Please check logs

[pwilly]

I've got WinXP and IE7. I picked up some malware recently resulting in very slow browsing, random shortcuts on the desktop, search results from google, yahoo and others being redirected, and many sites not loading at all. I followed the steps in the beginning of this forum and the symptoms seemed to have ended. However I would like if someone could look over my logs to make sure there is nothing still in the system.

Thanks very much for the help I've already received from this site.

 

[tw0rld]

Clean

Logs are clean, but you should update java to the latest version.
You should also disable some of your startup programs in Msconfig.

 

[SpiritWind]

Hi :

I investigated the following :
"O21 - SSODL: MPEasR - {F0295D61-5A83-F7CB-B47F-5B92C1AAB182} - C:\WINDOWS\system32\jmy.dll " and could find no credible Info that this is
legitimate ; recommend you have HijackThis "fix" it .

As already mentioned, your Java is way-out-of-date, a serious security Issue;
should ONLY have the latest "Version/Update" of this program on a computer, so
should uninstall ALL versions you have of this program, then can go to
www.java.com for the latest .

Also noticed an out-of-date Adobe . Researchers found a new hackertoolkit that uses nothing but Adobe securityleaks in order to infect systems. "PDF Xploit Pack" ( http://www.trustedsource.org/blog/153/Rise-Of-The-PDF-Exploits )adds all kind of exploits to PDF-files. When a certain exploit has succesfully infected the OS, the IP address is sent to the attackers, so they need to try again. This to reduce the time it takes to manage the bots.

Use of PDF-files is becoming more and more popular amongst malcreants, this because other toolkits also have PDF exploits now. A year ago only 3% of the exploits were PDF directed.

So I recomend you uninstall Adobe and seriously consider using the safer
"Foxit Reader" .

 

[tw0rld]

Hi :

I investigated the following :
"O21 - SSODL: MPEasR - {F0295D61-5A83-F7CB-B47F-5B92C1AAB182} - C:\WINDOWS\system32\jmy.dll " and could find no credible Info that this is
legitimate ; recommend you have HijackThis "fix" it .

Correct...... little known about this entry, http://spywaredlls.prevx.com/RRGDBJ40759079/LS3Y-JMY.DLL.html

 

[pwilly]

Thanks to all for your response. I've updated my java and had the above entry "fixed". Regarding Adobe, am I correct to assume the vulnerability is only through opening pdf files and not just by having Adobe on my system? I open very few pdf files at home and then only from known senders. I noticed Foxit is only a 1 year license with the free version.

And about the startup programs, I'm fairly ignorant. Which programs are necessary at startup?

Thanks again.

 

[SpiritWind]

Hi :

Why take a Chance with Adobe when there is a much safer Alternative !? I have
been using the FREE Version Foxit Reader for quite some time and never saw
anything about a 1-yr License . Visiting their Site at www.foxitsoftware.com/pdf/rd_intro.php mentions a 1 yr license for their "Pro
Pack", which has more features than the FREE Version . The Site even mentions
the 1 yr license is FREE, but I would assume that is only for the 1st yr, to see IF
the user is willing to pay for subsequent yrs !?