[craziecomputer]

Sorry for long wait for reply. Defrag and check disk took 8+ each hours to complete, I had to disconnect from internet and they went faster then.

ESET took 9 hours to complete. I couldn't keep AVG turned off for the whole time since you can only turn it off for 15 minutes. I could uninstall if you think I need to rescan.

ESET log.
C:\Documents and Settings\Carl\My Documents\Downloads\UBCD4WinV360.exe Win32/PrcView application
C:\Program Files\Common Files\Real\Toolbar\RealBar.dll probably a variant of Win32/Adware.Toolbar.Visicom.AB application

Edited by craziecomputer, 20 September 2011 - 12:16 PM.

[Advertisements]

Hi.

Sorry for long wait for reply. Defrag and check disk took 8+ each hours to complete, I had to disconnect from internet and they went faster then.

No problem and OK.

ESET took 9 hours to complete. I couldn't keep AVG turned off for the whole time since you can only turn it off for 15 minutes. I could uninstall if you think I need to rescan.

No need to re-run the online scan. Now with regard to what was detected by the aforementioned scan, they are false positive detections and no further action is required. I will however myself inform Eset about such.

New Adobe Reader Installation:

• Go here and click on AdbeRdr1010_en_US.exe to download the latest version of Adobe Reader.
• Save this file to your desktop and run it to install the latest version of Adobe Reader.
• After the new Reader is installed, Open Adobe Reader X.
• OK the license.
• Click on Edit and select Preferences.
• On the Left, click on the Javascript category and Uncheck Enable Acrobat Javascript.
• Click on the Security (Enhanced) category and Uncheck Automatically trust sites from my Win OS security zones.
• Click on the Trust Manager category and Uncheck Allow opening of non-PDF file attachments with external applications.
• Click the OK button.

New Java Installation:

• Click here to visit Java's website.
• Scroll down to Java SE 7. Click on Download JRE.
• Check (tick) Java SE Runtime Environment 7 License Agreement box.
• Click on jre-7-windows-i586.exe link next to Windows x86 Offline to download it and save this to a convenient location.
• Double-click on on jre-7-windows-i586.exe to install Java.

Next:

Let myself know when completed the above and if any remaining issues remaining. If not we will clean up all tools used during the Malware Removal process and I will provide some advice about online safety etc.

[Dakeyras]

Hi.

Sorry for long wait for reply. Defrag and check disk took 8+ each hours to complete, I had to disconnect from internet and they went faster then.

No problem and OK.

ESET took 9 hours to complete. I couldn't keep AVG turned off for the whole time since you can only turn it off for 15 minutes. I could uninstall if you think I need to rescan.

No need to re-run the online scan. Now with regard to what was detected by the aforementioned scan, they are false positive detections and no further action is required. I will however myself inform Eset about such.

New Adobe Reader Installation:

• Go here and click on AdbeRdr1010_en_US.exe to download the latest version of Adobe Reader.
• Save this file to your desktop and run it to install the latest version of Adobe Reader.
• After the new Reader is installed, Open Adobe Reader X.
• OK the license.
• Click on Edit and select Preferences.
• On the Left, click on the Javascript category and Uncheck Enable Acrobat Javascript.
• Click on the Security (Enhanced) category and Uncheck Automatically trust sites from my Win OS security zones.
• Click on the Trust Manager category and Uncheck Allow opening of non-PDF file attachments with external applications.
• Click the OK button.

New Java Installation:

• Click here to visit Java's website.
• Scroll down to Java SE 7. Click on Download JRE.
• Check (tick) Java SE Runtime Environment 7 License Agreement box.
• Click on jre-7-windows-i586.exe link next to Windows x86 Offline to download it and save this to a convenient location.
• Double-click on on jre-7-windows-i586.exe to install Java.

Next:

Let myself know when completed the above and if any remaining issues remaining. If not we will clean up all tools used during the Malware Removal process and I will provide some advice about online safety etc.

[craziecomputer]

Everything seems to running good. Was there any malware found that would account for my yahoo mail getting hacked or the end program popup I got from Wildebeest? Could it have been the fraud pack trojan that superantispyware found, I found it a week before I started this topic. Just wondering.

Thanks for your help.

[Dakeyras]

Hi.

Everything seems to running good

Good.

Was there any malware found that would account for my yahoo mail getting hacked or the end program popup I got from Wildebeest? Could it have been the fraud pack trojan that superantispyware found, I found it a week before I started this topic. Just wondering.

Nothing specific no. What you mentioned about the infection removed by SAS, would actually depend on the exact variant in question. Either way it would be prudent to change the password and secret question/answer for the account(again, even if you have done so prior) as a precaution.

How to create a secure password:

When creating a new password use a series of both random upper/lower case letters and include some random alpha numerics also.

A example would be: THi85S13IsA7Eg4u2tWMg4r <-- Do not use this one craziecomputer merely a invented example for yourself.

This is a good test for the strength of any passwords created: Password Checker

Next:

Thanks for your help.

You're welcome! Congratulations your computer appears to be malware free!

Now I have some tasks for your good self to carry out as part of a clean up process and some advice about online safety.

Importance of Regular System Maintenance:

I advice you read both of the below listed topics as this will go a long way to keeping your Computer performing well.

Help! My computer is slow!

Also so is this:

What to do if your Computer is running slowly

Reset SR Points/Clean up with OTL:

• Double-click OTL to start the program.
• Copy the lines from the codebox to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):

:Commands
[ClearAllRestorePoints]

• Return to OTL, right-click in the Custom Scans/Fixes window (under the cyan bar) and choose Paste.
• Then click the red Run Fix button.
• Let the program run unhindered. When finished click on OK and close the log that appears.
• Note: I do not need to review the log produced.
• Now close all other programs apart from OTL as this step will require a reboot.
• On the OTL main screen, depress the CleanUp button.
• Say Yes to the prompt and then allow the program to reboot your computer.

The above process will flush old System Restore points and create a new clean one. It should also clean up and remove the vast majority of scanners used and logs created etc.

Any left over merely delete yourself and empty the Recycle Bin.

Now some advice for on-line safety:

Malwarebyte's Anti-Malware:

This is a excellent application and I advise you keep this installed. Check for updates and run a scan at least once per week.

Other installed security software:

Your presently installed security application, AVG 2011 automatically checks for updates and downloads/installs them with every system reboot and or periodically if the machine is left running providing a internet connection is active.

I advise you also run a complete scan with this also at least once per week.

Erunt:

Emergency Recovery Utility NT, I advice you keep this installed as a means to keep a complete backup of your registry and restore it when needed.

Myself I would actually create a new back up once per week as this along with System Restore may prove to be invaluable if something unforeseen occurs!

Keep your system updated:

Microsoft releases patches for Windows and other products regularly:

• I advise you visit: http://update.micros...t.aspx?ln=en-us
• Install the Active X
• Once installed it will advise set Auto-Updates if not set and you then you will be able to manually check for updates also via:
• Start >> All Programs >> Microsoft Updates

Be careful when opening attachments and downloading files:

Never open email attachments, not even if they are from someone you know. If you need to open them, scan them with your antivirus program before opening.
Never open emails from unknown senders.
Beware of emails that warn about viruses that are spreading, especially those from antivirus vendors. These email addresses can be easily spoofed. Check the antivirus vendor websites to be sure.
Be careful of what you download. Only download files from known sources. Also, avoid cracked programs. If you need a particular program that costs too much for you, try finding free alternatives on Sourceforge or Pricelessware.

Stop malicious scripts:

Windows by default allow scripts (which is VBScript and JavaScript) to run and some of these scripts are malicious. Use Noscript by Symantec or Script Defender by AnalogX to handle these scripts.

Avoid Peer to Peer software:

P2P may be a great way to get lots of seemingly freeware, but it is a great way to get infected as well. There's no way to tell if the file being shared is infected. Worse still, some worms spread via P2P networks, infecting you as well. My advice is avoid these types of software applications.

Hosts File:

A Hosts file is like a phone book. You look up someone's name in the phone book before calling him/her. Similarly, your computer will look up the website's IP address before you can view the website.

Hosts file will replace your current Hosts file with another one containing well-known advertisement sites, spyware sites and other bad sites. This new Hosts file will protect you by re-directing these bad sites to 127.0.0.1.

Here are some Hosts files:

• MVPS Hosts File
• hpHosts

Only use one of the above!

Install WinPatrol:

WinPatrol alerts you about possible system hijacks, malware attacks and critical changes made to your computer without your permission.

Download it from here.

You can find information about how WinPatrol works here.

Next:

This is a very helpful/useful set of advice from Microsoft: Microsoft Safety & Security Center

Any questions? Feel free to ask, if not stay safe!

[craziecomputer]

Thanks. I do use mvphost on out desktop computer, because there were many problems with that. Do you recommend using more than one anti-malware program? Should re-download superantispyware or another program? Ad-ware doesn't seem to be as good as it once was. I think spybot is similar to Winpatrol. Also I do have Zonealarm on my desktop computer, I remember you say it has side effects, so is there any other good free firewalls?
Thanks again.

[Dakeyras]

Hi.

Thanks. I do use mvphost on out desktop computer, because there were many problems with that.

You're welcome. Do you mean problems installing the host file? If so double-click on mvps.bat >> follow the prompts.

Do you recommend using more than one anti-malware program? Should re-download superantispyware or another program?

Aye you can if you so wish but only use the active monitoring feature of one(if you decide to reinstall Spybot S&D) and keep the other as a on-demand scanner only.

Ad-ware doesn't seem to be as good as it once was.

No it is not these days at all.

I think spybot is similar to Winpatrol.

The TeaTimer feature is aye...but as I mentioned merely keep it as a on-demand scanner only.

Also I do have Zonealarm on my desktop computer, I remember you say it has side effects, so is there any other good free firewalls?

As it stands the actual installation is fine to keep now as we have removed the undesirable components. However if you wish to uninstall it below are listed some good freeware alternatives.

Jetico Personal Firewall

OnlineArmor

[Dakeyras]

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.