Hi.
Sorry for the long time lapse here, weekends/alcohol/etc.
OK no problem, do not over do it eh.
.......:laugh:
OK levity aside.
What you have mentioned is fine and actual legitimate files and others created during the malware removal process which will be removed in due course with my below instructions.
Next:
Congratulations your computer now appears to be malware free!
Now I have some tasks for your good self to carry out as part of a clean up process and some advice about online safety.
Importance of Regular System Maintenance:
I advice you read both of the below listed topics as this will go a long way to keeping your Computer performing well.
Help! My computer is slow!
Also so is this:
What to do if your Computer is running slowly
I advice you also fun a ChkDsk at some point as outlined in this
tuturial of mine.
Uninstall ComboFix:
- Click on Start >> Run...
- Now type in Combofix /u in the and click OK.
- Note the space between the X and the U, it needs to be there.
-
OTC:
Please download
OTC and save it to desktop. This tool will remove all the tools we used to clean your pc.
- Double-click OTC.exe.
- Click the CleanUp! button.
- Select Yes when the "Begin cleanup Process?" prompt appears.
- If you are prompted to Reboot during the cleanup, select Yes.
- The tool will delete itself once it finishes, if not delete it by yourself.
Note: If you receive a warning from your firewall or other security programs regarding
OTC attempting to contact the internet, please allow it to do so.
Now some advice for on-line safety:
Malwarebyte's Anti-Malware:
This is a excellent application and I advise you keep this installed. Check for updates and run a scan once a week.
Other installed security software:
Your presently installed Anti-Virus application,
Avira AntiVir automatically checks for updates and downloads/installs them with every system reboot and or periodically if the machine is left running providing a internet connection is active.
I advise you also run a complete scan with this also once per week.
Keep your system updated:
Microsoft releases patches for Windows and other products regularly:
Be careful when opening attachments and downloading files:
- Never open email attachments, not even if they are from someone you know. If you need to open them, scan them with your antivirus program before opening.
- Never open emails from unknown senders.
- Beware of emails that warn about viruses that are spreading, especially those from antivirus vendors. These email addresses can be easily spoofed. Check the antivirus vendor websites to be sure.
- Be careful of what you download. Only download files from known sources. Also, avoid cracked programs. If you need a particular program that costs too much for you, try finding free alternatives on Sourceforge or Pricelessware.
Stop malicious scripts:
Windows by default allow scripts (which is VBScript and JavaScript) to run and some of these scripts are malicious. Use
Noscript by Symantec or
Script Defender by AnalogX to handle these scripts.
Make your Internet Explorer safer:
- From within Internet Explorer click on the Tools menu and then click on Options.
- Click once on the Security tab
- Click once on the Internet icon so it becomes highlighted.
- Click once on the Custom Level button.
- Change the Download signed ActiveX controls to Prompt
- Change the Download unsigned ActiveX controls to Disable
- Change the Initialise and script ActiveX controls not marked as safe to Disable
- Change the Installation of desktop items to Prompt
- Change the Launching programs and files in an IFRAME to Prompt
- Change the Navigate sub-frames across different domains to Prompt
- When all these settings have been made, click on the OK button.
- If it prompts you as to whether or not you want to save the settings, press the Yes button.
- Next press the Apply button and then the OK to exit the Internet Properties page.
Avoid Peer to Peer software:
P2P may be a great way to get lots of seemingly freeware, but it is a great way to get infected as well. There's no way to tell if the file being shared is infected. Worse still, some worms spread via P2P networks, infecting you as well. My advice avoid these types of software applications.
Enable Spybot S&D TeaTimer:
You can start Resident TeaTimer by clicking on Tools ? Resident on the left navigation bar (therefore Spybot-S&D has to run in Advanced Mode). There you can tick the checkboxes next to Resident "TeaTimer" (Protection of over-all system settings) active in order to activate TeaTimer.
Further information on how to use this application can be found
here.
Advised Optional Installation:
There is no sign of a software firewall installed on your system. Regardless if using a hardware type and or using the inbuilt Windows Service Pack 3 firewall this is a necessary application as it will also provide outbound protection where as the aforementioned do not.
I highly advise you download
ONE of the following firewalls and install it. Restart the computer for changes to take effect.
This article is a excellent resource regarding the aforementioned firewalls:
Understanding and Using Firewalls
Finally a educational source:
To learn more about how to protect yourself while on the internet read this article by Tony Klein(updated by tashi):
So how did I get infected in the first place?
Any questions, feel free to ask. If not stay safe!
:
