looks like there are some more Should I install SP2 now?

Thursday, May 25, 2006 9:30:08 PM
Operating System: Microsoft Windows XP Professional, Service Pack 1 (Build 2600)
Kaspersky On-line Scanner version: 5.0.78.0
Kaspersky Anti-Virus database last update: 26/05/2006
Kaspersky Anti-Virus database records: 184608
Scan Settings
Scan using the following antivirus database standard
Scan Archives false
Scan Mail Bases false
Scan Target My Computer
C:\
D:\
E:\
Y:\
Z:\
Scan Statistics
Total number of scanned objects 29236
Number of viruses found 6
Number of infected objects 6
Number of suspicious objects 0
Duration of the scan process 00:08:59

Infected Object Name Virus Name Last Action
C:\System Volume Information\_restore{99AE2350-C63B-48CE-B4F1-4364A54AD487}\RP1\A0000093.exe Infected: Trojan-Clicker.Win32.VB.ly skipped
C:\System Volume Information\_restore{99AE2350-C63B-48CE-B4F1-4364A54AD487}\RP1\A0000098.exe Infected: Trojan-Downloader.Win32.VB.ada skipped
C:\System Volume Information\_restore{99AE2350-C63B-48CE-B4F1-4364A54AD487}\RP1\A0000099.exe Infected: Trojan-Downloader.Win32.VB.adb skipped
C:\System Volume Information\_restore{99AE2350-C63B-48CE-B4F1-4364A54AD487}\RP1\A0000101.exe Infected: Trojan-Downloader.Win32.PurityScan.bv skipped
C:\System Volume Information\_restore{99AE2350-C63B-48CE-B4F1-4364A54AD487}\RP1\A0000104.exe Infected: Trojan-Downloader.Win32.VB.tw skipped
C:\System Volume Information\_restore{99AE2350-C63B-48CE-B4F1-4364A54AD487}\RP2\A0000229.exe Infected: Trojan-Downloader.Win32.PurityScan.co skipped

No on sp2. We will neeed to flush your system restore first as that is where the bad guys are hiding and will go away when we flush that.


Is your computer running ok?


If all is well I will have instructions on how to flush system restore.

yeah system seems to be running fine

OK,


Explained here:
Windows XP: service1.symantec.com/SUPPORT/tsgen...src=sec_doc_nam

Microsoft ME:

http://service1.symantec.com/SUPPORT...rc=sec_doc_nam


Also:



If you are no longer having any more trouble here is some preventative measures for you.

Here are some preventive measures you can take to keep your computer from getting infected again. also keep all these and Ad-awareSE and SpybotS&D updated.

http://forums.thatcomputerguy.us/ind...showtopic=1190

Flush your restore points in ME and XP, by turning System Restore off and then back on.
This will create a fresh restore point.

Explained here:
Windows XP: service1.symantec.com/SUPPORT/tsgen...src=sec_doc_nam

Microsoft ME:

http://service1.symantec.com/SUPPORT...rc=sec_doc_nam


RegProtect

This small registry protection tool will save you hours of heartache by notifying you when some program good or bad is trying to access your registry.

You have the option of allowing(good) items or blocking(bad)items.

http://www.diamondcs.com.au/index.php?page=regprot


To reduce the re-infection potential for malware and protect yourself against spyware, here are a few helpful suggestions:

1. Keep Windows and Internet Explorer current with the latest critical security updates from Microsoft. This will patch many of the security holes through which attackers can gain access to your computer. You CANNOT complete this update using an alternate browser.
http://v5.windowsupdate.microsoft.co....aspx?ln=en-us

http://www.microsoft.com/windows/ie/default.asp


2. Run your antivirus software regularly, and to keep its definitions up-to-date. If you are thinking about switching, there are a some good free Antivirus programs that are decent, including AVG and Avast!.
AVG: http://free.grisoft.com/doc/1

Avast: http://www.avast.com/eng/avast_4_home.html


3. In addtion to using Ad-aware consider using another free malware scanning/removal program:
MS Antispyware beta: http://www.microsoft.com/athome/secu...e/default.mspx


4. Consider using a free firewall if you are not already using one. Some good free ones are:
Kerio
http://www.sunbelt-software.com/Kerio.cfm

OutPost Personal Firewall:
Outpost



5. Consider using an alternate free browser for general web surfing but you must use IE for windows update.
Mozilla Firefox: www.mozilla.org/products/firefox/


6. Consider increasing your browser security by using these programs:
SpywareGuard will protect your homepage from being hijacked: http://www.javacoolsoftware.com/spywareguard.html
SpywareBlaster will increase browser protection by blocking Thousands of known malware sites by adding them to IE's restricted sites zone. Download it here:

http://www.javacoolsoftware.com/spywareblaster.html


If you use SpywareBlaster, you can also use a customblocklist to add even more entries into IE restricted sites zone. Go to this site for the current list and how to use instructions: http://customblockinglist.cjb.net/


IE-SPYAD is similar in that it adds thousands more known malware sites to IE's restricted zone. Download it here:
https://netfiles.uiuc.edu/ehowes/www/resource.htm


*Remember just like your primary anti-virus software, it is important to keep all of these programs up-to-date and use them on a regular basis. It's Free

ok so once i refreshed the restore points is it safe to apply sp2? I dl'ed that regprotect as well.