Antivirus software at least once a week (Even more if you wish). If you do not update your antivirus software then it will not be able to catch any of the new variants that may come out.
  3. Microsoft Windows Updatehttp://www.windowsupdate.com
    Visit regularly. This will ensure your computer always has the latest security updates. If there are new updates to install, install them immediately, reboot your computer, and revisit the site until there are no more critical updates.
  4. http://www.mozilla.org/products/firefox/ - Firefox - Use this alternate browser. Whilst Internet Explorer is not a bad browser, almost every exploit crafted is targeted to take advantage of an IE weakness.
  5. http://java.com/en/index.jsp - Sun's Java - It's much more secure than Microsoft's Java Virtual Machine.
  6. http://www.aumha.org/downloads/erunt-setup.exe - ERUNT - A useful freeware utility for users of Windows 2000/XP. It's made up of two parts - ERUNT & NTREGOPT.
    ERUNT will create daily complete backups of your computer's Registry. Whilst System Restore does the same thing, a corrupt registry file may prevent Windows from booting & this effectively renders disables System Restore. With ERUNT, you're able to restore the damaged Registry.
    NTREGOPT works by recreating each registry hive "from scratch", thus removing any slack space that may be left from previously modified or deleted keys. In other words, it compacts the Registry to a small size which allows Windows to load & perform faster.

To find out more information about how you got infected in the first place and some great guidelines to follow to prevent future infections you can read this article by Tony Klein - http://www.spywareinfoforum.com/index.php?showtopic=60955

After doing all these, your system will be optimised against future threats.

.

Have a safe & happy computing day. wave.gif

Kindly respond to this thread once more so we can mark this thread as resolved.

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.