Adware Commanddesktop

[Shaba]

Hi

Yes that is fine

Empty these folders:

C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\
C:\Documents and Settings\Heather\.housecall6.6\Quarantine
C:\Documents and Settings\Heather\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar

Empty Recycle Bin

Still problems?

[gomper01]

Came home yesterday and started Trend Micro up again. I did pull 7 infections but only showed 6 types of cookies. Ran another complete scan and it came back clean. Haven't seen that in a long time. Ran Ad Aware and AVG too. Going to run Trend Micro one more time just to see if there is anything else.

If I am clean, I will be closing down my computer until my PC Cillian (Internet Security 2008) gets here and then loaded up on my computer. Then I will fill a little more comfortable and secure manuevering around the internet again. Should I leave AVG, Ad Adware, Spybot, and Combo Fix on my computer before I load PC Cillian?

Not sure how I can repay you for the sanity that you have returned back to my life. Thank you for your patience in my lack of computer skills. Thank you for this forum (which is now in my favorites forever). I can't thank you enough. Thank you thank you thank you.

[Shaba]

Hi

"Should I leave AVG, Ad Adware, Spybot, and Combo Fix on my computer before I load PC Cillian? "

We remove combofix in next step but you can keep rest, yes.

Now that you are clean, please follow these simple steps in order to keep your computer clean and secure:

Looking over your log, it seems you don't have any evidence of a third party firewall.

As the term conveys, a firewall is an extra layer of security installed onto computers, which restricts access to systems from the outside world. Firewalls protect against hackers and malicious intruders. I want you to download a free firewall NOW from one of these excellent vendors:

1) Comodo
2) Online Armor
3) Sunbelt/Kerio
4) Agnitum
5) ZoneAlarm (uncheck ZoneAlarm Spy Blocker during installation if you choose this one)

If you are using the built-in Windows XP firewall, it is not recommended as it does not block outgoing connections. This means that any malware on your computer is free to "phone home" for more instructions. Simply put, Windows XP contains a mediocre firewall. This firewall is NO replacement for a dedicated software solution. Remember to use only one firewall at the same time.

Next we remove all used tools.

Please download OTMoveIt and save it to desktop.

• Double-click OTMoveIt.exe.
• Click the CleanUp! button.
• Select Yes when the "Begin cleanup Process?" prompt appears.
• If you are prompted to Reboot during the cleanup, select Yes.
• The tool will delete itself once it finishes, if not delete it by yourself.

Note: If you receive a warning from your firewall or other security programs regarding OTMoveIt attempting to contact the internet, please allow it to do so.

• Disable and Enable System Restore. - If you are using Windows XP then you should disable and re-enable system restore to make sure there are no infected files found in a restore point.
  
  You can find instructions on how to enable and re-enable system restore here:
  
  Windows XP System Restore Guide

Re-enable system restore with instructions from tutorial above

• Make your Internet Explorer more secure - This can be done by following these simple instructions:
• From within Internet Explorer click on the Tools menu and then click on Options.
• Click once on the Security tab
• Click once on the Internet icon so it becomes highlighted.
• Click once on the Custom Level button.
• Change the Download signed ActiveX controls to Prompt
  
• Change the Download unsigned ActiveX controls to Disable
  
• Change the Initialize and script ActiveX controls not marked as safe to Disable
  
• Change the Installation of desktop items to Prompt
  
• Change the Launching programs and files in an IFRAME to Prompt
  
• Change the Navigate sub-frames across different domains to Prompt
  
• When all these settings have been made, click on the OK button.
  
• If it prompts you as to whether or not you want to save the settings, press the Yes button.
• Next press the Apply button and then the OK to exit the Internet Properties page.

• Update your AntiVirus Software - It is imperitive that you update your Antivirus software at least once a week (Even more if you wish). If you do not update your antivirus software then it will not be able to catch any of the new variants that may come out.
  
  
• Visit Microsoft's Windows Update Site Frequently - It is important that you visit http://www.windowsupdate.com regularly. This will ensure your computer has always the latest security updates available installed on your computer. If there are new updates to install, install them immediately, reboot your computer, and revisit the site until there are no more critical updates.
  
• Install SpywareBlaster - SpywareBlaster will added a large list of programs and sites into your Internet Explorer settings that will protect you from running and downloading known malicious programs.
  
  A tutorial on installing & using this product can be found here:
  
  Using SpywareBlaster to protect your computer from Spyware and Malware
  
  
• Update all these programs regularly - Make sure you update all the programs I have listed regularly. Without regular updates you WILL NOT be protected when new malicious programs are released.

Follow this list and your potential for being infected again will reduce dramatically.

Here are some additional utilities that will enhance your safety

• MVPS Hosts file <= The MVPS Hosts file replaces your current HOSTS file with one containing well know ad sites etc. Basically, this prevents your computer from connecting to those sites by redirecting them to 127.0.0.1 which is your local computer
• Google Toolbar <= Get the free google toolbar to help stop pop up windows.
• Comodo BOCLEAN <= Stop identity thieves from getting personal information. Instantly detects well over 1,000,000 unique, variant and repack malware in total. And it's free.
• Winpatrol <= Download and install the free version of Winpatrol. a tutorial for this product is located here:
  Using Winpatrol to protect your computer from malicious software

Stand Up and Be Counted ---> Malware Complaints <--- where you can make difference!

The site offers people who have been (or are) victims of malware the opportunity to document their story and, in that way, launch a complaint against the malware and the makers of the malware.

Also, please read this great article by Tony Klein So How Did I Get Infected In First Place

Happy surfing and stay clean!

[gomper01]

Choose Comodo for firewall. Chose Basic user because I feel far from an Advance User.

Did OTMoveIt and it worked like a charm. Freaked me out at first because my desktop icons seemed out of place but then I realized which one had been removed.

System Restore was already turned back on. Just in case it had turned back on before the "good" changes/cleanup had happned...I "disabled" it, "apply", back out and went back in and "enabled" it back. I hope that was the proper procedure.

Went through all the Internet Explorer settings and all of them were okay except "Navigate sub-frames across different domains" which was changed to Prompt and then "Apply".

Was hoping to have PC Cillian on this weekend but Best Buy sent me Norton 360 instead of PC Cillian. Should be here by the end of the week so will have that installed as soon as it gets here. Won't feel comfortable checking banking and email accounts until that is installed and running. I have set AVG to update regularly. Will manually update Spybot and Spyware Blaster at least once or a few times a week.

Went to Microsoft Update site and made sure I had all the latest updates and it said I was good.

Running Google toolbar now and went ahead and did the Comodo BOCLEAN. Will update BOCLEAN when I do the other ones too.

All that is left from your checklist is MVPS Hosts file and Winpatrol. Will finish those out later tonight.

Off to reading all the "So how did I get infected". I have been playing the "ah I don't need it" game for awhile but I HAVE MUCH LEARNED MY LESSON on that one.

Thank you for guiding me through all the procedures and downloads with much patience. You are my hero of the day, month, and year.

Thanks so much!

[Shaba]

Since this issue appears resolved ... this Topic is closed. Glad I could help.

If you need this topic reopened, please request this by sending the moderating team
a PM with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic.