Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

"Vista Security Alert" (or some fake using Vista name)


  • Please log in to reply

#16
briz_dad

briz_dad

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 251 posts
Vino's Event Viewer v01c run on Windows Vista in English
Report run at 15/05/2011 1:21:52 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


Vino's Event Viewer v01c run on Windows Vista in English
Report run at 15/05/2011 1:22:45 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 15/05/2011 8:20:55 PM
Type: Error Category: 0
Event: 8003 Source: bowser
The master browser has received a server announcement from the computer GWILKER-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{6B4FF9AD-16B5-439D-BB88-A63F766. The master browser is stopping or an election is being forced.

Log: 'System' Date/Time: 15/05/2011 8:08:55 PM
Type: Error Category: 0
Event: 8003 Source: bowser
The master browser has received a server announcement from the computer GWILKER-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{6B4FF9AD-16B5-439D-BB88-A63F766. The master browser is stopping or an election is being forced.

Log: 'System' Date/Time: 15/05/2011 7:56:59 PM
Type: Error Category: 0
Event: 8003 Source: bowser
The master browser has received a server announcement from the computer GWILKER-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{6B4FF9AD-16B5-439D-BB88-A63F766. The master browser is stopping or an election is being forced.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


GWILKER-PC is my computer - this laptop is on a wireless network which is what I think the above is referencing.
  • 0

Advertisements


#17
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,330 posts
  • MVP
Logs look clean. Do you still have any problems?

Ron
  • 0

#18
briz_dad

briz_dad

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 251 posts
no - all looks good... are there files I should remove for healthy clean-up?

(and then I'll do some normal updates to her system and programs)

by the way, is CC Cleaner a good program to run on default settings for fixes & clean-up?
  • 0

#19
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,330 posts
  • MVP
I used to like CCleaner but I think it's too aggressive and removes stuff that it shouldn't so I don't use it any more. It's also a registry cleaner these days and that usually does more harm than good.

We need to clean up System Restore.

The best way is to follow Jim's procedure here http://aumha.net/vie...581099691bf108f
tho it hasn't been updated for Vista or Win 7 yet so To create a Restore Point try this:
right click on Computer and select Properties and System Protection (Continue) and then Create (at the bottom). OK Give it a name like Clean and then Create. OK. OK.

Once you have created a Restore Point:

Now Start (Windows Logo Button), Programs, Accessories, Right click on Command Prompt and select Run As Administrator,
cleanmgr

Select "Files from All Users."
Continue

Select OS (C:)
OK

It will think for a few minutes.

Then come up with a few suggestions. Ignore those and press More Options. Under System Restore and Shadow Copies, click Clean Up and let it do its thing.

You can uninstall or delete any tools we had you download and their logs.
To uninstall combofix, pause your anti-virus, copy the next line:

"%userprofile%\Desktop\george.exe" /Uninstall

Start, Run, cmd, OK then right click, Paste, then hit Enter.

Unpause youe anti-virus.

To hide hidden files again:

Vista or Win7

# Open the Control Panel menu and click Folder Options.
# After the new window appears select the View tab.
# Remove the check in the checkbox labeled Display the contents of system folders.
# Under the Hidden files and folders section select the radio button labeled Do not Show hidden files and folders.
# Check the checkbox labeled Hide protected operating system files.
# Press the Apply button and then the OK button and exit My Computer.


You do not have the latest Java (Java™ 6 Update 25). Get the latest at:

http://javadl.sun.co...?BundleId=41723

Save it to your PC then close all browsers and install it.

Once you install it, go into Control Panel, Add/Remove Software and remove any old versions (which may call themselves: Java Runtime, Runtime Environment, Runtime, JRE, Java Virtual Machine, Virtual Machine, Java VM, JVM, VM, J2RE, J2SE)
I see:
Java™ 6 Update 23 which may be new enough that it will be removed automatically but there may be others.

Also make sure you have the latest versions of any adobe.com products you use like Shockwave, Flash or Acrobat. Flash Player recently came out with a new version which fixes an exploit hole. See http://aumha.net/vie...&st=0&sk=t&sd=a Adobe is fond of foisting GetPlus on you. You can let them install it and then afterwards, go into Control Panel, Add/Remove Software and remove it. It probably doesn't hurt to leave it but I don't see the need for it and it has caused problems in the past.

Whether you use adobe reader, acrobat or fox-it to read pdf files you need to disable Javascript in the program. There is an exploit out there now that can use it to get on your PC. For Adobe Reader: Start, All Programs, Adobe Reader, Edit, Preferences, Click on Javascript in the left column and uncheck Enable Acrobat Javascript. OK Close program. It's the same for Foxit reader except you uncheck Enable Javascript Actions.

I recommend you install the free WinPatrol from http://www.winpatrol.com/download.html

It's a small program that will sit in your systray and warn you if something tries to make changes to your system.

If you use USB drives you might want to install Autorun Eater v2.5.
http://download.cnet...4-10752777.html
Another small program which will stay resident and prevent an infected USB drive from infecting your PC.
There was a Microsoft update recently which killed off autorun but it can easily be revived so Autorun Eater may still have some value.

If you use Firefox (update to the latest (4.0.1 or better) then get the AdBlock Plus Add-on. WOT (Web of Trust) is another you might want to try.

If Firefox is slow loading make sure it only has the current Java add-on. Then download and run Speedy Fox.
http://www.crystalidea.com/speedyfox. It seems to work best if you reboot right after running it. You can run it any time that Firefox seems slow.

Be warned: If you use Limewire, utorrent or any of the other P2P programs you will almost certain be coming back to the Malware Removal forum. If you must use P2P then submit any files you get to http://virustotal.com before you open them.

If you have a router, log on to it today and change the default password! If using a Wireless router you really should be using encryption on the link. Use the strongest (newest) encryption method that your router and PC wireless adapter support especially if you own a business. See http://www.king5.com...-120637284.html and http://www.seattlepi...ted-1344185.php for why encryption is important. If you don't know how, visit the router maker's website. They all have detailed step by step instructions or a wizard you can download.



Ron
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP