[Spector437]

My PC is running very well. I've not had any messages or reset cookies in quite a while, so things are running as normal now. Yes, I still get the win32.agent.pz malware detection in spybot at the same place, but it appears to be dormant, if not completely dead- thanks for that

Edited by Spector437, 13 July 2009 - 12:47 PM.

[Advertisements]

Hmm strange but let's proceed:

Run OTL

• Under the Custom Scans/Fixes box at the bottom, paste in the following
  

  :reg
  [-HKEY_USERS\S-1-5-19\Software\Microsoft\Windows NT\CurrentVersion\Network\UID]
  [-HKEY_USERS\S-1-5-20\Software\Microsoft\Windows NT\CurrentVersion\Network\UID]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Network\UID]

• Then click the Run Fix button at the top
• Let the program run unhindered,when it is done it will say "Fix Complete press ok to open log"
• Please post that log in your next reply.

[kahdah]

Hmm strange but let's proceed:

Run OTL

• Under the Custom Scans/Fixes box at the bottom, paste in the following
  

  :reg
  [-HKEY_USERS\S-1-5-19\Software\Microsoft\Windows NT\CurrentVersion\Network\UID]
  [-HKEY_USERS\S-1-5-20\Software\Microsoft\Windows NT\CurrentVersion\Network\UID]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Network\UID]

• Then click the Run Fix button at the top
• Let the program run unhindered,when it is done it will say "Fix Complete press ok to open log"
• Please post that log in your next reply.

[Spector437]

Hi

The OTL scan drew a blank:

========== REGISTRY ==========
Registry key HKEY_USERS\S-1-5-19\Software\Microsoft\Windows NT\CurrentVersion\Network\UID\ not found.
Registry key HKEY_USERS\S-1-5-20\Software\Microsoft\Windows NT\CurrentVersion\Network\UID\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Network\UID\ not found.

OTL by OldTimer - Version 2.1.1.0 log created on 07142009_231844


===========================================================================

If the registry keys can't be found then they don't exist, yet Spybot says they do. If it wasn't for that, then I would have no way of knowing there was anything on my system. I'm not even sure there is, since I'm not getting side-effects any more.

Edited by Spector437, 14 July 2009 - 04:25 PM.

[kahdah]

I am pretty sure it is not there as well.
Let's give it a few days and post back here if everything is still working correctly.

[Spector437]

Hi

Here's an update:

It's gone!

I checked again just an hour ago, and Spybot S&D doesn't trace the win32.agent.pz any more. Superb!

Thank you very much, and I will be making a donation later on

Gordon

[kahdah]

Great


Cleanup:

Please double click on OTL it to run it.
Then click on Clean up.
Restart your computer when prompted.
This will remove what tools we used.
===============
Your Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system. Please follow these steps to remove older version Java components and update:

• Download the latest version of Java Runtime Environment (JRE) Version 6 and save it to your desktop.
• Scroll down to where it says "Java SE Runtime Environment (JRE) 6 Update 14...allows end-users to run Java applications".
• Click the "Download" button to the right.
• Select your Platform: "Windows".
• Select your Language: "Multi-language".
• Read the License Agreement, and then check the box that says: "Accept License Agreement".
• Click Continue and the page will refresh.
• Click on the link to download Windows Offline Installation and save the file to your desktop.
• Close any programs you may have running - especially your web browser.
• Go to Start > Settings > Control Panel, double-click on Add/Remove Programs and remove all older versions of Java.
• Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
• Click the Remove or Change/Remove button.
• Repeat as many times as necessary to remove each Java versions.
• Reboot your computer once all Java components are removed.
• Then from your desktop double-click on jre-6u10-windows-i586-p.exe to install the newest version.

======================
Delete\uninstall anything else that we have used.

System Restore
Then I will need you to reset your System Restore points.
The link below shows how to create a clean restore point.
How to Turn On and Turn Off System Restore in Windows XP
http://support.micro...kb/310405/en-us

If you are using Vista then see this link > http://www.bleepingc...143.html#manual
=====================================
After that your all set.


The following are some articles and a Windows Update link that I like to suggest to people to prevent malware and general PC maintenance.

Windows Updates - It is very important to make sure that both Internet Explorer and Windows are kept current with the latest critical security patches from Microsoft. To do this just start Internet Explorer and select Tools > Windows Update, and follow the online instructions from there.

Prevention article To find out more information about how you got infected in the first place and some great guidelines to follow to prevent future infections please read the Prevention artice by Miekiemoes.

If your computer is slow Is a tutorial on what you can do if your computer is slow.

[Spector437]

Ok I will do all that when I get back from holiday next week and let you know that everything is okay

[kahdah]

ok sounds good.

[Spector437]

Finally I get down to doing this after coming back from hols! I've carried out all the things you asked and it's still running fine so thanks once again, and a wee donation as well has been given