That's in the system restore and not a problem unless you do a restore. We'll clear those next anyway
Your logs are now clean - you are clear or seem to be. Please advise me if you still have any problems.
We'll move on to the cleanup now. There's quite A bit to do here, just take your timeFollow these steps to uninstall ComboFix and tools used in the removal of malware
- Click START then RUN
- Now type ComboFix /Uninstall in the run box and click OK. Note the space between the ComboFix and the /U, it needs to be there.
Run OTL and click the cleanup button. It will remove all the programmes we have used plus itself. Create New System Restore Point and Clear Earlier Ones
Now to get you off to a good start we will clean your restore points
so that all the bad stuff is gone for good. Then if you need to restore at some stage you will be clean. There are several ways to reset your restore points
, but this is my method:
- Select Start > All Programs > Accessories > System tools > System Restore.
- On the dialogue box that appears select Create a Restore Point
- Click NEXT
- Enter a name e.g. Clean
- Click CREATE
You now have a clean restore point. Remove any bad ones
- Select Start > All Programs > Accessories > System tools > Disk Cleanup.
- In the Drop down box that appears select your main drive e.g. C
- Click OK
- The System will do some calculation and the display a dialogue box with TABS
- Select the More Options Tab.
- At the bottom will be a system restore box with a CLEANUP button click this
- Accept the Warning and select OK again, the program will close and you are done
Now that your system is clear, there are a number of steps you can take to prevent re-infection
It is critical that you have both a firewall and anti virus to protect your system and to keep them updated.Visit Microsoft's Windows Update Site Frequently
- It is important that you visit http://www.windowsupdate.com
regularly. This will ensure your computer has always the latest security updates available installed on your computer. If there are new updates to install, install them immediately, reboot your computer, and revisit the site until there are no more critical updates.Winpatrol
will alert you to hijackings, malware attacks and critical changes made to your computer without your permission. Help file and tutorial can be found HereSpywareBlaster
will add a large list of programs and sites into your Internet Explorer settings that will protect you from running and downloading known malicious programs.MVPS Hosts File
- Blocks known bad sites by adding them to your Hosts file thereby preventing you from accessing them TFC
(Temp File Cleaner)- Cleans an enormous amount of junk held in temporary files and disposes of any malware lurking there. Anti Spyware Program
- We recommend MalwareBytes Anti-Malware
Consider using FIREFOX
, both are free to use and are more secure than IE. If you are using Firefox you can stay more secure by adding NoScript
and WOT (Web Of Trust)
. NoScript stops Java scripts from starting on a web page unless you give permission for them, and WOT has a comprehensive list of ratings for different websites allowing you to easily see if a website that you are about to go to has a bad reputation; in fact it will warn you to check if you are sure that you want to continue to a bad website.Make your Internet Explorer more secure
- This can be done by following these simple instructions:
- Run Internet Explorer
- Click on the Tools menu and then click on Options.
- Click once on the Security tab
- Click once on the Internet icon so it becomes highlighted.
- Click once on the Custom Level button.
- Change the Download signed ActiveX controls to Prompt
- Change the Download unsigned ActiveX controls to Disable
- Change the Initialize and script ActiveX controls not marked as safe to Disable
- Change the Installation of desktop items to Prompt
- Change the Launching programs and files in an IFRAME to Prompt
- Change the Navigate sub-frames across different domains to Prompt
- When all these settings have been made, click on the OK button
- If it prompts you as to whether or not you want to save the settings, press the Yes button.
- Next press the Apply button and then the OK to exit the Internet Properties page.
From time to time, software vendors introduce updates for their products. Sometimes these are to enhance the product, but often they are to repair an exploitable vulnerability. You may like to consider installing Secunia PSI. This is a free application (for home users) that sits in the system tray and alerts you when security updates are available, and where from. Secunia PSI can be downloaded from HERE