I will certainly keep you up to date with the progress. What section are you going to be placing my information for assistance?
As it seems your only remaining issue is regarding what backup program to use:
1.The malware/spyware - which seems to be possibly corrected.
No malware remains on the system as of the last scan log(s) produced.
2.What are the links to the alternatives of MSE anti-virus software programs that you suggested/recommended in an earlier posting?
3.I do not think we ever came to a conclusion with the CutePDFWriter?
4.What do you recommend to run to backup hard drive and files?
This should really come to you via the appropriate forum.
5.The removal of the tools we have used.
Done except for combofix uninstall.
...I'd prefer that you make your inquiries other than malware related, in the appropriate forum(s). These help threads should stay focused on malware related issues. As this one seems to have been resolved long ago, I really feel that we should close this thread and move on.
So...rather than parting this thing out, I'll recommend "Macrium Reflect" and suggest that any questions about it should be made in the "Applications" forum.
To remove combofix, click start
, then in the "Search programs and files" box, type Run
, then press the enter key. When the "Run" box opens, copy/paste the following, then press "OK":ComboFix /Uninstall
Performing this function will uninstall Combofix, delete its related folders and files, reset your clock settings, hide file extensions, hide the system/hidden files and resets System Restore again for you automatically.
To assist in the prevention of malicious software intrusion and infections, you can begin by reading "How to boost your malware defense and protect your PC"...
Please remember to keep antivirus software on board and always use it's real time protection feature. Run a complete system scan at least once a week...preferably in Safe mode
. A word of caution
Security vendors, in recent years, have partnered with "Ask.com"
in providing the "Ask Toolbar" bundled with their download(s).
Although the toolbar is considered to be a Legitimate
program, it is nonetheless questionable
as to it's behavior. It is alleged to be spyware/adware as the behavior of this application tracks a user's history and sends "search" information to it's servers in order to provide a user with targeted search results, many of these results may also be for questionable web sites. In fairness, one should keep in mind, google does the same thing regarding search results.
This tracking is considered by many of us in the security field, to be offensive.
Some of the "Download links" that I may provide, may also contain this program bundled with it. If you choose not to use it, the bundled software will always contain an "Opt Out" measure via some checkbox. The user can check (or uncheck)
this box to prevent the download.
If a user isn't cautious and may have mistakenly installed this program, it can easily be removed via the "Uninstall" string provided with the software. Detailed instructions how to remove the program can be found Here
If your antivirus program is a licensed version that is about to expire, you can consider using one of these available free on the public domain:Microsoft Security EssentialsAntiVir Personal Edition ClassicAvast! 4 Home Edition
Those of us in the online safety/security community have tried and tested these programs to determine their abilities. Having in mind, nothing is ever a guarantee regarding computer security, these programs nevertheless, combined with the rest of these recommendations are certain to have an impact in helping to keep your system running free and clear. I personally have been completely satisfied from having tested and used each one of those at one time or another.
Immunize your browser by installing Spywareblaster
. What does it do?
- Prevents the installation of ActiveX-based spyware, adware, browser hijackers, dialers, and other potentially unwanted software.
- Blocks spyware/tracking cookies in Internet Explorer and Mozilla/Firefox.
- Restricts the actions of potentially unwanted sites in Internet Explorer.
Keep your anti-virus and spyware definitions up to date. Be sure to scan often.
Web of Trust, (WOT
,) warns you about risky websites that try to scam visitors, deliver malware or send spam. Protect your computer against online threats by using WOT as your front-line layer of protection when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites, helping you avoid the dangerous sites:
- Green to go
- Yellow for caution
- Red to stop
WOT has an add-on available for both Firefox and IE.
Install the Winpatrol
security monitor utility. WinPatrol will alert you to hijackings, malware attacks and critical changes made to your computer without your permission. What I hear most from users is how much they like the startup control feature and it's ease of use. Need help understanding something about Winpatol? Here it is
Windows Vista and Windows 7 have a software firewall built in and activated by default. This native firewall is a big improvement and is fine by itself. However, there are third party software Firewalls that offer a bit more configuration options.
Below you can choose from several of the freeware Firewalls available on the public domain. Even though you may have a Firewall already installed, keep this list handy should you choose not to renew your subscription for whatever reason. I should also mention, if you choose to use a third party firewall, make certain the Windows firewall is turned off to prevent conflict issues.
...and please remember, you should have only one of these types of third party firewalls running on board:Zone Alarm
...Windows 2k/XP/VistaOutpost FreeComodo
...I highly recommend this firewall, but it may just be best suited for advanced users.
Stay updated with the most recent Windows patches using Microsoft's Windows Update
. Make it easy on yourself, and set this feature to Automatic
Keep your installed software up to date by downloading the free FileHippo Update Checker
. Double-click the FHSetup.exe
file to install it. When the install completes, you'll find the Update Checker shortcut on the desk top.
Double-click on it and a scan begins with the results showing in your browser. Any software it finds to be out of date, will be presented in your browser. Just click on the download link provided there to download your software updates. Ignore the beta software unless you want that...during the scanner initialization, you can click the settings link, then click the results tab and check the box "Hide beta versions". After clicking the OK button, click the "Retry" link to continue the scan with those settings.
Using an alternate browser can reduce your chance of certain infections installing themselves. I recommend installing Mozilla Firefox
. If you don't already have "Firefox", please consider installing and using this browser for surfing.
If you still wish to use Internet Explorer, please make sure you install SpywareBlaster (from above) to protect you from most ActiveX infections.
often. Please avoid using the "registry" cleaning feature of this utility unless you consider yourself an expert. Contrary to popular thought, the Windows Registry has no need of any "cleaning". I personally challenge anyone to show a substantial benefit from having used any of these "registry cleaning" programs. There is none. Any difference at all is so miniscule that it's nearly impossible to calculate.
On the flip side, rather than any benefit, there is the possibility of slicing out enough pieces of the registry to render things useless...and that includes the operating system.
By default, CCleaner will ask you if you want to backup what is removed, and I suggest you do just that. If you have already used this option and found that something no longer works properly, please find the backup that was created and use it to restore that particular item. Remember, using this to clean the disk is absolutely useful and beneficial. A novice needs only to use the disk cleaning feature...and avoid the registry cleaning aspect. It's not difficult...just don't bother to click the Registry
button on the menu.
CCleaner is an excellent...and fast disk cleaning utility that can easily be configured to suit your needs. Often, users find a simple reboot resolves a quirky performance issue which can come about as a result of the collection of temp files while browsing the web...and if you configure CCleaner to run on start up, then your system could be kept running fast and clean with each new user session.
The Yahoo Toolbar is included by default during the installation of the CCleaner utility...if you DO NOT WANT IT, be sure to remove the check from the "Add CCleaner Yahoo! Toolbar and use CCleaner from your browser" option during installation setup or else just download the Slim
version (no toolbar...last download link at the bottom of that page).
Or if you just want to run your on board Disk Cleanup ("Start--> Programs-->Accessories-->System Tools-->Disk Cleanup" ), just open the utility and check off the following:
Downloaded Program Files, Temporary Internet Files, Recycle Bin, and Temporary Files.
Don't forget to check your system's "defragmenter" settings. With Windows Vista, you have the option to set this as a scheduled event. It is best to have your system's "defrag" function scheduled for at least once a week.So how did I get infected in the first place?
Regards, and Happy Surfing!