Problems - and Spybot won't run on son's computer

Have done all that. I don't really use this computer as it's my son's, but it boots reliably (if slowly) now without hanging, goes to the website I send it to instead of anywhere else, and the virus desktop warning is gone.

So it's improved immeasurably.

Abnything else to do before re-activating the antivirus and Spybot?

Many thanks. Val
 
That's great Val,

fixes.bat <--Drag this to the trash

RootRepeal <---Drag it to the trash

TFC <--Yours to keep, run it about once aweek to clean out the clutter.

Malwarebytes <-- Yours to keep also, check for updates and run a scan now and then.

Combofix <---Is not a general cleaning tool, just run it with supervision or you can bork your system

  • Click START then RUN
  • Now type Combofix /u in the runbox and click OK. Note the space between the X and the U, it needs to be there.

    • CF_Cleanup.png

  • When shown the disclaimer, Select "2"

The above procedure will:
  • Delete the following:
    • ComboFix and its associated files and folders.
    • VundoFix backups, if present
    • The C:\Deckard folder, if present
    • The C:_OtMoveIt folder, if present
  • Reset the clock settings.
  • Hide file extensions, if required.
  • Hide System/Hidden files, if required.
  • Reset System Restore.




Val, run this free online virus scanner to see if we missed anything.

Please run this free online virus scanner from ESET
  • Note: You will need to use Internet explorer for this scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Click Start
  • Make sure that the option Remove found threats is ticked, and the option Scan unwanted applications is checked
  • Click Scan
  • Wait for the scan to finish
  • Use notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
  • Copy and paste that log as a reply to this topic


When we're done I will link you to some free programs to install to help keep you more secure. in the meantime, keep Spybot but keep the TeaTimer disabled.
 
Wow, it found five more. Este log:

ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=6
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6050
# api_version=3.0.2
# EOSSerial=d84d0e1e7e8dd24aa4dec2fca2da5025
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2009-09-02 07:30:13
# local_time=2009-09-02 08:30:13 (+0000, GMT Daylight Time)
# country="United Kingdom"
# lang=9
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=1026 37 83 97 41057063750000
# scanned=103204
# found=5
# cleaned=5
# scan_time=2488
C:\Documents and Settings\HP_Owner\Desktop\CrossFireSetup_v1007.exe probably a variant of Win32/VB.NQQ trojan (deleted - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\HP_Owner\Desktop\CrossFire_Setup_v1011.exe probably a variant of Win32/VB.NQQ trojan (deleted - quarantined) 00000000000000000000000000000000 C
C:\Downloads\PrimeSuspectsGENSetup-dm[1].exe Win32/Adware.Trymedia application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Downloads\PrimeSuspectsSetup-dm[1].exe Win32/Adware.Trymedia application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Downloads\WinBejSetup-dm[1].exe Win32/Adware.Trymedia application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C


Just from curiosity, tell me why Teatimer is a bad idea on this machine, please?

Many thanks, Val
 
Val,

What ESET found where files that where downloaded using P2P (File Sharing Programs ) and those almost 100% of the time come with bundled malicious programs. Programs like the Torrents, Limewire are all bad news and should not be used.

The TeaTimer needs to be disabled until we're all done, but read this and make up your own mind, whatever you like better.






Keep in mind if you install some of these programs. Only ONE Anti Virus and only ONE Firewall is recommended, more is overkill and can cause you problems. You can install all the Spyware programs I have listed without any problems. If you install Spyware Blaster and Spyware Guard, they will conflict with the TeaTimer in Spybot , you can still install Spybot Search and Destroy but do not enable the TeaTimer .
Click to expand...


Here are some free programs to install, all free and highly regarded by the fine people in the Malware Removal Community
  • Spybot Search and Destroy 1.6
    Check for Updates/ Immunize and run a Full System Scan on a regular basis. If you install Spyware Blaster ( Recommended ) then do not enable the TeaTimer in Spybot Search and Destroy.
  • Spyware Blaster It will prevent most spyware from ever being installed. No scan to run, just update about once a week and enable all protection.
  • Spyware Guard It offers realtime protection from spyware installation attempts, again, no scan to run, just install it and let it do its thing.
  • IE-Spyad
    IE-Spyad places over 6000 web sites and domains in the IE Restricted list which will severely impair attempts to infect your system. It basically prevents any downloads (cookies etc) from the sites listed, although you will still be able to connect to the sites.
  • Firefox 3 It has more features and is a lot more secure than IE. It is a very easy and painless download and install, it will no way interfere with IE, you can use them both.

The TeaTimer is your call. Its a bit in your face , SpywareGuard is a little easier on you. If you enable the TeaTimer than do not install SpywareGuard but you can still install Spyware Blaster. Whatever you like better.

Safe Surfn
Ken
 
You are all superstars !!!

Many many many thanks! My son is delighted to have the computer back, and we are now much better protected. You are a star - as are all the team.

Val
 
Since this issue appears to be resolved ... this Topic has been closed. Glad I could help.
 
You must log in or register to reply here.
Back
Top