Hi jacknjaspa,
Good job. :bigthumb: I think this is the first time I've seen an av hijacked like that. We'll clean up the tools and send you on your way.
From your desktop, please delete, if present
- any notepads/logs that we created
- DDS.scr
- Farbar Service Scanner
- TDSSKiller.exe
- avg_remover_stf_x86_2012_2125.exe
- the AVG set up files
You can also delete
- C:\TDSSKiller.[Version]_[Date]_[Time]_log.txt
- C:\TDSSKiller_Quarantine
Empty the Recycle Bin
Next
Open windows explorer (right click the Start button and click Explore)
At the top of windows explorer, click
tools,
folder options, click the
view tab
- uncheck Display the contents of system folders
- uncheck Show hidden files and folders
- check "Hide extensions for known file types" box
- check "Hide protecting operating system files" box
Click
apply, click
ok
Open
OTL then click the
Clean Up button. You may get prompted by your firewall that OTL wants to contact the internet - allow this. A cleanup.txt will be downloaded, a message dialog will ask you if you want to proceed with the cleanup process, click
Yes. This will do some clean up tasks and delete some of the tools you have downloaded plus itself.
I suggest you keep
MBAM. Keep it updated and use it regularly.
*
Create a new restore point
You must be logged on to an administrator account
- Go to Start - All Programs - Accessories - System Tools - System Restore.
- Click Create a restore point, and then click Next.
- In the text box labeled Restore Point Description, type a name for this restore point
- click create
*
Remove old restore points
- Go to Start - All Programs - Accessories - system tools.
- Launch the Disk Cleanup tool and let it run.
- When it finishes a box with tabs will appear, select the more options tab.
- On this tab you will find a section for System Restore.
- If you press the Clean Up button for that section, Windows will delete all restore points except for the most recent one.
Updates and upgrades
You have an older version of
Adobe Reader. You can download the current version
HERE
You may want to consider
Foxit Reader instead. It may be a bit lighter on resources. If you choose to use Foxit
decline the Foxit Tool bar during the install.
Visit their support forum
Foxit Forum
In either case you should uninstall
Adobe Reader 9.5.0 first. Be sure to move any PDF documents to another folder first though.
Some Recommendations and prevention tips
Basic security consists of 1 antivirus program, 1 resident antispyware program, 1 on demand antispyware program and a firewall. Just add a firewall to what you have.
* If you are behind a router Windows firewall should be fine. Otherwise a 3rd party firewall with outbound monitoring is recommended.
Click
FIREWALL for links and tutorials to good, free and paid for firewalls. (
Note: Zone Alarm is becoming bloatware)
You can use Spybot to install a Custom Hosts file.
1-Left-click the "Spybot - Search & Destroy" shortcut to open the program
2-Right-click an item in the list of immunizations and click "Deselect All."
3-Scroll down to the bottom of the list and click the checkbox to the left of "Global (Hosts)" under the "Windows" header.
4-Click "Immunize" on the Spybot toolbar.
OR
A guide to understanding and using the hosts file.
Learn how your Hosts file can protect you and how you can protect it.
Besides the Hosts file information, there are links to a very good updated hosts file, a host file manager. and some programs that can protect your hosts file.
HOSTS
Please read the info on disabling the DNS Client before installing a custom hosts file.
-Secure your
Internet Explorer
From within Internet Explorer click on the Tools menu and then click on Options.
- Click once on the Security tab
- Click once on the Internet icon so it becomes highlighted.
- Click once on the Custom Level button.
- Change the Download signed ActiveX controls to Prompt
- Change the Download unsigned ActiveX controls to Disable
- Change the Initialize and script ActiveX controls not marked as safe to Disable
- Change the Installation of desktop items to Prompt
- Change the Launching programs and files in an IFRAME to Prompt
- Change the Navigate sub-frames across different domains to Prompt
- When all these settings have been made, click on the OK button.
- If it prompts you as to whether or not you want to save the settings, press the Yes button.
Next press the
Apply button and then the
OK to exit the Internet Properties page.
- Keeping your Windows up-to-date is crucial to your computer's security. Please go to the
Windows Update Site (using Internet Explorer) and download and install all critical updates on a regular basis
- Make sure you have reset Automatic Updates to your chosen optionClick your start button > Control Panel > System > Automatic Updates tab
- Keep your
antivirus program
updated, as well as any other security programs you have.
-More tips and programs can be found
HERE
Please post back if you have any problems.
Take care
