Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

WinBlueSoft malware


  • This topic is locked This topic is locked
2 replies to this topic

#1 KGriffith

KGriffith

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:11:05 PM

Posted 03 June 2009 - 06:59 PM

I keep having pop ups stating that there is a password stealer and and inet-worm, & Troyan-dropper and they both pop up on either side of my screen and then when they go a Spyware Alert comes up saying that I need to protect my computer with a registered copy of WinblueSoft to remove the spyware and malware threats. Please help! I am trying to clean up my laptop to do schoolwork.

DDS (Ver_09-05-14.01) - NTFSx86
Run by Cory Bentley at 17:49:26.87 on Wed 06/03/2009
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.502.94 [GMT -6:00]

FW: Norton Internet Worm Protection *disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\Oracle\Information Rights Management\Desktop\sealmon.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\setup2.exe
C:\Documents and Settings\All Users\Application Data\iWin Games\DesktopAlerts\DesktopAlerts.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\Internet Explorer\iexplore.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\iWin Games\iWinTrusted.exe
C:\Program Files\Java\jre6\bin\jqs.exe
svchost.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\mqsvc.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\PROGRA~1\hpq\Shared\HPQTOA~1.EXE
C:\Documents and Settings\Cory Bentley.PC326714525191.014\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.yahoo.com/
uSearch Page = hxxp://us.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http://www.yahoo.com
uSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
mDefault_Page_URL = hxxp://www.yahoo.com/
mDefault_Search_URL = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
mSearch Page = hxxp://us.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http://www.yahoo.com
mStart Page = hxxp://www.yahoo.com/
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
uInternet Connection Wizard,ShellNext = hxxp://mail.yahoo.com/?.intl=us&.redir=ymmapi9&.clntymver=2005.1.1.12&.cldefstat=Def2
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
mSearchAssistant =
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn1\yt.dll
uURLSearchHooks: N/A: {00a6faf6-072e-44cf-8957-5838f569a31d} - c:\program files\mywebsearch\bar\1.bin\MWSSRCAS.DLL
BHO: MyWebSearch Search Assistant BHO: {00a6faf1-072e-44cf-8957-5838f569a31d} - c:\program files\mywebsearch\bar\1.bin\MWSSRCAS.DLL
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\progra~1\yahoo!\companion\installs\cpn1\yt.dll
BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: mwsBar BHO: {07b18ea1-a523-4961-b6bb-170de4475cca} - c:\program files\mywebsearch\bar\1.bin\MWSBAR.DLL
BHO: Smart-Shopper: {4a7c84e2-e95c-43c6-8dd3-03abcd0eb60e} - c:\program files\smart-shopper\bin\2.5.1\Smrt-Shpr.dll
BHO: IEHlprObj Class: {8ca5ed52-f3fb-4414-a105-2e3491156990} - c:\progra~1\iwinga~1\IWINGA~1.DLL
BHO: BHO: {bad4551d-9b24-42cb-9bcd-818ca2da7b63} - c:\windows\system32\iehelper.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\progra~1\yahoo!\companion\installs\cpn1\YTSingleInstance.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn1\yt.dll
TB: My Web Search: {07b18ea9-a523-4961-b6bb-170de4475cca} - c:\program files\mywebsearch\bar\1.bin\MWSBAR.DLL
TB: {C4069E3A-68F1-403E-B40E-20066696354B} - No File
TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
TB: {D0523BB4-21E7-11DD-9AB7-415B56D89593} - No File
EB: SmartShopper: {8bcb5337-ec01-4e38-840c-a964f174255b} - c:\program files\smart-shopper\bin\2.5.1\Smrt-Shpr.dll
uRun: [Messenger (Yahoo!)] "c:\program files\yahoo!\messenger\YahooMessenger.exe" -quiet
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [system tool] c:\windows\sysguard.exe
uRun: [setup2.exe] c:\windows\system32\setup2.exe
mRun: [ehTray] c:\windows\ehome\ehtray.exe
mRun: [hpWirelessAssistant] c:\program files\hpq\hp wireless assistant\HP Wireless Assistant.exe
mRun: [igfxtray] c:\windows\system32\igfxtray.exe
mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe
mRun: [igfxpers] c:\windows\system32\igfxpers.exe
mRun: [MsmqIntCert] regsvr32 /s mqrt.dll
mRun: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [QPService] "c:\program files\hp\quickplay\QPService.exe"
mRun: [ISUSPM Startup] "c:\program files\common files\installshield\updateservice\isuspm.exe" -startup
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
mRun: [Cpqset] c:\program files\hewlett-packard\default settings\cpqset.exe
mRun: [RecGuard] c:\windows\sminst\RecGuard.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [sealmon.exe] c:\program files\oracle\information rights management\desktop\sealmon.exe
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [WinBlueSoft] c:\program files\winbluesoft software\winbluesoft\WinBlueSoft.exe -min
StartupFolder: c:\docume~1\corybe~1.014\startm~1\programs\startup\iwinde~1.lnk - c:\documents and settings\all users\application data\iwin games\desktopalerts\DesktopAlerts.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpphot~1.lnk - c:\program files\hp\digital imaging\bin\hpqthb08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\logite~1.lnk - c:\program files\logitech\desktop messenger\8876480\program\LDMConf.exe
uPolicies-system: EnableProfileQuota = 1 (0x1)
IE: &Search - http://edits.mywebsearch.com/toolbaredits/...?p=ZJxdm319YYUS
IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office12\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~4\office12\ONBttnIE.dll
IE: {3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEBF} - {6FAC4823-815E-4361-836E-46D65ED2550B} - c:\program files\smart-shopper\bin\2.5.1\Smrt-Shpr.dll
IE: {3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEC0} - {4CF088BD-BE95-40a5-BE9B-677F8683EDEA} - c:\program files\smart-shopper\bin\2.5.1\Smrt-Shpr.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~4\office12\REFIEBAR.DLL
Trusted Zone: gwcu.org\www
Trusted Zone: mcafee.com\download
Trusted Zone: mcafee.com\mvt
Trusted Zone: mcafee.com\us
Trusted Zone: mcafee.com\www
DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - hxxp://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei-4/ZwinkyInitialSetup1.0.1.1.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
TCP: NameServer = 85.255.112.92,85.255.112.104
TCP: {27AE0821-6832-4D1D-A90F-62D036968A0C} = 85.255.112.92,85.255.112.104
TCP: {5BDA3A72-A5FC-4EA7-BEFC-8B515EEBE937} = 85.255.112.92,85.255.112.104
Notify: igfxcui - igfxdev.dll

============= SERVICES / DRIVERS ===============

R2 iWinTrusted;iWinTrusted;c:\program files\iwin games\iWinTrusted.exe [2009-4-27 78104]
R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
S2 MyWebSearchService;My Web Search Service;c:\progra~1\mywebs~1\bar\1.bin\mwssvc.exe [2009-5-18 28762]

=============== Created Last 30 ================

2009-06-03 12:40 40,160 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-06-03 12:40 19,096 a------- c:\windows\system32\drivers\mbam.sys
2009-06-03 12:40 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
2009-06-03 12:40 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes
2009-06-03 02:40 9,202 a------- c:\windows\7101hazk9ool4ef5.ocx
2009-06-02 19:04 <DIR> --d----- c:\docume~1\corybe~1.014\applic~1\Def
2009-06-01 07:50 13,003 a------- c:\windows\29180viru56z1.dll
2009-05-26 12:54 14,818 a------- c:\windows\system32\15549za5se3118.bin
2009-05-25 07:06 10,720 a------- c:\windows\system32\50a3sp5rs9z01.dll
2009-05-25 02:29 3,718 a------- c:\windows\65b5threat15693z.dll
2009-05-24 20:51 9,330 a------- c:\windows\298ad5w9ze665.bin
2009-05-24 11:00 13,824 a------- c:\windows\system32\iehelper.dll
2009-05-23 15:23 18,134 a------- c:\windows\system32\3319n9t-5-zirus5e3.ocx
2009-05-23 02:44 3,663 a------- c:\windows\251z2wormb9.dll
2009-05-18 22:42 <DIR> --d----- c:\docume~1\corybe~1.014\applic~1\FunWebProducts
2009-05-18 22:41 28,672 a------- c:\windows\system32\f3PSSavr.scr
2009-05-18 22:41 <DIR> --d----- c:\program files\MyWebSearch
2009-05-18 22:41 <DIR> --d----- c:\program files\FunWebProducts
2009-05-17 23:56 12,350 a------- c:\windows\19775spzmbot305.bin
2009-05-16 13:02 <DIR> --d----- c:\windows\system32\wbem\Repository
2009-05-14 08:07 10,169 a------- c:\windows\system32\3528v9r68z5.dll
2009-05-13 13:17 8,416 a------- c:\windows\5642zroj992.dll
2009-05-13 09:29 4,606 a------- c:\windows\system32\95160z5rm71e.ocx
2009-05-12 22:02 15,104 a------- c:\windows\system32\drivers\usbscan.sys
2009-05-12 22:02 15,104 a------- c:\windows\system32\dllcache\usbscan.sys
2009-05-12 22:02 5,632 a------- c:\windows\system32\ptpusb.dll
2009-05-12 22:02 159,232 a------- c:\windows\system32\ptpusd.dll
2009-05-12 22:00 107,368 a------- c:\windows\system32\GEARAspi.dll
2009-05-12 22:00 23,400 a------- c:\windows\system32\drivers\GEARAspiWDM.sys
2009-05-12 22:00 <DIR> --d----- c:\program files\iPod
2009-05-12 22:00 <DIR> --d----- c:\program files\iTunes
2009-05-12 22:00 <DIR> --d----- c:\docume~1\alluse~1\applic~1\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-05-12 21:59 <DIR> --d----- c:\program files\Bonjour
2009-05-12 21:58 1,900,544 a------- c:\windows\system32\usbaaplrc.dll
2009-05-12 21:58 36,864 a------- c:\windows\system32\drivers\usbaapl.sys
2009-05-12 11:22 18,422 a------- c:\windows\system32\7c81tzreat25931.cpl
2009-05-11 15:53 10,187 a------- c:\windows\system32\98426hacztool85.exe
2009-05-09 20:59 6,804 a------- c:\windows\system32\5362spzrs91205.exe
2009-05-09 15:08 16,090 a------- c:\windows\system32\56ffszar9e3543.bin
2009-05-09 09:56 16,605 a------- c:\windows\system32\128709acz5ool540.ocx
2009-05-07 00:23 6,706 a------- c:\windows\3fe89tezl1653.bin
2009-05-06 15:52 18,003 a------- c:\windows\system32\297ds5yware6z7.bin
2009-05-06 07:00 4,301 a------- c:\windows\4119hie52z35.exe
2009-05-05 17:57 13,840 a------- c:\windows\system32\29280sz93d45.ocx
2009-05-04 17:50 <DIR> --d----- c:\program files\Citrix
2009-05-04 17:49 60,744 a------- c:\documents and settings\cory bentley.pc326714525191.014\g2mdlhlpx.exe

==================== Find3M ====================

2009-05-16 13:14 2,295 a------- c:\windows\checkip.dat
2009-05-01 01:02 12,704 a------- c:\windows\52d9thief2965z.bin
2009-04-28 12:12 13,215 a------- c:\windows\system32\78f7z9ars51519.dll
2009-04-24 16:59 4,946 a------- c:\windows\199z2wor56a6.dll
2009-04-19 08:19 13,180 a------- c:\windows\525zsteal2695.bin
2009-04-16 23:13 6,596 a------- c:\windows\system32\2z45spyw9re2776.exe
2009-04-14 19:58 2,590 a------- c:\windows\93datz5ef693.bin
2009-04-07 06:28 10,979 a------- c:\windows\927asteal1z345.exe
2009-04-06 10:50 11,302 a------- c:\windows\system32\6cazba9k5oor734.exe
2009-04-05 22:59 18,384 a------- c:\windows\system32\4d49spars51729z.exe
2009-04-05 17:09 9,906 a------- c:\windows\system32\56099hacztool3b09.exe
2009-04-05 15:06 3,763 a------- c:\windows\system32\144z4ha95tool4c1.bin
2009-04-03 05:59 11,126 a------- c:\windows\30z09w5rm2bf9.bin
2009-04-03 02:39 6,152 a------- c:\windows\5069v5rzs491.bin
2009-04-02 16:00 4,125 a------- c:\windows\7c69vir79z5.bin
2009-04-02 02:38 11,634 a------- c:\windows\system32\92666wozm135.exe
2009-03-28 04:41 9,636 a------- c:\windows\system32\43z55par9e889.exe
2009-03-27 10:58 15,087 a------- c:\windows\system32\72d5vir19z9.bin
2009-03-26 15:28 18,091 a------- c:\windows\system32\210025ozma9.dll
2009-03-26 08:44 10,868 a------- c:\windows\16609w95m36z.dll
2009-03-26 07:11 7,182 a------- c:\windows\2f91zh9ef57.bin
2009-03-24 03:36 4,497 a------- c:\windows\30046troj5z9.exe
2009-03-21 08:06 989,696 -------- c:\windows\system32\dllcache\kernel32.dll
2009-03-20 05:48 12,556 a------- c:\windows\system32\18501hacktool6z59.bin
2009-03-20 04:15 6,349 a------- c:\windows\22291zro9255.bin
2009-03-19 13:26 2,875 a------- c:\windows\6290h9cktoolz50.exe
2009-03-16 20:12 11,269 a------- c:\windows\system32\493et5rea9618z.dll
2009-03-14 04:57 10,106 a------- c:\windows\950z5virus74a.dll
2009-03-09 06:43 12,739 a------- c:\windows\system32\4b36z9ief355.exe
2009-03-09 05:19 410,984 a------- c:\windows\system32\deploytk.dll
2009-03-09 02:59 7,753 a------- c:\windows\system32\19szarse35.bin
2009-03-08 14:09 638,816 a------- c:\windows\system32\dllcache\iexplore.exe
2009-03-08 04:34 914,944 a------- c:\windows\system32\wininet.dll
2009-03-08 04:34 43,008 ac------ c:\windows\system32\licmgr10.dll
2009-03-08 04:34 43,008 a------- c:\windows\system32\dllcache\licmgr10.dll
2009-03-08 04:33 18,944 a------- c:\windows\system32\corpol.dll
2009-03-08 04:33 25,600 a------- c:\windows\system32\dllcache\jsproxy.dll
2009-03-08 04:33 229,376 a------- c:\windows\system32\dllcache\ieaksie.dll
2009-03-08 04:33 420,352 a------- c:\windows\system32\vbscript.dll
2009-03-08 04:33 125,952 a------- c:\windows\system32\dllcache\ieakeng.dll
2009-03-08 04:32 72,704 ac------ c:\windows\system32\admparse.dll
2009-03-08 04:32 72,704 a------- c:\windows\system32\dllcache\admparse.dll
2009-03-08 04:32 173,056 a------- c:\windows\system32\dllcache\ie4uinit.exe
2009-03-08 04:32 163,840 a------- c:\windows\system32\dllcache\ieakui.dll
2009-03-08 04:32 71,680 ac------ c:\windows\system32\iesetup.dll
2009-03-08 04:32 71,680 a------- c:\windows\system32\dllcache\iesetup.dll
2009-03-08 04:32 94,720 a------- c:\windows\system32\dllcache\inseng.dll
2009-03-08 04:32 611,840 a------- c:\windows\system32\dllcache\mstime.dll
2009-03-08 04:31 34,816 a------- c:\windows\system32\imgutil.dll
2009-03-08 04:31 48,128 a------- c:\windows\system32\mshtmler.dll
2009-03-08 04:31 45,568 a------- c:\windows\system32\mshta.exe
2009-03-08 04:31 45,568 a------- c:\windows\system32\dllcache\mshta.exe
2009-03-08 04:22 156,160 a------- c:\windows\system32\msls31.dll
2009-03-07 20:32 10,624 a------- c:\windows\949bzhreat302525.bin
2009-03-07 03:34 16,299 a------- c:\windows\system32\4290z5eal413.dll
2009-03-06 10:38 12,900 a------- c:\windows\56959ddzare2560.dll
2009-03-06 08:22 284,160 a------- c:\windows\system32\pdh.dll
2009-03-06 08:22 284,160 -------- c:\windows\system32\dllcache\pdh.dll
2008-10-28 07:43 774,144 ac------ c:\program files\RngInterstitial.dll

============= FINISH: 17:49:36.23 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 SifuMike

SifuMike

    malware expert


  • Staff Emeritus
  • 15,385 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Vancouver (not BC) WA (Not DC) USA
  • Local time:08:05 PM

Posted 04 June 2009 - 10:57 PM

Hello KGriffith,

Download Security Check by screen317 from here or here.
Save it to your Desktop.
Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called checkup.txt.
Please post the contents of that document.



Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version Java components and update.

Updating Java:
  • Download the latest version of Java SE Runtime Environment (JRE) 6 Update 14.
  • Click the "Download" button to the right.
  • At the Select Platform and Language for your download drop down box
    Select Windows and Mult-Language
  • Check the box that says: "Accept License Agreement" then press Continue ( Selecting Windows will give you the 32 bit version. )
  • The page will refresh.
  • Click on the link to download Windows Offline Installation, Multi-language jre-6u13-windows-i586-p.exe and save to your desktop.
  • Close any programs you may have running - especially your web browser.
  • Go to Start > Control Panel double-click on Add/Remove programs and remove all older versions of Java.
    Examples of older versions in Add or Remove Programs:
    J2SE Runtime Environment 5.0 Update 6
    Java 6 Update 13
  • Check any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-6u14-windows-i586-p.exe to install the newest version.
Please the last Malwarebytes log and a fresh Hijackthis log (not a DSS log)

Edited by SifuMike, 04 June 2009 - 11:01 PM.

If I've saved you time & money,
please make a donation so I can keep helping people just like you! You can donate using a credit card and PayPal. Thank you!



Posted Image

Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

#3 SifuMike

SifuMike

    malware expert


  • Staff Emeritus
  • 15,385 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Vancouver (not BC) WA (Not DC) USA
  • Local time:08:05 PM

Posted 16 June 2009 - 10:00 PM

Since your problem appears to be resolved, this thread will now be closed.
If I've saved you time & money,
please make a donation so I can keep helping people just like you! You can donate using a credit card and PayPal. Thank you!



Posted Image

Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users