Ping David Lipman

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
Hi there

Have you any experience with this particular crittur?

I have started a thread with more info here:
http://forums.spybot.info/showthread.php?t=26236

If you are able to assist, I would appreciate your advice.

Cheers

Martin
aussiebloke@<NOSPAM>hotmail.com





Quoted text here. Click to load it



Re: Ping David Lipman


| Hi there
|
| Have you any experience with this particular crittur?
|
| I have started a thread with more info here:
| http://forums.spybot.info/showthread.php?t=26236
|
| If you are able to assist, I would appreciate your advice.
|
| Cheers
|
| Martin
| aussiebloke@<NOSPAM>hotmail.com
|

Hi Martin:

I sent a ping to SpyBot personnel so someone will help you shortly.

You ran the VundoFix utility which is associated with a different malware family.
You have a ZLob Trojan associated with the SmitFraud family of malware.

However, I must note that you are using a very old and vulnerable version of Sun
Java.  A
version well known for its exploitation leading to infection.

It is highly suggested that you update to the latest version which is Sun Java
JRE/JSE
Version 6.0 update 5 (jre 6u5)

Simple check, look under...
C:\Program Files\Java

The only folder under that folder should be the latest version.  All older
versions should
be deleted.

Such as...
C:\Program Files\Java\jre1.6.0_05

http://java.sun.com/javase/downloads/index.jsp
http://www.java.com/en/download/manual.jsp

Additionally there is;  O21 - SSODL: bokpkov
Which may be the peer protecting the Winlogon/System parameter.

I won't look any further.  I let you get your peresonal assistance in the SpyBot
forum.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp



Re: Ping David Lipman

Thank you David, I appreciate your assistance.

I have to rush off to work now, but will follow up on your advice later.


Cheers

Martin


Quoted text here. Click to load it



Re: Ping David Lipman


Quoted text here. Click to load it
I updated to Java ver.6 update 5, and it put a program on my
computer..........Puzzle Pirates...........  Now, how do I get it out?  I
have tried to uninstall it with out any success.  It showed to be
uninstalled in Add/Remove Programs (does not appear).  But it is still in
the Start > All Programs list, and when I click on it, it will still open.
I do a search for files, they appear, but will not allow me to delete them.



Re: Ping David Lipman



| I updated to Java ver.6 update 5, and it put a program on my
| computer..........Puzzle Pirates...........  Now, how do I get it out?  I
| have tried to uninstall it with out any success.  It showed to be
| uninstalled in Add/Remove Programs (does not appear).  But it is still in
| the Start > All Programs list, and when I click on it, it will still open.
| I do a search for files, they appear, but will not allow me to delete them.
|

I don't know where "Puzzle Pirates" came from but it didn't come from Sun.

http://forums.puzzlepirates.com/community/mvnforum/viewthread?p=66863

--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp



Re: Ping David Lipman

I finally got Puzzle Pirates removed!
It had to be, someway attached to the download.  I didn't have it before I
downloaded the ver.6, update 5.
Each time I tried to remove it, I would get the message that jar (I think
that's what it was) was running and could not be removed..
I then uninstalled ver.6 update 5, went back and did a system search on
Puzzle Pirates.  This time it allowed me to delete it out.  I then
reinstalled the ver.6 update 5 from another Sun Java site and it installed
correctly, there was no Puzzle Pirates.
All is well now..........

Quoted text here. Click to load it



Re: Ping David Lipman

_____________________________________________

Quoted text here. Click to load it

Hi David

I have finally heard from the Spybot forum helper (Blade81) who advised that
I should run fixwareout and then post the report from that program as well
as a repeat of the HijackThis.log, which I have done.

While waiting for their follow up, I will heed your advice and update Sun
Java.

I'm sorry, but I do not savvy this, can you expand a little please?
Quoted text here. Click to load it

Many thanks for your generous assistance.

Cheers

Martin

aussiebloke@<NO SPAM>hotmail.com



Re: Ping David Lipman



| Hi David
|
| I have finally heard from the Spybot forum helper (Blade81) who advised that
| I should run fixwareout and then post the report from that program as well
| as a repeat of the HijackThis.log, which I have done.
|
| While waiting for their follow up, I will heed your advice and update Sun
| Java.
|
| I'm sorry, but I do not savvy this, can you expand a little please?
Quoted text here. Click to load it
|
| Many thanks for your generous assistance.
|
| Cheers
|
| Martin
|
| aussiebloke@<NO SPAM>hotmail.com
|

Hi Martin:

Reference your HJT Log...
O21 - SSODL: bokpkov - - (no file)

That line is bad.

Please follow the advise of; Blade81

--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp



Re: Ping David Lipman


<SNIP>

Quoted text here. Click to load it



Thanks David

Blade81 and I are on it  :)

Cheers

Martin

PS: I'm in Darwin in the north of Australia - where are you?



Re: Ping David Lipman


|
| Thanks David
|
| Blade81 and I are on it  :)
|
| Cheers
|
| Martin
|
| PS: I'm in Darwin in the north of Australia - where are you?
|

So you are good to go now ?

I'm in New Jersey USA, south of New York City on the Atlantic Ocean.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp



Re: Ping David Lipman

Quoted text here. Click to load it
Greetings David

Not quite good to go just yet - still following up on Blade's final clean up
and beef-up-security instructions, this laptop is used by a couple of teen
boys, so I want to make it as bullet-proof as possible.

All malware appears to have been successfully removed.

108mb of M$ Office updates and all Windows Critical Updates have been
applied.

Spybot is still buggy, it crashes after a scan, no orderly shut-down.
I will reinstall from a fresh download and see how it goes.
Blade has alerted me to a Spybot bug forum if issue persists.

I am currently downloading and will install Comodo BOClean, SpywareBlaster
and iespyad.

The owner has a paid version of Norton which I am not too keen on using, and
will suggest to them that they don't pay again, but switch to a good freebie
AV product - AVG or Avast, unless you have a better suggestion ;)

I have had Norton Firewall enabled, and it has NOT notified me of a number
of programs accessing the internet for the first time, not happy with that.
I want the boys to get an in-your-face warning on that event.  To that end I
will install Zone Alarm (again, unless you have another suggestion for a
third party freebie firewall).

I appreciate your time and your interest and your comments David.  I have
been a frequent lurker in alt.comp.anti-virus for years, but this is the
first time I needed to seek advice and there it was, freely given.  It is a
fine thing to be "information rich" and willing to share.  At the risk of
becoming sentimental, a friend of mine once said that the Internet is full
of "random acts of senseless kindness."  Guys like you and Blade81 operate
in that spirit.

--

Cheers

Martin
aussiebloke@<NOSDPAM>hotmail.com
http://www.topendfolkclub.org



Re: Ping David Lipman



| Greetings David
|
| Not quite good to go just yet - still following up on Blade's final clean up
| and beef-up-security instructions, this laptop is used by a couple of teen
| boys, so I want to make it as bullet-proof as possible.
|
| All malware appears to have been successfully removed.
|
| 108mb of M$ Office updates and all Windows Critical Updates have been
| applied.
|
| Spybot is still buggy, it crashes after a scan, no orderly shut-down.
| I will reinstall from a fresh download and see how it goes.
| Blade has alerted me to a Spybot bug forum if issue persists.
|
| I am currently downloading and will install Comodo BOClean, SpywareBlaster
| and iespyad.
|
| The owner has a paid version of Norton which I am not too keen on using, and
| will suggest to them that they don't pay again, but switch to a good freebie
| AV product - AVG or Avast, unless you have a better suggestion ;)
|
| I have had Norton Firewall enabled, and it has NOT notified me of a number
| of programs accessing the internet for the first time, not happy with that.
| I want the boys to get an in-your-face warning on that event.  To that end I
| will install Zone Alarm (again, unless you have another suggestion for a
| third party freebie firewall).
|
| I appreciate your time and your interest and your comments David.  I have
| been a frequent lurker in alt.comp.anti-virus for years, but this is the
| first time I needed to seek advice and there it was, freely given.  It is a
| fine thing to be "information rich" and willing to share.  At the risk of
| becoming sentimental, a friend of mine once said that the Internet is full
| of "random acts of senseless kindness."  Guys like you and Blade81 operate
| in that spirit.
|

Thank you for the kind words Martin.

My preference is the Avira's AntiVir over AVG and Avast.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp



Re: Ping David Lipman


| Hi there
|
| Have you any experience with this particular crittur?
|
| I have started a thread with more info here:
| http://forums.spybot.info/showthread.php?t=26236
|
| If you are able to assist, I would appreciate your advice.
|
| Cheers
|
| Martin
| aussiebloke@<NOSPAM>hotmail.com
|

Martin:

Tashi indicated you have missed the following "sticky" subject.

http://forums.spybot.info/showthread.php?t=1137


--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp



Re: Ping David Lipman


Quoted text here. Click to load it

Hi Dave

I did follow the instructions on the sticky, as far as I could (i.e.
Kapersky crashed more than three times and I could not get past that).

Are you suggesting that I should link to my query from the forum waiting
room?

I have not done so yet as the regulation four days have not elapsed :)

Cheers

Martin



Re: Ping David Lipman



| Hi Dave
|
| I did follow the instructions on the sticky, as far as I could (i.e.
| Kapersky crashed more than three times and I could not get past that).
|
| Are you suggesting that I should link to my query from the forum waiting
| room?
|
| I have not done so yet as the regulation four days have not elapsed :)
|
| Cheers
|
| Martin
|

Hi Martin:

I have contact with tashi but I am not a member of the spyBot forums so I can't
really tell
you what your next move is.

I am also sorry that nobody has responded yet...  not even Tashi.  :-(

--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp



Site Timeline