[Jojovan]

Hi Maser00,

Here is the OTL log that was just produced.

As for an AV, I was waiting until we finished but based on your question I will install one immediately.

Jojovan

Attached Files

•  OTL 04DEC11 4h29.Txt   9.3KB   81 downloads

[Advertisements]

Maser00,

I read a post this week on this forum about which AV programs are now recommended and can't seem to find it anywhere. Can you help me with a recommendation? I seem to recall there is a Microsoft free one that is now recommended.

Jojovan

[Jojovan]

Maser00,

I read a post this week on this forum about which AV programs are now recommended and can't seem to find it anywhere. Can you help me with a recommendation? I seem to recall there is a Microsoft free one that is now recommended.

Jojovan

[Aaron]

I'll post a part of my prevention speech:

First of all you need a good antivirus. Only install one antivirus program at the time because they can conflict! A few good antivirus to buy are Avira, Kaspersky, Avast and Norton (there are other good ones too). You see for yourself, you can find test reports ones a month at AV-Comparatives.org.
If you want a free antivirus then I recommend you ONE of these:

• Avira
• Avast
• Microsoft Security Essentials.

! McAfee and Norton are known for their inability to uninstall themselves correctly, so after you uninstall them then run the corresponding uninstaller before trying to install a new anti-virus!
McAfee Uninstaller
Norton Uninstaller

About the RKU log, I'm discussing a bit with other specialists here. I'll reply ASAP.

[Aaron]

Hi, your logs look clean

Follow these steps to uninstall Combofix:

• Please press the Windows Key and R on your keyboard. This will bring up the Run... command.
• Now type in Combofix /Uninstall in the runbox and click OK. (Notice the space between the "x" and "/")
  
• Please follow the prompts to uninstall Combofix.
• You will then recieve a message saying Combofix was uninstalled successfully once it's done uninstalling itself

I'm happy I could help. I'm giving you some tips about preventing new infections and how to increase your computer's speed.
Let's first remove all system restore points (because they may still contain malware) and create a new restore point. To do this:

• Open OTL
• Under the Custom Scans/Fixes box at the bottom, paste the following:
  
  

  :Commands
  [clearallrestorepoints]

• Click the Run Fix button at the top
• It might ask you to reboot, if so click YES

Now we can cleanup the tools we used:

• Open OTL to run it.
• Click on the CleanUp button.
• Click Yes to begin the cleanup process and remove tools, including this application.
• You may be asked to reboot the machine to finish the cleanup process - if so, choose Yes.
• Note: if there are still some files left then you may delete them manually

============ 1. Cleaning your temporary files ============

We've already cleaned your temporary files when we removed the malware on your computer, but you could do this step once a month to keep your computer clean and faster. It will also greatly decrease the time a program like e.g. MBAM needs to scan for malware

Download TFC by OldTimer to your desktop

• Please right-click TFC.exe and choose Run As Administrator.
• It will close all programs when run, so make sure you have saved all your work before you begin.
• Click the Start button to begin the process. Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two. Let it run uninterrupted to completion.
• Once it''s finished it should reboot your machine. If it does not, please manually reboot the machine yourself to ensure a complete clean.

You can find more information about TFC here.
Another great program you could use instead is Ccleaner, it's best to download and install Ccleaner Slim that does not contain the Yahoo! Toolbar.

============ 2. Updating your programs ============

It is recommended to update all your programs, as this will result in a faster working computer and optimal protection. I highly recommended you to update most programs at least once a month!

• It is very important to update Windows as this will make your computer a lot safer, stable and maybe even faster. Every XP user should have Service Pack 3 & every Vista user should have Service Pack 2.
  For XP users: You can start it by clicking Start -> All programs -> Windows Update or go to this site.
  
  For Vista/Windows 7 users: Go to Control Panel and select System and Maintenance, then select Windows Update and install every update.
  
• It is also very important to update Java! Older versions have vulnerabilities that malware can use to infect your system (like when playing a browser game or even by visiting certain sites). Please follow these steps to remove older versions of Java and to install the newest one available.
  
  • Download the latest version of Java SE Runtime Environment (JRE) here.
  • Please go to Start -> Control Panel -> Add/Remove Programs and remove all old versions like Java™ 6 Update *version*. The following versions of Java could also be installed, uninstall these too: Java Runtime, Runtime Environment, Runtime, JRE, Java Virtual Machine, Virtual Machine, Java VM, JVM, VM, J2RE and J2SE.
  • Reboot your computer once all Java components are removed.
  • If you are experiencing problems while removing Java then you can try JavaRa to remove all leftovers.
  • Then from your desktop double-click on the download to install the newest version.
• It is also important to update Adobe Reader. Please go to Start > Control Panel > Add/Remove Programs and remove Adobe Reader. Then download and install the latest version here.
  
• Secunia and the Filehippo Update Checker are two programs which can help you updating your programs. These will notify you when an update is found an suggest you a download link.

============ 3. How to prevent an new infection ============

I will list some program's here to secure your computer. At first look this could seem as a security overkill, but it isn't. Most program's aren't active so they won't slow down your computer at all. Only your antivirus, firewall, Winpatrol and Autorun Eater are active. These last two use almost no system resources from your computer, so your computer won't slow down a bit. All these programs are also free or have a free version.

• First of all you need a good antivirus. Only install one antivirus program at the time because they can conflict! A few good antivirus to buy are Avira, Kaspersky, Avast and Norton (there are other good ones too). You see for yourself, you can find test reports ones a month at AV-Comparatives.org.
  If you want a free antivirus then I recommend you ONE of these:
  
  
  • Avira
  • Avast
  • Microsoft Security Essentials.
  ! McAfee and Norton are known for their inability to uninstall themselves correctly, so after you uninstall them then run the corresponding uninstaller before trying to install a new anti-virus!
  McAfee Uninstaller
  Norton Uninstaller
  
• Spywareblaster protects against bad ActiveX, it immunizes your PC against them. For more information see the TUTORIAL
• MVPS Hosts file this hosts file should replace your current hosts file. When done, a lot of 'bad' sites will be blocked so you can't access them and you won't be infected. For more information see the TUTORIAL
• A firewall is important to prevent malware connecting the internet (for sending personal information or to copy itself to other computers) and blocking unauthorised access to your computer, however this is can only come in handy for -very- experienced users. The windows firewall is fine for the most users, but it doesn't allow you to monitor outgoing connections. A tutorial on understanding and using firewalls may be found here. If you want a third-party firewall then I recommend you ONE of these to:
  
  
  • Online Armor. For more information see the TUTORIAL PART 1 & TUTORIAL PART 2
  • Comodo Firewall. For more information see the TUTORIAL
• I recommend you to install WinPatrol. It's a small program that will sit in your systray and warn you if something like malware tries to make changes to your system.
• If you use USB drives a lot then you might want to install Autorun Eater. This is a small program which will stay resident and prevent an infected USB device from infecting your PC. This is the ONLY secure way to use USB drives that aren't yours! For more information see the FAQ
• Sandboxie runs your programs in an isolated space which prevents them from making permanent changes to other programs and data in your computer. It therefore greatly increases your security ! Anything done in the 'Sandbox' can easily be undone, for more information see the Help & FAQ
• Have a look at OpenDNS.
• If you have a router, logon to it today and change the password from the default. If you don't know how, get the make and model from the router then google for the router maker's site. Almost all router makers have very clear instructions for each router they make. This will prevent DNS hijacking.
  
• For safest browsing use a login which does not have admin rights. Any login (especially those with admin rights should have a password and it should be something you can remember but which a random hacker can't guess.)
  How to create User Accounts XP
  How to create User Accounts Video - Windows 7 (& Vista)

============ 4. Detecting and deleting infections ============

Unfortunately some malware will always be able to get through our very good prevention, however this is very rare. To check your system for malware or to remove it I recommend you to scan monthly with these three programs:

• Malwarebytes Anti Maware (MBAM)
• SUPERAntiSpyware FREE
• And your own anti-virus program of course.

Always update these programs before you start scanning, this is very important !!
If you are happy with MBAM or SuperAntiSpyware then you might consider buying a license. A license isn't expensive at all and they are valid for ever, so no need to buy a new every year. With a license you have real-time protection (besides your antivirus software) and will prevent a lot of malware before they get on your computer! I strongly recommend you try a free trail to test each program and make up for yourself which one suites you best. BUT, do not buy a license for both. If you have these two programs running at the same time, then they may conflict.

============ 5. What browser should I use and how do I surf the internet safe? ============

There are a lot of browsers you can use. Some are more secure, faster, have a better compatibility with most sites and some are more customizable then others, but they all have there strong and weak points.

Internet Explorer is installed on almost every Windows computer. It is the slowest browser of all browser listed here and it's targeted most by malware. However Internet Explorer has a very high compatibility with most sites, it is a browser that most people use and there is good support from Microsoft.

How to make Internet Explorer more secure ?

• Click Start > Run
• Type Inetcpl.cpl & click OK
• Click on the Security tab
• Click Reset all zones to default level
• Make sure the Internet Zone is selected & Click Custom level
• In the ActiveX section, set the first two options ("Download signed and unsigned ActiveX controls) to "Prompt", and ("Initialize and Script ActiveX controls not marked as safe") to "Disable".
• Next Click OK, then Apply button and then OK to exit the Internet Properties page.

Firefox is a very good open source browser. It's the secondly most used browser, it has a high compatibility with most sites and it's highly customizable. It is my personal favourite. FireFox is also targeted a lot by malware and it's not the fastest one, it has a slow startup. If you use Firefox then I recommend these add-ons:

• Adblock Plus will block almost all ads on the internet.
• WOT this tells you whether the sites you are about to visit are safe or not. A must if you do a lot of Googling!
• NoScript provides extra protection to your Firefox (for more experienced users). It really makes Firefox safer!
  It allows JavaScript, Java and other executable content to run only from trusted domains of your choice, e.g. your home-banking web site, guarding your "trust boundaries" against cross-site scripting attacks (XSS) and Clickjacking attempts.
• Vacuum Places Improved defragments your Firefox "Places" database (history/bookmarks)
  This greatly reduces the lag while typing in the address bar and the start-up time.
  This extension features configurable automatic cleaning, periodic reminder, and internationalization.
• SpeedyFox another good tool that also boosts Firefox.

See here for a list of popular extensions, I'm sure it will improve your browser experience!

Opera is a good looking and very fast browser that has a lot of features other browsers don't have and it also isn't really targeted by malware. Not as customizable as Firefox and you can have some compatibility problems. Some features are: Mouse gestures, Opera Link, Opera Mail, Opera Turbo, Widgets, Speed Dial, Opera Unite... See here for more information.

Google Chrome is relatively new browser that is getting popular very fast. It is made by Google, it's the fastest browser of all and it's also easy looking. It also has support for add-ons like Firefox, but not as many as Firefox:

• Adblock will block almost all ads on the internet.
• WOT this tells you whether the sites you are about to visit are safe or not. A must if you do a lot of Googling!

See here for a list of popular extensions, I'm sure it will improve your browser experience!

============ 6. A few tips ============

• Remove trail software and programs that you don't use any more, it will free disk space and can speed up your computer.
• Make sure your hard drive is defragmented, this will also increase your computers' speed.
  
  
  • Windows XP users: have a look here
  • Windows Vista & 7 users: Windows normally defragments automatcly so you don't need to do anything. If you want to do it yourself then you can find information here
    I strongly recommend you to let Windows automatically defragment your drive once a month - not more, not less. You can check this option if you open Disk Defragmenter.
• Make sure you always have backups! If anything goes wrong, you will always have your most precious data stored safe.
• Open WinPatrol (see 3. How to prevent an new infection) and go to the Startup Programs tab. Make sure 'Display Secret Startup Locations (Advanced mode)' is UNCHECKED . Then disable (not remove) all programs except for your security programs or set some programs on the Delayed Start.
  This will greatly improve your computers' speed!
• Think twice when before downloading things like attachments, torrents, cracks, keygens, codecs and using P2P program's. Also watch out what sites you visit: particularly +18 sites and sites where you can download illegal or cracked software.
• Do not use following software or be very, very careful: register cleaners, driver updating software, codecs (for music or movies) and Windows Transformation Packs. These often contain malware and even if they are malware free then they can still do severe damage to your system!
• Also see the general the Preventing Malware and Safe Computing guide, made by one of my excellent former teachers.

Happy surfing again !

[Jojovan]

Maser00,

This is great news that all has now been cleared from my computer. I performed the cleanup steps above and will put into practice your suggestions above. I can't thank you enough for all your help particularly as I know it encroached upon your Xmas holidays.

Jojovan

[Aaron]

Hi Jojovan,

You're welcome! I like to do this, it's a sort of hobby.
Good that your computer is running OK again.

Cheers,
Maser00

[Aaron]

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.