Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Possible trojan(s)

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: Possible trojan(s)

Unread postby Jack&Jill » August 28th, 2009, 9:57 am

Hi xRavageDx :),

Your Adobe Reader is outdated. Older versions have security vulnerabilities that can be exploited.

Please update your Adobe Reader to the latest.
It is important that you uninstall any previous versions by using Add/Remove programs in your control panel before installing a newer version. Please uninstall:

Adobe Reader 7.0

  • Go to the Adobe download page. Click here.
  • If your OS is not the same as stated, click on Different language or operating system? link, or you can click Download if it is and jump to the last step below.
  • Choose an OS by clicking on Select an OS... box and change the language if you want by clicking English below Select a language title.
  • Press Continue.
  • Click the Download now button and save the file to a convenient location after selecting the latest version. Allow if prompted.
  • Run the downloaded file to continue with the installation.

Your Java Runtime Environment is outdated. Older versions have security vulnerabilities that can be exploited.

Please update JRE to the latest.
It is important that you uninstall any previous versions by using Add/Remove programs in your control panel before installing a newer version. Please remove:

J2SE Runtime Environment 5.0 Update 2
Java(TM) 6 Update 14
Java(TM) 6 Update 7


  • Go to the Java SE download page. Click here.
  • Look for Java SE Runtime Environment (JRE) 6 Update 16. Click the Download button to the right.
  • Select Windows from the drop-down list for Platform.
  • Check I agree to the Java SE Runtime Environment 6u16 with JavaFX 1 License Agreement after reading it, and click Continue. The page will refresh.
  • Under the Windows Offline Installation title, click on the link which says jre-6u16-windows-i586.exe and save the file to your desktop.
  • Close any programs you may have running - especially your web browser.
  • Then, from your desktop, double-click on the download to install the newest version. Reboot your computer.

Fix with OTL
  • Please disable your real time protection of any Antivirus, Antispyware or Antimalware programs temporarily. They will interfere and may cause unexpected results.
  • If you need help to disable your protection programs see here.
  • Double click on OTL.exe to run it.
  • Copy and paste the following text into the white box below Custom Scans/Fixes:
    Code: Select all
    :otl
    O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-19_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-21-4108422212-1370208996-429472200-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-21-4108422212-1370208996-429472200-1003_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
  • Click Run Fix.
  • Please post the contents of the fix log file back here if you are prompted to open the file. It can also be found at C:\_OTL\Moved Files as MMDDYYY_HHMMSS.log where MMDDYYY is date format and HHMMSS is time format.
  • Enable back your security softwares as soon as you completed the OTL fix steps.

Remove LEGACY keys
  • Download RegASSASSIN© from Malwarebytes. Click here.
  • Double click on RegASSASSIN.exe to start it.
  • Read through the License Agreement and click I Agree.
  • Copy and paste the following text into the white box:
    Code: Select all
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_PHOOKS]
  • Click Delete.
  • Answer Yes to any prompts.

Please post back:
1. the OTL fix log
2. new HijackThis log
3. How did the Firefox reinstallation go?
4. Anymore problems?
User avatar
Jack&Jill
MRU Emeritus
MRU Emeritus
 
Posts: 2284
Joined: August 19th, 2008, 5:37 am
Location: South East Asia
Advertisement
Register to Remove

Re: Possible trojan(s)

Unread postby xRavageDx » August 30th, 2009, 6:08 pm

Firefox is working now, I had to move back to VA and I don't have a steady internet connection for the laptop in question so it may be a couple days before I can get to downloading the updates and fixes.
xRavageDx
Regular Member
 
Posts: 24
Joined: August 11th, 2009, 7:46 pm

Re: Possible trojan(s)

Unread postby Jack&Jill » September 2nd, 2009, 8:25 pm

Hi xRavageDx,

How are things going?
User avatar
Jack&Jill
MRU Emeritus
MRU Emeritus
 
Posts: 2284
Joined: August 19th, 2008, 5:37 am
Location: South East Asia

Re: Possible trojan(s)

Unread postby xRavageDx » September 3rd, 2009, 12:47 am

Should be able to get it to the local spot for wi-fi in the next couple of days when I go out job hunting. I wound up in SW Va where the internet is a new thing apparently... The connection I'm on now is slower than dial up, it's amazing.
xRavageDx
Regular Member
 
Posts: 24
Joined: August 11th, 2009, 7:46 pm

Re: Possible trojan(s)

Unread postby Jack&Jill » September 8th, 2009, 9:25 am

Hi xRavageDx :),

It has been more than 5 days since your last reply. I know you are having some problems getting a good connection, but it is taking too long. If you are unable to follow the topic and reply within 3 days, I suggest we close this topic first. When you have the free time and good internet connection, you may start a new topic to check how is the computer is doing. What do you say?
User avatar
Jack&Jill
MRU Emeritus
MRU Emeritus
 
Posts: 2284
Joined: August 19th, 2008, 5:37 am
Location: South East Asia

Re: Possible trojan(s)

Unread postby Shaba » September 10th, 2009, 12:09 am

Due to lack of response this topic is now closed.

If you still require help, please open a new thread in the Infected? Virus, malware, adware, ransomware, oh my! forum, include a fresh FRST log, and wait for a new helper.
User avatar
Shaba
Admin/Teacher Emeritus
 
Posts: 26974
Joined: March 24th, 2006, 4:42 am
Location: Finland
Advertisement
Register to Remove

Previous

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 51 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware