My kids used this computer for several months as their "game" computer. After I took it back over, I deleted a bunch of malware. Online game sites are unfortunately loaded with it. I will happily accept any suggestions for future prevention, but I am hoping since I am the sole user now, infection will be less likely.
I'm glad mine are grown!
I will need to disinfect another computer that became the game computer after our work with this one is finished. I am happy you make it so easy to work through all these programs. I wish I had your knowledge so I wouldn't have to bother you with our other computers, but I am so thankful you are here to help.
OK. Just start a new topic and one of us will be happy to help. If you want me to give it a shot, just put ATTN: godawgs in the topic along with the topic title. And you aren't bothering us....you're in it with us. You do just as much as we do.
OK! Well done.
Here is the best part of the process! The mullygrubs are gone! That's a technical term for your log(s) appear to be clean! If you have no further issues with your computer, please proceed with the housekeeping procedures outlined below.
The first thing we need to do is to remove all the tools that we have used. This is so that should you ever be re-infected, you will download updated versions.Step-1.
Click the Start Orb
and click Control Panel
. In the list of programs installed find ESET online Scanner
and uninstall it.Step-2.OTL Cleanup1.
Please copy all of the text in the code box below. To do this, highlight everything inside the code box , right click and click Copy.2.
on your desktop.
- Be sure all other programs are closed as this step will require a reboot.
- Click on
- You will be prompted to reboot your system. Please do so.
The above process will flush all old System Restore points and create a new clean one. It will also remove the OTL logs created during the cleanup process. After it is finished, OTL will remove itself. This is so that if you are ever infected again you will download the most current copy of the tool.
Go to the folder you downloaded these files to and delete them. If it was the desktop, delete them there. If it was the Downloads folder, delete them there.aswMBR.exe
All REReport.txt files
files and all AdwCleaner[S1].txt
Delete any other .bat, .log, .reg, .txt,
and any other files created during this process, and left on the desktop or in the folder you downloaded them to. Empty the Recycle Bin
Step-4.Reset Hidden Files and Folders
- Open SpyBot Search and Destroy by going to Start -> All Programs -> Spybot Search and Destroy -> Spybot Search and Destroy.
- If prompted with a legal dialog, accept the warning.
- Click Mode and then on "Advanced Mode".
- You may be presented with a warning dialog. If so, press Yes.
- Click on
- Click on
- Check these checkboxes:
- Close/Exit Spybot Search and Destroy.
1. Click the Start
2. Click Computer
4. In the Menu
bar at the top of the page, click the Tools menu
and click Folder Options
5. Select the View
6. Under the Hidden files and folders
heading UNSELECT Show hidden files and folders
7. Click the box beside Hide protected operating system files (recommended)
. Click Yes
to confirm. Click OK
.Preventing Re-InfectionBelow, I have included a number of recommendations for how to protect your computer against future malware infections.:Keep Windows Updated:
-Windows Updates are constantly being revised to combat the newest hacks and threats, Microsoft releases security updates that help your computer from becoming vulnerable. It is best if you have these set to download automatically.Vista and Windows 7 Users:
1. Click Start> All Programs
, from the list find Windows Update
and click it.:Turn On Automatic Updates:Vista and Windows 7
1. Click Start> Control Panel.
Under Windows Update
, Click Turn automatic on or off.
2. On the next page, under Important Updates,
Click the Drop down arrow
on the right side of the box and Click Install Updates Automatically(recommended).
If you click this setting, click to select the day and time for scheduled updates to occur. You can schedule Automatic Updates for any time of day. Remember, your computer must be on at the scheduled time for updates to be installed. After you set this option, Windows recognizes when you are online and uses your Internet connection to find updates on the Windows Update Web site or on the Microsoft Update Web site that apply to your computer. Updates are downloaded automatically in the background, and you are not notified or interrupted during this process. An icon appears in the notification area of your task bar when the updates are being downloaded. You can point to the icon to view the download status. To pause or to resume the download, right-click the icon, and then click Pause or Resume. When the download is completed, another message appears in the notification area so that you can review the updates that are scheduled for installation. If you choose not to install at that time, Windows starts the installation on your set schedule.: Keep Java Updated :
: Keep Adobe Reader Updated :
- Click the Start button
- Click Control Panel
- Double Click Java - Looks like a coffee cup. You may have to switch to Classical View on the upper left of the Control Panel to see it.
- Click the Update tab
- Click Update Now
- Allow any updates to be downloaded and installed
- Open Adobe Reader
- Click Help on the menu at the top
- Click Check for Updates
- Allow any updates to be downloaded and installed
in the left column and uncheck
Close program. It's the same for Foxit Reader except Preferences
is under the Tools
menu, and you uncheck
1. From within Internet Explorer
click on the Tools
menu and then click on Options.
2. Click once on the Security tab
3. Click once on the Internet icon
so it becomes highlighted.
4. Click once on the Custom Level
5. Change the Download signed ActiveX controls to "Prompt"
6. Change the Download unsigned ActiveX controls to "Disable"
7. Change the Initialise and script ActiveX controls not marked as safe to "Disable"
8. Change the Installation of desktop items to "Prompt"
9. Change the Launching programs and files in an IFRAME to "Prompt"
10. When all these settings have been made, click on the OK
11. If it prompts you as to whether or not you want to save the settings, click the Yes
12. Next press the Apply
button and then the OK
to exit the Internet Properties page.Preventative programs that will help to keep the nasties away! We will start with Anti Spyware programs. I would advise getting a couple of them at least, and running a full scan at least once a month. Run Quick Scans at least once a week. Download the Free versions. And update the definitions before running scans.========Anti Spyware========
It's a good idea to clear out all your temp files every now and again. This will help your computer from bogging down and slowing. It also can assist in getting rid of files that may contain malicious code that could re-infect your computer.========TEMP File Cleaners========
- Malwarebytes-Free Version- a powerful tool to search for and eliminate malware found on your computer.
- SUPERAntiSpyware Free Edition-another scanning tool to find and eliminate malware.
- SpywareBlaster-to help prevent spyware from installing in the first place. A tutorial can be found here.
- SpywareGuard-to catch and block spyware before it can execute. A tutorial can be found here.
- WinPatrol - will alert you to hijackings, malware attacks and critical changes made to your computer without your permission. Help file and tutorial can be found here.
- TFC by OldTimer-A very powerful cleaning program for 32 and 64 bit OS. Note: You may have this already as part of the fixes you have run.
- CleanUP-Click the Download CleanUP! link. There is also a Learn how to use CleanUP! link on this page.
:Keep Installed Programs Up to Date:
- Keep a backup of your important files.-Now, more than ever, it's especially important to protect your digital files and memories. This article is full of good information on alternatives for home backup solutions.
- ERUNT-(Emergency Recovery Utility NT) allows you to keep a complete backup of your registry and restore it when needed. The standard registry backup options that come with Windows back up most of the registry but not all of it. ERUNT however creates a complete backup set, including the Security hive and user related sections. ERUNT is easy to use and since it creates a full backup, there are no options or choices other than to select the location of the backup files. The backup set includes a small executable that will launch the registry restore if needed.
It is also possible for other programs on your computer to have security vulnerability that can allow malware to infect you. Therefore, it is also a good idea to check for the latest versions of commonly installed applications that are regularly patched to fix vulnerabilities.
A couple of programs that will do this are listed below. Only download and install one
of the programs and run it monthly:Secunia Software InspectorFilehippo Update Checker
Finally, please read How did I Get Infected in the First Place(by Mr. Tony Klein and dvk01)I'd be grateful if you could reply to this post so that I know you have read it and, if you've no other questions, the thread can then be closed.
I Will Keep This Open For 24 hours or so. If Anything Comes Up - Just Come Back And Let Me Know