how-to block ads
|
CalamityJane
Premium,VIP,MVM
join:2002-08-27
Eustis, FL | reply to fundamentalz
Re: [Vundo] Vundo Infection
Looks good now 
How is your computer acting at this point?
Don't forget to turn back on your Security Programs. | |
fundamentalz
The Basics
Premium
join:2004-04-30
Moorpark, CA
| said by CalamityJane  :Looks good now How is your computer acting at this point? Don't forget to turn back on your Security Programs. It feels like things are back to normal now. Thanks a lot.
By the way, do you know what it was that I was infected with, such as a keylogger?
Anyways, your efforts are very much appreciated.
--
I subscribe to the theory of intellectual osmosis. Unfortunately, I must now cease our conversation and move away from you before my intelligence begins to drop. Good day. | |
CalamityJane
Premium,VIP,MVM
join:2002-08-27
Eustis, FL
| What we removed was mostly Vundo related. It doesn't usually involve a keylogger (and the logs you posted didn't show signs of one), but I don't know what the other pre-cleaning you used may have removed.
Some final cleanup and prevention recommendations follow.
This step will uninstall the ComboFix tool, delete any remaining quarantined files, and reset your Windows Folder options to default (to rehide operating system files, etc), since it isn't needed anymore:
Click Start, then click Run.
Enter into the command box that opens: combofix /u and then click OK.
Do a disk cleanup. Go to Start > Run and type in the box: Cleanmgr
Wait while Windows scans your system for files to delete.
Make sure these 3 are checkmarked and press *ok* to delete them.
Temporary Files
Temporary Internet Files
Recycle Bin
Now that your PC is clean, make sure all programs are running properly and then you'll need to reset your restore point in Windows XP.......why?
One of the best features of Windows ME or XP is the System Restore option, however if a malware infects a computer with this operating system it can be backed up in the System Restore folder. Therefore, clearing the restore points is necessary after malware removal.
To reset your restore points, please note that you will need to log into your computer with an account which has full administrator access. You will know if the account has administrator access because you will be able to see the System Restore tab. If the tab is missing, you are logged in under a limited account.
(winXP)
1. Turn off System Restore.
Go to Start and right-click on *My Computer*.
Click Properties.
Click the System Restore tab.
Put a Checkmark in the box next to "Turn off System Restore".
Click Apply, and then click OK.
2. Reboot.
3. Turn ON System Restore.
Go to Start and right-click on *My Computer*.
Click Properties.
Click the System Restore tab.
Remove the checkmark next to "Turn off System Restore".
Click Apply, and then click OK.
How to Turn On and Turn Off System Restore in Windows XP
»support.microsoft.com/default.as···s;310405
......................
Also, I can't stress enough the importance of having your Windows critical Security Updates. Most malware today uses exploits on unpatched systems to creep onto your system without your even doing anything but visiting an infected webpage!!
Make sure that you keep your Operating System and IE updated with the latest Critical Security Updates from Microsoft...they usually come out once a month, on the 2nd Tuesday of each month. This is the first step in malware prevention, as many nasties now take advantage of new exploits and if not patched, you are vulnerable!
Windows Update
»update.microsoft.com/microsoftupdate/
Watch what you download, be careful where you surf, and don't trust attachments or even links in email and Instant messages. Even if they come from a buddy, that buddy could be the one infected and it is the virus sending that link from his account. You click on it thinking he is trusted, and *boom* you're infected.
Many "Phishing" attempts are made by cleverly crafted email to look like it is coming from an "official" source (like Microsoft, or your bank, or some other provider). Don't click on links in those. Go directly to the site instead and navigate the menus - don't trust email you think came from a "safe source" unless you are expecting it! There is more in the link I will provide below, but those are the choice avenues of infection these days.
Stay far AWAY from cracks and warez sites - you're sure to get infected files there, and the same can be said for files downloaded from p2p (more than half are usually infected and probably not detectable by your current security software - the newest nasties are always released in those venues).
A word about shared computers and networks.
Share Your PC
»www.microsoft.com/windowsxp/usin···tro.mspx
Not all users need to have Admin Accounts. It is much safer to have most of your users on a shared system running as Limited User accounts. That way, if there is "an accident", it will only affect one user's account and not the entire system.
I also highly recommend to get the free tool, Microsoft Baseline Security Analyzer (MBSA) from Microsoft to analyze your PC security for prevention purposes.
MBSA Version 2.0 will scan for common system misconfigurations on Windows 2000, Windows XP, and Windows Server 2003 systems. This program will identify the system security weaknesses in your browser and operating system and provides easy instructions to correct them. This includes any missing critical Windows security updates, system vulnerabilities and your IE Browser security settings. Get the download here:
Microsoft Baseline Security Analyzer
»www.microsoft.com/technet/securi···ome.mspx
Choose MBSAsetup-EN.msi = (English Version) or the language appropriate for you.
--
It takes a disaster to make a woman out of a female
Microsoft MVP/Windows Security 2003-2008
Proud Member of ASAP (Alliance of Security Analysis Professionals) | |
|
