dloaded lsp - fx but there is no ntdll64.dl listed to remove
Don't worry about that MBAM took care of that and I don't see it in your Hijackthis log so don't worry
I wonder what you folks recommend for firewall and anti vir? I have Avast and spybot and Malwareshould I have anything else?
Avast is an Anti-virus program, and you should only have ONE
Anti-virus program active at one time or it will cause some conflicts and also false positives.
I didn't want you to install a Firewall just yet because your computer was quite infected but I can offer you some free firewall that you can install. I'll give you some links in the next post as you already have a quite of things to do Peer-to-Peer Programs Warning
Your log shows that you are using so called peer-to-peer
programs (in your case Lime Wire and U-torrent
). These programs allow to share files between users as the name(s) suggest. In today's world cyber crime
has come to an enormous dimension and any means is used to infect personal computers to make use of their stored data or machine power for further propagation of the malware files. A popular means is the use of file-sharing tools as a tremendous amount of prospective victims can be reached through it.
It is therefore possible to be infected by downloading manipulated files via peer-to-peer tools and thus suggested to be used with intense care. Some further readings on this subject, along the included links, are as follows: File-Sharing, otherwise known as Peer To Peer
and Risks of File-Sharing Technology
It is also important to note that sharing entertainment files and proprietary software
infringes the copyright laws in many countries over the world and you are putting yourself at risk of being indicted through organizations watching over the rights of the authors of such files (i.e. the RIAA
for music files, or the MPAA
for movie files in the USA) or the authors of the files themselves.
Naturally there are also legal ways to use these services, such as downloading Linux distributions or office suites such as "Open Office."
It is your decision whether or not you wish to keep your program(s). However, please refrain from using them until your computer has been declared clean.Fix HijackThis Entries
Download and Run OTMoveIT2
- Double click the HijackThis icon on your desktop.
- Close all other open windows.
- Select Do a System Scan Only.
- To the left of each entry you will see a box.Put a checkmark next to the following entries:
O4 - HKCU\..\Run: [AdmSysUi] C:\WINDOWS\system32\wtobabkb.exe
O4 - HKCU\..\Run: [monsmart] C:\WINDOWS\system32\reropwvw.exe
If you no longer see some of the entries, don't worry. It is possible that the uninstaller or removal tool already took care of it.
- Close all open windows except HijackThis.
- Click and OK.
- Close HijackThis.
- Please download OTMoveIt2 by OldTimerto your desktop.
- Double-click OTMoveIt2.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).
- Copy the lines in the quotebox below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
- Return to OTMoveIt2, right click in the Paste List Of Files/Patterns To Move window (under the yellow bar) and choose Paste.
- Click the red button.
- Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
- Close OTMoveIt2
If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.
In this case, after the reboot, open Notepad (Start->All Programs->Accessories->Notepad), click File->Open, in the File Name box enter *.log
and press the Enter key, navigate to the C:\_OTMoveIt\MovedFiles
folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post.Update Java to Version 6 Update 7Your Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system.
Please follow these steps to remove older version Java components and update:
Run Scan with Kaspersky
- Download the latest version of Java Runtime Environment (JRE) Version 6 and save it to your desktop.
- Scroll down to where it says "Java Runtime Environment (JRE) 6 Update 7...allows end-users to run Java applications".
- Click the "Download" button to the right.
- Select your Platform: "Windows".
- Select your Language: "Multi-language".
- Read the License Agreement, and then check the box that says: "Accept License Agreement".
- Click Continue and the page will refresh.
- Click on the link to download Windows Offline Installation and save the file to your desktop.
- Close any programs you may have running - especially your web browser.
- Go to Start > Settings > Control Panel, double-click on Add/Remove Programs and remove all older versions of Java.
- Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
- Click the Remove or Change/Remove button.
- Repeat as many times as necessary to remove each Java versions.
- Reboot your computer once all Java components are removed.
- Then from your desktop double-click on jre-6u7-windows-i586-p.exe to install the newest version.
Please do a scan with Kaspersky Online Scanner
.This scan is for Internet Explorer Only.
If you are using Windows Vista, open your browser by right-clicking on its icon and select 'Run as administrator' to perform this scan.
You can refer to this animation by sundavis.
- Please disable your realtime protection software before proceeding. Refer to this page if you are unsure how.
- Open the Kaspersky Scanner page.
- Click on Accept and install any components it needs.
- The program will install and then begin downloading the latest definition files.
- After the files have been downloaded on the left side of the page in the Scan section select My Computer
- This will start the program and scan your system.
- The scan will take a while, so be patient and let it run.
- Once the scan is complete, click on View scan report
- Now, click on the Save Report as button.
- Save the file to your desktop.
- Copy and paste that information in your next post.
For your next post please provide the following:
- OTmoveit log
- Kaspersky online scan log
- New RSIT log <-Run this at the end
- Any more promblems? If so please tell me.