Infected Laptop

[Blade81]

Open notepad and copy/paste the text in the quotebox below into it:

http://forums.spybot.info/showthread.php?t=62950
Collect::[76]
c:\windows\system32\msxbde40X.dll

Save this as
CFScript

A word of warning: Neither I nor sUBs are responsible for any damage you may have caused your machine. This tool is not a toy and not for everyday use.

Close all browser windows and refering to the picture above, drag CFScript into ComboFix.exe
Then post the resultant log.

 

[jdb523]

Blade,

Combofix log is below.

John

ComboFix 11-06-15.02 - Claire 06/15/2011 17:29:52.8.2 - x86
Microsoft® Windows Vista™ Business 6.0.6002.2.1252.1.1033.18.2037.767 [GMT -4:00]
Running from: c:\users\Claire\Desktop\ComboFix.exe
Command switches used :: c:\users\Claire\Desktop\CFScript.txt
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
file zipped: c:\windows\system32\msxbde40X.dll
.
.
((((((((((((((((((((((((( Files Created from 2011-05-15 to 2011-06-15 )))))))))))))))))))))))))))))))
.
.
2011-06-15 21:48 . 2011-06-15 21:48 -------- d-----w- c:\users\user\AppData\Local\temp
2011-06-15 21:48 . 2011-06-15 21:48 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-06-12 14:59 . 2011-06-12 14:59 -------- d-----w- c:\program files\ESET
2011-06-12 14:52 . 2011-06-12 14:52 -------- d-----w- c:\program files\Common Files\Java
2011-06-11 12:06 . 2011-06-11 21:48 -------- d-----w- C:\tdsskiller
2011-06-11 02:13 . 2011-06-15 21:53 -------- d-----w- c:\users\Claire\AppData\Local\temp
2011-06-02 22:38 . 2011-06-02 22:39 -------- d-----w- c:\program files\ERUNT
2011-06-02 01:52 . 2011-06-02 02:08 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-06-01 01:53 . 2011-06-01 01:53 -------- d-----w- c:\program files\iPod
2011-06-01 01:53 . 2011-06-01 01:55 -------- d-----w- c:\program files\iTunes
2011-06-01 01:49 . 2011-06-01 01:49 -------- d-----w- c:\program files\Bonjour
2011-05-31 21:34 . 2011-05-31 21:34 -------- d-----w- c:\windows\Sun
2011-05-31 20:26 . 2011-05-31 20:26 781272 ----a-w- c:\program files\Mozilla Firefox\mozsqlite3.dll
2011-05-31 20:26 . 2011-05-31 20:26 1874904 ----a-w- c:\program files\Mozilla Firefox\mozjs.dll
2011-05-31 20:26 . 2011-05-31 20:26 15832 ----a-w- c:\program files\Mozilla Firefox\mozalloc.dll
2011-05-31 20:26 . 2011-05-31 20:26 465880 ----a-w- c:\program files\Mozilla Firefox\libGLESv2.dll
2011-05-31 20:26 . 2011-05-31 20:26 89048 ----a-w- c:\program files\Mozilla Firefox\libEGL.dll
2011-05-31 20:26 . 2011-05-31 20:26 1892184 ----a-w- c:\program files\Mozilla Firefox\d3dx9_42.dll
2011-05-31 20:26 . 2011-05-31 20:26 142296 ----a-w- c:\program files\Mozilla Firefox\components\browsercomps.dll
2011-05-31 20:26 . 2011-05-31 20:26 1974616 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_42.dll
2011-05-31 19:56 . 2011-05-31 19:56 120832 --sha-r- c:\windows\system32\msxbde40X.dll
2011-05-31 16:07 . 2011-05-09 20:46 6962000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{34F6D728-29AC-4C66-AAB8-6DB551CF2D6A}\mpengine.dll
2011-05-26 03:27 . 2011-05-26 03:27 -------- d-----w- c:\users\user\AppData\Roaming\Malwarebytes
2011-05-26 02:13 . 2011-05-26 02:13 -------- d-----w- c:\users\user\AppData\Roaming\Research In Motion
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-15 21:54 . 2008-08-14 23:51 0 ----a-w- c:\users\Claire\AppData\Local\WavXMapDrive.bat
2011-06-15 21:51 . 2008-08-25 17:24 17408 ----a-w- c:\windows\system32\rpcnetp.exe
2011-06-15 21:50 . 2008-08-24 05:04 57752 ----a-w- c:\windows\system32\rpcnet.dll
2011-06-14 01:10 . 2008-08-15 00:16 0 ----a-w- c:\users\user\AppData\Local\WavXMapDrive.bat
2011-06-12 14:52 . 2010-08-10 21:56 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-06-11 01:38 . 2008-08-25 17:24 17408 ----a-w- c:\windows\system32\rpcnetp.dll
2011-04-25 15:19 . 2011-04-25 15:19 161792 ----a-w- c:\windows\system32\msls31.dll
2011-04-25 15:19 . 2011-04-25 15:19 1126912 ----a-w- c:\windows\system32\wininet.dll
2011-04-25 15:19 . 2011-04-25 15:19 86528 ----a-w- c:\windows\system32\iesysprep.dll
2011-04-25 15:19 . 2011-04-25 15:19 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2011-04-25 15:19 . 2011-04-25 15:19 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2011-04-25 15:19 . 2011-04-25 15:19 48640 ----a-w- c:\windows\system32\mshtmler.dll
2011-04-25 15:19 . 2011-04-25 15:19 63488 ----a-w- c:\windows\system32\tdc.ocx
2011-04-25 15:19 . 2011-04-25 15:19 367104 ----a-w- c:\windows\system32\html.iec
2011-04-25 15:19 . 2011-04-25 15:19 74752 ----a-w- c:\windows\system32\iesetup.dll
2011-04-25 15:19 . 2011-04-25 15:19 23552 ----a-w- c:\windows\system32\licmgr10.dll
2011-04-25 15:19 . 2011-04-25 15:19 152064 ----a-w- c:\windows\system32\wextract.exe
2011-04-25 15:19 . 2011-04-25 15:19 150528 ----a-w- c:\windows\system32\iexpress.exe
2011-04-25 15:19 . 2011-04-25 15:19 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2011-04-25 15:19 . 2011-04-25 15:19 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-04-25 15:19 . 2011-04-25 15:19 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-04-25 15:19 . 2011-04-25 15:19 1797632 ----a-w- c:\windows\system32\jscript9.dll
2011-04-25 15:19 . 2011-04-25 15:19 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2011-04-25 15:19 . 2011-04-25 15:19 11776 ----a-w- c:\windows\system32\mshta.exe
2011-04-25 15:19 . 2011-04-25 15:19 101888 ----a-w- c:\windows\system32\admparse.dll
2011-04-25 15:19 . 2011-04-25 15:19 35840 ----a-w- c:\windows\system32\imgutil.dll
2011-04-25 15:19 . 2011-04-25 15:19 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2011-04-06 20:20 . 2011-04-06 20:20 91424 ----a-w- c:\windows\system32\dnssd.dll
2011-04-06 20:20 . 2011-04-06 20:20 197920 ----a-w- c:\windows\system32\dnssdX.dll
2011-04-06 20:20 . 2011-04-06 20:20 107808 ----a-w- c:\windows\system32\dns-sd.exe
2011-05-31 20:26 . 2011-05-31 20:26 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2010-08-25 02:24 . 2009-11-27 03:07 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"googletalk"="c:\users\Claire\AppData\Roaming\Google\Google Talk\googletalk.exe" [2007-01-01 3739648]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-12-27 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\Apoint\Apoint.exe" [2007-01-26 159744]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-03-31 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-03-31 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-03-31 133656]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-02-12 174872]
"WavXMgr"="c:\program files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe" [2007-09-10 85504]
"SecureUpgrade"="c:\program files\Wave Systems Corp\SecureUpgrade.exe" [2007-09-14 218424]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-08-25 30192]
"PDVDDXSrv"="c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2008-02-26 128296]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2006-12-08 107112]
"vptray"="c:\progra~1\SYMANT~1\VPTray.exe" [2007-08-05 135568]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-10-15 49152]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-06-02 80896]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-08-13 177440]
"SigmatelSysTrayApp"="c:\program files\SigmaTel\C-Major Audio\WDM\sttray.exe" [2008-01-03 405504]
"Absolute Notifier"="c:\program files\Absolute Software\Absolute Notifier\AbsoluteNotifier.exe" [2010-10-08 86184]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]
"BlackBerryAutoUpdate"="c:\program files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe" [2009-08-31 623960]
"Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-12-20 963976]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-04-27 421160]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2006-11-02 8704]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2008-8-5 50688]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360]
QuickSet.lnk - c:\program files\Dell\QuickSet\quickset.exe [2008-2-22 1193240]
VPN Client.lnk - c:\windows\Installer\{871DF2BE-41D2-4334-AC33-839AF16FC8FE}\Icon3E5562ED7.ico [2009-5-4 6144]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\gemsafe]
2006-11-16 20:20 73728 ----a-w- c:\program files\Gemplus\GemSafe Libraries\BIN\WLEventNotify.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccEvtMgr]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccSetMgr]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antivirus]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-02-13 135664]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60x.sys [2007-03-13 179712]
R3 CFcatchme;CFcatchme;c:\users\Claire\AppData\Local\Temp\CFcatchme.sys [x]
R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2010-08-25 30192]
R3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-02-13 135664]
R3 SavRoam;SavRoam;c:\program files\Symantec AntiVirus\SavRoam.exe [2007-08-05 121744]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S2 AbsoluteNotifier;Absolute Notifier;c:\program files\Absolute Software\Absolute Notifier\AbsoluteNotifierService.exe [2010-10-08 10408]
S2 ASFIPmon;Broadcom ASF IP and SMBIOS Mailbox Monitor;c:\program files\Broadcom\ASFIPMon\AsfIpMon.exe [2006-12-19 79432]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 HPSIService;HP SI Service;c:\windows\system32\HPSIsvc.exe [2009-11-09 99896]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [2007-01-04 24652]
S2 Wave UCSPlus;Wave UCSPlus;c:\windows\system32\dllhost.exe [2006-11-02 7168]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-05-16 105592]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Contents of the 'Scheduled Tasks' folder
.
2011-06-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-13 21:37]
.
2011-06-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-13 21:37]
.
2011-06-15 c:\windows\Tasks\SDMsgUpdate (TE).job
- c:\progra~1\SMARTD~1\Messages\SDNotify.exe [2008-09-03 12:29]
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
IE: &AIM Toolbar Search - c:\programdata\AIM Toolbar\ieToolbar\resources\en-US\local\search.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Claire\AppData\Roaming\Mozilla\Firefox\Profiles\26qj3sso.default\
FF - prefs.js: browser.search.defaulturl - hxxp://aim.search.aol.com/aol/search?query={searchTerms}&invocationType=tb50-ff-aim-chromesbox-en-us&tb_uuid=20100815230531359&tb_oid=20-06-2009&tb_mrud=15-08-2010
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - www.google.com
FF - prefs.js: keyword.URL - hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=2706&invocationType=tb50-ff-aim-ab-en-us&tb_uuid=20100815230531359&tb_oid=20-06-2009&tb_mrud=15-08-2010&query=
FF - user.js: network.protocol-handler.warn-external.dnupdate - false
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-06-15 17:53
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\WLANExt.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\Symantec Shared\ccSvcHst.exe
c:\program files\Cisco Systems\VPN Client\cvpnd.exe
c:\program files\Symantec AntiVirus\DefWatch.exe
c:\program files\Intel\Wireless\Bin\EvtEng.exe
c:\program files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
c:\program files\Intel\Wireless\Bin\RegSrvc.exe
c:\windows\System32\rpcnet.exe
c:\windows\system32\STacSV.exe
c:\windows\system32\DRIVERS\xaudio.exe
c:\program files\Dell\QuickSet\NicConfigSvc.exe
c:\program files\Symantec AntiVirus\Rtvscan.exe
c:\windows\System32\msdtc.exe
c:\program files\Symantec AntiVirus\VPTray.exe
c:\windows\system32\igfxsrvc.exe
c:\program files\Windows Media Player\wmpnscfg.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\Apoint\ApMsgFwd.exe
c:\program files\Apoint\Apntex.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\Apoint\HidFind.exe
c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe
c:\program files\HP\Digital Imaging\bin\hpqbam08.exe
c:\program files\HP\Digital Imaging\bin\hpqgpc01.exe
c:\windows\servicing\TrustedInstaller.exe
.
**************************************************************************
.
Completion time: 2011-06-15 18:04:29 - machine was rebooted
ComboFix-quarantined-files.txt 2011-06-15 22:04
ComboFix2.txt 2011-06-12 19:34
ComboFix3.txt 2011-06-12 14:21
ComboFix4.txt 2011-06-11 21:54
ComboFix5.txt 2011-06-15 21:23
.
Pre-Run: 37,886,222,336 bytes free
Post-Run: 38,256,521,216 bytes free
.
- - End Of File - - 7893F478F8DD519EEA689A0762A86D1D
Upload was successful

 

[Blade81]

Hi,

Please see if the problem file still exists.

 

[jdb523]

Blade,

The files is still there.

John

 

[jdb523]

That should be the file is still there.

John

 

[Blade81]

Please see if you're able to delete it now.

 

[jdb523]

Blade,

I was able to delete the file using Windows Explorer.

John

 

[Blade81]

Good. Are you still noticing any problems? If not, it's time to secure your system to prevent against further intrusions.


THESE STEPS ARE VERY IMPORTANT

Let's reset system restore
Reset and Re-enable your System Restore to remove infected files that have been backed up by Windows. The files in System Restore are protected to prevent any programs changing those files. This is the only way to clean these files: You will lose all previous restore points which are likely to be infected. Please note you need Administrator Access to do clean the restore points.

A To disable the System Restore feature:

1. Click on the Start button.
2. Hover over the Computer option, right click on it and then click Properties.
3. On the left hand side, click Advanced Settings.
4. If asked to permit the action, click on Allow.
5. Click on the System Protection tab.
6. Uncheck any checkboxes listed for your hard drives.
7. Press OK.


B. Reboot.

C Turn ON System Restore.
Follow the steps like you did when disabling system restore but on step 6. check any checkboxes listed for your hard drives.



Now lets uninstall ComboFix:

• Click START then RUN
• Now copy-paste Combofix /uninstall in the runbox and click OK

UPDATING WINDOWS AND INTERNET EXPLORER

IMPORTANT: You Need to Update Windows and Internet Explorer to protect your computer from the malware that is around on the Internet. Please go to the windows update site to get the critical updates.

If you are running Microsoft Office, or any portion thereof, go to the Microsoft's Office Update site and make sure you have at least all the critical updates installed (Free) Microsoft Office Update.

Make your Internet Explorer more secure

This can be done by following these simple instructions:
From within Internet Explorer click on the Tools menu and then click on Options.
Click once on the Security tab
Click once on the Internet icon so it becomes highlighted.
Click once on the Custom Level button.
Change the Download signed ActiveX controls to Prompt
Change the Download unsigned ActiveX controls to Disable
Change the Initialize and script ActiveX controls not marked as safe to Disable
Change the Installation of desktop items to Prompt
Change the Launching programs and files in an IFRAME to Prompt
Change the Navigate sub-frames across different domains to Prompt
When all these settings have been made, click on the OK button.
If it prompts you as to whether or not you want to save the settings, press the Yes button.
Next press the Apply button and then the OK to exit the Internet Properties page.



The following are recommended third party programs that are designed to keep your computer clean. A link as well as a brief description is included with each item.

• Download and run Secunia Personal Software Inspector (PSI) and fix its findings.
• Get Anti Virus Software and keep it updated - Most AVs will update automatically, but if not I would recommend making updating the AV the first job every time the PC is connected to the internet. An AV that is using defs that are seven days old is not going to be much protection. If you do not update your anti virus software then it will not be able to catch any of the new variants that may come out. Good free antivirus programs are:
  Antivir
  Avast!
  Good commercial ones are from:
  Kaspersky and
  ESET

Just a final reminder for you. I am trying to stress these two points.
UPDATE UPDATE UPDATE!!! Make sure you do this about every 1-2 weeks.
Make sure all of your security programs are up to date.
Visit Microsoft's Windows Update Site Frequently - It is important that you visit http://www.windowsupdate.com regularly. This will ensure your computer has always the latest security updates available installed on your computer. If there are new updates to install, install them immediately, reboot your computer, and revisit the site until there are no more critical updates.


Once again, please post and tell me how things are going with your system... problems etc.

Have a great day,
Blade

 

[jdb523]

Blade,
The laptop looks good now. I'll clean it up and get everything updated. Thanks very much for your help!

John

 

[Blade81]

Since this issue appears to be resolved ... this Topic has been closed. Glad I could help.

Note:If it has been three days or more since your last post, and the helper assisting you posted a response to that post to which you did not reply, your topic will not be reopened. At that point, if you still require help, please start a new topic and include a fresh DDS log and a link to your previous thread.

If it has been less than three days since your last response and you need the thread re-opened, please send me or other MOD a private message (pm). A valid, working link to the closed topic is required.