[emeraldnzl]

Should I delete these manually?

No we will do that now.

Please run OTL.exe

• Under the Custom Scans/Fixes box at the bottom, paste in the following
  
  

  
  :Files
  C:\Users\georgejhsu\Downloads\iqy_offline_2.4.0.0_p2.exe a variant of Win32/Hao123.A application
  C:\Users\georgejhsu\Downloads\LeTV_setup (1).exe a variant of Win32/Hao123.A application
  C:\Users\georgejhsu\Downloads\LeTV_setup.exe a variant of Win32/Hao123.A application
  
  :Commands
  [reboot]
  

• Then click the Run Fix button at the top
• Let the program run unhindered, reboot when it is done
• It will produce a log for you on reboot, please post that log in your next reply.The log is saved in the same location as OTL.

And tell me how the computer is now.

[Advertisements]

OTL Fix Log:

========== FILES ==========
Invalid Switch: Hao123.A application
Invalid Switch: Hao123.A application
Invalid Switch: Hao123.A application
========== COMMANDS ==========

OTL by OldTimer - Version 3.2.69.0 log created on 02242013_180902

This looks a bit odd? Is that what's supposed to happen?

The computer itself hasn't frozen or given me a BSOD yet; ESET scanner had no trouble at all going through the scan. I suppose what I am most concerned about is when I return the computer to the original user, that he will mindlessly download the same programs again that could potentially have malware attached. Is there any free anti-virus or firewall (or better yet, install block) programs you might be able to recommend?

Thanks

[sonicshadow]

OTL Fix Log:

========== FILES ==========
Invalid Switch: Hao123.A application
Invalid Switch: Hao123.A application
Invalid Switch: Hao123.A application
========== COMMANDS ==========

OTL by OldTimer - Version 3.2.69.0 log created on 02242013_180902

This looks a bit odd? Is that what's supposed to happen?

The computer itself hasn't frozen or given me a BSOD yet; ESET scanner had no trouble at all going through the scan. I suppose what I am most concerned about is when I return the computer to the original user, that he will mindlessly download the same programs again that could potentially have malware attached. Is there any free anti-virus or firewall (or better yet, install block) programs you might be able to recommend?

Thanks

[emeraldnzl]

Oh dear I gave you an incorrect script.

Try this:

Please run OTL.exe

• Under the Custom Scans/Fixes box at the bottom, paste in the following
  
  

  
  :Files
  C:\Users\georgejhsu\Downloads\iqy_offline_2.4.0.0_p2.exe
  C:\Users\georgejhsu\Downloads\LeTV_setup (1).exe
  C:\Users\georgejhsu\Downloads\LeTV_setup.exe
  :Commands
  [reboot]
  

• Then click the Run Fix button at the top
• Let the program run unhindered, reboot when it is done
• It will produce a log for you on reboot, please post that log in your next reply.The log is saved in the same location as OTL.

[sonicshadow]

OTL once again:
========== FILES ==========
C:\Users\georgejhsu\Downloads\iqy_offline_2.4.0.0_p2.exe moved successfully.
C:\Users\georgejhsu\Downloads\LeTV_setup (1).exe moved successfully.
C:\Users\georgejhsu\Downloads\LeTV_setup.exe moved successfully.
========== COMMANDS ==========

OTL by OldTimer - Version 3.2.69.0 log created on 02242013_204733

The computer itself hasn't frozen or given me a BSOD yet; ESET scanner had no trouble at all going through the scan. I suppose what I am most concerned about is when I return the computer to the original user, that he will mindlessly download the same programs again that could potentially have malware attached. Is there any free anti-virus or firewall (or better yet, install block) programs you might be able to recommend?

Thanks

The above still holds true. No issues or anything as of yet. If everything looks clean from here, are there any software that you might recommend for protection?

Thanks

[emeraldnzl]

Hello again sonicshadow,

The computer itself hasn't frozen or given me a BSOD yet; ESET scanner had no trouble at all going through the scan.

Great news.

I suppose what I am most concerned about is when I return the computer to the original user, that he will mindlessly download the same programs again that could potentially have malware attached. Is there any free anti-virus or firewall (or better yet, install block) programs you might be able to recommend?

I think the best protection is common sense in where you go and what you do on the internet. No program will stop people doing the wrong things. Having said that here are three good free for personal use antivirus :

• Avast
• Microsoft Security Essentials
• AVIRA Note: AVIRA free comes with adware that promotes their paid for version each time it updates. A small price to pay for an excellant anti-virus program

Here are two good firewalls free for personal use:

• OnLine-Armour
• Agnitum - Outpost free

Microsoft Security Essentials together with Windows Firewall (which comes with Windows) is probably a good choice for the run of the mill user. This because it is light on resources, it is unobtrusive (it works away in the background without interrupting) and you don't have to be an expert. Firewalls have a habit of flagging suspicious files and asking the user to decide whether to accept the file or not. Often the run of the mill user has no idea about what a particular file does and just says no to everything... down the track they wonder why programs they use regularly suddenly stop working or maybe they try and download something they frequently downloaded in the past but now find they can't.

Note: Do not use more than one anti-virus or firewall. Running two or more real-time anti-virus, anti-spyware and firewall monitors at the same time can cause a conflict. That conflict can result in slow computer performance, error messages, crashes of the programs or other types of failure. You will very likely end up with little or no protection.


Also check out the tips outlined below and you might find the browser one of interest.

Now

We have a couple of last steps to perform and then you're all set.

Follow these steps to uninstall Combofix and tools used in the removal of malware. This will also clean out and reset your Restore Points.

• Go to Start > Programs > Accessories and click on Run
• Copy and paste the the bolded text below in the box then hit OK
  
  Combofix /Uninstall
  
  

Step 2

• Double-click OTL.exe to run it. (Vista users, please right click on OTL.exe and select "Run as an Administrator")
• Click on the CleanUp! button
• Click Yes to begin the Cleanup process and remove these components, including this application.
• You will be asked to reboot the machine to finish the Cleanup process. If you are asked to reboot the machine choose Yes.

MBAM can be uninstalled via control panel add/remove but it may be a useful tool to keep. Erunt can also be uninstalled via the add/remove programs utility.

-------------------------------------------------------------------------------------------------------------------

A reminder: Remember to turn back on any anti-malware programs you may have turned off during the cleaning process.

-------------------------------------------------------------------------------------------------------------------

Now that your machine is clean here are some things that I think are worth having a look at if you don't already know about them:

---------------------------------------------------------------------------------------------------------------------

Regularly check that your Java is up to date. Older versions are vunerable to malicious attack.

• Download Java for Windows
  
  Reboot your computer.
  You also need to unininstall older versions of Java.
  
• Click Start > Control Panel > Add or Remove Programs
• Remove all Java updates except the latest one you have just installed.

--------------------------------------------------------------------------------------------------------------------

Make Internet Explorer more secure

• Click Start > Run
• Type Inetcpl.cpl & click OK
• Click on the Security tab
• Click Reset all zones to default level
• Make sure the Internet Zone is selected & Click Custom level
• In the ActiveX section, set the first two options ("Download signed and unsigned ActiveX controls) to "Prompt", and ("Initialize and Script ActiveX controls not marked as safe") to "Disable".
• Next Click OK, then Apply button and then OK to exit the Internet Properties page.

* Consider using an alternate browser.

Opera may be downloaded from here. It is one of the least targeted of all browers.

Avant may be downloaded from here. Another one that is less well known.

Firefox may be downloaded from Here. I use Firefox because I like it and it has some good security built in.

Adblock Plus is a good Add-on for Firefox that helps prevent those annoying pop ups.

No scripts is an excellent security device too. I like it but it is not for everyone because it requires you to take action if you want to see some things (pop ups, banners etc.) on sites you visit.

Download NoSript by Giorgio Maone.

Note: Sometimes you will get a site telling you that you need to install Java when actually all you need to do is enable the site through the no script icon down on the right hand side of your computer.

-----------------------------------------------------------------------------------------------------------------------

To help protect your computer in the future:

• If you do not already have automatic updates set then it is recommended that you do set Windows to check, download and install your updates automatically.
  
  * Click Start > Control Panel > System and Security > Windows Update
  * Under Windows Update click on Turn automatic updating on or off
  * Check items shown to ensure you receive updates automatically. Click OK.
  
  And to keep your system clean consider choosing from these free for home use malware scanners and updating and running weekly.
  
• Malwarebytes
• SuperAntiSpyWare

If you don't already have a anti-virus program here are a couple to choose from (these are also free for personal use):

• Avast
• Microsoft Security Essentials

Be aware of what emails you open and websites you visit.

Go here for some good advice about how to prevent infection.

A fun way to check your online safety literacy.

Quiz - getsafeonline

Have a safe and happy computing day!

[sonicshadow]

Thank you very much for all your help. I highly appreciate it

[emeraldnzl]

You are very welcome.

[emeraldnzl]

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.