Inactive Sirefef... darn you!!!
- Thread starter Kendra89
- Start date
Although I wasn't able to delete the old restore points as mentioned above, I moved on with the remainder of the steps. I ran OTC, CCleaner, and Security Check.
Here is the checkup.txt:
Results of screen317's Security Check version 0.99.43
Windows 7 x64 (UAC is enabled)
Out of date service pack!!
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Microsoft Security Essentials
(On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
Java(TM) 6 Update 29
Java version out of Date!
Adobe Reader X (10.1.3)
````````Process Check: objlist.exe by Laurent````````
Microsoft Security Essentials MSMpEng.exe
Microsoft Security Essentials msseces.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````
Here is the checkup.txt:
Results of screen317's Security Check version 0.99.43
Windows 7 x64 (UAC is enabled)
Out of date service pack!!
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Microsoft Security Essentials
(On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
Java(TM) 6 Update 29
Java version out of Date!
Adobe Reader X (10.1.3)
````````Process Check: objlist.exe by Laurent````````
Microsoft Security Essentials MSMpEng.exe
Microsoft Security Essentials msseces.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````
I noticed it says my service pack is out of date, however windows update has failed to download and install the latest service pack for the past several months. I have gone through all of the suggestions from the help tab, but nothing helps it update successfully. Also, my java just popped up trying to update after OTC rebooted the comp, but I bypassed the update, trying to refrain from downloads until Ive been declared clean!
Jay Pfoutz
Posts: 4,279 +49
You were declared clean...
Java Update!
Please download the newest version of Java from Java.com.
Before installing: it is important to remove older versions of Java since it does not do so automatically and old versions still leave you vulnerable.
Go to the Control Panel and enter Add or Remove Programs (Programs and Features in Vista/7).
Search in the list for all previous installed versions of Java. (J2SE Runtime Environment). Please uninstall/remove each of them.
Once old versions are gone, please install the newest version.
Read more about Java exploit problems
For the service pack...
- Go to the Windows 7 Service Pack 1 download webpage on the Microsoft website, and then click Continue.
- Choose either the 32-bit (x86) or the 64-bit (x64) version of SP1 depending on whether you're running the 32-bit or the 64-bit version of Windows 7, and then click Download.
- To find out which version you're running, click the Start button
, right-click Computer, and then click Properties. Under System, next to System type, you can view the operating system.
- To find out which version you're running, click the Start button
- To install SP1 immediately, click Open or Run, and then follow the instructions on your screen. To install SP1 later, click Save and download the installation file to your computer. When you're ready to install SP1, double-click the file.
- On the Install Windows 7 Service Pack 1 page, click Next.
- Follow the instructions on your screen. Your computer might restart during the installation.
- After installation is complete, log on to your computer at the Windows logon prompt. You might see a notification indicating whether the update was successful.
- If you disabled your antivirus software, enable it again.
Let me know how it all works out...
As soon as I deleted the old java, I turned on MSE which proceeded to run a quick scan and found a Trojan- DOS/alureon.a. I clicked the option to clean and it said it removed successfully but then it also had a pop up which said the cleaning wasnt complete and that iI needed to download windows defender offline in order to finish. It then said I needed to restart my computer to complete. What's happening?? I haven't downloaded anything new and have been running so many scans. It makes no sense that it would get reinfected so quickly!!
Jay Pfoutz
Posts: 4,279 +49
Rewinding time...
Please download and run TDSSKiller to your desktop as outlined below:
Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
For Windows XP, double-click to start.
For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.
-------------------------
Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
------------------------
Click the Start Scan button.
-----------------------
If a suspicious object is detected, the default action will be Skip, click on Continue
If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose
Skip and click on Continue
----------------------
If malicious objects are found, they will show in the Scan results and offer three (3) options.
Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
--------------------
A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.
Sometimes these logs can be very large, in that case please attach it or zip it up and attach it.
-------------------
Here's a summary of what to do if you would like to print it out:
If a suspicious object is detected, the default action will be Skip, click on Continue
If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose
Skip and click on Continue
If malicious objects are found, they will show in the Scan results and offer three (3) options.
Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
Please download and run TDSSKiller to your desktop as outlined below:
Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
For Windows XP, double-click to start.
For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.
-------------------------
Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
------------------------
Click the Start Scan button.
-----------------------
If a suspicious object is detected, the default action will be Skip, click on Continue
If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose
Skip and click on Continue
----------------------
If malicious objects are found, they will show in the Scan results and offer three (3) options.
Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
--------------------
A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.
Sometimes these logs can be very large, in that case please attach it or zip it up and attach it.
-------------------
Here's a summary of what to do if you would like to print it out:
If a suspicious object is detected, the default action will be Skip, click on Continue
If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose
Skip and click on Continue
If malicious objects are found, they will show in the Scan results and offer three (3) options.
Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
The option to run as administrator does not appear when I right click the program. I am running windows 7. I tried double clicking and that brings me to the open with... screen. I did not know which program to choose, I didn't think I needed a specific program to host the killer. What do I do?
Jay Pfoutz
Posts: 4,279 +49
Please reboot to Safe Mode (tap the F8 key just before Windows starts to load and select the Safe Mode option from the menu). Then, try again...
Jay Pfoutz
Posts: 4,279 +49
It makes no difference for the capital versus lower-case S.
Try this tool, and then after that try the tool before that I asked for....
Please download and run RKill.
Download mirror 1 - Download mirror 2 - Download mirror 3
Try this tool, and then after that try the tool before that I asked for....
Please download and run RKill.
Download mirror 1 - Download mirror 2 - Download mirror 3
- Save it to your Desktop.
- Double click the RKill desktop icon.
- It will quickly run and launch a log. If it does not launch a log, try another download link until it does.
- Please post its log in your next reply.
- After it has run successfully, delete RKill.
Rkill 2.3.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html
Program started at: 08/26/2012 08:38:31 AM in x64 mode.
Windows Version: Windows 7 Home Premium
Checking for Windows services to stop.
* No malware services found to stop.
Checking for processes to terminate.
* No malware processes found to kill.
Checking Registry for malware related settings.
* No issues found in the Registry.
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
* HKLM\Software\Classes\.com "@" has been changed to ComFile!
* HKLM\Software\Classes\.com "@" was reset to comfile!
Performing miscellaneous checks.
* Windows Defender Disabled
[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001
Checking Windows Service Integrity:
* Windows Defender (WinDefend) is not Running.
Startup Type set to: Manual
* CscService [Missing Service]
* PeerDistSvc [Missing Service]
* UmRdpService [Missing Service]
Searching for Missing Digital Signatures:
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html
Program started at: 08/26/2012 08:38:31 AM in x64 mode.
Windows Version: Windows 7 Home Premium
Checking for Windows services to stop.
* No malware services found to stop.
Checking for processes to terminate.
* No malware processes found to kill.
Checking Registry for malware related settings.
* No issues found in the Registry.
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
* HKLM\Software\Classes\.com "@" has been changed to ComFile!
* HKLM\Software\Classes\.com "@" was reset to comfile!
Performing miscellaneous checks.
* Windows Defender Disabled
[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001
Checking Windows Service Integrity:
* Windows Defender (WinDefend) is not Running.
Startup Type set to: Manual
* CscService [Missing Service]
* PeerDistSvc [Missing Service]
* UmRdpService [Missing Service]
Searching for Missing Digital Signatures:
Jay Pfoutz
Posts: 4,279 +49
Now, try working with TDSSKiller again, please.
Jay Pfoutz
Posts: 4,279 +49
Hello. Are you still with us?
Your thread has been marked as "Inactive" because of your lack of reply. Please let us know how your computer is running, or if you want to continue in this topic.
Thanks.
Your thread has been marked as "Inactive" because of your lack of reply. Please let us know how your computer is running, or if you want to continue in this topic.
Thanks.
Similar threads
Latest posts
-
Razer launches $160 Viper V3 Pro gaming mouse in black or white- Shawn Knight replied
