[Aaron]

How is your computer running now, do you still have problems?

[Advertisements]

Hi maser

This is the response I got from my colleague here at work.

I Just looked at the message board and his reply to the last post was, "How is your computer running now, do you still have problems?"

In response, it seems ok, I was on it browsing last night for a considerable time with no problems but I've done nothing to solve it since downloading Kaspersky Pure when it slowed to a near stop as the online scan didn't find anything.

I could do with installing / running some programs tonight to make sure.


If you don't mind, could you leave this thread open and I will get back to you after the weekend when he has worked with his machine some more?

Cheers

[UserMike]

Hi maser

This is the response I got from my colleague here at work.

I Just looked at the message board and his reply to the last post was, "How is your computer running now, do you still have problems?"

In response, it seems ok, I was on it browsing last night for a considerable time with no problems but I've done nothing to solve it since downloading Kaspersky Pure when it slowed to a near stop as the online scan didn't find anything.

I could do with installing / running some programs tonight to make sure.


If you don't mind, could you leave this thread open and I will get back to you after the weekend when he has worked with his machine some more?

Cheers

[Aaron]

I've done nothing to solve it since downloading Kaspersky Pure when it slowed to a near stop as the online scan didn't find anything.

To solve what? Haven't you uninstalled Kaspersky Pure yet?

If you don't mind, could you leave this thread open and I will get back to you after the weekend when he has worked with his machine some more?

Of course, but I can't open or close this threat. If the topic is closed you can just PM me or Essexboy and it will be opened again.

[UserMike]

To solve what?

To solve the problem of the extremely slow machine and the virus named in this thread.

Haven't you uninstalled Kaspersky Pure yet?

Yes, that was uninstalled straight away when he knew he'd done it wrong.

As it stands, the machine does seem to be running ok while he is browsing. What he is going to do is run some processor hogging programs to see how his machine is running. I have also asked him to do another Avast boot time scan to see if it picks up anything else.

I will come back to you with the results sir.

Cheers

Edited by UserMike, 18 May 2010 - 11:48 AM.

[UserMike]

Hi maser.

He ran Avast last night but did not have time to run any hogging programs. Avast came up with nothing and the machine does seem to be ok.

Many thanks for your help, it is much appreciated

Edited by UserMike, 19 May 2010 - 02:24 AM.

[Aaron]

Hi UserMike, your logs look clean

I'm happy I could help. I'm giving you some tips about preventing new infections.
But before we go any further you need to remove the tools we used, this can be done with OTC:

• Download OTC to your desktop and run it
• Click Yes to beginning the Cleanup process and remove these components, including this application.
• You will be asked to reboot the machine to finish the Cleanup process. Choose Yes.

1. Cleaning System Restore

Now lets Reset and Re-enable your System Restore to remove any infected files that have been backed up by Windows. The files in System Restore are protected to prevent any programs from changing those files. This is the only way to clean these files: (You will lose all previous restore points which are likely to be infected, but that''s good news).

• Select Start > All Programs > Accessories > System tools > System Restore.
• On the dialogue box that appears select Create a Restore Point
• Click NEXT
• Enter a name e.g. Clean
• Click CREATE

You now have a clean restore point, to get rid of the bad ones:

• Select Start > All Programs > Accessories > System tools > Disk Cleanup.
• In the Drop down box that appears select your main drive e.g. C
• Click OK
• The System will do some calculation and the display a dialogue box with TABS
• Select the More Options Tab.
• At the bottom will be a system restore box with a CLEANUP button click this
• Accept the Warning and select OK again, the program will close and you are done

2. Cleaning your temporary files

We already cleaned your temporary files when we removed the malware on your computer but you could do this step once a month to keep your computer clean and faster. It will also greatly decrease the time a program needs to scan for malware like e.g. MBAM.

Download TFC by OldTimer to your desktop

• Please right-click TFC.exe and choose Run As Administrator.
• It will close all programs when run, so make sure you have saved all your work before you begin.
• Click the Start button to begin the process. Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two. Let it run uninterrupted to completion.
• Once it''s finished it should reboot your machine. If it does not, please manually reboot the machine yourself to ensure a complete clean.

You can find more information about TFC here.
Another great program you could use instead is Ccleaner, you best download and install Ccleaner Slim that does not contain the Yahoo! Toolbar.

3. Updating your programs

It is recommended to update all your programs, as this will result in a faster working computer and optimal protection.

• Go to Control Panel and select System and Maintenance, then select Windows Update and install every update. This is highly recommended to do once a month !
  
• Be sure to update Java! Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version of Java components and upgrade the application.
  Upgrading Java :
  
  • Download the latest version of Java SE Runtime Environment (JRE) here.
  • In the "Java Platform, Standard Edition" box, click on the "Download JRE" button to the right.
  • Select your Platform, Register and check the box that says: "I agree to the Java SE Runtime Environment 6 License Agreement.".
  • Click on Continue.
  • Click on the link to download Windows Offline Installation and save it to your desktop. Do NOT use the Sun Download Manager..
  • Close any programs you may have running - especially your web browser.
  • Go to Start > Control Panel, double-click on Add/Remove programs and remove all older versions of Java.
  • Check any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove each Java version.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on the download to install the newest version.
• It is also important to update Adobe Reader. Please go to Start > Control Panel > Add/Remove Programs and remove Adobe Reader. Then download and install the latest version here.
  
• There are also 2 programs which can help you updating your programs. These will notify you when an update is found an suggest you a download link: Secunia and the Filehippo Update Checker.

4. How to prevent an new infection

• Spywareblaster: This program prevents helps preventing spyware.
• MVPS Hosts file: This hosts file should replace your current hosts file. When done, a lot of 'bad' sites will be blocked so you can't access them and you won't be infected.
• A firewall is important to prevent malware connecting the internet (for sending personal information or to copy itself to other computers) and blocking unauthorised access to your computer, however this is can only come in handy for -very- experienced users. The windows firewall is fine for the most users, but it doesn't allow you to monitor outgoing connections. If you want a third-party firewall then I recommend you Online Armor.
• A good (free) anti-virus is also needed, I recommend you Avira OR AVG OR Avast. Only install 1 anti-virus program! A few good AV's to buy are Avira, Kaspersky and Norton. However this changes very quickly, you can find test reports ones a month here.
• Sandboxie runs your programs in an isolated space which prevents them from making permanent changes to other programs and data in your computer. I therefore greatly increases your security ! Anything done in the 'Sandbox' can easily be undone, for more information see the Help & FAQ
• Think twice when before downloading things like torrents and using P2P program's and watch out what sites you visit.

5. Detecting and deleting infections

I recommend you to scan monthly with these two programs:

• Malwarebytes Anti Maware
• SUPERAntiSpyware FREE

And your own anti-virus program of course.

Always update these programs before you start scanning, this is very important !!

6. Extra Protection

• You can also use FireFox as this one is safer and faster then Internet Explorer. Or Opera or Google chrome
  
  If you choose to use Firefox you can also use some great add-ons that make Firefox even better ! You can find all the add-ons here, but I highly recommend these add-ons to keep your PC even more secure.
  
  • Adblock Plus - this will block most ads
  • WOT - this tells you whether the sites you are about to visit are safe or not. A must if you do a lot of Googling
  • NoScript- This tool provides extra protection to your Firefox (for more experienced users).
    It allows JavaScript, Java and other executable content to run only from trusted domains of your choice, e.g. your home-banking web site, guarding your "trust boundaries" against cross-site scripting attacks (XSS) and Clickjacking attempts.
    
• Make sure you always have backups! If anything goes wrong, you will always have your most precious data stored safe.
  
• Read this topic and follow those steps to improve the speed of your computer.

Also see How did I get infected in the first place?
Happy surfing again !

- Maser00

[Essexboy]

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.