1. You are viewing our forum as a guest. For full access please Register. WindowsBBS.com is completely free, paid for by advertisers and donations.

Solved Error Message: Specified Authentication Package is Unknown

Discussion in 'Malware and Virus Removal Archive' started by Calypso, 2011/04/01.

Page 3 of 3
  1. 2011/04/05
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    Your computer is clean :)

    1. We need to reset system restore to prevent your computer from being accidentally reinfected by using some old restore point(s). We'll create fresh, clean restore point, using following OTL script:

    Run OTL

    • Under the Custom Scans/Fixes box at the bottom, paste in the following:

    Code:
    :OTL
:Commands
[purity]
[emptytemp]
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]
[Reboot]
    • Then click the Run Fix button at the top
    • Let the program run unhindered, reboot the PC when it is done
    • Post resulting log.

    2. Now, we'll remove all tools, we used during our cleaning process

    Clean up with OTL:

    • Double-click OTL.exe to start the program.
    • Close all other programs apart from OTL as this step will require a reboot
    • On the OTL main screen, press the CLEANUP button
    • Say Yes to the prompt and then allow the program to reboot your computer.

    If you still have any tools or logs leftover on your computer you can go ahead and delete those off of your computer now.

    3. Make sure, Windows Updates are current.

    4. If any Trojan was listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately!

    5. Download, and install WOT (Web OF Trust): http://www.mywot.com/. It'll warn you (in most cases) about dangerous web sites.

    6. Run Malwarebytes "Quick scan" once in a while to assure safety of your computer.

    7. Run Temporary File Cleaner (TFC) weekly.

    8. Download and install Secunia Personal Software Inspector (PSI): http://secunia.com/vulnerability_scanning/personal/. The Secunia PSI is a FREE security tool designed to detect vulnerable and out-dated programs and plug-ins which expose your PC to attacks. Run it weekly.

    9. (optional) If you want to keep all your programs up to date, download and install FileHippo Update Checker.
    The Update Checker will scan your computer for installed software, check the versions and then send this information to FileHippo.com to see if there are any newer releases.

    10. Run defrag at your convenience.

    11. Read How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html

    12. Please, let me know, how your computer is doing.
     
    broni,
    #41
  2. 2011/04/05
    Calypso

    Calypso Inactive Thread Starter

    Joined:
    2011/03/31
    Messages:
    36
    Likes Received:
    0
    1.
    All processes killed
    ========== OTL ==========
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: Administrator
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: All Users

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: Guest
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: LocalService
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: NetworkService
    ->Temp folder emptied: 10860 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes

    User: Yin Chao
    ->Temp folder emptied: 635569 bytes
    ->Temporary Internet Files folder emptied: 13999653 bytes
    ->Java cache emptied: 11801 bytes
    ->FireFox cache emptied: 101838106 bytes
    ->Flash cache emptied: 1121 bytes

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32\dllcache .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 16803 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
    RecycleBin emptied: 0 bytes

    Total Files Cleaned = 111.00 mb


    [EMPTYFLASH]

    User: Administrator

    User: All Users

    User: Default User

    User: Guest

    User: LocalService

    User: NetworkService

    User: Yin Chao
    ->Flash cache emptied: 0 bytes

    Total Flash Files Cleaned = 0.00 mb

    Restore points cleared and new OTL Restore Point set!

    OTL by OldTimer - Version 3.2.22.3 log created on 04062011_115737

    Files\Folders moved on Reboot...

    Registry entries deleted on Reboot...
     
    Calypso,
    #42


  3. to hide this advert.

  4. 2011/04/05
    Calypso

    Calypso Inactive Thread Starter

    Joined:
    2011/03/31
    Messages:
    36
    Likes Received:
    0
    When running the 2. OTL, I got one of those Visual Studio debugger errors again, for an application that was named something like jasud.exe

    Is that any cause for concern?
     
    Calypso,
    #43
  5. 2011/04/05
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    broni,
    #44
  6. 2011/04/05
    Calypso

    Calypso Inactive Thread Starter

    Joined:
    2011/03/31
    Messages:
    36
    Likes Received:
    0
    It should be jusched.exe actually...I got it again when downloading the WOT add on
     
    Calypso,
    #45
  7. 2011/04/05
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    Read my previous reply.
     
    broni,
    #46
  8. 2011/04/05
    Calypso

    Calypso Inactive Thread Starter

    Joined:
    2011/03/31
    Messages:
    36
    Likes Received:
    0
    6. Malwarebytes: how often is once in a while? Monthly?
    8. Secunia PSI: This means that I can uncheck "start the Secunia PSI on boot ", and just run it once a week right?
    12. It's doing great! =)
     
    Calypso,
    #47
  9. 2011/04/05
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    6. I suggest "Quick scan" weekly.
    8. Yes.
    12. Way to go!
    Good luck and stay safe :)
     
    broni,
    #48
  10. 2011/04/05
    Calypso

    Calypso Inactive Thread Starter

    Joined:
    2011/03/31
    Messages:
    36
    Likes Received:
    0
    8,9. What's the difference between Secunia and FileHippo? Theoretically, if I have FileHippo and update everything on time, I don't really need Secunia? On the other hand, if I prefer not to update my programs so frequently, I can just use Secunia to only get security updates, rather than version updates? Is that the correct interpretation?
     
    Calypso,
    #49
  11. 2011/04/05
    Calypso

    Calypso Inactive Thread Starter

    Joined:
    2011/03/31
    Messages:
    36
    Likes Received:
    0
    I notice that it is recommended to run the anti-malware program regularly, how about virus scan (MSE)?
     
    Calypso,
    #50
  12. 2011/04/06
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    Secunia looks for security vulnerabilities and it doesn't look for all programs, FileHippo is looks for all programs updates. Not every update is security related. Surely, minor updates can be skipped.

    Normally, you don't have to scan with MSE, unless you suspect something being out of whack.
     
    broni,
    #51
  13. 2011/04/06
    Calypso

    Calypso Inactive Thread Starter

    Joined:
    2011/03/31
    Messages:
    36
    Likes Received:
    0
    Ok thanks for all the help broni! :)
     
    Calypso,
    #52
  14. 2011/04/06
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    You're very welcome :)
     
    broni,
    #53
Page 3 of 3

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...