TechSpot

Please check logs

By pwilly
Sep 22, 2008
Topic Status:
Not open for further replies.
  1. I've got WinXP and IE7. I picked up some malware recently resulting in very slow browsing, random shortcuts on the desktop, search results from google, yahoo and others being redirected, and many sites not loading at all. I followed the steps in the beginning of this forum and the symptoms seemed to have ended. However I would like if someone could look over my logs to make sure there is nothing still in the system.

    Thanks very much for the help I've already received from this site.
     

    Attached Files:

  2. tw0rld

    tw0rld TS Maniac Posts: 609   +6

    Clean

    Logs are clean, but you should update java to the latest version.
    You should also disable some of your startup programs in Msconfig.
     
  3. SpiritWind

    SpiritWind TS Rookie Posts: 164

    Hi :

    I investigated the following :
    "O21 - SSODL: MPEasR - {F0295D61-5A83-F7CB-B47F-5B92C1AAB182} - C:\WINDOWS\system32\jmy.dll " and could find no credible Info that this is
    legitimate ; recommend you have HijackThis "fix" it .

    As already mentioned, your Java is way-out-of-date, a serious security Issue;
    should ONLY have the latest "Version/Update" of this program on a computer, so
    should uninstall ALL versions you have of this program, then can go to
    www.java.com for the latest .

    Also noticed an out-of-date Adobe . Researchers found a new hackertoolkit that uses nothing but Adobe securityleaks in order to infect systems. "PDF Xploit Pack" ( http://www.trustedsource.org/blog/153/Rise-Of-The-PDF-Exploits )adds all kind of exploits to PDF-files. When a certain exploit has succesfully infected the OS, the IP address is sent to the attackers, so they need to try again. This to reduce the time it takes to manage the bots.

    Use of PDF-files is becoming more and more popular amongst malcreants, this because other toolkits also have PDF exploits now. A year ago only 3% of the exploits were PDF directed.

    So I recomend you uninstall Adobe and seriously consider using the safer
    "Foxit Reader" .
     
  4. tw0rld

    tw0rld TS Maniac Posts: 609   +6

    Correct...... little known about this entry, http://spywaredlls.prevx.com/RRGDBJ40759079/LS3Y-JMY.DLL.html
     
  5. pwilly

    pwilly TS Rookie Topic Starter

    Thanks to all for your response. I've updated my java and had the above entry "fixed". Regarding Adobe, am I correct to assume the vulnerability is only through opening pdf files and not just by having Adobe on my system? I open very few pdf files at home and then only from known senders. I noticed Foxit is only a 1 year license with the free version.

    And about the startup programs, I'm fairly ignorant. Which programs are necessary at startup?

    Thanks again.
     
  6. SpiritWind

    SpiritWind TS Rookie Posts: 164

    Hi :

    Why take a Chance with Adobe when there is a much safer Alternative !? I have
    been using the FREE Version Foxit Reader for quite some time and never saw
    anything about a 1-yr License . Visiting their Site at www.foxitsoftware.com/pdf/rd_intro.php mentions a 1 yr license for their "Pro
    Pack", which has more features than the FREE Version . The Site even mentions
    the 1 yr license is FREE, but I would assume that is only for the 1st yr, to see IF
    the user is willing to pay for subsequent yrs !?
     
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.