Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

RCMP - Ukash virus - need it to be gone [Solved]


  • This topic is locked This topic is locked

#16
tulsa

tulsa

    Member

  • Topic Starter
  • Member
  • PipPip
  • 33 posts
Hello Gringo,

Sorry for the misunderstanding.

Here is the log file from ComboFix:

ComboFix 13-11-23.02 - rod 23/11/2013 14:22:09.3.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.2.1033.18.1982.1004 [GMT -4:00]
Running from: c:\users\rod\Desktop2\Desktop\Desktop\ComboFix.exe
Command switches used :: c:\users\rod\Desktop2\Desktop\Desktop\CFScript.txt
AV: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: IObit Malware Fighter *Disabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D}
.
.
((((((((((((((((((((((((( Files Created from 2013-10-23 to 2013-11-23 )))))))))))))))))))))))))))))))
.
.
2013-11-23 18:40 . 2013-11-23 18:40 -------- d-----w- c:\users\rod\AppData\Local\temp
2013-11-23 18:40 . 2013-11-23 18:40 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-11-23 18:40 . 2013-11-23 18:40 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-11-23 14:01 . 2013-11-23 14:01 485920 ----a-w- c:\windows\system32\nvusmb.exe
2013-11-23 14:01 . 2013-11-23 14:01 155648 ----a-w- c:\windows\system32\NVCOSMB.DLL
2013-11-23 13:49 . 2013-05-22 22:49 15672 ----a-w- c:\windows\system32\drivers\SmartDefragDriver.sys
2013-11-22 03:10 . 2013-11-23 14:30 -------- d-----w- c:\programdata\ProductData
2013-11-21 02:51 . 2013-11-21 02:51 -------- d-----w- c:\windows\ERUNT
2013-11-21 02:43 . 2013-11-21 02:45 -------- d-----w- C:\AdwCleaner
2013-11-20 22:54 . 2013-10-03 12:45 297984 ----a-w- c:\windows\system32\gdi32.dll
2013-11-20 22:54 . 2013-10-03 12:45 993792 ----a-w- c:\windows\system32\crypt32.dll
2013-11-20 22:54 . 2013-10-11 02:08 444928 ----a-w- c:\windows\system32\IKEEXT.DLL
2013-11-20 22:54 . 2013-10-11 02:07 596480 ----a-w- c:\windows\system32\FWPUCLNT.DLL
2013-11-20 07:07 . 2013-11-20 22:23 -------- d-----w- C:\FRST
2013-11-16 12:29 . 2013-11-16 12:29 -------- d-----w- c:\program files\IObit Apps Toolbar(54)
2013-11-05 01:16 . 2013-08-16 17:56 216064 ----a-w- c:\windows\system32\gcapi_dll.dll
2013-11-01 01:09 . 2013-11-19 02:04 -------- d-----w- c:\program files\IObit Toolbar
2013-10-27 21:18 . 2013-10-27 21:18 -------- d-----w- c:\users\rod\AppData\Local\LG Electronics
2013-10-27 21:17 . 2013-10-27 21:17 -------- d-----w- c:\program files\MSXML 4.0
2013-10-27 19:33 . 2013-04-24 13:14 25216 ----a-w- c:\windows\system32\drivers\lgusbmodem.sys
2013-10-27 19:33 . 2013-04-24 13:14 20864 ----a-w- c:\windows\system32\drivers\lgusbdiag.sys
2013-10-27 19:33 . 2013-04-24 13:14 13056 ----a-w- c:\windows\system32\drivers\lgusbbus.sys
2013-10-27 19:33 . 2013-11-19 02:04 -------- d-----w- c:\program files\LG Electronics
2013-10-27 19:31 . 2013-10-30 01:48 -------- d-----w- C:\LGA341
2013-10-27 19:30 . 2011-05-08 01:37 655872 ----a-w- c:\windows\system32\msvcr90.dll
2013-10-27 19:30 . 2011-05-08 01:37 568832 ----a-w- c:\windows\system32\msvcp90.dll
2013-10-27 19:30 . 2011-05-08 01:37 224768 ----a-w- c:\windows\system32\msvcm90.dll
2013-10-27 19:30 . 2006-05-01 20:33 53248 ----a-w- c:\windows\system32\CommonDL.dll
2013-10-27 19:30 . 2005-10-01 13:39 44544 ----a-w- c:\windows\system32\msxml4a.dll
2013-10-27 19:29 . 2013-11-19 02:04 -------- d-----w- c:\programdata\LGMOBILEAX
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-11-23 14:01 . 2007-04-27 03:28 485920 ----a-w- c:\windows\system32\nvuninst.exe
2013-11-11 12:50 . 2013-01-30 02:08 37664 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
2013-10-10 00:46 . 2011-05-15 12:05 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-09-25 23:57 . 2013-09-25 23:57 120632 ----a-w- c:\windows\system32\drivers\avgdiskx.sys
2013-09-11 01:11 . 2013-09-11 01:11 22840 ----a-w- c:\windows\system32\drivers\avgidsshimx.sys
2013-09-09 01:12 . 2013-09-09 01:12 27448 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
2013-09-02 13:39 . 2013-09-02 13:39 176952 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2013-09-02 13:28 . 2013-09-02 13:28 145720 ----a-w- c:\windows\system32\drivers\avgidshx.sys
2013-09-02 13:28 . 2013-09-02 13:28 209208 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
2013-09-02 13:28 . 2013-09-02 13:28 223032 ----a-w- c:\windows\system32\drivers\avglogx.sys
2013-08-29 07:36 . 2013-10-10 09:17 2050048 ----a-w- c:\windows\system32\win32k.sys
2013-08-27 02:47 . 2013-10-10 09:18 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
2013-08-27 02:47 . 2013-10-10 09:18 189952 ----a-w- c:\windows\system32\d3d10core.dll
2013-08-27 02:47 . 2013-10-10 09:18 160768 ----a-w- c:\windows\system32\d3d10_1.dll
2013-08-27 02:47 . 2013-10-10 09:18 1029120 ----a-w- c:\windows\system32\d3d10.dll
2013-08-27 01:52 . 2013-10-10 09:18 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
2013-08-27 01:50 . 2013-10-10 09:18 486400 ----a-w- c:\windows\system32\d3d10level9.dll
2013-08-27 01:32 . 2013-10-10 09:18 683008 ----a-w- c:\windows\system32\d2d1.dll
2013-08-27 01:28 . 2013-10-10 09:18 1069056 ----a-w- c:\windows\system32\DWrite.dll
2013-08-27 01:28 . 2013-10-10 09:18 798208 ----a-w- c:\windows\system32\FntCache.dll
2001-11-05 12:30 . 2012-07-02 14:12 165376 ----a-w- c:\program files\UNWISE.EXE
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
2013-11-22 03:10 752448 ----a-w- c:\program files\IObit\IObit Uninstaller\UninstallExplorer32.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"Advanced SystemCare 7"="c:\program files\IObit\Advanced SystemCare 7\ASCTray.exe" [2013-11-11 2283808]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVG_UI"="c:\program files\AVG\AVG2014\avgui.exe" [2013-10-07 4908592]
"Eraser"="c:\progra~1\Eraser\Eraser.exe" [2012-05-22 980920]
"UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2010-07-04 17408]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^Users^rod^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Media Player.lnk]
backup=c:\windows\pss\Adobe Media Player.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcSoft Connection Service]
2010-10-27 23:17 207424 ----a-w- c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ECenter]
2006-11-17 21:19 17920 ----a-w- c:\dell\E-Center\EULALauncher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]
2008-01-19 07:33 125952 ----a-w- c:\windows\ehome\ehtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2013-01-31 09:01 3970848 ----a-w- c:\windows\System32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2013-01-31 09:00 108832 ----a-w- c:\windows\System32\nvmctray.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE4]
2006-10-11 15:45 75304 ----a-w- c:\program files\ScanSoft\OmniPageSE4.0\OpWareSE4.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Plex Media Server]
2013-04-03 15:08 4014760 ----a-w- c:\program files\Plex\Plex Media Server\Plex Media Server.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RIMBBLaunchAgent.exe]
2013-01-17 19:08 267792 ----a-w- c:\program files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxWatchTray]
2006-11-05 16:22 221184 ----a-w- c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
2006-09-28 16:16 185896 ----a-w- c:\program files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2008-01-19 07:33 202240 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" -start
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
.
S2 AdvancedSystemCareService7;Advanced SystemCare Service 7;c:\program files\IObit\Advanced SystemCare 7\ASCService.exe [2013-10-25 878368]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Contents of the 'Scheduled Tasks' folder
.
2013-10-10 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-31 00:46]
.
2013-11-23 c:\windows\Tasks\Driver Booster Update.job
- c:\program files\IObit\Driver Booster\AutoUpdate.exe [2013-11-23 15:12]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com
TCP: DhcpNameServer = 192.168.0.1
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-11-23 14:40
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,47,75,4a,c0,c1,fc,f0,4e,a9,f8,c6,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,47,75,4a,c0,c1,fc,f0,4e,a9,f8,c6,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2013-11-23 14:43:19
ComboFix-quarantined-files.txt 2013-11-23 18:43
ComboFix2.txt 2013-11-22 03:53
.
Pre-Run: 53,766,426,624 bytes free
Post-Run: 53,752,770,560 bytes free
.
- - End Of File - - 597ADA99C55244C60204605CCC2DBBA6
5C616939100B85E558DA92B899A0FC36


As far as the computer goes, I haven't had any problems
Everything seems to be running fine and although I haven't used it a lot since running the script, it runs perceivably faster.
Please let me know if I need to run anything else.
I have a quick question though, in running all of the tests etc., my homepage is now Google. Is there any problem with me going to the AVG toolbar, or is it problematic?

thank you for the time you are spending with me.
  • 0

Advertisements


#17
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello tulsa

I would like to see a report that combofix makes.

extra combofix report

  • push the "windows key" + "R" (between the "Ctrl" button and "Alt" Button)
  • please copy and past the following into the box
C:\Qoobox\Add-Remove Programs.txt
  • click ok

copy and paste the report into this topic for me to review

Gringo
  • 0

#18
tulsa

tulsa

    Member

  • Topic Starter
  • Member
  • PipPip
  • 33 posts
here it is Gringo:

32 bit Windows Card Reader Driver
Adobe AIR
Adobe Flash Player 10 Plugin
Adobe Flash Player 11 ActiveX
Adobe Media Player
Adobe Shockwave Player
Advanced SystemCare 7
ArcSoft PhotoStudio 5.5
ArcSoft PhotoStudio 6
Ares 2.0.9
Auslogics Duplicate File Finder
Auslogics Registry Cleaner
AVG 2014
Beauti-Tone Colour Finder 1.0
BlackBerry Desktop Software 7.1
BlackBerry Device Manager 7.0
Blue Cat's Chorus - VST
Blue Cat's Flanger - VST
Blue Cat's FreqAnalyst - VST
Blue Cat's Gain Suite - VST
Blue Cat's Phaser - VST
Blue Cat's Stereo Chorus - VST
Blue Cat's Stereo Flanger - VST
BlueCat's Digital Peak Meter - VST
Broadcom 440x 10/100 Integrated Controller
Broadcom Management Programs
Canon Easy-PhotoPrint EX
Canon MP Navigator 3.0
Canon MP160
Canon My Printer
Canon Personal Printing Guide
Canon PowerShot A1100 IS Camera User Guide
Canon Utilities CameraWindow
Canon Utilities CameraWindow DC
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
Canon Utilities Easy-PhotoPrint
Canon Utilities MyCamera
Canon Utilities MyCamera DC
Canon Utilities PhotoStitch
Canon Utilities RemoteCapture Task for ZoomBrowser EX
Canon Utilities ZoomBrowser EX
Canon ZoomBrowser EX Memory Card Utility
CCleaner
CDex extraction audio
CloudReading
Compatibility Pack for the 2007 Office system
CookletApp
D3DX10
Defraggler
Dell Driver Download Manager
Dell Support Center
Dell System Customization Wizard
Desktop Player
DIG 2.0
Driver Booster
Eraser 6.0.10.2620
foobar2000 v0.9.5.5
Foxit Reader
Game Booster 3
Google Update Helper
Harmonium VSTI FREE
HBT Otello 2.0
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
IObit Apps Toolbar v8.1
IObit Malware Fighter
IObit Toolbar v8.1
IObit Uninstaller
iZotope Ozone 3
Java 7 Update 7
Java Auto Updater
Java™ SE Runtime Environment 6
JavaFX 2.1.1
Junk Mail filter update
K-Lite Codec Pack 5.2.0 (Full)
LAME v3.98.2 for Audacity
LG Bluetooth Drivers
LG PC Suite IV
LG United Mobile Driver
LG USB WML Modem Driver
LPK25 Editor
ManageMyMobile
Media Player Classic - Home Cinema v1.5.2.3456
Media Player Codec Pack 4.0.1
MediaInfo 0.7.64
MeldaProduction MFreeEffectsBundle 7
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Office 2000 Premium
Microsoft Office Excel Viewer
Microsoft Office Word Viewer 2003
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Works
Motorola Phone Tools
MSVCRT
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
MSXML4SP2
MWSnap 3
n-Track Studio 6
n-Track Studio 7
Nomad Bundle VST
NVIDIA 3D Vision Controller Driver
NVIDIA 3D Vision Controller Driver 301.42
NVIDIA Control Panel 307.83
NVIDIA Drivers
NVIDIA Graphics Driver 307.83
NVIDIA Install Application
NVIDIA Update 1.10.8
NVIDIA Update Components
OpenRGB Version 2.10
Pdf995
PdfEdit995
Plex Media Server
Print To Go 1.0
Protected Folder
PSP VintageWarmer 1.1
Recuva
Roxio Creator Audio
Roxio Creator BDAV Plugin
Roxio Creator Copy
Roxio Creator Data
Roxio Creator DE
Roxio Creator Tools
Roxio Express Labeler
Roxio MyDVD DE
Roxio Update Manager
ScanSoft OmniPage SE 4.0
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2832407)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2861188)
Segoe UI
Shaker Maker
SigmaTel Audio
Smart Defrag 2
Soap 3.0 Toolkit
Sonic Activation Module
Sonic Foundry Sound Forge 6.0
Speccy
Studio Devil British Valve Custom v1.1
Surfing Protection
System Requirements Lab
TA Genobazz 2 VSTi
TA RECsoprano VST
TUGZip 3.4
UFile 2009
UFile 2010
UFile 2011
UFile 2012
UFile Updater 2009
UFile Updater 2010
UFile Updater 2011
UFile Updater 2012
Unlocker 1.9.2
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)
User's Guides
Veetle TV
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
Visual C++ 9.0 CRT (x86) WinSXS MSM
Visual Studio 2012 x86 Redistributables
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live MIME IFilter
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Xiph.Org Ogg Codecs 0.83.17220 32-bit
YouSendIt Express


regards,
tulsa
  • 0

#19
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello

These logs are looking allot better. But we still have some work to do.

Please print out these instructions, or copy them to a Notepad file. It will make it easier for you to follow the instructions and complete all of the necessary steps..

uninstall some programs

NOTE** Because of the cleanup process some of the programs I have listed may not be in add/remove anymore this is fine just move to the next item on the list.

You can remove these programs using add/remove or you can use the free uninstaller from Revo (Revo does allot better of a job)

Programs to remove


Java 7 Update 7
Java™ SE Runtime Environment 6
JavaFX 2.1.1

[/list]



Please download and install Revo Uninstaller Free

  • Double click Revo Uninstaller to run it.
  • From the list of programs double click on The Program to remove
  • When prompted if you want to uninstall click Yes.
  • Be sure the Moderate option is selected then click Next.
  • The program will run, If prompted again click Yes
  • when the built-in uninstaller is finished click on Next.
  • Once the program has searched for leftovers click Next.
  • Check/tick the bolded items only on the list then click Delete
  • when prompted click on Yes and then on next.
  • put a check on any folders that are found and select delete
  • when prompted select yes then on next
  • Once done click Finish.
.


Install Java:

Please go here to install Java

  • click on the Free Java Download Button
  • click on Agree and start Free download
  • click on Run
  • click on run again
  • click on install
  • when install is complete click on close



Clean Out Temp Files

  • This small application you may want to keep and use once a week to keep the computer clean.

    Download CCleaner from here CCleaner

  • Run the installer to install the application.
  • When it gives you the option to install Yahoo toolbar uncheck the box next to it.
  • Run CCleaner. default settings are fine
  • Click Run Cleaner.
  • Close CCleaner.

Run Malwarebytes

Please download Malwarebytes' Anti-Malware to your desktop.

  • Double-click mbam-setup.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to
    • Update Malwarebytes' Anti-Malware
    • and Launch Malwarebytes' Anti-Malware
  • then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform quick scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is Checked (ticked) except items in the C:\System Volume Information folder and click on Remove Selected.
  • When completed, a log will open in Notepad. please copy and paste the log into your next reply
    • If you accidently close it, the log file is saved here and will be named like this:
    • C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt

Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.




Download HijackThis

  • Go Here to download HijackThis program
  • Save HijackThis to your desktop.
  • Right Click on Hijackthis and select "Run as Admin" (XP users just need to double click to run)
  • Click on "Do A system scan and save a logfile" (if you do not see "Do A system scan and save a logfile" then click on main menu)
  • copy and paste hijackthis report into the topic


"information and logs"

  • In your next post I need the following

  • Log From MBAM
  • report from Hijackthis
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo

  • 0

#20
tulsa

tulsa

    Member

  • Topic Starter
  • Member
  • PipPip
  • 33 posts
Hi Gringo,

Here are the two log files you requested:



Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.11.24.07

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
rod :: ROD-PC [administrator]

24/11/2013 11:36:24 AM
mbam-log-2013-11-24 (11-36-24).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 233342
Time elapsed: 10 minute(s), 33 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 2
C:\Users\rod\AppData\Roaming\LatestDLMgr.exe (PUP.Optional.OpenCandy.A) -> Quarantined and deleted successfully.
C:\Users\rod\Downloads\MediaInfo_GUI_0.7.64_Windows.exe (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.

(end)






-----------------------------

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:06:37 PM, on 24/11/2013
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16520)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\AVG\AVG2014\avgui.exe
C:\Program Files\Eraser\Eraser.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil32_11_9_900_117_ActiveX.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\rod\Downloads\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~1\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2014\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [Eraser] "C:\PROGRA~1\Eraser\Eraser.exe" --atRestart
O4 - HKLM\..\Run: [UnlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe
O4 - HKLM\..\Run: [IObit Malware Fighter] "C:\Program Files\IObit\IObit Malware Fighter\IMF.exe" /autostart
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Advanced SystemCare 7] "C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - http://upload.facebo...toUploader5.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - http://gfx2.hotmail....NPUplden-ca.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.m...ash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.ad...Plus/1.6/gp.cab
O18 - Protocol: linkscanner - (no CLSID) - (no file)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 7 (AdvancedSystemCareService7) - IObit - C:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgwdsvc.exe
O23 - Service: BlackBerry Device Manager (Blackberry Device Manager) - Research In Motion Limited - C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

--
End of file - 5702 bytes


Question-
Is it wise for me to keep IObit Malware Fighter and also Malwarebytes? I believe the freeware version of Malwarebytes might be more comprehensive than the freeware verion of IObit Malware Fighter, but they are both effective. Does it matter if I have both running?

The computer seems to be running very nicely now, and once the initial scans are completed at boot-up, it seems more responsive and quicker.

Thank you
tulsa
  • 0

#21
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello

I am biased when it comes to IOBit because it was found out a couple of years ago they were stealing Malwarebytes database detections and calling it there own - you can research this yourself just google search IOBIT and malwarebytes



These logs are looking very good, we are almost done!!! Just one more scan to go.

:Remove unneeded start-up entries:

This part of the fix is purely optional
These are programs that start up when you turn on your computer but don't need to be, any of these programs you can click on their icons (or start from the control panel) and start the program when you need it. By stopping these programs you will boot up faster and your computer will work faster.

  • Run HijackThis (rightclick and run as admin)
  • Click on the Scan button
  • Put a check beside all of the items listed below (if present):

    • O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2014\avgui.exe" /TRAYONLY
      O4 - HKLM\..\Run: [Eraser] "C:\PROGRA~1\Eraser\Eraser.exe" --atRestart
      O4 - HKLM\..\Run: [UnlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
      O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

  • Close all open windows and browsers/email, etc...
  • Click on the "Fix Checked" button
  • When completed, close the application.

    NOTE**You can research each of those lines >here< and see if you want to keep them or not
    just copy the name between the brackets and paste into the search space
    O4 - HKLM\..\Run: [IntelliPoint]


Eset Online Scanner

**Note** You will need to use Internet explorer for this scan - Vista and win 7 right click on IE shortcut and run as admin

Go Eset web page to run an online scanner from ESET.

  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • click on the Run ESET Online Scanner button
  • Tick the box next to YES, I accept the Terms of Use.
    • Click Start
  • When asked, allow the add/on to be installed
    • Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings, ensure the options
    Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
  • Click Scan
  • wait for the virus definitions to be downloaded
  • Wait for the scan to finish

When the scan is complete

  • If no threats were found
  • put a checkmark in "Uninstall application on close"
  • close program
  • report to me that nothing was found

  • If threats were found
  • click on "list of threats found"
  • click on "export to text file" and save it as ESET SCAN and save to the desktop
  • Click on back
  • put a checkmark in "Uninstall application on close"
  • click on finish
  • close program
  • copy and paste the report here

Gringo
  • 0

#22
tulsa

tulsa

    Member

  • Topic Starter
  • Member
  • PipPip
  • 33 posts
Hello Gringo,

Here is the result of the ESET Scan:

C:\AdwCleaner\Quarantine\C\Program Files\Common Files\spigot\Search Settings\SearchSettings.exe.vir a variant of Win32/Toolbar.Widgi application
C:\AdwCleaner\Quarantine\C\Program Files\Common Files\spigot\Search Settings\SearchSettings64.exe.vir a variant of Win64/Toolbar.Widgi.A application
C:\AdwCleaner\Quarantine\C\Program Files\Common Files\spigot\Search Settings\wth157.dll.vir Win32/Toolbar.Widgi application
C:\AdwCleaner\Quarantine\C\Program Files\Common Files\spigot\Search Settings\wth159.dll.vir Win32/Toolbar.Widgi application
C:\AdwCleaner\Quarantine\C\Program Files\Common Files\spigot\Search Settings\wth160.dll.vir Win32/Toolbar.Widgi application
C:\AdwCleaner\Quarantine\C\Program Files\Common Files\spigot\Search Settings\wthx157.dll.vir Win64/Toolbar.Widgi.B application
C:\AdwCleaner\Quarantine\C\Program Files\Common Files\spigot\Search Settings\wthx159.dll.vir Win64/Toolbar.Widgi.B application
C:\AdwCleaner\Quarantine\C\Program Files\Common Files\spigot\Search Settings\wthx160.dll.vir Win64/Toolbar.Widgi.B application
C:\AdwCleaner\Quarantine\C\Program Files\IObit Apps Toolbar\IE\8.1\iobitappsToolbarIE.dll.vir a variant of Win32/Toolbar.Widgi application
C:\Program Files\IObit Toolbar\IE\8.1\iobitToolbarIE.dll a variant of Win32/Toolbar.Widgi application
C:\Qoobox\Quarantine\C\Users\rod\AppData\Roaming\Other.res.vir a variant of Win32/Kryptik.BPHY trojan

Hopefully we can get rid of these.

regards,
tulsa
  • 0

#23
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello tulsa

There are some minor things in your online scan that should be removed.


delete files

  • Copy all text in the code box (below)...to Notepad.
    @echo off
    rd /s /q "C:\AdwCleaner\"
    C:\Program Files\IObit Toolbar\IE\8.1\iobitToolbarIE.dll"
    del %0
  • Save the Notepad file on your desktop...as delfile.bat... save type as "All Files"
    It should look like this: Posted Image<--XPPosted Image<--vista
  • Double click on delfile.bat to execute it.
    A black CMD window will flash, then disappear...this is normal.
  • The files and folders, if found...will have been deleted and the "delfile.bat" file will also be deleted.


The rest of the Online scan is only reporting backups created during the course of this fix C:\Qoobox\Quarantine\, and/or items located in System Restore's cache C:\System Volume Information\, Whatever is in these folders can't harm you unless you choose to perform a manual restore. the following steps will remove these backups.




Very well done!! This is my general post for when your logs show no more signs of malware - Please let me know if you still are having problems with your computer and what these problems are.


:Why we need to remove some of our tools:

Some of the tools we have used to clean your computer were made by fellow malware fighters and are very powerful and if used incorrectly or at the wronge time can make the computer an expensive paper weight.
They are updated all the time and some of them more than once a day so by the time you are ready to use them again they will already be outdated.

The following procedures will implement some cleanup procedures to remove these tools. It will also reset your System Restore by flushing out previous restore points and create a new restore point. It will also remove all the backups our tools may have made.
:DeFogger:

Note** Defogger only needs to be run if it was run when we first started. If you have not already run it then skip this.

  • To re-enable your Emulation drivers, double click DeFogger to run the tool.
  • The application window will appear
  • Click the Re-enable button to re-enable your CD Emulation drivers
  • Click Yes to continue
  • A 'Finished!' message will appear
  • Click OK
  • DeFogger will now ask to reboot the machine - click OK.
Your Emulation drivers are now re-enabled.

:Uninstall ComboFix:

  • turn off all active protection software
  • push the "windows key" + "R" (between the "Ctrl" button and "Alt" Button)
  • please copy and past the following into the box ComboFix /Uninstall and click OK.
  • Note the space between the X and the /Uninstall, it needs to be there.
  • Posted Image

:Remove the rest of our tools:

Please download OTCleanIt and save it to desktop. This tool will remove all the tools we used to clean your pc.
  • Double-click OTCleanIt.exe.
  • Click the CleanUp! button.
  • Select Yes when the "Begin cleanup Process?" prompt appears.
  • If you are prompted to Reboot during the cleanup, select Yes.
  • The tool will delete itself once it finishes, if not delete it by yourself.
  • If asked to restart the computer, please do so
Note: If you receive a warning from your firewall or other security programs regarding OTCleanIt attempting to contact the internet, please allow it to do so.



:The programs you can keep:

Some of the programs that we have used would be a good idea to keep and used often in helping to keep the computer clean. I use these programs on my computer.

Revo Uninstaller Free - this is the uninstaller that I had you download and works allot better than add/remove in windows and has saved me more than once from corrupted installs and uninstalls

CCleaner - This is a good program to clean out temp files, I would use this once a week or before any malware scan to remove unwanted temp files - It has a built in registry cleaner but I would leave that alone and not use any registry cleaner

Malwarebytes' Anti-Malware The Gold standerd today in antimalware scanners

:Security programs:

One of the questions I am asked all the time is "What programs do you use" I have at this time 4 computers in my home and I have this setup on all 4 of them.

  • Microsoft Security Essentials - provides real-time protection for your home PC that guards against viruses, spyware, and other malicious software.
  • WinPatrol As a robust security monitor, WinPatrol will alert you to hijackings, malware attacks and critical changes made to your computer without your permission. WinPatrol takes snapshot of your critical system resources and alerts you to any changes that may occur without your knowledge.
  • Malwarebytes' Anti-Malware Malwarebytes' Anti-Malware is a new and powerful anti-malware tool. It is
    totally free but for real-time protection you will have to pay a small one-time fee. We used this to help clean your computer and recomend keeping it and using often. (I have upgraded to the paid version of MBAM and I am glad I did)


    Note** If you decide to install MSE you will need to uninstall your present Antivirus

:Security awareness:


It is good security practice to change your passwords to all your online accounts on a fairly regular basis, this is especially true after an infection. Refer to this Microsoft article
Strong passwords: How to create and use them
Then consider a password keeper, to keep all your passwords safe. KeePass is a small utility that allows you to manage all your passwords.

As Java seems to get exploited on a daily basis I advise to disable java in your web browsers - How to disable java in your web browsers - Disable Java


The other question I am asked all the time is "How can I prevent this from happening again." and the short answer to that is to be aware of what is out there and how to start spotting dangers.

Here are some articles that are must reads and should be read by everybody in your household that uses the internet

internetsafety

Internet Safety for Kids

Here is some more reading for you from some of my colleges

PC Safety and Security - What Do I Need? from my friends at Tech Support Forum

COMPUTER SECURITY - a short guide to staying safer online from my friends at Malware Removal

quoted from Tech Support Forum

Conclusion

There is no such thing as 'perfect security'. This applies to many things, not just computer systems. Using the above guide you should be able to take all the reasonable steps you can to prevent infection. However, the most important part of all this is you, the user. Surf sensibly and think before you download a file or click on a link. Take a few moments to assess the possible risks and you should be able to enjoy all the internet has to offer.


I'd be grateful if you could reply to this post so that I know you have read it and, if you've no other questions, the thread can then be closed.

I Will Keep This Open For About Three Days, If Anything Comes Up - Just Come Back And Let Me Know, after that time you will have to send me a PM

My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->Posted Image<-- Don't worry every little bit helps.

Gringo
  • 0

#24
tulsa

tulsa

    Member

  • Topic Starter
  • Member
  • PipPip
  • 33 posts
Gringo, thank you for your time and effort. Everything is working nicely. Thanks for the helpful advice as well. I'm going to re-think my anti-virus and try to protect myself better.
I'll watch how things go for the next couple of days, but I think you managed to nail everything down.

kindest regards,
tulsa
  • 0

#25
tulsa

tulsa

    Member

  • Topic Starter
  • Member
  • PipPip
  • 33 posts
Gringo;

I made a small donation to you for helping me. Not a lot, I know, but hope it helps.

regards,

tulsa
  • 0

Advertisements


#26
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Thank you and you are more than welcome

gringo
  • 0

#27
tulsa

tulsa

    Member

  • Topic Starter
  • Member
  • PipPip
  • 33 posts
gringo

You mentioned several good programs to use for security. I am currently using different ones, but want to change to the ones you suggested. Is it advisable for me to run OTCleaner after I've uninstalled the current ones?

tulsa
  • 0

#28
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
OT cleaner will only clean out some tools we use - what you would want to use is the CCleaner the temp file cleaner


gringo
  • 0

#29
tulsa

tulsa

    Member

  • Topic Starter
  • Member
  • PipPip
  • 33 posts
Ok thank you. I have an up to date version of CCleaner installed and use it all the time.
I believe I'm good to go.

regards,

tulsa
  • 0

#30
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
you are more than welcome


gringo
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP