Every time i go to a site i get this error
firefox.exe has encountered a problem and needs to close. We are sorry for the inconvenience.
if you were in the middle of something.the information you were working on might be lost.
Here's HJT Log
Once it's done scanning, click the Remove Vundo button.
You will receive a prompt asking if you want to remove the files, click YES
Once you click yes, your desktop will go blank as it starts removing Vundo.
When completed, it will prompt that it will reboot your computer, click OK.
Please post the contents of C:\vundofix.txt and a new HiJackThis log.
Note: It is possible that VundoFix encountered a file it could not remove.
In this case, VundoFix will run on reboot, simply follow the above instructions starting from "Click the Scan for Vundo button." when VundoFix appears at reboot.
Run hijackthis and make sure nothing is open and up and running but hijackthis, click the scan button and place checks next to these:
Click open.
Then click the 'Send' button next to it.
This will scan the file. Please be patient.
Once scanned, copy and paste the results as well in your next reply.
HJT log
Logfile of HijackThis v1.99.1
Scan saved at 6:17:48 PM, on 5/14/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)
Attempting to delete C:\WINDOWS\system32\pucvecpb.dll
C:\WINDOWS\system32\pucvecpb.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\rttss.bak1
C:\WINDOWS\system32\rttss.bak1 Has been deleted!
Attempting to delete C:\WINDOWS\system32\rttss.bak2
C:\WINDOWS\system32\rttss.bak2 Has been deleted!
Attempting to delete C:\WINDOWS\system32\rttss.ini
C:\WINDOWS\system32\rttss.ini Has been deleted!
Attempting to delete C:\WINDOWS\system32\ssttr.dll
C:\WINDOWS\system32\ssttr.dll Has been deleted!
Performing Repairs to the registry.
Done!
i went to http://virusscan.jotti.org/ and when u click send it gives me this
The file you uploaded is 0 bytes. It is very likely a firewall or a piece of malware is prohibiting you from uploading this file
Find this file thru windows explorer or start>search function and right click it and select properties then version and report back what it says if anything.
If you would like to keep your cookies don't check that item
* Under Main "Select Files to Delete" choose: Select All.
* Click the Empty Selected button.
* If you use Firefox browser click Firefox at the top and choose: Select All
* Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
* If you use Opera browser click Opera at the top and choose: Select All
* Click the Empty Selected button. NOTE: If you would like to keep your saved passwords, please click No at the prompt.
Click Exit on the Main menu to close the program.
Let me know please what if anything is available on that file.
My computer acts good And when i click on properties on C:\WINDOWS\system32\imelereg.dll it doesnt show any version on the summary tab everything there is blank
Now reboot into safe mode by tapping your F8 key upon restart and safe mode screen appears, select safe mode and press enter.
Navigate to these files or folders using Windows Explorer (OR Start -> Search) and delete (if present):
DELETE FILES:
C:\WINDOWS\system32\imelereg.dll
Reboot normal mode and you should be good to go I will have some closeing tips and free tools for your consideration to help keep your computer safer.
If you don't have an anti-virus program information on how to get a good and free one will be included. You need to do that immediately if you don't have one. AVG anti-spyware isn't enough.
Thanks! Only Softwares i have is AVG,Spyware Blaster, And pc tools firewall plus
Logfile of HijackThis v1.99.1
Scan saved at 11:44:46 PM, on 5/14/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)
One other thing is you need to uninstall the old version of sun java you have(1.5). That is how you got infected with the Vundo trojan. The 1.6 you have is fine and the latest version.
If you are no longer having any more trouble here is some preventative measures for you.
Be sure to re-hide hidden files/folders if you were asked to unhide them
Here are some preventive measures you can take to keep your computer from getting infected again. also keep all these and Ad-awareSE and SpybotS&D updated.
To reduce the re-infection potential for malware and protect yourself against spyware, here are a few helpful suggestions:
1. Keep Windows and Internet Explorer current with the latest critical security updates from Microsoft. This will patch many of the security holes through which attackers can gain access to your computer. You CANNOT complete this update using an alternate browser. http://v5.windowsupdate.microsoft.co....aspx?ln=en-us
2. Run your antivirus software regularly, and to keep its definitions up-to-date. If you are thinking about switching, there are a some good free Antivirus programs that are decent, including AVG and Avast!. AVG:http://free.grisoft.com/doc/1
5. Consider using an alternate free browser for general web surfing but you must use IE for windows update. Mozilla Firefox: www.mozilla.org/products/firefox/
6. Consider increasing your browser security by using these programs: SpywareGuard will protect your homepage from being hijacked: http://www.javacoolsoftware.com/spywareguard.html SpywareBlaster will increase browser protection by blocking Thousands of known malware sites by adding them to IE's restricted sites zone. Download it here:
If you use SpywareBlaster, you can also use a customblocklist to add even more entries into IE restricted sites zone. Go to this site for the current list and how to use instructions: http://customblockinglist.cjb.net/
You can prevent your computer from visiting a myriad of untrustworthy sites and ad-servers by installing a customised hosts file. One of the best available is the: MVPS Hosts File. Simply follow the instructions to install the file in the correct location. This will not only make surfing safer but will improve website load times and block popups from many of the large ad-servers.
*Remember just like your primary anti-virus software, it is important to keep all of these programs up-to-date and use them on a regular basis. It's Free
Newbie
