[jrdriv]

Hello,
Here is the log from MBAM. As for the AVP tool, there was nothing detected.



Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 5505

Windows 5.1.2600 Service Pack 2
Internet Explorer 8.0.6001.18702

1/11/2011 5:48:16 PM
mbam-log-2011-01-11 (17-48-16).txt

Scan type: Quick scan
Objects scanned: 159180
Time elapsed: 3 minute(s), 44 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{52794457-af6c-4c50-9def-f2e24f4c8889} (PUP.WhiteSmoke) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

[Advertisements]

Hi jrdriv,

Congratulations, the machine is clean.

Lets wrap up.

• Download OTL to your desktop
• Open OTL
• Under the Custom Scans/Fixes box at the bottom, paste in the following:
  
  

  :OTL
  
  :Services
  
  :Reg
  
  :Files
  
  :Commands
  [purity]
  [resethosts]
  [emptytemp]
  [EMPTYFLASH]
  [CLEARALLRESTOREPOINTS]
  [Reboot]

• Then click the Run Fix button at the top
• You may be asked to reboot - if so, choose Yes

We need to remove all the tools that you have used.
This is so that should you ever be re-infected, you will download updated versions. It will also remove the quarantined Malware from your computer.

Remove ComboFix

• Click the Start button
• Click Run...
• Type Combofix /Uninstall in the run dialog box and click OK

Clean Temporary Files

• Download TFC to your desktop
• Open the file and close any other windows
• It will close all programs itself when run - make sure to let it run uninterrupted
• Click the Start button to begin the process - the program should not take long to finish its job
• Once it is finished, it should reboot your machine, if not, do this yourself to ensure the cleaning process completes

Lets Re-hide system files and folders.
Opening Windows Explorer (to get there right-click your Start button and go to "Explore"), please do the following:

• Go to Tools (drop-down menu at the top of the window)
• Go down and click Folder Options
• Click on the View tab
• Find the Hidden Files and Folders section of the box and check "Do not show hidden files and folders"
• Again under Hidden Files and Folders, find "Hide protected operating system files (Recommended)" and check it (if it's already checked)
• Click Apply, and then Ok at the bottom.
• Close the window

++++++++++++++++++++++++++++++++++++


Below are links to several programs that will help protect your computer.

Anti-Spyware
To protect your system from spywares .

• SpywareBlaster keeps spyware from installing on your system - read the tutorial here
• SpywareGuard protects your browser and computer in real time - read the tutorial here
• SUPERAntiSpyware Free Edition detects and removes spyware, adware, malware, trojans, rogue software, worms, rootkits, parasites and other potentially harmful software applications - read the tutorial here

++++++++++++++++++++++++++++++++++++

Windows Update

Upgrading to Windows XP SP3 will make your machine more secure. You can learn how you can update your current version of windows to SP3 here.

Other things to keep in mind.

Windows, Java, and Adobe products should all be kept up-to-date on a regular basis so the latest security fixes are in place on your computer. Please refer to the following links on how to manage these products.

• Windows Update (2000/XP) or Windows Update (Vista)
• Java
• Adobe Reader
• Adobe Flash Player

Here are a few other applications you might consider. Keeping your temporary file area clean, your Windows registry backed up, and backing up your important data are all good techniques.

• Flush Flash - by Bobbi Flekman - cleans Flash Player cookies
• ERUNT (Emergency Recovery Utility NT) - a registry backup utility
• Cobian Backup - a very good backup utility - read the tutorial here
• WOT, Web of Trust, warns you about risky websites that try to scam visitors, deliver malware or send spam. Protect your computer against online threats by using WOT as your front-line layer of protection when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites, helping you avoid the dangerous sites:
• Green to go
• Yellow for caution
• Red to stop

WOT has an addon available for Chrome and Opera.
Please remember that just having these programs is not enough. You must use them. Running a full spyware scan weekly, a full virus scan monthly, and checking for updates and cleaning your temporary files periodically is very important in keeping your computer in tip-top shape.

Finally, please take the time to read the following articles. Applying this information will help prevent future infections:

How to prevent malware by miekiemoes
Preventing Malware and Safe Computing by Rorschach112

This article will help you understand how you may have gotten infected:
How did I get infected in the first place?

Remember, you have to be smarter than the bad guys! Be safe out there!

[Salagubang]

Hi jrdriv,

Congratulations, the machine is clean.

Lets wrap up.

• Download OTL to your desktop
• Open OTL
• Under the Custom Scans/Fixes box at the bottom, paste in the following:
  
  

  :OTL
  
  :Services
  
  :Reg
  
  :Files
  
  :Commands
  [purity]
  [resethosts]
  [emptytemp]
  [EMPTYFLASH]
  [CLEARALLRESTOREPOINTS]
  [Reboot]

• Then click the Run Fix button at the top
• You may be asked to reboot - if so, choose Yes

We need to remove all the tools that you have used.
This is so that should you ever be re-infected, you will download updated versions. It will also remove the quarantined Malware from your computer.

Remove ComboFix

• Click the Start button
• Click Run...
• Type Combofix /Uninstall in the run dialog box and click OK

Clean Temporary Files

• Download TFC to your desktop
• Open the file and close any other windows
• It will close all programs itself when run - make sure to let it run uninterrupted
• Click the Start button to begin the process - the program should not take long to finish its job
• Once it is finished, it should reboot your machine, if not, do this yourself to ensure the cleaning process completes

Lets Re-hide system files and folders.
Opening Windows Explorer (to get there right-click your Start button and go to "Explore"), please do the following:

• Go to Tools (drop-down menu at the top of the window)
• Go down and click Folder Options
• Click on the View tab
• Find the Hidden Files and Folders section of the box and check "Do not show hidden files and folders"
• Again under Hidden Files and Folders, find "Hide protected operating system files (Recommended)" and check it (if it's already checked)
• Click Apply, and then Ok at the bottom.
• Close the window

++++++++++++++++++++++++++++++++++++


Below are links to several programs that will help protect your computer.

Anti-Spyware
To protect your system from spywares .

• SpywareBlaster keeps spyware from installing on your system - read the tutorial here
• SpywareGuard protects your browser and computer in real time - read the tutorial here
• SUPERAntiSpyware Free Edition detects and removes spyware, adware, malware, trojans, rogue software, worms, rootkits, parasites and other potentially harmful software applications - read the tutorial here

++++++++++++++++++++++++++++++++++++

Windows Update

Upgrading to Windows XP SP3 will make your machine more secure. You can learn how you can update your current version of windows to SP3 here.

Other things to keep in mind.

Windows, Java, and Adobe products should all be kept up-to-date on a regular basis so the latest security fixes are in place on your computer. Please refer to the following links on how to manage these products.

• Windows Update (2000/XP) or Windows Update (Vista)
• Java
• Adobe Reader
• Adobe Flash Player

Here are a few other applications you might consider. Keeping your temporary file area clean, your Windows registry backed up, and backing up your important data are all good techniques.

• Flush Flash - by Bobbi Flekman - cleans Flash Player cookies
• ERUNT (Emergency Recovery Utility NT) - a registry backup utility
• Cobian Backup - a very good backup utility - read the tutorial here
• WOT, Web of Trust, warns you about risky websites that try to scam visitors, deliver malware or send spam. Protect your computer against online threats by using WOT as your front-line layer of protection when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites, helping you avoid the dangerous sites:
• Green to go
• Yellow for caution
• Red to stop

WOT has an addon available for Chrome and Opera.
Please remember that just having these programs is not enough. You must use them. Running a full spyware scan weekly, a full virus scan monthly, and checking for updates and cleaning your temporary files periodically is very important in keeping your computer in tip-top shape.

Finally, please take the time to read the following articles. Applying this information will help prevent future infections:

How to prevent malware by miekiemoes
Preventing Malware and Safe Computing by Rorschach112

This article will help you understand how you may have gotten infected:
How did I get infected in the first place?

Remember, you have to be smarter than the bad guys! Be safe out there!

[jrdriv]

WOW! Thank You Salagubang! You do great work. I really appreciate your time. My machine is working fine. I intend to keep it that way!

[Salagubang]

Your welcome.

[Essexboy]

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.