jj.loved00 request

fyi, I ran CCleaner last night before OTC.
I have not had the initial virus since the first scan at the start of this process. But today we got 2 "delicious.aurella would like to add you to his or her online contact list".
OTC cleared lots of files, before the last of the 3 requersts todfay.
ESET ran and found zero; there is no log to enter here..

Please update and run SAS and MBAM again and post the logs.

The SAS log is:
SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 02/29/2012 at 00:30 AM

Application Version : 5.0.1144

Core Rules Database Version : 8286
Trace Rules Database Version: 6098

Scan type : Complete Scan
Total Scan Time : 01:51:55

Operating System Information
Windows XP Home Edition 32-bit, Service Pack 3 (Build 5.01.2600)
Administrator

Memory items scanned : 518
Memory threats detected : 0
Registry items scanned : 34128
Registry threats detected : 0
File items scanned : 107691
File threats detected : 1

Adware.Tracking Cookie
C:\Documents and Settings\Yule family\Cookies\TRXFEEKN.txt [ /adserver2.pitchero.com
NB I know the pitchero site.

After completing SAS, I got a messsage from delicious.janella. NB I also got one on my work PC - separate location / network entirely.

The MBAM log is:
Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org

Database version: v2012.02.29.07

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Yule family :: YULES [administrator]

29/02/2012 23:38:11
mbam-log-2012-02-29 (23-38-11).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 385951
Time elapsed: 2 hour(s), 2 minute(s), 15 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 1
HKCU\SOFTWARE|24d1ca9a-a864-4f7b-86fe-495eb56529d8 (Malware.Trace) -> Data: -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

Could you please run the ESET scan and post the log?

I ran ESET, and found zero threats.
And afterwards got a "delicious.janella request"!
How can this occur on two different machines, without being related to a common factor, and that most likely would be Yahoo?

All those requests you're receiving on Yahoo mail do not look like a virus. If it is, it's a new one to me.

And afterwards got a "delicious.janella request"!
How can this occur on two different machines, without being related to a common factor, and that most likely would be Yahoo?.

I believe the problem is with Yahoo mail. Why don't you block them?

Hi
I have - I think - blocked them.
And I believe that you have de-virused my PC; so it is unlikely to be the source of the problem.
The request has not re-appeared in the last 24 hours. So I am happy to close this thread . If it does reappear and I can't resolve it via Yahoo, I guess I'll have to come back for some other advice!
thanks for your efforts. and assitance.

We should do some cleanup before you go.

To uninstall ComboFix

• Click the Start button. Click Run. For Vista: type in Run in the Start search, and click on Run in the results pane.
  
• In the field, type in ComboFix /uninstall
  

(Note: Make sure there's a space between the word ComboFix and the forward-slash.)

• Then, press Enter, or click OK.
  
• This will uninstall ComboFix, delete its folders and files, hides System files and folders, and resets System Restore.
  

*************************************************
Use the Secunia Software Inspector to check for out of date software.

•Click Start Now

•Check the box next to Enable thorough system inspection.

•Click Start

•Allow the scan to finish and scroll down to see if any updates are needed.
•Update anything listed.
.
----------

Go to Microsoft Windows Update and get all critical updates.

----------

I suggest using WOT - Web of Trust. WOT is a free Internet security addon for your browser. It will keep you safe from online scams, identity theft, spyware, spam, viruses and unreliable shopping sites. WOT warns you before you interact with a risky website. It's easy and it's free.

SpywareBlaster- Secure your Internet Explorer to make it harder for ActiveX programs to run on your computer. Also stop certain cookies from being added to your computer when running Mozilla based browsers like Firefox.
* Using SpywareBlaster to protect your computer from Spyware and Malware
* If you don't know what ActiveX controls are, see here

Protect yourself against spyware using the Immunize feature in Spybot - Search & Destroy. Guide: Use Spybot's Immunize Feature to prevent spyware infection in real-time. Note: To ensure you have the latest Immunizations always update Spybot - Search & Destroy before Immunizing. Spybot - Search & Destroy FAQ

Check out Keeping Yourself Safe On The Web for tips and free tools to help keep you safe in the future.

Also see Slow Computer? It may not be Malware for free cleaning/maintenance tools to help keep your computer running smoothly.
Safe Surfing!

Thannks for these suggestions. I am working my way through them. Specifically, I have uninstalled Combofix, and run Secunia (several times) and Microsoft Windows.

As a result I have some queries:

1 Secunia continually finds the need to do 3 updates:
- Macromedia Floash v4.0.7.0 upgrade to v10
- Macromedia Flash v7.0.11.0 to v10.x
- a whole series of Windows upgrades.
But I have run Microsoft Upgrade, and fully upgraded; so now, MS Upgrade shows that my system is uptodate. And I have tried to upgrade Flash 2 or 3 times.
Can Secunia be out of sync? And why does it find 2 versions of Flash?

2 In amongst these upgrades, I was prompted by Adobe to check my system. This ran SCUDownloader, which found 296 Registry problems (even after I had run Ccleaner), and some other issues. I didn't take their automatic correction. Should I trust SCU Downloader? And/or should I wait until after I had followed all your earlier suggestions.

3 My wife was prompted by McAfee that they had blocked a "risky connection", IP address 91.217.1784, program system. Does that mean anything , or do I just be grateful that they have blocked something and move on?!

4 "madam_lovey" is now sending me online contact requests!! So I will add her to my blocking list! But is there something that additional that I should be doing, eg with Yahoo?

Thanks, as ever.

Can Secunia be out of sync?

Yes, that's possible. It's just to make sure that all your programs are up-to-date. Malware just loves out-of-date programs.

In amongst these upgrades, I was prompted by Adobe to check my system. This ran SCUDownloader, which found 296 Registry problems (even after I had run Ccleaner), and some other issues. I didn't take their automatic correction. Should I trust SCU Downloader? And/or should I wait until after I had followed all your earlier suggestions.

SCU could be a malicious program. Don't trust it.

My wife was prompted by McAfee that they had blocked a "risky connection", IP address 91.217.1784, program system. Does that mean anything , or do I just be grateful that they have blocked something and move on?!

It's doing what you paid for.

madam_lovey" is now sending me online contact requests!! So I will add her to my blocking list! But is there something that additional that I should be doing, eg with Yahoo?

The only thing I can think of is to keep blocking them. Are you using WOT?

I have not yet downloaded WOT, Spywareblaster or Spybots. Do any of them interfere with McAfee (or vice versa)? If so, what do you recommend? Is McAfee worth paying for?!

I have not yet downloaded WOT, Spywareblaster or Spybots. Do any of them interfere with McAfee (or vice versa)? If so, what do you recommend? Is McAfee worth paying for?!

No. They won't interfere. As for McAfee, keep it until your subscription runs out then download and install MicroSoft Security Essentials.

Hi again! I had some McAfee problems, viz, MCShield was hogging all my CPU. Eventually McAfee appear to have solved that problem (although it happened once yeaterday - hopefully a one off.
In checking for that problem, I had removed all the tools that you recommended here.
In trying to re-install, I am failing to install WOT. It gets stuck after the wizrd has run, displaying Connect and then www.mywot.com/en/settings/welcome.
When I subsequently remove WOT, it displays what might be text, but gets displayed as a series of vertical rectangles.
WOT - sorry for pun - should I do?

WOT - sorry for pun - should I do?

I know WOT I would do; contact them and tell them about your problem.

Hi again; apologies for teh long dealy. I did manage to get WOT installed eventually. It did appear to impact on performance; so I've disabled it for the moment. But I think I should close this thread until I check things out.
Thanks for all the help again!

demoncurrie wrote:

Hi again; apologies for teh long dealy. I did manage to get WOT installed eventually. It did appear to impact on performance; so I've disabled it for the moment. But I think I should close this thread until I check things out.
Thanks for all the help again!

You're welcome.Good luck