Hello and welcome to TSF
Please
subscribe to this thread to get
immediate notification of replies as soon as they are posted. To do this click
Thread Tools, then click
Subscribe to this Thread. Make sure it is set to
Instant Notification, then click
Subscribe.
========
Please follow all instructions and in which order they come, if you have any questions, please ask before proceeding. Its important that you follow this through until i give you the all clear.
Please
DO NOT Attach logs to your posts unless you are advised to do so.
=========
Quote:
|
My account on this forum was hacked by an IP address in the UK somehow by stealing my password .They accessed the admin Control Panel & sent a mass email/PM asking members to sign up to another forum.
|
Are you sure your account was hacked or it could be that they just sent PMs to forum members, it is not the first time this has been done on forums.
Nothing in you log indicates a keylooger or any other malicious file(s), just some tidying up to do.
===========
Click > Start > Control Panel > Add or Remove Programs and uninstall the following programs:
J2SE Runtime Environment 5.0 Update 6
Java(TM) 6 Update 3
Java(TM) 6 Update 5
Java(TM) 6 Update 7
Leave Java(TM) 6 Update 14 installed
URL Assistant<---Pre-installed on Dell/HP machines. This is a program that redirects mis-typed URLs to a Dell branded Google search page.
Viewpoint Media Player<---Viewpoint is considered as foistware instead of malware since it is installed without users approval but doesn't spy or do anything "bad". This will change from what we know in 2006 read this article: http://www.clickz.com/news/article.php/3561546
Additional Information
Here
========
Download
ATF-Cleaner by
Atribune to your desktop.
Double-click
ATF Cleaner.exe to open it
Under
Main choose:
Windows Temp
Current User Temp
All Users Temp
Cookies
Temporary Internet Files
Prefetch
Java Cache
*The other boxes are optional*
Then click the
Empty Selected button.
If you have Firefox installed:
Click
Firefox at the top and choose:
Select All
Click the
Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click
NO at the prompt.
If you have
Opera installed:
Click
Opera at the top and choose:
Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click
NO at the prompt.
Click Exit on the Main menu to close the program.
=========
Establish an internet connection & perform an online scan with Internet Explorer at
Kaspersky Online Scanner
Click
Accept, when prompted to download and install the program files and database of malware definitions.
- Click Run at the Security prompt.
- The program will then begin downloading and installing and will also update the database.
- Please be patient as this can take several minutes.
- Once the update is complete, click on My Computer under the green Scan bar to the left to start the scan.
- Once the scan is complete, it will display if your system has been infected. It does not provide an option to clean/disinfect. We only require a report from it.
- Do NOT be alarmed by what you see in the report. Many of the finds have likely been quarantined.
- Click View scan report at the bottom.
- Click the Save Report As... button.
- Click the Save as Text button to save the file to your desktop so that you may post it in your next reply.
**Note**
This animation will guide you through the process:
To optimize scanning time and produce a more sensible report for review:
- Close any open programs.
- Turn off the real-time scanner of all antivirus or antispyware programs while performing the online scan.
Note for Internet Explorer 7 users: If at any time you have trouble viewing the accept button of the license, click on the Zoom tool located at the bottom right of the IE window and set the zoom to 75%. Once the license is accepted, reset to 100%.
========
Log Required
Kaspersky Scan Report
Please note that the forum is very busy and if I don't hear from you within three days this thread will be closed.