PWS.LDPinchIE and Other Fun

[xardoz]

Hopefully this is the ONE!

Scanning Report
Wednesday, December 03, 2008 08:55:11 - 17:11:33

Computer name: MAIN
Scanning type: Scan system for viruses, rootkits, spyware
Target: C:\
Result: 6 malware found
Password-protected-EXE (virus)

* C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\FraudAntiMalwares.zip (Submitted)

Rogue:W32/XPAntivirus.GHL (virus)

* C:\SDFix\backups\backups.zip\backups\sysin.scr

TrackingCookie.2o7 (spyware)

* System

Trojan-Mailfinder.Win32.Mailbot.dj (virus)

* C:\SDFix\backups\backups.zip\backups\1169113219.exe
* C:\SDFix\backups\backups.zip\backups\psyche.exe

Trojan.Win32.Patched.bb (virus)

* C:\Qoobox\Quarantine\C\WINDOWS\system32\_user32_.dll.zip\user32.dll

Statistics
Scanned:

* Files: 111204
* System: 2812
* Not scanned: 174

Actions:

* Disinfected: 0
* Renamed: 0
* Deleted: 0
* None: 6
* Submitted: 1

Files not scanned:

x
?H

Options
Scanning engines:

* F-Secure USS: 2.40.0
* F-Secure Hydra: 2.8.8110, 2008-12-03
* F-Secure AVP: 7.0.171, 2008-12-03
* F-Secure Pegasus: 1.20.0, 2008-10-25
* F-Secure Blacklight: 2.4.1093

Scanning options:

* Scan all files
* Scan inside archives
* Use Advanced heuristics

[peku006]

Hi
The scans are fine and it looks like your machine is clean

Next we remove all used tools.

Now lets uninstall ComboFix:

• Click START then RUN
• Now type Combofix /u in the runbox and click OK

• Double-click OTMoveIt3.exe.
• Click the CleanUp! button.
• Select Yes when the "Begin cleanup Process?" prompt appears.
• If you are prompted to Reboot during the cleanup, select Yes.
• The tool will delete itself once it finishes, if not delete it by yourself.

Note: If you receive a warning from your firewall or other security programs regarding OTCleanIt attempting to contact the internet, please allow it to do so.

Here are some free programs I recommend that could help you improve your computer's security.

Spybot Search and Destroy 1.6
Download it from here. Just choose a mirror and off you go.
Find here the tutorial on how to use Spybot properly here

Install SpyWare Blaster 4.0
Download it from here
Find here the tutorial on how to use Spyware Blaster here

Install WinPatrol
Download it from here
Here you can find information about how WinPatrol works here

Install FireTrust SiteHound
You can find information and download it from here

Install MVPS Hosts File from here
The MVPS Hosts file replaces your current HOSTS file with one containing well know ad sites etc. Basically, this prevents your computer from connecting to those sites by redirecting them to 127.0.0.1 which is your local computer.
Find Tutorial here : http://www.mvps.org/winhelp2002/hosts.htm

Update your Antivirus programs and other security products regularly to avoid new threats that could infect your system.
You can use one of these sites to check if any updates are needed for your pc.
Secunia Software Inspector
F-secure Health Check

Visit Microsoft often to get the latest updates for your computer.
http://www.update.microsoft.com

Please check out Tony Klein's article "How did I get infected in the first place?"

Read some information here how to prevent Malware.


Happy safe surfing!

[tashi]

Thank you peku006.