[emeraldnzl]

Hello gigman,

Apologies for the delay in getting back to you. Had to go out this morning (local time)... help the wife with grocery shopping lol.

Getting back to your machine's problem:

I was actually surfing the internet then up popped the FBI virus and couldn't control anything, booted to safe mode removed it with EMSISOFT Emergency Kit and tried everything else and still couldn't browse.

The EMSISOFT scan should have got rid of the infection and we have run some tools since that would follow up nicely. That virus interferes with a number of programs and has likely left residual damage.

As for Windows Defender, I received the following error: "Application failed to initialize: 0x800106ba. A problem caused this programs service to stop. To start the service, restart your computer or search help and support for how to start a service manually."

ComboFix said Windows Defender was enabled (may even have interfered with CF) which made me think it might be part of the problem. We want to disable it but it seems it is corrupted... maybe by the infection.

Try downloading and running Mr Fixit for Windows Defender from Microsoft.

If that doesn't do the job try going to the link below and using the manual solution:

http://support.microsoft.com/kb/931849

If the foregoing doesn't solve the problem then:

Have you tried browsing the net from Safe Mode with Networking? If not, give it a go, and tell me how you got on.

[Advertisements]

Its actually browsing in any mode now. The only thing left is that defender error. I will go ahead and try that and get back with you.

[gigman]

Its actually browsing in any mode now. The only thing left is that defender error. I will go ahead and try that and get back with you.

[emeraldnzl]

Its actually browsing in any mode now.

Brilliant. Look forward to hearing from you.

Don't know whether you are looking for security on that machine but if you are:

Here are three good antivirus free for personal use:

• Avast
• Microsoft Security Essentials
• AVIRA Note: AVIRA free comes with adware that promotes their paid for version each time it updates. A small price to pay for an excellant anti-virus program

Here are two good firewalls free for personal use:

• OnLine-Armour
• Agnitum - Outpost free

Microsoft Security Essentials together with Windows Firewall (which comes with Windows) is probably a good choice for the run of the mill user. This because it is light on resources, it is unobtrusive (it works away in the background without interrupting) and you don't have to be an expert. Firewalls have a habit of flagging suspicious files and asking the user to decide whether to accept the file or not. Often the run of the mill user has no idea about what a particular file does and just says no to everything... down the track they wonder why programs they use regularly suddenly stop working or maybe they try and download something they frequently downloaded in the past but now find they can't.

Note: Do not use more than one anti-virus or firewall. Running two or more real-time anti-virus, anti-spyware and firewall monitors at the same time can cause a conflict. That conflict can result in slow computer performance, error messages, crashes of the programs or other types of failure. You will very likely end up with little or no protection.

[gigman]

I tried the FixIt you posted and it popped up and said that it does not apply to my operating system or application version. I also tried going into the services, successfully changed it from manual to automatic but it says that "The Windows Defender service on Local Computer started and then stopped. Some services stop automatically if they are not in use by other services or programs." I also installed Microsoft Security Essentials before I did this and restarted after the installation for good measure. Then tried going to Programs and Features where the article told me if the services didn't work and try to uninstall it but it is listed no where.

[emeraldnzl]

Hello again gigman,

I also installed Microsoft Security Essentials

Microsoft Security Essentials turns off Windows Defender to prevent conflict.

Then tried going to Programs and Features where the article told me if the services didn't work and try to uninstall it but it is listed no where.

I don't believe you can uninstall Windows Defender from Vista.

Now

I think your machines problem is solved. Microsoft Security Essentials will have dealt with the Windows Defender worry and you browser is working.

We have a couple of last steps to perform and then you're all set.

Follow these steps to uninstall Combofix and tools used in the removal of malware. This will also clean out and reset your Restore Points.

• Go to Start > Programs > Accessories and click on Run
• Copy and paste the the bolded text below in the box then hit OK
  
  Combofix /Uninstall
  
  

Step 2

• Double-click OTL.exe to run it. (Vista users, please right click on OTL.exe and select "Run as an Administrator")
• Click on the CleanUp! button
• Click Yes to begin the Cleanup process and remove these components, including this application.
• You will be asked to reboot the machine to finish the Cleanup process. If you are asked to reboot the machine choose Yes.

MBAM can be uninstalled via control panel add/remove but it may be a useful tool to keep.

Any other tools remaining may be deleted.

-------------------------------------------------------------------------------------------------------------------

A reminder: Remember to (re-install if uninstalled during cleaning) update and turn back on any anti-malware programs you may have turned off during the cleaning process.
-------------------------------------------------------------------------------------------------------------------

Here are some things that I think are worth having a look at if you don't already know about them:

---------------------------------------------------------------------------------------------------------------------

It is good security practice to change your passwords to all your online accounts on a fairly regular basis, this is especially true after an infection. Refer to this Microsoft article Strong passwords: How to create and use them.

----------------------------------------------------------------------------------------------------------------------

Regularly check that your Java is up to date. Older versions are vunerable to malicious attack.

• Download Java for Windows
  
  Reboot your computer.
  You also need to unininstall older versions of Java.
  
• Click Start > Control Panel > Add or Remove Programs
• Remove all Java updates except the latest one you have just installed.

--------------------------------------------------------------------------------------------------------------------

To help protect your computer in the future:

• If you do not already have automatic updates set then it is recommended that you do set Windows to check, download and install your updates automatically.
  
  * Click Start > Control Panel > System and Security > Windows Update
  * Under Windows Update click on Turn automatic updating on or off
  * Check items shown to ensure you receive updates automatically. Click OK.
  
  And to keep your system clean consider choosing from these free for home use malware scanners and updating and running weekly.
  
• Malwarebytes
• SuperAntiSpyWare

Be aware of what emails you open and websites you visit.

Go here for some good advice about how to prevent infection.

A fun way to check your online safety literacy.

Quiz - getsafeonline

Have a safe and happy computing day!

[gigman]

Yes, I just uninstalled Combofix and ran the cleanup from OTL. I normally change my passwords atleast once a month (Thank my military brother for that).

Again, thank you very much for your help!!

[emeraldnzl]

Again, thank you very much for your help!!

You are very welcome.

I will keep this topic open for a day or two in case any issues arise.

[emeraldnzl]

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.