Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Hijackthis log from Italy

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: Hijackthis log from Italy

Unread postby Vino Rosso » March 14th, 2008, 1:06 pm

Hi Michele

Again, it looks like someone was logged into the account called Barbara and using the computer while the Kaspersky scan was running.

There's no need to run AWF again.

The only visible malware files are in the system restore area. It's possible that SpyBot is seeing these but they are OK in there for now. Is SpyBot still reporting the presence of a dialler?

Can you tell me if you are having any problems with the normal operation of the computer.

Thanks
Vino
User avatar
Vino Rosso
Admin/Teacher Emeritus
 
Posts: 9024
Joined: April 24th, 2006, 8:36 am
Location: Gloria Jean's in Murray St. Mall (I wish!)
Advertisement
Register to Remove

Re: Hijackthis log from Italy

Unread postby carra » March 14th, 2008, 6:20 pm

Hi Vino Rosso,
no-one is logged in the computer after myself. No-one is logged into the 'Barbara' account, which is a limited account.
Anyway, SpybotS&D did not find anything relevant (only a few IE cookies).
Also the major threath (CARPEDIEM VARS dialer) disappeared.
I attach, to whom it may concern, the last log from ClamAV and I test now Windows, following a every-day-use style.
I hope everything will be fine.
I thank you for your kind collaboration and invaluable effort.
Sincerely,

Michele 'carra'
You do not have the required permissions to view the files attached to this post.
carra
Active Member
 
Posts: 11
Joined: March 6th, 2008, 5:16 pm

Re: Hijackthis log from Italy

Unread postby Vino Rosso » March 14th, 2008, 7:05 pm

Ciao Michele

Your log now appears to be clean. Congratulations!

Please let me know of any problems before continuing with the following.

1 - Delete ComboFix and Clean Up
Click Start > Run > type combofix /u > OK (Note the space between combofix and /u)
Please advise if this step is missed for any reason as it performs some important actions.
Note: If your protection programs give any warnings, please allow ComboFix to run.

2 - General Security and Computer Health
Below are some steps to follow in order to dramatically lower the chances of reinfection
You may have already implemented some of the steps below, however you should follow any steps that you have not already implemented.
  1. Clear Infected System Restore Points
    • Turn System Restore off
    • On the Desktop, right click on the My Computer icon.
    • Click Properties.
    • Click the System Restore tab.
    • Check Turn off System Restore on all drives.
    • Click Apply, and then click OK.
    Restart your computer
    • Turn System Restore on
    • On the Desktop, right click on the My Computer icon.
    • Click Properties.
    • Click the System Restore tab.
    • Uncheck Turn off System Restore on all drives.
    • Click Apply
    • Click each drive in turn where system restore is not required and click Settings
    • Check Turn off system restore on this drive, click Yes then click OK.
    Note: only do this once, and not on a regular basis
  2. Make sure that you keep your antivirus updated
    New viruses come out every minute, so it is essential that you have the latest signatures for your antivirus program to provide you with the best possible protection from malicious software.
    Note: You should only have one antivirus installed at a time. Having more than one antivirus program installed at once is likely to cause conflicts and may well decrease your overall protection as well as impairing the performance of your PC.
  3. Install and use a firewall with outbound protection
    The Windows firewall only monitors incoming traffic, NOT outgoing. Using a software firewall in its default configuration to replace the Windows firewall greatly reduces the risk of your computer being hacked. Make sure your firewall is always enabled while your computer is connected to the internet.
    Note: You should only have one firewall installed at a time. Having more than one firewall installed at once is likely to cause conflicts and may well decrease your overall protection as well as seriously impairing the performance of your PC.
  4. Security Updates for Windows, Internet Explorer & Microsoft Office
    Whenever a security problem in its software is found, Microsoft will usually create a patch so that after the patch is installed, attackers can't use the vulnerability to install malicious software on your PC. Keeping up with these patches will help to prevent malicious software being installed on your PC.
    Ensure you are registered for Windows updates via Start > right-click on My Computer > Properties > Automatic Updates tab or visit the >Microsoft Update site< on a regular basis.
    Note: The update process uses ActiveX, so you will need to use internet explorer for it and allow the ActiveX control to install.
  5. Update Non-Microsoft Programs
    Microsoft isn't the only company whose products can contain security vulnerabilities. To check whether other programs running on your PC are in need of an update, you can use the >Secunia Software Inspector< - I suggest that you run it at least once a month
  6. Make Internet Explorer More Secure
    Click Start > Run > type inetcpl.cpl > OK
    Click on the Security tab
    Click Reset all zones to default level
    Make sure the Internet Zone is selected and click Custom level
    In the ActiveX section, set the first two options ("Download signed and unsigned ActiveX controls) to "Prompt", and ("Initialize and Script ActiveX controls not marked as safe") to "Disable".
    Next Click OK, then Apply button and then OK to exit the Internet Properties page.
    Further information for IE7 can be found >here<

    Next, if they're not already present, I would recommend the download and installation of some or all of the following programs, and the updating of them on a regular basis:
  7. WinPatrol
    As a robust security monitor, WinPatrol will alert you to hijackings, malware attacks and critical changes made to your computer without your permission. WinPatrol takes snapshot of your critical system resources and alerts you to any changes that may occur without your knowledge. For more information, please visit >here<
  8. SpywareBlaster
    SpywareBlaster sets killbits in the registry to prevent known malicious ActiveX controls from installing on your computer.
    If you don't know what ActiveX controls are, see >here<
    You can download SpywareBlaster from >here<
  9. Spybot Search & Destroy
    Instructions are located >here<
    Make sure you update, reimmunize and scan regularly
  10. Hosts File
    For added protection you may also like to add a host file. A simple explanation of what a Hosts file does is >here< and for more information regarding host files read >here<
  11. a-squared Free
    a-squared free is a product from Emsi Software, provided free for private use, that can detect and remove a variety of malicious software. You can get it >here<
    Note: If you have a dialup internet connection, you may also like to install >a-squared Anti-Dialer< which provides some real time protection against premium rate dialers
  12. Finally I am trying to make one point very clear. It is absolutely essential to keep all of your security programs up to date
I'd be grateful if you could reply to this post so that I know you have read it and, if you've no other questions, the thread can be closed.

Safe Computing
Vino
User avatar
Vino Rosso
Admin/Teacher Emeritus
 
Posts: 9024
Joined: April 24th, 2006, 8:36 am
Location: Gloria Jean's in Murray St. Mall (I wish!)

Re: Hijackthis log from Italy

Unread postby carra » March 16th, 2008, 4:46 am

Hi Vino Rosso,
I followed Your kind advice through point f. and everything seems stable and fine.
At the moment I will NOT load any more security program and I will trust only Spybot and ClamAV.
By the way, I also configured properly the CD burner, which gave me a lot of troubles in the past, reading some documentation about administrative tasks in WXPPro, and I learned a bunch of useful infos on computer protection.
So it is safe to positively close this thread.
A last notice: I will donate some bucks to the Spybot project, which helped me A LOT; can you give an advice about another program which is worth donate to?
You worked for me, Vino, without a fee, so I think it is correct to give a SMALL amount of money to a safety project following Your advice.
Of course, You can just accept my heartful THANK YOU.
Peace be upon You.

Michele 'carra'
carra
Active Member
 
Posts: 11
Joined: March 6th, 2008, 5:16 pm

Re: Hijackthis log from Italy

Unread postby Vino Rosso » March 16th, 2008, 8:05 am

Hi Michele

SpyBot is an excellent program and worthy of your suggested donation. The site is here: http://www.safer-networking.org/en/donate/index.html

Another excellent program is >WinPatrol<. It's not so much a scanner but a monitor. I believe it would be a good addition to your setup.
"WinPatrol uses a heuristic behavioral approach to detecting attacks and violations of your computing environment. Traditional security programs scan your hard drive searching for previously identified threats. WinPatrol takes snapshot of your critical system resources and alerts you to any changes that may occur without your knowledge."

Finally, all helpers here are volunteers and do not accept any payment for the help we provide. The forum hosting however is not free and we do rely on donations to keep us online. If you wish to donate, no matter how small, it would be greatly appreciated. >Malware Removal Donations Page< or click 'Support Us' at the top of the page.

Auguri
Vino
User avatar
Vino Rosso
Admin/Teacher Emeritus
 
Posts: 9024
Joined: April 24th, 2006, 8:36 am
Location: Gloria Jean's in Murray St. Mall (I wish!)

Re: Hijackthis log from Italy

Unread postby carra » March 17th, 2008, 4:50 am

Hi Vino Rosso,
at the moment I was unable to donate through Paypal: https://www.paypal.com/uk/cgi-bin/webscr?
I will try again later.
Have a good day.

Michele 'carra'
carra
Active Member
 
Posts: 11
Joined: March 6th, 2008, 5:16 pm

Re: Hijackthis log from Italy

Unread postby Elrond » March 27th, 2008, 4:18 am

This topic is now closed. If you wish it reopened, please send us an email to 'admin at malwareremoval.com' with a link to your thread.

You can help support this site from this link :
Donations For Malware Removal

Do not bother contacting us if you are not the topic starter. A valid, working link to the closed topic is required along with the user name used. If the user name does not match the one in the thread linked, the email will be deleted.
User avatar
Elrond
Admin/Teacher Emeritus
 
Posts: 8818
Joined: February 17th, 2005, 9:14 pm
Location: Jerusalem
Advertisement
Register to Remove

Previous

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 330 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware