[Crossover]

Hi!

 

The computer is muchhhh better right now, I dont know if this it´s a good thing or not, but before doing all this process I had a bunch of connections typing the command netstat -n, now I only have the 127.0.0.1 connetions, that it s nice!

 

This is the info of the ESET

 

E:\Documents and Settings\All Users\Datos de programa\InstallMate\{E686893F-6C27-4B48-A9A3-24053D65ABC9}\Custom.dll    a variant of Win32/InstalleRex.T potentially unwanted application    deleted - quarantined
E:\Documents and Settings\Reparaciones RPM\Mis documentos\Descargas\164297942 hyundai accent manual de taller 1994 1999 pdf.exe    Win32/InstalleRex.I potentially unwanted application    deleted - quarantined
E:\Documents and Settings\Reparaciones RPM\Mis documentos\Descargas\vso-image-resizer-4-1-0-2-es-en-win-setup.exe    Win32/InstallCore.BK.Gen potentially unwanted application    deleted - quarantined
E:\Documents and Settings\Reparaciones RPM\Mis documentos\Downloads\vso-image-resizer-4-1-0-2-es-en-win.exe    Win32/Adware.Linkular.AB application    cleaned by deleting - quarantined
E:\Qoobox\Quarantine\C\autorun.inf.vir    Win32/PSW.OnLineGames.NNU trojan    cleaned by deleting - quarantined
E:\Qoobox\Quarantine\E\WINDOWS\Installer\{523EA17F-C4BB-49AB-94AD-D13674994194}\syshost.exe.vir    a variant of Win32/Kryptik.COVB trojan    cleaned by deleting - quarantined
E:\Qoobox\Quarantine\E\WINDOWS\system32\drivers\57266cb3b1823a7e.sys.vir    a variant of Win32/Rootkit.Kryptik.ZL trojan    cleaned by deleting - quarantined
E:\System Volume Information\_restore{8B70DBB6-7BD4-47E4-9B90-B54C9B79DF79}\RP955\A0125360.sys    a variant of Win32/Rootkit.Kryptik.ZL trojan    cleaned by deleting - quarantined
E:\System Volume Information\_restore{8B70DBB6-7BD4-47E4-9B90-B54C9B79DF79}\RP958\A0126199.exe    a variant of Win32/Kryptik.COVB trojan    cleaned by deleting - quarantined
 

Shall I need to do something else?

 

thank u.

[Advertisements]

Hello again Crossover,
 

The computer is muchhhh better right now

That is very good news.
 

I dont know if this it´s a good thing or not, but before doing all this process I had a bunch of connections typing the command netstat -n, now I only have the 127.0.0.1 connetions, that it s nice!

I am not a techie but I believe netstat (network statistics) is a command line tool for monitoring network connections both incoming and outgoing as well as viewing routing tables, interface statistics etc. May have been related to one of the programs we have removed or maybe the malware used it for it's purposes.

127.0.0.1 is explained here, that is safe.

Now

 

With the sorts of infections your computer had your machine has likely been accessed from an outside source. Change passwords on all sites you use and make sure you check any banking and credit card accounts you accessed with the infected machine.

 

Also

 

I don't see an anti-virus program on your machine. I think it very important to have some protection on your computer.

Here are three good anti-virus programs free for personal use:
 

• Avast
• Avira Free Antivirus  (Note: during installation be sure to click the button "No Thanks" to the offer of Secure your Web Searches with Avira Safe Search. It is partnered with the ASK search engine which is not recommended)
• Microsoft Security Essentials

If you want the least amount of interference in what you are doing on your machine then in your case I would recommend Microsoft Security Essentials (it is the one I have on my machine) but up to you.

Finally

I think you are good to go now.

We have a couple of last steps to perform and then you're all set.

Follow these steps to uninstall Combofix. This will also clean out and reset your Restore Points.

• Press the Windows Key and R on your keyboard. This will bring up the Run window.
• Now type Combofix /Uninstall in the runbox  and click OK.  Note the space between the X and the U, it needs to be there.

• Follow the prompts to uninstall Combofix.

Once done you will receive a message saying Combofix was uninstalled successfully.

Step 2

To clear away the remaining tools we have been using download Delfix from here. You will be taken to the download page. Just wait and shortly the download will appear.

Put a check (tick) in the following boxes:
 

• Remove disinfection tools
  
  Then click Run

The tool will run for a short time. When completed a notepad window will open with a log. Please copy and paste the log back here.

Any remaining tools may be deleted.

-------------------------------------------------------------------------------------------------------------------

A reminder:  Remember to (re-install if uninstalled during cleaning) update and turn back on any anti-malware programs you may have turned off during the cleaning process.
-------------------------------------------------------------------------------------------------------------------

Here are some things that I think are worth having a look at if you don't already know about them:

---------------------------------------------------------------------------------------------------------------------

It is good security practice to change your passwords to all your online accounts on a fairly regular basis, this is especially true after an infection. Refer to this Microsoft article Strong passwords: How to create and use them.

----------------------------------------------------------------------------------------------------------------------

So many of us use Facebook nowadays. Go here for a guide to Facebook security.

-----------------------------------------------------------------------------------------------------------------------

Java warning

Java is a popular point of entry to your computer for malicious programs. Unless you need it to run an important software the safest approach is to completely uninstall Java. Where you do require it, then the next safest option is to disable it in your browsers until you need it, then enable it.

How to disable Java in your web browser and How to unplug Java from the browser

If you do still need Java then regularly check that it is up to date. Older versions are the most vulnerable to malicious attack.
 

• Download Java for Windows
  
  Reboot your computer.
  You also need to unininstall older versions of Java.
  
     
• Click Start > Control Panel > Add or Remove Programs
     
• Remove all Java updates except the latest one you have just installed.

--------------------------------------------------------------------------------------------------------------------

CryptoLocker Warning

There is a particularly nasty infection out there at the moment.

Go here for information about CryptoLocker Ransomeware

Download CryptoPrevent free for home use.

--------------------------------------------------------------------------------------------------------------------

To help protect your computer in the future:



If you do not already have automatic updates set then it is recommended that you do set Windows to check, download and install your updates automatically.

    * Click Start > Control Panel > System and Security > Windows Update
    * Under Windows Update click on Turn automatic updating on or off
    * Check items shown to ensure you receive updates automatically. Click OK.

Be aware of what emails you open and websites you visit.

Go here for some good advice about how to prevent infection.

For some common sense advice about protecting your computer read How to boost your malware defense and protect your PC

A fun way to check your online safety literacy.

Quiz - getsafeonline

Have a safe and happy computing day!
 

 

[emeraldnzl]

Hello again Crossover,
 

The computer is muchhhh better right now

That is very good news.
 

I dont know if this it´s a good thing or not, but before doing all this process I had a bunch of connections typing the command netstat -n, now I only have the 127.0.0.1 connetions, that it s nice!

I am not a techie but I believe netstat (network statistics) is a command line tool for monitoring network connections both incoming and outgoing as well as viewing routing tables, interface statistics etc. May have been related to one of the programs we have removed or maybe the malware used it for it's purposes.

127.0.0.1 is explained here, that is safe.

Now

 

With the sorts of infections your computer had your machine has likely been accessed from an outside source. Change passwords on all sites you use and make sure you check any banking and credit card accounts you accessed with the infected machine.

 

Also

 

I don't see an anti-virus program on your machine. I think it very important to have some protection on your computer.

Here are three good anti-virus programs free for personal use:
 

• Avast
• Avira Free Antivirus  (Note: during installation be sure to click the button "No Thanks" to the offer of Secure your Web Searches with Avira Safe Search. It is partnered with the ASK search engine which is not recommended)
• Microsoft Security Essentials

If you want the least amount of interference in what you are doing on your machine then in your case I would recommend Microsoft Security Essentials (it is the one I have on my machine) but up to you.

Finally

I think you are good to go now.

We have a couple of last steps to perform and then you're all set.

Follow these steps to uninstall Combofix. This will also clean out and reset your Restore Points.

• Press the Windows Key and R on your keyboard. This will bring up the Run window.
• Now type Combofix /Uninstall in the runbox  and click OK.  Note the space between the X and the U, it needs to be there.

• Follow the prompts to uninstall Combofix.

Once done you will receive a message saying Combofix was uninstalled successfully.

Step 2

To clear away the remaining tools we have been using download Delfix from here. You will be taken to the download page. Just wait and shortly the download will appear.

Put a check (tick) in the following boxes:
 

• Remove disinfection tools
  
  Then click Run

The tool will run for a short time. When completed a notepad window will open with a log. Please copy and paste the log back here.

Any remaining tools may be deleted.

-------------------------------------------------------------------------------------------------------------------

A reminder:  Remember to (re-install if uninstalled during cleaning) update and turn back on any anti-malware programs you may have turned off during the cleaning process.
-------------------------------------------------------------------------------------------------------------------

Here are some things that I think are worth having a look at if you don't already know about them:

---------------------------------------------------------------------------------------------------------------------

It is good security practice to change your passwords to all your online accounts on a fairly regular basis, this is especially true after an infection. Refer to this Microsoft article Strong passwords: How to create and use them.

----------------------------------------------------------------------------------------------------------------------

So many of us use Facebook nowadays. Go here for a guide to Facebook security.

-----------------------------------------------------------------------------------------------------------------------

Java warning

Java is a popular point of entry to your computer for malicious programs. Unless you need it to run an important software the safest approach is to completely uninstall Java. Where you do require it, then the next safest option is to disable it in your browsers until you need it, then enable it.

How to disable Java in your web browser and How to unplug Java from the browser

If you do still need Java then regularly check that it is up to date. Older versions are the most vulnerable to malicious attack.
 

• Download Java for Windows
  
  Reboot your computer.
  You also need to unininstall older versions of Java.
  
     
• Click Start > Control Panel > Add or Remove Programs
     
• Remove all Java updates except the latest one you have just installed.

--------------------------------------------------------------------------------------------------------------------

CryptoLocker Warning

There is a particularly nasty infection out there at the moment.

Go here for information about CryptoLocker Ransomeware

Download CryptoPrevent free for home use.

--------------------------------------------------------------------------------------------------------------------

To help protect your computer in the future:



If you do not already have automatic updates set then it is recommended that you do set Windows to check, download and install your updates automatically.

    * Click Start > Control Panel > System and Security > Windows Update
    * Under Windows Update click on Turn automatic updating on or off
    * Check items shown to ensure you receive updates automatically. Click OK.

Be aware of what emails you open and websites you visit.

Go here for some good advice about how to prevent infection.

For some common sense advice about protecting your computer read How to boost your malware defense and protect your PC

A fun way to check your online safety literacy.

Quiz - getsafeonline

Have a safe and happy computing day!
 

 

[Crossover]

Thx so much!!

 

I ll follow all your advices!

 

Is your Paypal account in your signature valid yet? I wanna contribute

 

thx.

[emeraldnzl]

 

Thx so much!!

 

You are very welcome.

 

I will keep this topic open for a day or two in case any issues arise.