Hey, guys. I know I had a thread where someone helped me a couple months ago, but that was for my dad's laptop. Now, it's my computer, and I think the situation has gotten worse...

Upon start up, when all of my programs are just starting up and showing their logos or whatever (for example, Avira AntiVir shows a sign of their company logo), an error message comes up. It's the first thing that comes up. This has been going on for quite a while now. Here's the message:



And when I click 'OK', this next message comes up:



Now I don't know if it's really related to that, but recently, my internet connection has been very slow. However, please keep in mind that those error messages have been popping up for quite a while now, and I've just ignored it until now because I noticed how slow my computer has been.

I would have a HijackThis log, but I also get an error message for that as well... and here it is:



Thanks to anyone who can help me out.

Yes that's fine about the Java update. Just waiting on the Kaspersky scan - I know it can take a while, so no hurry. Any time you can get me the log that's convenient for you is fine, MBAM is looking good. Kaspersky shouldn't turn up much but I'd like to be sure before I give you the all clear.

- Dave

--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7 REPORT
Friday, December 26, 2008
Operating System: Microsoft Windows Vista Home Premium Edition, 32-bit Service Pack 1 (build 6001)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Friday, December 26, 2008 22:09:52
Records in database: 1518838
--------------------------------------------------------------------------------

Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes

Scan area - My Computer:
C:\
D:\
E:\
F:\
G:\
H:\
I:\

Scan statistics:
Files scanned: 132116
Threat name: 0
Infected objects: 0
Suspicious objects: 0
Duration of the scan: 01:44:42

No malware has been detected. The scan area is clean.

The selected area was scanned.

My computer is running fine, not as laggy anymore. However, I'm still experiencing those two errors that I first mentioned in my first post upon startup.

Hi Libid -

At this point we can be sure that your computer is clean of malware, so those two errors aren't related to any infections. A quick google search looks like they are related to your router - have you been experiencing any problems with your internet connectivity? If you're a do it yourself type I would start by taking a look at the router manual and see what it has to say about troubleshooting error messages. The Netgear website would also be a place to look. Reinstalling or updating the device drivers could also do the trick.

Alternatively, if you'd like some further expert help getting those error messages fixed up, we're a little bit beyond my realm of expertise at this point - you'd be best off starting a new topic in the Networking section of the forums here at Geeks to Go. Just start a new topic there, describe your problem, tell them you've received a clean bill of health in the malware forum, and post a link to this topic so they can see what you've done here. The networking experts are excellent and should have you sorted in no time.

As for right now, I'd like to leave you with the advice I like to give people about preventing future malware infection:

We have a couple last things to take care of and then you're good to go.

Over the course of the fix you've used a variety of special tools to help with the cleaning process - none of these are of any use to you now that you're clean, and it's best not to have them hanging around on your computer. OTCleanIt is a small program that removes all the leftovers tools and logs from cleanup of malware.

Please download OTCleanIt! to your desktop.

• Double-click OTCleanIt.exe to run it. (Vista users, please right click on OTCleanIt.exe and select "Run as an Administrator")
• Click on the CleanUp! button
• A list of tool components used in the cleanup of malware will be downloaded.
• If your firewall or other protection attempts to block OTCleanIt's attempts to reach the internet, please allow it to run.
• Click Yes to begin the Cleanup process and remove the tools we used, including this application.
• You will be asked to reboot the machine to finish the Cleanup process, choose Yes.
• After the reboot all the tools we used should be gone.

Note: RSIT is not currently removed by OTCleanIt. If we used RSIT, feel free to delete RSIT.exe and the logfiles it created manually as they have no further use to you.

We need to flush out all your old system restore points as they are likely to be infected, and then create a new one so you have a clean configuration to return to should you become infected again. The system restore files are protected by your operating system, so this is how we have to get at them:

To manually create a new Restore Point

• Go to Control Panel and select System and Maintenance
• Select System
• On the left select Advance System Settings and accept the warning if you get one
• Select System Protection Tab
• Select Create at the bottom
• Type in a name i.e. Clean
• Select Create

Now we can purge the infected ones

• Go back to the System and Maintenance page
• Select Performance Information and Tools
• On the left select Open Disk Cleanup
• Select Files from all users and accept the warning if you get one
• In the drop down box select your main drive i.e. C
• For a few moments the system will make some calculations
• Select the More Options tab
• In the System Restore and Shadow Backups select Clean up
• Select Delete on the pop up
• Select OK
• Select Delete

Here are some tips to reduce the potential for malware infection in the future; I strongly that you read them and take them to heart so that you don't have to endure the process of cleaning your computer again.

Proper use of antivirus and firewall
Antivirus and Firewall programs are integral to your computer security. However, just having them installed isn't enough. The definitions of these programs are frequently updated to detect the latest malware, and if you don't keep up with these updates then you'll be vulnerable to infection. Many antivirus and firewall programs have automatic update features, make use of those if you can. If your program doesn't, then get in the habit of routinely performing manual updates, because it's important.

You should keep your antivirus and firewall guard enabled at all times, don't shut them off unless there's a specific reason to do so. Also, regularly performing a full system scan with your antivirus program is a good idea to make sure nothing has slipped through your protection. Once a week works well for many people. You can set the scan to run during a time when you don't plan to use the computer and just leave it to complete on its own.

Finally, for a great tutorial on how to get the best protection out of your firewall, visit this link.

Safer web browser
Internet Explorer is not the most secure tool for browsing the web. It has been known to be very susceptible to infection, and there are a couple good free alternatives: Firefox and Opera. Both are excellent faster, safer, more powerful and functional free alternatives to Internet Explorer. It's definitely worth the short period of adjustment to start using one of these. If you wish to continue using Internet Explorer, it would be a good idea to follow the tutorial here which will help you to make IE much safer.

Be careful
Having security programs installed is very helpful to you, but none of them have the gift of human thought. The best way to make sure you don't get infected is to exercise common sense. Be careful of what websites you visit - if a site looks suspicious, trust your instincts and get out of there. Be careful of what attachments you open in emails and files you download from websites - check them over carefully and look at the file extensions to make sure that you know what you're getting. Using peer-to-peer file sharing programs or downloading cracks and keygens is something else to avoid - the files you will be downloading are infected in a vast majority of cases, and the benefits simply aren't worth the risk to your computer.

A couple other useful utilities:
ATF Cleaner: Cleans unnecessary temporary files from your computer, run regularly to save disk space and keep your computer performing smoothly.
McAfee SiteAdvisor: A great firefox add-on that puts McAfee's database of tested sites at your fingertips so you can know whether or not that link you're about to click is safe.

Windows Updates
Along with keeping all of the programs above that you choose to use updated, it is also important to keep up on system updates from Microsoft, as these patch critical security vulnerabilities and keep you safe. You can update them at this site if they don't automatically install for you: http://www.windowsupdate.com. If you have automatic updates, you should always install them as soon as possible, that little bit of extra time is very well worth it instead of getting infected from an exploit and having to clean your PC again.

And finally, see TonyKlein's good advice (recently rewritten by our own admin Kat) which reinforces and extends on some of the above concepts:
So how did I get infected in the first place?

I'll leave this thread open for a couple days in case you come across any lingering problems that need fixing, then I'll close it up. If you need it reopened for any reason just shoot me a PM. It's been a pleasure working with you, now best of luck!

Cheers,
Dave

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.