Here is the 1 threat found:
C:\Users\Lauren & Sineca\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\23230634-687a5212 Java/Exploit.Agent.NBI trojan deleted - quarantined
Here is the 1 threat found:
C:\Users\Lauren & Sineca\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\23230634-687a5212 Java/Exploit.Agent.NBI trojan deleted - quarantined
Good job: Eset seems to have taken care of the last infection.
Now that you’re free from malware, as long as your computer seems to be running well, please follow these simple steps to tidy up you computer and decrease the likelihood of getting infected again:
You can delete the DDS and aswMBR logs and programs from your desktop.
Uninstall Combofix
Follow these steps to uninstall Combofix
- click START then RUN
- now type Combofix /uninstall in the runbox and click OK.
Note the space between the X and the /, it needs to be there.
- please follow the prompts to uninstall Combofix.
- once it's finished uninstalling itself you will receive a message saying Combofix was uninstalled successfully.
===================================================
Uninstall OTL
- Double-click OTL.exe
- Click the CleanUp! button.
- Select Yes when the Begin cleanup Process? prompt appears.
- If you are prompted to reboot during the cleanup, select Yes.
- The tool will delete itself once it finishes, if not delete it by yourself.
NOTE: If you receive a warning from your firewall or other security programs regarding OTL attempting to contact the internet, please allow it to do so.
You can just delete all other logs and programs we’ve used that are on your desktop. Just click on them and press Delete.
===================================================
Uninstall and update Java
The version you have is old and therefore vulnerable to infections
Remove all versions of Java or JRE environment
- From the Start menu, select Control Panel.
- In Classic View, double-click Programs and Features. In Control Panel Home view, under "Programs", click Uninstall a program.
- Select the program you want to remove, and click Uninstall. Alternatively, right-click the program and select Uninstall.
Install the latest version of Java from here
===================================================
Recommended programs
SpywareBlaster. SpywareBlaster protects against bad ActiveX, it immunizes your PC against them. It blocks over 11,000 bad sites and uses no resources of your computer.
===================================================
Install Spybot - Search and Destroy - Download and install Spybot Search and Destroy which provides real time spyware and hijacker protection .
There were remnants of it on your machine but it is no longer installed.
A tutorial on installing and using SS&D can be found here
You should scan your computer with the program on a regular basis as you would with your anti-virus software.
===================================================
Update and run Malwarebytes. This really is an excellent program that you should also update and run on a regular basis, probably weekly.
===================================================
It’s important to keep programs up to date so that malware doesn't exploit any old security flaws.
FileHippo Update Checker is an extremely helpful program that will tell you which of your programs need to be updated.
===================================================
MVPS Hosts file replaces your current HOSTS file with one containing well known ad sites and other bad sites. Basically, this prevents your computer from connecting to those sites by redirecting them to 127.0.0.1 which is your local computer, meaning it will be difficult to infect yourself in the future.
===================================================
I also recommend that you read the following:
How to prevent malware by miekiemoes
Safe computing
Satchfan
Last edited by Satchfan; 2012-05-11 at 09:30.
Thank you for all of your help.During this process, on the other user account, some files popped up on the desktop. I'm assuming these came from the "unhide" program, do I just go ahead and re-hide them, or delete them?
You are very welcome.Thank you for all of your help.
Yes. If you need instructions, let me know.do I just go ahead and re-hide them
Regards
Satchfan
Posting Permissions
