Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with Desktop Security 2010


  • This topic is locked This topic is locked
5 replies to this topic

#1 Tsuyama

Tsuyama

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:03:53 PM

Posted 10 April 2010 - 02:30 AM

Hi guys,

I've followed the instructions on this thread http://www.bleepingcomputer.com/virus-remo...p-security-2010
but I am still infected with this malware.

All the pop-ups are driving me crazy so any help at all would be greatly appreciated. I understand that you're all volunteers, it's great that you take time to actually help people rather than trying to make a quick bit of cash from having the expertise that not many others have.

Thanks for your time

Ben



DDS (Ver_10-03-17.01) - NTFSx86
Run by Ben at 16:01:59.34 on 2010/04/10
Internet Explorer: 8.0.6001.18904 BrowserJavaVersion: 1.6.0_17
Microsoft Windows Vista Home Basic 6.0.6002.2.1252.44.1041.18.1525.852 [GMT 9:00]

SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
SP: SUPERAntiSpyware *enabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\AskBarDis\bar\bin\AskService.exe
C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\BUFFALO\clientmgrv\bin\BWH32S.exe
C:\Program Files\CANON_IST Uninstaller\{EB51CAED-CFBF-408E-9094-B05279D713F6}\ctusbipsrv.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskeng.exe
"C:\Windows\System32\svchost.exe"
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\COMMON~1\MICROS~1\IME12\IMEJP\IMJPCMNT.EXE
C:\Program Files\Trusteer\Rapport\bin\RapportService.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\conime.exe
C:\PROGRA~1\COMMON~1\MICROS~1\IME12\IMEJP\IMJPCMNT.EXE
C:\Windows\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Ben\Downloads\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uInternet Settings,ProxyOverride = *.local
uWinlogon: Shell=c:\users\ben\appdata\roaming\desktop security 2010\Desktop Security 2010.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AskBar BHO: {201f27d4-3704-41d6-89c1-aa35e39143ed} - c:\program files\askbardis\bar\bin\askBar.dll
BHO: Winamp Toolbar Loader: {25cee8ec-5730-41bc-8b58-22ddc8ab8c20} - c:\program files\winamp toolbar\winamptb.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: Winamp Toolbar: {ebf2ba02-9094-4c5a-858b-bb198f3d8de2} - c:\program files\winamp toolbar\winamptb.dll
TB: Ask Toolbar: {3041d03e-fd4b-44e0-b742-2d9b88305f98} - c:\program files\askbardis\bar\bin\askBar.dll
uRun: [BN5A5F.tmp] c:\users\ben\appdata\local\temp\BN5A5F.tmp
uRun: [9wddsqwvddb7] c:\users\ben\appdata\local\temp\m.2C3BC.tmp.exe
uRun: [manualConsole] c:\users\ben\appdata\roaming\microsoft\windows\start menu\programs\winrar\consolemanual.exe
uRun: [Lessonresourcesd] c:\users\ben\desktop\work\business course\lesson 4\resourcesdLesson.exe
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
uRun: [Consolemanual] c:\users\ben\appdata\roaming\microsoft\windows\start menu\programs\winrar\Consolemanual.exe
uRun: [Desktop Security 2010] c:\users\ben\appdata\roaming\desktop security 2010\Desktop Security 2010.exe
uRun: [SecurityCenter] c:\users\ben\appdata\roaming\desktop security 2010\securitycenter.exe
uRunServices: [BN5A5F.tmp] c:\users\ben\appdata\local\temp\BN5A5F.tmp
uRunServices: [RoleCardsd] c:\users\ben\desktop\work\face2face\level 5 elementary\unit 1\cardsdrole.exe
uRunServices: [CanonMenu] c:\users\ben\desktop\shortcuts\printer stuff\menusolution.exe
uRunServices: [Coursepland] c:\users\ben\desktop\work\course structures\level 2\coursepland.exe
uRunServices: [SFXCABsp1aexpressusa] c:\users\ben\documents\installation files\service pack 1 + updates\sp1aexpressusasystem.exe
uRunServices: [Lessonresourcesd] c:\users\ben\desktop\work\business course\lesson 4\resourcesdLesson.exe
uRunServices: [Consolemanual] c:\users\ben\appdata\roaming\microsoft\windows\start menu\programs\winrar\Consolemanual.exe
mRun: [WinampAgent] "c:\program files\winamp\winampa.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [snpstd] c:\windows\vsnpstd.exe
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
dRun: [sjzjmu] RUNDLL32.EXE c:\windows\temp\msoeclsr.dll,w
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: &Winamp Search - c:\programdata\winamp toolbar\ietoolbar\resources\en-us\local\search.html
IE: Microsoft Excel ???????(&X) - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll
AppInit_DLLs: c:\windows\system32\48201010115.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL

================= FIREFOX ===================

FF - ProfilePath - c:\users\ben\appdata\roaming\mozilla\firefox\profiles\qtnu5mbe.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.co.uk/
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\mozilla firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

============= SERVICES / DRIVERS ===============

R1 RapportKELL;RapportKELL;c:\program files\trusteer\rapport\bin\RapportKELL.sys [2010-3-23 58984]
R1 RapportPG;RapportPG;c:\program files\trusteer\rapport\bin\RapportPG.sys [2010-3-23 125160]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2010-2-17 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-2-17 66632]
R2 ASKService;ASKService;c:\program files\askbardis\bar\bin\AskService.exe [2009-9-20 464264]
R2 ASKUpgrade;ASKUpgrade;c:\program files\askbardis\bar\bin\ASKUpgrade.exe [2009-9-20 234888]
R2 BWH32S;BWH32S;c:\program files\buffalo\clientmgrv\bin\BWH32S.exe [2009-4-20 57912]
R2 ctusbipsrv;NetHawk Network Interface;c:\program files\canon_ist uninstaller\{eb51caed-cfbf-408e-9094-b05279d713f6}\CtusbipSrv.exe [2009-4-20 61440]
R2 RapportMgmtService;Rapport Management Service;c:\program files\trusteer\rapport\bin\RapportMgmtService.exe [2010-3-23 779496]
R3 ctusbip;NetHawk Network Driver;c:\windows\system32\drivers\ctusbipx.sys [2007-8-27 91648]
R3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2010-2-17 12872]
S3 Bufeap;BUFFALO EAP Driver;c:\windows\system32\drivers\BUFEAP.sys [2009-4-20 14848]
S3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2009-4-26 21504]

=============== Created Last 30 ================

2010-04-10 05:44:26 0 d-----w- c:\users\ben\appdata\roaming\Desktop Security 2010
2010-04-10 03:02:08 0 d-----w- c:\users\ben\appdata\roaming\Malwarebytes
2010-04-10 03:01:41 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-04-10 03:01:38 20824 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-04-10 03:01:38 0 d-----w- c:\programdata\Malwarebytes
2010-04-10 03:01:38 0 d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-04-09 23:56:46 0 d-----w- c:\programdata\SUPERAntiSpyware.com
2010-04-09 23:56:37 0 d-----w- c:\users\ben\appdata\roaming\SUPERAntiSpyware.com
2010-04-09 23:56:37 0 d-----w- c:\program files\SUPERAntiSpyware
2010-04-09 23:55:34 0 d-----w- c:\program files\common files\Wise Installation Wizard
2010-04-08 07:32:24 0 d-----w- c:\windows\킹lR_E[ht@C
2010-04-08 01:11:44 823808 ----a-w- c:\windows\system32\drivers\fgqynve.sys
2010-04-08 01:11:06 24064 ----a-w- c:\windows\system32\48201010115.dll
2010-03-23 23:19:55 240 ----a-w- c:\windows\system32\drivers\kgpcpy.cfg
2010-03-23 15:00:50 16384 ---ha-w- C:\SZKGFS.dat
2010-03-23 14:59:36 0 d-----w- c:\programdata\SITEguard
2010-03-23 14:58:11 0 d-----w- c:\programdata\STOPzilla!
2010-03-23 14:58:11 0 d-----w- c:\program files\common files\iS3
2010-03-21 13:57:18 95024 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2010-03-21 13:33:43 0 dc-h--w- c:\programdata\~0
2010-03-21 09:12:11 0 d-----w- c:\programdata\Lavasoft

==================== Find3M ====================

2010-04-10 05:30:13 381072 ----a-w- c:\windows\system32\perfh011.dat
2010-04-10 05:30:13 105852 ----a-w- c:\windows\system32\perfc011.dat
2010-02-24 01:16:06 181632 ------w- c:\windows\system32\MpSigStub.exe
2010-02-23 06:39:13 916480 ----a-w- c:\windows\system32\wininet.dll
2010-02-23 06:33:45 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-02-23 06:33:45 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-02-23 04:55:36 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2010-01-25 12:00:35 471552 ----a-w- c:\windows\system32\secproc_isv.dll
2010-01-25 12:00:35 152576 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2010-01-25 12:00:35 152064 ----a-w- c:\windows\system32\secproc_ssp.dll
2010-01-25 12:00:22 471552 ----a-w- c:\windows\system32\secproc.dll
2010-01-25 11:58:52 332288 ----a-w- c:\windows\system32\msdrm.dll
2010-01-25 08:21:20 526336 ----a-w- c:\windows\system32\RMActivate_isv.exe
2010-01-25 08:21:20 346624 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2010-01-25 08:21:18 518144 ----a-w- c:\windows\system32\RMActivate.exe
2010-01-25 08:21:18 347136 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2010-01-23 09:26:13 2048 ----a-w- c:\windows\system32\tzres.dll
2009-11-24 13:18:53 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-11-24 13:18:53 51200 ----a-w- c:\windows\inf\infpub.dat
2009-11-24 13:18:52 86016 ----a-w- c:\windows\inf\infstor.dat
2009-11-24 13:18:52 143360 ----a-w- c:\windows\inf\infstrng.dat
2009-06-01 14:39:56 174 --sha-w- c:\program files\desktop.ini
2006-11-02 15:40:13 30674 ----a-w- c:\windows\inf\perflib\0411\perfd.dat
2006-11-02 15:40:13 30674 ----a-w- c:\windows\inf\perflib\0411\perfc.dat
2006-11-02 15:40:13 30674 ----a-w- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 15:40:13 30674 ----a-w- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 15:40:13 287440 ----a-w- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 15:40:13 287440 ----a-w- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 15:40:13 139030 ----a-w- c:\windows\inf\perflib\0411\perfi.dat
2006-11-02 15:40:13 139030 ----a-w- c:\windows\inf\perflib\0411\perfh.dat
2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfc.dat
2009-10-17 01:59:19 245760 --sha-w- c:\windows\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\ietldcache\index.dat

============= FINISH: 16:03:38.59 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 extremeboy

extremeboy

  • Malware Response Team
  • 12,975 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:53 AM

Posted 12 April 2010 - 09:05 PM

Hi,

My name is Extremeboy (or EB for short), and I will be helping you with your log. I apologize for the delay.

If you still require assistance we would like to see the current condition of your system so please post a new set of DDS Logs as well as a GMER log and a description of any remaining problems or symptoms you may still have please.

If for any reason you did not post a DDS log or GMER log please refer to this page and in step #6 and Step #7 and Step #8 for further instructions on downloading and running DDS & GMER. If you have any problems when running the tools or unable to produce a report for any reason, just let me know in your next reply.


For your next reply I would like to see:
-The DDS logs
---DDS.txt and Attach logs
-GMER log
-Description of any remaining problems you may still have.


With Regards,
Extremeboy
Note: Please do not PM me asking for help, instead please post it in the correct forum requesting for help. Help requests via the PM system will be ignored.

If I'm helping you and I don't reply within 48 hours please feel free to send me a PM.

The help you receive here is always free but if you wish to show your appreciation, you may wish to Posted Image.

#3 Tsuyama

Tsuyama
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:03:53 PM

Posted 13 April 2010 - 01:43 AM

Hi EB.

Thanks for getting back to me. I don't want to waste your time so I think you can go ahead and close this topic. I bought some anit-virus software over the weekend (Norton) but it didn't fix the problem. I then ran the anti-malware software again and it seems to have fixed it.

Sorry if I've wasted your time here.

#4 extremeboy

extremeboy

  • Malware Response Team
  • 12,975 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:53 AM

Posted 13 April 2010 - 03:42 PM

That's okay. Thanks for letting me know then.

Below are just some prevention tips...

Preventing Infections in the Future


Please also have a look at the following links, giving some advice and Tips to protect yourself against malware and reduce the potential for re-infection:

Some of the main things you should consider to perform/read are:
  • Having ONE Anti-Virus installed and running with real-time protection
  • Disabling Autorun/Play on Flash-Drive/Removable Drives
  • Avoid gaming sites, underground web pages, pirated software sites, and Peer to Peer Programs
  • Keep Windows Updated through going to Windows Updates
  • Updating Non-Microsoft Programs
  • Keeping Security softwares updated

It is also a good idea to check for the latest versions of commonly installed applications that are regularly patched to fix vulnerabilities. You can check these by visiting Secunia Software Inspector and Calendar of Updates.

Update all programs regularly - Make sure you update all the programs you have installed regularly. Without regular updates you WILL NOT be protected when new malicious programs are released.

Follow this list and your potential for being infected again will reduce dramatically.
Note: Please do not PM me asking for help, instead please post it in the correct forum requesting for help. Help requests via the PM system will be ignored.

If I'm helping you and I don't reply within 48 hours please feel free to send me a PM.

The help you receive here is always free but if you wish to show your appreciation, you may wish to Posted Image.

#5 Tsuyama

Tsuyama
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:03:53 PM

Posted 13 April 2010 - 08:32 PM

That's excellent. Thank you very much

#6 extremeboy

extremeboy

  • Malware Response Team
  • 12,975 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:53 AM

Posted 14 April 2010 - 07:57 PM

No problem.

--

Since the problem appears to be resolved, this topic is now Closed.
If you need this topic reopened, please Send Me a Message. In your message please include the address of this thread in your request.

This applies only to the original topic starter

Everyone else please start a new topic.

With Regards,
Extremeboy
Note: Please do not PM me asking for help, instead please post it in the correct forum requesting for help. Help requests via the PM system will be ignored.

If I'm helping you and I don't reply within 48 hours please feel free to send me a PM.

The help you receive here is always free but if you wish to show your appreciation, you may wish to Posted Image.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users