TechSpot

Win64/Patched.B.Gen

Solved
By QuickUsername
Jun 24, 2012
  1. QuickUsername

    QuickUsername TS Rookie Topic Starter Posts: 25

    And that F-Secure online does not work for me. I click on accept, and it juts goes into a continual loading phase. I tried 2 different browsers. Yeah, I saw the Java thing come up (firewall alert) and let it do it's thing, but it's doing nothing. Is it working from a certain port? I am on a router.
     
  2. Broni

    Broni Malware Annihilator Posts: 47,015   +255

    Your Java is fine but uninstall JavaFX 2.1.1.

    Instead of F-Secure...

    Please run a BitDefender Online Scan

    • Disable your antivirus program.
    • Click Start Scanner button.
    • Click Free scan now button
    • Allow browser plug-in to be installed when prompted.
    • Click I Agree to agree to the EULA.
    • Please refrain from using the computer until the scan is finished.
    • When the scan is finished, click on View report.
    • Notepad will open with scan results.
    • Save the report to your desktop and post its content in your next reply.
     
  3. QuickUsername

    QuickUsername TS Rookie Topic Starter Posts: 25

    Sorry for the huge delay. Like last time, every time I don't get a response back quickly, I start using my computer as I normally would, which means TONS of stuff is opened first, and then I need to close most which takes a long time. Not trying to blame you or tell you to hurry, just why there are breaks. The BitDefender is running now.
     
  4. QuickUsername

    QuickUsername TS Rookie Topic Starter Posts: 25

    BitDefender showed no report but it did say

    "Good news! We found no active infections on your PC
    Keep it clean with Bitdefender Internet Security 2012!"
     
  5. Broni

    Broni Malware Annihilator Posts: 47,015   +255

    Your computer is clean [​IMG]

    1. We need to reset system restore to prevent your computer from being accidentally reinfected by using some old restore point(s). We'll create fresh, clean restore point, using following OTL script:

    Run OTL

    • Under the Custom Scans/Fixes box at the bottom, paste in the following:

    Code:
    :OTL
    :Commands
    [purity]
    [emptytemp]
    [EMPTYFLASH]
    [emptyjava]
    [CLEARALLRESTOREPOINTS]
    [Reboot]
    • Then click the Run Fix button at the top
    • Let the program run unhindered, reboot the PC when it is done
    • Post resulting log.

    2. Now, we'll remove all tools, we used during our cleaning process

    Clean up with OTL:

    • Double-click OTL.exe to start the program.
    • Close all other programs apart from OTL as this step will require a reboot
    • On the OTL main screen, press the CLEANUP button
    • Say Yes to the prompt and then allow the program to reboot your computer.

    If you still have any tools or logs leftover on your computer you can go ahead and delete those off of your computer now.

    3. Make sure, Windows Updates are current.

    4. If any Trojan was listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately!

    5. Download, and install WOT (Web OF Trust): http://www.mywot.com/. It'll warn you (in most cases) about dangerous web sites.

    6. Run Malwarebytes "Quick scan" once in a while to assure safety of your computer.

    7. Run Temporary File Cleaner (TFC) weekly.

    8. Download and install Secunia Personal Software Inspector (PSI): http://secunia.com/vulnerability_scanning/personal/. The Secunia PSI is a FREE security tool designed to detect vulnerable and out-dated programs and plug-ins which expose your PC to attacks. Run it weekly.

    9. (optional) If you want to keep all your programs up to date, download and install FileHippo Update Checker.
    The Update Checker will scan your computer for installed software, check the versions and then send this information to FileHippo.com to see if there are any newer releases.

    10. (Windows XP only) Run defrag at your convenience.

    11. When installing\updating ANY program, make sure you always select "Custom " installation, so you can UN-check any possible "drive-by-install" (foistware), like toolbars etc., which may try to install along with the legitimate program. Do NOT click "Next" button without looking at any given page.

    12. Read How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html

    13. Please, let me know, how your computer is doing.
     
  6. QuickUsername

    QuickUsername TS Rookie Topic Starter Posts: 25

    I'm running the stuff now. I'll let you know soon.
     
  7. QuickUsername

    QuickUsername TS Rookie Topic Starter Posts: 25

    It all seems fine, that I can tell. The main problem was really fixed after replacing Services.exe offline, and then ComboFix which surprisingly cleaned up the 1075 service errors.

    Thanks so much for the help! Now to re-image my clean computer. I don't really know how system restore works, I thought Windows was supposed to make one automatically but mine never does. I just do full system images anyways so it's moot. I knew most of those steps you listed (like the custom installations), but some of them I never considered. Interesting! I already know how I got burned though lol. I guess that's one good thing. Knew the exact method of delivery. Somehow the java auto update was turned off. No idea how that happened if it was me or not. It was just drive by java exploitation through ads via SEO poisoning.

    I have another question though before I leave: Is it possible you could erase all my log files posted here? I can't edit my posts and I really don't like posting any plain text log information like I've done here. Even the DDS says to either attach it instead of posting it as plain text. Hope you understand my privacy concerns and can remove those logs. I don't want anything else to be removed though since somebody else might still be able to use the non log info if they have a similar problem or something.

    Also are the hard drive controller errors something to be worried about? I know it's off topic but I don't know if you could just happen to know that off the top of your head. If you don't know, that's fine. It's not really a big discussion I want to get into. The reason there was multiple errors was that I was performing a full system image right after I was infected and that tripped them I believe. The drive is new and shows on bad signs though. I think it's normal but I don't have any knowledge other than rationalization to back that up.
     
  8. Broni

    Broni Malware Annihilator Posts: 47,015   +255

    You'll have to PM one of global moderators.

    In this forum, we make sure, your computer is free of malware and your computer is clean :)
    Because the access to malware forum is very limited, your best option is to create new topic about your current issue, at Windows section.
    You'll get more attention.

    Good luck and stay safe :)
     
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.