[little_gardener_24]

Here is the KAS log:


Detected
--------
Status Object
------ ------
deleted: adware not-a-virus:AdWare.Win32.IWon.e File: c:\windows\downloaded program files\wonweblaunchercontrol.ocx
deleted: Trojan program Trojan-Downloader.WMA.Wimad.v File: C:\Documents and Settings\Brenda\My Documents\LimeWire\Saved\paw dragline rare record.wma
disinfected: Trojan program Trojan-Downloader.WMA.GetCodec.c File: C:\Documents and Settings\Brenda\Shared\crushcrushcrush paramour.mp3
disinfected: Trojan program Trojan-Downloader.WMA.GetCodec.c File: C:\Documents and Settings\Brenda\Shared\desperados waiting for train.mp3
disinfected: Trojan program Trojan-Downloader.WMA.GetCodec.u File: C:\Documents and Settings\Brenda\Shared\justin timberlake ti (best quality).mp3
deleted: Trojan program Trojan-Downloader.Win32.Agent.bqxc File: C:\Qoobox\Quarantine\C\WINDOWS\SYSTEM32\kihipapo.dll.tmp.vir
deleted: Trojan program Trojan-Downloader.Win32.Agent.bqxc File: C:\Qoobox\Quarantine\C\WINDOWS\SYSTEM32\rijikoyi.dll.tmp.vir
deleted: Trojan program Packed.Win32.TDSS.aa File: C:\Qoobox\Quarantine\C\WINDOWS\SYSTEM32\rikojine(2).dll.vir
deleted: Trojan program Trojan-Downloader.Win32.Agent.bqxc File: C:\Qoobox\Quarantine\C\WINDOWS\SYSTEM32\yelosuso.dll.tmp.vir
deleted: Trojan program Backdoor.Win32.Small.ejx File: C:\Qoobox\Quarantine\C\WINDOWS\SYSTEM32\_cru629_.dat.zip/cru629.dat
deleted: Trojan program Trojan-Spy.Win32.Zbot.abcz File: C:\Qoobox\Quarantine\C\WINDOWS\SYSTEM32\_sdra64_.exe.zip/sdra64.exe
deleted: Trojan program Trojan.Win32.Sirefef.a File: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1089\A0213995.dll
deleted: Trojan program Packed.Win32.TDSS.aa File: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1090\A0214072.dll
deleted: new threat not-a-virus:FraudTool.Win32.AdvancedAntivirus.js File: C:\WINDOWS\SYSTEM32\CONFIG\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\4BSPEZOF\SetupAdvancedVirusRemover[1].exe
deleted: new threat not-a-virus:FraudTool.Win32.AdvancedAntivirus.js File: C:\WINDOWS\SYSTEM32\CONFIG\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\4BSPEZOF\SetupAdvancedVirusRemover[2].exe
deleted: Trojan program Trojan-Ransom.Win32.Agent.fa File: C:\WINDOWS\SYSTEM32\CONFIG\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\6JYLAZOX\aesdfghjgf[1].dll
deleted: Trojan program Trojan-Ransom.Win32.Agent.fa File: C:\WINDOWS\SYSTEM32\CONFIG\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\O9YJK1IJ\aesdfghjgf[1].dll
deleted: Trojan program Trojan-Ransom.Win32.Agent.fa File: C:\WINDOWS\SYSTEM32\CONFIG\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\O9YJK1IJ\dfghfghgfj[1].dll

[Advertisements]

Hi,

Congratulations, your computer appears clean

Let's remove the tools we've been using.

Please follow these steps.

-- Step 1 --

Follow these steps to uninstall Combofix and tools used in the removal of malware

• Click START then RUN
• Now type Combofix /u in the runbox and click OK. Note the space between the X and the U, it needs to be there.
  

-- Step 2 --

• Download OTC to your desktop and run it
• Click Yes to beginning the Cleanup process and remove these components, including this application.
• You will be asked to reboot the machine to finish the Cleanup process. Choose Yes.

Here are some measures you can take to ensure that your computer remains clean.

1. Updates

Windows Updates

It is essential that you regularly check and install the latest Windows Updates. Vulnerabilities within Windows can leave your computer open to infection. Regular updates are released to fix these security vulnerabilities. It is recommended that you set Windows to check, download and install your updates automatically.

• Click Start
• Select Control Panel
• Click on Automatic (recommended)
• Set the day and time for the update check. Set this to a time when your computer will normally be on and connected to the internet.
• Click Apply then OK.

Java Updates

As with Windows, Java also needs to be regularly updated to fix security vulnerabilites. You can download the latest version of the Java Runtime Environment (JRE) from here. Download, install and reboot your computer. You also need to uininstall older versions of Java.

• Click Start
• Select Control Panel
• Select Add or Remove Programs
• Remove all Java updates except the latest one you have just installed.

Adobe Updates

Your Adobe reader needs updating. You should ensure you use the latest Adobe Acrobat Reader and install any security updates that are released. You can download the latest reader and updates from here.

Other Updates

Regularly check for updates for all your security programs including firewall, antivirus, antispyware etc

2. Security Programs

Here is a list of security programs that I would recommend.

Firewall

A firewall is essential to stop hackers infiltrating your computer. The following firewalls are free for personal use. Do not install more than one firewall.

Zone Alarm is an excellent free basic firewall which is very easy to use.
Online-Armor Free is a more advanced firewall which includes a Host Intrusion Protection System (HIPS). This ensures that unrecognised programs will not run unless you give permission.

Antivirus

An antivirus program is essential. The following antivirus programs are free for personal use. Do not use more than one antivirus and always update virus definitions regularly.

AVG
Avira Free
Avast

Anti-Malware

Malwarebytes Anti-Malware MBAM is an excellent anti-malware tool that should be updated and a Quick Scan performed regularly. A Full Scan does not have to be carried out on such a regular basis as the developers aim to detect the vast majority of malware with the Quick Scan. The scanner is free for on-demand scans only.

Ad-Aware, Spybot, SuperAntispyware and A-Squared Free are also very good anti-malware programs that are free for on-demand scans. Spybot has a real-time protection feature called TeaTimer.

Prevention

SpywareBlaster is an excellent free tool for preventing the installation of spyware.
SpywareGuard offers real-time protection so that spyware is detected and blocked before it can do any harm.

Cleaner

ATF Cleaner removes temporary Internet Explorer, Firefox and Windows files.

Browser

Firefox is an alternative browser to Internet Explorer and is more secure.
NoScript is an add-on for Firefox and prevents execution of malicious scripts.
MVPS is a HOSTS file to replace your existing file. This prevents you connecting to a list of well-known ad sites.

[hammerman]

Hi,

Congratulations, your computer appears clean

Let's remove the tools we've been using.

Please follow these steps.

-- Step 1 --

Follow these steps to uninstall Combofix and tools used in the removal of malware

• Click START then RUN
• Now type Combofix /u in the runbox and click OK. Note the space between the X and the U, it needs to be there.
  

-- Step 2 --

• Download OTC to your desktop and run it
• Click Yes to beginning the Cleanup process and remove these components, including this application.
• You will be asked to reboot the machine to finish the Cleanup process. Choose Yes.

Here are some measures you can take to ensure that your computer remains clean.

1. Updates

Windows Updates

It is essential that you regularly check and install the latest Windows Updates. Vulnerabilities within Windows can leave your computer open to infection. Regular updates are released to fix these security vulnerabilities. It is recommended that you set Windows to check, download and install your updates automatically.

• Click Start
• Select Control Panel
• Click on Automatic (recommended)
• Set the day and time for the update check. Set this to a time when your computer will normally be on and connected to the internet.
• Click Apply then OK.

Java Updates

As with Windows, Java also needs to be regularly updated to fix security vulnerabilites. You can download the latest version of the Java Runtime Environment (JRE) from here. Download, install and reboot your computer. You also need to uininstall older versions of Java.

• Click Start
• Select Control Panel
• Select Add or Remove Programs
• Remove all Java updates except the latest one you have just installed.

Adobe Updates

Your Adobe reader needs updating. You should ensure you use the latest Adobe Acrobat Reader and install any security updates that are released. You can download the latest reader and updates from here.

Other Updates

Regularly check for updates for all your security programs including firewall, antivirus, antispyware etc

2. Security Programs

Here is a list of security programs that I would recommend.

Firewall

A firewall is essential to stop hackers infiltrating your computer. The following firewalls are free for personal use. Do not install more than one firewall.

Zone Alarm is an excellent free basic firewall which is very easy to use.
Online-Armor Free is a more advanced firewall which includes a Host Intrusion Protection System (HIPS). This ensures that unrecognised programs will not run unless you give permission.

Antivirus

An antivirus program is essential. The following antivirus programs are free for personal use. Do not use more than one antivirus and always update virus definitions regularly.

AVG
Avira Free
Avast

Anti-Malware

Malwarebytes Anti-Malware MBAM is an excellent anti-malware tool that should be updated and a Quick Scan performed regularly. A Full Scan does not have to be carried out on such a regular basis as the developers aim to detect the vast majority of malware with the Quick Scan. The scanner is free for on-demand scans only.

Ad-Aware, Spybot, SuperAntispyware and A-Squared Free are also very good anti-malware programs that are free for on-demand scans. Spybot has a real-time protection feature called TeaTimer.

Prevention

SpywareBlaster is an excellent free tool for preventing the installation of spyware.
SpywareGuard offers real-time protection so that spyware is detected and blocked before it can do any harm.

Cleaner

ATF Cleaner removes temporary Internet Explorer, Firefox and Windows files.

Browser

Firefox is an alternative browser to Internet Explorer and is more secure.
NoScript is an add-on for Firefox and prevents execution of malicious scripts.
MVPS is a HOSTS file to replace your existing file. This prevents you connecting to a list of well-known ad sites.

[little_gardener_24]

We want to thank you again for all of your help! Sure wish we knew half of the stuff the staff here knows! You all are amazing.

[hammerman]

Glad to help. Stay safe

[hammerman]

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.