fraud.windows protection & redirect infection

Status
Not open for further replies.
Hi
OK, first let's get rid of the remnants of Symantec:
Visit the following website & choose the Norton removal Tool that is appropriate to the product you had installed:
http://www.symantec.com/norton/supp...e=public_web&docurl=20080710133834EN&ln=en_US

The download & install one of the following free Anti-virus products.

Anti-virus
Anti-virus software are programs that detect, cleanse, and erase harmful virus files on a computer, Web server, or network. Unchecked, virus files can unintentionally be forwarded to others, including trading partners and thereby spreading infection. Because new viruses regularly emerge, anti-virus software should be updated frequently. Anti-virus software can scan the computer memory and disk drives for malicious code. They can alert the user if a virus is present, and will clean, delete (or quarantine) infected files or directories. Download a free anti-virus software from one these excellent vendors NOW:

1) Microsoft Security Essentials - Microsoft Security Essentials provides real-time protection for your home PC that guards against viruses, spyware, and other malicious software.
2) Antivir PersonalEdition Classic- Free anti-virus software for Windows. Detects and removes more than 50,000 viruses. Free support.
3) avast! 4 Home Edition - Anti-virus program for Windows. The home edition is freeware for noncommercial users.

Your computer must have only ONE anti-virus program installed at any time. Having more than one anti-virus program installed & active will cause program conflicts, false virus alerts, and system crashes.

Clean Up
Now we need to clear out the programs we've been using to clean up your computer, they are not suitable for general malware removal and could cause damage if used inappropriately.
Remove ComboFix
The following will implement some cleanup procedures as well as reset System Restore points:
Click Start > Run then copy/paste the following bolded text into the Run box and click OK:
ComboFix /Uninstall
  • Double-click OTM
  • Click the CleanUp! button
  • Select Yes when the Begin cleanup Process? prompt appears
  • If you are prompted to Reboot during the cleanup, select Yes
  • The tool will delete itself once it finishes, if not delete it yourself
You can delete the following from your desktop:
TFC.exe
The Gmer.exe file (it will be randomly named .exe file)
SecurityCheck.exe
Any logs that may have been saved to your desktop

Let me know how you go or of any problems before we wrap this up.
 
Ok, loaded Avast and have deleted what you've asked.

Can I still have Adaware, Spybot and Sywareblaster if I use Avast?
 
Hi

Avast should play nicely with either Ad-Aware or Spybot. Just remember the general rule of thumb is to have only one Anti-virus program & one Anti-Spyware program running with real-time protection enabled. So that would mean only having either Ad-Aware's Ad-Watch running or Spybot's TeaTimer running at once - Not Both. This should eliminate any conflicts.
Spywareblaster won't cause any conflicts at all - Spyware Blaster isn't a scanner. It writes a pre-configured set of entries into your Registry to block the installation of known unwanted activeX controls. Make sure you keep it updated.

All Clean
Congratulations, good work, your system is now clean. Now that your system is safe we would like you to keep it that way.
Take the time to follow these recommendations & it will greatly reduce the risk of further infections and greatly diminish the chances of you having to visit here again.

Create a Clean System Restore Point
Create a new, clean System Restore point which you can use in case of future system problems:
Press Start->All Programs->Accessories->System Tools->System Restore
Select Create a restore point, then Next, type a name like All Clean then press the Create button and once it's done press Close
Now remove old, infected System Restore points:
Next click Start->Run and type cleanmgr in the box and click OK
Ensure the boxes for Temporary Files & Temporary Internet Files are checked. You can choose to check other boxes if you wish but they are not required.
Select the More Options tab, under System Restore click Clean up... and click Yes to the prompt
Click OK and Yes to confirm.

Microsoft Windows Update
Microsoft releases patches for Windows and Office products regularly to patch up Windows and Office products loopholes and fix any bugs found. Install the updates immediately if they are found.
To update Windows
Go to Start > All Programs > Windows Update
To update Office
Open up any Office program.
Go to Help > Check for Updates

Malwarebytes' Anti-Malware
Malwarebytes' Anti-Malware is a new and powerful anti-malware tool. It is totally free but for real-time protection you will have to pay a small one-time fee.
You can download it here & find a tutorial here. Keep it updated & run it regularly.

Download and Install a HOSTS File
A HOSTS file is a big list of bad web sites. The list has a specific format, a specific name, (name is just HOSTS with no file extension), and a specific location. Your machine always looks at that file in that location before connecting to a web site to verify the address. So the HOSTS listing can be used to "short circuit" a request to a bad website by giving it the address of your own machine.
Install MVPS Hosts File From Here
The MVPS Hosts file replaces your current HOSTS file with one containing well know ad sites etc. Basically, this prevents your computer from connecting to those sites by redirecting them to 127.0.0.1 which is your local computer.
You can Find the Tutorial HERE

Web of Trust
WOT, Web of Trust, warns you about risky websites that try to scam visitors, deliver malware or send spam. Protect your computer against online threats by using WOT as your front-line layer of protection when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites, helping you avoid the dangerous sites:
  • Green to go
  • Yellow for caution
  • Red to stop
WOT has an addon available for both Firefox and Internet Explorer.

Install WinPatrol
Download it here
You can find information about how WinPatrol works here

Read some information here on how to prevent Malware.

Hopefully these steps will help keep your computer clean.
 
Ok. I'm working on your last instructions.

I really appreciate your time and patience. I feel so confident in this fix and I've learned a lot about my own machine. Your directions were so clear and understandable so I never felt in over my head though I was digging in the guts of an expensive machine!

Oh, earlier you told me to disable tea-timer in Spybot. Adaware is actually easier to get to (in the tray) and starts up automatically. If I understand correctly I should leave TeaTimer as it is--disabled--and just let Adaware do its thing?

Thanks again.
 
I'm working on your last instructions.
Click to expand...
Think of them more as recommendations than instructions :wink:

I really appreciate your time and patience. I feel so confident in this fix and I've learned a lot about my own machine. Your directions were so clear and understandable so I never felt in over my head though I was digging in the guts of an expensive machine!
Click to expand...
No problem at all... & Thank You

Oh, earlier you told me to disable tea-timer in Spybot. Adaware is actually easier to get to (in the tray) and starts up automatically. If I understand correctly I should leave TeaTimer as it is--disabled--and just let Adaware do its thing?
Click to expand...
Yes correct :)

Good Luck & Surf Safe
 
Since this issue appears to be resolved ... this Topic has been closed.

Note:If it has been four days or more since your last post, and the helper assisting you posted a response to that post to which you did not reply, your topic will not be reopened. At that point, if you still require help, please start a new topic and include fresh DDS & Attach logs and a link to your previous thread.

If it has been less than four days since your last response and you need the thread re-opened, please send me or Moderator a private message (pm). A valid, working link to the closed topic is also required.
 
Status
Not open for further replies.
Back
Top