Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

something causing various problems


  • Please log in to reply

#46
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,699 posts
  • MVP
I guess we are done then.

You can uninstall or delete any tools we had you download and their logs.
To uninstall combofix, copy the next line:

"%userprofile%\Desktop\george.exe" /Uninstall

Start, Run, cmd, OK then right click, Paste, then hit Enter.

To hide hidden files again:

XP

# Close all programs so that you are at your desktop.
# Double-click on the My Computer icon.
# Select the Tools menu and click Folder Options.
# After the new window appears select the View tab.
# Uncheck the checkbox labeled Display the contents of system folders.
# Under the Hidden files and folders section select the 'Hide protected operating system files (recommended)' option.
# Check the checkbox labeled Hide protected operating system files.
# Press the Apply button and then the OK button and shutdown My Computer.

You do not have the latest Java (Java™ 6 Update 24 or maybe even 25 by now). Get the latest at:

http://javadl.sun.co...?BundleId=41723

Save it to your PC then close all browsers and install it.

Once you install it, go into Control Panel, Add/Remove Software and remove any old versions (which may call themselves: Java Runtime, Runtime Environment, Runtime, JRE, Java Virtual Machine, Virtual Machine, Java VM, JVM, VM, J2RE, J2SE)
I see:
Java™ 6 Update 22 which is new enough that it should be removed automatically. If you use Firefox go into tools, Add-ons and make sure that CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA is not enabled. CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA is OK but 0022 should be disabled or uninstalled. Java seems to have a real problem removing the old consoles from Firefox. Having multiple Java consoles will make Firefox very sluggish and slow to start.


Also make sure you have the latest versions of any adobe.com products you use like Shockwave, Flash or Acrobat. Adobe is fond of foisting GetPlus on you. You can let them install it and then afterwards, go into Control Panel, Add/Remove Software and remove it. It probably doesn't hurt to leave it but I don't see the need for it and it has caused problems in the past.

Whether you use adobe reader, acrobat or fox-it to read pdf files you need to disable Javascript in the program. There is an exploit out there now that can use it to get on your PC. For Adobe Reader: Start, All Programs, Adobe Reader, Edit, Preferences, Click on Javascript in the left column and uncheck Enable Acrobat Javascript. OK Close program. It's the same for Foxit reader except you uncheck Enable Javascript Actions.

I recommend you install the free WinPatrol from http://www.winpatrol.com/download.html

It's a small program that will sit in your systray and warn you if something tries to make changes to your system.

If you use USB drives you might want to install Autorun Eater v2.5.
http://download.cnet...4-10752777.html
Another small program which will stay resident and prevent an infected USB drive from infecting your PC.

If you use Firefox then get the AdBlock Plus Add-on. WOT (Web of Trust) is another you might want to try.
The equivalent to AdBlock Plus for IE is called Simple Adblock and you should install it too: Adhttp://simple-adblock.com/

If Firefox is slow loading make sure it only has the current Java add-on. Then download and run Speedy Fox.
http://www.crystalidea.com/speedyfox. It seems to work best if you reboot right after running it. You can run it any time that Firefox seems slow.

Be warned: If you use Limewire, utorrent or any of the other P2P programs you will almost certain be coming back to the Malware Removal forum. If you must use P2P then submit any files you get to http://virustotal.com before you open them.

If you install the MVP Hosts file:
http://www.mvps.org/...p2002/hosts.htm
it will keep you from going to most bad sites. You do not need Spybot's Immunize which does the same thing.

If you have a router, log on to it today and change the default password! If using a Wireless router you really should be using encryption on the link. Use the strongest (newest) encryption method that your router and PC wireless adapter support especially if you own a business. See http://www.king5.com...-120637284.html and http://www.seattlepi...ted-1344185.php for why encryption is important. If you don't know how, visit the router maker's website. They all have detailed step by step instructions or a wizard you can download.

Ron
  • 0

Advertisements


#47
General Field Marshal

General Field Marshal

    Member

  • Topic Starter
  • Member
  • PipPip
  • 71 posts
The combofix uninstall line didn't work
  • 0

#48
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,699 posts
  • MVP
You did not rename it or move it to your desktop which my canned uninstall assumed.

Try this one:

"c:\documents and settings\Primo\My Documents\Downloads\ComboFix.exe" /Uninstall
  • 0

#49
General Field Marshal

General Field Marshal

    Member

  • Topic Starter
  • Member
  • PipPip
  • 71 posts
Running this command triggers an Avast security recommend that I open the application in the Avast sandbox. How should I proceed?
  • 0

#50
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,699 posts
  • MVP
We don't want to run this in sandbox. It needs to be run as administrator so it can uninstall itself.
  • 0

#51
General Field Marshal

General Field Marshal

    Member

  • Topic Starter
  • Member
  • PipPip
  • 71 posts
How should I proceed then?
  • 0

#52
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,699 posts
  • MVP
IF you can't tell it to not put it in the sandbox then turn off the sandbox:

Click on the Avast Ball. Select Additional Protection, AutoSandbox, Settings, uncheck Enable Sandbox, OK. Then try it again.

Ron
  • 0

#53
General Field Marshal

General Field Marshal

    Member

  • Topic Starter
  • Member
  • PipPip
  • 71 posts
OK, done! I've already implemented many of your suggestions. Anything else?
  • 0

#54
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,699 posts
  • MVP
I'd go back into Avast and check the Enable AutoSandbox.

Recently learned that Quicktime needs to be updated if you have it.

Ron
  • 0

#55
General Field Marshal

General Field Marshal

    Member

  • Topic Starter
  • Member
  • PipPip
  • 71 posts
Done! Is that all?
  • 0

Advertisements


#56
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,699 posts
  • MVP
I guess that's it.

Ron
  • 0

#57
General Field Marshal

General Field Marshal

    Member

  • Topic Starter
  • Member
  • PipPip
  • 71 posts
Thank you very, very much!!! :)
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP