66 replies to this topic

[LMac]

_{The batchfile ran.  A quick flash on the screen and it deleted itself}

[LiquidTension]

Yes, that means it ran successfully. Please proceed with MBAM and ESET to check for any remnants. 

[LMac]

Step 2 anti-malware ran and found no threats.

I follwoed instruction went to history tab opened the log.

 

The form was bigger than the screen and the export button I assume is on the bottom, because I could not see it and I could not see the bottom of the form.

 

 

I tried to resize it - wouldn't let me.

I tried to move the form, but it wuld not let me move it high enough tosee the bottom of the form.

 

I tried making the view in my web browser small 50%  still did not help

[LiquidTension]

OK. This is a known issue with MBAM on XP machines I believe. 

 

As no threats were found, the log isn't important. Please proceed with ESET. 

[LMac]

The ESET scan.

C:\FRST\Quarantine\C\Documents and Settings\All Users\Application Data\50BC232.cpp.xBAD a variant of Win32/Kryptik.CKLB trojan
 

 

I did turn off norton before I ran this.  When the program finsihed Norton was back on.   I think it was the 15 min timer on norton that turned it back on.

[LiquidTension]

Hi Larry, 
 
No problem about Norton. We have a few updates to perform, remove the tools we've used, and we'll be done. 
 
I'm going to use this opportunity to provide information on the unsupported nature of your Operating System (XP).
 

Unsupported Operating System Warning

------------------------------
 
On April 8th 2014, Microsoft officially declared Windows XP as unsupported, and consequently ceased the production and release of Windows XP Updates and Security Patches. Please read the following articles:

• End Of Support For Windows XP SP3 is April 8, 2014
• Windows XP - The Elephant In The Room
• With XP ending, what are your alternatives?

Without Windows Updates, your computer will be continuously susceptible to malware infection. In the past, vulnerabilities found in the Windows XP software were patched shortly after by Microsoft issuing an Update. Now that XP is no long supported with Updates, once a vulnerability is discovered, it will not be patched; allowing malware authors to freely distribute their exploit in the knowledge the vulnerability will not be patched.
 
Please let me know if you have any questions.

 

 
 
STEP 1
 Creating System Restore Point (XP)

• Press the windows key  + r on your keyboard at the same time.
• Copy the entire contents of the codebox below and paste into the Run box.

%systemroot%\system32\restore\rstrui.exe

• Click Create a Restore Point then click Next.
• Type SP3 Reinstall in the name field and click Create.
   

STEP 2
 Manually Installing Windows XP Service Pack 3

• Download WindowsXP-KB936929-SP3-x86-ENU.exe and save the file to your desktop.
• Double-click the icon and click Run
• Allow the programme to extract the files.
• Click Next.
• Click I Agree, then Next.
• The Software Update Installation Wizard will inspect your current configuration and should install the files.
• Note: If you receive an error please stop, note the error and provide the information in your next reply. 
• When you are notified you have successfully completed the Service Pack 3 Setup Wizard click Finish and allow your computer to automatically reboot.
   

======================================================
 
STEP 3
 Logs
In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.

• Did Service Pack 3 install successfully? 

[LMac]

I knew XP was no longer supported.

The infectedc PC is old. I am not even sure the newer version of windows would run on it.

I would consider upgrading if it would.

A few years ago I got a bad virus on the computer I use for personal business.  I lost a lot of data and did not have a back up.

So I have a new computer with current windows and I have a network back up system in place that does a back up daily.

I only use the new computer on the internet for site I know.  I also have Noton.

 

I use this old computer if I am going to sites I do not know.  There is nothing on here no data.  No personal info and I never go to any of my safe sites like my bank.

 

IIs it possible to make an image of the system as it sits now?  I could restore the whole image every month or so. 

 

If you think it is worthwhile upgrading I can do that as well.

[LiquidTension]

Yes, we can create an image. Would you prefer to do this before updating to SP3 and removing the tools we've used, or after? 

 

This machine doesn't have enough RAM to upgrade. I doubt other hardware components would be able to support Windows 7 or 8 either. 

[LMac]

Let's wait until we are finished.

 

SP3 is still running.  I need to go out for a few hours.  I will send you the results when I get back.

[LMac]

Adam, SP3 installed without error and the PC has rebooted.

[LiquidTension]

Very good. Are there any outstanding issues?

If not, we will update your software, remove our tools, and create the image of your HDD.

[LMac]

No issues....    all is looking good

[LiquidTension]

Very good. Please do the following. 

 

STEP 1
 Update Outdated Software
Outdated software contain security risks that must be patched. Please download and install the latest version of the programmes below.

•  Java SE Development Kit (if you require Java JRE)
•  Follow these instructions to check for and download the latest Windows Updates.
   

STEP 2
 Remove Outdated Software

• Press the Windows Key  + r on your keyboard at the same time. Type appwiz.cpl and click OK.
• Search for the following programmes, right-click and click Uninstall one at a time.
  • Java 2 Runtime Environment Standard Edition v1.3.1 
• Follow the prompts and reboot if necessary.
   

STEP 3
 Security Check

• Please download SecurityCheck and save the file to your Desktop.
• Double-click SecurityCheck.exe and follow the onscreen instructions inside the black box.
• A log (checkup.txt) will automatically open on your Desktop.
• Copy the contents of the log and paste in your next reply.
   

======================================================
 
STEP 4
 Logs
In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.

• checkup.txt

[LMac]

Results of screen317's Security Check version 0.99.87 
 Windows XP Service Pack 3 x86  
 Internet Explorer 8 
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Disabled! 
 Norton Internet Security   
`````````Anti-malware/Other Utilities Check:`````````
````````Process Check: objlist.exe by Laurent```````` 
 Malwarebytes Anti-Malware mbamservice.exe 
 Malwarebytes Anti-Malware mbam.exe 
 Malwarebytes Anti-Malware mbamscheduler.exe  
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:: 8%
````````````````````End of Log``````````````````````
 

 

I did not do the Java update.  ( I do not think I have Java on this PC)

 

Th eexplorer 8.1 check said my system was not capable of the upgrade.

[LiquidTension]

Okay, not to worry. If you've yet to do so, please check for Java 2 Runtime, and uninstall if present. This outdated software is particularly vulnerable.

Your log indicates your Hard Drive has 8% fragmentation. Have you performed a defrag before? Do you know how?

I will return with instructions for you tomorrow.