Tech Support Forum - View Single Post - Hijack This Log very important please help ASAP

**src2206** · 12-01-2006, 12:15 AM

Well done, your logs are clean!

If you have "page not opening" issue again, I suggest that you visit our Windows XP or Networking Support forums, where you can have more specific help.

Please follow the next steps to complete the cleaning procedure and to protect your computer from unwanted guests in future

.

Clear Mozilla Firefox cookies

Open the Mozilla Browser, (you do not need to be online to do this) Click Tools>Options>Privacy>Cookies>Clear Cookies Now.

Navigate to the following locations and delete all the files in the folder marked in BLUE

C:\Documents and Settings\Pratik\Cookies
________________________________________________________________

Reset hidden/system files and folders

Click Start.
Open My Computer.
Select the Tools menu and click Folder Options.
Select the View tab.
Deselect the Show hidden files and folders option.
Select the Hide file extensions for known types option.
Select the Hide protected operating system files option.
Click Yes to confirm.
Click OK.

System Restore

To turn off System Restore click Start > Right Click My Computer > Properties. Click the System Restore tab and Check "Turn off System Restore" or "Turn off System Restore on all drives" Click Apply. When turning off System Restore, the existing restore points will be deleted. Click Yes to do this then Click OK.

Turn on System Restore by Clicking Start. Right-click My Computer, and then click Properties. Click the System Restore tab. Uncheck "Turn off System Restore" or "Turn off System Restore on all drives." Click Apply, and then OK.

This will create a new Restore Point.
___________________________________________________________

I see you have Ewido anti-spyware 4.0 installed. Ewido has recently been purchased by Grisoft, makers of AVG Antivirus, and the program is now known as AVG Anti-Spyware. It is essentially the same program with a new paintjob; Ewido currently can still be updated to the newest definitions, but this support will likely not last forever. I recommend you uninstall Ewido 4.0, restart your system, then download and install AVG Anti-Spyware. Update it's definitions as directed below, and run a scan at regular intervals to keep your computer clean.

Download AVG Anti Spyware

Use the link at the bottom of the page under "AVG Anti-Spyware Free for Windows"

Install AVG Anti Spyware
Double-click the icon on Desktop to launch AVG
On the top of the main screen click Shield
Click the word active to change it to inactive
On the top of the main screen click Update.
Then click on Start Update. The update will start and a progress bar will show the updates being installed.
Once the update has completed select the "Scanner" icon at the top of the screen, then select the "Settings" tab.
Once in the Settings screen click on "Recommended actions" and then select "Quarantine".
Under "Reports"
- Select "Automatically generate report after every scan"
- Un-Select "Only if threats were found"

When you have finished updating, EXIT AVG Anti Spyware.

Updating Java and Clearing Cache

Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version Java components and update.

Updating Java:

Download the latest version of Java Runtime Environment (JRE) 5.0 Update 10 - http://java.sun.com/javase/downloads/index.jsp
Scroll down to where it says "The J2SE Runtime Environment (JRE) allows end-users to run Java applications".
Click the "Download" button to the right.
Check the box that says: "Accept License Agreement".
The page will refresh.
Click on the link to download Windows Offline Installation with or without Multi-language and save to your desktop.
Close any programs you may have running - especially your web browser.
Go to Start > Control Panel double-click on Add/Remove programs and remove all older versions of Java.
Check any item with Java Runtime Environment (JRE or J2SE) in the name.
Click the Remove or Change/Remove button.
Repeat as many times as necessary to remove each Java versions.
Reboot your computer once all Java components are removed.
Then from your desktop double-click on jre-1_5_0_10-windowsi586-p.exe to install the newest version.

MICROSOFT UPDATES

It is very important that you get all of the critical updates for your Operating System and Internet Explorer. Keeping your OS and browser up to date will help make you less susceptible to attacks by Trojans and viruses. Please go to Microsoft and download all the critical updates to help prevent possible re-infection.

You can alsoautomate this process to save yourself from visiting Microsoft Update Site at regular intervals. To do that Enable Windows Auto Update in the following way
*Go to Start>Run - type wuaucpl.cpl
*Tick on the checkbox - "Automatically download the updates, and install them on the schedule that I specify".
Click on "OK".

SPYWARE PREVENTION SPEECH

In light of your recent issue, I'm sure you'll like to avoid any future infections. Please take a look at these well written articles:

HOW DID I GET INFECTED IN THE FIRST PLACE? by Tony Klein
PC Safety and Security--What Do I Need?
THE ANTI-SPYWARE TUTORIAL
MAKING INTERNET EXPLORER SAFER
Understanding and Using Firewalls

To help protect your computer in the future I recommend that you get the following free programs if you do not already have them:

Spyware Blaster - to help prevent spyware from installing in the first place. Install & update SpywareBlaster with the latest definitions. After you have updated, click the button - enable protection for all unprotected items .
Spyware Guard to catch and block spyware before it can execute.
IE-Spyad to block access to malicious websites so you cannot be redirected to them from an infected site or email. IE/Spyad places more than 4000 dubious websites and domains in the IE Restricted list. This severely impairs attempts to infect your system. It basically prevents any downloads (Cookies etc) from the sites listed, although you will still be able to connect to the sites. This is a self-extracting .ZIP file, and save it to your desktop. Once downloaded, double-click on it to extract the files inside (default dir is C:\IE-SPYAD)
Now navigate to C:\ie-spyad. Double click to open it. From within the folder, double-click install.bat
Select Option #2 - Install the new IE-SPYAD list, by typing 2
Then return to the main menu.
Select option #4 - Add the old porn sites domain, by typing 4
MVPS Hosts file - From within Host.zip, double click on MVPS.bat & allow it to run. This will replace your current Hosts file with one that will block known adware and spy websites

Update all these programs regularly. Without regular updates you will not be protected when new malicious programs are released.

**Be very wary with any security software that is advertised in popups or in other ways. They are not only usually of no use, but often have malware in them.

FIREWALLS

I suggest that you use a Third Party Firewall to protect your computer better. Using a firewall will allow you to give/deny access for applications that want to go online. Select one of these, or another of your choice:

FIREFOX

I suggest strongly that you use an alternate browser-Mozilla's Firefox; it is much more secure than Internet Explorer, immune to almost all known browser hijackers, and also has the best built-in popup blocker. Firefox may be downloaded from here:
http://www.mozilla.org/products/firefox/

Two more good browsers are Opera and Avant. You can download Opera Web Browser from here and Avant can be downloaded from here. Avant is a browser based on IE engine, but with much more security integrated, like blocking Flash animations etc. It is also very lite on system resources. So those sites which require IE to operate, Avant can be the best and secured replacement.

Protective Programs

Install Spybot - Search and Destroy - Download, Install and update Spybot - Search and Destroy with its TeaTimer option. This will provide realtime spyware & hijacker protection on your computer alongside your virus protection. You should also scan your computer with program on a regular basis just as you would an antivirus software. During installation choose to enable the Teatimer option as this will give you real time protection against any registry changes.

A tutorial on installing & using this product can be found here:

Using Spybot - Search & Destroy to remove Spyware , Malware, and Hijackers
Install Ad-Aware - Download, Install and update Ad-Aware. ou should also scan your computer with program on a regular basis just as you would an antivirus software in conjunction with Spybot.

A tutorial on installing & using this product can be found here:

Using Ad-aware to remove Spyware, Malware, & Hijackers from Your Computer
Update all these programs along with your AntiVirus regularly. Without regular updates you WILL NOT be protected when new malicious programs are released.
Run scans with your AntiVirus and other protective programs that I have listed here, at regular intervals and neutralise the threats that these softwares list.

Follow this list and your potential for being infected again will reduce dramatically.

Happy Surfing

.

12-01-2006, 12:15 AM	#6 (permalink)
src2206 TSF Enthusiast Join Date: Apr 2006 Location: Kolkata, India Posts: 2,068 OS: WinXP Pro SP3 My System	Well done, your logs are clean! If you have "page not opening" issue again, I suggest that you visit our Windows XP or Networking Support forums, where you can have more specific help. Please follow the next steps to complete the cleaning procedure and to protect your computer from unwanted guests in future . *Clear Mozilla Firefox cookies* Open the Mozilla Browser, (you do not need to be online to do this) Click Tools>Options>Privacy>Cookies>Clear Cookies Now. Navigate to the following locations and delete all the files in the folder marked in BLUE C:\Documents and Settings\Pratik\Cookies ________________________________________________________________ *Reset hidden/system files and folders* Click Start. Open My Computer. Select the Tools menu and click Folder Options. Select the View tab. Deselect the Show hidden files and folders option. Select the Hide file extensions for known types option. Select the Hide protected operating system files option. Click Yes to confirm. Click OK. *System Restore* To turn off System Restore click Start > Right Click My Computer > Properties. Click the System Restore tab and Check "Turn off System Restore" or "Turn off System Restore on all drives" Click Apply. When turning off System Restore, the existing restore points will be deleted. Click Yes to do this then Click OK. Turn on System Restore by Clicking Start. Right-click My Computer, and then click Properties. Click the System Restore tab. Uncheck "Turn off System Restore" or "Turn off System Restore on all drives." Click Apply, and then OK. This will create a new Restore Point. ___________________________________________________________ I see you have Ewido anti-spyware 4.0 installed. Ewido has recently been purchased by Grisoft, makers of AVG Antivirus, and the program is now known as AVG Anti-Spyware. It is essentially the same program with a new paintjob; Ewido currently can still be updated to the newest definitions, but this support will likely not last forever. I recommend you uninstall Ewido 4.0, restart your system, then download and install AVG Anti-Spyware. Update it's definitions as directed below, and run a scan at regular intervals to keep your computer clean. Download AVG Anti Spyware Use the link at the bottom of the page under "AVG Anti-Spyware Free for Windows" Install AVG Anti Spyware Double-click the icon on Desktop to launch AVG On the top of the main screen click Shield Click the word active to change it to inactive On the top of the main screen click Update. Then click on Start Update. The update will start and a progress bar will show the updates being installed. Once the update has completed select the "Scanner" icon at the top of the screen, then select the "Settings" tab. Once in the Settings screen click on "Recommended actions" and then select "Quarantine". Under "Reports" Select "Automatically generate report after every scan" Un-Select "Only if threats were found" When you have finished updating, EXIT AVG Anti Spyware. *Updating Java and Clearing Cache* Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version Java components and update. Updating Java: Download the latest version of Java Runtime Environment (JRE) 5.0 Update 10 - http://java.sun.com/javase/downloads/index.jsp Scroll down to where it says "The J2SE Runtime Environment (JRE) allows end-users to run Java applications". Click the "Download" button to the right. Check the box that says: "*Accept* License Agreement". The page will refresh. Click on the link to download Windows Offline Installation with or without Multi-language and save to your desktop. Close any programs you may have running - especially your web browser. Go to Start > Control Panel double-click on Add/Remove programs and remove all older versions of Java. Check any item with Java Runtime Environment (JRE or J2SE) in the name. Click the Remove or Change/Remove button. Repeat as many times as necessary to remove each Java versions. Reboot your computer once all Java components are removed. Then from your desktop double-click on jre-1_5_0_10-windowsi586-p.exe to install the newest version. *MICROSOFT UPDATES* It is very important that you get all of the critical updates for your Operating System and Internet Explorer. Keeping your OS and browser up to date will help make you less susceptible to attacks by Trojans and viruses. Please go to Microsoft and download all the critical updates to help prevent possible re-infection. You can alsoautomate this process to save yourself from visiting Microsoft Update Site at regular intervals. To do that Enable Windows Auto Update in the following way Go to Start>Run* - type wuaucpl.cpl Tick on the checkbox - "Automatically download the updates, and install them on the schedule that I specify". Click on "OK". SPYWARE PREVENTION SPEECH* In light of your recent issue, I'm sure you'll like to avoid any future infections. Please take a look at these well written articles: HOW DID I GET INFECTED IN THE FIRST PLACE? by Tony Klein PC Safety and Security--What Do I Need? THE ANTI-SPYWARE TUTORIAL MAKING INTERNET EXPLORER SAFER Understanding and Using Firewalls To help protect your computer in the future I recommend that you get the following free programs if you do not already have them: Spyware Blaster - to help prevent spyware from installing in the first place. Install & update SpywareBlaster with the latest definitions. After you have updated, click the button - enable protection for all unprotected items . Spyware Guard to catch and block spyware before it can execute. IE-Spyad to block access to malicious websites so you cannot be redirected to them from an infected site or email. IE/Spyad places more than 4000 dubious websites and domains in the IE Restricted list. This severely impairs attempts to infect your system. It basically prevents any downloads (Cookies etc) from the sites listed, although you will still be able to connect to the sites. This is a self-extracting .ZIP file, and save it to your desktop. Once downloaded, double-click on it to extract the files inside (default dir is C:\IE-SPYAD) Now navigate to C:\ie-spyad. Double click to open it. From within the folder, double-click install.bat Select Option #2 - Install the new IE-SPYAD list, by typing 2 Then return to the main menu. Select option #4 - Add the old porn sites domain, by typing 4 MVPS Hosts file - From within Host.zip, double click on MVPS.bat & allow it to run. This will replace your current Hosts file with one that will block known adware and spy websites Update all these programs regularly. Without regular updates you will not be protected when new malicious programs are released. Be very wary with any security software that is advertised in popups or in other ways. They are not only usually of no use, but often have malware in them. FIREWALLS I suggest that you use a Third Party Firewall to protect your computer better. Using a firewall will allow you to give/deny access for applications that want to go online. Select one of these, or another of your choice: Comodo Personal Firewall ZoneAlarm Tiny Personal Firewall OutPost Firewall FIREFOX I suggest strongly that you use an alternate browser-Mozilla's Firefox; it is much more secure than Internet Explorer, immune to almost all known browser hijackers, and also has the best built-in popup blocker. Firefox may be downloaded from here: http://www.mozilla.org/products/firefox/ Two more good browsers are Opera and Avant. You can download Opera Web Browser from here and Avant can be downloaded from here. Avant is a browser based on IE engine, but with much more security integrated, like blocking Flash animations etc. It is also very lite on system resources. So those sites which require IE to operate, Avant can be the best and secured replacement. Protective Programs Install Spybot - Search and Destroy - Download, Install and update Spybot - Search and Destroy with its TeaTimer option. This will provide realtime spyware & hijacker protection on your computer alongside your virus protection. You should also scan your computer with program on a regular basis just as you would an antivirus software. During installation choose to enable the Teatimer option as this will give you real time protection against any registry changes. A tutorial on installing & using this product can be found here: Using Spybot - Search & Destroy to remove Spyware , Malware, and Hijackers Install Ad-Aware - Download, Install and update Ad-Aware. ou should also scan your computer with program on a regular basis just as you would an antivirus software in conjunction with Spybot. A tutorial on installing & using this product can be found here: Using Ad-aware to remove Spyware, Malware, & Hijackers from Your Computer Update all these programs along with your AntiVirus regularly. Without regular updates you WILL NOT be protected when new malicious programs are released. Run scans with your AntiVirus and other protective programs that I have listed here, at regular intervals and neutralise the threats that these softwares list. Follow this list and your potential for being infected again will reduce dramatically. Happy Surfing . __________________ Registered Linux user #426065** Last edited by src2206; 12-01-2006 at 12:17 AM.