Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Latest News:    Hackers Don't Give Site Owners Time to Patch, Start Exploiting New Drupal Flaw Within Hours

Featured Deal: Pay What You Want Complete Cyber Security Certification Bundle Deal

Photo

ProofDefender, Personal Guard, and more

Started by kingmaxpower , Sep 21 2009 07:55 PM

  • Please log in to reply
6 replies to this topic

#1 kingmaxpower

kingmaxpower

  • Members
  • 6 posts
  • OFFLINE
    •  
  • Local time:08:36 PM

Posted 21 September 2009 - 07:55 PM

Hello,

On 9-18 I had a virus alert by AVG, and after running Malwarebytes it found: Rogue.ProofDefender, malware.trace, personalguard 2009, hijack.usernit and shell, as well as many other things. Today it found trojan vundo.

I ran Malwarebytes multiple times, and have allowed it to remove found entries. I have also ran Super AntiSpyware and removed the entries it found. I have now finished running Malwarebytes, SAS, and AVG all of which have not reported anything else.

My problem is that I know that there are still remaining effects considering I cannot startup in SAFE mode.

Any help would be appreciated!

BC AdBot (Login to Remove)

 

#2 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,573 posts
  • OFFLINE
    •  
  • Gender:Male
  • Local time:10:36 AM

Posted 22 September 2009 - 01:22 AM

Try the "Repair Broken SafeBoot Key" fix in SUPERAntiSpyware (under Preferences > Repair tab).
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#3 kingmaxpower

kingmaxpower
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
    •  
  • Local time:08:36 PM

Posted 22 September 2009 - 09:18 PM

That worked, I can access safe mode now. Thanks.

#4 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,573 posts
  • OFFLINE
    •  
  • Gender:Male
  • Local time:10:36 AM

Posted 22 September 2009 - 09:42 PM

If you’re clean, you should create a new Restore Point to prevent possible re-infection from an old one.

Go Start > Programs > Accessories > System Tools and click System Restore. Choose the radio button marked Create a Restore Point on the first screen then click Next. Give the Restore Point a name and then click Create. Then use Disk Cleanup to remove all but the most recently created Restore Point. Go Start > Run and type: "Cleanmgr" (without the quotes). Click Ok > More Options tab > Clean Up in the System Restore section to remove all previous restore points except the newly created one.

Also, go Start > Control Panel and double-click Add or Remove Programs. Post back and report any Java or JS2E entries that you have.
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#5 kingmaxpower

kingmaxpower
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
    •  
  • Local time:08:36 PM

Posted 23 September 2009 - 08:34 PM

I'm assuming I'm clean, I have run AVG, Malwarebytes, and Super AntiSpyware in safe mode and have come up with nothing.

Under control panel, add/remove I have found no entries of java or JS2E.

Next obvious question is should I?

#6 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,573 posts
  • OFFLINE
    •  
  • Gender:Male
  • Local time:10:36 AM

Posted 23 September 2009 - 08:45 PM

A lot of websites use Java, so it can be useful - but it is by no means essential.

You can get the most up to date Java Runtime Environment from here:

http://java.com/en/download/index.jsp
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#7 kingmaxpower

kingmaxpower
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
    •  
  • Local time:08:36 PM

Posted 23 September 2009 - 08:48 PM

Right, I just wasn't sure if something was affected that caused those components to be missing.
Back to Am I infected? What do I do?


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users


  1. BleepingComputer.com
  2. Security
  3. Am I infected? What do I do?
  4. Privacy Policy
  5. Rules ·