Solved Help with Expliot.Drop.9

[cjanien]

All processes killed
========== OTL ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: admin
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: All Users

User: Chris Janien
->Temp folder emptied: 2187377 bytes
->Temporary Internet Files folder emptied: 241789761 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 1760 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 276502 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 32902 bytes
RecycleBin emptied: 754446 bytes

Total Files Cleaned = 234.00 mb


[EMPTYFLASH]

User: admin
->Flash cache emptied: 0 bytes

User: All Users

User: Chris Janien
->Flash cache emptied: 0 bytes

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0.00 mb


[EMPTYJAVA]

User: admin
->Java cache emptied: 0 bytes

User: All Users

User: Chris Janien
->Java cache emptied: 0 bytes

User: Default

User: Default User

User: Public

Total Java Files Cleaned = 0.00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.43.0 log created on 05172012_173030
Files\Folders moved on Reboot...
C:\Users\Chris Janien\AppData\Local\Temp\VGX84D8.tmp moved successfully.
Registry entries deleted on Reboot...

 

[Broni]

13. Please, let me know, how your computer is doing.

Whenever ready...

 

[cjanien]

I started MBAM doing a detailed scan 3 hours ago. Hopefully it will finish soon.

 

[cjanien]

Just finished MBAM. Here's the log.

Malwarebytes Anti-Malware (Trial) 1.61.0.1400
www.malwarebytes.org
Database version: v2012.05.15.06
Windows Vista Service Pack 2 x64 NTFS
Internet Explorer 8.0.6001.19222
Chris Janien :: DELL [administrator]
Protection: Enabled
5/17/2012 6:48:38 PM
mbam-log-2012-05-17 (18-48-38).txt
Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 684660
Time elapsed: 2 hour(s), 45 minute(s), 29 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)

 

[Broni]

Any current issues?

 

[cjanien]

Everything seems to be running well. I have read the links regarding how one gets infected but I was wondering if you could tell me if this really was "Exploit.Drop.9" or something else? I am very careful about email, attachments, etc. How does this virus get delivered?

Finally, can you suggest programs that are loading that I should consider getting rid of (like citrix)? Is there a way to use programs, like acrobat, without having it preload at every startup?

Thanks for all the help. None of my regular AV programs were working. Was not looking forward to the alternative!

CJ

 

[Broni]

There is no way to really say how you got infected.

Finally, can you suggest programs that are loading that I should consider getting rid of (like citrix)? Is there a way to use programs, like acrobat, without having it preload at every startup?

This would be a subject to a different forum (Windows?).

Good luck and stay safe

 

[cjanien]

Thanks again.

 

[Broni]

You're very welcome