Author Topic: I think I have a virus Ill will Post logs! (Read 117915 times)

evilfantasy · « **Reply #15 on:** August 30, 2008, 08:13:11 PM »

No worries.

!~:.Pink Floyd.:~! · « **Reply #16 on:** August 30, 2008, 08:22:10 PM »

Quote from: evilfantasy on August 30, 2008, 08:13:11 PM

No worries.

Lmao...

Thanks for helping me with the java update thing.

I should have the kaspersky log sometime around lunch time Eastern time.

Im not gonna be here around 4:00-8:00

Going out to a sushi bar.

So that will be fun.

Thanks for the help though.

!~:.Pink Floyd.:~! · « **Reply #17 on:** August 31, 2008, 09:25:57 AM »

I just found 2 nasties already.

!~:.Pink Floyd.:~! · « **Reply #18 on:** August 31, 2008, 09:27:56 AM »

It seems that auto clicker that never worked was against me not with me.

evilfantasy · « **Reply #19 on:** August 31, 2008, 09:47:32 AM »

!~:.Pink Floyd.:~! · « **Reply #20 on:** August 31, 2008, 09:53:07 AM »

Quote from: evilfantasy on August 31, 2008, 09:47:32 AM

Log?

Oh its still scanning buddy.

!~:.Pink Floyd.:~! · « **Reply #21 on:** August 31, 2008, 09:53:43 AM »

Im gonna get Comodo And kaspersky if that sounds good

!~:.Pink Floyd.:~! · « **Reply #22 on:** August 31, 2008, 10:19:21 AM »

--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7 REPORT
Sunday, August 31, 2008
Operating System: Microsoft Windows XP Professional Service Pack 2 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Sunday, August 31, 2008 15:31:42
Records in database: 1172087
--------------------------------------------------------------------------------

Scan settings:
   Scan using the following database: extended
   Scan archives: yes
   Scan mail databases: yes

Scan area - My Computer:
   C:\
   D:\

Scan statistics:
   Files scanned: 62493
   Threat name: 2
   Infected objects: 52
   Suspicious objects: 0
   Duration of the scan: 00:38:09

File name / Threat name / Threats count
C:\Documents and Settings\Charles Donaldson\Application Data\Sun\Java\Deployment\cache\6.0\25\650d0659-776fb091   Infected: Exploit.Java.Gimsh.a   1
C:\Documents and Settings\Charles Donaldson\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jvmimpro.jar-6d00d9f7-5607f171.zip   Infected: Exploit.Java.Gimsh.a   1
C:\Documents and Settings\Charles Donaldson\Local Settings\Temp\MofikiAutoClickerPremium.zip   Infected: Backdoor.Win32.Rbot.jnq   1
C:\Documents and Settings\Charles Donaldson\Local Settings\Temp\Temporary Directory 1 for MofikiAutoClickerPremium-1.zip\Auto Clicker Premium v1.0.0.3.exe   Infected: Backdoor.Win32.Rbot.jnq   1
C:\Documents and Settings\Charles Donaldson\Local Settings\Temp\Temporary Directory 1 for MofikiAutoClickerPremium.zip\Auto Clicker Premium v1.0.0.3.exe   Infected: Backdoor.Win32.Rbot.jnq   1
C:\Documents and Settings\Charles Donaldson\Local Settings\Temp\Temporary Directory 10 for MofikiAutoClickerPremium.zip\Auto Clicker Premium v1.0.0.3.exe   Infected: Backdoor.Win32.Rbot.jnq   1
C:\Documents and Settings\Charles Donaldson\Local Settings\Temp\Temporary Directory 11 for MofikiAutoClickerPremium.zip\Auto Clicker Premium v1.0.0.3.exe   Infected: Backdoor.Win32.Rbot.jnq   1
C:\Documents and Settings\Charles Donaldson\Local Settings\Temp\Temporary Directory 12 for MofikiAutoClickerPremium.zip\Auto Clicker Premium v1.0.0.3.exe   Infected: Backdoor.Win32.Rbot.jnq   1
C:\Documents and Settings\Charles Donaldson\Local Settings\Temp\Temporary Directory 13 for MofikiAutoClickerPremium.zip\Auto Clicker Premium v1.0.0.3.exe   Infected: Backdoor.Win32.Rbot.jnq   1
C:\Documents and Settings\Charles Donaldson\Local Settings\Temp\Temporary Directory 14 for MofikiAutoClickerPremium.zip\Auto Clicker Premium v1.0.0.3.exe   Infected: Backdoor.Win32.Rbot.jnq   1
C:\Documents and Settings\Charles Donaldson\Local Settings\Temp\Temporary Directory 15 for MofikiAutoClickerPremium.zip\Auto Clicker Premium v1.0.0.3.exe   Infected: Backdoor.Win32.Rbot.jnq   1
C:\Documents and Settings\Charles Donaldson\Local Settings\Temp\Temporary Directory 16 for MofikiAutoClickerPremium.zip\Auto Clicker Premium v1.0.0.3.exe   Infected: Backdoor.Win32.Rbot.jnq   1
C:\Documents and Settings\Charles Donaldson\Local Settings\Temp\Temporary Directory 17 for MofikiAutoClickerPremium.zip\Auto Clicker Premium v1.0.0.3.exe   Infected: Backdoor.Win32.Rbot.jnq   1
C:\Documents and Settings\Charles Donaldson\Local Settings\Temp\Temporary Directory 18 for MofikiAutoClickerPremium.zip\Auto Clicker Premium v1.0.0.3.exe   Infected: Backdoor.Win32.Rbot.jnq   1
C:\Documents and Settings\Charles Donaldson\Local Settings\Temp\Temporary Directory 19 for MofikiAutoClickerPremium.zip\Auto Clicker Premium v1.0.0.3.exe   Infected: Backdoor.Win32.Rbot.jnq   1
C:\Documents and Settings\Charles Donaldson\Local Settings\Temp\Temporary Directory 2 for MofikiAutoClickerPremium-1.zip\Auto Clicker Premium v1.0.0.3.exe   Infected: Backdoor.Win32.Rbot.jnq   1
C:\Documents and Settings\Charles Donaldson\Local Settings\Temp\Temporary Directory 2 for MofikiAutoClickerPremium.zip\Auto Clicker Premium v1.0.0.3.exe   Infected: Backdoor.Win32.Rbot.jnq   1
C:\Documents and Settings\Charles Donaldson\Local Settings\Temp\Temporary Directory 20 for MofikiAutoClickerPremium.zip\Auto Clicker Premium v1.0.0.3.exe   Infected: Backdoor.Win32.Rbot.jnq   1
C:\Documents and Settings\Charles Donaldson\Local Settings\Temp\Temporary Directory 21 for MofikiAutoClickerPremium.zip\Auto Clicker Premium v1.0.0.3.exe   Infected: Backdoor.Win32.Rbot.jnq   1
C:\Documents and Settings\Charles Donaldson\Local Settings\Temp\Temporary Directory 22 for MofikiAutoClickerPremium.zip\Auto Clicker Premium v1.0.0.3.exe   Infected: Backdoor.Win32.Rbot.jnq   1
C:\Documents and Settings\Charles Donaldson\Local Settings\Temp\Temporary Directory 23 for MofikiAutoClickerPremium.zip\Auto Clicker Premium v1.0.0.3.exe   Infected: Backdoor.Win32.Rbot.jnq   1
C:\Documents and Settings\Charles Donaldson\Local Settings\Temp\Temporary Directory 24 for MofikiAutoClickerPremium.zip\Auto Clicker Premium v1.0.0.3.exe   Infected: Backdoor.Win32.Rbot.jnq   1
C:\Documents and Settings\Charles Donaldson\Local Settings\Temp\Temporary Directory 25 for MofikiAutoClickerPremium.zip\Auto Clicker Premium v1.0.0.3.exe   Infected: Backdoor.Win32.Rbot.jnq   1
C:\Documents and Settings\Charles Donaldson\Local Settings\Temp\Temporary Directory 26 for MofikiAutoClickerPremium.zip\Auto Clicker Premium v1.0.0.3.exe   Infected: Backdoor.Win32.Rbot.jnq   1
C:\Documents and Settings\Charles Donaldson\Local Settings\Temp\Temporary Directory 27 for MofikiAutoClickerPremium.zip\Auto Clicker Premium v1.0.0.3.exe   Infected: Backdoor.Win32.Rbot.jnq   1
C:\Documents and Settings\Charles Donaldson\Local Settings\Temp\Temporary Directory 28 for MofikiAutoClickerPremium.zip\Auto Clicker Premium v1.0.0.3.exe   Infected: Backdoor.Win32.Rbot.jnq   1
C:\Documents and Settings\Charles Donaldson\Local Settings\Temp\Temporary Directory 29 for MofikiAutoClickerPremium.zip\Auto Clicker Premium v1.0.0.3.exe   Infected: Backdoor.Win32.Rbot.jnq   1
C:\Documents and Settings\Charles Donaldson\Local Settings\Temp\Temporary Directory 3 for MofikiAutoClickerPremium.zip\Auto Clicker Premium v1.0.0.3.exe   Infected: Backdoor.Win32.Rbot.jnq   1
C:\Documents and Settings\Charles Donaldson\Local Settings\Temp\Temporary Directory 30 for MofikiAutoClickerPremium.zip\Auto Clicker Premium v1.0.0.3.exe   Infected: Backdoor.Win32.Rbot.jnq   1
C:\Documents and Settings\Charles Donaldson\Local Settings\Temp\Temporary Directory 31 for MofikiAutoClickerPremium.zip\Auto Clicker Premium v1.0.0.3.exe   Infected: Backdoor.Win32.Rbot.jnq   1
C:\Documents and Settings\Charles Donaldson\Local Settings\Temp\Temporary Directory 32 for MofikiAutoClickerPremium.zip\Auto Clicker Premium v1.0.0.3.exe   Infected: Backdoor.Win32.Rbot.jnq   1
C:\Documents and Settings\Charles Donaldson\Local Settings\Temp\Temporary Directory 33 for MofikiAutoClickerPremium.zip\Auto Clicker Premium v1.0.0.3.exe   Infected: Backdoor.Win32.Rbot.jnq   1
C:\Documents and Settings\Charles Donaldson\Local Settings\Temp\Temporary Directory 34 for MofikiAutoClickerPremium.zip\Auto Clicker Premium v1.0.0.3.exe   Infected: Backdoor.Win32.Rbot.jnq   1
C:\Documents and Settings\Charles Donaldson\Local Settings\Temp\Temporary Directory 35 for MofikiAutoClickerPremium.zip\Auto Clicker Premium v1.0.0.3.exe   Infected: Backdoor.Win32.Rbot.jnq   1
C:\Documents and Settings\Charles Donaldson\Local Settings\Temp\Temporary Directory 36 for MofikiAutoClickerPremium.zip\Auto Clicker Premium v1.0.0.3.exe   Infected: Backdoor.Win32.Rbot.jnq   1
C:\Documents and Settings\Charles Donaldson\Local Settings\Temp\Temporary Directory 37 for MofikiAutoClickerPremium.zip\Auto Clicker Premium v1.0.0.3.exe   Infected: Backdoor.Win32.Rbot.jnq   1
C:\Documents and Settings\Charles Donaldson\Local Settings\Temp\Temporary Directory 38 for MofikiAutoClickerPremium.zip\Auto Clicker Premium v1.0.0.3.exe   Infected: Backdoor.Win32.Rbot.jnq   1
C:\Documents and Settings\Charles Donaldson\Local Settings\Temp\Temporary Directory 39 for MofikiAutoClickerPremium.zip\Auto Clicker Premium v1.0.0.3.exe   Infected: Backdoor.Win32.Rbot.jnq   1
C:\Documents and Settings\Charles Donaldson\Local Settings\Temp\Temporary Directory 4 for MofikiAutoClickerPremium.zip\Auto Clicker Premium v1.0.0.3.exe   Infected: Backdoor.Win32.Rbot.jnq   1
C:\Documents and Settings\Charles Donaldson\Local Settings\Temp\Temporary Directory 40 for MofikiAutoClickerPremium.zip\Auto Clicker Premium v1.0.0.3.exe   Infected: Backdoor.Win32.Rbot.jnq   1
C:\Documents and Settings\Charles Donaldson\Local Settings\Temp\Temporary Directory 41 for MofikiAutoClickerPremium.zip\Auto Clicker Premium v1.0.0.3.exe   Infected: Backdoor.Win32.Rbot.jnq   1
C:\Documents and Settings\Charles Donaldson\Local Settings\Temp\Temporary Directory 42 for MofikiAutoClickerPremium.zip\Auto Clicker Premium v1.0.0.3.exe   Infected: Backdoor.Win32.Rbot.jnq   1
C:\Documents and Settings\Charles Donaldson\Local Settings\Temp\Temporary Directory 43 for MofikiAutoClickerPremium.zip\Auto Clicker Premium v1.0.0.3.exe   Infected: Backdoor.Win32.Rbot.jnq   1
C:\Documents and Settings\Charles Donaldson\Local Settings\Temp\Temporary Directory 44 for MofikiAutoClickerPremium.zip\Auto Clicker Premium v1.0.0.3.exe   Infected: Backdoor.Win32.Rbot.jnq   1
C:\Documents and Settings\Charles Donaldson\Local Settings\Temp\Temporary Directory 45 for MofikiAutoClickerPremium.zip\Auto Clicker Premium v1.0.0.3.exe   Infected: Backdoor.Win32.Rbot.jnq   1
C:\Documents and Settings\Charles Donaldson\Local Settings\Temp\Temporary Directory 46 for MofikiAutoClickerPremium.zip\Auto Clicker Premium v1.0.0.3.exe   Infected: Backdoor.Win32.Rbot.jnq   1
C:\Documents and Settings\Charles Donaldson\Local Settings\Temp\Temporary Directory 47 for MofikiAutoClickerPremium.zip\Auto Clicker Premium v1.0.0.3.exe   Infected: Backdoor.Win32.Rbot.jnq   1
C:\Documents and Settings\Charles Donaldson\Local Settings\Temp\Temporary Directory 5 for MofikiAutoClickerPremium.zip\Auto Clicker Premium v1.0.0.3.exe   Infected: Backdoor.Win32.Rbot.jnq   1
C:\Documents and Settings\Charles Donaldson\Local Settings\Temp\Temporary Directory 6 for MofikiAutoClickerPremium.zip\Auto Clicker Premium v1.0.0.3.exe   Infected: Backdoor.Win32.Rbot.jnq   1
C:\Documents and Settings\Charles Donaldson\Local Settings\Temp\Temporary Directory 7 for MofikiAutoClickerPremium.zip\Auto Clicker Premium v1.0.0.3.exe   Infected: Backdoor.Win32.Rbot.jnq   1
C:\Documents and Settings\Charles Donaldson\Local Settings\Temp\Temporary Directory 8 for MofikiAutoClickerPremium.zip\Auto Clicker Premium v1.0.0.3.exe   Infected: Backdoor.Win32.Rbot.jnq   1
C:\Documents and Settings\Charles Donaldson\Local Settings\Temp\Temporary Directory 9 for MofikiAutoClickerPremium.zip\Auto Clicker Premium v1.0.0.3.exe   Infected: Backdoor.Win32.Rbot.jnq   1

The selected area was scanned.

!~:.Pink Floyd.:~! · « **Reply #23 on:** August 31, 2008, 10:23:33 AM »

There it is

evilfantasy · « **Reply #24 on:** August 31, 2008, 11:30:35 AM »

Clearing Java Cache

Go to Start > Control Panel and double-click the Java Icon

On the General tab, under Temporary Internet Files, click the Settings button.
Next, click on the Delete Files button
There are two options in the window to clear the cache - Leave BOTH Checked
- Applications
- Applets Trace and Log Files
Click OK on Delete Temporary Files Window

Note: This deletes ALL the Downloaded Applications and Applets from the CACHE.

Click OK to leave the Temporary Files Window
Click OK to leave the Java Control Panel.

.
----------

Download and install CleanUp!.exe

Open Cleanup! by double-clicking the icon on your desktop (or from the Start > All Programs menu).
Set the program up as follows:

Click Options...
Move the arrow to Standard CleanUp!
Uncheck the following: (if checked)
- Delete Newsgroup cache
- Delete Newsgroup Subscriptions
Click OK

.
Click the CleanUp! button to start the program. Reboot/logoff when prompted.

----------

Click on Start and then Run.
In the text box in the Run window, type %Temp% and click OK. A folder full of files and other folders will appear.
Remove everything inside the Temp folder, choose Edit and then Select All from the menu.
- Note: If you're prompted that there are hidden files in this folder, just click on OK to bypass the message.
Now that all of the files and folders are selected, hit your Delete key or choose File and then Delete from the menu.
Confirm that you want to delete the files by clicking Yes on the Confirm Multiple File Delete window that opens.
After all of the files have been deleted close the window and empty your Recycle Bin.

.
----------

Set a New Restore Point to prevent possible reinfection from an old one
Setting a new restore point AFTER cleaning your system will enable your computer to roll-back to a clean working state if needed.

Go to Start > Programs > Accessories > System Tools and click System Restore
Choose the radio button marked Create a Restore Point on the first screen then click Next Give the Restore Point a name then click Create.
The new restore point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
Next go to Start > Run and type Cleanmgr
Click OK
Click the More Options Tab.
Click Clean Up in the System Restore section to remove all previous restore points except the newly created clean one.

.
You can find instructions on how to enable and re-enable system restore here:

Windows XP System Restore Guide or Windows Vista System Restore Guide

----------

To prevent unknown applications from being installed on your computer install WinPatrol 2008
* Using Winpatrol to protect your computer from malicious software

I suggest using SiteAdvisor. SiteAdvisor rates sites on business practices and spam. Safety ratings from McAfee SiteAdvisor are based on automated safety tests of Web sites.

SpywareBlaster - Secure your Internet Explorer to make it harder for ActiveX programs to run on your computer. Also stop certain cookies from being added to your computer when running Mozilla based browsers like Firefox.
* Using SpywareBlaster to protect your computer from Spyware and Malware
* If you don't know what ActiveX controls are, see here

Check out Keeping Yourself Safe On The Web for tips and free tools to help keep you safe in the future.

Also see Slow Computer? It May Not Be Malware for free cleaning/maintenance tools to help keep your computer running smooth.

!~:.Pink Floyd.:~! · « **Reply #25 on:** August 31, 2008, 11:56:38 AM »

^ Hey about the restore point is something weird/bad going to happen to my pc?
|
|
|

evilfantasy · « **Reply #26 on:** August 31, 2008, 12:01:51 PM »

Restore Points are sort of like like backup files in Windows format. The oldest ones end up being removed by Windows to make room for the newest ones. All you are doing is making a fresh starting point for them to begin adding up again.

!~:.Pink Floyd.:~! · « **Reply #27 on:** August 31, 2008, 12:57:26 PM »

Quote from: evilfantasy on August 31, 2008, 12:01:51 PM

Restore Points are sort of like like backup files in Windows format. The oldest ones end up being removed by Windows to make room for the newest ones. All you are doing is making a fresh starting point for them to begin adding up again.

Works for me.
Also Can anything go horribly wrong during this process?

Sorry im kinda Paranoid : \

evilfantasy · « **Reply #28 on:** August 31, 2008, 01:00:03 PM »

Nothing should go wrong. If you like you can do it this way instead to ensure you don't click any wrong button.

Turn OFF System Restore

On the Desktop, right-click My Computer
Click Properties
Click the System Restore tab.
Check Turn off System Restore
Click Apply, and then click OK

.
Restart your computer

Turn ON System Restore

On the Desktop, right-click My Computer
Click Properties
Click the System Restore tab.
UN-Check Turn off System Restore
Click Apply, and then click OK

.
System Restore will now be active again

Computer Hope Forum

News: