Solved No Internet connection - DHCP won't start Error 1068: DHCP: AFD.SYS

All processes killed
========== OTL ==========
No active process named Updater.exe was found!
Service vsdatant stopped successfully!
Service vsdatant deleted successfully!
File C:\WINDOWS\system32\vsdatant.sys not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\\{A3BC75A2-1F87-4686-AA43-5347D756017C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C}\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks\\{A3BC75A2-1F87-4686-AA43-5347D756017C} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
File move failed. C:\Program Files\Ask.com\GenericAskToolbar.dll scheduled to be moved on reboot.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File move failed. C:\Program Files\Ask.com\GenericAskToolbar.dll scheduled to be moved on reboot.
Registry value HKEY_USERS\S-1-5-21-927604815-1316940495-76863973-1019\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ not found.
Registry value HKEY_USERS\S-1-5-21-927604815-1316940495-76863973-1019\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File move failed. C:\Program Files\Ask.com\GenericAskToolbar.dll scheduled to be moved on reboot.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ApnUpdater deleted successfully.
C:\Program Files\Ask.com\Updater\Updater.exe moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\everdream.com\ deleted successfully.
Starting removal of ActiveX control {CAFEEFAC-0014-0002-0008-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBA}\ not found.
C:\Documents and Settings\mark\Local Settings\Application Data\AskToolbar\APNU folder moved successfully.
Folder move failed. C:\Documents and Settings\mark\Local Settings\Application Data\AskToolbar scheduled to be moved on reboot.
C:\WINDOWS\tasks\AppleSoftwareUpdate.job moved successfully.
C:\Documents and Settings\All Users\Application Data\1135B folder moved successfully.
C:\Documents and Settings\All Users\Application Data\20242 folder moved successfully.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
C:\Program Files\Ask.com\Updater folder moved successfully.
C:\Program Files\Ask.com\assets\oobe folder moved successfully.
C:\Program Files\Ask.com\assets folder moved successfully.
Folder move failed. C:\Program Files\Ask.com scheduled to be moved on reboot.
========== COMMANDS ==========

[EMPTYTEMP]

User: acasey
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: acasey.su
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Administrator

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 188329 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32835 bytes

User: mark
->Temp folder emptied: 106625 bytes
->Temporary Internet Files folder emptied: 15317058 bytes
->FireFox cache emptied: 6350902 bytes
->Google Chrome cache emptied: 6099312 bytes
->Flash cache emptied: 456 bytes

User: NetworkService
->Temp folder emptied: 16384 bytes
->Temporary Internet Files folder emptied: 32835 bytes

User: TEMP
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->FireFox cache emptied: 42877449 bytes

User: valerie
->Temp folder emptied: 730494319 bytes
->Temporary Internet Files folder emptied: 882187250 bytes
->Java cache emptied: 352262 bytes
->FireFox cache emptied: 58675507 bytes
->Google Chrome cache emptied: 49126119 bytes
->Flash cache emptied: 2830829 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2162283 bytes
%systemroot%\System32 .tmp files removed: 2577 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 483 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 1,714.00 mb


[EMPTYJAVA]

User: acasey

User: acasey.su

User: Administrator

User: All Users

User: Default User

User: LocalService

User: mark

User: NetworkService

User: TEMP

User: valerie
->Java cache emptied: 0 bytes

Total Java Files Cleaned = 0.00 mb


[EMPTYFLASH]

User: acasey

User: acasey.su

User: Administrator

User: All Users

User: Default User

User: LocalService

User: mark
->Flash cache emptied: 0 bytes

User: NetworkService

User: TEMP

User: valerie
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.53.1 log created on 07162012_000530

Files\Folders moved on Reboot...
C:\Program Files\Ask.com\GenericAskToolbar.dll moved successfully.
C:\Documents and Settings\mark\Local Settings\Application Data\AskToolbar folder moved successfully.
C:\Program Files\Ask.com folder moved successfully.
File\Folder C:\Documents and Settings\mark\Local Settings\Temp\~DFBD6B.tmp not found!
File\Folder C:\Documents and Settings\mark\Local Settings\Temp\~DFBD8A.tmp not found!
File\Folder C:\Documents and Settings\mark\Local Settings\Temp\~DFBE68.tmp not found!
File\Folder C:\Documents and Settings\mark\Local Settings\Temp\~DFBE8E.tmp not found!
File\Folder C:\Documents and Settings\mark\Local Settings\Temp\~DFBFB8.tmp not found!
File\Folder C:\Documents and Settings\mark\Local Settings\Temp\~DFBFE0.tmp not found!
C:\Documents and Settings\mark\Local Settings\Temporary Internet Files\Content.IE5\UXU18HIX\ads[1].htm moved successfully.
C:\Documents and Settings\mark\Local Settings\Temporary Internet Files\Content.IE5\UXU18HIX\index[1].htm moved successfully.
C:\Documents and Settings\mark\Local Settings\Temporary Internet Files\Content.IE5\Q32DQXMX\component[1].html moved successfully.
C:\Documents and Settings\mark\Local Settings\Temporary Internet Files\Content.IE5\Q32DQXMX\conduit[1].htm moved successfully.
C:\Documents and Settings\mark\Local Settings\Temporary Internet Files\Content.IE5\Q32DQXMX\iepngfix[1].htc moved successfully.
C:\Documents and Settings\mark\Local Settings\Temporary Internet Files\Content.IE5\N8W1NZR4\page-2[1].htm moved successfully.
C:\Documents and Settings\mark\Local Settings\Temporary Internet Files\Content.IE5\N8W1NZR4\player[1].html moved successfully.
File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temp\Perflib_Perfdata_3e8.dat not found!
File move failed. C:\WINDOWS\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

PendingFileRenameOperations files...
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found!
File C:\Documents and Settings\mark\Local Settings\Application Data\AskToolbar not found!
File C:\Program Files\Ask.com not found!
File C:\Documents and Settings\mark\Local Settings\Temp\~DFBD6B.tmp not found!
File C:\Documents and Settings\mark\Local Settings\Temp\~DFBD8A.tmp not found!
File C:\Documents and Settings\mark\Local Settings\Temp\~DFBE68.tmp not found!
File C:\Documents and Settings\mark\Local Settings\Temp\~DFBE8E.tmp not found!
File C:\Documents and Settings\mark\Local Settings\Temp\~DFBFB8.tmp not found!
File C:\Documents and Settings\mark\Local Settings\Temp\~DFBFE0.tmp not found!
File C:\Documents and Settings\mark\Local Settings\Temporary Internet Files\Content.IE5\UXU18HIX\ads[1].htm not found!
File C:\Documents and Settings\mark\Local Settings\Temporary Internet Files\Content.IE5\UXU18HIX\index[1].htm not found!
File C:\Documents and Settings\mark\Local Settings\Temporary Internet Files\Content.IE5\Q32DQXMX\component[1].html not found!
File C:\Documents and Settings\mark\Local Settings\Temporary Internet Files\Content.IE5\Q32DQXMX\conduit[1].htm not found!
File C:\Documents and Settings\mark\Local Settings\Temporary Internet Files\Content.IE5\Q32DQXMX\iepngfix[1].htc not found!
File C:\Documents and Settings\mark\Local Settings\Temporary Internet Files\Content.IE5\N8W1NZR4\page-2[1].htm not found!
File C:\Documents and Settings\mark\Local Settings\Temporary Internet Files\Content.IE5\N8W1NZR4\player[1].html not found!
File C:\Documents and Settings\NetworkService\Local Settings\Temp\Perflib_Perfdata_3e8.dat not found!
[2012/07/16 08:57:45 | 000,000,000 | ---- | M] () C:\WINDOWS\temp\_avast_\Webshlock.txt : Unable to obtain MD5

Registry entries deleted on Reboot...
 
Security Check log below. Note that I had to run it in Safe Mode as it got stuck several times on 'Preparing' in normal mode.

Results of screen317's Security Check version 0.99.24
Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:
Windows Security Center service is not running! This report may not be accurate!
Windows Firewall Disabled!
avast! Free Antivirus
Antivirus up to date!
```````````````````````````````
Anti-malware/Other Utilities Check:
Java Platform, Enterprise Edition 5 SDK
Java(TM) 6 Update 31
Java 2 Runtime Environment, SE v1.4.2_08
Adobe Flash Player 11.1.102.55
Mozilla Firefox (x86 en-GB..)
````````````````````````````````
Process Check:
objlist.exe by Laurent
``````````End of Log````````````
 
Same for Farbar - could only get it to complete in Safe Mode. Log below

Farbar Service Scanner Version: 08-07-2012
Ran by mark (administrator) on 16-07-2012 at 16:57:33
Running from "C:\Documents and Settings\mark\Desktop"
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Network
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall"=DWORD:0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is OK.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv: "C:\WINDOWS\system32\wuauserv.dll".

BITS Service is not running. Checking service configuration:
The start type of BITS service is set to Demand. The default start type is Auto.
The ImagePath of BITS service is OK.
The ServiceDll of BITS service is OK.

EventSystem Service is not running. Checking service configuration:
The start type of EventSystem service is OK.
The ImagePath of EventSystem: "C:\WINDOWS\system32\svchost.exe -k netsvcs".
The ServiceDll of EventSystem: "C:\WINDOWS\system32\es.dll".


Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
aswTdi(17) fssfltr(18) Gpc(4) IPSec(6) NetBT(7) RFCOMM(3) s24trans(9) Tcpip(5)
0x12000000060000000100000002000000030000000400000005000000110000000F000000100000000E0000000700000008000000090000000A0000000B0000000C0000000D00000012000000
IpSec Tag value is correct.

**** End of log ****
 
ESET log below


C:\Documents and Settings\valerie\My Documents\Downloads\BandooV6.exe multiple threats cleaned by deleting - quarantined
C:\Documents and Settings\valerie\My Documents\Downloads\installer_limewire_5_5_10_English.exe Win32/Toggle application cleaned by deleting - quarantined
C:\Program Files\iMesh Applications\MediaBar\Datamngr\BrowserConnection.dll Win32/Toolbar.SearchSuite application cleaned by deleting - quarantined
C:\Program Files\iMesh Applications\MediaBar\Datamngr\datamngr.dll Win32/Toolbar.SearchSuite application cleaned by deleting - quarantined
C:\Program Files\iMesh Applications\MediaBar\Datamngr\datamngrUI.exe Win32/Toolbar.SearchSuite application cleaned by deleting - quarantined
C:\Program Files\iMesh Applications\MediaBar\Datamngr\DnsBHO.dll Win32/Toolbar.SearchSuite application cleaned by deleting - quarantined
C:\Program Files\iMesh Applications\MediaBar\Datamngr\IEBHO.dll Win32/Toolbar.SearchSuite application cleaned by deleting - quarantined
C:\Program Files\Vid-Saver\Vid-Saver.dll Win32/Toolbar.CrossRider application cleaned by deleting - quarantined
C:\System Volume Information\_restore{6944D24B-2CBD-4EAC-9B29-9C1A3E65CBEF}\RP252\A0165180.dll Win32/Toolbar.SearchSuite application cleaned by deleting - quarantined
C:\System Volume Information\_restore{6944D24B-2CBD-4EAC-9B29-9C1A3E65CBEF}\RP252\A0165181.dll Win32/Toolbar.SearchSuite application cleaned by deleting - quarantined
C:\System Volume Information\_restore{6944D24B-2CBD-4EAC-9B29-9C1A3E65CBEF}\RP252\A0165182.exe Win32/Toolbar.SearchSuite application cleaned by deleting - quarantined
C:\System Volume Information\_restore{6944D24B-2CBD-4EAC-9B29-9C1A3E65CBEF}\RP252\A0165183.dll Win32/Toolbar.SearchSuite application cleaned by deleting - quarantined
C:\System Volume Information\_restore{6944D24B-2CBD-4EAC-9B29-9C1A3E65CBEF}\RP252\A0165184.dll Win32/Toolbar.SearchSuite application cleaned by deleting - quarantined
C:\System Volume Information\_restore{6944D24B-2CBD-4EAC-9B29-9C1A3E65CBEF}\RP252\A0165185.dll Win32/Toolbar.CrossRider application cleaned by deleting - quarantined
 
Security Check says:
Windows Firewall Disabled!
Click to expand...
Turn Windows firewall on right away.

I need to know if you can access Windows updates and Security Center.
 
Back into normal mode (ie: out of Safe Mode). Went into Control Panel, Windows Security Center and clicked Windows Firewall. Was asked if I wanted to start the ICS service and I now have a 'Please Wait' dialog which says:

Starting the Windows Firewall/Internet Connection Sharing (ICS) service....

This has been on screen for several minutes now and nothing is happening. Overall, computer seems to be stalling when doing things in normal mode.

Thoughts?
 
Download Windows Repair (all in one) from this site

Install the program then run

Go to step 2 and allow it to run Disc check

Capture3.gif




Once that is done then go to step 3 and allow it to run SFC

Capture.gif



On the the Start Repairs tab click Start button.

p22001166.gif



Please ensure that items seen in the image below are ticked as indicated:

p22001132.gif


Click on box next to the Restart System when Finished. Then click on Start

Post new FSS log.
 
Farbar Service Scanner Version: 08-07-2012
Ran by mark (administrator) on 17-07-2012 at 10:38:11
Running from "C:\Documents and Settings\mark\Desktop"
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
aswTdi(17) fssfltr(18) Gpc(4) IPSec(6) NetBT(7) RFCOMM(3) s24trans(9) Tcpip(5)
0x12000000060000000100000002000000030000000400000005000000110000000F000000100000000E0000000700000008000000090000000A0000000B0000000C0000000D00000012000000
IpSec Tag value is correct.

**** End of log ****
 
Everything seems to be be running smoothly now. Internet connection works fine - wired and wireless, and programs that were hanging before now run fine. Are we done? Thank you for all your help!!!
 
Please note that I am travelling from today for a couple of weeks so cannot follow any further instructions until I return. Please confirm if we are done at this point. The computer belongs to a friend so I'd like to know if it can be given back to her in my absence or if there is further work to be done. Thanks again for all your help.
 
Your computer is clean

1. We need to reset system restore to prevent your computer from being accidentally reinfected by using some old restore point(s). We'll create fresh, clean restore point, using following OTL script:

Run OTL

  • Under the Custom Scans/Fixes box at the bottom, paste in the following:

Code: 
:OTL
:Commands
[purity]
[emptytemp]
[EMPTYFLASH]
[emptyjava]
[CLEARALLRESTOREPOINTS]
[Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Post resulting log.

2. Now, we'll remove all tools, we used during our cleaning process

Clean up with OTL:

  • Double-click OTL.exe to start the program.
  • Close all other programs apart from OTL as this step will require a reboot
  • On the OTL main screen, press the CLEANUP button
  • Say Yes to the prompt and then allow the program to reboot your computer.

If you still have any tools or logs leftover on your computer you can go ahead and delete those off of your computer now.

3. Make sure, Windows Updates are current.

4. If any Trojan was listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately!

5. Download, and install WOT (Web OF Trust): http://www.mywot.com/. It'll warn you (in most cases) about dangerous web sites.

6. Run Malwarebytes "Quick scan" once in a while to assure safety of your computer.

7. Run Temporary File Cleaner (TFC) weekly.

8. Download and install Secunia Personal Software Inspector (PSI): https://www.techspot.com/downloads/4898-secunia-personal-software-inspector-psi.html. The Secunia PSI is a FREE security tool designed to detect vulnerable and out-dated programs and plug-ins which expose your PC to attacks. Run it weekly.

9. (optional) If you want to keep all your programs up to date, download and install FileHippo Update Checker.
The Update Checker will scan your computer for installed software, check the versions and then send this information to FileHippo.com to see if there are any newer releases.

10. (Windows XP only) Run defrag at your convenience.

11. When installing\updating ANY program, make sure you always select "Custom " installation, so you can UN-check any possible "drive-by-install" (foistware), like toolbars etc., which may try to install along with the legitimate program. Do NOT click "Next" button without looking at any given page.

12. Read How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html

13. Please, let me know, how your computer is doing.
 
You must log in or register to reply here.

Similar threads

wshknwntlprtmn
  • Locked
Inactive Not sure what's going on here....
Replies
12
Views
2K
Broni
Broni
E
Solved Svchost.exe launching multiple iexplore.exe - unknown cause
Replies
23
Views
3K
Broni
Broni
Nicki
Solved Must have picked up something... some COVID computer variant???
Replies
9
Views
3K
Broni
Broni

Latest posts

Back